Add some CVE identifiers

pull/314/head
Aleksander Machniak 9 years ago
parent 69a1e4f7b1
commit 40212452af

@ -81,7 +81,7 @@ RELEASE 1.1.3
- Fix "washing" of style elements wrapped into many lines
- Fix so input field (e.g. search box) does not loose focus on list load (#1490455)
- Fix so css of one html part does not apply to other text parts on message display (#1490505)
- Fix XSS issue in drag-n-drop file uploads (#1490530)
- Fix XSS issue in drag-n-drop file uploads [CVE-2015-8105] (#1490530)
- Fix handling of plus character in mailto: links (#1490510)
- Fix so adding CC/BCC recipients from the sidebar unhides compose form fields in Classic skin (#1490472)
- Fix so gc.sh script removes also expired sessions from sql database (#1490512)
@ -167,7 +167,7 @@ RELEASE 1.1.0
- Fix bug where max_group_members was ignored when adding a new contact (#1490214)
- Hide MDN and DSN options in compose if disabled by admin (#1490221)
- Fix checks based on window.ActiveXObject in IE > 10
- Fix XSS issue in style attribute handling (#1490227)
- Fix XSS issue in style attribute handling [CVE-2015-1433] (#1490227)
- Fix bug where Drafts list wasn't updated on draft-save action in new window (#1490225)
- Fix so "set as default" option is hidden if identities_level > 1 (#1490226)
- Fix bug where search was reset after returning from compose visited for reply
@ -195,7 +195,7 @@ RELEASE 1.1-rc
- Fix drag-n-drop to folders expanded while dragging (#1490157)
- Fix import of multiple contact groups from Google-csv format (#1490159)
- Fix import of contacts with multiple email addresses from Google-csv format (#1490178)
- Fix bugs where CSRF attacks were still possible on some requests
- Fix bugs where CSRF attacks were still possible on some requests [CVE-2014-9587]
- Fix some rcube_utils::anytodatetime() corner cases with timezone mismatches (#1490163)
- Improve move-to and contact-export button in classic skin (#1490166)
- Fix wrong icon for download button in classic skin

Loading…
Cancel
Save