We just released PostfixAdmin 2.3.7.
It is a bugfix release that fixes a SQL injection (only exploitable by admins, with very little damage possible), adds support for the new .ihavethelongesttld ;-) domains and also comes with some bugfixes.
All changes since the 2.3.6 release:
- SECURITY: fix SQL injection in show_gen_status()
- lt.lang, da.lang translation update
- when enabling/disabling a mailbox, also update the corresponding alias
- fix creating superadmin in setup.php with MariaDB (more strict SQL)
- don't trim() mail address to avoid that aliases starting with a space are allowed.
- update regex in check_domain() to support new, longer TLDs like .international
- mark vacation_notification.notified field as latin1 to avoid overlong index
- vacation.pl: encode subject
- vacation.pl: disable use of TLS by default due to a bug in Mail::Sender 0.8.22 (you can re-enable it with $smtp_tls_allowed)
To answer the question probably everybody has:
We will also release 3.0 beta in the next days :-)
Log in to post a comment.