Announce

announce@lists.roundcube.net

139 discussions

Roundcube Webmail 1.3.0 released
by Thomas Bruederli 26 Jun '17

26 Jun '17

Dear subscribers We proudly announce the stable version 1.3.0 of Roundcube Webmail which is now available for download. With this milestone we introduce new features since the 1.2 version: - Widescreen layout aka Three Column View - Possibility to display QR code for contacts data - New identicon plugin [1] - Attach contact vCards to composed message - Support WEBP images and MathML preview - Preview, download and rename attachments when composing a message - Message/rfc822 attachment preview - Various Enigma (PGP) and Managesieve plugin improvements - “Flattened” the Larry theme giving it a fresher look Plus security and deployment improvements: - Improve randomness of password salts and random hashes - Fixed redundancy in sql caching system and compatibility with Galera Cluster And finally some code-cleanup: - Dropped support for legacy browsers (IE < 10; removed legacy_browser plugin) - Require PHP >= 5.4 - Removed PHP mail() support - Removed 3rd party javascript libraries from the repository - Require jQuery 3.x which has breaking changes to older versions IMPORTANT: The code-cleanup part brings major changes and possibly incompatibilities to your existing Roundcube installations. So please read the Changelog [2] carefully and thoroughly test your upgrade scenario. Please note that Roundcube 1.3 1. no longer runs on PHP 5.3 2. no longer supports IE < 10 and old versions of Firefox, Chrome and Safari 3. requires an SMTP server connection to send mails 4. uses jQuery 3.2 and will not work with current jQuery mobile plugin With the release of Roundcube 1.3.0, the previous stable release branches 1.2.x and 1.1.x will switch in to LTS low maintenance mode which means they will only receive important security updates but no longer any regular improvement updates. See the complete Changelog in our wiki [2] and download the new packages from https://roundcube.net/download. Roundcube 1.3.0 is considered stable and we recommend to update all productive installations of Roundcube. As usual, don’t forget to backup and test with your custom plugins. Best, Alec & Thomas [1] https://en.wikipedia.org/wiki/Identicon [2] https://github.com/roundcube/roundcubemail/wiki/Changelog

1 0

Security updates 1.2.5, 1.1.9 and 1.0.11 released
by Thomas Bruederli 28 Apr '17

28 Apr '17

Dear subscribers We just published updates to all stable versions 1.x delivering important bug fixes and improvements which we picked from the upstream branch. The updates primarily fix a recently discovered vulnerability in the virtualmin and sasl drivers of the password plugin (CVE-2017-8114). More details about this vulnerability will be published soon by the reporter. Security-wise the update is therefore only relevant for those installations of Roundcube using the password plugin with either one of these drivers. See the full changelog for the according version in the release notes on the Github download pages: https://github.com/roundcube/roundcubemail/releases/tag/1.2.5 https://github.com/roundcube/roundcubemail/releases/tag/1.1.9 https://github.com/roundcube/roundcubemail/releases/tag/1.0.11 All versions are considered stable and we recommend to update all productive installations of Roundcube with either of these versions. As usual, don’t forget to backup your data before updating! Kind regards, Thomas

1 0

Release Candidate for version 1.3 available for download
by Thomas Bruederli 26 Apr '17

26 Apr '17

Dear subscribers We proudly announce that the feature-complete release candidate for the next major version 1.3 of Roundcube webmail is now available for final testing. After dropping support for older browsers and PHP versions and adding some new features like the widescreen layout, the release candidate finalizes that work and also fixes two security issues (updates for stable versions will follow) plus adds improvements to the Managesieve and Enigma plugins. We also slightly polished the Larry theme to make it look a little less 2010 :-) Although the default theme still doesn’t work on mobile devices, a fully responsive skin is currently being worked on. As a reminder: if you’re installing the dependent package or run Roundcube directly from source, you now need to install the removed 3rd party javascript modules by executing the following install script: $ bin/install-jsdeps.sh With the upcoming stable release of 1.3.0 the old 1.x series will only receive important security fixes. As usual, see the complete Changelog in our wiki [1] and download the new packages from https://roundcube.net/download. Please note that this is a release candidate and we recommend to test it on a separate environment. And don’t forget to backup your data before installing it. Kind regards, Thomas [1] https://github.com/roundcube/roundcubemail/wiki/Changelog

