All Versions
30
Latest Version
Avg Release Cycle
74 days
Latest Release
1306 days ago

Changelog History
Page 1

  • v1.4.9 Changes

    September 27, 2020

    โšก๏ธ This is a service update to the stable version 1.4 of Roundcube Webmail.
    ๐Ÿ‘€ It contains fixes and general improvements from our issue tracker, mainly related to email composition and UI oddities in Elastic skin and with the TinyMCE richtext editor. See the full changelog below.

    โšก๏ธ This version is considered stable and we recommend to update all productive installations of Roundcube with it.
    โšก๏ธ Please do backup your data before updating!

    ๐Ÿ”„ CHANGELOG

    • ๐Ÿ›  Fix HTML editor in latest Chrome 85.0.4183.102, update to TinyMCE 4.9.11 (#7615)
    • โž• Add missing localization for some label/legend elements in userinfo plugin (#7478)
    • ๐Ÿ›  Fix importing birthday dates from Gmail vCards (BDAY:YYYYMMDD)
    • ๐Ÿ›  Fix restoring Cc/Bcc fields from local storage (#7554)
    • ๐Ÿ›  Fix jstz.min.js installation, bump version to 1.0.7
    • ๐Ÿ›  Fix incorrect PDO::lastInsertId() use in sqlsrv driver (#7564)
    • ๐Ÿ›  Fix link to closure compiler in bin/jsshrink.sh script (#7567)
    • ๐Ÿ›  Fix bug where some parts of a message could have been missing in a reply/forward body (#7568)
    • ๐Ÿ›  Fix empty space on mail printouts in Chrome (#7604)
    • ๐Ÿ›  Fix empty output from HTML5 parser when content contains XML tag (#7624)
    • ๐Ÿ›  Fix scroll jump on key press in plain text mode of the HTML editor (#7622)
    • ๐Ÿ›  Fix so autocompletion list does not hide on scroll inside it (#7592)

  • v1.4.8 Changes

    August 10, 2020

    โšก๏ธ This is a service and security update to the stable version 1.4 of Roundcube Webmail.
    ๐Ÿ”’ It contains fixes for recently reported security vulnerabilities as well a small number of general improvements from our issue tracker. See the full changelog below.

    ๐Ÿ”’ Security fixes

    • ๐Ÿ›  Fix potential XSS issue in HTML editor of the identity signature input
    • ๐Ÿ›  Fix cross-site scripting (XSS) via HTML messages with malicious svg content [CVE-2020-16145]
    • ๐Ÿ›  Fix cross-site scripting (XSS) via HTML messages with malicious math content

    โœ… Credits for the latter two findings go to ลukasz Pilorz from Pentesters.

    โšก๏ธ This version is considered stable and we recommend to update all productive installations of Roundcube with it.
    โšก๏ธ Please do backup your data before updating!

    ๐Ÿ”„ CHANGELOG

    • Managesieve: Fix too-small input field in Elastic when using custom headers (#7498)
    • Fix support for an error as a string in message_before_send hook (#7475)
    • Elastic: Fix redundant scrollbar in plain text editor on mail reply (#7500)
    • Elastic: Fix deleted and replied+forwarded icons on messages list (#7503)
    • Managesieve: Allow angle brackets in out-of-office message body (#7518)
    • ๐Ÿ›  Fix bug in conversion of email addresses to mailto links in plain text messages (#7526)
    • ๐Ÿ›  Fix format=flowed formatting on plain text part derived from the HTML content (#7504)
    • ๐Ÿ›  Fix incorrect rewriting of internal links in HTML content (#7512)
    • ๐Ÿ›  Fix handling links without defined protocol (#7454)
    • ๐Ÿ›  Fix paging of search results on IMAP servers with no SORT capability (#7462)
    • ๐Ÿ›  Fix detecting special folders on servers with both SPECIAL-USE and LIST-STATUS (#7525)
    • ๐Ÿ”’ Security: Fix potential XSS issue in HTML editor of the identity signature input (#7507)
    • ๐Ÿ”’ Security: Fix cross-site scripting (XSS) via HTML messages with malicious svg content [CVE-2020-16145]
    • ๐Ÿ”’ Security: Fix cross-site scripting (XSS) via HTML messages with malicious math content

  • v1.4.7 Changes

    July 05, 2020

    โšก๏ธ This is a service and security update to the stable version 1.4 of Roundcube Webmail.
    ๐Ÿ”’ It contains a fix for recently reported security vulnerability as well a small number of general improvements from our issue tracker. See the full changelog below.

