Aloha!
As usual when a new stable release arrives, there are a few things that didn't make it into that. Therefore we just published an update release adding bug fixes, some minor feature improvements and, most important, two fixes for a recently reported XSS vulnerability in Roundcube's HTML message handling.
At the same same time, we also pushed out a small update for the 0.7 series with some of the important fixes back-ported. That's for all of you who didn't dare to switch to the new and shiny 0.8 release series.
See the complete Changelog at http://trac.roundcube.net/wiki/Changelog and download the new packages from http://roundcube.net/download.
All the best, Thomas