| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
Ok'ed wiz@/snj@/bouyer@
From the CHANGELOG:
------
v3.2.4
------
[cjh] SECURITY: Close an XSS hole exploited via the Content-type header
of malicious emails.
[jan] Fix conversion of folder names in some non-ascii charsets with buggy
iconv implementations (Wenzhuo Zhang <wenzhuo@zhmail.com>).
[jan] Filter out <base> tags when viewing HTML messages (Bug #10).
[mms] Encode subject when saving as draft (Tero Matinlassi
<tero.matinlassi@edu.vantaa.fi>).
------
v3.2.3
------
[jan] Fix the 'undefined index direct_access' error still occuring in obscure
cases.
[jan] Add Indonesian language (Slamin <slamin@unej.ac.id>).
[jan] <style> and <link> tags get commented out in HTML messages to not
allow them breaking the page layout.
[jan] Add Galician translation (Rafael Varela Pet <srrafa@usc.es>, Guillermo
Mendez <guille@usc.es>).
[jan] Remove HTML tags showing up in some error messages.
[mms] The spell check feature now keeps lines wrapped and correctly handles
apostrophes in words on all architectures.
|
|
|
|
No changes since 3.2.2rc1.
|
|
|
|
Changes since 3.2.1:
[mms] SECURITY: XSS vulnerabilities in the HTML viewer fixed (Ulf Harnhammar
<ulf@update.uu.se>).
[mms] SECURITY: If Horde 2.2.4 is available, additional code is used to
protect against session fixation issues.
[jan] Add Arabic (Syria) translation (Platinum Development Team
<devteam@platinum-sy.net>).
[jan] Add Arabic (Oman) translation (Said Al-Hosni <admin@wabhosting.com>).
[jan] Add Macedonian translation (Stojan Pesov <ssp@eureka.com.mk>).
[jon] Allow the spam reporting system to also use an external program.
[jan] Add IMP::rfc822WriteAddress() as a replacement for the buggy
imap_rfc822_write_address() function.
[jan] Add Thai translation (Surasak Srisawan <surasak@rirc.ac.th>).
[bjn] Add blacklist/whitelist hooks to Ingo.
[jan] Add Icelandic translation (Bjorn Davidsson <bjossi@snerpa.is>).
[mms] Correct display of filter rules with "special" HTML characters.
|
|
Main changes from 3.0:
Add various translations
Check for invalid 8bit characters in email addresses
Updates for various browsers quirks
Do not allow the '\' character in full names (see RFC 2822 [3.2.5]).
Close several small XSS vulnerabilities
Show timeout warning if session is about to expire
Added images MIME_Viewer
Protect against modified login forms
Escape login data correctly
Various bug fixes and interface improvements.
For details see share/doc/imp/CHANGES
|
|
"IMP 3.0 is now available! This major release delivers a brand-new, cleaner
user interface, improved internationalization, mail filtering, identities,
and much more, the result of over two years of feedback and experience
based on the successful IMP 2.2.x releases."
Note that the database format has changed, use
${PREFIX}share/horde/imp/scripts/imp2horde.pl
to convert to the new format.
|
|
[cjh] SECURITY: Prevent CSS by not letting let <tags> through in $message
[bjn] Simplified Chinese (zh) locale. (He Kun <hek@mail.cbi.pku.edu.cn>)
|
|
|
