projects / squirrelmail.git / blame_incremental
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (non-incremental) | history | HEAD
Added detection of password fields in generic checkForm javascript function
[squirrelmail.git] / ChangeLog
... / ...
CommitLineData
1**************************************
2*** SquirrelMail Stable Series 1.4 ***
3**************************************
4
5Version 1.4.0 CVS
6-------------------
7 - Fixed mail_fetch plugin. Now folder edition defaults to actual value.
8 All settings from other servers are preserved when deleting one.
9 - Added Vietnamese translation.
10 - Fixed the newmail plugin.
11 - Added RECENT response to sqimap_get_status.
12 - Fixed attachment filename resolving.
13 - Added check for X-Confirm-Reading-To to make MDN work for messages sent by Pine.
14 - sqextractGlobalVar removed (use sqgetGlobalVar instead).
15 - Subfolders of Sent and Drafts show To field instead of From
16 - Updates in conf.pl to infamous delete_folder setting, including
17 addition of appropriate default value for courier and UW.
18 - Fix for date/time display in certain timezones.
19 - Fix some features of login.php that are used by some plugins and was broken
20 by register_globals = off.
21 - Added Greek locale. Thanks to George P. Kremmydas
22 <george at kefalonia-ithaki.gr> and Alexandros Vellis <avel at noc.uoa.gr>
23 - Added notes about PHP 4.3.x to documentation.
24 - Fixed \Noselect mailbox detection.
25 - Fixed charset decode of base64 encoded strings.
26 - Fixed encoding of email addresses in our composed messages.
27 - Fixed folder creation for Courier using Autoconfig options.
28 - Fixed encoded string handling inside MDN notifications.
29 - Fixed unfold header routine in imap_messages (for mailbox_display).
30 - Fixed subject_line hook.
31 - Fixed sqgetGlobalVar switching.
32 - Fixed handling of encoding/decoding strings.
33 - Fixed wrong array_slice call for a subset of the headers.
34 - Allow encoded personal names in compose.php.
35 - Improved address parsing of addresses coming from the compose form.
36 - Fixed uninitialized indices when parsing attachments.
37 - Support text/directory MIME-type for vCards (RFC 2425).
38 - Added Arabic locale. Thanks to Asrar Abbasi <asrar at canasoft.net> and
39 Naveed Saqib <naveed.saqib at biznas.com>.
40 - Update required PHP version in documentation to 4.0.6.
41 - Fixed delete_move_next plugin to remember where it moved mail to.
42 - Fixed compose to remember attachments.
43 - Fixed possible XSS in compose when replying to malicious sources.
44 - Add display of the maximum filesize for attachment uploads.
45 - Do not add < and > if an identity doesn't contain a full name.
46 - Fixed bug in parsing Content-Type properties part.
47 - Added move_before_move hook to allow plugins to act upon the different buttons
48 - Fixed bug in Forwarding of Emails (move_messages.php)
49 - Fixed variable spelling error in filters.php
50 - Fixed some operator bugs in compose.php, move_messages.php, and spamcop.php
51
52Version 1.4.0 RC 2a
53-------------------
54 - Fix broken themes box in display options.
55 - Massive overhaul of administrator plugin.
56 - Added new function sqgetGlobalVar to global.php to provide direct access
57 to variables in $_GET, $_POST, $_SESSION, $_COOKIE and $_SERVER.
58 - Patch from O'Shaughnessy Evans <shaug-sqm@wumpus.org> to allow disabled $org_logo
59 - Lots of language/internationalization updates
60 - conf.pl fixes for certain uses of SM_PATH, esp. $signout_page.
61 - SMTP & IMAP auth method "plain" was a misnomer - now corrected to
62 the more accurate name "login" (Plain to be implemented soon).
63 - Fix for compose after search bug. (Closes #662346)
64 - Improved error reporting when sending mail with SMTP.
65 - Changed SquirrelMail identification to use User-Agent instead of X-Mailer.
66 - Prevent endless loop when timezone config is not found. Thanks Joshua Colson.
67 - Fix IMAP error when returning to message from viewing image attachment.
