X-Git-Url: https://vcs.fsf.org/?p=squirrelmail.git;a=blobdiff_plain;f=ChangeLog;h=3f443f384612c1d86d3cb9e71020e2cc305a8d64;hp=5a1f8eefa0fc75edb2f2bac89dfd191a7ea96e08;hb=b8923d209c409f5830808aa697a1c8923c1e6f01;hpb=c9fcea568afbd85d0dc2978fb8e35ce8f50e56d7 diff --git a/ChangeLog b/ChangeLog index 5a1f8eef..3f443f38 100644 --- a/ChangeLog +++ b/ChangeLog @@ -54,8 +54,6 @@ Version 1.5.1 -- CVS written by Bryan Loniewski. - Use Special Folder Color config option works again (#931956). - In POP3-class, be more liberal regarding RFC-incompliant POP3-servers. - - Disabled Korean extra functions, because they don't provide all required - options and message composition is broken. - Added Basque translation support. - Remove flag buttons / links from display if mailbox doesn't allow it. - Make used of cached ordered uid list in case of server_side_sorting. @@ -65,6 +63,29 @@ Version 1.5.1 -- CVS of read_body.php discovered by Roman Medina. - Get alternating row colors of addressbook in sync with mailbox list. - Give proper error when PEAR DB not found. + - Remove inappropriate strip_tags() from add-to-addressbook (#968475). + - Prefs caching didn't work properly with register_globals off (#995102). + - Security: fix SQL injection vulnerability in addressbook + (CVE ID: CAN-2004-0521). + - Removed html_top and html_bottom hooks. No longer used/needed. + - Added "trailing text" for options built by SquirrelMail (text placed + after text and select list inputs on options pages) + - Custom option page values now repopulate correctly + - Added "no focus" option for compose page in display preferences (setting + reply focus to "No focus" also affects composing new messages) + - Current hook name is now globally available when running a hook ($currentHookName) + - Fix bug when Saving to Draft folder that contains special characters. + - Added size limit to signatures saved in file backend. Created error_option_save + function, that allows sending error message to options page. Thanks to Martynas + Bieliauskas for spotting big signature "option". + - Make SquirrelSpell work with safe_mode enabled, if using PHP >=4.3.0. + Patch by Ray Ferguson. + - Make IP-address in Message-ID RFC822 compliant. + - Uneditable address book entries no longer have checkboxes on addresses page. + - Alignment of title text above folder list fixed. + - Changed structure of xtra_code functions that are used by some translations. + - Added Uighur language support. + - Added status bar to compose window when "Compose In New Window" is used. Version 1.5.0 -------------------- @@ -269,7 +290,7 @@ Version 1.4.0 RC 2a - Correctly fold encoded header lines. - Fix prefs caching not working correctly in PHP 4.3 caused by a stupid version checking mechanism. - - Fix XXS hole that allowed JavaScript execution by sending someone + - Fix XSS hole that allowed JavaScript execution by sending someone an email with specially crafted headers. Thanks Jason Munro, and Masato Higashiyama.