Roundcube - Package updates
-
[2.3.1]
- Update Roundcube to 1.4.7
- Full changelog
- Prevent cross-site scripting (XSS) via HTML messages with malicious svg/namespace
- Fix bug where subfolders of special folders could have been duplicated on folder list
- Increase maximum size of contact jobtitle and department fields to 128 characters
- Fix missing newline after the logged line when writing to stdout (#7418)
-
[2.3.2]
- Update Roundcube to 1.4.2
- Full changelog
- Fix potential XSS issue in HTML editor of the identity signature input
- Fix cross-site scripting (XSS) via HTML messages with malicious svg content [CVE-2020-16145]
- Fix cross-site scripting (XSS) via HTML messages with malicious math content
-
[2.3.3]
- Update Roundcube to 1.4.9
- Full changelog
- Fix HTML editor in latest Chrome 85.0.4183.102, update to TinyMCE 4.9.11 (#7615)
- Add missing localization for some label/legend elements in userinfo plugin (#7478)
- Fix importing birthday dates from Gmail vCards (BDAY:YYYYMMDD)
- Fix restoring Cc/Bcc fields from local storage (#7554)
- Fix jstz.min.js installation, bump version to 1.0.7
- Fix incorrect PDO::lastInsertId() use in sqlsrv driver (#7564)
- Fix link to closure compiler in bin/jsshrink.sh script (#7567)
- Fix bug where some parts of a message could have been missing in a reply/forward body (#7568)
- Fix empty space on mail printouts in Chrome (#7604)
- Fix empty output from HTML5 parser when content contains XML tag (#7624)
- Fix scroll jump on key press in plain text mode of the HTML editor (#7622)
- Fix so autocompletion list does not hide on scroll inside it (#7592)
-
@girish said in Roundcube - Package updates:
[2.5.1]
- Add separate forwarding and vacation section
Is it possible to expand on the "add separate forwarding and vacation section". I have a lot of users using Roundcube and just want to be sure I know what to expect or notify them of if needed, as many have various rules set for auto-responses and such. It doesn't seem this was an update to Roundcube based on their GitHub releases, so curious what was changed.
I found https://git.cloudron.io/cloudron/roundcube-app/-/commit/b8b2caac3c54d08d4e14e2d7cafc62224a8a4451 - this looks like it's more platform-related then, no actual UI changes for users, right?
-
[2.6.0]
- Update Roundcube to 1.5.0
- Full changelog
- Dark mode for Elastic skin
- OAuth2/XOauth support (with plugin hooks)
- Collected recipients and trusted senders
- Moving recipients between inputs with drag & drop
- Full unicode support with MySQL database
- Support of IMAP LITERAL- extension [RFC 7888]
- Support of RFC 2231 encoded names
- Cache refactoring
-
[2.6.1]
- Update Roundcube to 1.5.1
- Full changelog
- Fix importing contacts with no email address (#8227)
- Fix so session's search scope is not used if search is not active (#8199)
- Fix some PHP8 warnings (#8239)
- Fix so dark mode state is retained after closing the browser (#8237)
- Fix bug where new messages were not added to the list on refresh if skip_deleted=true (#8234)
- Fix colors on "Show source" page in dark mode (#8246)
- Fix handling of dark_mode_support:false setting in skins meta.json - also when devel_mode=false (#8249)
-
[2.6.4]
- Update Roundcube to 1.5.3
- Full changelog
- Enigma: Fix initial synchronization of private keys
- Enigma: Fix double quoted-printable encoding of pgp-signed messages with no attachments (#8413)
- Fix various PHP8 warnings (#8392)
- Fix mail headers injection via the subject field on mail compose (#8404)
- Fix bug where small message/rfc822 parts could not be decoded (#8408)
- Fix setting HTML mode on reply/forward of a signed message (#8405)
- Fix handling of RFC2231-encoded attachment names inside of a message/rfc822 part (#8418)
- Fix bug where some mail parts (images) could have not be listed as attachments (#8425)
- Fix bug where attachment icons were stuck at the top of the messages list in Safari (#8433)
- Fix handling of message/rfc822 parts that are small and are multipart structures with a single part (#8458)
- Fix bug where session could time out if DB and PHP timezone were different (#8303)
- Fix bug where DSN flag state wasn't stored with a draft (#8371)
- Fix broken encoding of HTML content encapsulated in a RTF attachment (#8444)
- Fix problem with aria-hidden=true on toolbar menus in the Elastic skin (#8517)
- Fix bug where title tag content was displayed in the body if it contained HTML tags (#8540)
- Fix support for DSN specification without host e.g. pgsql:///dbname (#8558)
-
[2.7.0]
- Update ROundcube to 1.6.0
- Full changelog
- Update to jQuery-UI 1.13.1 (#8455)
- Added possibility to make the logo image a link via the 'skin_logo' option (#8501)
- Use navigator.pdfViewerEnabled for PDF viewer detection
- Remove use of unreliable charset detection (#8344)
- Don't list images attached to multipart/related part as attachments (#7184)
- Password: Add support for ssha256 algorithm (#8459)
