X-Git-Url: https://vcs.fsf.org/?p=squirrelmail.git;a=blobdiff_plain;f=ChangeLog;h=00d13c96afb35c9a0f647e83f94d30d790dd8e33;hp=964e55a2b3a561e0b8fc0fc659e1a19a9aab88bb;hb=0f18c6120b81101579de08e16fd3dd378a015a07;hpb=9cda0cc6f967d57c7ad36beca68574470592fdcb diff --git a/ChangeLog b/ChangeLog index 964e55a2..00d13c96 100644 --- a/ChangeLog +++ b/ChangeLog @@ -2,8 +2,11 @@ *** SquirrelMail Devel Series 1.5 *** ************************************* -Version 1.5.1 -- CVS --------------------- +Version 1.5.2 CVS + - + +Version 1.5.1 (branched on 2006-02-12) +-------------------------------------- - New reply citation to include date and author. - Security: Fix some possible XSS bugs. - Norwegian Bokmal translation uses nb_NO. @@ -498,6 +501,53 @@ Version 1.5.1 -- CVS - Added sqauth_read_password() and sqauth_save_password() functions. - Unset global GET, POST and COOKIE variables registered in PHP register_globals=on setups. + - Capabilities array now contains all multivalue information provided + by the IMAP server. (Such as THREAD=SORT, THREAD=REFERENCES). + - Inclusion of Compatibility plugin automatic (no patch needed for plugin) + - Moved sqm_baseuri() into more centralized location (strings.php) + - Introduced $sendmail_args configuration variable in order to control + /usr/sbin/sendmail command arguments (#1365779). Deliver_SendMail class was + modified to provide support of $sendmail_args. Modifications broke backwards + compatibility with qmail-inject workarounds. + - Added execution error handling in Deliver_SendMail class (#1374174). + - Sanitized Draft folder error message in compose. + - Fixed character wrapping/encoding issues in Japanese translation (#1377622). + Issue is specific to sqBodyWrap() and string function wrappers introduced in + 1.5.1. + - Security: MagicHTML fix for comments in styles which allowed + for cross site scripting when using Internet Explorer + [CVE-2006-0195]. + - Added 'mail' and 'sn' attributes to address book LDAP backend search + expression (#1368154). + - Added mailbox caching code by Michael Long. + - Prevent output of whitespace during plugin activation. Fixes possible + attachment corruption by incorrectly coded plugins. + - Fixed data sanitizing in calendar plugin (#1291081)(#705796). + - Security: Prohibit imap injection attempts (reported by Vicente Aguilera) + [CVE-2006-0377]. + - Don't move messages in sqimap_msgs_list_move() function call, when target + mailbox is same as source mailbox. Adds fifth argument to + sqimap_msgs_list_move() function. Fixes possible issues on MacOS Cyrus + IMAP server (#1409453). + - Style sheets are moved to template. + - displayHtmlHeader() function call sends http headers in order to prevent + page caching. + - Added Template set selection. + - Merged patch from Steve Brown to transform current templates to css + based templates. + - Added footer template to every page. + - Added experimental IMAP and SMTP STARTTLS extension support. + - Security: Fix possible cross site scripting through the right_main + parameter of webmail.php. This now uses a whitelist of acceptable + values. [CVE-2006-0188] + - Disabled display of regexp compilation errors in local_file address + book backend. + - DOCTYPE tags are switched from quirks to standard compliance mode. + - Improved error reporting concerning THREAD, SORT and BADCHARSET. + - Added options to disable THREAD and SORT extension. + - Fixed mailbox cache issues caused by using prev/next links in + read_body.php. + - Added View as HTML support to the SquirrelMail core. Version 1.5.0 - 2 February 2004 ------------------------------- @@ -616,6 +666,8 @@ Version 1.5.0 - 2 February 2004 - Integration of delete_move_next plugin into core. - Compression of buttons/headers for message index and message body - New option to save replies in the same folder as the original message. + - Remove possible unneeded IMAP call for NAMESPACE if it was saved in the + session (suggestion by Michael Long). **************************************