Thanks to Roalt Zijlstra.
- Identity code was not checking for domain part in username before setting
email address (Bug #1219184).
-
+ - Disallow access to the administrator plugin screens when the plugin is
+ not enabled in the config.
+ - Security: fix several cross site scripting (XSS) attacks. Thanks go to
+ Martijn Brinkers for finding a lot of these. [CAN-2005-1769]
+ - Update COPYING with new address of the FSF.
+ - Fixed missing quote character when trying to build cid: urls.
+ - Added address listing functions and listing controls to address
+ book LDAP backend. Blocked wildcard searches in file and database
+ backends when listing is disabled (#529563).
+ - Some LDAP address book backend configuration options (listing
+ controls, filtering, scope limit) are moved to 'advanced
+ configuration' subsection.
+ - Javascript relied on rg=1 in the login page to force focus to
+ password box if username was supplied as a url arg (#1222617).
+ - Fix variable typo in parseFetch which caused IMAP errors on Exchange.
+ Thanks Christian Froemmel.
+ - Added Bluesome theme by Saku Lehtiƶ (#1188209).
Version 1.5.0 - 2 February 2004
-------------------------------