    ๐Ÿ”’ Security fix

    Prevent cross-site scripting (XSS) via HTML messages with malicious svg/namespace (CVE-2020-15562)

    Credits for this finding go to SSD Secure Disclosure.

    โšก๏ธ This version is considered stable and we recommend to update all productive installations of Roundcube with it. Please do backup your data before updating!

    ๐Ÿ”„ CHANGELOG

    • ๐Ÿ›  Fix bug where subfolders of special folders could have been duplicated on folder list
    • ๐Ÿ‘ท Increase maximum size of contact jobtitle and department fields to 128 characters
    • ๐Ÿ›  Fix missing newline after the logged line when writing to stdout (#7418)
    • Elastic: Fix context menu (paste) on the recipient input (#7431)
    • ๐Ÿ›  Fix problem with forwarding inline images attached to messages with no HTML part (#7414)
    • Fix problem with handling attached images with same name when using database_attachments/redundant_attachments (#7455)
    • ๐Ÿ”’ Security: Fix cross-site scripting (XSS) via HTML messages with malicious svg/namespace

  • v1.4.6 Changes

    June 07, 2020

    ๐Ÿš€ This is a follow-up release to the recently published version 1.4.5 of Roundcube Webmail.

    ๐Ÿš€ It contains a single fix for the installer's test step which was broken with the last release. The update is therefore only relevant for new installations which use the installer to set up Roundcube.

    ๐Ÿ”„ CHANGELOG

    • โœ… Installer: Fix regression in SMTP test section (#7417)

  • v1.4.5

    June 01, 2020

  • v1.4.4 Changes

    April 29, 2020

    โšก๏ธ This is a service and security update to the stable version 1.4 of Roundcube Webmail.
    ๐Ÿ”’ It contains four fixes for recently reported security vulnerabilities as well a number
    ๐Ÿ‘€ of general improvements from our issue tracker. See the full changelog below.

    ๐Ÿ”’ Security fixes

    • Cross-Site Scripting (XSS) via malicious HTML content
    • CSRF attack can cause an authenticated user to be logged out
    • Remote code execution via crafted config options
    • ๐Ÿ”Œ Path traversal vulnerability allowing local file inclusion via crafted 'plugins' option

    The latter two vulnerabilities are classified minor because they only affect Roundcube installations
    with public access to the Roundcube installer. That's generally a high-risk situation and is expected
    ๐Ÿš€ to be rare or practically non-existent in productive Roundcube deployments. However, the fixes are done
    in core in order to also prevent from future and yet unknown attack vectors.

    โšก๏ธ This version is considered stable and we recommend to update all productive installations
    โšก๏ธ of Roundcube with it. Please do backup your data before updating!

    ๐Ÿ”„ CHANGELOG

    • ๐Ÿ›  Fix bug where attachments with Content-Id were attached to the message on reply (#7122)
    • ๐Ÿ›  Fix identity selection on reply when both sender and recipient addresses are included in identities (#7211)
    • Elastic: Fix text selection with Shift+PageUp and Shift+PageDown in plain text editor when using Chrome (#7230)
    • Elastic: Fix recipient input bug when using click to select a contact from autocomplete list (#7231)
    • Elastic: Fix color of a folder with recent messages (#7281)
    • ๐Ÿ–จ Elastic: Restrict logo size in print view (#7275)
    • ๐Ÿ›  Fix invalid Content-Type for messages with only html part and inline images - Mail_Mime-1.10.7 (#7261)
    • ๐Ÿ›  Fix missing contact display name in QR Code data (#7257)
    • ๐Ÿ›  Fix so button label in Select image/media dialogs is "Close" not "Cancel" (#7246)
    • ๐Ÿ›  Fix regression in testing database schema on MSSQL (#7227)
    • ๐Ÿ›  Fix cursor position after inserting a group to a recipient input using autocompletion (#7267)
    • ๐Ÿ›  Fix string literals handling in IMAP STATUS (and various other) responses (#7290)
    • ๐Ÿ›  Fix bug where multiple images in a message were replaced by the first one on forward/reply/edit (#7293)
    • ๐Ÿ›  Fix handling keyservers configured with protocol prefix (#7295)
    • ๐Ÿšš Markasjunk: Fix marking as spam/ham on moving messages with Move menu (#7189)
    • Markasjunk: Fix bug where moving to Junk was failing on messages selected with Select > All (#7206)
    • ๐Ÿ›  Fix so imap error message is displayed to the user on folder create/update (#7245)
    • ๐Ÿ›  Fix bug where a special folder couldn't be created if a special-use flag is not supported (#7147)
    • Mailvelope: Fix bug where recipients with name were not handled properly in mail compose (#7312)
    • ๐Ÿ›  Fix characters encoding in group rename input after group creation/rename (#7330)
    • ๐Ÿ›  Fix bug where some message/rfc822 parts could not be attached on forward (#7323)
    • ๐Ÿ‘‰ Make install-jsdeps.sh script working without the file program installed (#7325)
    • ๐Ÿ›  Fix performance issue of parsing big HTML messages by disabling HTML5 parser for these (#7331)
    • ๐Ÿ›  Fix so Print button for PDF attachments works on Firefox >= 75 (#5125)
    • ๐Ÿ”’ Security: Fix XSS issue in handling of CDATA in HTML messages
    • Security: Fix remote code execution via crafted 'im_convert_path' or 'im_identify_path' settings
    • ๐Ÿ”’ Security: Fix local file inclusion (and code execution) via crafted 'plugins' option
    • ๐Ÿ”’ Security: Fix CSRF bypass that could be used to log out an authenticated user (#7302)

