The Inverse team is pleased to announce the immediate availability of SOGo v2.4.2. This is a minor release of SOGo which focuses on various enhancements and improved stability over previous versions.
- calendar(dav): add DAV:status to DAV:response only when deleted (9bffee2), closes #5163
- calendar(dav): add method attribute to content-type of iTIP reply (3e96d68), closes #5320
- core: add security flags to cookies (HttpOnly, secure) (0f3d7dc), closes #4525
- core: fix GCC 10 compatibility (dc4fdb2), closes #5029
- core: only escape “%” with the SQL LIKE operator (2389e44)
- eas: gcc v10 compat fixes (fixes #5029) (3d2e5ad)
- mail(css): restrict the viewport of the message body viewer (e528096)
- mail(js): ban all “on*” events attributes from HTML tags (f38eded)
- mail: don’t allow XML inline attachments (3c85dbd)
See the complete change log.
Back to 2022