1836 Commits

Author	SHA1	Message	Date
Aleksander Machniak	8d823e2947	Fix cross-site scripting (XSS) vulnerability in handling of SVG in HTML messages (#9168)	2023-10-14 18:19:00 +02:00
Aleksander Machniak	ef7c00ac2d	Makefile: Backports and fix version number	2023-09-18 10:26:49 +02:00
Aleksander Machniak	fe42e143ca	Fix cross-site scripting (XSS) vulnerability in handling of linkrefs in plain text messages ... Thanks to Niraj Shivtarkar for the report.	2023-09-14 10:11:34 +02:00
Aleksander Machniak	401eae025d	Fix PHP8 warning	2023-07-28 14:03:42 +02:00
Aleksander Machniak	5d5da0364d	Fix PHP8 warning	2023-07-28 12:51:08 +02:00
Aleksander Machniak	0e4caf123a	Fix PHP 8.2 fatal error when imap_conn_options.proxy_protocol is not an array	2023-07-20 13:18:03 +02:00
Aleksander Machniak	fd42f1c214	Add rcube_db::error_info()	2023-07-20 10:30:07 +02:00
Aleksander Machniak	5a44e539fd	Fix PHP7 compat. break in last commit	2023-06-14 13:05:08 +02:00
Aleksander Machniak	56a1d651f0	Fix so output of log_date_format with microseconds contains time in server time zone, not UTC	2023-06-14 13:04:55 +02:00
Aleksander Machniak	feb75c042b	Fix PHP8 warnings	2023-06-12 12:13:25 +02:00
Aleksander Machniak	494045c8d4	Fix compat. with PHP5	2023-06-06 14:59:04 +02:00
Aleksander Machniak	5e2c85c9a1	Fix PHP8 warnings	2023-06-06 14:52:28 +02:00
Michael Steininger	278633b150	Fix php 8.0 warning if db_dsnr is used (#8779)	2022-11-11 11:39:09 +01:00
Aleksander Machniak	6abd913566	Fix so N property always exists in a vCard export (#8771)	2022-11-02 11:55:17 +01:00
Thomas Bruederli	88c1566126	Prepare release 1.5.3	2022-06-22 10:28:04 +02:00
Aleksander Machniak	9822616191	Fix support for DSN specification without host e.g. pgsql:///dbname (#8558)	2022-06-18 14:13:16 +02:00
Aleksander Machniak	62d0287e61	Fix bug where title tag content was displayed in the body if it contained HTML tags (#8540)	2022-05-28 09:13:47 +02:00
Aleksander Machniak	22066d8ffc	Fix broken encoding of HTML content encapsulated in a RTF attachment (#8444)	2022-04-17 09:22:55 +02:00
Aleksander Machniak	96e9427616	Fix bug where session could time out if DB and PHP timezone were different (#8303)	2022-03-13 11:42:04 +01:00
Aleksander Machniak	35160841ba	Fix PHP8 warning (#8466)	2022-03-12 09:39:45 +01:00
Aleksander Machniak	d760749ca3	Fix handling of message/rfc822 parts that are small and are multipart structures with a single part (#8458)	2022-03-08 19:55:54 +01:00
Arkadiusz Miśkiewicz	617f329304	Fix regression in showing attachments (#8425). (#8430) ... a5c2b4360c started initializing $this->got_html_part always but this check wasn't updated.	2022-01-31 18:13:25 +01:00
Aleksander Machniak	b66bbf2902	Fix setting HTML mode on reply/forward of a signed message (#8405) ... Simplify and unify has_html_part() and has_text_part() methods.	2022-01-30 09:21:28 +01:00
Aleksander Machniak	5bcb76298e	Fix setting HTML mode on reply/forward of a signed message (#8405)	2022-01-30 09:21:13 +01:00