  • v1.4.3 Changes

    February 19, 2020

    ๐Ÿš€ This is the third service release to update the stable version 1.4 of Roundcube Webmail.
    ๐Ÿ›  It contains general fixes and improvements to the new Elastic theme as well as some
    ๐Ÿ‘€ core plugins like Enigma, Managesieve and Markasjunk. See the full changelog below.

    โšก๏ธ This version is considered stable and we recommend to update all productive installations
    โšก๏ธ of Roundcube with it. Please do backup your data before updating!

    ๐Ÿ”„ CHANGELOG

    • Enigma: Fix so key list selection is reset when opening key creation form (#7154)
    • Enigma: Fix so using list checkbox selection does not load the key preview frame
    • Enigma: Fix generation of key pairs for identities with IDN domains (#7181)
    • Enigma: Display IDN domains of key users and identities in UTF8
    • Enigma: Fix bug where "Send unencrypted" button didn't work in Elastic skin (#7205)
    • Managesieve: Fix bug where it wasn't possible to save flag actions (#7188)
    • Markasjunk: Fix bug where marking as spam/ham didn't work on moving messages with drag-and-drop (#7137)
    • Password: Make chpass-wrapper.py Python 3 compatible (#7135)
    • Elastic: Fix disappearing sidebar in mail compose after clicking Mail button
    • Elastic: Fix incorrect aria-disabled attribute on Mail taskmenu button in mail compose
    • Elastic: Fix bug where it was possible to switch editor mode when 'htmleditor' was in 'dont_override' (#7143)
    • Elastic: Fix text selection in recipient inputs (#7129)
    • Elastic: Fix missing Close button in "more recipients" dialog
    • Elastic: Fix non-working folder subscription checkbox for newly added folders (#7174)
    • ๐Ÿ›  Fix regression where "Open in new window" action didn't work (#7155)
    • Fix PHP Warning: array_filter() expects parameter 1 to be array, null given in subscriptions_option plugin (#7165)
    • ๐Ÿ›  Fix unexpected error message when mail refresh involves folder auto-unsubscribe (#6923)
    • ๐Ÿ›  Fix recipient duplicates in print-view when the recipient list has been expanded (#7169)
    • ๐Ÿ›  Fix bug where files in skins/ directory were listed on skins list (#7180)
    • ๐Ÿ›  Fix bug where message parts with no Content-Disposition header and no name were not listed on attachments list (#7117)
    • ๐Ÿ›  Fix display issues with mail subject that contains line-breaks (#7191)
    • ๐Ÿ›  Fix invalid Content-Transfer-Encoding on multipart messages - Mail_Mime fix (#7170)
    • ๐Ÿ›  Fix regression where using an absolute path to SQLite database file on Windows didn't work (#7196)
    • ๐Ÿ›  Fix using unix:///path/to/socket.file in memcached driver (#7210)

  • v1.4.2 Changes

    January 01, 2020

    ๐Ÿš€ This is the second service release to update the stable version 1.4 of Roundcube Webmail. It contains fixes and improvements reported since the release of version 1.4.0. See the full changelog below.

    โšก๏ธ This version considered stable and we recommend to update all productive installations
    โšก๏ธ of Roundcube with it. Please do backup your data before updating!

