0376f69e95
Validate URL parameter in upload code ( #9866 )
2 months ago
ff8c9ef59c
Fix bug where attachments with content type of `application/vnd.ms-tnef` were not parsed ( #7119 )
2 months ago
2ad3ba61b2
Fix cursor position on "below the quote" reply in HTML mode ( #8700 )
2 months ago
c174c4150a
- Fix connecting to LDAP using ldapi:// URI ( #8990 )
2 months ago
80df7021ff
Fix Delete and Empty buttons state while creating a folder ( #9047 )
3 months ago
c32a86cda2
Fix bug where a wrong SPECIAL-USE folder could have been detected, if there were more than one per-type ( #9781 )
3 months ago
67d5dfc950
Fix removing/expiring redis/memcache records when using a key prefix
3 months ago
b86fd45abb
OAuth: Fix/improve token refresh
4 months ago
8ec39907b5
Add rcmail_oauth::is_token_valid() method
5 months ago
0fd28406f7
Fix PHP warning ( #9775 )
5 months ago
96903289b7
Fix phpdoc issue
6 months ago
4a9516b2c9
Fix decoding of attachment names encoded using both RFC2231 and RFC2047 standards ( #9725 )
6 months ago
cd42de335a
Update links in comments and config to https where available ( #9759 )
6 months ago
8f34bf9e64
Fix decodeContent() call with the by-reference argument
7 months ago
3e57959976
Fix handling of binary mail parts (e.g. PDF) encoded with quoted-printable ( #9728 )
7 months ago
a34f716051
Reset internal cache in appropriate places to be on a safe side
8 months ago
b206cbc87a
IMAP: Partial support for ANNOTATE-EXPERIMENT-1 extension (RFC 5257)
8 months ago
df02322d6a
Fix Oauth issues with use_secure_urls=true ( #9722 )
8 months ago
2f4748bb9d
BUG: get_variable for postgres never returns a value ( #9710 )
Because of this, the insert_or_update() method never uses the "INSERT INTO ... ON CONFLICT DO UPDATE SET ..." command, and the logs constantly show errors adding records to the message cache due to "duplicate key".
8 months ago
3b1258b785
Fix preg_match()'s $flags type ( #9686 )
PHP: Deprecated: preg_match(): Passing null to parameter #4 ($flags) of type int is deprecated in program/lib/Roundcube/rcube_result_thread.php
8 months ago
6baf9aeff0
Added German translation for "Keep Formatting" ( #9701 )
8 months ago
5c38c67287
Fix PHP fatal error when parsing some malformed BODYSTRUCTURE responses ( #9689 )
8 months ago
dc9ace7526
Fix regression causing inline SVG images to be missing in mail preview ( #9644 )
10 months ago
8cc559a6f0
Fix getting IMAP vendor name ( #9654 )
In some cases, the array's keys where upper case, and the previous code
produced a warning and resulted in an empty string, even though the
name was present.
10 months ago
ffb2cf7929
vcard: Fix whitespace handling in line cont's ( #9637 )
* vcard: Fix whitespace handling in line cont's
Previously, multiple whitespace characters at the start of a
continuation line would all be dropped, instead of only the first one.
Also,
- restrict line continuation characters to SPACE and TAB.
Note that, like before, this identifies the CR (`\r`) character with the
empty string, and thereby notably does not require a CRLF (`\r\n`)
sequence (which is mandated by RFCs 2426, 2425) for line termination
(i.e., `\n` suffices).
Fixes: Bug 1 of issue #9593 .
* vcard: Add test for #9593/1
* Fix coding style
10 months ago
602a989697
Fix PHP warning ( #9611 )
11 months ago
f3c526e6d1
Fix PHP deprecation warnings ( #9616 )
11 months ago
83f56f1758
OAuth: Support standard authentication with short-living password received with OIDC token ( #9530 )
11 months ago
f343ecea09
Fix regression where HTML messages were displayed unstyled ( #9586 )
12 months ago
32fed15346
Fix regression where printing/scaling/rotating image attachments was broken ( #9571 )
12 months ago
602d0f566e
Fix information leak (access to remote content) via insufficient CSS filtering [CVE-2024-42010]
Credits to Oskar Zeino-Mahmalat (Sonar) https://www.sonarsource.com
12 months ago
89c8fe9ae9
- Fix XSS vulnerability in serving of attachments other than HTML or SVG [CVE-2024-42008]
Credits to Oskar Zeino-Mahmalat (Sonar) https://www.sonarsource.com
12 months ago
68af7c864a
Fix XSS vulnerability in post-processing of sanitized HTML content [CVE-2024-42009]
Credits to Oskar Zeino-Mahmalat (https://www.sonarsource.com )
12 months ago
b5ed0e4946
Fix bug where imap_conn_option's 'socket' was ignored ( #9566 )
1 year ago
c9702be84c
Fix merge conflict
1 year ago
f6c92ebafe
Fix bug where a long subject title could not be displayed in some cases ( #9416 )
1 year ago
9d9f4d6926
Fix bug where an unhandled exception was caused by an invalid image attachment ( #9475 )
GD functions may throw ValueError in some cases since PHP 8.0.
We wrap them in try/catch blocks.
1 year ago
8eb583b499
Fix bug where "with attachment" filter could fail on some fts engines ( #9514 )
1 year ago
71804a8c53
Fix bug where some messages could get malformed in an import from a MBOX file ( #9510 )
1 year ago
e8e0c68369
Fix decoding mail parts with multiple base64-encoded text blocks ( #9290 )
1 year ago
6139544f1b
Missing polish translation for "keep formatting" ( #9493 )
---------
Co-authored-by: Krzysztof Wiśniewski <krzysztof.wisniewski@solveit.pl>
1 year ago
22d403d5fd
Fix fatal error when parsing some TNEF attachments ( #9462 )
1 year ago
43aaaa5286
Fix cross-site scripting (XSS) vulnerability in handling SVG animate attributes
Reported by Valentin T. and Lutz Wolf of CrowdStrike.
1 year ago
cde4522c5c
Fix cross-site scripting (XSS) vulnerability in handling list columns from user preferences
Reported by Huy Nguyễn Phạm Nhật.
1 year ago
5ea9f37ce3
Fix command injection via crafted im_convert_path/im_identify_path on Windows
Reported by Huy Nguyễn Phạm Nhật.
1 year ago
b9493988d8
Fix PHP8 warning ( #9429 )
1 year ago
16fe3ba8c5
Fix PHP8 warnings ( #9388 )
1 year ago
8cd27b456d
Minor correction to Serbian translation. ( #9389 )
1 year ago
0d7f2f51f1
csv2vard: store labels by key not value ( #9394 )
1 year ago
3d04da2aab
Fix PHP8 warnings ( #9365 )
1 year ago
Pablo Zmdl