1 0

Roundcube Webmail 1.0.10 released
by Thomas Bruederli 09 Apr '17

09 Apr '17

Dear subscribers We just recently published a security update to the LTS version 1.0. It contains some important fixes and improvements we backported from the master version. See the details in the release notes [1]. This release is considered stable and we recommend to update all productive installations of Roundcube 1.0.x with this version if you're unable to upgrade to a more recent series. Download it from GitHub via https://roundcube.net/download. As usual, don’t forget to backup your data before updating! Best, Thomas [1] https://github.com/roundcube/roundcubemail/releases/tag/1.0.10

1 0

Updates 1.2.4 and 1.1.8 released
by Thomas Bruederli 10 Mar '17

10 Mar '17

Dear subscribers We just published another update to both stable versions 1.2 and 1.1 delivering important bug fixes and improvements which we picked from the upstream branch. Included is a fix for a recently reported XSS vulnerability within CSS styles inside an SVG tag. See the full changelog for 1.2.4 in the wiki [1] and for version 1.1.8 in the release notes [2]. Both versions are considered stable and we recommend to update all productive installations of Roundcube with either of these versions. Download them from GitHub via https://roundcube.net/download. As usual, don't forget to backup your data before updating! Best, Thomas [1] https://github.com/roundcube/roundcubemail/wiki/Changelog#release-123 [2] https://github.com/roundcube/roundcubemail/releases/tag/1.1.8

1 0

Roundcube Webmail 1.3-beta out now
by Thomas Bruederli 11 Jan '17

11 Jan '17

Dear subscribers, we wish you all a happy new year! Today we published the beta release of the next major version 1.3 of Roundcube webmail. With this milestone we introduce some new features: - Widescreen layout aka Three Column View - Possibility to display QR code for contacts data - New identicon plugin - Attach contact vCards to composed message - Support WEBP images and MathML preview - Preview, download and rename attachments when composing a message - message/rfc822 attachment preview - Various Enigma (PGP) and Managesieve plugin improvements Plus security and deployment improvements: - Improve randomness of password salts and random hashes - Fixed redundancy in sql caching system and compatibility with Galera Cluster And finally some code-cleanup: - Dropped support for legacy browsers (IE < 10; removed 'legacy_browser' plugin) - Require PHP >= 5.4 - Removed PHP mail() support - Removed 3rd party javascript libraries from repo IMPORTANT: The code-cleanup part brings major changes and possibly incompatibilities to your existing Roundcube installations. So please read the changelog [1] carefully and thoroughly test your upgrade scenario. Please note that Roundcube 1.3 1. no longer runs on PHP 5.3 2. no longer supports IE < 10 and old versions of Firefox, Chrome and Safari 3. requires an SMTP server connection to send mails That last item means you need to review your SMTP server settings as described in our wiki [2] if you have set the smtp_server option to an empty value and are thus using PHP’s mail() function. In case you're running Roundcube directly from source, you now need to install the removed 3rd party javascript modules by executing the following install script: $ bin/install-jsdeps.sh See the complete Changelog [1] and download the new packages from Github [3]. This is a beta release and we recommend to test it on a separate environment. And as usual, don't forget to backup your data before installing it. We're keen to hear your feedback about the new release. Best, Thomas & Alec [1] https://github.com/roundcube/roundcubemail/wiki/Changelog [2] https://github.com/roundcube/roundcubemail/wiki/Configuration#sending- messages-via-smtp [3] https://roundcube.net/download

