X-Git-Url: https://vcs.fsf.org/?a=blobdiff_plain;f=ChangeLog;h=5d2f092216c8b62cae836f3858e7350db9d34f07;hb=b49d3e4f81644cd88599615a9991fc009fa386c4;hp=015fcf1d0d5751dd84da449681d24aae24db89fc;hpb=1f270d3ccac30fd2e794923ff9aa0e0f07f59772;p=squirrelmail.git

diff --git a/ChangeLog b/ChangeLog
index 015fcf1d..5d2f0922 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -199,7 +199,7 @@ Version 1.5.2 - SVN
     HTML attachments containing 'data:' URLs, Internet Explorer-specifc
     charset conversion exploits, and request forgery through included
     images. Thanks to Mikhail Markin, Tomas Kuliavas and Michael Jordon
-    for reporting these issues. [CVE-2007-1262]
+    for reporting these issues. [CVE-2007-1262, CVE-2007-2589]
   - Fix busy loop and notice when two literals in IMAP fetch (#1739433).
   - Resolved issue with compose session not being updated after send/save.
   - Added ability to detect HTTP_X_FORWARDED_PROTO in get_location(),
@@ -207,6 +207,24 @@ Version 1.5.2 - SVN
   - Fix test for signout.php in the logged in check in init.php so it
     cannot be circumvented by manipulating the URL. External plugins might
     rely on init.php guaranteeing that the user is logged in.
+  - Sort readdir() output in conf.pl (#1755886).
+  - Made the webmail_top hook work again for plugins that want to change
+    the URI of the "right" frame; plugins have to change the value of the
+    global variable $right_frame_url
+  - No longer store all message composition sessions in the PHP session,
+    since it was not made use of and in rare cases, made sessions too big
+  - Composition restoration functionality now correctly restores attachments
+  - Added smtp_auth hook
+  - Removed "Include CCs when Forwarding Messages", which had no functionality
+    whatsoever.
+  - Added "preselected" query argument to mailbox list.
+  - Make the Message Details plugin actually show the correct entity when
+    viewing details of attached messages.
+  - Enabled user selection of address format when adding from address
+    book during message composition.
+  - Added a "short_open_tag" configuration test.
+  - Fixed outgoing messages to allow addresses such as "0@..." or "000@...", 
+    etc. (#1818398).
 
 Version 1.5.1 (branched on 2006-02-12)
 --------------------------------------