- Fixed character wrapping/encoding issues in Japanese translation (#1377622).
Issue is specific to sqBodyWrap() and string function wrappers introduced in
1.5.1.
- - MagicHTML fix for comments in styles.
+ - Security: MagicHTML fix for comments in styles which allowed
+ for cross site scripting when using Internet Explorer
+ [CVE-2006-0195].
- Added 'mail' and 'sn' attributes to address book LDAP backend search
expression (#1368154).
- Added mailbox caching code by Michael Long.
- Prevent output of whitespace during plugin activation. Fixes possible
attachment corruption by incorrectly coded plugins.
- Fixed data sanitizing in calendar plugin (#1291081)(#705796).
- - Prohibit imap injection attempts (reported by Vicente Aguilera)
- - Don't move messages in sqimap_msgs_list_move() functions, when target
+ - Security: Prohibit imap injection attempts (reported by Vicente Aguilera)
+ [CVE-2006-0377].
+ - Don't move messages in sqimap_msgs_list_move() function call, when target
mailbox is same as source mailbox. Adds fifth argument to
sqimap_msgs_list_move() function. Fixes possible issues on MacOS Cyrus
IMAP server (#1409453).
-
+ - Style sheets are moved to template.
+ - displayHtmlHeader() function call sends http headers in order to prevent
+ page caching.
+ - Added Template set selection.
+ - Merged patch from Steve Brown to transform current templates to css
+ based templates.
+ - Added footer template to every page.
+ - Added experimental IMAP and SMTP STARTTLS extension support.
+ - Security: Fix possible cross site scripting through the right_main
+ parameter of webmail.php. This now uses a whitelist of acceptable
+ values. [CVE-2006-0188]
Version 1.5.0 - 2 February 2004
-------------------------------
projects / squirrelmail.git / blobdiff