1

Topic: iRedAdmin-Pro-LDAP-1.6.0 is available for upgrading and purchasing.

Dear customers,

iRedAdmin-Pro-MySQL-1.2.0 (AKA iRedAdmin-Pro for OpenLDAP backend) is now available for your upgrading and purchasing. All customers should already received an email with download link before 2011-06-12, if you didn't receive any email from iRedMail project, please help check your Spam/Junk folder first, or mail to support @ iredmail.org and ask for one.

Important Note

This release fixes some possible XSS vulnerabilities, and add XSRF protection to harden web security, please upgrade it AS-SOON-AS-POSSIBLE.

If you have old iRedAdmin-Pro installed, upgrade tutorials are ready for your use. Upgrading from previous version is pretty simple: uncompress source tarball, set file permission, copy config file from old version, restarting apache web server. That's all.

http://www.iredmail.org/images/buynow199.png


##################################
# What's new in v1.6.0
#
Improvements
  • CSRF protect. Reference: Cross-Site Request Forgery

  • Able to delete all admin logs with one click.

  • Add 'shadowLastChange=0' for newly created mail user.

Fixed Issues
  • Cannot view quarantined VIRUS mails. Thanks beez@forum <jason@indo...id>.

  • Cannot remove object under ou=Externals while deleting mail list.

  • Incorrect links of pages in per-user and per-domain activity list.

  • Can't add sub-domain users as external member of mail list. Thanks Silviu Romonti <silviu.romonti@>.

  • Allow to use domain names which end with 2-6 chars. Thanks Julian P. <@consistency.at>.

  • Some possible XSS vulnerabilities.

Feedback, suggestions, feature requests are always welcome. smile