Aleksander Machniak
|
d3f2759a6b
|
Fix missing message-htmlpart1 class breaking inline CSS (#6493)
|
6 years ago |
Thomas Bruederli
|
36043cb7bc
|
Bump version to 1.2.9 and copyright to 2018
|
7 years ago |
Aleksander Machniak
|
8d6d4a5de5
|
Fix regression where IMAP commands with '*' uidset argument wasn't working
|
7 years ago |
Thomas Bruederli
|
7901047474
|
Check for non-empty uid post parameters
improve fix from commit 5b7e9a2c9
|
7 years ago |
Thomas Bruederli
|
c69b851b8a
|
Fix regression in compressMessageSet()
|
7 years ago |
Thomas Bruederli
|
9f91018a16
|
Bump version to 1.2.8
|
7 years ago |
Thomas Bruederli
|
5b7e9a2c96
|
Fix check_request() bypass in places using get_uids() (#6238)
[CVE-2018-9846]
|
7 years ago |
Thomas Bruederli
|
cdeb6234a2
|
Fix possible IMAP command injection vulnerability (#6229)
[CVE-2018-9846]
|
7 years ago |
Aleksander Machniak
|
8e7c2f61a3
|
Fix bug in remote content blocking on HTML image and style tags (#6178)
|
7 years ago |
Thomas Bruederli
|
987856eee2
|
Bump version + add CVE ID
|
7 years ago |
Aleksander Machniak
|
c68f81e01d
|
Update changelog
|
7 years ago |
Aleksander Machniak
|
9be2224c77
|
Fix file disclosure vulnerability caused by insuficient input validation in relation with attachment plugins (#6026)
|
7 years ago |
Aleksander Machniak
|
cb3f44b1b9
|
Move "cursor" position on \r\n sequence after single-dot in a line (#5838)
|
7 years ago |
Aleksander Machniak
|
24edb8de3e
|
Fix parsing dot-staffed lines in multiline text (#5838)
|
7 years ago |
Aleksander Machniak
|
1fd9ad242e
|
Fix (again) bug where image data URIs in css style were treated as evil/remote in mail preview (#5580)
|
7 years ago |
Aleksander Machniak
|
ead587ad59
|
Fix bug where HTML messages could have been rendered empty on some systems (#5957)
Consistently use $nodeName instead of $tagName property.
|
7 years ago |
Aleksander Machniak
|
b786599fb0
|
Update changelog
|
7 years ago |
Aleksander Machniak
|
5f0f579766
|
Ignore rewind() warnings (#5950)
|
7 years ago |
Thomas Bruederli
|
3644b02d0b
|
Bump version to 1.2.6
|
7 years ago |
Aleksander Machniak
|
d265b5756f
|
Bring back rcmail_html_container_id global
|
7 years ago |
Thomas Bruederli
|
5fd704ac9e
|
Update Changelog
|
7 years ago |
Thomas Bruederli
|
54a3712ada
|
Modify links in html messages during Washtml DOM traversal
This is a more safe approach than using regex and mitigates
possible vulnerabilities using malformed html markup.
|
7 years ago |
Thomas Bruederli
|
fb43d2e608
|
Escape textarea contents in Washtml
|
7 years ago |
Aleksander Machniak
|
f9151f6830
|
Managesieve: Fix AM/PM suffix in vacation time selectors
|
7 years ago |
Aleksander Machniak
|
822afb7afd
|
Update changelog
|
8 years ago |
Aleksander Machniak
|
507a1e9935
|
Don't ignore (global) userlogins/sendmail logs in per_user_logging mode
|
8 years ago |
Aleksander Machniak
|
183f68f387
|
Fix uninitialized string offset in rcube_utils::bin2ascii() and make sure rcube_utils::random_bytes() result has always requested length (#5788)
|
8 years ago |
Aleksander Machniak
|
3d498cd632
|
Fix bug where it wasn't possible to set timezone to auto-detected value (#5782)
|
8 years ago |
Aleksander Machniak
|
913ffcfbbe
|
Fix SQL syntax error on MariaDB 10.2 (#5774)
|
8 years ago |
Aleksander Machniak
|
793bf96747
|
Enigma: Fix compatibility with assets_dir
|
8 years ago |
Aleksander Machniak
|
58d7cdc3fc
|
Fix addressbook searching by gender (#5757)
|
8 years ago |
Aleksander Machniak
|
1b8d766447
|
Fix bug where it wasn't possible to scroll folders list in Edge (#5750)
|
8 years ago |
Aleksander Machniak
|
9bfacb4d3c
|
Fix bug where comment notation within style tag would cause the whole style to be ignored (#5747)
|
8 years ago |
Thomas Bruederli
|
e62a7d0dfa
|
Bump version to 1.2.5
|
8 years ago |
Aleksander Machniak
|
fc557cacfa
|
Add CVE ident
|
8 years ago |
Aleksander Machniak
|
6e054a37d1
|
Password: Fix security issue in virtualmin and sasl drivers
|
8 years ago |
Aleksander Machniak
|
22b34fc44b
|
Fix bug where base_dn setting was ignored inside group_filters (#5720)
|
8 years ago |
Thomas Bruederli
|
00874b7fbd
|
Add CVE identifier to recent XSS fix
|
8 years ago |
Aleksander Machniak
|
cc3b79bf66
|
Fix re-positioning of the fixed header of messages list in Chrome when using minimal mode toggle and About dialog (#5711)
|
8 years ago |
Aleksander Machniak
|
b213ee9aa0
|
Merge branch 'release-1.2' of github.com:roundcube/roundcubemail into release-1.2
|
8 years ago |
Aleksander Machniak
|
2f6ca6d672
|
Fix bug where namespace prefix could not be truncated on folders list if show_real_foldernames=true (#5695)
|
8 years ago |
Aleksander Machniak
|
0fffea28c1
|
Fix regression in LDAP fuzzy search where it always used prefix search instead (#5713)
|
8 years ago |
Aleksander Machniak
|
6a178b3a7f
|
Remove redundant spaces from generated contact names
|
8 years ago |
Aleksander Machniak
|
d5be34ad17
|
Update changelog
|
8 years ago |
Aleksander Machniak
|
fa62496107
|
Fix so settings/upload.inc could not be used by plugins (#5694)
|
8 years ago |
Thomas Bruederli
|
cbd35626f7
|
Better fix for XSS in style tags (fa2824fdc )
|
8 years ago |
Aleksander Machniak
|
fa2824fdcd
|
Fix XSS issue in handling of a style tag inside of an svg element
|
8 years ago |
Aleksander Machniak
|
33586e4c87
|
Fix possible defect in handling \r\n in scripts (#5685)
|
8 years ago |
Thomas Bruederli
|
85a750a068
|
Bump version to 1.2.4
|
8 years ago |
Aleksander Machniak
|
04ed3846d3
|
Managesieve: Fix parser issue with empty lines between comments (#5657)
|
8 years ago |