What skin are you using? Elastic does not use the `icon` attribute.

Quick update: we managed to stop the fatal error from appearing in our logs with a small workaround.

In `program/actions/mail/index.php` (around line 740) we wrapped the `asset_url()` call with a `method_exists()` check, so it won't crash if `asset_url()` isn't available in that context:

diff
--- a/program/actions/mail/index.php
+++ b/program/actions/mail/index.php
@@ -737,7 +737,11 @@
-   $inner = html::img(['src' => $rcmail->output->asset_url($attrib['icon'], true), 'alt' => $title]);
+   $inner = html::img(['src' => (method_exists($rcmail->output, 'asset_url') ? $rcmail->output->asset_url($attrib['icon'], true) : ''), 'alt' => $title]);

After applying this, `Call to undefined method rcmail_output_json::asset_url()` no longer shows up in our logs.

We can confirm we're seeing the same fatal errors in our logs as well since updating to the latest 1.7 RC4.

Unfortunately we don't know what exactly triggers it. I haven't been able to reproduce the issue myself so far — it only seems to be triggered somehow by our customers in real usage.

Hi Alec,
thank you, my calendars are now being updated. However, the appointments are not showing up in the Roundcube calendar. I'm getting a database error. Could someone help me with this?

Quote[25-Feb-2026 09:58:23 +0000]: <be2f74e4> PHP Error: Failed to write to kolab cache (POST /?_task=calendar&_action=refresh)
[25-Feb-2026 09:58:23 +0000]: <be2f74e4> DB Error: [7] FEHLER:  ungültige Eingabesyntax für Typ integer: »«
LINE 1: ... FROM "kolab_cache_dav_event" WHERE "folder_id" = '' AND "ch...
                                                             ^ (SQL Query: SELECT * FROM "kolab_cache_dav_event" WHERE "folder_id" = '' AND "changed" >= '2026-02-25 09:57:06' AND "dtstart" <= '2026-03-02 12:00:00' AND "dtend" >= '2026-02-22 12:00:00') in /var/www/html/program/lib/Roundcube/rcube_db.php on line 577 (POST /?_task=calendar&_action=refresh)

Try this in the libkolab plugin config.
$config['kolab_http_request'] = [
    'ssl_verify_peer' => false,
    'ssl_verify_host' => false,
];


That is 100% a phishing email. Roundcube is a open source webmail client there is no centralized "Roundcube Support" and there is no one click upgrades offered through Roundcube branded emails.

I received this email today. Trying to discover if it is real or not:
 

Dear [email protected],
We are closing down all outdated versions of the webmail and our records indicate that your mailbox is on an old version as of Tuesday, February 24, 2026.
To ensure uninterrupted access and avoid any disruption to your mailbox account, please upgrade to the latest version by clicking the button below and signing in.
UPGRADE NOW
Sincerely,
Kita-Bueren Webmail Support

See the attachment.

Thanks for your support.

Hello,
i'm seeing an error message in the roundcube error.log indicating that I can't access my Nextcloud server.

Quote[24-Feb-2026 17:47:36 +0000]: <26e51590> PHP Error: Unable to connect to tls://nextcloud.intern.example.com:443. Error: stream_socket_client(): Unable to connect to tls://nextcloud.intern.example.com:443 (Unknown error)
stream_socket_client(): Failed to enable crypto
stream_socket_client(): SSL operation failed with code 1. OpenSSL Error messages:
error:0A000086:SSL routines::certificate verify failed in /var/www/html/vendor/pear/http_request2/HTTP/Request2/SocketWrapper.php on line 135 (GET /?_task=calendar&source=__bdays__&_action=load_events&start=2026-02-23T00%3A00%3A00&end=2026-03-02T00%3A00%3A00&_=1771955256252)

My self-signed certificate cannot be verified. How can I resolve this issue? Here are my config.inc.php configuration:

Quoteroot@62c6e2adb67e:/var/www/html# cat plugins/calendar/config.inc.php
<?php
$config['calendar_driver'] = "caldav";
$config['calendar_caldav_server'] = "https://nextcloud.intern.example.com/remote.php/dav";
$config['calendar_default_view'] = "agendaWeek";
$config['calendar_contact_birthdays'] = false;
$config['calendar_timeslots'] = 2;
$config['calendar_agenda_range'] = 60;
$config['calendar_first_day'] = 1;
$config['calendar_first_hour'] = 6;
$config['calendar_work_start'] = 6;
$config['calendar_work_end'] = 18;
$config['calendar_time_indicator'] = true;
$config['calendar_show_weekno'] = 0;
$config['calendar_default_alarm_type'] = '';
$config['calendar_default_alarm_offset'] = '-15M';
$config['calendar_event_coloring'] = 0;
$config['calendar_categories'] = [
  'Personal' => 'c0c0c0',
      'Work' => 'ff0000',
    'Family' => '00ff00',
   'Holiday' => 'ff6600',
];
$config['calendar_allow_invite_shared'] = false;
$config['calendar_allow_itip_uninvited'] = true;
$config['calendar_itip_send_option'] = 3;
$config['calendar_itip_after_action'] = 0;
$config['calendar_freebusy_trigger'] = false;
$config['calendar_include_freebusy_data'] = 1;
$config['calendar_itip_smtp_server'] = null;
$config['calendar_itip_smtp_user'] = 'smtpauth';
$config['calendar_itip_smtp_pass'] = '123456';
$config['kolab_invitation_calendars'] = false;
$config['calendar_caldav_url'] = 'https://nextcloud.intern.example.com/davical/caldav.php/%u/%n';;
$config['calendar_freebusy_session_auth_url'] = null;
$config['calendar_nextcloud_url'] = null;

