CVS: mhonarc/MHonArc CHANGES,1.95,1.96

Mon, 30 Dec 2002 21:04:05 -0800 

Update of /cvsroot/mhonarc/mhonarc/MHonArc
In directory subversions:/tmp/cvs-serv23355

Modified Files:
        CHANGES 
Log Message:
* Added FIELDSTORE resource.


Index: CHANGES
===================================================================
RCS file: /cvsroot/mhonarc/mhonarc/MHonArc/CHANGES,v
retrieving revision 1.95
retrieving revision 1.96
diff -C2 -r1.95 -r1.96
*** CHANGES     21 Dec 2002 07:26:33 -0000      1.95
--- CHANGES     31 Dec 2002 05:03:29 -0000      1.96
***************
*** 22,31 ****
  
  * New resources:
!     DEFCHARSET                Default character set to use when none is specified.
      CHARSETALIASES    Define aliases for official charset names.
      DBFILEPERMS               File permissions for DBFILE.
      FILEPERMS         File permissions for archive files.
      TEXTENCODE                Encode message text to given character encoding.
  
  * MHonArc::CharEnt:
    + Several charset mappings added to MHonArc::CharEnt with the
--- 22,39 ----
  
  * New resources:
! 
!     DEFCHARSET                Default character set to use when none is
!                       specified.
      CHARSETALIASES    Define aliases for official charset names.
      DBFILEPERMS               File permissions for DBFILE.
+     FIELDSTORE                Message header fields to store in database.
      FILEPERMS         File permissions for archive files.
      TEXTENCODE                Encode message text to given character encoding.
  
+ * New resource variables:
+ 
+     $MSGHFIELD$               Retrieve header field value stored via
+                       FIELDSTORE.
+ 
  * MHonArc::CharEnt:
    + Several charset mappings added to MHonArc::CharEnt with the
***************
*** 74,77 ****
--- 82,87 ----
    + Added "disableflowed" option to disable the flowed data
      conversion.  Data will be converted as regular text/plain.
+     This option is useful for archives that cater to text-based
+     browsers.
  
    + Added "quoteclass=<classname>" option to specify a CSS classname
***************
*** 155,158 ****
--- 165,176 ----
    for setuid operation and trying to make it setuid-safe would require
    alot of work and potentially limit a large amount of functionality.
+ 
+ ============================================================================
+ 2002/12/21    (2.5.14)
+ 
+ * Security patch release: This release fixes a cross-site scripting
+   (XSS) vulnerability in m2h_text_html::filter (the HTML filter).
+   A specially crafted HTML message can have scripting markup get
+   by the script filtering done by m2h_text_html::filter.
  
  ============================================================================

---------------------------------------------------------------------
To sign-off this list, send email to [EMAIL PROTECTED] with the
message text UNSUBSCRIBE MHONARC-DEV

Reply via email to