Version 1.5.1 -- CVS
--------------------
- New reply citation to include date and author.
- - Fix quite some possible XSS-bugs.
+ - Fix some possible XSS bugs.
- Norwegian Bokmal translation uses nb_NO.
- Integrated Msg_Flags plugin - turn on/off icons using configuration tool, menu
number 11 (Tweaks), option number 3, after which users must select an icon
as separate plugin.
- Added Farsi and Tagalog translation support.
- Enabled Ukrainian and Russian-Ukrainian support
- - Fix that subfolders named "foo.inbox" didn't always work well.
+ - Subfolders named "foo.inbox" didn't always work well. Fixed.
- sqimap_create_stream() was not obeying passed params properly.
- - Fix non selectable inbox.
+ - Fix non-selectable inbox.
- Add src/configtest.php script which checks for common errors in the config.
- Improve display of some unparsable/absent dates (#891354).
- Add comment (Highest,Normal,Lowest) to X-Priority header.
Some SpamAssassin rule triggers on the absence of such a comment.
- Corrected moving of last message in a folder using Delete-Move-Next
functionality added to core in 1.5.0.
- - Fix test for LOGINDISABLED, should only test when the auth_mech actually
+ - Fix test for LOGINDISABLED, should only test when the auth mech actually
is 'login'.
- Update required PHP version to 4.1.0, and remove PHP 4.0.x legacy code.
- Make writing of preferences, abook, calendars fail better when disk full
- Fixed message rejects by the postfix sendmail wrapper when attachments were
involved.
- Fixed date display bug for messages of today. Show short format in case
- of long format. (only occures in the timeframe around 0:00 AM till
+ of long format. (only occurs in the timeframe around 0:00 AM till
timezone).
- Added address book sorting options. Ascending/descending sorting code
written by Bryan Loniewski.
- Use Special Folder Color config option works again (#931956).
- In POP3-class, be more liberal regarding RFC-incompliant POP3-servers.
- - Disabled Korean extra functions, because they don't provide all required
- options and message composition is broken.
- Added Basque translation support.
- Remove flag buttons / links from display if mailbox doesn't allow it.
- Make used of cached ordered uid list in case of server_side_sorting.
- Rewrite of internal mailbox sorting routines.
- Added sort by message size.
- - Fixed XSS vulnarability in content-type display in the attachment area
+ - Fixed XSS vulnerability in content-type display in the attachment area
of read_body.php discovered by Roman Medina.
+ - Get alternating row colors of addressbook in sync with mailbox list.
+ - Give proper error when PEAR DB not found.
+ - Remove inappropriate strip_tags() from add-to-addressbook (#968475).
+ - Prefs caching didn't work properly with register_globals off (#995102).
+ - Security: fix SQL injection vulnerability in addressbook
+ (CVE ID: CAN-2004-0521).
+ - Removed html_top and html_bottom hooks. No longer used/needed.
+ - Added "trailing text" for options built by SquirrelMail (text placed
+ after text and select list inputs on options pages)
+ - Custom option page values now repopulate correctly
+ - Added "no focus" option for compose page in display preferences (setting
+ reply focus to "No focus" also affects composing new messages)
+ - Current hook name is now globally available when running a hook ($currentHookName)
+ - Fix bug when Saving to Draft folder that contains special characters.
+ - Added size limit to signatures saved in file backend. Created error_option_save
+ function, that allows sending error message to options page. Thanks to Martynas
+ Bieliauskas for spotting big signature "option".
+ - Make SquirrelSpell work with safe_mode enabled, if using PHP >=4.3.0.
+ Patch by Ray Ferguson.
+ - Make IP-address in Message-ID RFC822 compliant.
+ - Uneditable address book entries no longer have checkboxes on addresses page.
+ - Alignment of title text above folder list fixed.
+ - Changed structure of xtra_code functions that are used by some translations.
+ - Added Uighur language support.
+ - Added status bar to compose window when "Compose In New Window" is used.
+ - Reenabled the move_messages_button_action hook and changed its name to
+ mailbox_display_button_action to promote the new location
+ - Making delete button, when viewing a message, consider which page was viewed
+ before.
+ - $agresive_decoding configuration option changed to $aggressive_decoding.
+ Fixed spelling.
+ - Added $lossy_encoding option (provides fix for #806698)
+ - Reenabled use of $default_charset option. Option works only with en_US
+ translation in order to prevent language/charset misconfiguration.
+ - Fixes for nonpopulation of folder lists and errors when emptying the trash
+ (provides fixes for #1019185 and #1017941)
+ - Fixed $custom_css loading in squirrelspell plugin.
+ - Turkish translation uses C character case conversion rules. Fixes php and
+ squirrelmail functions are assume English conversion rules.
+ - Fixed problem that caused an error when deleting all messages on the last page
+ of a paginated view (provides fix for #1014612)
+ - Added MySQL password/UNIX crypt support to mysql backend in the
+ change_password plugin
+ - Make SMTP Authentication detection in conf.pl more RFC-compliant.
+ - Fixed IMAP errors when using mail_fetch plugin to auto-fetch on login.
+ - Fixed folder list in Create Folders list for Courier (properly skip INBOX).
+ - Fixed undefined variables in sqimap_create_stream().
+ - Added Bengali translation support.
+ - Fixed left frame mailbox list when sorting by case.
Version 1.5.0
--------------------
can enable it by setting variable in plugins/spamcop/setup.php
- Fix again for Internet Explorer's stupidity of decoding characters, then
executing it blindly. See http://www.securityfocus.com/archive/1/340118.
- - Replaced obsolate 2mbit.com RBL with ahbl.org RBL. Bug.No.829887
+ - Replaced obsolete 2mbit.com RBL with ahbl.org RBL. Bug.No.829887
- Added a sitewide override for authenticated SMTP - see authentication.txt.
- Fixed sorting of sent_subfolders.
Sent_subfolder plugin is hooked to special_mailbox hook.
- Correctly fold encoded header lines.
- Fix prefs caching not working correctly in PHP 4.3 caused by a stupid
version checking mechanism.
- - Fix XXS hole that allowed JavaScript execution by sending someone
+ - Fix XSS hole that allowed JavaScript execution by sending someone
an email with specially crafted headers. Thanks Jason Munro, and
Masato Higashiyama.