68 - Do more trimming to indented subjects in threadview so they don't wrap.
69 - Trash folder now displays purge link in all cases. (Closes #655943)
70 - Fix typo in delete_move_next plugin which caused php file-handle errors.
71 - Make vCard more liberal in what it accepts (thanks Kurt Pires).
72 - Fix problem with subject encoding when using Japanse.
73 - Move login_form hook to be actually in the login form.
74 - Fix message_details plugin ability to save a raw message.
75 - Try better to get the filename of an attachment.
76 - Deliver_SMTP class now uses HTTP_HOST in SMTP HELO. Should fix DNS
77 issues some people have reported. (Closes #560524)
78 - Obsolete sqm_topdir(), which caused login trouble with installs that
79 have open_basedir restrictions. Thanks Jimmy Connor.
80 - Fix broken abook_take plugin.
81 - Fix HTML errors that caused display problems in NS4.
82 - Correctly fold encoded header lines.
83 - Fix prefs caching not working correctly in PHP 4.3 caused by a stupid
84 version checking mechanism.
85 - Fix XXS hole that allowed JavaScript execution by sending someone
86 an email with specially crafted headers. Thanks Jason Munro, and
87 Masato Higashiyama.
88
89
90Version 1.4.0 RC 1
91------------------
92 - Change the way highlighting rules are stored to make them more reliable and
93 easier to manage.
94 - Reorganization of conf.pl, menu #2
95 - Added CRAM-MD5 and DIGEST-MD5 authentication support for IMAP and SMTP
96 - Experimental TLS support for IMAP and SMTP (requires PHP 4.3.x)
97 - Override settings with config_local.php
98 - Compose form no longer shows attachment options if php file_uploads
99 disabled
100 - Improved bodystructure parsing.
101 - Support for windows-1257 charset.
102 - Optimizations to the number of IMAP calls.
103 - Fix problem with IE6 + iso-8859-13.
104 - Allow Mail Fetch to use a different POP3 server port number.
105 - Force magic_quotes_runtime to be off to avoid problems with this setting.
106 - Introduce check_sm_version function for plugins wanting to know
107 which version of SquirrelMail this is.
108 - Configurable session name to avoid conflicts with other PHP applications.
109 - Miscellaneous fixes for systems with error_reporting set to E_ALL.
110 - Many many other bugfixes and tweaks!
111
112
113*************************************
114*** SquirrelMail Devel Series 1.3 ***
115*************************************
116
117
118Version 1.3.2
119-------------
120 - Rewrite of message delivery related functions.
121 - User interface modifications.
122 - Added Japanese support thanks to Masato HIGASHIYAMA <masato@yamaai-tech.com>
123 - Remove NOOP checks in the POP3 client of mail_fetch to make things more
124 compatible and not break things which don't need to be broken.
125 - Fix src directory being moved on Windows systems, bugs #586518 #605256 #610676.
126 - This release is compatible with installations that have register_globals set to off.
127 - Do not lose user prefs/sigs/abooks when trying to save to a full disk.
128 - Make the SquirrelMail link on the right top configurable so a provider can point
129 to their own FAQ for example.
130 - Enable TZ in safe_mode if safe_mode_allowed_env_vars permits this bug #612148.
131 - Fix some bugs in folder management (create, delete,...) and add enhancements.
132
133Version 1.3.1
134-------------
135 - lots of fixes by Marc, including #596781 and #596930
136
137Version 1.3.0
138-------------
139 - allow_call_time_by_reference=off fixes.
140 - Added forward as attachment in read_body.
141 - Better clean-up of left attachments at login.
142 - Restore compose sessions in case of a expired session.
143 - Added "Display Message" / "Up" links in read_body to navigate in messages with
144 attached messages (message/rfc822).
145 - Don't activate the Send Receipt link when the folder is the Sent folder.
146 - Moved view_header code out of read_body.php and put it in view_header.php.
147 - Open message/rfc822 attachments in read_body what makes it possible to
148 reply to attached messages.
149 - Rewrite of the newMail function in compose.php. This simplifies the
150 interface between read_body.php and compose.php.
151 - Moved compose related code from read_body to compose.
