![](https://seccdn.libravatar.org/avatar/e2145bc5cf53dda95c308a3c75e8fef3.jpg?s=120&d=mm&r=g)
Hello community, here is the log from the commit of package squirrelmail checked in at Thu May 10 23:29:10 CEST 2007. -------- --- squirrelmail/squirrelmail.changes 2007-03-08 13:30:45.000000000 +0100 +++ /mounts/work_src_done/NOARCH/squirrelmail/squirrelmail.changes 2007-05-10 15:52:31.000000000 +0200 @@ -1,0 +2,44 @@ +Thu May 10 15:44:43 CEST 2007 - prusnak@suse.cz + +- updated to 1.4.10a + * fixed: + - HTML glitches (#1608798, #1628639, #1521389, #1548394, #1704686) + - rare bug in forwarding as attachment from some search results + - wrong $_SERVER['REQUEST_URI'] value causing wrong links in the [more] + and [less] links in read_body.php + - URL to send read receipts from read_body (#1637572) + - high memory usage when forwarding messages with attachments + - filename extraction from attachments + - reply to all duplicating the address from Reply-To + - "Unknown Sender" on message after reading a digest (#1673047) + - Priority and Receipt compose options being reset after return from + HTML addressbook (#1673056) + - sorting of folder list with non-. delimiter (#1593229) + - issues with filters plugin (#1634735) + - reduce (largely theoretical) chance of reusing existing attachment + filenames + - unify accepted versions for imap_server_type and set_defaults (#1629722) + - make compose use get_identities() rather than fiddling with identities + by itself, resolving a problem in the listcommands plugin (#1663762) + - if a date-header cannot be parsed, display the unparsed version as a + better-than-nothing alternative + - only display "+" symbol on multipart/mixed messages, e.g. those with + real attachments + - session not correctly handled on webmail.php (#1685031) + - session_id reporting session id when no active session (#1685031) + - sqm_baseuri moved to strings.php (#1685114) + - security: HTML filter to counter further XSS exploits: + * HTML attachments containing 'data:' URLs + * Internet Explorer-specific charset conversion exploits + * request forgery through included images + * CVE-2007-1262 + * added: + - warning about magic_quotes_* in configtest + - sq_change_text_domain() for plugins to use when switching text domains + - new language: Frisian + * dropped: + - obsolete ORDB RBL from filters plugin (#1629398) + - redundant call to session_register, which could trigger a segfault + in PHP 4.4.5 (#1664155) + +------------------------------------------------------------------- Old: ---- squirrelmail-1.4.9a.tar.bz2 squirrelmail-1.4.9a.tar.bz2.md5 New: ---- squirrelmail-1.4.10a.tar.bz2 squirrelmail-1.4.10a.tar.bz2.md5 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ squirrelmail.spec ++++++ --- /var/tmp/diff_new_pack.yw5398/_old 2007-05-10 23:28:52.000000000 +0200 +++ /var/tmp/diff_new_pack.yw5398/_new 2007-05-10 23:28:52.000000000 +0200 @@ -1,5 +1,5 @@ # -# spec file for package squirrelmail (Version 1.4.9a) +# spec file for package squirrelmail (Version 1.4.10a) # # Copyright (c) 2007 SUSE LINUX Products GmbH, Nuernberg, Germany. # This file and all modifications and additions to the pristine @@ -12,8 +12,8 @@ Name: squirrelmail BuildRequires: apache2-devel libapr-util1-devel pcre-devel -Version: 1.4.9a -Release: 13 +Version: 1.4.10a +Release: 1 Requires: mod_php_any Requires: php-gettext Requires: php-iconv @@ -99,6 +99,47 @@ %dir %attr(-, root, www) /var/lib/squirrelmail/attach %changelog +* Thu May 10 2007 - prusnak@suse.cz +- updated to 1.4.10a + * fixed: + - HTML glitches (#1608798, #1628639, #1521389, #1548394, #1704686) + - rare bug in forwarding as attachment from some search results + - wrong $_SERVER['REQUEST_URI'] value causing wrong links in the [more] + and [less] links in read_body.php + - URL to send read receipts from read_body (#1637572) + - high memory usage when forwarding messages with attachments + - filename extraction from attachments + - reply to all duplicating the address from Reply-To + - "Unknown Sender" on message after reading a digest (#1673047) + - Priority and Receipt compose options being reset after return from + HTML addressbook (#1673056) + - sorting of folder list with non-. delimiter (#1593229) + - issues with filters plugin (#1634735) + - reduce (largely theoretical) chance of reusing existing attachment + filenames + - unify accepted versions for imap_server_type and set_defaults (#1629722) + - make compose use get_identities() rather than fiddling with identities + by itself, resolving a problem in the listcommands plugin (#1663762) + - if a date-header cannot be parsed, display the unparsed version as a + better-than-nothing alternative + - only display "+" symbol on multipart/mixed messages, e.g. those with + real attachments + - session not correctly handled on webmail.php (#1685031) + - session_id reporting session id when no active session (#1685031) + - sqm_baseuri moved to strings.php (#1685114) + - security: HTML filter to counter further XSS exploits: + * HTML attachments containing 'data:' URLs + * Internet Explorer-specific charset conversion exploits + * request forgery through included images + * CVE-2007-1262 + * added: + - warning about magic_quotes_* in configtest + - sq_change_text_domain() for plugins to use when switching text domains + - new language: Frisian + * dropped: + - obsolete ORDB RBL from filters plugin (#1629398) + - redundant call to session_register, which could trigger a segfault + in PHP 4.4.5 (#1664155) * Thu Mar 08 2007 - prusnak@suse.cz - changed access config (squirrelmail.conf): * allow /srv/www/htdocs/squirrelmail/themes/css [#252557] ++++++ squirrelmail-1.4.9a.tar.bz2 -> squirrelmail-1.4.10a.tar.bz2 ++++++ ++++ 7477 lines of diff (skipped) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Remember to have fun... --------------------------------------------------------------------- To unsubscribe, e-mail: opensuse-commit+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-commit+help@opensuse.org
participants (1)
-
root@Hilbert.suse.de