    ๐Ÿ”„ CHANGELOG

    • ๐Ÿ”Œ Plugin API: Make actionbefore, before, actionafter and after events working with plugin actions (#7106)
    • Managesieve: Replace "Filter disabled" with "Filter enabled" (#7028)
    • Managesieve: Fix so modifier type select wasn't hidden after hiding modifier select on header change
    • Managesieve: Fix filter selection after removing a first filter (#7079)
    • Markasjunk: Fix marking more than one message as spam/ham with email_learn driver (#7121)
    • Password: Fix kpasswd and smb drivers' double-escaping bug (#7092)
    • Enigma: Add script to import keys from filesystem to the db storage (for multihost)
    • โœ… Installer: Fix DB Write test on SQLite database ("database is locked" error) (#7064)
    • Installer: Fix so SQLite DSN with a relative path to the database file works in Installer
    • โš  Elastic: Fix contrast of warning toasts (#7058)
    • Elastic: Simple search in pretty selects (#7072)
    • Elastic: Fix hidden list widget on mobile/tablet when selecting folder while search menu is open (#7120)
    • ๐Ÿ›  Fix so type attribute on script tags is not used on HTML5 pages (#6975)
    • ๐Ÿ›  Fix unread count after purge on a folder that is not currently selected (#7051)
    • ๐Ÿ›  Fix bug where Enter key didn't work on messages list in "List" layout (#7052)
    • ๐Ÿ›  Fix bug where deleting a saved search in addressbook caused display issue on sources/groups list (#7061)
    • ๐Ÿ›  Fix bug where a new saved search added after removing all searches wasn't added to the list (#7061)
    • ๐Ÿ›  Fix bug where a new contact group added after removing all groups from addressbook wasn't added to the list
    • ๐Ÿ›  Fix bug where Ctype extension wasn't required in Installer and INSTALL file (#7049)
    • ๐Ÿ›  Fix so install-jsdeps.sh removes Bootstrap's sourceMappingURL (#7035)
    • ๐Ÿ›  Fix so use of Ctrl+A does not scroll the list (#7020)
    • ๐Ÿ›  Fix/remove useless keyup event handler on username input in logon form (#6970)
    • ๐Ÿ›  Fix bug where cancelling switching from HTML to plain text didn't set the flag properly (#7077)
    • ๐Ÿ›  Fix bug where HTML reply could add an empty line with extra indentation above the original message (#7088)
    • ๐Ÿ›  Fix matching multiple X-Forwarded-For addresses with 'proxy_whitelist' (#7107)
    • Fix so displayed maximum attachment size depends also on 'max_message_size' (#7105)
    • ๐Ÿ›  Fix bug where 'skins_allowed' option didn't enforce user skin preference (#7080)
    • ๐Ÿ›  Fix so contact's organization field accepts up to 128 characters (it was 50)
    • ๐Ÿ›  Fix bug where listing tables in PostgreSQL database with db_prefix didn't work (#7093)
    • ๐Ÿ›  Fix bug where 'text' attribute on body tag was ignored when displaying HTML message (#7109)
    • ๐Ÿ›  Fix bug where next message wasn't displayed after delete in List mode (#7096)
    • ๐Ÿ›  Fix so number of contacts in a group is not limited to 200 when redirecting to mail composer from Contacts (#6972)
    • ๐Ÿ›  Fix malformed characters in HTML message with charset meta tag not in head (#7116)

  • v1.4.1 Changes

    November 22, 2019

    ๐Ÿš€ This is the first service release to update the new stable version 1.4.

    ๐Ÿš€ With the recent release of Roundcube Webmail 1.4.0 we missed to mention a few breaking changes since the last stable version 1.3. We apologize for this and are now clarifying and correcting these:

    ๐Ÿ’ฅ Breaking changes

    (since 1.3.x)

    • ### ๐Ÿ†• new defaults for smtp_* config options:

    0๏ธโƒฃ Upon many requests and in order to get closer to the default setup of most SMTP servers, we changed the defaults as follows:

    // SMTP port (default is 587)
$config['smtp_port'] = 587;

// SMTP username (if required). %u will use the current username for login
$config['smtp_user'] = '%u';

// SMTP password (if required). %p will use the current user's password for login
$config['smtp_pass'] = '%p';
    • ### ๐Ÿ”„ changed default password_charset to UTF-8:

    ๐Ÿ”ง Because of many complaints, we decided to choose a more sane default that covers most setups and configurations.

