From aa055c931a68547763f7bb89425a08e8ceecb749 Mon Sep 17 00:00:00 2001
From: thomascube <thomas@roundcube.net>
Date: Thu, 22 Jan 2009 09:47:23 -0500
Subject: [PATCH] Get rid of vulnerable preg_replace eval and create_function (#1485686) + correctly handle base and link tags in html messages

---
 CHANGELOG |    5 +++++
 1 files changed, 5 insertions(+), 0 deletions(-)

diff --git a/CHANGELOG b/CHANGELOG
index e8ce827..123b243 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -1,6 +1,11 @@
 CHANGELOG RoundCube Webmail
 ---------------------------
 
+2009/01/22 (thomasb)
+----------
+- Get rid of preg_replace() with eval modifier and create_function usage (#1485686)
+- Bring back <base> and <link> tags in HTML messages
+
 2009/01/20 (thomasb)
 ----------
 - Fix XSS vulnerability through background attributes as reported by Julien Cayssol

--
Gitblit v1.9.1