X-Git-Url: https://vcs.fsf.org/?p=squirrelmail.git;a=blobdiff_plain;f=ChangeLog;h=1907e78ef6f3dc8cc530fd13f584541d840b5cce;hp=4467a02d3d1e3e0de8712d6334f596381cab522d;hb=52608668d89d69ee9456e0812be97d7e31fa885c;hpb=e527e60e090a54e16ef0e7014e8c40d4e605ea1a

diff --git a/ChangeLog b/ChangeLog
index 4467a02d..1907e78e 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -54,6 +54,8 @@ Version 1.5.1 -- CVS
     written by Bryan Loniewski.
   - Use Special Folder Color config option works again (#931956).
   - In POP3-class, be more liberal regarding RFC-incompliant POP3-servers.
+  - Set up language before outputing errors in auth.php to make them appear in
+    the correct language.
   - Added Basque translation support.
   - Remove flag buttons / links from display if mailbox doesn't allow it.
   - Make used of cached ordered uid list in case of server_side_sorting.
@@ -65,8 +67,8 @@ Version 1.5.1 -- CVS
   - Give proper error when PEAR DB not found.
   - Remove inappropriate strip_tags() from add-to-addressbook (#968475).
   - Prefs caching didn't work properly with register_globals off (#995102).
-  - Security: fix SQL injection vulnerability in addressbook
-    [CAN-2004-0521].
+  - Security: fix SQL injection vulnerability in addressbook.
+    [CAN-2004-0521]
   - Removed html_top and html_bottom hooks.  No longer used/needed.
   - Added "trailing text" for options built by SquirrelMail (text placed
     after text and select list inputs on options pages)
@@ -163,6 +165,8 @@ Version 1.5.1 -- CVS
   - Prevent & being eaten in set_url_var, thanks Marcin Orlowski. Fixes #1053725.
   - Removed internal_link hook.
   - Added sq_setlocale function in order to use multiple locale names.
+  - Set up language before outputing errors in signout.php to make them appear
+    in the correct language.
   - Added size attributes to new_mail sound tags. Fixes #818958.
   - Removed extra ; in SquirrelMail added Received header per RFC 822. Fixes #1088548.
   - Add IMAP server type "hmailserver" to make search work with hMailServer.
@@ -173,6 +177,84 @@ Version 1.5.1 -- CVS
     Fixes #983614.
   - Fix listcommands plugin to behave like normal reply/compose
     links, and return to message page that originally called from.
+  - Max upload file size now correctly handles a '-1' value, meaning
+    unlimited. (#1094569).
+  - Security: Added hook for Preferences Backend to resolve potential
+    file inclusions. [CAN-2005-0075]
+  - Remove Printer Friendly Clean Display config option, the cleaning
+    is now always done.
+  - Create new Options section "Compose Preferences" and move some
+    options from Display Preferences there; also move some around within
+    Display Preferences.
+  - Security: Fix possible file/offsite inclusion in src/webmail.php.
+    [CAN-2005-0103]
+  - Security: Fix possible XSS issues in src/webmail.php. [CAN-2005-0104]
+  - Fix undefined variables in src/webmail.php.
+  - 24hr clock format should include a leading 0.
+  - Removed numeric keys for plugin array in config.php.
+  - Fixed translations of "On DATE, AUTHOR said" and "AUTHOR said" replies.
+  - Added sq_str_pad function for padding of multi-byte strings.
+  - Added sq_strlen function for calculation of multi-byte string length.
+  - Quoted "INBOX" in check for the status of INBOX in a LIST call. Fixes an
+    issue with a specific IMAP server.
+  - In sqgetGlobalVar(), reset $value if the var is not found in the
+    specified location.
+  - Move default_pref to the config/ dir, but keep checking legacy locations
+    first for bc. Do not fail with an error when default_pref not found, just
+    create an empty one.
+  - Add trailing slash for data directory used by global file based address
+    book (#1105760).
+  - Fixed sorting problem is get_squirrel_sort() function (#1115403).
+  - Add "Show Only Subscribed Folders" option to allow users to show all
+    folders instead of only subscribed ones (#1105756, #1105250).
+  - Add workaround for Mercury/32 servers that will subscribe again to
+    an already subscribed folder (#1115409).
+  - Added blank.png for missing image support.
+  - Use the proper attachment filenames in case of forwarding a message.
+  - Fix for #855320 where Outlook Express was creating CID: based URLs,
+    but not assigning a content-id to the attachment.  This is a bug in
+	Outlook Express and is non-RFC compliant behaviour.
+  - Strip <outbind://> tags out. This is a Microsoft only protocol and
+    references files local to the sending machine.  This causes issues
+	with Internet Explorer.
+  - Replace <img src="outbind://"> links with clean images to stop
+    issues with Internet Explorer not being able to track down the image.
+  - Empty src attribute on img tags causes logouts (IE only), replacing
+    string with blank.png.
+  - Added vmailmgrd backend to change_password plugin.
+  - Fixed change_password_init hook.
+  - Give an error to the user when SquirrelMail is not configured yet
+    (instead of "failed to include config.php").
+  - Added swf and mp3 support to newmail plugin. Restored custom user media
+    support.
+  - Removed unused save_option_header() function from display and compose
+    option includes.
+  - Fixed bug #1124764, view unsafe images inside printer friendly view.
+  - Fixed bug #1032366, remove NUL characters in text attachments on sent.
+  - URL Encode required for string being passed in mailto: links to pass on
+    additional values (cc, body, subject etc).
+  - Fixed bug #801060.  Removed option for INBOX in filters plugin as source
+    is always INBOX.
+  - Always show Purge link next to Trash, even when empty.
+  - errors in addressbook_init() function are no longer fatal. If function
+    fails to activate address book backend, it displays error box (with 
+    error_box() function). error box can be hidden by setting first
+    function argument to false.
+  - Sanitized search in ldap address book backend. Use of asterisk 
+    together with other symbols is not supported.
+  - Added ldap backend to change_password plugin.
+  - Change defaults of some prefs to more sensible / usable settings.
+  - Revise the documentation of the packaged plugins.
+  - Fixed edit form checks in address listing (#1124018).
+  - After sending resumed draft, return to message list
+  - Parse and replace mailto: links with internal compose links when 
+    viewing in HTML format
+  - Plugins may now define an "extra" array element to return to the attachment
+    types hook, which will be also inserted in the attachment link for the plugin
+  - Added mouseover row highlighting on message index
+  - Added <label> for checkboxes on message index (when highlighting is off)
+  - Fixed mailto: parsing in functions/url_parser.php
+  - Fixed broken signout page (plugins work here again)
 
 Version 1.5.0
 --------------------
@@ -512,7 +594,7 @@ Version 1.2.6 -- April 29 2002
   - Added a server-side sorting global option
   - Compose in new window size can be set in Display prefs.
   - Logout error system unified.
-  - Security: Fix for a "theme passed as cookie" exploit. [CVE-2002-0516]
+  - Security: Fix for a "theme passed as cookie" exploit. [CAN-2002-0516]
   - PostgreSQL is now supported for database backed use
   - Added user option to sort messages by internal date
   - Changed attachment handling now attachments are adressed to