Announce

announce@lists.roundcube.net

146 discussions

Phishing Alert
by Thomas Bruederli 29 Oct '19

29 Oct '19

Dear Roundcube vendors We have been receiving many reports about phishing attempts appearing out in the wild which are targeting end users of webmail services powered by Roundcube. The fake emails pretend to come from „Roundcube Webmail“ or alike and trick users to enter their email password on fake sites. The attackers take advantage of the fact that most users think Roundcube is a service like Gmail or Hotmail and aren’t aware who is actually running their email: the individual hosting providers using the Roundcube software for their webmail service. Please act now: * Customize your Roundcube installation with your individual logo [1] and product name [2]. Make sure to configure the support_url [3] and provide proper guidance for your existing and new users. * Inform your users about the ongoing phishing attempts and make them aware about who is responsible for the email system they are using every day. There is no thing like a „Roundcube webmail service“. * Secure your SMTP server to deny sending with arbitrary sender addresses. This is a general suggestion but also helps avoiding fraudulent messages being sent from your hosts. Help us to fight phishing and protect your users! Kind regards, Thomas [1] https://github.com/roundcube/roundcubemail/blob/master/config/defaults.inc.… [2] https://github.com/roundcube/roundcubemail/blob/master/config/defaults.inc.… [3] https://github.com/roundcube/roundcubemail/blob/master/config/defaults.inc.…

1 0

Roundcube Webmail 1.4 Release Candidate 2
by Thomas Bruederli 17 Sep '19

17 Sep '19

Dear subscribers We just published the long awaited second release candidate for the next major version 1.4 of Roundcube webmail. Many fixes, improvements and final touches have gone into this since the first release candidate was published. Check the Changelog [1] for a complete list of changes. We waited for some promised contributions which unfortunately never arrived but we now feel confident to call the new Elastic skin complete and ready to be officially released. As we’re moving towards the final release, we strongly encourage everybody to customize the Elastic skin using the _styles.less and _variables.less files to blend into your corporate design. You’ll find guidance for customization in the README.md file inside the skin folder. Rolling out a new and significantly different user interface should be carefully planned and we recommend to prepare your users for the change. Therefore the Elastic theme is not set to be the default theme. Adjust your config in order to enable it by default or let your users switch themselves in the user settings. Please note that the Classic skin will no longer be maintained and completely removed in future releases. Within the 1.4 release series, the Classic skin remains part of the package but it will not receive new features that were added to the Larry or Elastic themes. This is still a preview release and we recommend to test it on a separate environment. And don’t forget to backup your data before installing it. Download it from https://roundcube.net/download and keep on submitting bugs and send us your feedback. Best, Alec & Thomas [1] https://github.com/roundcube/roundcubemail/releases/tag/1.4-rc2

1 0

Roundcube Webmail 1.3.10 released
by Thomas Bruederli 29 Aug '19

29 Aug '19

Dear subscribers We proudly announce the next service release to update the stable version 1.3. It contains fixes to several bugs backported from the master branch including minor security fixes around CSS and HTML cleanup. See the full changelog in the release notes on the Github download page [1]. This release is considered stable and we recommend to update all productive installations of Roundcube with this version. Download it from https://roundcube.net/download. Best, Alec & Thomas [1] https://github.com/roundcube/roundcubemail/releases/tag/1.3.10

1 0

Roundcube Webmail 1.3.9 released
by A.L.E.C 01 Apr '19

01 Apr '19

Dear subscribers We proudly announce the next service release to update the stable version 1.3. It contains fixes to several bugs backported from the master branch. See the full changelog in the release notes on the Github download page [1]. This release is considered stable and we recommend to update all productive installations of Roundcube with this version. Best, Alec & Thomas [1] https://github.com/roundcube/roundcubemail/releases/tag/1.3.9

5 4

Roundcube Webmail 1.4 RC1 released
by Thomas Bruederli 01 Mar '19

01 Mar '19

Dear subscribers We just published a first release candidate for the next major version 1.4 which has now been in development for quite a while. Although the new responsive Elastic skin is now functional and feature complete, it still lacks the final brush-up to make it shine. We have now finally found a volunteer to work on this and once completed, a second release candidate will follow. For now you’re all invited to give the new 1.4 version another test run. Besides the responsive theme it comes with lots of new features and improvements since the beta release. Check the Changelog [1] for a complete list of changes. Please also try customizing the Elastic skin using the _styles.less and _variables.less files and let us know what’s missing. You’ll find guidance in the README.md file inside the skin folder. Because we don’t yet consider the Elastic theme fully complete, it’s not set to be the default theme. Adjust your config in order to enable it with $config['skin'] = 'elastic'; This is a beta release and we recommend to test it on a separate environment. And don’t forget to backup your data before installing it. Download it from https://roundcube.net. Cheers, Thomas & Alec [1] https://github.com/roundcube/roundcubemail/releases/tag/1.4-rc1