1 0

Updates 1.2.3 and 1.1.7 released
by Thomas Bruederli 28 Nov '16

28 Nov '16

Dear subscribers We just published another update to the both stable versions 1.2 and 1.1 delivering important bug fixes and improvements which we picked from the upstream branch. Included is a fix for a recently revealed security issue when using PHP's mail() function. It has been discovered and kindly reported by Robin Peraglie using the static code analyzer RIPS [1] and more details along with a CVE number will be published shortly. See the full changelog for 1.2.3 in the wiki [2]. Version 1.1.7 is a security update fixing the mail() issue and thus only relevant to Roundcube installations not having an SMTP server configured for mail delivery. Both versions are considered stable and we recommend to update all productive installations of Roundcube with either of these versions. Download them from GitHub via https://roundcube.net/download. As usual, don't forget to backup your data before updating! Best, Thomas [1] https://www.ripstech.com/ [2] https://github.com/roundcube/roundcubemail/wiki/Changelog#release-123

1 0

Update 1.2.2 and 1.1.6 released
by A.L.E.C 30 Sep '16

30 Sep '16

Dear subscribers We just published updates to both stable versions 1.2 and 1.1 delivering important bug fixes and again more improvements of the Enigma plugin introduced in version 1.2. Version 1.1.6 comes with cherry-picked fixes from the more recent version and improvements in contacts searching as well as a few localization fixes. See the full changelog in the wiki [1] and the selection for 1.1.6 on the release page [2]. Both versions are considered stable and we recommend to update all productive installations of Roundcube with either of these versions. Download them from GitHub via https://roundcube.net/download. As usual, don’t forget to backup your data before updating! Best, Alec [1] https://github.com/roundcube/roundcubemail/wiki/Changelog#release-122 [2] https://github.com/roundcube/roundcubemail/releases/tag/1.1.6

1 0

Update 1.2.1 published
by Thomas Bruederli 26 Jul '16

26 Jul '16

Dear subscribers We just published the first service release to update the stable version 1.2. It contains some important bug fixes and improvements in the recently introduced Enigma plugin for PGP encryption. See the detailed Changelog in the wiki [1] or on the the release page [2]. This release is considered stable and we recommend to update all productive installations of Roundcube with this version. Download it from GitHub via https://roundcube.net/download. As usual, don’t forget to backup your data before updating! Best, Thomas [1] https://github.com/roundcube/roundcubemail/wiki/Changelog#release-121 [2] https://github.com/roundcube/roundcubemail/releases/tag/1.2.1

1 0

Roundcube Webmail 1.2.0 released
by Thomas Bruederli 22 May '16

22 May '16

Dear subscribers Today we proudly announce the stable version 1.2.0 of Roundcube Webmail which is now available for download. It introduces new features since version 1.1 covering security and PGP encryption topics: - PHP7 compatibility - PGP encryption - Drag-n-drop attachments from mail preview to compose window - Mail messages searching with pre-defined date interval - Improved security measures to protect from brute-force attacks And of course plenty of small improvements and bug fixes. There wasn't much feedback on the 1.2-beta version and the release candidate which we consider a good sign. Some cleanup and stabilization of the Enigma plugin just happened for the now stable version. As already announced with the 1.2-beta release [1], PGP encryption comes in two flavors: client-side using the Mailvelope browser extension and server-side with the Enigma plugin using GnuPG on the server. Support with the Mailvelope browser plugin comes out of the box and is automatically enabled if the Mailvelope API is detected in a user’s browser. The Mailvelope documentation [2] explains how to enable it for your site. The features of the Enigma plugin, which comes with the release package and simply needs to be activated for your Roundcube installation are explained in Alec's blog post [3]. With the release of Roundcube 1.2.0, the previous stable release branches 1.0.x and 1.1.x will switch in to LTS low maintenance mode which means they will only receive important security updates but no longer any regular improvements from upstream. See the complete Changelog in our wiki [4] and download the new packages from https://roundcube.net/download. Roundcube 1.2.0 is considered stable and we recommend to update all productive installations of Roundcube. As usual, don’t forget to backup your data before updating ;-) Best, Thomas [1] https://roundcube.net/news/2015/11/23/roundcube-webmail-1.2-beta-out-now [2] https://www.mailvelope.com/en/help#watchlist [3] https://kolabian.wordpress.com/2015/10/13/enigma-plugin-pgp-encryption/ [4] https://github.com/roundcube/roundcubemail/wiki/Changelog

1 0

← Newer
1
2
3
4
5
6
7
8
...
14
Older →

Jump to page:

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

Announce