[CVE-2011-2752, CVE-2011-2753, CVE-2010-4555]
- Fixed XSS problem with unsanitized style tags in messages. [CVE-2011-2023]
- Always ensure that the Reply-To header is a full email address in
- outgoing messages (makes the Verify Reply-To plugin obsolete)
+ outgoing messages
+ - Unified address book searches somewhat: file-backed address books now
+ search in each field individually; database-backed address books now
+ search in fields other than first/last name (nickname, email)
+ - Made performance improvements in security token handling
+ - Improvements for PHP 5.4 compatibility.
+ - Added option that allows users to have replies to their own
+ messages sent to the recipient of the previous message (#3520988).
+ - Added associative edit list option widget, with optional folder
+ list selector for values
+ - Added option to use blank spacer instead of security image ("This
+ image has been removed for security reasons.") for replacing
+ unsafe images.
Version 1.5.1 (branched on 2006-02-12)
--------------------------------------