1 0

Roundcube Webmail 1.3.8 released
by Thomas Bruederli 26 Oct '18

26 Oct '18

Dear subscribers We proudly announce the next service release to update the stable version 1.3. It contains fixes to several bugs backported from the master branch including a security fix for a reported XSS vulnerability plus updates to ensure compatibility with PHP 7.3 and recent versions of Courier-IMAP, Dovecot and MySQL 8. See the full changelog in the release notes on the Github download page [1]. This release is considered stable and we recommend to update all productive installations of Roundcube with this version. Download it from https://roundcube.net. Best, Alec & Thomas [1] https://github.com/roundcube/roundcubemail/releases/tag/1.3.8

1 0

Roundcube Webmail 1.4 beta released
by Thomas Bruederli 25 Aug '18

25 Aug '18

Dear subscribers We proudly announce the beta release of the next major version 1.4 of Roundcube webmail. With this milestone we introduce some new features: * New responsive skin with mobile support * Email Resent (Bounce) feature * Improved Mailvelope integration * Support for Redis cache * Support for SMTPUTF8 See the full changelog in the release notes on the Github download page [1]. Thanks to the tremendous effort Alec has put into the new skin, we finally managed solve the most urgent issue and make Roundcube accessible to the growing number of mobile and tablet devices. We'd also like to thank Kolab Systems for sponsoring some of Alec's working hours to the project. Because the new responsive skin is not yet fully completed, it’s not enabled by default. In order to make it the default for your users, change your config.inc.php accordingly: $config['skin'] = 'elastic'; As an alternative, the plugin elastic4mobile [2] makes it the default for mobile devices while keeping the configured default for desktop browsers. The Elastic skin is built with LESS and of course the sources are included. They allow a certain degree of customization by adjusting some color variables [3]. All you need is to compile your very own customized skin with lessc. This is a beta release and we recommend to test it on a separate environment. And don’t forget to backup your data before installing it. Download it from https://roundcube.net/download/#beta Please report bugs to our Github issue tracker [4] and check for duplicates before hitting the submit button. == New Logo and Website Design == As you may have noticed, the appearance of the Roundcube website has changed a while ago and it's also responsive now ;-) Many thanks to Phil Weir for re-coding the entire website and submitting a proper pull request! The new Elastic skin also brings a reshaped logo which has now been added to our website. The new logo was kindly designed and contributed by DRU Design [5]. Kudos! Kind regards, Thomas [1] https://github.com/roundcube/roundcubemail/releases/tag/1.4-beta [2] https://plugins.roundcube.net/packages/roundcube/elastic4mobile [3] https://github.com/roundcube/roundcubemail/blob/master/skins/elastic/styles… [4] https://github.com/roundcube/roundcubemail/issues [5] https://github.com/drudesign

1 0

Update 1.3.7 released
by Thomas Bruederli 28 Jul '18

28 Jul '18

Dear subscribers We proudly announce the next service release to update the stable version 1.3. It contains fixes to several bugs backported from the master branch including a security fix mitigating the EFAIL issue recently discovered in OpenPGP. See the full changelog in the release notes on the Github download page [1]. This release is considered stable and we recommend to update all productive installations of Roundcube with this version. Download it from https://roundcube.net. And there are more good news ahead: the long awaited responsive theme for Roundcube, codename "elastic", has now matured and we'll publish a beta release with the new skin soon. For a quick preview you can already pull the Docker container roundcube/roundcubemail:elastic which bundles the current git master version with the elastic theme enabled. Best, Alec & Thomas [1] https://github.com/roundcube/roundcubemail/releases/tag/1.3.7

1 0

Updates 1.2.9 and 1.1.12 released
by Thomas Bruederli 30 Apr '18

30 Apr '18

Dear subscribers As a follow-up to the recent security update for the stable versions 1.2. and 1.1, we just published a new release to fix a regression that sneaked in with the IMAP command injection protection. Roundcube versions 1.2.8. and 1.1.11 unintentionally disable actions that operate on all selected messages (e.g. mark all as junk). We therefore recommend to update all productive installations of Roundcube 1.2.8. and 1.1.11 with these new versions. https://github.com/roundcube/roundcubemail/releases/tag/1.2.9 https://github.com/roundcube/roundcubemail/releases/tag/1.1.12 Best, Alec & Thomas

1 0

Security Updates 1.2.8 and 1.1.11 released
by Thomas Bruederli 19 Apr '18

19 Apr '18

Dear subscribers Following the recent security update for 1.3, here now come the promised updates for the LTS versions 1.2 and 1.1. They both fix the recently reported vulnerability allowing IMAP command injection via a GET parameters. More details about this are published under CVE-2018-9846. Another fix included in these updates is about a missed remote content blocking on HTML messages with specially crafted image and style tags. See the full changelog in the release notes on the according Github download pages: - https://github.com/roundcube/roundcubemail/releases/tag/1.2.8 - https://github.com/roundcube/roundcubemail/releases/tag/1.1.11 and download the packages right from there. We strongly recommend to update all productive installations of Roundcube 1.2.x and 1.1.x respectively. Please do backup your data before updating! Kind regards Alec & Thomas

1 0

← Newer
1
2
3
4
5
6
7
...
15
Older →

Jump to page:

2026

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

Announce