RoundcubeMail

Commit Graph

Author	SHA1	Message	Date
Aleksander Machniak	316a0dd455	Fix regression where HTML messages were displayed unstyled (#9586 )	12 months ago
Aleksander Machniak	44cec17e8f	Fix regression where printing/scaling/rotating image attachments was broken (#9571 )	12 months ago
Aleksander Machniak	ed98839031	Fix so install/update scripts do not require PEAR (#9037 )	2 years ago
Aleksander Machniak	53da61f7fc	Fix information leak (access to remote content) via insufficient CSS filtering [CVE-2024-42010] Credits to Oskar Zeino-Mahmalat (Sonar) https://www.sonarsource.com	12 months ago
Aleksander Machniak	c222ea8b99	- Fix XSS vulnerability in serving of attachments other than HTML or SVG [CVE-2024-42008] Credits to Oskar Zeino-Mahmalat (Sonar) https://www.sonarsource.com	12 months ago
Aleksander Machniak	1b3bb11d4f	Fix XSS vulnerability in post-processing of sanitized HTML content [CVE-2024-42009] Credits to Oskar Zeino-Mahmalat (https://www.sonarsource.com)	12 months ago
Aleksander Machniak	4da20eb1d1	Fix cross-site scripting (XSS) vulnerability in handling SVG animate attributes Reported by Valentin T. and Lutz Wolf of CrowdStrike.	1 year ago
Aleksander Machniak	0d0bc61b13	Fix cross-site scripting (XSS) vulnerability in handling list columns from user preferences Reported by Huy Nguyễn Phạm Nhật.	1 year ago
Aleksander Machniak	61a3c9aa89	Fix command injection via crafted im_convert_path/im_identify_path on Windows Reported by Huy Nguyễn Phạm Nhật.	1 year ago
Aleksander Machniak	8a88c8cc16	Makefile: Use phpDocumentor v3.4 for the Framework docs (#9313 )	2 years ago
Aleksander Machniak	f6bd4d1e11	Fix TinyMCE localization installation (#9266 )	2 years ago
Aleksander Machniak	1bd6a00cac	Enigma: Fix finding of a private key when decrypting a message using GnuPG v2.3	2 years ago
Aleksander Machniak	5ec496885e	Fix cross-site scripting (XSS) vulnerability in setting Content-Type/Content-Disposition for attachment preview/download Thanks to rehme.infosec for reporting the issues.	2 years ago
Aleksander Machniak	8d823e2947	Fix cross-site scripting (XSS) vulnerability in handling of SVG in HTML messages (#9168 )	2 years ago
Aleksander Machniak	fe42e143ca	Fix cross-site scripting (XSS) vulnerability in handling of linkrefs in plain text messages Thanks to Niraj Shivtarkar for the report.	2 years ago
Aleksander Machniak	56a1d651f0	Fix so output of log_date_format with microseconds contains time in server time zone, not UTC	2 years ago
Aleksander Machniak	a30206bf6a	Fix bug where a non-ASCII character in app.js could cause error in javascript engine (#8894 )	3 years ago
Aleksander Machniak	c71697fd21	Update changelog	3 years ago
Aleksander Machniak	6abd913566	Fix so N property always exists in a vCard export (#8771 )	3 years ago
Thomas Bruederli	88c1566126	Prepare release 1.5.3	3 years ago
Aleksander Machniak	9822616191	Fix support for DSN specification without host e.g. pgsql:///dbname (#8558 )	3 years ago
Aleksander Machniak	62d0287e61	Fix bug where title tag content was displayed in the body if it contained HTML tags (#8540 )	3 years ago
Aleksander Machniak	c9617a6b1a	Fix problem with aria-hidden=true on toolbar menus in the Elastic skin (#8517 )	3 years ago
Aleksander Machniak	22066d8ffc	Fix broken encoding of HTML content encapsulated in a RTF attachment (#8444 )	3 years ago
Aleksander Machniak	1b4f364430	Fix bug where DSN flag state wasn't stored with a draft (#8371 )	3 years ago
Aleksander Machniak	c3da7b9f45	Enigma: Fix double quoted-printable encoding of pgp-signed messages with no attachments (#8413 )	3 years ago
Aleksander Machniak	96e9427616	Fix bug where session could time out if DB and PHP timezone were different (#8303 )	3 years ago
Aleksander Machniak	c093f658d3	Update changelog	3 years ago
Aleksander Machniak	d760749ca3	Fix handling of message/rfc822 parts that are small and are multipart structures with a single part (#8458 )	3 years ago
Aleksander Machniak	7270ef6ee5	Fix bug where attachment icons were stuck at the top of the messages list in Safari (#8433 )	4 years ago
Aleksander Machniak	ec613a6060	Update changelog [skip ci]	4 years ago
Aleksander Machniak	5bcb76298e	Fix setting HTML mode on reply/forward of a signed message (#8405 )	4 years ago
Aleksander Machniak	c33541b03a	Fix handling of RFC2231-encoded attachment names inside of a message/rfc822 part (#8418 )	4 years ago
Aleksander Machniak	fbc424546d	Fix bug where small message/rfc822 parts could not be decoded (#8408 )	4 years ago
Aleksander Machniak	6d5c41e242	Fix mail headers injection via the subject field on mail compose (#8404 )	4 years ago
Aleksander Machniak	243312c50f	Fix various PHP8 warnings (#8392 )	4 years ago
Thomas Bruederli	5016788716	Set release 1.5.2 title to changelog	4 years ago
Aleksander Machniak	8894fddd59	Security: Fix cross-site scripting (XSS) via HTML messages with malicious CSS content	4 years ago
Thomas Bruederli	3a7d5fbbfc	Update CHANGELOG	4 years ago
Aleksander Machniak	1fd288099f	Fix scrolling and missing Close button in the Select image dialog in Elastic/mobile (#8367 )	4 years ago
Aleksander Machniak	fad77f1b6c	Fix chpass-wrapper.py helper compatibility with Python 3 (#8324 )	4 years ago
Aleksander Machniak	918730b46f	Fix some PHP8 compatibility issues (#8363 )	4 years ago
Aleksander Machniak	4463865b12	Fix handling of unicode/special characters in custom From input (#8357 )	4 years ago
Aleksander Machniak	72d2e96825	Update changelog [skip ci]	4 years ago
Thomas Bruederli	c8361a9b9c	Update CHANGELOG	4 years ago
Thomas Bruederli	4851ab3dd9	Bump version to 1.5.1	4 years ago
Aleksander Machniak	d87ddd1170	Update changelog [skip ci]	4 years ago
Aleksander Machniak	48afc9a873	Fix an infinite loop when parsing environment variables with float/integer values (#8293 )	4 years ago
Aleksander Machniak	c33fbf0905	Fix bug where attachment download could sometimes fail with a CSRF check error (#8283 )	4 years ago
Aleksander Machniak	f8426f5334	Fix fetching headers of multiple message parts at once in rcube_imap_generic::fetchMIMEHeaders() (#8282 )	4 years ago

1 2 3

107 Commits (1.5.9)