152 - Rewrite of mailbox-display to make it more modular (we use it in search.php).
153 - Added support for displaying multiple entities.
154 - Changed finding display entities.
155 - Extract disposition and xmailer header information in the headerparser
156 instead of request them individualy by an imap-call.
157 - Store message objects in the current session. This saves a lot of imap-calls.
158 - Added UID support.
159 - Store addresses in an object instead of a string.
160 - Rewrite of the bodystructureparser function. Now the message object contains
161 all described parameters in RFC2060.
162 - Introduction of the mime class where all mime related functions are situated
163 - Fixed removing MDN attachments.
164 - Fixed MDN problems with js confirmbox.
165 - Speedimprovements in case we download mime-entities.
166 - Added possibility to extract message/rfc822 attachments and store them as
167 the original message in a folder.
168 - Right to left languages implementation initiated
169 - Enable people with file_uploads = off to still send mail. Patch from Seth
170 E. Randall.
171 - Moved the generic_header hook back to page_header.php. bug #554278
172 - Make default theme work. Bug #557313, thanks Tyler Bannister.
173
174
175Version 1.2.7 -- June 21 2002
176-----------------------------
177 - fix for 'compose as new' link. bug #554886
178 - fix charset format in the admin plugin. bug #550725
179 - fix for errant '.' in default_folder_prefix. bug #551310
180 - fix for folder names with '?' and '*'. bug # 559257, #552180
181 - added the ability to search without the charset argument. #552288
182 - Made /noselect node display optional. bug #554988, patch #452178
183 - Improved support for macosx IMAP server thanks Brian Haun
184 - Added macosx friendly search, thanks Brian Haun bug #553038
185 - Fixed word wrap problems when sending mail. bug #552961, #556143
186 - Added possibility to use multiple compose windows without loss
187 of attachements.
188 - Fixed forward message/rfc822 attachments from a search
189 - Fix SpamCop plugin.
190 - Fixed send MDN link.
191 - Fixed dealing with \r\n and \n in smtp.php.
192 - Fixed to, cc, bcc arrays in message->header
193 - Speed optimizements in generating message-lists.
194 - Fixed loss of attachment with html addressbook.
195 - Fixed saving drafts with attachments
196
197Version 1.2.6 -- April 29 2002
198------------------------------
199 - A complete MagicHTML rewrite since the existing codebase was
200 causing too many XSS problems. Hopefully now Nick Cleaton will
201 leave us alone. :) Testing credits go to Nick.
202 - Fix for cross-site scripting vulnerability (bug #545933)
203 Reported by Nick Cleaton.
204 - Changing "emtpy" to "purge" for more clarity.
205 - Fix for cross-site scripting vulnerability (bug #544658)
206 Reported by Nick Cleaton.
207 - Fix for incorrect word wrap in Opera (bug #495073)
208 - Workaround for older prefs: some of them contain "None" for
209 left_refresh (bug #540108)
210 - Fix for entities in cc and bcc fields on message display (bug #522493)
211 - Fixes for quoted values in the addressbook by David Rees (bug #538389)
212 - Fixed src/src problem (bug #538803)
213 - Fixed so non-ascii searches no longer fail both when searching
214 and when applying filters (bug #520918)
215 - Added POP3 Before SMTP option (feature request: #498428)
216 - Added a server-side thread sorting option per folder
217 - Added a server-side sorting global option
218 - Compose in new window size can be set in Display prefs.
219 - Logout error system unified.
220 - Fix for a "theme passed as cookie" exploit.
221 - PostgreSQL is now supported for database backed use
222 - Added user option to sort messages by internal date
223 - Changed attachment handling now attachments are adressed to
224 unique compose session.
225 - Added forward messages as message/rfc822 attachment
226 - Fixed handling message/rfc822 attachments
227 - Fixed folder list display when special folders have subfolders
228 - Added option to auto-append sig before reply/forward text (523853)
229 - Fixed subfolders being "orphaned" when renaming parents (498167)
230 - Filters can be applied to only new mail.
