<http://sourceforge.net/projects/qmailadmin/>
******* Corrected security flaw introduced in 1.0.13 ********
In QmailAdmin 1.0.13 through 1.0.24, it was possible for any
user to configure their account (on the "Modify User" screen)
to forward their email to any program on the server.
Since the program would run as the vpopmail user, this was a
very bad thing. The 1.0.25 release corrects this problem,
but will remove existing program delivery lines (other than
autoresponder and spam command) from a user's .qmail file if
they click the "Modify User" button on the "Modify User" screen.
This is a temporary fix; we plan to improve the code that
alters a user's .qmail file to allow existing program delivery
lines to remain unchanged.
*************************************************************
Tom Collins
+ Security fix described above.
+ Remove count_aliases() and CurAliases (now that aliases are
considered forwards).
+ Fix count_forwards() to correctly ignore ezmlm-idx list files
and count all forwards (both email address and Maildir format).
+ When reading email address of list owner, strip leading & if
present.
+ Added alias2forward.pl in contrib directory to convert from
Maildir-style aliases to address-based forwards. See contrib/
README.alias2forward for more details.
+ Added --disable-mysql option to configure to disable MySQL
options on add/modify mailing list (defaults to enabled).
Added ##tm tag (currently unused) to show block when MySQL
is enabled.
+ Increase size of alias_user in alias.c to MAX_BUFF to avoid
buffer overflow on long lines in .qmail-user files.
Nicolas Croiset
+ Corrections to French translation.
Andreas Tolfsen
+ Updated Norwegian translation.
Omer Faruk Sen
+ Updated Turkish translation.
Franz Stancl
+ Added 6 missing German translations.
