roundcube Webmail in Version 1.1.4 und 1.0.8 erschienen

Die Entwickler des kostenlosen Webmailers, roundcube, haben im Dezember letzten Jahres die Version 1.1.4 und 1.0.8 veröffentlicht. Neben zwei Sicherheitsfixes wurden auch fast 20 Bugs behoben.

coundcube Release 1.1.4 Liste

  • Add workaround for https://bugs.php.net/bug.php?id=70757 (#1490582)
  • Fix duplicate messages in list and wrong count after delete (#1490572)
  • Fix so Installer requires PHP5
  • Make brute force attacks harder by re-generating security token on every failed login (#1490549)
  • Slow down brute-force attacks by waiting for a second after failed login (#1490549)
  • Fix .htaccess rewrite rules to not block .well-known URIs (#1490615)
  • Fix mail view scaling on iOS (#1490551)
  • Fix so database_attachments::cleanup() does not remove attachments from other sessions (#1490542)
  • Fix responses list update issue after response name change (#1490555)
  • Fix bug where message preview was unintentionally reset on check-recent action (#1490563)
  • Fix bug where HTML messages with invalid/excessive css styles couldn’t be displayed (#1490539)
  • Fix redundant blank lines when using HTML and top posting (#1490576)
  • Fix redundant blank lines on start of text after html to text conversion (#1490577)
  • Fix HTML sanitizer to skip <!– node type X –> in output (#1490583)
  • Fix invalid LDAP query in ACL user autocompletion (#1490591)
  • Fix regression in displaying contents of message/rfc822 parts (#1490606)
  • Fix handling of message/rfc822 attachments on replies and forwards (#1490607)
  • Fix PDF support detection in Firefox > 19 (#1490610)
  • Fix path traversal vulnerability (CWE-22) in setting a skin (#1490620)
  • Fix so drag-n-drop of text (e.g. recipient addresses) on compose page actually works (#1490619)

Quelle: https://roundcube.net/news/2015/12/26/updates-1.1.4-and-1.0.8-released/

Schreibe einen Kommentar

Deine E-Mail-Adresse wird nicht veröffentlicht. Erforderliche Felder sind mit * markiert.