| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
|
|
need it).
|
|
|
|
- From the ChangeLog:
> ------
> v3.2.8
> ------
>
> [jan] Close XSS when setting the parent frame's page title by javascript (cjh).
> [mms] Fix display of MIME parts less than 1K when local number format uses
> ',' as the decimal separator.
> [jan] Don't use trash folder on POP3 servers under certain circumstances
> (Bug 1373).
> [jan] Fix "Save as" link to save message sources (Bug 1233).
>
>
> ------
> v3.2.7
> ------
>
> [mms] Determine the default IMAP delimiter according to RFC 3501.
> [mms] Fix the folders screen hanging if there was only one folder (Bug 504).
> [jan] Correctly cancel messages composition in all cases (Rich Bartell
> <rwb@bartellonline.com).
> [mms] Don't convert colons in user-defined headers to underscores (Bug 676).
> [jan] Don't blacklist already blacklisted addresses again (Bug 530).
|
|
|
|
|
|
|
|
* Security fix
* Workarounds for buggy browser behaviour
* Support for folder names in other charsets than iso-8859-1
* Many bug-fixes
|
|
leave the DEPENDS in a form which allows PHP 5.x to match, since it should
work just as well
|
|
Ok'ed wiz@/snj@/bouyer@
From the CHANGELOG:
------
v3.2.4
------
[cjh] SECURITY: Close an XSS hole exploited via the Content-type header
of malicious emails.
[jan] Fix conversion of folder names in some non-ascii charsets with buggy
iconv implementations (Wenzhuo Zhang <wenzhuo@zhmail.com>).
[jan] Filter out <base> tags when viewing HTML messages (Bug #10).
[mms] Encode subject when saving as draft (Tero Matinlassi
<tero.matinlassi@edu.vantaa.fi>).
------
v3.2.3
------
[jan] Fix the 'undefined index direct_access' error still occuring in obscure
cases.
[jan] Add Indonesian language (Slamin <slamin@unej.ac.id>).
[jan] <style> and <link> tags get commented out in HTML messages to not
allow them breaking the page layout.
[jan] Add Galician translation (Rafael Varela Pet <srrafa@usc.es>, Guillermo
Mendez <guille@usc.es>).
[jan] Remove HTML tags showing up in some error messages.
[mms] The spell check feature now keeps lines wrapped and correctly handles
apostrophes in words on all architectures.
|
|
|
|
Buildlink files: RECOMMENDED version changed to current version.
|
|
|
|
No changes since 3.2.2rc1.
|
|
|
|
Changes since 3.2.1:
[mms] SECURITY: XSS vulnerabilities in the HTML viewer fixed (Ulf Harnhammar
<ulf@update.uu.se>).
[mms] SECURITY: If Horde 2.2.4 is available, additional code is used to
protect against session fixation issues.
[jan] Add Arabic (Syria) translation (Platinum Development Team
<devteam@platinum-sy.net>).
[jan] Add Arabic (Oman) translation (Said Al-Hosni <admin@wabhosting.com>).
[jan] Add Macedonian translation (Stojan Pesov <ssp@eureka.com.mk>).
[jon] Allow the spam reporting system to also use an external program.
[jan] Add IMP::rfc822WriteAddress() as a replacement for the buggy
imap_rfc822_write_address() function.
[jan] Add Thai translation (Surasak Srisawan <surasak@rirc.ac.th>).
[bjn] Add blacklist/whitelist hooks to Ingo.
[jan] Add Icelandic translation (Bjorn Davidsson <bjossi@snerpa.is>).
[mms] Correct display of filter rules with "special" HTML characters.
|
|
|
|
|
|
|
|
Main changes from 3.0:
Add various translations
Check for invalid 8bit characters in email addresses
Updates for various browsers quirks
Do not allow the '\' character in full names (see RFC 2822 [3.2.5]).
Close several small XSS vulnerabilities
Show timeout warning if session is about to expire
Added images MIME_Viewer
Protect against modified login forms
Escape login data correctly
Various bug fixes and interface improvements.
For details see share/doc/imp/CHANGES
|
|
have it be automatically included by bsd.pkg.mk if USE_PKGINSTALL is set
to "YES". This enforces the requirement that bsd.pkg.install.mk be
included at the end of a package Makefile. Idea suggested by Julio M.
Merino Vidal <jmmv at menta.net>.
|
|
|
|
|
|
"IMP 3.0 is now available! This major release delivers a brand-new, cleaner
user interface, improved internationalization, mail filtering, identities,
and much more, the result of over two years of feedback and experience
based on the successful IMP 2.2.x releases."
Note that the database format has changed, use
${PREFIX}share/horde/imp/scripts/imp2horde.pl
to convert to the new format.
|
|
automatically, so no need to do it ourselves.
|
|
|
|
This value may be customized in various ways:
PKG_SYSCONFBASE is the main config directory under which all package
configuration files are to be found.
PKG_SYSCONFSUBDIR is the subdirectory of PKG_SYSCONFBASE under which the
configuration files for a particular package may be found.
PKG_SYSCONFDIR.${PKGBASE} overrides the value of ${PKG_SYSCONFDIR} for a
particular package.
Users will typically want to set PKG_SYSCONFBASE to /etc, or accept the
default location of ${PREFIX}/etc.
This obsoletes the use of CONFDIR, which was active for only 6 days, so no
need to have a workaround to still accept old CONFDIR settings.
|
|
bsd.pkg.install.mk:
* Remove old DEINSTALL/INSTALL scripts.
* Move some text printed at POST-INSTALL time into the MESSAGE file.
* Adjust rc.d scripts to respect rc.conf settings, so that the
script may be directly copied into /etc/rc.d.
|
|
[cjh] SECURITY: Prevent CSS by not letting let <tags> through in $message
[bjn] Simplified Chinese (zh) locale. (He Kun <hek@mail.cbi.pku.edu.cn>)
|
|
|
|
|
|
|
|
|
|
shell.
|
|
expression for substituting in DEINSTALL/INSTALL scripts. Use "${CMP} -s"
instead of "diff -q" since the former is more portable across OSes.
|
|
[bjn] SECURITY: Use is_uploaded_file() function to validate all attachment
uploads (prevent spoofing).
[bjn] SECURITY: Fix attachment upload to use tempnam(). (Jarno Huuskonen
<Jarno.Huuskonen@uku.fi>)
[cjh] SECURITY: Fix attachment viewers to use tempnam().
[cjh] Fix mysql warning with php 4.0.7.
[max] Move all JavaScript URLs to the onclick event handler to prevent
breaking IE SSL in certain circumstances.
[cjh] Add addslashes() to mysql db library.
[bjn] Bug 577: umask fixes to prevent world-writable /tmp files.
(<andreas@conectiva.com.br>)
[bjn] Bug 517: Fixes for LDAP searching--bogus LDAP filters when some
drop-downs were switched away from default values. (Robert Marchand
<robert.marchand@UMontreal.CA>)
[cjh] Allow '+' to terminate URLs.
|
|
- Install example imp.conf Apache config file fragment info
${PREFIX}/share/examples/imp.
- Add missing directory share/doc/imp to PLIST.
|
|
|
|
+ move the patch digest/checksum values from files/patch-sum to distinfo
|
|
|
|
avsm@horde.org in private email.
|
|
|
|
|
|
|
