Security releases

roundcube · Sep 18, 2023 · 6f07502 · 6f07502
1 parent 3b077ae
commit 6f07502
Show file tree

Hide file tree

Showing 3 changed files with 34 additions and 6 deletions.
diff --git a/_data/releases.json b/_data/releases.json
@@ -33,16 +33,16 @@
         "name": "LTS versions",
         "sources": [
             {
-                "package": "1.5.3 - Complete",
-                "url": "https://github.com/roundcube/roundcubemail/releases/download/1.5.3/roundcubemail-1.5.3-complete.tar.gz",
+                "package": "1.5.4 - Complete",
+                "url": "https://github.com/roundcube/roundcubemail/releases/download/1.5.4/roundcubemail-1.5.4-complete.tar.gz",
                 "size": "7.5 MB",
-                "checksum": "4bcfac219f2e0005c912dac3227743cc1ed0ded69c822f74c81a70d041e5a3bd"
+                "checksum": "ea8825baec0a21950d28bc96d117a3752a0a25097e7ab6e5b5abaee80680fe8e"
             },
             {
-                "package": "1.4.13 - Complete",
-                "url": "https://github.com/roundcube/roundcubemail/releases/download/1.4.13/roundcubemail-1.4.13-complete.tar.gz",
+                "package": "1.4.14 - Complete",
+                "url": "https://github.com/roundcube/roundcubemail/releases/download/1.4.14/roundcubemail-1.4.14-complete.tar.gz",
                 "size": "6.7 MB",
-                "checksum": "e22800be6a2635dad806259edeee2b9878567477d77a74f17ecadbc3e51f2d68"
+                "checksum": "f4cf92fba04e34f9f18e25e75ba5d09a935e0e0ed07b5d4de8edc3a2aa51c50d"
             }
         ]
     },

diff --git a/_posts/2023-09-18-security-update-1.4.14-released.md b/_posts/2023-09-18-security-update-1.4.14-released.md
@@ -0,0 +1,14 @@
+---
+layout: article
+title: Security update 1.4.14 released
+tags: releases updates security
+---
+
+We just published a security update to the LTS version 1.4 of Roundcube Webmail.
+It provides a fix to a recently reported XSS vulnerability:
+
+- Cross-site scripting (XSS) vulnerability in handling of linkrefs in plain text messages, reported by Niraj Shivtarkar.
+
+See the full changelog in the release notes in the [release notes](https://github.com/roundcube/roundcubemail/releases/tag/1.4.14) on the Github download page.
+
+We strongly recommend to update all productive installations of Roundcube 1.4.x with this new version.
diff --git a/_posts/2023-09-18-security-update-1.5.4-released.md b/_posts/2023-09-18-security-update-1.5.4-released.md
@@ -0,0 +1,14 @@
+---
+layout: article
+title: Security update 1.5.4 released
+tags: releases updates security
+---
+
+We just published a security update to the LTS version 1.5 of Roundcube Webmail.
+It provides a fix to a recently reported XSS vulnerability:
+
+- Cross-site scripting (XSS) vulnerability in handling of linkrefs in plain text messages, reported by Niraj Shivtarkar.
+
+See the full changelog in the release notes in the [release notes](https://github.com/roundcube/roundcubemail/releases/tag/1.5.4) on the Github download page.
+
+We strongly recommend to update all productive installations of Roundcube 1.5.x with this new version.