Update of /cvsroot/mhonarc/mhonarc/MHonArc
In directory subversions:/tmp/cvs-serv23355
Modified Files:
CHANGES
Log Message:
* Added FIELDSTORE resource.
Index: CHANGES
===================================================================
RCS file: /cvsroot/mhonarc/mhonarc/MHonArc/CHANGES,v
retrieving revision 1.95
retrieving revision 1.96
diff -C2 -r1.95 -r1.96
*** CHANGES 21 Dec 2002 07:26:33 -0000 1.95
--- CHANGES 31 Dec 2002 05:03:29 -0000 1.96
***************
*** 22,31 ****
* New resources:
! DEFCHARSET Default character set to use when none is specified.
CHARSETALIASES Define aliases for official charset names.
DBFILEPERMS File permissions for DBFILE.
FILEPERMS File permissions for archive files.
TEXTENCODE Encode message text to given character encoding.
* MHonArc::CharEnt:
+ Several charset mappings added to MHonArc::CharEnt with the
--- 22,39 ----
* New resources:
!
! DEFCHARSET Default character set to use when none is
! specified.
CHARSETALIASES Define aliases for official charset names.
DBFILEPERMS File permissions for DBFILE.
+ FIELDSTORE Message header fields to store in database.
FILEPERMS File permissions for archive files.
TEXTENCODE Encode message text to given character encoding.
+ * New resource variables:
+
+ $MSGHFIELD$ Retrieve header field value stored via
+ FIELDSTORE.
+
* MHonArc::CharEnt:
+ Several charset mappings added to MHonArc::CharEnt with the
***************
*** 74,77 ****
--- 82,87 ----
+ Added "disableflowed" option to disable the flowed data
conversion. Data will be converted as regular text/plain.
+ This option is useful for archives that cater to text-based
+ browsers.
+ Added "quoteclass=<classname>" option to specify a CSS classname
***************
*** 155,158 ****
--- 165,176 ----
for setuid operation and trying to make it setuid-safe would require
alot of work and potentially limit a large amount of functionality.
+
+ ============================================================================
+ 2002/12/21 (2.5.14)
+
+ * Security patch release: This release fixes a cross-site scripting
+ (XSS) vulnerability in m2h_text_html::filter (the HTML filter).
+ A specially crafted HTML message can have scripting markup get
+ by the script filtering done by m2h_text_html::filter.
============================================================================
---------------------------------------------------------------------
To sign-off this list, send email to majordomo(_at_)mhonarc(_dot_)org with the
message text UNSUBSCRIBE MHONARC-DEV