- Added new scheme to allow multiple plugins to share the onsubmit handler
for the compose form from the compose_form hook. See plugin.txt for more
information.
+ - Support for LIST-SUBSCRIBED extension. This speeds up the retrieval of
+ the subscribed mailbox-list.
+ - Properly clean up temporary attachment files when saving as Draft
+ (#1358407) and fix attachment cleaning code on logout.
+ - Fixed error message in addressbook.php lookup (#1351825).
+ - Fixed incorrect curly escape in sqimap_append(). Error triggered by PHP 5.1
+ bugfix (#1366982).
+ - Fixed ContentType object check in Rfc822Header class. E_NOTICE error
+ in PHP 5.1.
+ - Key value being overwritten by reuse of var in filters plugin.
+ - Add doc/security.txt with some hints for a more secure installation.
+ - Added sqauth_read_password() and sqauth_save_password() functions.
+ - Unset global GET, POST and COOKIE variables registered in PHP
+ register_globals=on setups.
+ - Capabilities array now contains all multivalue information provided
+ by the IMAP server. (Such as THREAD=SORT, THREAD=REFERENCES).
+ - Inclusion of Compatibility plugin automatic (no patch needed for plugin)
+ - Moved sqm_baseuri() into more centralized location (strings.php)
+ - Introduced $sendmail_args configuration variable in order to control
+ /usr/sbin/sendmail command arguments (#1365779). Deliver_SendMail class was
+ modified to provide support of $sendmail_args. Modifications broke backwards
+ compatibility with qmail-inject workarounds.
+ - Added execution error handling in Deliver_SendMail class (#1374174).
+ - Sanitized Draft folder error message in compose.
+ - Fixed character wrapping/encoding issues in Japanese translation (#1377622).
+ Issue is specific to sqBodyWrap() and string function wrappers introduced in
+ 1.5.1.
+ - Security: MagicHTML fix for comments in styles which allowed
+ for cross site scripting when using Internet Explorer
+ [CVE-2006-0195].
+ - Added 'mail' and 'sn' attributes to address book LDAP backend search
+ expression (#1368154).
+ - Added mailbox caching code by Michael Long.
+ - Prevent output of whitespace during plugin activation. Fixes possible
+ attachment corruption by incorrectly coded plugins.
+ - Fixed data sanitizing in calendar plugin (#1291081)(#705796).
+ - Security: Prohibit imap injection attempts (reported by Vicente Aguilera)
+ [CVE-2006-0377].
+ - Don't move messages in sqimap_msgs_list_move() function call, when target
+ mailbox is same as source mailbox. Adds fifth argument to
+ sqimap_msgs_list_move() function. Fixes possible issues on MacOS Cyrus
+ IMAP server (#1409453).
+ - Style sheets are moved to template.
+ - displayHtmlHeader() function call sends http headers in order to prevent
+ page caching.
+ - Added Template set selection.
+ - Merged patch from Steve Brown to transform current templates to css
+ based templates.
+ - Added footer template to every page.
+ - Added experimental IMAP and SMTP STARTTLS extension support.
+ - Security: Fix possible cross site scripting through the right_main
+ parameter of webmail.php. This now uses a whitelist of acceptable
+ values. [CVE-2006-0188]
Version 1.5.0 - 2 February 2004
-------------------------------
- Integration of delete_move_next plugin into core.
- Compression of buttons/headers for message index and message body
- New option to save replies in the same folder as the original message.
+ - Remove possible unneeded IMAP call for NAMESPACE if it was saved in the
+ session (suggestion by Michael Long).
**************************************