This is security update to fix a just published vulnerabilty that allows
an attacker to modify its users preferences in a way that he can then read
arbitrary files from the server.
It further contains some other fixes backported from the 0.8 and 0.9 versions
We strongly recommend to update all installations of the 0.7 series if
Roundcube with this new version if updating to 0.8 isn't desired.
- Fixes vulnerability in save-pref command
- Fix XSS vulnerability in handling of text/enriched messages (#1488806)
- Fix compatybility with MDB2 2.5.0b4 (#1488779)
- Fix lower-casing email address on replies (#1488598)
- Fix so subscribed non-existing/non-accessible shared folder can be unsubscribed