From e7d1a80a800f6f08c0a683d2be04b0db2a1f6523 Mon Sep 17 00:00:00 2001
From: Aleksander Machniak <alec@alec.pl>
Date: Fri, 06 Nov 2015 02:37:07 -0500
Subject: [PATCH] Fix HTML sanitizer to skip <!-- node type X --> in output (#1490583)

---
 CHANGELOG |   32 ++++++++++++++++++++++++++++++++
 1 files changed, 32 insertions(+), 0 deletions(-)

diff --git a/CHANGELOG b/CHANGELOG
index dfa047d..3b87c1a 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -1,7 +1,39 @@
 CHANGELOG Roundcube Webmail
 ===========================
 
+- Add workaround for https://bugs.php.net/bug.php?id=70757 (#1490582)
+- Fix HTML sanitizer to skip <!-- node type X --> in output (#1490583)
+
+RELEASE 1.0.7
+-------------
+- Get rid of Mail_mimeDecode package dependency (#1490416)
+- Fix compatibility with Net_SMTP > 1.6.3 and Mail_Mime >= 1.9.0
+- Fix SQL error on logout when using session_storage=php (#1490421)
+- Fix so plain text signature field uses monospace font (#1490435)
+- Fix draft removal after a message is sent and storing sent message is disabled (#1490467)
+- Fix handling of plus character in mailto: links (#1490510)
+- Fix so adding CC/BCC recipients from the sidebar unhides compose form fields in Classic skin (#1490472)
+- Fix so gc.sh script removes also expired sessions from sql database (#1490512)
+- Fix support for Mozilla-based browsers, e.g. Pale Moon (#1490517)
+- Fix various issues with Turkish (and similar) locales (#1490519)
+- Fix so In-Reply-To header is set also for MDN receipts (#1490523)
+- Fix XSS issue in drag-n-drop file uploads (#1490530)
+- Fix issue where Content-Length of some attachments could be set to wrong value causing browser errors (#1490482)
+
+RELEASE 1.0.6
+-------------
 - Make SMTP error log more verbose - include server response and error code
+- Fix rows count when messages search fails (#1490266)
+- Fix security issue in DBMail driver of password plugin (#1490261)
+- Fix handling of some improper constructs in format=flowed text as per the RFC3676[4.5] (#1490284)
+- Fix missing or not up-to-date CATEGORIES entry in vCard export (#1490277)
+- Fix duplicate entry on timezones list in rcube_config::timezone_name_from_abbr() (#1490293)
+- Fix handling of %-encoded entities in mailto: URLs (#1490346)
+- Fix bug where messages count was not updated after message move/delete with skip_deleted=false (#1490372)
+- Fix security issue in contact photo handling (#1490379)
+- Fix bug where database_attachments_cache setting was not working
+- Fix attached file path unsetting in database_attachments plugin (#1490393)
+- Fix issues when using moduserprefs.sh without --user argument (#1490399)
 
 RELEASE 1.0.5
 -------------

--
Gitblit v1.9.1