Regards, Stefan Harbich

Hello,
when I try to install the libkolab plugin in Roundcube, I get the following error message from Composer when updating my PostgreSQL database:
root@ec46c16a503e:/var/www/html# composer update
Composer could not detect the root package (roundcube/roundcubemail) version, defaulting to '1.0.0'. See https://getcomposer.org/root-version
Loading composer repositories with package information
Updating dependencies
Nothing to modify in lock file
Writing lock file
Installing dependencies from lock file (including require-dev)
Package operations: 12 installs, 0 updates, 0 removals
  - Installing ezyang/htmlpurifier (v4.19.0): Extracting archive
  - Installing pear/net_url2 (v2.2.3): Extracting archive
  - Installing pear/http_request2 (v2.7.0): Extracting archive
  - Installing symfony/polyfill-mbstring (v1.33.0): Extracting archive
  - Installing lolli42/finediff (1.0.4): Extracting archive
  - Installing sabre/uri (3.0.2): Extracting archive
  - Installing sabre/xml (4.0.6): Extracting archive
  - Installing sabre/vobject (4.5.8): Extracting archive
  - Installing caxy/php-htmldiff (v0.1.17): Extracting archive
  - Installing kolab/libkolab (3.6.1): Source already present
Do you want to activate the plugin libkolab? [Y|n] y
Running database initialization script for libkolab
Creating database schema... ERROR: [7] FEHLER:  Relation »kolab_folders_seq« existiert bereits (SQL Query: CREATE SEQUENCE kolab_folders_seq
    INCREMENT BY 1
    NO MAXVALUE
    NO MINVALUE
    CACHE 1)
[FAILED]
ERROR: [7] FEHLER:  Relation »kolab_folders_seq« existiert bereitsThis prevents the plugin from installing. How can I work around this error?
Regards, Stefan Harbich

Feb 23 11:04:28 srv3 roundcube[209349]: <9m2ku5sf> Session destroy: 9m2ku5sfeegii2umfdmagrsk1t
Feb 23 11:04:28 srv3 roundcube[209402]: <9vdk1rkc> Session destroy: 9vdk1rkcllu79jf5b87sfcue2a
Feb 23 11:04:31 srv3 roundcube[209349]: <9m2ku5sf> Session destroy: 9m2ku5sfeegii2umfdmagrsk1t
Feb 23 11:04:32 srv3 roundcube[209402]: <4h5t2qkh> Session regenerate: 9vdk1rkcllu79jf5b87sfcue2a -> 4h5t2qkhs9e1pn0d5asoe62bqb
Feb 23 11:04:36 srv3 roundcube[208944]: <9m2ku5sf> Session destroy: 9m2ku5sfeegii2umfdmagrsk1t
Feb 23 11:04:37 srv3 roundcube[207487]: <q0rn1ilr> Session destroy: q0rn1ilrau1m23qp0pgvdt304f
Feb 23 11:04:37 srv3 roundcube[207487]: <3nlsks9p> Session regenerate: q0rn1ilrau1m23qp0pgvdt304f -> 3nlsks9phouefjvi2sijfkv2rl
Feb 23 11:04:40 srv3 roundcube[208944]: <gdpfi7ja> Session regenerate: 9m2ku5sfeegii2umfdmagrsk1t -> gdpfi7jaugp6imh2n0h72r99kc
Feb 23 11:04:43 srv3 roundcube[207487]: <4h5t2qkh> Session destroy: 4h5t2qkhs9e1pn0d5asoe62bqb
Feb 23 11:04:49 srv3 roundcube[207487]: <nd1epj4j> Session destroy: nd1epj4jmqonh47ek4he6vb2b3
Feb 23 11:04:49 srv3 roundcube[207487]: <qk243etb> Session regenerate: nd1epj4jmqonh47ek4he6vb2b3 -> qk243etbn2g792b66befehmlgt
Feb 23 11:05:00 srv3 roundcube[208944]: <kqb4itme> Session auth check failed for kqb4itme0jpj3bh1hne7a03hca; timeslot = 2026-02-23 05:35:00
Feb 23 11:05:00 srv3 roundcube[209316]: <bcjqj33g> Session auth check failed for bcjqj33gdi6de2791kj8ll3hjc; timeslot = 2026-02-23 05:35:00
Feb 23 11:05:00 srv3 roundcube[209349]: <v2bspiqv> Session auth check failed for v2bspiqvtv6je037beq1e5i32i; timeslot = 2026-02-23 05:35:00
Feb 23 11:05:00 srv3 roundcube[209624]: <3u9vsqgj> Session auth check failed for 3u9vsqgj6kobelodee7u2bfrnc; timeslot = 2026-02-23 05:35:00
Feb 23 11:05:00 srv3 roundcube[207844]: <qtaa9552> Session auth check failed for qtaa9552d54lk5mo2a76mivdva; timeslot = 2026-02-23 05:35:00
Feb 23 11:05:00 srv3 roundcube[209816]: <k1q4878f> Session auth check failed for k1q4878f3amoelstah521et79o; timeslot = 2026-02-23 05:35:00
Feb 23 11:05:00 srv3 roundcube[207847]: <af56ujau> Session auth check failed for af56ujau19bjcedtfb3vsij3hs; timeslot = 2026-02-23 05:35:00
Feb 23 11:05:02 srv3 roundcube[209816]: <gdpfi7ja> Session auth check failed for gdpfi7jaugp6imh2n0h72r99kc; timeslot = 2026-02-23 05:35:00
Feb 23 11:05:02 srv3 roundcube[209402]: <4h5t2qkh> Session destroy: 4h5t2qkhs9e1pn0d5asoe62bqb