X-Git-Url: https://vcs.fsf.org/?p=squirrelmail.git;a=blobdiff_plain;f=ChangeLog;h=d170cd7b3d9b1e72bba0dde4134a213075a919e0;hp=f557056391b082af118ee166f91e8443de45bed7;hb=151562a780a0919b32e04d204ba7f33fb215bd84;hpb=e44fc2eb529cf7e7c834a96ab584684f7e5c6658 diff --git a/ChangeLog b/ChangeLog index f5570563..d170cd7b 100644 --- a/ChangeLog +++ b/ChangeLog @@ -471,7 +471,75 @@ Version 1.5.1 -- CVS - E_NOTICE and unlink error message if user hits delete multiple times before compose page has reloaded. - Undefined variable in rare case in view_header.php - + - Variable by reference fix in printer_friendly_bottom.php. + - Undefined index in addressbook backends. + - sqimap_utf7_decode_mbx_tree returns variables by reference, rather than a + return value (#1351822) + - Make test for IE6 in SendDownloadHeaders also match versions higher + than 6 (#1339211). + - Allow double quote to be used in MOTD (#1276959). + - Prevent right_frame to be set to '//www.example.com'. + - Tweak printer friendly attachment view. + - Added new compose_send_after hook. + - Added new scheme to allow multiple plugins to share the onsubmit handler + for the compose form from the compose_form hook. See plugin.txt for more + information. + - Support for LIST-SUBSCRIBED extension. This speeds up the retrieval of + the subscribed mailbox-list. + - Properly clean up temporary attachment files when saving as Draft + (#1358407) and fix attachment cleaning code on logout. + - Fixed error message in addressbook.php lookup (#1351825). + - Fixed incorrect curly escape in sqimap_append(). Error triggered by PHP 5.1 + bugfix (#1366982). + - Fixed ContentType object check in Rfc822Header class. E_NOTICE error + in PHP 5.1. + - Key value being overwritten by reuse of var in filters plugin. + - Add doc/security.txt with some hints for a more secure installation. + - Added sqauth_read_password() and sqauth_save_password() functions. + - Unset global GET, POST and COOKIE variables registered in PHP + register_globals=on setups. + - Capabilities array now contains all multivalue information provided + by the IMAP server. (Such as THREAD=SORT, THREAD=REFERENCES). + - Inclusion of Compatibility plugin automatic (no patch needed for plugin) + - Moved sqm_baseuri() into more centralized location (strings.php) + - Introduced $sendmail_args configuration variable in order to control + /usr/sbin/sendmail command arguments (#1365779). Deliver_SendMail class was + modified to provide support of $sendmail_args. Modifications broke backwards + compatibility with qmail-inject workarounds. + - Added execution error handling in Deliver_SendMail class (#1374174). + - Sanitized Draft folder error message in compose. + - Fixed character wrapping/encoding issues in Japanese translation (#1377622). + Issue is specific to sqBodyWrap() and string function wrappers introduced in + 1.5.1. + - Security: MagicHTML fix for comments in styles which allowed + for cross site scripting when using Internet Explorer + [CVE-2006-0195]. + - Added 'mail' and 'sn' attributes to address book LDAP backend search + expression (#1368154). + - Added mailbox caching code by Michael Long. + - Prevent output of whitespace during plugin activation. Fixes possible + attachment corruption by incorrectly coded plugins. + - Fixed data sanitizing in calendar plugin (#1291081)(#705796). + - Security: Prohibit imap injection attempts (reported by Vicente Aguilera) + [CVE-2006-0377]. + - Don't move messages in sqimap_msgs_list_move() function call, when target + mailbox is same as source mailbox. Adds fifth argument to + sqimap_msgs_list_move() function. Fixes possible issues on MacOS Cyrus + IMAP server (#1409453). + - Style sheets are moved to template. + - displayHtmlHeader() function call sends http headers in order to prevent + page caching. + - Added Template set selection. + - Merged patch from Steve Brown to transform current templates to css + based templates. + - Added footer template to every page. + - Added experimental IMAP and SMTP STARTTLS extension support. + - Security: Fix possible cross site scripting through the right_main + parameter of webmail.php. This now uses a whitelist of acceptable + values. [CVE-2006-0188] + - Disabled display of regexp compilation errors in local_file address + book backend. + - DOCTYPE tags are switched from quirks to standard compliance mode. Version 1.5.0 - 2 February 2004 ------------------------------- @@ -590,6 +658,8 @@ Version 1.5.0 - 2 February 2004 - Integration of delete_move_next plugin into core. - Compression of buttons/headers for message index and message body - New option to save replies in the same folder as the original message. + - Remove possible unneeded IMAP call for NAMESPACE if it was saved in the + session (suggestion by Michael Long). **************************************