Roundcube Security Update 1.4.12 und 1.3.17 veröffentlicht

roundcube - Logo

Der beliebte kostenlose Webmail, Roundcube, erhielt for ein paar Tagen, in den Zweigen 1.3 und 1.4, zwei wichtige Security Updates. Das Update 1.4.12 behebt zudem 9 Fehler.

Roundcube 1.4.12 und 1.3.17 Release Notes

  • Fix XSS issue in handling attachment filename extension in mimetype mismatch warning (#8193)
  • Fix SQL injection via some session variables

Roundcube 1.4.12 Bugfixes

  • Enigma: Fix bug where signature verification could fail for non-ascii bodies (#7919)
  • Fix bug where contacts search didn’t work with addressbook_search_mods set to an empty array (#7974)
  • Fix bug causing some HTML message content to be not centered in Elastic skin (#7911)
  • Fix bug where consecutive LDAP searches could return wrong results (#8064)
  • Fix bug where plus characters in attachment filename could have been ignored (#8074)
  • Fix displaying HTML body with inline images encapsulated using TNEF format (winmail.dat)
  • Fix handling of custom sender addresses with names (#8106)
  • Fix shift + drag’n’drop menu not working in Elastic skin with Chrome browser (#8107)
  • Fix Firefox infinite loading display on mail screen (#8128)

Quelle: Security updates 1.4.12 and 1.3.17 released (roundcube.net)

Schreibe einen Kommentar

Deine E-Mail-Adresse wird nicht veröffentlicht.