Announce

announce@lists.roundcube.net

1 participants
141 discussions

Roundcube Webmail 1.0.0 released
by Thomas Bruederli 08 Apr '14

08 Apr '14

Dear Roundcube users We’re very proud to announce the stable version 1.0 of Roundcube Webmail. After more than 8 years since the project was initially published, we now feel confident enough to name it one-dot-oh. From the last stable version we added to following new features: * Cleaned up the configuration into a single file * Importing email messages and contact group assignments * Advanced LDAP address book functionality * A toggle to switch between HTML and plaintext view * Save drafts in local storage for recovery * Canned responses to save and recall boilerplate texts * Improved keyboard navigation in messages list * Optimized UI to work on tablet devices * Attachment reminder plugin Furthermore we were busy cleaning up the codebase, fixing a lot of bugs, making it more stable and writing more documentation. With this release, we’d also like to introduce the Roundcube plugins repository at http://plugins.roundcube.net. This central platform should help you find the right plugins for your Roundcube installation and it makes it simple to keep them up-to-date. The installation and update mechanism is based on Composer [1] and Packagist [2]. We’d also like to encourage plugin developers to publish their plugins on this platform. Please read the instructions [3] how to prepare your plugin for publishing. After lots of testing and collecting your feedback, this version is considered stable and we recommend to update all productive installations of Roundcube. Download the fresh webmail and framework packages from http://roundcube.net/download Read the full list of changes here: http://trac.roundcube.net/wiki/Changelog Now after the big release is finally out, it's about time to open a beer :-) Cheers! Thomas [1] https://getcomposer.org [2] https://packagist.org [3] http://plugins.roundcube.net/about

1 0

Release candidate for version 1.0
by Thomas Bruederli 01 Feb '14

01 Feb '14

Dear all, We just published the feature-complete release candidate for the upcoming version 1.0. After adding some new features in 1.0-beta we further cleaned up the code, fixed some more bugs and prepared everything for the long awaited major release. So we invite all early adopters to test this release candidate and report remaining bugs to our bug tracker. See the complete Changelog at http://trac.roundcube.net/wiki/Changelog and download the new packages from http://roundcube.net/download. Kind regards, Thomas P.S. Meet us in Brussels at FOSDEM this weekend. We have a stand in the K building.

1 0

Roundcube version 1.0-beta available for download
by Thomas Bruederli 01 Dec '13

01 Dec '13

Hello folks We’re proud to announce that the long awaited version 1.0 of Roundcube webmail is now available as beta release for download and testing. With this milestone we introduce some important changes to the configuration as well as some nice new features: Cleaned up the configuration into a single file Importing email messages and contact group assignments Advanced LDAP address book functionality A toggle to switch between HTML and plaintext view Save drafts in local storage for recovery Canned responses to save and recall boilerplate texts Improved keyboard navigation in messages list Attachment reminder plugin And of course plenty of small improvements and bug fixes. See the complete Changelog at http://trac.roundcube.net/wiki/Changelog and download the new packages from http://roundcube.net/download. WARNING: the old configuration files named main.inc.php and db.inc.php are now deprecated and should be replaced with one single config.inc.php file. Run the ./bin/update.sh script to get this conversion done or manually merge the files. NOTE: the new config.inc.php should only contain options that differ from the ones listed in defaults.inc.php. Please note that this is a beta release and we recommend to test it on a separate environment. Have fun! Thomas

1 0

Security updates 0.9.5 and 0.8.7
by Thomas Bruederli 22 Oct '13

22 Oct '13

Dear Roundcube users We just published new releases which fix a recently reported vulnerability that allows an attacker to overwrite configuration settings using user preferences. This can result in random file access, manipulated SQL queries and even code execution. The latter one only affects versions 0.8.6 and older. Beside the security fix, the 0.9.5 release also includes other minor bug fixes and improvements. Most notably it brings the default spell checker back after Google suspended their public spell checking service. Please update your installations with the new versions or patch them with the fixes listed below for the various older versions of Roundcube. Download the new versions from http://roundcube.net/download Patch for 0.9.x: https://github.com/roundcube/roundcubemail/commit/4109bb26ce.diff Patch for 0.8.x: https://github.com/roundcube/roundcubemail/commit/eb433aa33c.diff Patch for 0.7.x: https://github.com/roundcube/roundcubemail/commit/1972037274.diff More information about the vulnerability will be published under CVE-2013-6172. Kind regards, Thomas

1 0

Update 0.9.4 release
by Thomas Bruederli 06 Sep '13

06 Sep '13

Dear Roundcube lovers! It wouldn't be Roundcube if there wasn't a minor glitch in our stable releases every now and then :-) It so happened again in the recent 0.9.3 release where the new include_path check triggered some regex warnings on Windows systems. We apologize for this inconvenience! But we're trying hard to keep up and here's a new release which fixes that nasty bug together with some other reported issues that we considered worth being ported to the 0.9 release series. It's considered stable (really!) and we recommend to update all productive installations of Roundcube with this version. Download it from http://roundcube.net/download, see the full changelog in our wiki: http://trac.roundcube.net/wiki/Changelog Kind regards, Thomas

