projects / squirrelmail.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
- Security: close cross site scripting vulnerability in draft, compose
[squirrelmail.git] / ChangeLog
diff --git a/ChangeLog b/ChangeLog
index 9c9b99bc5c395860eb474071a00b2926ba4249c0..070071e40488329baa633f47328413b0c3f1d377 100644 (file)
--- a/ChangeLog
+++ b/ChangeLog
@@ -159,6 +159,10 @@ Version 1.5.2 - CVS
   - Add support for SpamAssassin's X-Spam-Status header (#1589520).
   - Added plugin on/off switch, which completely disables all plugins
     (optionally for one named user, otherwise for all users).
+  - Security: close cross site scripting vulnerability in draft, compose
+    and mailto functionality [CVE-2006-6142].
+  - Security: work around an issue in Internet Explorer that would guess
+    the mime type of a file based on contents, not Content-Type header.
 
 Version 1.5.1 (branched on 2006-02-12)
 --------------------------------------
Unnamed repository; edit this file 'description' to name the repository.