Mini File Manager

File Manager

Current Directory: /home/lartcid/public_html/journal.lartc.id

[Back]

.. [Open]

.htaccess [Edit]

.well-known [Open]

README.md [Edit]

api [Open]

cache [Open]

cgi-bin [Open]

classes [Open]

config.TEMPLATE.inc.php [Edit]

config.inc.php [Edit]

controllers [Open]

cypress.json [Edit]

dbscripts [Open]

docs [Open]

error_log [Edit]

favicon.ico [Edit]

index.php [Edit]

js [Open]

lib [Open]

locale [Open]

mini.php [Edit]

pages [Open]

php.ini [Edit]

plugins [Open]

public [Open]

registry [Open]

scheduledTaskLogs [Open]

schemas [Open]

styles [Open]

templates [Open]

tools [Open]

Edit File

## Release 1.6.11

- Managesieve: Fix match-type selector (remove unsupported options) in delete header action (#9610)
- Improve installer to fix confusion about disabling SMTP authentication (#9801)
- Fix PHP warning in index.php (#9813)
- OAuth: Fix/improve token refresh
- Fix dark mode bug where wrong colors were used for blockquotes in HTML mail preview (#9820)
- Fix HTML message preview if it contains floating tables (#9804)
- Fix removing/expiring redis/memcache records when using a key prefix
- Fix bug where a wrong SPECIAL-USE folder could have been detected, if there were more than one per-type (#9781)
- Fix a default value and documentation of password_ldap_encodage option (#9658)
- Remove mobile/floating Create button from the list in Settings > Folders (#9661)
- Fix Delete and Empty buttons state while creating a folder (#9047)
- Fix connecting to LDAP using ldapi:// URI (#8990)
- Fix cursor position on "below the quote" reply in HTML mode (#8700)
- Fix bug where attachments with content type of `application/vnd.ms-tnef` were not parsed (#7119)
- Fix Post-Auth RCE via PHP Object Deserialization reported by firs0v

## Release 1.6.10

- IMAP: Partial support for ANNOTATE-EXPERIMENT-1 extension (RFC 5257)
- OAuth: Support standard authentication with short-living password received with OIDC token (#9530)
- Fix PHP warnings (#9616, #9611)
- Fix whitespace handling in vCard line continuation (#9637)
- Fix current script state after initial scripts creation in managesieve_kolab_master mode
- Fix rcube_imap::get_vendor() result (and PHP warning) on Zimbra server (#9650)
- Fix regression causing inline SVG images to be missing in mail preview (#9644)
- Fix plugin "virtuser_file" to handle backward slashes in username (#9668)
- Fix PHP fatal error when parsing some malformed BODYSTRUCTURE responses (#9689)
- Fix insert_or_update() and reading database server config on PostgreSQL (#9710)
- Fix Oauth issues with use_secure_urls=true (#9722)
- Fix handling of binary mail parts (e.g. PDF) encoded with quoted-printable (#9728)
- Fix links in comments and config to https:// where available (#9759, #9756)
- Fix decoding of attachment names encoded using both RFC2231 and RFC2047 standards (#9725)

## Release 1.6.9

- Fix regression where printing/scaling/rotating image attachments was broken (#9571)
- Fix regression where HTML messages were displayed unstyled (#9586)

## Release 1.6.8

- Managesieve: Protect special scripts in managesieve_kolab_master mode
- Fix newmail_notifier notification focus in Chrome (#9467)
- Fix fatal error when parsing some TNEF attachments (#9462)
- Fix double scrollbar when composing a mail with many plain text lines (#7760)
- Fix decoding mail parts with multiple base64-encoded text blocks (#9290)
- Fix bug where some messages could get malformed in an import from a MBOX file (#9510)
- Fix invalid line break characters in multi-line text in Sieve scripts (#9543)
- Fix bug where "with attachment" filter could fail on some fts engines (#9514)
- Fix bug where an unhandled exception was caused by an invalid image attachment (#9475)
- Fix bug where a long subject title could not be displayed in some cases (#9416)
- Fix infinite loop when parsing malformed Sieve script (#9562)
- Fix bug where imap_conn_option's 'socket' was ignored (#9566)
- Fix XSS vulnerability in post-processing of sanitized HTML content [CVE-2024-42009]
- Fix XSS vulnerability in serving of attachments other than HTML or SVG [CVE-2024-42008]
- Fix information leak (access to remote content) via insufficient CSS filtering [CVE-2024-42010]