X-Git-Url: https://vcs.fsf.org/?p=squirrelmail.git;a=blobdiff_plain;f=ChangeLog;h=d170cd7b3d9b1e72bba0dde4134a213075a919e0;hp=122055781c147f985dd7c84eb62c8da7a7821260;hb=4ae9beb7abe3443809f17e80bf10399bf21c430c;hpb=962a6686cb2cb8a74ca598ef555dc50a1b8a2742 diff --git a/ChangeLog b/ChangeLog index 12205578..d170cd7b 100644 --- a/ChangeLog +++ b/ChangeLog @@ -495,6 +495,51 @@ Version 1.5.1 -- CVS in PHP 5.1. - Key value being overwritten by reuse of var in filters plugin. - Add doc/security.txt with some hints for a more secure installation. + - Added sqauth_read_password() and sqauth_save_password() functions. + - Unset global GET, POST and COOKIE variables registered in PHP + register_globals=on setups. + - Capabilities array now contains all multivalue information provided + by the IMAP server. (Such as THREAD=SORT, THREAD=REFERENCES). + - Inclusion of Compatibility plugin automatic (no patch needed for plugin) + - Moved sqm_baseuri() into more centralized location (strings.php) + - Introduced $sendmail_args configuration variable in order to control + /usr/sbin/sendmail command arguments (#1365779). Deliver_SendMail class was + modified to provide support of $sendmail_args. Modifications broke backwards + compatibility with qmail-inject workarounds. + - Added execution error handling in Deliver_SendMail class (#1374174). + - Sanitized Draft folder error message in compose. + - Fixed character wrapping/encoding issues in Japanese translation (#1377622). + Issue is specific to sqBodyWrap() and string function wrappers introduced in + 1.5.1. + - Security: MagicHTML fix for comments in styles which allowed + for cross site scripting when using Internet Explorer + [CVE-2006-0195]. + - Added 'mail' and 'sn' attributes to address book LDAP backend search + expression (#1368154). + - Added mailbox caching code by Michael Long. + - Prevent output of whitespace during plugin activation. Fixes possible + attachment corruption by incorrectly coded plugins. + - Fixed data sanitizing in calendar plugin (#1291081)(#705796). + - Security: Prohibit imap injection attempts (reported by Vicente Aguilera) + [CVE-2006-0377]. + - Don't move messages in sqimap_msgs_list_move() function call, when target + mailbox is same as source mailbox. Adds fifth argument to + sqimap_msgs_list_move() function. Fixes possible issues on MacOS Cyrus + IMAP server (#1409453). + - Style sheets are moved to template. + - displayHtmlHeader() function call sends http headers in order to prevent + page caching. + - Added Template set selection. + - Merged patch from Steve Brown to transform current templates to css + based templates. + - Added footer template to every page. + - Added experimental IMAP and SMTP STARTTLS extension support. + - Security: Fix possible cross site scripting through the right_main + parameter of webmail.php. This now uses a whitelist of acceptable + values. [CVE-2006-0188] + - Disabled display of regexp compilation errors in local_file address + book backend. + - DOCTYPE tags are switched from quirks to standard compliance mode. Version 1.5.0 - 2 February 2004 ------------------------------- @@ -613,6 +658,8 @@ Version 1.5.0 - 2 February 2004 - Integration of delete_move_next plugin into core. - Compression of buttons/headers for message index and message body - New option to save replies in the same folder as the original message. + - Remove possible unneeded IMAP call for NAMESPACE if it was saved in the + session (suggestion by Michael Long). **************************************