Cookies op Tweakers

Tweakers maakt gebruik van cookies, onder andere om de website te analyseren, het gebruiksgemak te vergroten en advertenties te tonen. Door gebruik te maken van deze website, of door op 'Ga verder' te klikken, geef je toestemming voor het gebruik van cookies. Wil je meer informatie over cookies en hoe ze worden gebruikt, bekijk dan ons cookiebeleid.

Meer informatie

Door , , 4 reacties
Bron: SquirrelMail, submitter: Arno

SquirrelMail is een PHP e-mail client, welke veel wordt gebruikt om web-based e-mail aan te bieden. Het ontwikkelteam heeft onlangs versie 1.4.3 stable verklaard waarin een aantal beveiligingslekken zijn gedicht en de interface hier en daar is verbeterd. De release notes en het changelog zien er als volgt uit:

We are pleased to announce the release of SquirrelMail 1.4.3. This is a very important release as there was a number of XSS issues uncovered, and resolved. Many thanks to Eyal Udassin, Roman Medina and others for reporting the issues. As the previous release contained issues, it is STRONGLY advised that all users should upgrade to the latest release. This release contains a number of bug fixes (including security based issues), and some minor user interface tweaks.

Version 1.4.3:
  • Fix form functions default parameter.
  • Disabled Korean extra functions, because they don't provide all required options and message composition is broken.
  • Added Basque translation support.
  • Fixed XSS vulnarability in content-type display in the attachment area of read_body.php discovered by Roman Medina.
Version 1.4.3-RC1
  • Added new preference that determines cursor focus when replying.
  • HTML Filter bugfixes and further strengthening in response to some findings reported by stardust.
  • Display total number of new messages in newmail-plugin popup window.
  • Disabled Vietnamese and Ukrainian translations. They are done in different language.
  • Ported charset decoding support functions from SM head. Increases number of readable charsets.
  • Fix SquirrelMail to work with PHP5.
  • Reintroduce alternating row colors in addressbook, which has accidentally disappeared somewhere in the dark past.
  • Disabled Quick-email-reporting feature in spamcop plugin. (#809452). Admin can enable it by setting variable in plugins/spamcop/setup.php
  • Fix again for Internet Explorer's stupidity of decoding characters, then executing it blindly. See http://www.securityfocus.com/archive/1/340118.
  • Replaced obsolete 2mbit.com RBL with ahbl.org RBL (#829887).
  • Fixed sorting of sent_subfolders. Sent_subfolder plugin is hooked to special_mailbox hook. Stable 1.4 tracker #699920.
  • New hook function: boolean_hook_function() Used for true/false hooks.
  • Fixed special_mailbox hook to allow more than one hooked plugin (#870365).
  • Added new reply citation to include date and author.
  • Fix some XSS issues.
  • Norwegian Bokmal translation uses nb_NO.
  • Improve display of some unparsable/absent dates (#891354).
  • Added non-anonymous LDAP bind and bind protocol patches from devel.
  • Add comment (Highest,Normal,Lowest) to X-Priority header.
  • Make writing of preferences, abook, calendars fail better when disk full (#915527).
  • Fix quoteimap() regex escaping problem (#921291).
  • Added international date format support (#927264).
  • Fixed "Resume Draft" to use correct identity (#845290).
  • Fixed RFC2821 incompliancy by adding a fallback mechanism to HELO if EHLO is not supported.
  • Fixed RFC2298 incompliancy by setting envelope sender to null.
  • Allow single quotes to be used in theme name in conf.pl (#805309).
  • Do not present special folders as renameable/deleteable (#816881).
  • Fixed on the fly decoding of base64 encoded attachments.
  • Fixed message rejects by the postfix sendmail wrapper when attachments were involved.
  • Fixed scenario where just created special folders were not displayed on first login.
  • Fixed wrong folding of headerlines in composed messages containing long email addresses.
  • Fixed date display bug for messages of today. Show short format in case of long format. (only occures in the timeframe around 0:00 AM till timezone).
  • Use Special Folder Color config option works again (#931956).
  • In POP3-class, be more liberal regarding RFC-incompliant POP3-servers
[break]De volgende drie downloads staan klaar:
* squirrelmail-1.4.3.tar.gz
* squirrelmail-1.4.3.tar.bz2
* squirrelmail-1.4.3.zip
Moderatie-faq Wijzig weergave

Reacties (4)

Zijn er mensen die andere PHP mailers gebruiken? Welke en waarom? Ik wil ook andere dingen proberen dan SM (lach niet!).
Ilohamail!
Echt een super webmail app. en erg snel
Ik gebruik zelf icm Imap, en dat werkt perfect.

File of DB backend en niet zoveel toeters en bellen.
http://ilohamail.org/
Horde met IMP is een veel gebruikte combinatie. Alleen moet je dan PEAR+Horde+SQL+PHP+IMP draaien. Dat is iets meer werkt dan SqM+PHP.
Kzou deze nog niet installeren..

Als je een reply geeft gaat je webserver braken vanwege een oneindig loopje in compose.php.. tis in de cvs versie al opgelost alleen nog niet in de officiele 1.4.3 versie..

op zich wel slordig maar ook al vrij snel erkent.

Op dit item kan niet meer gereageerd worden.



Apple iOS 10 Google Pixel Apple iPhone 7 Sony PlayStation VR AMD Radeon RX 480 4GB Battlefield 1 Google Android Nougat Watch Dogs 2

© 1998 - 2016 de Persgroep Online Services B.V. Tweakers vormt samen met o.a. Autotrack en Carsom.nl de Persgroep Online Services B.V. Hosting door True