'[SM-CVS] CVS: squirrelmail ReleaseNotes,1.27,1.28'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       squirrelmail-cvs
Subject:    [SM-CVS] CVS: squirrelmail ReleaseNotes,1.27,1.28
From:       Tomas Kuliavas <tokul () users ! sourceforge ! net>
Date:       2006-01-29 12:10:27
Message-ID: E1F3BNz-0000a0-9r () sc8-pr-cvs1 ! sourceforge ! net
[Download RAW message or body]

Update of /cvsroot/squirrelmail/squirrelmail
In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv2205

Modified Files:
	ReleaseNotes 
Log Message:
more relnotes updates


Index: ReleaseNotes
===================================================================
RCS file: /cvsroot/squirrelmail/squirrelmail/ReleaseNotes,v
retrieving revision 1.27
retrieving revision 1.28
diff -u -w -r1.27 -r1.28
--- ReleaseNotes	24 Jan 2006 18:27:53 -0000	1.27
+++ ReleaseNotes	29 Jan 2006 12:10:25 -0000	1.28
@@ -40,7 +40,14 @@
 
 Templates, css and error handler. 
 
-Own cookie functions
+SquirrelMail started using internal cookie functions in order to have more 
+controls over cookie format. Cookies set with sqsetcookie() function use
+extra parameter that secures cookie information in browsers that follow 
+MSDN cookie specifications.
+
+SquirrelMail IMAP and SMTP libraries updated to allow use of STARTTLS extension.
+Code is experimental and requires PHP 5.1.0 or newer with 
+stream_socket_enable_crypto() function support.
 
 Updated wrapping functions in compose.
 
@@ -49,7 +56,7 @@
 ================
 
 This release contains security fixes applied to development branch after 1.5.0 
-release.
+release:
 CVE-2004-0521 - SQL injection vulnerability in address book.
 CVE-2004-1036 - XSS exploit in decodeHeader function.
 CVE-2005-0075 - Potential file inclusion in preference backend selection code.
@@ -58,19 +65,28 @@
 CVE-2005-1769 - Several cross site scripting (XSS) attacks.
 CVE-2005-2095 - Extraction of all POST variables in advanced identity code.
 
+If you use SquirrelMail 1.5.0, you should upgrade to 1.5.1 or downgrade to latest
+stable SquirrelMail version.
 
 Plugin updates
 ==============
 Added site configuration options to filters, fortune, translate, newmail, 
-bug_report plugins. Improved newmail and change_password plugins.
+bug_report plugins. Improved newmail and change_password plugins. Fixed data 
+corruption issues in calendar plugin.
 
-SquirrelSpell data storage
+SquirrelSpell plugin was updated to use generic SquirrelMail preference functions.
+User preferences and personal dictionaries that were stored in .words files are 
+moved to .pref files or other configured user data storage backend.
 
 
 Possible issues
 ===============
-Cookies
+Internal SquirrelMail cookie implementation is experimental. If you have cookie 
+expiration or corruption issues with some browser and can reproduce them only in 
+1.5.1 version, contact SquirrelMail developers and help them to debug your issue.
+
 Plugins (changes in hooks and IMAP API)
+
 IMAP sorting/threading
 
 Backward incompatible changes



-------------------------------------------------------
This SF.net email is sponsored by: Splunk Inc. Do you grep through log files
for problems?  Stop!  Download the new AJAX search engine that makes
searching your log files as easy as surfing the  web.  DOWNLOAD SPLUNK!
http://sel.as-us.falkag.net/sel?cmd=lnk&kid=103432&bid=230486&dat=121642
--
squirrelmail-cvs mailing list
List Address: squirrelmail-cvs@lists.sourceforge.net
List Info: https://lists.sourceforge.net/lists/listinfo/squirrelmail-cvs
http://squirrelmail.org/cvs
[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic