written by Bryan Loniewski.
- Use Special Folder Color config option works again (#931956).
- In POP3-class, be more liberal regarding RFC-incompliant POP3-servers.
+ - Set up language before outputing errors in auth.php to make them appear in
+ the correct language.
- Added Basque translation support.
- Remove flag buttons / links from display if mailbox doesn't allow it.
- Make used of cached ordered uid list in case of server_side_sorting.
- Give proper error when PEAR DB not found.
- Remove inappropriate strip_tags() from add-to-addressbook (#968475).
- Prefs caching didn't work properly with register_globals off (#995102).
- - Security: fix SQL injection vulnerability in addressbook
- [CAN-2004-0521].
+ - Security: fix SQL injection vulnerability in addressbook.
+ [CAN-2004-0521]
- Removed html_top and html_bottom hooks. No longer used/needed.
- Added "trailing text" for options built by SquirrelMail (text placed
after text and select list inputs on options pages)
- Prevent & being eaten in set_url_var, thanks Marcin Orlowski. Fixes #1053725.
- Removed internal_link hook.
- Added sq_setlocale function in order to use multiple locale names.
+ - Set up language before outputing errors in signout.php to make them appear
+ in the correct language.
- Added size attributes to new_mail sound tags. Fixes #818958.
- Removed extra ; in SquirrelMail added Received header per RFC 822. Fixes #1088548.
- Add IMAP server type "hmailserver" to make search work with hMailServer.
option.
- Changing your JavaScript preference required a re-login to work.
Fixes #983614.
+ - Fix listcommands plugin to behave like normal reply/compose
+ links, and return to message page that originally called from.
+ - Max upload file size now correctly handles a '-1' value, meaning
+ unlimited. (#1094569).
+ - Security: Added hook for Preferences Backend to resolve potential
+ file inclusions. [CAN-2005-0075]
+ - Remove Printer Friendly Clean Display config option, the cleaning
+ is now always done.
+ - Create new Options section "Compose Preferences" and move some
+ options from Display Preferences there; also move some around within
+ Display Preferences.
+ - Security: Fix possible file/offsite inclusion in src/webmail.php.
+ [CAN-2005-0103]
+ - Security: Fix possible XSS issues in src/webmail.php. [CAN-2005-0104]
+ - Fix undefined variables in src/webmail.php.
+ - 24hr clock format should include a leading 0.
+ - Removed numeric keys for plugin array in config.php
Version 1.5.0
--------------------
- Added a server-side sorting global option
- Compose in new window size can be set in Display prefs.
- Logout error system unified.
- - Security: Fix for a "theme passed as cookie" exploit. [CVE-2002-0516]
+ - Security: Fix for a "theme passed as cookie" exploit. [CAN-2002-0516]
- PostgreSQL is now supported for database backed use
- Added user option to sort messages by internal date
- Changed attachment handling now attachments are adressed to
projects / squirrelmail.git / blobdiff