0ct0pu5/squirrelmail

Author	SHA1	Message	Date
pdontthink	98b8e57444	Forgot to mention PHP 5.3/6 compatibility update the other day	2009-05-12 07:42:28 +00:00
pdontthink	10804e03a1	Always generate $base_uri for every page request as opposed to doing it only on some pages. Always regenerate session ID at login to prevent session fixation by an attacker who has set a malicious cookie on the client browser. Try to clean up extraneous cookies, such as ones some browsers might actually obey from the src/ directory. Thanks to Tomas Hoger. (CVE-2009-1580)	2009-05-11 22:50:16 +00:00
pdontthink	eda7b9b157	OMG - unsanitized shell command. Thanks to Niels Teusink. (CVE-2009-1579)	2009-05-11 22:17:46 +00:00
pdontthink	da050015d2	Sanitize decrypt_headers.php form input (base64 decoding is not the same as sanitizing), general cleanup and grammatical fixes. Thanks to Niels Teusink. (also CVE-2009-1578)	2009-05-11 22:04:40 +00:00
pdontthink	7e85ed842b	Fixed improper sanitizing of PHP_SELF and the lack of sanitizing of QUERY_STRING server environment variables. Thanks to Niels Teusink and Christian Balzer. (CVE-2009-1578)	2009-05-11 21:49:23 +00:00
pdontthink	d0fd71bf6e	Remove ability for HTML emails to use CSS positioning to overlay SquirrelMail content. Thanks to Luc Beurton. (#2723196/CVE-2009-1581)	2009-05-11 21:19:52 +00:00
pdontthink	3d29cfb9fd	Adding Khmer translation. Thanks to Khoem Sokhem.	2009-05-07 21:55:41 +00:00
Fredrik Jervfors	be847014a1	Fixing spelling error (I hope).	2009-05-01 14:39:28 +00:00
pdontthink	cc2413ae90	Use squirrelmail.org	2009-04-23 02:21:42 +00:00
pdontthink	172e46eb4a	This has all been previously migrated to the documentation repo	2009-04-21 21:07:01 +00:00
pdontthink	4e08ebbbc0	Add display indicator for forwarded messages	2009-04-17 10:49:38 +00:00
pdontthink	fe3be0637d	Massive update. Fixed several reported issues and some I discovered along the way. Also added quite a few new features including hashed directory support and fully dynamic database, table and field names. This closes #1940328 and #2007554 amongst other things (like multiple --user arguments failing).	2009-04-04 02:29:19 +00:00
pdontthink	5649dd2701	Update	2009-04-03 08:32:30 +00:00
pdontthink	266023c1b8	Updates	2009-04-02 00:40:45 +00:00
pdontthink	83854bb3e4	Add RFC 2231 support. Thanks to Piotr Pawlow. (#2501379 )	2009-04-01 08:24:48 +00:00
pdontthink	3571c349cd		2009-03-29 00:12:24 +00:00
pdontthink	7bc0255420	Add PHP index file	2009-03-29 00:11:34 +00:00
pdontthink	b185cebf22	Reorg and add to the version-specific section	2009-03-27 04:28:36 +00:00
pdontthink	c92a637d9f	Minor fix	2009-03-27 04:15:13 +00:00
pdontthink	88b4cf648e	Small change	2009-03-27 04:09:11 +00:00
pdontthink	9a77ae3aac	Upgrade manual was aging and needed to be synchronized to that in the stable tree as well as the administrator manual. Remember to update all three of those documents when touching this in the future.	2009-03-27 03:56:29 +00:00
pdontthink	080c224a0e	Update	2009-03-26 23:41:37 +00:00
pdontthink	66c769fc92	Moved documentation to doc/ directory and added example .htaccess files in all directories that browsers don't need direct access to	2009-03-26 22:35:06 +00:00
pdontthink	29cd4706d5	Call me anal	2009-03-26 22:17:27 +00:00
pdontthink	7ee164d580	Add sample .htaccess file to protect doc/ directory	2009-03-26 22:08:54 +00:00
pdontthink	7d633ade9c	Shuffling release notes	2009-03-26 21:55:20 +00:00
pdontthink	4df4c97a8f	Shuffling release notes	2009-03-26 21:48:03 +00:00
pdontthink	a6976d0b7b	Move docs to doc/ directory	2009-03-26 21:38:33 +00:00
pdontthink	cfc29e1b89	Quick attempt at correcting the English in the plural forms section	2008-07-04 21:29:18 +00:00
pdontthink	e7a16886f5	Fix language	2008-06-18 07:26:00 +00:00
Fredrik Jervfors	5b90a2507a	Removing obsolete link to developer documentation.	2007-03-04 02:42:05 +00:00
Fredrik Jervfors	755e57cbb3	Moving "doc/themes.txt" to the administrator's manual.	2007-03-04 02:26:29 +00:00
Fredrik Jervfors	418bcd0528	Moving "doc/db-backend.txt" to the administrator's manual (again).	2007-03-04 02:05:53 +00:00
Fredrik Jervfors	1d4da1b2ea	Moving "doc/db-backend.txt" to the administrator's manual.	2007-03-04 01:56:54 +00:00
Thijs Kinkhorst	f585138b19	replace CVS with SVN	2007-01-13 19:08:18 +00:00
Fredrik Jervfors	14c04623d1	Moving the development documentation to the documentation module.	2006-08-05 18:44:30 +00:00
tokul	b33c4a098b	moved smtp sitewide configuration to main configuration utility added quote_single subroutine, that is used to sanitize single quoted php strings removed obsolete command18() subroutine	2006-08-05 07:38:01 +00:00
tokul	e27ec8a55d	1.4.7 cleans globals too	2006-07-22 17:56:52 +00:00
Thijs Kinkhorst	a57ab2095d	remove references to submitting themes to us. we've got a LOT of themes already included	2006-07-16 18:10:56 +00:00
Thijs Kinkhorst	0f2c3189d4	db scheme for postgres is different from that for mysql, document that (instead of changing it - that could break stuff for no strong reason)	2006-07-04 08:57:27 +00:00
tokul	589bbbdbfc	information about MailSite	2006-07-03 15:03:42 +00:00
tokul	d52c129e49	Dovecot preset is generic and can be used with Bejy too.	2006-06-11 17:50:01 +00:00
Thijs Kinkhorst	85e849d0d0	include note about password security in security doc	2006-06-08 15:53:54 +00:00
tokul	dbd9f69d03	resubmitting last Monday updates and adding php 5.1.0 timezone support	2006-05-13 19:11:08 +00:00
tokul	8e82a31f63	adding notice about configtest hook	2006-05-01 19:02:30 +00:00
Thijs Kinkhorst	db7e939f19	add hint about SELinux to security.txt	2006-04-14 11:07:55 +00:00
stekkel	27a5085a8a	Update for plugin documentation regarding init.php	2006-04-06 18:14:36 +00:00
Fredrik Jervfors	627f8fad10	Allowing display of unsafe images when viewing HTML attachments and when HTML is in an <iframe>.	2006-03-12 01:50:54 +00:00
Fredrik Jervfors	f600b24e3c	Adding the 1.5.1 ReleaseNotes	2006-02-21 22:36:09 +00:00
Fredrik Jervfors	016ecc15fe	Updating text about gettext files (typo).	2006-02-20 08:52:48 +00:00

1 2 3 4 5 ...

347 commits