231 - Filters are updated when renaming/deleting folders (512056)
232 - Filtering now happens on login (filters plugin)
233 - Added option for WIDTH and HEIGHT tags to Org. Logo. (patch #412754)
234 - Fixed resume draft bug #513521, #514639
235 - Newmail plugin: admin can disable the use of audio (patch #517698)
236 - Fixed quoting problem in safe html (patch #516542)
237 - SPAM folder no longer special folder (filters plugin)
238 - Filtering now happens on folder list refresh (filters plugin)
239 - Added checking of input of the folders page
240 - Made erronous deleting of folders harder (patch #514208)
241 - Made SquirrelMail display \Noselect nodes in Cyrus also made it
242 impossible to try to delete \Noselect nodes. (patch #452178)
243 - SquirrelSpell version 0.3.8 -- pretty configuration error reporting
244 added by popular demand.
245 - Improved the handling of IMAP [PARSE] messages to reduce retrieval error.
246 - Fixed small bug in handeling timezone (bug #536149).
247 - MDN message now RFC compatible (bug #537662).
248 - Fixed html tables in printer_friendly_bottom.php (patch #542367), and
249 make it so that printer friendly uses black-on-white colors in stead
250 of the theme colors.
251 - Fixed return address of MDN receipts when having multiple identities
252 (patch #530139).
253
254Version 1.2.5 -- 22 February 2002
255---------------------------------
256 - Multiple mailbox list calls cached.
257 - Added 'View unsafe images' link to the bottom of pages which contain
258 unsafe images.
259 - Fixed 'too many close table tags' and various other issues
260 which meant SM output didn't always validate as clean HTML.
261 - Added the ability to add special folders through plugins.
262 - Added an Always compose in a pop-up window option.
263 - Search page update with ability to save searches and search
264 all folders at once.
265 - Made searching on multiple criteria possible, with thanks to Jason Munro
266 - Fixed 'list all' in addressbook (#506624, thanks to Kurt Yoder)
267 - Fixed small bugs in db_prefs
268 - Allowed SquirrelMail to work from within a frame, eg. not using _top
269 this is configureable. (thanks to Simon Dick)
270 - Added options to conf.pl to enable automated plugin installation:
271 ./conf.pl --install-plugin <pluginname>. This allows plugins to be
272 distributed in packages. Conf.pl now also reports when saving fails.
273 - Attachment hooks now also allow specification of generic rules like
274 text/* which will be used when no specific rule is available.
275 - conf.pl can now configure database backed address books and
276 preferences.
277 - Version 0.3.7 of SquirrelSpell. Fixes a potential privacy
278 vulnerability (symlink attack), plus introduces formatting fixes
279 and javadoc-style comments.
280 - Bugfix in mailfetch reported by Mateusz Mazur
281 - Administrator plugin. A web based conf.pl replacement.
282 - Removed GLOBALS from conf.pl
283 - HTML messages optimization.
284 - Added support for requesting read receipts (MDN) and delivery receipts.
285 - Added the ability to stop users changing their names and email addresses.
286 - Added signature into multiple identities (Stefan Meier <Stefan.Meier@cimsource.com>)
287 - Updated user help files to reflect UI chanegs and added functionality.
288
289Version 1.2.4 -- 25 January 2002
290--------------------------------
291 - Fixes a nasty remote arbitrary command execution vulnerability
292 in the spellchecker plugin.
293
294Version 1.2.3 -- 21 January 2002
295--------------------------------
296 - Fixed focus system on pages that contain forms.
297 - Fixed IMAP code to send different command identifiers as per
298 section 2.2.1 of RFC 2060.
299 - Fixed 'sticky priority' so that replies are set to the same
300 priority as the original message.
301 - Fixed Printer Friendly to print HTML messages.
302 - Fixed multiple receivers in Sent mailbox (#500910).
303 - Disabled prefs caching under PHP 4.1
304 - Added "Search Memory". Enabling to store up to
305 9 predefined searchs.
306 - Increased security in html message.