1 0

Update 0.9.3 released
by Thomas Bruederli 22 Aug '13

22 Aug '13

Hello folks We can proudly announce the third service release for the stable 0.9 series of Roundcube webmail. It fixes 25 more bugs including two recently reported XSS vulnerabilities with HTML messages and signatures. Along with that, we also optimized the UI behavior for touch devices to make Roundcube work nice and smoothly on tablets running iOS or Android. It's considered stable and we recommend to update all productive installations of Roundcube with this version. Download it from http://roundcube.net/download, see the full changelog here:http://trac.roundcube.net/wiki/Changelog Kind regards, Thomas

1 0

Update 0.9.2 released
by Thomas Bruederli 17 Jun '13

17 Jun '13

Hello folks We're proud to announce the second service release for the 0.9 series of Roundcube webmail. It contains 25 bug fixes and improvements as well as some translation updates for Estonian, Romanian Finnish and French. It's considered stable and we recommend to update all productive installations of Roundcube with this version. As usual, download it from http://roundcube.net/download, see the full changelog here: http://trac.roundcube.net/wiki/Changelog Have fun! Thomas

1 0

Update 0.9.1 released
by Thomas Bruederli 18 May '13

18 May '13

Hello folks We proudly announce the first service release for the 0.9 series of Roundcube. As usual, it contains some bug fixes and improvements which didn't make it into the first stable version as well as some translation updates. After getting reports that some skin images weren't reloaded due to progressive cache settings, the packaged version now comes with unique urls of skin images referenced by templates and CSS files. If you're pulling the source directly from git you can achieve the same by running bin/updatecss.sh It's considered stable and we recommend to update all productive installations of Roundcube with this version. Download it from http://roundcube.net/download, see the full changelog here: http://trac.roundcube.net/wiki/Changelog Have fun! Thomas

1 0

Stable version 0.9.0 released
by Thomas Bruederli 16 Apr '13

16 Apr '13

Hello folks We can proudly announce the next stable release of Roundcube. This version enhances the webmail experience with these new features: * Improved rendering of forwarded and attached messages * Optionally display and compose email messages a new windows * Unified UI for message view and composition * Show sender photos from contacts in email view * Render thumbnails for image attachments * Download all attachments as zip archive (using the zipdownload plugin) * Forward multiple emails as attachments * CSV import for contacts The major change of this version isn't really visible to the users but even more important for the developers: the Roundcube framework. We decoupled the core functions for IMAP access, SMTP email sending, database abstraction, caching, etc. from the webmail application in order to make them usable for other free software products. Another major change since the 0.8 series is the new database abstraction layer. In order to add support for SQLite3, the PEAR:MDB2 dependency was dropped and Roundcube now uses the native PHP Data Objects (PDO). It's enabled by default since PHP 5.1 and is considered stable and well-developed. One drawback, however, is a small lack in the MySQL PDO driver which makes PHP 5.3 a requirement for this version of Roundcube when using the MySQL database. A minor but rather handy improvement is a complete new database update mechanism that makes schema changes much easier to be deployed. After the upgrade, simply run bin/updatedb.sh to apply the necessary changes to the database Roundcube connects to. In case you used bin/installto.sh to perform the update, the schema upgrades are done applied and no further actions are required. After lots of testing and collecting your feedback, this version is considered stable and it also includes the recently discovered vulnerability that allows an attacker to modify its users preferences in a way that he can then read arbitrary files from the server. We therefore recommend to update all productive installations of Roundcube. Download both the webmail and the framework packages from http://roundcube.net/download Read the full list of changes here: http://trac.roundcube.net/wiki/Changelog IMPORTANT: We're still getting a lot of support requests from users who are under the impression that Roundcube is a public service such as Gmail or Hotmail. Unfortunately we cannot help these people and thus we'd like to encourage everybody once more to enter an URL to the option named 'support_url' in the Roundcube config. This will be display a link on all screens including the login page that should guide your users to instructions how to get help for your specific email service that uses Roundcube. Thanks a lot for using Roundcube and for your support! Best, Thomas

1 0

Security updates 0.8.6 and 0.7.3 for save-pref vulnerability
by Thomas Bruederli 28 Mar '13

28 Mar '13

After getting reports about a possible vulnerability of Roundcube which allows an attacker to modify its users preferences in a way that he/she can then read files from the server, we now published updated packages as well as patches that fix this security issue. Please update all your Roundcube installations with the new versions (0.9-rc2, 0.8.6, 0.7.4) or patch them with the published patches. Download the latest version from http://roundcube.net/download Patch for 0.9.x: http://ow.ly/jtQD0 Patch for 0.8.x: http://ow.ly/jtQHM Patch for 0.7.x: http://ow.ly/jtQK0 Patch for 0.6: http://ow.ly/jtQNd In order to find out whether one of your users has vulnerable preferences, you can run the following query on the Roundcube user database: SELECT * FROM users WHERE preferences LIKE '%generic_message_footer%' If this returns any results, you should at least clear the 'preferences' field of that user entry. Or better: entirely block the user because he or she most likely tried to exploit your system. And here's some background about the vulnerability: http://lists.roundcube.net/pipermail/dev/2013-March/022328.html Best regards, Thomas

1 0

← Newer
1
...
5
6
7
8
9
10
11
...
15
Older →

Jump to page:

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

Announce