X-Git-Url: https://vcs.fsf.org/?a=blobdiff_plain;ds=sidebyside;f=ChangeLog;h=fa27d3384367ff676255cf9fb8f2d249e2f4def5;hb=72598e90569f12e8ee6f96542411e815152ebd13;hp=42cae76f8b93436b0b942274c8d02bb225a545c8;hpb=432db2fc4af6edc726e9a52f023cd3bd1d664667;p=squirrelmail.git diff --git a/ChangeLog b/ChangeLog index 42cae76f..fa27d338 100644 --- a/ChangeLog +++ b/ChangeLog @@ -63,6 +63,9 @@ Version 1.5.1 -- CVS - Added sort by message size. - Security: Fixed XSS vulnerability in content-type display in the attachment area of read_body.php discovered by Roman Medina. + - Removed src/move_messages.php, move_before_move and move_messages_button_action + hooks. Mailbox listing actions should be handled by src/right_main.php and + functions/mailbox_display.php hooks. - Get alternating row colors of addressbook in sync with mailbox list. - Give proper error when PEAR DB not found. - Remove inappropriate strip_tags() from add-to-addressbook (#968475). @@ -80,8 +83,7 @@ Version 1.5.1 -- CVS - Fix bug when Saving to Draft folder that contains special characters. - Added size limit to signatures saved in file backend. Created error_option_save function, that allows sending error message to options - page. Thanks to Martynas. - Bieliauskas for spotting big signature "option". + page. Thanks to Martynas Bieliauskas for spotting big signature "option". - Make SquirrelSpell work with safe_mode enabled, if using PHP >=4.3.0. Patch by Ray Ferguson. - Make IP-address in Message-ID RFC822 compliant. @@ -346,8 +348,91 @@ Version 1.5.1 -- CVS $hide_auth_header options. First option allows to encode user's information with provided encryption key (set in 2. Server settings -> B. Update SMTP / Sendmail settings). Second option allows to disable authenticated user part - in Received: header, when user can't force used email address. It is set in + in Received: header, when user can't forge used email address. It is set in 4. General Options -> 9. Allow editing of identity. + - Added dovecot preset to configuration utility. + - Modified mercury32 preset in order to remove INBOX prefix in mercury32 4.01. + - Added peardb backend to change_password plugin. + - Tweak IMAP connection error display (#1203154). + - Gracefully recover from over quota error while sending a mail (#1145144). + - Fix get_identities() for the case where the user has not set an email + address: use the fallback $username@$domain that's used in compose aswell. + - Fix "Include me in CC on Reply All" for the case where email address was + not set in the prefs (#781202, #1093363). + - Move documentation for SquirrelMail developers to doc/Development. + - Added id attribute support to form functions. It can be used for Section + 508 or WAI fixes. Original idea and patch by dugan passwall.com. + - Fixed broken attachments caused by inconsistency of PHP chunk_split(). + Thanks to Roalt Zijlstra. + - Identity code was not checking for domain part in username before setting + email address (Bug #1219184). + - Disallow access to the administrator plugin screens when the plugin is + not enabled in the config. + - Security: fix several cross site scripting (XSS) attacks. Thanks go to + Martijn Brinkers for finding a lot of these. [CAN-2005-1769] + - Update COPYING with new address of the FSF. + - Fixed missing quote character when trying to build cid: urls. + - Added address listing functions and listing controls to address + book LDAP backend. Blocked wildcard searches in file and database + backends when listing is disabled (#529563). + - Some LDAP address book backend configuration options (listing + controls, filtering, scope limit) are moved to 'advanced + configuration' subsection. + - Javascript relied on rg=1 in the login page to force focus to + password box if username was supplied as a url arg (#1222617). + - Fix variable typo in parseFetch which caused IMAP errors on Exchange. + Thanks Christian Froemmel. + - Added Bluesome theme by Saku Lehtiö (#1188209). + - Rewrite of advanced identity handlying to remove stupid extraction + of all post variables. [CAN-2005-2095] + - Added StartTLS support to address book LDAP backend (#1197703). Patch + by John Lane. + - Added subtree/one level search options to address book LDAP backend + (#1212618). + - Added Simple Green 2 and Simple Purple themes by Vicky Pyne (#1217066 + and #1217069). + - sqimap_messages_delete|copy|flag and sqimap_get_small_header() + functions are removed from SquirrelMail IMAP API. Use sqimap_msgs_* + and sqimap_get_small_header_list() functions instead. + - Fix for bad cache on massive expunge/delete/move operations. + - Moved time zone configuration from locale/timezones.cfg to php array. + Adds time zone name localization options and fixes problems on systems + that don't support GNU C time zone mappings (#1177067). + - Use default color theme in logout_error function when possible. + - Fixes for increased error checking in PHP 5.1 array_shift() (#1237160). + - Added extra checks in delivery class for In-Reply-To header. Fixes + E_NOTICE level warnings in php 5.0.4 and later (#1206474). [php5] + - Added extra checks in SquirrelMail charset_encode() function in case + somebody removes HTML to US-ASCII conversion library (#1239782). + - Fixed invalid reference in src/download.php. E_NOTICE level warnings + could corrupt attachments in php 4.4.0. + - Added internal dgettext() and dngettext() functions. + - Added display of attachments on printer friendly page. + - Added custom error handling class and related functions. + - Added option to disable upload of sounds in newmail plugin. + - Removed full URL from sound file preferences in newmail plugin + (#1233530). + - Stripped BaseDN from nicknames in address book's ldap_server backend. + - Fixed error handling in SquirrelSpell plugin. sprintf and gettext + formating errors in check_me.mod. Reported by Edward Chapman. + - Translations are loaded automatically from locale//setup.php + files (#1240889). + - Allow configure to be ran from any directory, thanks Ceri Davies. + - Removed $available_languages configuration option. List is limited to + installed translations. Similar feature is implemented in limit_languages + plugin. + - Don't load plugins/administrator/auth.php during plugin initiation. + - Removed function references from address book database backend class, + list_addr(), lookup() and search() functions. Referenced lookup() + function caused E_NOTICE warnings in php 4.4.0. Reported by Cor Bosman. + - Test to ensure folder exists before attempting to delete it, otherwise + IMAP server will return an error. + - Added $save_html argument to charset_decode() function in order to be + able to convert html formated mails to different character set. Initial + patch by Peter Draganov (#1195232). Fixed display of html formated emails + in formatBody() function (#1258925). + - login_form hook changed from do_hook to concat_hook_function in order to + place form elements before login button (#1245070). Version 1.5.0 - 2 February 2004 -------------------------------