Cloudron makes it easy to run web apps like WordPress, Nextcloud, GitLab on your server. Find out more or install now.


    Cloudron Forum

    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular

    Roundcube - Package updates

    Roundcube
    3
    19
    344
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • girish
      girish Staff last edited by girish

      You can use this thread to track updates to the Roundcube package.

      Please open issues in a separate topic instead of replying here.

      1 Reply Last reply Reply Quote 1
      • girish
        girish Staff last edited by

        Package 2.2.0 released:

        • Update Roundcube to 1.4.4
        • Use latest base image 2.0.0
        • Full changelog
        • Fixes some important security issues
        1 Reply Last reply Reply Quote 1
        • girish
          girish Staff last edited by

          [2.2.1]

          • Update Roundcube to 1.4.5
          • Full changelog
          • Security: Fix XSS issue in template object 'username' (#7406)
          • Security: Fix cross-site scripting (XSS) via malicious XML attachment
          • Security: Fix a couple of XSS issues in Installer (#7406)
          • Security: Better fix for CVE-2020-12641
          1 Reply Last reply Reply Quote 1
          • nebulon
            nebulon Staff last edited by

            [2.2.2]

            • Update Roundcube to 1.4.6
            • Installer: Fix regression in SMTP test section (#7417)
            1 Reply Last reply Reply Quote 1
            • girish
              girish Staff last edited by

              [2.3.0]

              • Use /app/data/php.ini for custom PHP configuration
              1 Reply Last reply Reply Quote 1
              • girish
                girish Staff last edited by

                [2.3.1]

                • Update Roundcube to 1.4.7
                • Full changelog
                • Prevent cross-site scripting (XSS) via HTML messages with malicious svg/namespace
                • Fix bug where subfolders of special folders could have been duplicated on folder list
                • Increase maximum size of contact jobtitle and department fields to 128 characters
                • Fix missing newline after the logged line when writing to stdout (#7418)
                1 Reply Last reply Reply Quote 1
                • nebulon
                  nebulon Staff last edited by

                  [2.3.2]

                  • Update Roundcube to 1.4.2
                  • Full changelog
                  • Fix potential XSS issue in HTML editor of the identity signature input
                  • Fix cross-site scripting (XSS) via HTML messages with malicious svg content [CVE-2020-16145]
                  • Fix cross-site scripting (XSS) via HTML messages with malicious math content
                  1 Reply Last reply Reply Quote 1
                  • nebulon
                    nebulon Staff last edited by

                    [2.3.3]

                    • Update Roundcube to 1.4.9
                    • Full changelog
                    • Fix HTML editor in latest Chrome 85.0.4183.102, update to TinyMCE 4.9.11 (#7615)
                    • Add missing localization for some label/legend elements in userinfo plugin (#7478)
                    • Fix importing birthday dates from Gmail vCards (BDAY:YYYYMMDD)
                    • Fix restoring Cc/Bcc fields from local storage (#7554)
                    • Fix jstz.min.js installation, bump version to 1.0.7
                    • Fix incorrect PDO::lastInsertId() use in sqlsrv driver (#7564)
                    • Fix link to closure compiler in bin/jsshrink.sh script (#7567)
                    • Fix bug where some parts of a message could have been missing in a reply/forward body (#7568)
                    • Fix empty space on mail printouts in Chrome (#7604)
                    • Fix empty output from HTML5 parser when content contains XML tag (#7624)
                    • Fix scroll jump on key press in plain text mode of the HTML editor (#7622)
                    • Fix so autocompletion list does not hide on scroll inside it (#7592)
                    1 Reply Last reply Reply Quote 1
                    • girish
                      girish Staff last edited by

                      [2.3.4]

                      • Use UTF-8 encoding for mailbox names in sieve rules.
                      1 Reply Last reply Reply Quote 1
                      • nebulon
                        nebulon Staff last edited by

                        [2.4.1]

                        • Update Roundcube to 1.4.10
                        • Stored cross-site scripting (XSS) via HTML or plain text messages with malicious content [CVE-2020-35730]
                        1 Reply Last reply Reply Quote 0
                        • girish
                          girish Staff last edited by

                          [2.5.0]

                          • Update Roundcube to 1.4.11
                          • Full changelog
                          • Security fix: Fix cross-site scripting (XSS) via HTML messages with malicious CSS content
                          • Use base image v3
                          • Use PHP 7.4
                          1 Reply Last reply Reply Quote 0
                          • girish
                            girish Staff last edited by

                            [2.5.1]

                            • Add separate forwarding and vacation section
                            d19dotca 1 Reply Last reply Reply Quote 0
                            • d19dotca
                              d19dotca @girish last edited by

                              @girish said in Roundcube - Package updates:

                              [2.5.1]

                              • Add separate forwarding and vacation section

                              Is it possible to expand on the "add separate forwarding and vacation section". I have a lot of users using Roundcube and just want to be sure I know what to expect or notify them of if needed, as many have various rules set for auto-responses and such. It doesn't seem this was an update to Roundcube based on their GitHub releases, so curious what was changed.

