Include CVE-id in ChangeLog, move Jimmy up in AUTHORS.

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@8662 7612ce4b-ef26-0410-bec9-ea0150e637f0

diff --git a/AUTHORS b/AUTHORS
index 345320d689c55460d1b25785019778325c700439..e6212f16d24347d0659e785c311557cf204d40d5 100644 (file)
--- a/AUTHORS
+++ b/AUTHORS
@@ -11,13 +11,13 @@ THE SQUIRRELMAIL TEAM
    Chris Hilts         <tassium@squirrelmail.org>      http://www.birdbrained.org
    Erin Schnabel       <ebullient@squirrelmail.org>    http://ebullient.haaser.com
    Jonathan Angliss    <jon@squirrelmail.org>
+   Jimmy Conner                <jimmy@sqmail.org>              http://sqmail.org
    Marc Groot Koerkamp <marc@squirrelmail.org>
    Paul Lesneiwski     <pdontthink@angrynerds.com>
    Philippe Mingo      <philippe@squirrelmail.org>     http://mingo.ath.cx
    Seth E. Randall     <sethr@missoulafcu.org>
    Thijs Kinkhorst     <kink@squirrelmail.org>         http://thijs.kinkhorst.nl
    Tomas Kuliavas      <tokul@users.sourceforge.net>   http://www.topolis.lt
-   Jimmy Conner                <jimmy@sqmail.org>              http://sqmail.org
 
  Past Developers, now retired:
  -----------------------------

diff --git a/ChangeLog b/ChangeLog
index 0b0f5ea4f5150e0651bbcd0f9ffc6ee6e825a10a..aa21fa2947c2d6e1d81de561015947abb467eb0f 100644 (file)
--- a/ChangeLog
+++ b/ChangeLog
@@ -65,8 +65,8 @@ Version 1.5.1 -- CVS
   - Give proper error when PEAR DB not found.
   - Remove inappropriate strip_tags() from add-to-addressbook (#968475).
   - Prefs caching didn't work properly with register_globals off (#995102).
-  - Security: fix SQL injection vulnerability in addressbook
-    [CAN-2004-0521].
+  - Security: fix SQL injection vulnerability in addressbook.
+    [CAN-2004-0521]
   - Removed html_top and html_bottom hooks.  No longer used/needed.
   - Added "trailing text" for options built by SquirrelMail (text placed
     after text and select list inputs on options pages)
@@ -174,9 +174,9 @@ Version 1.5.1 -- CVS
   - Fix listcommands plugin to behave like normal reply/compose
     links, and return to message page that originally called from.
   - Max upload file size now correctly handles a '-1' value, meaning
-    unlimited (#1094569). 
+    unlimited. (#1094569).
   - Security: Added hook for Preferences Backend to resolve potential
-    file inclusions
+    file inclusions. [CAN-2005-0075] 
 
 Version 1.5.0
 --------------------
@@ -516,7 +516,7 @@ Version 1.2.6 -- April 29 2002
   - Added a server-side sorting global option
   - Compose in new window size can be set in Display prefs.
   - Logout error system unified.
-  - Security: Fix for a "theme passed as cookie" exploit. [CVE-2002-0516]
+  - Security: Fix for a "theme passed as cookie" exploit. [CAN-2002-0516]
   - PostgreSQL is now supported for database backed use
   - Added user option to sort messages by internal date
   - Changed attachment handling now attachments are adressed to