0ct0pu5/squirrelmail
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
14888 commits 3 branches 0 tags 27 MiB
Commit graph

93 commits

Author SHA1 Message Date
pdontthink
39cfdaadfd
Happy New Year 2024-01-02 14:58:16 -08:00
pdontthink
39555bed41
Migrate away from using create_function as long as PHP 5.3+ is available 2021-02-08 15:19:14 -08:00
pdontthink
a5f22384a9
Give attribution 2021-01-15 10:02:00 -08:00
pdontthink
e29bca959e
PHP 8 compatibility fix 2021-01-15 10:00:27 -08:00
pdontthink
8dac1209b3
More accurate filesizes 2020-05-23 16:45:19 -07:00
pdontthink
d69d7e728d
Document $php_self_pattern and $php_self_replacement 2020-03-24 18:59:17 -07:00
pdontthink
f0d191be14
Document CVE-2019-12970 fix 2019-07-23 18:34:48 -07:00
pdontthink
2b6232c8f9
Add IMAP ID command (RFC2971), sent after every login - use by setting in config/config_local.php (see notes in config/config_local.example.php for more details) 2019-04-06 19:58:54 -07:00
pdontthink
7d88357c3f
Updated SVG handling, closing several related vulnerabilities reported in #2831 and CVE-2018-14950, CVE-2018-14951, CVE-2018-14952, CVE-2018-14953, CVE-2018-14954, CVE-2018-14955 2019-02-26 22:17:54 -08:00
pdontthink
da08b38ebd
Add favicon and ability for admins to use their own by setting in config_local.php (see documentation in config/config_local.php) 2018-10-13 03:19:24 -07:00
pdontthink
aa3782b131
Change anti-CSRF security token lifetime to be session-based 2018-08-25 18:09:16 -07:00
pdontthink
cc0d4a735d Correct CVE number 2018-04-04 07:49:48 +00:00
pdontthink
c2e0b060df Sanitize user-supplied attachment filename [CVE-2018-8741] 2018-04-04 03:19:39 +00:00
pdontthink
c57f0d8076 Add option to allow returning to the message one had been replying to after sending 2017-11-22 06:15:41 +00:00
pdontthink
5296253ea7 Add ability for saved drafts to indicate if they are a reply or forward and if so, to which message, and mark that message as replied or forwarded when the draft is finally sent 2017-11-18 22:59:59 +00:00
pdontthink
617e6ef45a Add note about squirrelspell plugin change 2017-06-17 20:26:31 +00:00
pdontthink
fa23cd3229 Change credits 2017-04-25 16:58:16 +00:00
pdontthink
d2705b352c Add one more person 2017-04-24 20:22:15 +00:00
pdontthink
ff8f31441c Fix insufficient sendmail command argument escaping (thanks to Mitchel Sahertian, Maor Shwartz and Dawid Golunski for bringing this to our attention). [CVE-2017-7692] 2017-04-24 19:46:13 +00:00
pdontthink
bad1593c9e Update change log 2016-10-29 19:38:35 +00:00
pdontthink
7ce105fc6a Adding "smtp_helo_override" hook 2015-11-30 22:53:13 +00:00
pdontthink
371aaad753 Add new login_before_page_header (boolean) hook; allows plugins to have more explicit control over login page header 2015-08-01 04:32:48 +00:00
pdontthink
aac60fdced Add ability for administrator to control whether or not users can edit their reply-to address 2015-06-20 12:52:36 +00:00
pdontthink
b972f2219e Add MD5 alternative to directory hash calculation 2015-06-17 23:18:37 +00:00
pdontthink
cc7f92b6e3 Prevent session lock-up caused by filters plugin trying to move messages in an account that is over quota 2014-08-01 02:28:12 +00:00
pdontthink
6aa022543c Variable name correction 2014-01-21 22:15:03 +00:00
pdontthink
d7ab89a759 Make configuration tool show the SquirrelMail version 2014-01-21 20:19:48 +00:00
pdontthink
e0ba6b31ed Add ability to show login error from the IMAP server instead of traditional "Unknown user or password incorrect" (thanks to Alain Williams) 2014-01-21 03:20:48 +00:00
pdontthink