                              I found https://git.cloudron.io/cloudron/roundcube-app/-/commit/b8b2caac3c54d08d4e14e2d7cafc62224a8a4451 - this looks like it's more platform-related then, no actual UI changes for users, right?

                              --
                              Dustin Dauncey
                              www.d19.ca

                              1 Reply Last reply Reply Quote 0
                              • nebulon
                                nebulon Staff last edited by

                                [2.6.0]

                                • Update Roundcube to 1.5.0
                                • Full changelog
                                • Dark mode for Elastic skin
                                • OAuth2/XOauth support (with plugin hooks)
                                • Collected recipients and trusted senders
                                • Moving recipients between inputs with drag & drop
                                • Full unicode support with MySQL database
                                • Support of IMAP LITERAL- extension [RFC 7888]
                                • Support of RFC 2231 encoded names
                                • Cache refactoring
                                1 Reply Last reply Reply Quote 1
                                • girish
                                  girish Staff last edited by

                                  [2.6.1]

                                  • Update Roundcube to 1.5.1
                                  • Full changelog
                                  • Fix importing contacts with no email address (#8227)
                                  • Fix so session's search scope is not used if search is not active (#8199)
                                  • Fix some PHP8 warnings (#8239)
                                  • Fix so dark mode state is retained after closing the browser (#8237)
                                  • Fix bug where new messages were not added to the list on refresh if skip_deleted=true (#8234)
                                  • Fix colors on "Show source" page in dark mode (#8246)
                                  • Fix handling of dark_mode_support:false setting in skins meta.json - also when devel_mode=false (#8249)
                                  1 Reply Last reply Reply Quote 1
                                  • nebulon
                                    nebulon Staff last edited by

                                    [2.6.2]

                                    • Update Roundcube to 1.5.2
                                    • Full changelog
                                    • Cross-site scripting (XSS) via HTML messages with malicious CSS content
                                    1 Reply Last reply Reply Quote 1
                                    • girish
                                      girish Staff last edited by

                                      [2.6.3]

                                      • Remove hardcoded PHP memory limit
                                      1 Reply Last reply Reply Quote 0
                                      • nebulon
                                        nebulon Staff last edited by

                                        [2.6.4]

                                        • Update Roundcube to 1.5.3
                                        • Full changelog
                                        • Enigma: Fix initial synchronization of private keys
                                        • Enigma: Fix double quoted-printable encoding of pgp-signed messages with no attachments (#8413)
                                        • Fix various PHP8 warnings (#8392)
                                        • Fix mail headers injection via the subject field on mail compose (#8404)
                                        • Fix bug where small message/rfc822 parts could not be decoded (#8408)
                                        • Fix setting HTML mode on reply/forward of a signed message (#8405)
                                        • Fix handling of RFC2231-encoded attachment names inside of a message/rfc822 part (#8418)
                                        • Fix bug where some mail parts (images) could have not be listed as attachments (#8425)
                                        • Fix bug where attachment icons were stuck at the top of the messages list in Safari (#8433)
                                        • Fix handling of message/rfc822 parts that are small and are multipart structures with a single part (#8458)
                                        • Fix bug where session could time out if DB and PHP timezone were different (#8303)
                                        • Fix bug where DSN flag state wasn't stored with a draft (#8371)
                                        • Fix broken encoding of HTML content encapsulated in a RTF attachment (#8444)
                                        • Fix problem with aria-hidden=true on toolbar menus in the Elastic skin (#8517)
                                        • Fix bug where title tag content was displayed in the body if it contained HTML tags (#8540)
                                        • Fix support for DSN specification without host e.g. pgsql:///dbname (#8558)
                                        1 Reply Last reply Reply Quote 1
                                        • girish
                                          girish Staff last edited by

                                          [2.7.0]

                                          • Update ROundcube to 1.6.0
                                          • Full changelog
                                          • Update to jQuery-UI 1.13.1 (#8455)
                                          • Added possibility to make the logo image a link via the 'skin_logo' option (#8501)
                                          • Use navigator.pdfViewerEnabled for PDF viewer detection
                                          • Remove use of unreliable charset detection (#8344)
                                          • Don't list images attached to multipart/related part as attachments (#7184)
                                          • Password: Add support for ssha256 algorithm (#8459)
                                          • Fix so unix:// URI is supported in various host spec. options again (#8468)
                                          • Fix slow loading of long HTML content into the HTML editor (#8108)
                                          • Fix bug where SMTP password didn't work if it contained '%p' (#8435)
                                          • Enigma: Fix initial synchronization of private keys
                                          • Enigma: Fix double quoted-printable encoding of pgp-signed messages with no attachments (#8413)
                                          1 Reply Last reply Reply Quote 1
                                          • First post
                                            Last post
                                          Powered by NodeBB