    • ### login page returning 401 Unauthorized status:

    ๐Ÿš€ The new behavior that Roundcube 1.4 returns a 401 status code if the client is not authenticated apparently was very unexpected and lead to monitoring problems. Despite not having mentioned that change in the release notes, we now partly reverted it so that 401 is only returned on login failures but not on the first request to Roundcube which by definition is unauthorized.

    ๐Ÿš€ Besides these three major concerns we heard from your much appreciated feedback, we fixed a number of nasty bugs that sneaked into the 1.4.0 release. See the complete changelog below.

    ๐Ÿ”„ Changelog

    • Elastic: Change HTML editor widget to improve form flow (#6992)
    • Elastic: Fix position of mobile floating action button (#7038)
    • ๐Ÿ’ป Managesieve: Fix locked UI after opening filter frame (#7007)
    • ๐Ÿ›  Fix PHP warning: "array_merge(): Expected parameter 2 to be an array, null given in sendmail.inc (#7003)
    • ๐Ÿ›  Fix bug where cache keys could exceed length limit specified in db schema (#7004)
    • ๐Ÿ›  Fix invalid Signature button state after escaping Mailvelope mode (#7015)
    • ๐Ÿ›  Fix so 401 error is returned only on failed logon requests (#7010)
    • ๐Ÿ›  Fix db_prefix handling in queries with TRUNCATE TABLE <name> and UNIQUE <name> (#7013)
    • ๐Ÿ›  Fix so update.sh script warns about changed defaults (#7011)
    • ๐Ÿ›  Fix tables listing routine when DSN contained a database with unsupported suffix (#7034)
    • ๐Ÿ›  Fix so Elastic is also a default in jqueryui plugin (#7039)
    • ๐Ÿ›  Fix bug where the Installer would not warn about required schema upgrade (#7042)

  • v1.4 Changes

    February 28, 2019

    ๐Ÿš€ This is a first release candidate for the next major version 1.4 of Roundcube webmail which has now been in development for quite a while. Although the new responsive Elastic skin is now functional and feature complete, it still lacks the final brush-up to make it shine. We have now finally found a volunteer to work on this and once completed, a second release candidate will follow.

    ๐Ÿš€ For now youโ€™re all invited to give the new 1.4 version another test run. Besides the responsive theme it comes with lots of new features and improvements since the beta release. Check the Changelog below for a complete list of changes.

    ๐Ÿ’… Please also try customizing the Elastic skin using the _styles.less and _variables.less files and let us know whatโ€™s missing. You'll find guidance in the README.md file inside the skin folder.

    0๏ธโƒฃ Because we donโ€™t yet consider the Elastic theme fully complete, itโ€™s not set to be the default theme. Adjust your config in order to enable it with

    $config['skin'] = 'elastic';

    ๐Ÿš€ This is a beta release and we recommend to test it on a separate environment.
    And don't forget to backup your data before installing it.