- Fix so unix:// URI is supported in various host spec. options again (#8468)
- Fix slow loading of long HTML content into the HTML editor (#8108)
- Fix bug where SMTP password didn't work if it contained '%p' (#8435)
- Enigma: Fix initial synchronization of private keys
- Enigma: Fix double quoted-printable encoding of pgp-signed messages with no attachments (#8413)
-
[2.7.2]
- Update Roundcube to 1.6.1
- Full changelog
- Kill session if refreshing oauth token fails (#8734)
- Fix various PHP 8.1 warnings (#8628, #8644, #8667, #8656, #8647)
- Password: Remove references to %c variable that has been removed before (#8633)
- Fix anchor links in HTML mail (#8632)
- Fix bug where config creation in Installer did ignore options in the form (#8634)
- Fix bug where renamed options were removed from the config on installto.sh (update.sh) run (#8643)
- Fix favicon rewrite rule in .htaccess (#8654)
-
[2.7.3]
- Update Roundcube to 1.6.2
- Full changelog
- Add Uyghur localization
- Fix regression in OAuth request URI caused by use of REQUEST_URI instead of SCRIPT_NAME as a default (#8878)
- Fix bug where false attachment reminder was displayed on HTML mail with inline images (#8885)
- Fix bug where a non-ASCII character in app.js could cause error in javascript engine (#8894)
- Fix JWT decoding with url safe base64 schema (#8890)
- Fix bug where .wav instead of .mp3 file was used for the new mail notification in Firefox (#8895)
- Fix PHP8 warning (#8891)
- Fix support for Windows-31J charset (#8869)
- Fix so LDAP VLV option is disabled by default as documented (#8833)
- Fix so an email address with name is supported as input to the managesieve notify :from parameter (#8918)
- Fix Help plugin menu (#8898)
- Fix invalid onclick handler on the logo image when using non-array skin_logo setting (#8933)
- Fix duplicate recipients in "To" and "Cc" on reply (#8912)
- Fix bug where it wasn't possible to scroll lists by clicking middle mouse button (#8942)
- Fix bug where label text in a single-input dialog could be partially invisible in some locales (#8905)
- Fix bug where LDAP (fulltext) search didn't work without 'search_fields' in config (#8874)
- Fix extra leading newlines in plain text converted from HTML (#8973)
- Fix so recipients with a domain ending with .s are allowed (#8854)
- Fix so vCard output does not contain non-standard/redundant TYPE=OTHER and TYPE=INTERNET (#8838)
- Fix QR code images for contacts with non-ASCII characters (#9001)
- Fix PHP8 warnings when using list_flags and list_cols properties by plugins (#8998)
- Fix bug where subfolders could loose subscription on parent folder rename (#8892)
- Fix connecting to LDAP using an URI with ldapi:// scheme (#8990)
- Fix insecure shell command params handling in cmd_learn driver of markasjunk plugin (#9005)
- Fix bug where some mail headers didn't work in cmd_learn driver of markasjunk plugin (#9005)
- Fix PHP fatal error when importing vcf file using PHP 8.2 (#9025)
- Fix so output of log_date_format with microseconds contains time in server time zone, not UTC
-
[2.7.4]
- Update Roundcube to 1.6.3
- Full changelog
- Fix cross-site scripting (XSS) vulnerability in handling of linkrefs in plain text messages, reported by Niraj Shivtarkar.
- Fix bug where installto.sh/update.sh scripts were removing some essential options from the config file (#9051)
- Update jQuery-UI to version 1.13.2 (#9041)
- Fix regression that broke use_secure_urls feature (#9052)
- Fix potential PHP fatal error when opening a message with message/rfc822 part (#8953)
- Fix bug where a duplicate <title> tag in HTML email could cause some parts being cut off (#9029)
- Fix bug where a list of folders could have been sorted incorrectly (#9057)
- Fix regression where LDAP addressbook 'filter' option was ignored (#9061)
- Fix wrong order of a multi-folder search result when sorting by size (#9065)
- Fix so install/update scripts do not require PEAR (#9037)
- Fix regression where some mail parts could have been decoded incorrectly, or not at all (#9096)
- Fix handling of an error case in Cyrus IMAP BINARY FETCH, fallback to non-binary FETCH (#9097)
- Fix PHP8 deprecation warning in the reconnect plugin (#9083)
- Fix "Show source" on mobile with x_frame_options = deny (#9084)
- Fix various PHP warnings (#9098)
- Fix deprecated use of ldap_connect() in password's ldap_simple driver (#9060)
Hello! It looks like you're interested in this conversation, but you don't have an account yet.
Getting fed up of having to scroll through the same posts each visit? When you register for an account, you'll always come back to exactly where you were before, and choose to be notified of new replies (either via email, or push notification). You'll also be able to save bookmarks and upvote posts to show your appreciation to other community members.
With your input, this post could be even better 💗
Register Login