PostfixAdmin 3.3.10 - bug + security fixes
DavidGoodwin
released this
09 Aug 08:50
·
595 commits
to master
since this release
- Merge password expiration fixes from #493
- Remove html readonly attribute from user's vacation page to/from selectors.
- vacation.pl - allow smtp helo to be specified (see #495)
- Security fix - ClickJacking protection (thanks @huntr-helper / @ranjit-git) (see #523)
- Security fix (low risk) - Improve randomness with PFA_token for CSRF protection (thanks @michaellrowley)
- Fix viewlog to allow admins to see all domains (thanks @pgimalac, #516)
- Disable password autocompletion in edit forms (thanks @gabrielfin, see #510)
(a previous 3.3.10 release didn't include a change to the version number in config.inc.php ... sorry)