Aleksander Machniak
|
36e747bd47
|
CI: Logs
|
12 months ago |
|
Aleksander Machniak
|
1e503c7685
|
CI: Upload errors.log artifact
|
12 months ago |
|
Aleksander Machniak
|
d1494f9f42
|
Fix phpunit compat.
|
12 months ago |
|
Aleksander Machniak
|
53da61f7fc
|
Fix information leak (access to remote content) via insufficient CSS filtering [CVE-2024-42010]
Credits to Oskar Zeino-Mahmalat (Sonar) https://www.sonarsource.com
|
12 months ago |
|
Aleksander Machniak
|
c222ea8b99
|
- Fix XSS vulnerability in serving of attachments other than HTML or SVG [CVE-2024-42008]
Credits to Oskar Zeino-Mahmalat (Sonar) https://www.sonarsource.com
|
12 months ago |
|
Aleksander Machniak
|
1b3bb11d4f
|
Fix XSS vulnerability in post-processing of sanitized HTML content [CVE-2024-42009]
Credits to Oskar Zeino-Mahmalat (https://www.sonarsource.com)
|
12 months ago |
|
Aleksander Machniak
|
545365ccf7
|
Makefile: Fix PHP 5.5 support
|
1 year ago |
|
Aleksander Machniak
|
9d93e7d222
|
CI: config-test.inc.php is the correct name
|
1 year ago |
|
Aleksander Machniak
|
4be9dbf079
|
CI: Bring back config-test.inc.php
|
1 year ago |
|
Aleksander Machniak
|
5c0fbde168
|
Fix PHP8 warnings
|
1 year ago |
|
Aleksander Machniak
|
a8e2477dbe
|
CI: Remove unreliable browser tests
Only in this branch
|
1 year ago |
|
Aleksander Machniak
|
b3c51ee09d
|
Fix test regression
|
1 year ago |
|
Aleksander Machniak
|
52a8da481a
|
CI: Temp. fix for https://github.com/roundcube/plugin-installer/issues/56
|
1 year ago |
|
Aleksander Machniak
|
4da20eb1d1
|
Fix cross-site scripting (XSS) vulnerability in handling SVG animate attributes
Reported by Valentin T. and Lutz Wolf of CrowdStrike.
|
1 year ago |
|
Aleksander Machniak
|
0d0bc61b13
|
Fix cross-site scripting (XSS) vulnerability in handling list columns from user preferences
Reported by Huy Nguyễn Phạm Nhật.
|
1 year ago |
|
Aleksander Machniak
|
61a3c9aa89
|
Fix command injection via crafted im_convert_path/im_identify_path on Windows
Reported by Huy Nguyễn Phạm Nhật.
|
1 year ago |
|
Aleksander Machniak
|
8a88c8cc16
|
Makefile: Use phpDocumentor v3.4 for the Framework docs (#9313)
|
2 years ago |
|
Aleksander Machniak
|
f6bd4d1e11
|
Fix TinyMCE localization installation (#9266)
|
2 years ago |
|
Aleksander Machniak
|
f6543597a4
|
Enigma: Fix finding of a private key when decrypting a message using GnuPG v2.3
Additional fix for a case when sender's public key is in the keyring
|
2 years ago |
|
Aleksander Machniak
|
1bd6a00cac
|
Enigma: Fix finding of a private key when decrypting a message using GnuPG v2.3
|
2 years ago |
|
Aleksander Machniak
|
5ec496885e
|
Fix cross-site scripting (XSS) vulnerability in setting Content-Type/Content-Disposition for attachment preview/download
Thanks to rehme.infosec for reporting the issues.
|
2 years ago |
|
Aleksander Machniak
|
7ad7680174
|
Fix tests
|
2 years ago |
|
Aleksander Machniak
|
b78637c762
|
Fix merge conflict
|
2 years ago |
|
Aleksander Machniak
|
8d823e2947
|
Fix cross-site scripting (XSS) vulnerability in handling of SVG in HTML messages (#9168)
|
2 years ago |
|
Aleksander Machniak
|
ef7c00ac2d
|
Makefile: Backports and fix version number
|
2 years ago |
|
Aleksander Machniak
|
fe42e143ca
|
Fix cross-site scripting (XSS) vulnerability in handling of linkrefs in plain text messages
Thanks to Niraj Shivtarkar for the report.
|
2 years ago |
|
Aleksander Machniak
|
401eae025d
|
Fix PHP8 warning
|
2 years ago |
|
Aleksander Machniak
|
5d5da0364d
|
Fix PHP8 warning
|
2 years ago |
|
Aleksander Machniak
|
e14755646d
|
Fix PHP8 warning (#9071)
|
2 years ago |
|
Aleksander Machniak
|
0e4caf123a
|
Fix PHP 8.2 fatal error when imap_conn_options.proxy_protocol is not an array
|
2 years ago |
|
Aleksander Machniak
|
fd42f1c214
|
Add rcube_db::error_info()
|
2 years ago |
|
Aleksander Machniak
|
614b1b4d40
|
Fix test
|
2 years ago |
|
Aleksander Machniak
|
5a44e539fd
|
Fix PHP7 compat. break in last commit
|
2 years ago |
|
Aleksander Machniak
|
56a1d651f0
|
Fix so output of log_date_format with microseconds contains time in server time zone, not UTC
|
2 years ago |
|
Aleksander Machniak
|
feb75c042b
|
Fix PHP8 warnings
|
2 years ago |
|
Aleksander Machniak
|
494045c8d4
|
Fix compat. with PHP5
|
2 years ago |
|
Aleksander Machniak
|
5e2c85c9a1
|
Fix PHP8 warnings
|
2 years ago |
|
Aleksander Machniak
|
e3637ea26c
|
Fix PHP8 warnings
|
2 years ago |
|
Aleksander Machniak
|
544ed57d2c
|
CI: Use ubuntu-20.04
|
2 years ago |
|
Aleksander Machniak
|
a463a722d4
|
CI: actions/checkout@v3
|
2 years ago |
|
Aleksander Machniak
|
52c8b1c50f
|
CI: Use ubuntu-latest
|
2 years ago |
|
Aleksander Machniak
|
507a902f50
|
Fix PHP8 warnings
|
2 years ago |
|
Aleksander Machniak
|
7bcd982d98
|
Fix PHP warning
|
2 years ago |
|
Aleksander Machniak
|
a30206bf6a
|
Fix bug where a non-ASCII character in app.js could cause error in javascript engine (#8894)
|
3 years ago |
|
Aleksander Machniak
|
c71697fd21
|
Update changelog
|
3 years ago |
|
Aleksander Machniak
|
6dc41a2c96
|
Make rcmail::format_date() to work with DateTimeImmutable
|
3 years ago |
|
Aleksander Machniak
|
c0f183059c
|
Fix get_address_book() issue for addressbooks that have a string identifier starting with a digit
|
3 years ago |
|
Michael Steininger
|
278633b150
|
Fix php 8.0 warning if db_dsnr is used (#8779)
|
3 years ago |
|
Aleksander Machniak
|
6e4d328841
|
Fix return to previous contact source/group after search reset
|
3 years ago |
|
Aleksander Machniak
|
6abd913566
|
Fix so N property always exists in a vCard export (#8771)
|
3 years ago |
