github roundcube/roundcubemail 1.6.15
Roundcube Webmail 1.6.15
on GitHub

6 hours ago

This is a security update to the stable version 1.6 of Roundcube Webmail.
It provides fixes to some regressions introduced in the previous release as well a recently reported security vulnerability:

  • SVG Animate FUNCIRI Attribute Bypass — Remote Image Loading via fill/filter/stroke, reported by class_nzm.

This version is considered stable and we recommend to update all productive installations of Roundcube 1.6.x with it. Please do backup your data before updating!

CHANGELOG

  • Fix regression where mail search would fail on non-ascii search criteria (#10121)
  • Fix regression where some data url images could get ignored/lost (#10128)
  • Fix SVG Animate FUNCIRI Attribute Bypass — Remote Image Loading via fill/filter/stroke
Check out latest releases or
releases around roundcube/roundcubemail 1.6.15

Don't miss a new roundcubemail release

NewReleases is sending notifications on new releases.

Get notifications