307 - Added the possibility to specify system-defined css in order to
308 allow users to change the font family and size of SM. Making possible to
309 make it bigger or smaller depending on their screen size. Sysops may add
310 or remove these system-defined css located in themes/css/
311 - Fixed a bug appearing on some apache virtual hosts
312 - Fixed javascript error (#505255)
313 - Fixed the db_prefs so they work again (#499609, thanks to Simon Dick)
314
315Version 1.2.2 -- 1 January 2002
316-------------------------------
317
318 - Fixed an infinite loop in printer friendly when wrapping option
319 is not in the prefs.
320 Bug reported by Boris Manojlovic <steki@verat.net>
321 - Html cleanup, with patch from Dave Huang (#496712)
322 - Fixed a problem saving prefs when using PHP 4.1
323 - Russian, Thai, Swedish, Dutch and French update.
324 - Changed configure invocation from bash to sh. (Bug #496752)
325 - Changed conf.pl invocation from '#!/usr/bin/perl' to
326 '#!/usr/bin/env perl' to help people who have perl somewhere
327 else. (Bug #496753)
328 - Fixed sorting of folder list, bug #497181
329 - Fixed wrong behavior of non-javascript select all, bug #496681
330 - Added "Show Pages" link to message list showing all messages
331 (the resultant page of clicking "Show All")
332 - i18n Fix. Because of different configurations in the gettext system,
333 some installations could not manage correctly SM languages other than
334 English. This has been corrected.
335 - Miscellaneous rewrites and improvements.
336 - Moved locale files into the ISO-conformant directories.
337 - Moved help files into the ISO-conformant directories.
338 - Moved compilepo and mergepo files from locale/ into po/
339 - Slight i18n fixes and rewrites to accommodate for moved files.
340 - Fixes for entities in the subject when replying.
341 - Fixes for entities in the To: header. (Bug #489365)
342 - Fix for incorrect javascript prefs handling (Bug #497688)
343 - Added color 15 for themes to separate background and foreground colors.
344 - Added several new themes.
345
346Version 1.2.1 -- 25 December 2001
347---------------------------------
348
349 - Fixed the bug that kept the create, delete, and rename sections
350 from appearing in the folders page (#496604)
351 - Fixed the motd bug not allowing ' (#496616)
352 - Sorting of addressbook_search fixed, thanks to the patch of
353 Cor Bosman (xs4all)
354
355Version 1.2.0 -- 25 December 2001
356---------------------------------
357
358 - Collapsible Folders
359 - The Paginator!!!
360 - Hundreds of UI Tweaks
361 - Message Drafts
362 - Rewrite of much of the options pages
363 - Multiple identities
364 - Reply Citations
365 - Better Attachment Handling
366 - Integration of Several Plugins into Core Code (including xmailer,
367 attachment_common, paginator, priority, printer_friendly, sqclock)
368 - Ability to mark messages as Read/Unread
369 - New themes (including a Christmas theme, and several changing themes)
370 - Rewrite of much of the options pages code
371 - Improved support for newer versions of PHP
372 - Message lists can be shown with alternating colors for easier reading
373 - Can include/exclude yourself when using the "Reply All"
374 - Message highlighting comes with dozens more easily accessable colors.
375 - Option to set the "Priority" of the message(Normal/High/Low)
376 - Now able to show all messages of an inbox at the same time.
377 - Cleanup of the paginator code, improving display style
378 - Cleanup of configuration file code, a bit
379 - Introduction of sent_subfolders plugin as Official Plugin
380 - Bugfixes..and more Bugfixes!
381
382
383***************************************************************
384*** Squirrelmail Development Series 1.1 and 1.1 Pre-Releases ***
385****************************************************************
386
387Version 1.2.0-rc3 -- 2 December 2001
388------------------------------------
389 - Speed improvements and optimizations on much of the code
390 - Comments added, formatting cleaned up for much of the code
391 - Several plugins integrated into the Squirrelmail core
392 (focus change, attachment common, printer friendly, etc)
393 - Several plugins added as "Official Plugins" to the main
394 Squirrelmail distribution
395 - First half of a rewrite of the option pages code
396 - The Paginator!!!
397 - Other stuff that I don't recall (developers, please fill this in!)
