X-Git-Url: https://vcs.fsf.org/?a=blobdiff_plain;f=ChangeLog;h=b3a2be6be1babdc179738ddcb8c736dfcee89fa3;hb=796f91d93100118bfa85d4256c8cd5023394d0b3;hp=eb7b6c42a05c313b6937952c28a3fb465264ec5e;hpb=5b97257cacef26dd691216fc2ae6ae42d0a7c776;p=squirrelmail.git diff --git a/ChangeLog b/ChangeLog index eb7b6c42..b3a2be6b 100644 --- a/ChangeLog +++ b/ChangeLog @@ -54,8 +54,6 @@ Version 1.5.1 -- CVS written by Bryan Loniewski. - Use Special Folder Color config option works again (#931956). - In POP3-class, be more liberal regarding RFC-incompliant POP3-servers. - - Disabled Korean extra functions, because they don't provide all required - options and message composition is broken. - Added Basque translation support. - Remove flag buttons / links from display if mailbox doesn't allow it. - Make used of cached ordered uid list in case of server_side_sorting. @@ -64,6 +62,29 @@ Version 1.5.1 -- CVS - Fixed XSS vulnerability in content-type display in the attachment area of read_body.php discovered by Roman Medina. - Get alternating row colors of addressbook in sync with mailbox list. + - Give proper error when PEAR DB not found. + - Remove inappropriate strip_tags() from add-to-addressbook (#968475). + - Prefs caching didn't work properly with register_globals off (#995102). + - Security: fix SQL injection vulnerability in addressbook + (CVE ID: CAN-2004-0521). + - Removed html_top and html_bottom hooks. No longer used/needed. + - Added "trailing text" for options built by SquirrelMail (text placed + after text and select list inputs on options pages) + - Custom option page values now repopulate correctly + - Added "no focus" option for compose page in display preferences (setting + reply focus to "No focus" also affects composing new messages) + - Current hook name is now globally available when running a hook ($currentHookName) + - Fix bug when Saving to Draft folder that contains special characters. + - Added size limit to signatures saved in file backend. Created error_option_save + function, that allows sending error message to options page. Thanks to Martynas + Bieliauskas for spotting big signature "option". + - Make SquirrelSpell work with safe_mode enabled, if using PHP >=4.3.0. + Patch by Ray Ferguson. + - Make IP-address in Message-ID RFC822 compliant. + - Uneditable address book entries no longer have checkboxes on addresses page. + - Alignment of title text above folder list fixed. + - Changed structure of xtra_code functions that are used by some translations. + - Added Uighur language support. Version 1.5.0 -------------------- @@ -268,7 +289,7 @@ Version 1.4.0 RC 2a - Correctly fold encoded header lines. - Fix prefs caching not working correctly in PHP 4.3 caused by a stupid version checking mechanism. - - Fix XXS hole that allowed JavaScript execution by sending someone + - Fix XSS hole that allowed JavaScript execution by sending someone an email with specially crafted headers. Thanks Jason Munro, and Masato Higashiyama.