Roundcube v1.3.8 Release Notes
Release Date: 2018-10-26 // over 5 years ago-
๐ This is a service release to update the stable version 1.3 of Roundcube Webmail.
โก๏ธ It contains fixes to several bugs backported from the master branch including a security fix for a reported XSS vulnerability plus updates to ensure compatibility with PHP 7.3 and recent versions of Courier-IMAP, Dovecot and MySQL 8. See the complete changelog below.๐ CHANGELOG
- ๐ Fix PHP warnings on dummy QUOTA responses in Courier-IMAP 4.17.1 (#6374)
- ๐ Fix so fallback from BINARY to BODY FETCH is used also on [PARSE] errors in dovecot 2.3 (#6383)
- Enigma: Fix deleting keys with authentication subkeys (#6381)
- ๐ Fix invalid regular expressions that throw warnings on PHP 7.3 (#6398)
- ๐ Fix so Classic skin splitter does not escape out of window (#6397)
- ๐ Fix XSS issue in handling invalid style tag content (#6410)
- ๐ Fix compatibility with MySQL 8 - error on 'system' table use
- Managesieve: Fix bug where
show_real_foldernames
setting wasn't respected (#6422) - ๐ New_user_identity: Fix %fu/%u vars substitution in user specific LDAP params (#6419)
- Fix support for "allow-from " in
x_frame_options
config option (#6449) - ๐ Fix bug where valid content between HTML comments could have been skipped in some cases (#6464)
- ๐ Fix multiple VCard field search (#6466)
- ๐ Fix session issue on long running requests (#6470)