This is a security update to the LTS version 1.3.
It fixes two recently discovered vulnerabilities:
- Fix XSS issue in handling attachment filename extension in mimetype mismatch warning
- Fix possible SQL injection via some session variables
This version in considered stable and we strongly recommend to update all productive installations of Roundcube 1.3.x with it. Please do backup your data before updating!