815d9ba0 |
1 | /***************************************************************** |
f7cd8eb4 |
2 | * Release Notes: SquirrelMail 1.5.1 * |
3 | * The "Fire in the Hole" Release * |
4 | * 2006-02-19 * |
5 | *****************************************************************/ |
6 | |
7 | WARNING. If you can read this, then you are reading file from 1.5.1cvs and not |
8 | final release notes. |
9 | |
10 | |
815d9ba0 |
11 | |
a67a0f59 |
12 | In this edition of SquirrelMail Release Notes: |
ef1932a4 |
13 | * All about this Release! |
3eb34ffd |
14 | * Major updates |
f7cd8eb4 |
15 | * Security updates |
16 | * Plugin updates |
17 | * Possible issues |
18 | * Backwards incompatible changes |
19 | * Data directory changes |
20 | * Reporting my favorite SquirrelMail bug |
a67a0f59 |
21 | |
ef1932a4 |
22 | All about this Release! |
23 | ======================= |
815d9ba0 |
24 | |
f7cd8eb4 |
25 | This is the second release of our new 1.5.x-series, which is a |
bb91e60d |
26 | DEVELOPMENT release. |
f11c804f |
27 | |
bb91e60d |
28 | See the Major Updates section of this file for more. |
a23d0264 |
29 | |
ef1932a4 |
30 | |
3eb34ffd |
31 | Major updates |
32 | ============== |
f7cd8eb4 |
33 | Rewritten IMAP functions and added extra data caching code. Internal sorting |
34 | functions should be faster than code used in SquirrelMail 1.5.0 and older |
35 | versions. Data caching should reduce number of IMAP calls in folder management |
36 | and mailbox status functions. |
37 | |
38 | Own gettext implementation replaced with PHP Gettext classes. Update adds |
39 | ngettext and dgettext support. |
40 | |
41 | Templates, css and error handler. |
42 | |
43 | Own cookie functions |
44 | |
45 | Updated wrapping functions in compose. |
46 | |
47 | |
48 | Security updates |
49 | ================ |
50 | |
51 | This release contains security fixes applied to development branch after 1.5.0 |
52 | release. |
53 | CVE-2004-0521 - SQL injection vulnerability in address book. |
54 | CVE-2004-1036 - XSS exploit in decodeHeader function. |
55 | CVE-2005-0075 - Potential file inclusion in preference backend selection code. |
56 | CVE-2005-0103 - Possible file/offsite inclusion in src/webmail.php. |
57 | CVE-2005-0104 - Possible XSS issues in src/webmail.php. |
58 | CVE-2005-1769 - Several cross site scripting (XSS) attacks. |
59 | CVE-2005-2095 - Extraction of all POST variables in advanced identity code. |
60 | |
61 | |
62 | Plugin updates |
63 | ============== |
64 | Added site configuration options to filters, fortune, translate, newmail, |
65 | bug_report plugins. Improved newmail and change_password plugins. |
66 | |
67 | SquirrelSpell data storage |
68 | |
69 | |
70 | Possible issues |
71 | =============== |
72 | Cookies |
73 | Plugins (changes in hooks and IMAP API) |
74 | IMAP sorting/threading |
75 | |
76 | Backward incompatible changes |
77 | ============================= |
78 | Index order options are modified in 1.5.1 version. If older options are |
79 | detected, interface upgrades to newer option format and deletes old options. |
3eb34ffd |
80 | |
f7cd8eb4 |
81 | In 1.5.1 version SquirrelSpell user dictionaries are saved with generic |
82 | SquirrelMail data functions. Code should copy older dictionary, if dictionary |
83 | version information is not present in user preferences. Once dictionary is |
84 | copied, <username>.words files are obsolete and no longer updated. |
a23d0264 |
85 | |
f7cd8eb4 |
86 | If same data directory is used with other backwards incompatible version, older |
87 | SquirrelMail version can lose some user preferences or work with outdated data. |
368ab966 |
88 | |
89 | Data directory |
90 | ============== |
91 | |
f7cd8eb4 |
92 | The directory data/ used to be included in our tarball. Since placing this dir |
93 | under a web accessible directory is not very wise, we've decided to not pack it |
94 | anymore; you need to create it yourself. Please choose a location that's safe, |
95 | e.g. somewhere under /var. |
368ab966 |
96 | |
97 | |
f7cd8eb4 |
98 | Reporting my favorite SquirrelMail bug |
99 | ====================================== |
a23d0264 |
100 | |
f7cd8eb4 |
101 | We constantly aim to make SquirrelMail even better. So we need you to submit |
102 | any bug you come across! Also, please mention that the bug is in this 1.5.1 |
103 | release, and list your IMAP server and webserver details. |
a67a0f59 |
104 | |
105 | http://www.squirrelmail.org/bugs |
106 | |
f7cd8eb4 |
107 | Thanks for your cooperation with this. That helps us to make sure nothing slips |
108 | through the cracks. Also, it would help if people would check existing tracker |
109 | items for a bug before reporting it again. This would help to eliminate |
110 | duplicate reports, and increase the time we can spend CODING by DECREASING the |
111 | time we spend sorting through bug reports. And remember, check not only OPEN |
112 | bug reports, but also closed ones as a bug that you report MAY have been fixed |
113 | in CVS already. |
a67a0f59 |
114 | |
f7cd8eb4 |
115 | If you want to join us in coding SquirrelMail, or have other things to share |
116 | with the developers, join the development mailing list: |
a67a0f59 |
117 | |
a23d0264 |
118 | squirrelmail-devel@lists.sourceforge.net |
815d9ba0 |
119 | |
0ca033d5 |
120 | |
ef1932a4 |
121 | About Our Release Alias |
122 | ======================= |
123 | |
f7cd8eb4 |
124 | This release is labeled the "Fire in the Hole" release. "Fire in the hole" is |
125 | a phrase used to warn of the detonation of an explosive device. The phrase may |
126 | have been originated by miners, who made extensive use of explosives while |
127 | working underground. |
128 | |
129 | Release is created in order to get fixed package after two years of development |
130 | in HEAD branch. Package contains many experimental changes. Changes add new |
131 | features, that can be unstable and cause inconsistent UI. If you want to use |
132 | stable code, you should stick to SquirrelMail 1.4.x series. If you find issues |
133 | in this package, make sure that they are still present in latest development |
134 | code snapshots. |
ef1932a4 |
135 | |
815d9ba0 |
136 | Happy SquirrelMailing! |
137 | - The SquirrelMail Project Team |