398
399Version 1.1.3 -- (never really released)
400----------------------------------------
401 - Added major speed improvements to IMAP functions by our
402 friends at XS4ALL
403 - Fixed MOTD
404 - Fixed multipart/alternative messages
405 - Updated Dutch translation
406 - Added Indonesian translation
407 - Added Portuguese (Portugal) translation
408 - Added language aliasing
409 - Added Turkish translation
410
411Version 1.1.2 -- May 21, 2001
412-----------------------------
413 - Many bugs squashed
414 - Several UI tweaks and improvements
415 - Added option (3 -> 14 in conf.pl) to auto create sent and trash folders.
416 - Updated Czech translation
417 - Support for multiple identities
418 - Support for Russian Apache removed. It is now deemed easier to just
419 turn off Charset Recoding in the Russian Apache config. See the file
420 doc/README.russian_apache
421
422Version 1.1.1 -- April 30, 2001
423-------------------------------
424 - Added built-in support for gettext if compiled support isn't available
425 - Made validate.php include a few more standard things
426 - Corrected a bug when sending an email properly
427
428Version 1.1.0 -- April 21, 2000
429-------------------------------
430 - Added option to have signout page redirect to another page (patch from
431 Scott Bronson) This can be configured in conf.pl (Org Prefs)
432 - Much improved SMTP error handling (patch from Jeff Evans)
433 - Preferences are now cached instead of read in every page load.
434 - Improved URL parser
435 - Added ability to read HTML messages by default instead of plain text
436 (Display Options)
437 - Added authenticated SMTP server support (configure in conf.pl)
438 - Rewrote attachment handling code in compose.php
439 - If aliases are typed in To, Cc, or Bcc, they are automatically looked up
440 in the addressbook and converted to the associated addresses.
441 - Added collapseable folder listing (an option that can be turned on in
442 Folder Options)
443 - Added alternating row colors to improve interface (Display Options)
444
445
446**************************************
447*** Squirrelmail Stable Series 1.0 ***
448**************************************
449
450Version 1.0.6 -- April 19, 2001
451-------------------------------
452 - Reworked validation for each page. It's now standardized in validate.php
453 - Fixed login bug that resulted from 1.0.5 security updates
454 - Fixed plugin incompatibilities that were introduced in 1.0.5
455 - Added more security checking to preference saving/loading
456 - Updated German translation (thanks to Ronald Bauerschmidt <rb@debian.org>)
457 - Updated Finnish help files
458
459Version 1.0.5 -- April 17, 2001
460-------------------------------
461 - MAJOR security issues addressed. Please upgrade as soon as possible.
462 - Downloading attachments should work better due to a tip by Ray Black III.
463 - Fixed bug with drop-down folder list not containing INBOX
464 - Added Swedish help files Teemu Junnila <teejun@vallcom.com>
465 - Added Italian help files Antonetti Roberto <antonr@piceniaweb.com>
466
467Version 1.0.4 -- April 9, 2001
468------------------------------
469 - Fixed some bugs with folder creation
470 - Security fix for UW IMAP server to disallow folder paths outside of
471 $folder_prefix
472 - Some problems with header encoding/decoding fixed
473 - Made subject column take up whatever width is available
474 - Added bcc to html addressbook search
475
476Version 1.0.3 -- March 9, 2001
477------------------------------
478 - Many i18n enhancements/fixes
479 - Fixed bug with default theme path being set incorrectly
480 - Fixed problem when sending/forwarding multiple attachments
481 - Made folder drop-down list consistant in look to the other drop-downs
482 - Fixed problem where some attachment filenames would not be displayed
483 - Added Finnish help files by Teemu Junnila <teejun@vallcom.com>
484 - Updated Norwegian translation
485 - Updated Brazillian Portuguise translation
486
487Version 1.0.2 -- February 8, 2001
488---------------------------------
489 - Added a workaround for RedHat's 4.0.4pl1-3 binary package (It's also
490 the same workaround for Konqueror and other PHP installations?)
491 - Select All works through the search
492 - Better escaped string handling from POST variables
493 - Many more code cleanups and optimizations
494 - Added Hungarian translation by Teemu Junnila <teejun@vallcom.com>
495