[SM-CVS] SF.net SVN: squirrelmail:[13458] branches/SM-1_4-STABLE/squirrelmail/doc

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 454-5900

Revision: 13458
          http://squirrelmail.svn.sourceforge.net/squirrelmail/?rev=13458&view=rev
Author:   pdontthink
Date:     2009-03-26 21:49:31 +0000 (Thu, 26 Mar 2009)

Log Message:
-----------
Shuffling release notes

Added Paths:
-----------
    branches/SM-1_4-STABLE/squirrelmail/doc/release_notes_archive/
    branches/SM-1_4-STABLE/squirrelmail/doc/release_notes_archive/ReleaseNotes

Removed Paths:
-------------
    branches/SM-1_4-STABLE/squirrelmail/doc/ReleaseNotes/

Copied: branches/SM-1_4-STABLE/squirrelmail/doc/release_notes_archive/ReleaseNotes (from rev 13456, branches/SM-1_4-STABLE/squirrelmail/doc/ReleaseNotes/ReleaseNotes)
===================================================================

--- branches/SM-1_4-STABLE/squirrelmail/doc/release_notes_archive/ReleaseNotes	                        (rev 0)
+++ branches/SM-1_4-STABLE/squirrelmail/doc/release_notes_archive/ReleaseNotes	2009-03-26 21:49:31 UTC (rev 13458)
@@ -0,0 +1,115 @@
+/*****************************************************************
+ * Release Notes: SquirrelMail 1.4.17                            *
+ * The "Backbone" Release                                        *
+ * 03 December 2008                                              *
+ *****************************************************************/
+
+In this edition of SquirrelMail Release Notes:
+   * All about this Release!
+   * Locales / Translations / Charsets
+   * Security issues
+   * Major updates
+   * Reporting my favorite SquirrelMail 1.4 bug
+
+
+All about this release
+======================
+
+This release addresses a security problem in SquirrelMail, as well
+as a couple small bug fixes/improvements.
+
+Notable changes:
+ * Security fix, see below.
+ * Cookies no longer sent as HTTPS-only under IIS unless the
+   connection really is secure.
+ * Alternate identities are correctly matched when replying
+   to mesages.
+
+Security issue
+==============
+
+An issue was fixed that allowed an attacker to send specially-
+crafted hyperlinks in a message that could execute cross-site
+scripting (XSS) when the user viewed the message in SquirrelMail.
+
+We would like to thank Secunia Research for reporting this issue
+to us. It is tracked as CVE-2008-2379.
+
+
+Locales / Translations / Charsets
+=================================
+
+Since the release of 1.4.4, the the translations for SquirrelMail are
+no longer part of the main package but have to be downloaded separately;
+either in one large file or an individual language. You can find these
+packages through our web site. They also contain instructions on how
+to install.
+
+That release also introduced a backport of the new Character set
+decoding functions from the development branch, vastly increasing the
+number of supported character sets and decoding performance.
+
+
+Major updates in 1.4
+====================
+
+The 1.4.x series (as a result of 1.3 developent series) brings:
+
+* A complete rewrite of the way we send mail (Deliver-class),
+  and of the way we parse mail (MIME-bodystructure parsing).
+  This makes SquirrelMail more reliable and more efficient
+  at the same time!
+* Support for IMAP UID which makes SquirrelMail more reliable.
+* Optimizations to code and the number of IMAP calls; SquirrelMail
+  is now a very scalable webmail solution.
+* Support for a wider range of authentication mechanisms.
+* Lots of bugfixes, some new features and a couple of UI-tweaks.
+
+
+Reporting my favorite SquirrelMail 1.4 bug
+==========================================
+
+We constantly aim to make SquirrelMail even better. So we need you to
+submit any bug you come across! However, before you do so, please have
+a look at our various support resources to make sure the issue isn't
+already known or solved:
+
+   http://squirrelmail.org/docs/admin/admin-10.html
+   http://squirrelmail.org/docs/admin/admin-12.html
+   http://squirrelmail.org/wiki/KnownBugs
+   http://squirrelmail.org/wiki/SolvingProblems
+
+You should also search existing tracker items for your issue (remember
+to check for CLOSED and PENDING items as well as OPEN ones) - if you
+find such an (open) item, please do add any more details you have to
+it to help us fix and close the bug report.
+
+When reporting a new bug, please mention what SquirrelMail release(s)
+it pertains to, and list as many details about your system as possible,
+including your IMAP server and web server details.
+
+   http://www.squirrelmail.org/bugs
+
+Thanks for your cooperation! This helps us to make sure nothing slips
+through the cracks. 
+
+Any questions about installing or using SquirrelMail can be directed
+to our user support list:
+
+   squ...@li...
+
+When posting support requests there, please carefully follow our posting
+guidelines:
+
+   http://squirrelmail.org/postingguidelines
+
+If you want to join us in coding SquirrelMail, or have other things to
+share with the developers, join the development mailinglist:
+
+   squ...@li...
+
+
+                  Happy SquirrelMailing!
+
+                    - The SquirrelMail Project Team
+


This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.


