You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Error conditions at IMAP server side (such as failure to response because of extremely high machine load) could expose a user's password when the LOGIN command fails and the "Unable to send command: $request") string is displayed.
Yup, it should be anonymized as we do for debug logging. Or we should use only the command name (e.g. UID FETCH, SEARCH, etc.) instead of the full command with arguments.
* upstream/master:
Fix bug where it wasn't possible to store more that 2MB objects in memcache/apc (roundcube#5452) Added memcache_max_allowed_packet and apc_max_allowed_packet settings
assword: Added possibility to nicely handle password epiration from other plugins (roundcube#5468)
Fix bug where IMAP password could be exposed via error message (roundcube#5472)
Fix bug where deleting folders with subfolders could fail in some cases (roundcube#5466)
Support HTML input to rcube_text_editor.replace() (roundcube#5456)
Set smtp options in sample config as they are required now
Optimize image size
Bump database version
Better icon and CSS styles for PGP-related attachments (roundcube#5301 and roundcube#5279)
Add icons for pgp-keys and php-encrypted attachments (roundcube#5301 and roundcube#5279)
Update changelog
Fix flickering of header topline in min-mode (roundcube#5426)
Do not show inline images of unsupported mimetype (roundcube#5463)
SQL, upgrade: increase session table ip field size for IPv6 addresses
Error conditions at IMAP server side (such as failure to response because of extremely high machine load) could expose a user's password when the LOGIN command fails and the
"Unable to send command: $request")
string is displayed.https://github.com/roundcube/roundcubemail/blob/master/program/lib/Roundcube/rcube_imap_generic.php#L2031
The text was updated successfully, but these errors were encountered: