This is a security update to the LTS version 1.5 of Roundcube Webmail.
It provides fixes to recently reported security vulnerabilities:
- Fix CSS injection vulnerability reported by CERT Polska.
- Fix remote image blocking bypass via SVG content reported by nullcathedral.
This version is considered stable and we recommend to update all productive installations of Roundcube 1.5.x with it, if you can't move to 1.6 yet. Please do backup your data before updating!