X-Git-Url: https://vcs.fsf.org/?a=blobdiff_plain;f=ChangeLog;h=e98092dd9356e9b8fec2262e95082722e233cef4;hb=ccf3c5cb4e102dacc69e779d8da5765de96af332;hp=512a3b041de97c9cc3045c75d7ea92925b4d3402;hpb=20c79aa7d7c54e642dcd09396daa67bcffd755e9;p=squirrelmail.git diff --git a/ChangeLog b/ChangeLog index 512a3b04..e98092dd 100644 --- a/ChangeLog +++ b/ChangeLog @@ -2,8 +2,11 @@ *** SquirrelMail Devel Series 1.5 *** ************************************* -Version 1.5.1 -- CVS --------------------- +Version 1.5.2 CVS + - + +Version 1.5.1 (branched on 2006-02-12) +-------------------------------------- - New reply citation to include date and author. - Security: Fix some possible XSS bugs. - Norwegian Bokmal translation uses nb_NO. @@ -511,19 +514,53 @@ Version 1.5.1 -- CVS - Fixed character wrapping/encoding issues in Japanese translation (#1377622). Issue is specific to sqBodyWrap() and string function wrappers introduced in 1.5.1. - - MagicHTML fix for comments in styles. + - Security: MagicHTML fix for comments in styles which allowed + for cross site scripting when using Internet Explorer + [CVE-2006-0195]. - Added 'mail' and 'sn' attributes to address book LDAP backend search expression (#1368154). - Added mailbox caching code by Michael Long. - Prevent output of whitespace during plugin activation. Fixes possible attachment corruption by incorrectly coded plugins. - Fixed data sanitizing in calendar plugin (#1291081)(#705796). - - Prohibit imap injection attempts (reported by Vicente Aguilera) - - Don't move messages in sqimap_msgs_list_move() functions, when target + - Security: Prohibit imap injection attempts (reported by Vicente Aguilera) + [CVE-2006-0377]. + - Don't move messages in sqimap_msgs_list_move() function call, when target mailbox is same as source mailbox. Adds fifth argument to sqimap_msgs_list_move() function. Fixes possible issues on MacOS Cyrus IMAP server (#1409453). - + - Style sheets are moved to template. + - displayHtmlHeader() function call sends http headers in order to prevent + page caching. + - Added Template set selection. + - Merged patch from Steve Brown to transform current templates to css + based templates. + - Added footer template to every page. + - Added experimental IMAP and SMTP STARTTLS extension support. + - Security: Fix possible cross site scripting through the right_main + parameter of webmail.php. This now uses a whitelist of acceptable + values. [CVE-2006-0188] + - Disabled display of regexp compilation errors in local_file address + book backend. + - DOCTYPE tags are switched from quirks to standard compliance mode. + - Improved error reporting concerning THREAD, SORT and BADCHARSET. + - Added options to disable THREAD and SORT extension. + - Fixed mailbox cache issues caused by using prev/next links in + read_body.php. + - Added View as HTML support to the SquirrelMail core. + - Fixed bug #550557. + - Applied status cache patch created by Michael Long. + - Updated newmail plugin to make use of status cache (Michael Long) + - Added RECENT check to left_main.php to bold the unseen message string if + there are recent messages. + - Fixed search query in filters.php, now we respect the imap continuation + request (Michael Long). + - Fixed bug in digest message view where the from name disappeared after + opening a digest message. + - Fixed checkall link in case javascript was disabled. + - Rewrite of thread parsing code in order to improve performance. + - Adapted message squisher function to gain performance. + - Fixed bug #1093360, skip untagged NO responses in APPEND query. Version 1.5.0 - 2 February 2004 -------------------------------