fe0dc4eef8
Bump version to 1.1.12 and copyright to 2018
7 years ago
0c9074f286
Fix regression where IMAP commands with '*' uidset argument wasn't working
7 years ago
d4475e58db
Bump version to 1.1.11
7 years ago
aaafe8f917
Fix check_request() bypass in plugins using get_uids() ( #6238 )
...
[CVE-2018-9846]
7 years ago
498ff0a283
Fix possible IMAP command injection vulnerability ( #6229 )
...
[CVE-2018-9846]
7 years ago
5d889cca13
Fix bug in remote content blocking on HTML image and style tags ( #6178 )
7 years ago
a5dac2e694
Small improvement in log_dir handling
7 years ago
bb9db12a79
Fix parse error from last commit
7 years ago
a5e4578482
Don't ignore (global) userlogins/sendmail logs in per_user_logging mode
7 years ago
7f992eac3d
Bump version + add CVE ID
7 years ago
b707e19f4b
Update changelog
7 years ago
e757cc4101
Fix file disclosure vulnerability caused by insuficient input validation in relation with attachment plugins ( #6026 )
7 years ago
4181f29608
Bump version to 1.1.9
8 years ago
24902b7fc3
Add CVE ident
8 years ago
10b227d70a
Password: Fix security issue in virtualmin and sasl drivers
8 years ago
bcdba37a82
Fix bug where base_dn setting was ignored inside group_filters ( #5720 )
8 years ago
6b16e0d593
Fix regression in LDAP fuzzy search where it always used prefix search instead ( #5713 )
8 years ago
2a2b04eb2a
Remove redundant spaces from generated contact names
8 years ago
f1483204c7
Bump version to 1.1.8
8 years ago
d6ddd31a1b
Better fix for XSS in style tags ( 9b5eee294)
8 years ago
9b5eee2946
Fix XSS issue in handling of a style tag inside of an svg element
8 years ago
11b65a905f
Make sure date_create_from_format() exists
...
Only for Roundcube 1.1 (this function does not exist on PHP < 5.3)
8 years ago
7536739c7a
Fix bug where microsecond format in logged date didn't work in some cases
8 years ago
6c6b299d2a
Fix so microseconds macro (u) in log_date_format works ( #1490446 )
8 years ago
b7a4257ffb
Rename $sql_arr variable to $record as it's not about sql only
8 years ago
4cd090aa24
Fix regression where groups with email address were resolved to its members' addresses
8 years ago
fca2bb7869
Fix visual glitch when using disabled_actions for items in Settings menu
8 years ago
f8e0e1d4ed
Fix bug where signature couldn't be added above the quote in Firefox 51 ( #5628 )
8 years ago
72975042a5
Fix bug where mail content frame couldn't be reset in some corner cases ( #5608 )
...
Conflicts:
CHANGELOG
8 years ago
e6132dda95
Fix so group/addressbook selection is retained on page refresh
8 years ago
28e3da2325
Disable Print button for pdf attachments in Firefox ( #5125 )
...
Mozilla's PDF.js viewer does not allow printing from host page.
We try to detect such situation and disable the button to minimize
user confusion.
8 years ago
4c1394cf2d
Bump version to 1.1.7
8 years ago
45a3e81653
Fix vulnerability in handling of mail()'s 5th argument
8 years ago
aa6bf38843
Fix _from argument validation
8 years ago
860a3b47e7
Fix recognizing Sent folder on search if current folder has been changed by plugins in meantime
8 years ago
9b8db4c9e0
Autocomplete refactoring: replace variable name '$id' with '$abook_id'
...
Reason:
Having genericly named variable $id in nested loops makes code unreadable.
Replacing generic name '$id' with '$ENTITIY_id' format removes all ambiguity.
8 years ago
1123f39cf4
Fix missing contact ID for contacts from non-sql addressbooks
8 years ago
6fb8da08f3
Autocomplete search: add id and source (addressbook) into resulting contact data array
...
Two reasons:
- provide it to plugin backend functions that use 'contacts_autocomplete_after' hook
- provide it to frontend
Why to frontend?
If plugin JS adds an 'autocomplete_insert' hook we need to provide it with exact
autocomplete data. Providing it with name and email address only, without pinpointing
exact origin of this autocomplete result, will severely limit learning capabilities of
potential future autocomplete implementations.
8 years ago
802d119153
Bump version to 1.1.6
8 years ago
008f310f3a
de_DE: abboniert -> abonniert
8 years ago
32ddcfd3d0
Fix error causing empty INBOX listing in Firefox when using an URL with user:password specified ( #5400 )
8 years ago
8e2fdee671
Fix de_DE translation for 'open' action (T1456)
8 years ago
16b6c8a0ce
Fix missing min-height on ui-autocomplete lists (T1428)
8 years ago
93cb7b1fea
Support contact+group searches in all relevant places (T1360)
...
Before the search worked only in Addressbook, not also in Compose.
The point of the change is also to align group searches with contact searches
in that it now uses the same set of attributes. Previously groups
in Compose were searched by name only.
Conflicts:
program/lib/Roundcube/rcube_addressbook.php
program/lib/Roundcube/rcube_contacts.php
program/steps/mail/search_contacts.inc
8 years ago
3f10f9a2e6
Fix regression where LDAP results could be counted incorrectly when using VLV
...
... broken by d08bd0a51f
8 years ago
a647f994d8
Fix typo in de_DE localization (T1398)
8 years ago
264dfbbf82
Update changelog
8 years ago
425e31dc27
Wash position:fixed style in HTML mail for better security ( #5264 )
8 years ago
b2781e145e
Fix German localization label
8 years ago
4fa70856b9
Fix handling of blockquote tags with mixed case on html2text conversion ( #5363 )
...
Conflicts:
CHANGELOG
8 years ago
Thomas Bruederli