    ๐Ÿ”„ CHANGELOG

    • ๐Ÿ”„ Changed 'password_charset' default to 'UTF-8' (#6522)
    • โž• Add skins_allowed option (#6483)
    • ๐Ÿ”Œ SMTP GSSAPI support via krb_authentication plugin (#6417)
    • Avoid Referer leaking by using Referrer-Policy:same-origin header (#6385)
    • โœ‚ Removed 'referer_check' option (#6440)
    • ๐Ÿšš Use constant prefix for temp file names, don't remove temp files from other apps (#6511)
    • Ignore 'Sender' header on Reply-All action (#6506)
    • deluser.sh: Add option to delete users who have not logged in for more than X days (#6340)
    • HTML5 Upload Progress - as a replacement for the old server-side solution (#6177)
    • โšก๏ธ Update to TinyMCE 4.8.2
    • โšก๏ธ Update to jQuery-MiniColors 2.3.4
    • ๐Ÿ—„ Prevent from using deprecated timezone names from jsTimezoneDetect
    • ๐Ÿ‘ฎ Force session.gc_probability=1 when using custom session handlers (#6560)
    • ๐Ÿ‘Œ Support simple field labels (e.g. LetterHub examples) in csv imports (#6541)
    • โž• Add cache busters also to images used by templates (#6610)
    • ๐Ÿ”Œ Plugin API: Added 'raise_error' hook (#6199)
    • ๐Ÿ”Œ Plugin API: Added 'common_headers' hook (#6385)
    • ๐Ÿ”Œ Plugin API: Added 'ldap_connected' hook
    • โšก๏ธ Enigma: Update to OpenPGPjs 4.2.1 - fixes user name encoding issues in key generation (#6524)
    • ๐Ÿ”€ Enigma: Fixed multi-host synchronization of private and deleted keys and pubring.kbx file
    • ๐Ÿ‘ Managesieve: Added support for 'editheader' extension - RFC5293 (#5954)
    • Managesieve: Fix bug where custom header or variable could be lost on form submission (#6594)
    • Markasjunk: Integrate markasjunk2 features into markasjunk - marking as non-junk + learning engine (#6504)
    • Password: Added 'modoboa' driver (#6361)
    • Password: Fix bug where password_dovecotpw_with_method setting could be ignored (#6436)
    • Password: Fix bug where new users could skip forced password change (#6434)
    • 0๏ธโƒฃ Password: Allow drivers to override default password comparisons (eg new is not same as current) (#6473)
    • 0๏ธโƒฃ Password: Allow drivers to override default strength checks (eg allow for 'not the same as last x passwords') (#246)
    • Passowrd: Allow drivers to define password strength rules displayed to the user
    • Password: Allow separate password saving and strength drivers for use of strength checking services (#5040)
    • Password: Add zxcvbn driver for checking password strength (#6479)
    • Password: Disallow control characters in passwords
    • ๐Ÿ‘ Password: Add support for Plesk >= 17.8 (#6526)
    • Elastic: Improved datepicker displayed always in parent window
    • Elastic: On touch devices display attachment icons on messages list (#6296)
    • Elastic: Make menu button inactive if all subactions are inactive (#6444)
    • Elastic: On mobile/tablet jump to the list on folder selection (#6415)
    • Elastic: Various improvements on mail compose screen (#6413)
    • ๐Ÿ‘ Elastic: Support new-line char as a separator for pasted recipients (#6460)
    • ๐Ÿ”Š Elastic: Improved UX of search dialogs (#6416)
    • Elastic: Fix unwanted thread expanding when selecting a collapsed thread in non-mobile mode (#6445)
    • Elastic: Fix too small height of mailvelope mail preview frame (#6600)
    • Elastic: Add "status bar" for mobile in mail composer
    • Elastic: Add selection options on contacts list (#6595)
    • Elastic: Fix unintentional layout preference overwrite (#6613)
    • ๐ŸŒฒ Log errors caused by low pcre.backtrack_limit when sending a mail message (#6433)
    • Fix so max_message_size limit is checked also when forwarding messages as attachments (#6580)
    • ๐Ÿ‘‰ Fix so performance stats are logged to the main console log also when per_user_logging=true
    • ๐Ÿ›  Fix malformed message saved into Sent folder when using big attachments and low memory limit (#6498)
    • ๐Ÿ›  Fix incorrect IMAP SASL GSSAPI negotiation (#6308)
    • ๐Ÿ›  Fix so unicode in local part of the email address is also supported in recipient inputs (#6490)
    • ๐Ÿ›  Fix bug where autocomplete list could be displayed out of screen (#6469)
    • ๐Ÿ›  Fix style/navigation on error page depending on authentication state (#6362)
    • Fix so invalid smtp_helo_host is never used, fallback to localhost (#6408)
    • ๐Ÿ›  Fix custom logo size in Elastic (#6424)
    • ๐Ÿ›  Fix listing the same attachment multiple times on forwarded messages
    • ๐Ÿ›  Fix bug where a message/rfc822 part without a filename wasn't listed on the attachments list (#6494)
    • ๐Ÿ›  Fix inconsistent offset for various time zones - always display Standard Time offset (#6531)
    • ๐Ÿ›  Fix dummy Message-Id when resuming a draft without Message-Id header (#6548)
    • ๐Ÿ›  Fix handling of empty entries in vCard import (#6564)
    • ๐Ÿ›  Fix bug in parsing some IMAP command responses that include unsolicited replies (#6577)
    • ๐Ÿ›  Fix PHP 7.2 compatibility in debug_logger plugin (#6586)
    • ๐Ÿ›  Fix so ANY record is not used for email domain validation, use A, MX, CNAME, AAAA instead (#6581)
    • Fix so mime_content_type check in Installer uses files that should always be available (i.e. from program/resources) (#6599)
    • ๐Ÿ›  Fix missing CSRF token on a link to download too-big message part (#6621)
    • ๐Ÿ›  Fix bug when aborting dragging with ESC key didn't stop the move action (#6623)