March 12, 2012
And so we introduce Atmail 6.3.6 - our biggest release of the year so far. Containing more than 100 fixes and improvements to the Atmail system, this is a recommended update for anyone with an Atmail install. Highlights include Advanced Search, Password Encryption, and LDAP Support for Calendar Server.
Calendars
- Added encrypted logins for Calendar Server logins
- Added IMAP Auth fallback for CalDAV authentication
- Added LDAP authentication for Calendar Server
- Calendar server moved provisioned detection to provisioning system from DAV auth plugin
- Calendar migration updates
- Removed redundant fetching of user data
- Calendar server now correctly calls LDAP bind with bind DN
- Change in height for calendar list items
- Corrected Calendar Server processing of config.ini sections
- Corrected Darwin-to-Sabre migration issue (New server starts before old calendar server is turned off)
- Corrected XSS in calendar event fields
- DAV authentication now attempts to cache authorisations for multiple calls
- Fixed encoding issue with error output from Calendar Server
- Fixed jQuery DND for Safari/Chrome/IE
- Updated Calendar Server to leverage Bind DNs
Webmail
- Implemented Message Flagging
- Added password length check in Change Password module
- Delete Trash on Logout is now the user default setting
- Improved LDAP Change Password feature
- Improved LDAP system integration
- Redirect removed folder contents to Trash
Interface
- Advanced Search added
- Added some extra ids to html tags for better Plugin support
- Can now use umlauts when searching contacts
- Improved Upgrade popup box in Webadmin
- Corrected filtering for the WebAdmin User Manager
- Corrected Dashboard controller issues with graph calculation
- Corrected description for subfolder tool tip
- Corrected folder Add and Remove behaviour for subfolders
- Corrected folder view not expanding if inside a subfolder
- Corrected id tag issue in Webmail Settings pane
- Corrected XSS issues with Log Search
- Corrected notification display in Webadmin > Settings
- Corrected simpleFlash for Webadmin
- Corrected
simpletreeview
jQuery plugin issue (Previously reset all subfolders expand status even when already set. Caused large performance issues) - Disabled setTimeout for scrollTo current folder during first load
- Fixed Internet Explorer 7 issues with Advanced Search
- Fixed JS error case handling in Webadmin > Settings > Global Settings
- Fixed Add Folder button being marked as disabled
- Fixed browser issues with i18n
- Fixed CSS mistakes (space in pixel value)
- Fixed invalid data issue when viewing contacts
- Fixed slide animation issue that caused vast performance issues
- Improved User Manager for username validation
- More verbose timeout message, if running session timeout on iOS
- Atmail now validates folders for illegal characters
- Removed translator website from Italian translation
- Updated simpleFlash to be more context-aware and avoid multiple binds
System
- Added Atmail_Enum for application wide constants
- Added external user password encryption (two way)
- Added input filter system to admin user controller
- Added master key setting to configuration file
- Added missing php-dom for Redhat
- Added optional deps for mcrypt to installers
- Added sanitizer to sieve filter
- Consolidated all password crypt functions
- Consolidated Atmail LDAP functions
- Correct search multiple binds
- Corrected admins being able to accidentally double hash user passwords
- Corrected cli.version clear on database update
- Corrected index for abookGroups
- Corrected issue where _md5 for custom session savehandler not being set correctly
- Corrected issue where session backend not available during some static calls to its class
- Corrected LDAP bindauthdn variable usage
- Corrected local codebase version string not being used to load new versions of CSS/JS on update in admin interface
- Corrected master key and external users / session encryption unavailable for webmail client installations
- Corrected migration A5 -> A6 halts due to timeout from old database connection
- Corrected migration script including settings from users not included in the UserSession? (removed users)
- Corrected password not being updated due to variable mismatch
- Corrected remoteServer behaviour
- Corrected session handler not being able to programatically save sessions for other users while admin
- Corrected session handler producing error if user has no session data
- Corrected session handler saving blank sessions (no username provided yet)
- Corrected session handler searches for blank session id's
- Corrected session issue where sometimes a valid session ID would be overwritten
- Corrected upgrade sets cli when not needed
- Corrected user password encryption hosing already hashed passwords on save
- Corrected username renaming admin function and re-enabled
- Corrected zend input filter to match rules on embedded objects during filtering
- Correct syntext error in digest library
- Db updater will now still continuing on failure
- Fixed broken admin Plugin interface controller
- Fixed creating root folder will add more plus sign issue
- Fixed folder deletion bug. When deleting a user defined folder, there is a race condition where a default 'inbox' would be passed to recursive delete
- Fixed search SQL was failing on COOERCIBLE
- Implemented session encryption
- Modified auth controller to set auth creds only when crypt type known
- Modified LDAP add user to be able to handle usernames without domains (domain check for unique username)
- Modified update code to be more directory aware
- Now disables unusable password crypt types in admin > global panel
- Now doesn't store plaintext CalDAV password
- Replace deprecated function split with explode in General.php
- Resolved LDAP_add_user missing pear lib
- Tidy up of global config usage
- Update iOS profile to handle encrypted external user passwords
- Updated code to use enums for password types to correct inconsistencies in hardcoded strings
- Updated Exim_Config to use atmail_enum
- Updated LDAP-add-user to throw exit codes and updated dovecot create-scripts to honour those exit codes and pass on to dovecot
- Updated loadTestUrls to not include external accounts during tests
- Updated settings for external user password encryption
Comments