roundcubemail

Commit Graph

Author	SHA1	Message	Date
Thomas Bruederli	1a7b603875	Bump version to 1.2.10	5 years ago
Aleksander Machniak	cceeff2472	Fix CSRF bypass that could be used to log out an authenticated user (#7302 )	5 years ago
Aleksander Machniak	33faaed63a	Fix local file inclusion (and code execution) via crafted 'plugins' option	5 years ago
Aleksander Machniak	4694620a1e	Fix remote code execution via crafted 'im_convert_path' or 'im_identify_path' settings	5 years ago
Aleksander Machniak	4312dc4efe	Fix XSS issue in handling of CDATA in HTML messages	5 years ago
Aleksander Machniak	d3f2759a6b	Fix missing message-htmlpart1 class breaking inline CSS (#6493 )	6 years ago
Thomas Bruederli	36043cb7bc	Bump version to 1.2.9 and copyright to 2018	7 years ago
Aleksander Machniak	8d6d4a5de5	Fix regression where IMAP commands with '*' uidset argument wasn't working	7 years ago
Thomas Bruederli	7901047474	Check for non-empty uid post parameters improve fix from commit `5b7e9a2c9`	7 years ago
Thomas Bruederli	c69b851b8a	Fix regression in compressMessageSet()	7 years ago
Thomas Bruederli	9f91018a16	Bump version to 1.2.8	7 years ago
Thomas Bruederli	5b7e9a2c96	Fix check_request() bypass in places using get_uids() (#6238 ) [CVE-2018-9846]	7 years ago
Thomas Bruederli	cdeb6234a2	Fix possible IMAP command injection vulnerability (#6229 ) [CVE-2018-9846]	7 years ago
Aleksander Machniak	8e7c2f61a3	Fix bug in remote content blocking on HTML image and style tags (#6178 )	7 years ago
Thomas Bruederli	987856eee2	Bump version + add CVE ID	7 years ago
Aleksander Machniak	c68f81e01d	Update changelog	7 years ago
Aleksander Machniak	9be2224c77	Fix file disclosure vulnerability caused by insuficient input validation in relation with attachment plugins (#6026 )	7 years ago
Aleksander Machniak	cb3f44b1b9	Move "cursor" position on \r\n sequence after single-dot in a line (#5838 )	7 years ago
Aleksander Machniak	24edb8de3e	Fix parsing dot-staffed lines in multiline text (#5838 )	7 years ago
Aleksander Machniak	1fd9ad242e	Fix (again) bug where image data URIs in css style were treated as evil/remote in mail preview (#5580 )	7 years ago
Aleksander Machniak	ead587ad59	Fix bug where HTML messages could have been rendered empty on some systems (#5957 ) Consistently use $nodeName instead of $tagName property.	7 years ago
Aleksander Machniak	b786599fb0	Update changelog	7 years ago
Aleksander Machniak	5f0f579766	Ignore rewind() warnings (#5950 )	7 years ago
Thomas Bruederli	3644b02d0b	Bump version to 1.2.6	7 years ago
Aleksander Machniak	d265b5756f	Bring back rcmail_html_container_id global	7 years ago
Thomas Bruederli	5fd704ac9e	Update Changelog	7 years ago
Thomas Bruederli	54a3712ada	Modify links in html messages during Washtml DOM traversal This is a more safe approach than using regex and mitigates possible vulnerabilities using malformed html markup.	7 years ago
Thomas Bruederli	fb43d2e608	Escape textarea contents in Washtml	7 years ago
Aleksander Machniak	f9151f6830	Managesieve: Fix AM/PM suffix in vacation time selectors	7 years ago
Aleksander Machniak	822afb7afd	Update changelog	7 years ago
Aleksander Machniak	507a1e9935	Don't ignore (global) userlogins/sendmail logs in per_user_logging mode	7 years ago
Aleksander Machniak	183f68f387	Fix uninitialized string offset in rcube_utils::bin2ascii() and make sure rcube_utils::random_bytes() result has always requested length (#5788 )	8 years ago
Aleksander Machniak	3d498cd632	Fix bug where it wasn't possible to set timezone to auto-detected value (#5782 )	8 years ago
Aleksander Machniak	913ffcfbbe	Fix SQL syntax error on MariaDB 10.2 (#5774 )	8 years ago
Aleksander Machniak	793bf96747	Enigma: Fix compatibility with assets_dir	8 years ago
Aleksander Machniak	58d7cdc3fc	Fix addressbook searching by gender (#5757 )	8 years ago
Aleksander Machniak	1b8d766447	Fix bug where it wasn't possible to scroll folders list in Edge (#5750 )	8 years ago
Aleksander Machniak	9bfacb4d3c	Fix bug where comment notation within style tag would cause the whole style to be ignored (#5747 )	8 years ago
Thomas Bruederli	e62a7d0dfa	Bump version to 1.2.5	8 years ago
Aleksander Machniak	fc557cacfa	Add CVE ident	8 years ago
Aleksander Machniak	6e054a37d1	Password: Fix security issue in virtualmin and sasl drivers	8 years ago
Aleksander Machniak	22b34fc44b	Fix bug where base_dn setting was ignored inside group_filters (#5720 )	8 years ago
Thomas Bruederli	00874b7fbd	Add CVE identifier to recent XSS fix	8 years ago
Aleksander Machniak	cc3b79bf66	Fix re-positioning of the fixed header of messages list in Chrome when using minimal mode toggle and About dialog (#5711 )	8 years ago
Aleksander Machniak	b213ee9aa0	Merge branch 'release-1.2' of github.com:roundcube/roundcubemail into release-1.2	8 years ago
Aleksander Machniak	2f6ca6d672	Fix bug where namespace prefix could not be truncated on folders list if show_real_foldernames=true (#5695 )	8 years ago
Aleksander Machniak	0fffea28c1	Fix regression in LDAP fuzzy search where it always used prefix search instead (#5713 )	8 years ago
Aleksander Machniak	6a178b3a7f	Remove redundant spaces from generated contact names	8 years ago
Aleksander Machniak	d5be34ad17	Update changelog	8 years ago
Aleksander Machniak	fa62496107	Fix so settings/upload.inc could not be used by plugins (#5694 )	8 years ago

1 2 3 4 5 ...

8941 Commits (1a7b603875bb397ebd2b2e69d5be0b59473f06f4) All Branches Search

8941 Commits (1a7b603875bb397ebd2b2e69d5be0b59473f06f4)

All Branches