------
v3.1.4
------
[jan] SECURITY: Correctly quote file names in cleanup script for temporary
files.
[jan] Fix RPC authentication on CGI SAPIs.
[jan] Detect unencrypted PGP messages.
----------
v3.1.4-RC1
----------
[jan] SECURITY: Fix an XSS vulnerability in the language selection.
[jan] Complete Cyrus virtual domain support in cyrsql driver (Vilius Sumskas
<vilius@lnk.lt>, Request #4967).
[jan] Add option whether to strip domains from usernames in the account block
(Request #4955).
[jan] Fix email lists not being validated under certain conditions (Bug #4834).
[cjh] Add a REST-ful preferences interface.
[cjh] Faster DataTree-to-SQL History migration script
(josh@endries.org, Request #4732).
[cjh] Improved automatic webroot detection (Ben Klang, Request #4126).
[cjh] Rewrite and fix the OCI8 SessionHandler (Bug #3452).
[cjh] Allow signup hooks to override the user_name and password fields
(thomas@gelf.net, Request #2904).
[cjh] Fix creation of mailbox quotas by the Auth_cyrus driver
(pascal@vmfacility.fr, Bug #4678).
[cjh] Add "Save and Finish" to the share edit window (webmgr@muskingum.edu,
Request #4307).
[cjh] Let mailto: and anchor (#) links through Horde::externalUrl (Bug #3079).
[cjh] Add smbclient version of the SMB Auth class (larry@wimble.biz,
Request #4338).
[cjh] Remove problematic "data descriptor" segment from generated ZIP files
(reitsma@denison.edu, Bug #4670).
[cjh] Strip accesskeys from menu tooltips when only showing icons (Bug #4667).
[jan] Fix saving files in the root directory of an SQL VFS backend (Bug #4652,
Ben Klang <ben@alkaloid.net>).
[jan] Fix displaying all maintenance tasks to be confirmed at once (Bug #4377).
[cjh] Fix return format of DataTree_null::getByAttributes()
(thomas.jarosch@intra2net.com, Bug #4651).
[jan] Support departments in vCard's ORG properties (martin@matuska.org,
Request #4285).
[cjh] Rename Auth_sasl backend to Auth_peclsasl to avoid conflicts with PEAR's
Auth_SASL (Bug #4547).
[cjh] Implement handling of vTimezones in iCalendar data
(Carl Thompson <lists-horde@carlthompson.net>, Bug #4399).
[cjh] keybindings.js now works with Safari/KHTML.
[jan] Avoid recursive folder creation when sharing Kolab folders
(michael.sheldon@credativ.de, Bug #4325).
[jan] Add Kolab specific account block driver to support special Kolab users
(mzizka@hotmail.com, Request: #4119).
[mms] Only dim below the last signature line of input text in the dimsignature
Text_Filter driver.
Major changes compared to Horde 3.1.2 are:
* Security Fixes
- Closed an XSS problem in index.php and improved protection against
phishing attempts.
* Bugfixes and improvements
- Added Kolab group ACL support.
- Improved import of date and time fields.
- Fixed synchronization support.
- Updated Catalan, German and Slovenian translations.
The full list of changes (from version 3.1.2) can be viewed here:
http://cvs.horde.org/diff.php/horde/docs/CHANGES?r1=1.515.2.252&r2=1.515.2.261&ty=h
Major changes compared to Horde 3.1.1 are:
* Security Fixes
- Closed XSS problems in dereferrer (IE only), help viewer and problem
reporting screen.
- Removed unused image proxy code from dereferrer.
* Bugfixes and improvements
- Added configuration option to disable GET-based sessions.
- Added Oracle and generic SQL upgrade scripts.
- Improved default charset support.
- Improved API and RPC interface.
- Fixed the preference cache.
The full list of changes (from version 3.1.1) can be viewed here:
http://cvs.horde.org/diff.php/horde/docs/CHANGES?r1=1.515.2.231&r2=1.515.2.252&ty=h
all PEAR packages to php?-pear-* and all Apache packages to ap13-* or
ap2-* respectively. Add new variables to simplify the Makefile
handling. Add CONFLICTS on the old names. Reset revisions of bumped
packages. ap-php will now depend on the default Apache and PHP version.
All programs using it have an implicit option of the Apache version
as well.
OK from jlam@ and adrianp@.
as the INSTALL and DEINSTALL scripts no longer distinguish between
the two types of files. Drop SUPPORT_FILES{,_PERMS} and modify the
packages in pkgsrc accordingly.
Changes since 2.2.4rc1:
[mdj] SECURITY: Add dereferer to strip off session information from links to
the outside of the Horde system to protect against session hijacking.
[jan] Fix a bug with importing vCard 2.1 data.
[jan] Add Arabic (Syria) translation (Platinum Development Team
<devteam@platinum-sy.net>).
Changes since 2.2.1:
[mms] SECURITY: Add code to protect against session fixation issues.
[jan] Add Macedonian translation (Stojan Pesov <ssp@eureka.com.mk>).
[mir] Fix a bug that incorrectly quotes pref values (Bug #1224)
[cjh] Fix a bug that prevented logging.
[mms] DB session handlers do not use persistent connections by default.
[mms] Fix parse error in Horde_Cipher_BlockMode_ofb64::.
[mms] Optimization of Secret:: and Horde_Cipher:: drivers.
[jan] Add Catalan translation (Angels Guimerà <angels.Guimera@uab.es>).
[mms] Added a RADIUS Auth:: driver.
[mir] Added a Samba Auth:: driver.
[cjh] Added the Horde_Image:: class.
Main changes since 2.0:
Add various translations
Add a preference to allow maintenance ops with no confirmation screen
Allow setting the number of columns in the summary screen as a user
preference (Brian Keifer <brian@valinor.net>).
Make text, icon, or both menus a user preference
Add a Horde preferences screen, and a preference to refresh the summary
screen.
Add text/enriched MIME_Viewer
See share/doc/horde/CHANGES for details.
have it be automatically included by bsd.pkg.mk if USE_PKGINSTALL is set
to "YES". This enforces the requirement that bsd.pkg.install.mk be
included at the end of a package Makefile. Idea suggested by Julio M.
Merino Vidal <jmmv at menta.net>.
"has been released. The 2.0 release is a massive upgrade of the Horde Application Framework. Many components have been added or streamlined. Inter-application support is much more robust, a generic MIME_Viewer framework is included, a new preferences system supports global or application scope for preferences, and more!"
This value may be customized in various ways:
PKG_SYSCONFBASE is the main config directory under which all package
configuration files are to be found.
PKG_SYSCONFSUBDIR is the subdirectory of PKG_SYSCONFBASE under which the
configuration files for a particular package may be found.
PKG_SYSCONFDIR.${PKGBASE} overrides the value of ${PKG_SYSCONFDIR} for a
particular package.
Users will typically want to set PKG_SYSCONFBASE to /etc, or accept the
default location of ${PREFIX}/etc.
This obsoletes the use of CONFDIR, which was active for only 6 days, so no
need to have a workaround to still accept old CONFDIR settings.
bsd.pkg.install.mk:
* Remove old DEINSTALL/INSTALL scripts.
* Move some text printed at POST-INSTALL time into the MESSAGE file.
* Adjust rc.d scripts to respect rc.conf settings, so that the
script may be directly copied into /etc/rc.d.
