We're proud to announce the next service release to the stable version 1.0. It contains a security fix along with some bug fixes and improvements for the long term support branch of Roundcube. The most important ones are:
- Security: Fix possible CSRF attacks to some address book operations as well as to the ACL and Managesieve plugins.
- Fix attachments encoded in TNEF containers (from Outlook)
- Fix compatibility with PHP 5.2
It's considered stable and we recommend to update all productive installations of Roundcube with this version. Download it from roundcube.net/download (http://roundcube.net/download), see the full changelog (http://trac.roundcube.net/wiki/Changelog) here.
Please do backup before updating!
Source: http://roundcube.net/news/2014/12/18/update-1.0.4-released/
Get it Now: http://roundcube.net/download