Aleksander Machniak	c33541b03a	Fix handling of RFC2231-encoded attachment names inside of a message/rfc822 part (#8418)	2022-01-29 10:18:02 +01:00
Aleksander Machniak	4ea9b1b58f	Fix a couple of PHP8 warnings (#8420)	2022-01-29 08:37:35 +01:00
Aleksander Machniak	fbc424546d	Fix bug where small message/rfc822 parts could not be decoded (#8408)	2022-01-22 09:44:42 +01:00
Aleksander Machniak	243312c50f	Fix various PHP8 warnings (#8392)	2022-01-11 19:06:24 +01:00
Aleksander Machniak	ee88d02cc1	Fix PHP Warning: Undefined array key "value" on PHP8 (#8382)	2022-01-08 08:33:23 +01:00
Aleksander Machniak	8894fddd59	Security: Fix cross-site scripting (XSS) via HTML messages with malicious CSS content	2021-12-29 19:03:16 +01:00
Thomas Bruederli	ddd67891e4	Bump version to 1.5.2	2021-12-28 17:31:00 +01:00
Aleksander Machniak	40d9228b9d	Fix in_array_nocase() regression	2021-12-17 18:58:46 +01:00
Aleksander Machniak	918730b46f	Fix some PHP8 compatibility issues (#8363)	2021-12-17 18:53:48 +01:00
Thomas Bruederli	4851ab3dd9	Bump version to 1.5.1	2021-11-12 22:21:09 +01:00
Aleksander Machniak	48afc9a873	Fix an infinite loop when parsing environment variables with float/integer values (#8293)	2021-11-06 15:09:20 +01:00
Aleksander Machniak	f8426f5334	Fix fetching headers of multiple message parts at once in rcube_imap_generic::fetchMIMEHeaders() (#8282)	2021-11-03 08:17:27 +01:00
Aleksander Machniak	2852ffaeeb	PHP5 support for the fix to bug #8252	2021-10-28 14:12:14 +02:00
Aleksander Machniak	ca0cce0e11	Fix charset conversion errors on PHP < 8 for charsets not supported by mbstring (#8252)	2021-10-28 14:10:33 +02:00
Aleksander Machniak	3158f11b2a	Fix database initialization if db_prefix is a schema prefix (#8221)	2021-10-24 12:12:52 +02:00
Aleksander Machniak	f3dbc94a42	Fix PHP8 warning	2021-10-23 09:29:55 +02:00
Aleksander Machniak	ce3afe1638	Fix bug where new messages were not added to the list on refresh if skip_deleted=true (#8234)	2021-10-23 09:25:56 +02:00
Aleksander Machniak	d73d81032f	Fix some PHP8 warnings (#8239)	2021-10-21 19:58:47 +02:00
Aleksander Machniak	39b432ba0a	Fix importing contacts with no email address (#8227)	2021-10-19 15:28:40 +02:00
Thomas Bruederli	f1d376ba27	Set version to 1.5.0 + remove unstable note	2021-10-17 22:36:20 +02:00
Aleksander Machniak	ec5eb742b2	Fix security issues regarding server name and trusted_host_patterns setting	2021-10-17 11:10:35 +02:00
Thomas Bruederli	992bfd40c7	Bring back spell.roundcube.net as integrated spelling service but disable by default (#8182) ... This partially reverts commit b23c7f36cc8b95d7e43e38e6afdf2ea7b41a3517.4263e47d6a30596	2021-10-04 22:10:32 +02:00
Aleksander Machniak	316a997187	Fix PHP8 warnings (#8175)	2021-09-11 09:13:32 +02:00
Aleksander Machniak	ae2251f490	Fix strpos(): empty needle warning (#8184)	2021-08-29 18:46:20 +02:00
Thomas Bruederli	b23c7f36cc	Disable the default spellchecker option using spell.roundcube.net (#8182) ... ... since this service is no longer available.	2021-08-29 17:00:08 +02:00
Aleksander Machniak	4714f3192a	Fix a couple of PHP8 warnings (#8175)	2021-08-25 18:58:44 +02:00