831e7920af filename typo 2014-01-21 01:17:36 +00:00
pdontthink
cedca778de Add advanced control over the SSL context used when connecting to the SMTP and IMAP servers over SSL/TLS (Thanks to Emmanuel Dreyfus) 2014-01-21 01:13:49 +00:00
pdontthink
f5e70a9086 Add full date and time as "title" (mouseover) text for dates shown on the message list screen 2013-11-06 16:47:55 +00:00
pdontthink
302724aa45 Add new spacer image and allow its use for unsafe images instead of the sec_remove_* image -- brings HTML emails into the modern age (much more viewable) 2013-10-23 10:09:16 +00:00
pdontthink
5c5e74e227 Add associative edit list option widget with optional folder list selector for values; Minor fixes for non-associative edit list widget 2013-10-22 15:49:26 +00:00
pdontthink
372f716005 Add option that allows users to have replies to their own messages sent to the recipient of the previous message (#3520988) 2012-07-01 20:06:18 +00:00
Thijs Kinkhorst
03a89305e6 ChangeLog 2012-03-24 11:05:26 +00:00
pdontthink
c1319ea61a Better performance by reducing token usage to only one at a time (also added an option to revert to old behavior if desired) 2012-02-07 22:51:58 +00:00
pdontthink
3e5f552776 Unify address book searches. See ChangeLog comments. Also, fixed bug wherein file backend wasn't escaping regular expression correctly. File based backend used to search all fields at once, concatenated by spaces, which 'worked', but is misleading and nothing like the other backends. 2011-12-28 02:59:31 +00:00
pdontthink
ca4a7512dc Verify Reply To still has its uses 2011-11-29 13:13:42 +00:00
pdontthink
c438744674 Ensure that Reply-To isn't missing domain - we already do the same for the From header in functions/identity.php 2011-11-29 12:44:31 +00:00
pdontthink
d7ee5f0bba Fix hook name clash: new smtp_auth hook added recently (a few months ago) has been renamed to smtp_authenticate 2011-09-05 07:00:18 +00:00
Thijs Kinkhorst
268dd25b44 document cve id's for posterity 2011-07-26 20:28:11 +00:00
pdontthink
9b7080ad98 Fix XSS problem with unsanitized style tags in messages [CVE-2011-2023] 2011-07-12 04:59:12 +00:00
pdontthink
e61d33ae49 Fix XSS holes in generic options inputs, XSS hole in the SquirrelSpell plugin, and added anti-CSRF protection to the empty trash feature (thanks to Nicholas Carlini for finding all these issues) [CVE-2010-4555] 2011-07-12 04:45:49 +00:00
pdontthink
361b09f7a2 Add clickjacking protection (thanks to Asbjorn Thorsen and Geir Hansen for bringing this to our attention) [CVE-2010-4554] 2011-07-12 03:44:23 +00:00
pdontthink
76e21b5573 Allow administrators to configure subfolders of user INBOXes to be treated as special folders by adding $subfolders_of_inbox_are_special to config_local.php 2011-05-03 06:05:08 +00:00
pdontthink
eee0c34977 Add smtp_auth hook (thanks to Emmanuel Dreyfus) 2011-04-02 19:19:45 +00:00
pdontthink
c4785809ee Force the addition of a file suffix to attachments that lack a filename (helps forwarded messages avoid spam filters) (Thanks to Petr Kletecka) (#3139004) 2010-12-17 21:41:39 +00:00
pdontthink
d31ba01582 Fix sqauth_read_password() for plugins running on the login_verified hook when the 'key' cookie isn't yet set 2010-09-25 04:08:03 +00:00
pdontthink
35efbd5e30 Now allow multiple plugins to handle (add links for) a single attachment MIME type 2010-09-12 06:02:18 +00:00
pdontthink
1b8c0c2308 Fixed system lock-ups caused by a combination of certain rare, malformed message headers and buggy versions of PHP mbstring (#3053349, 987016) 2010-09-03 03:09:51 +00:00