This is the start of the new development series, and will include significant changes from the 5.4 series.
Many people got comfortable using development releases on production servers during the 5.3 series. We don't recommend doing that with this series as the releases won't be thoroughly tested.
This first release focuses on security-related improvements to the SQL auth modules. There are also some fixes to Postgres in an attempt to add stability and get it caught up with MySQL.
The new qnprintf() command escapes strings used in queries to avoid possible SQL exploits to the vpopmail codebase. Once tested, we will backport this code to the 5.4 series.
ChangeLog:
Tom Collins - Consolidate table creation code in vmysql.c and vpgsql.c. - Increase SQL_BUF_SIZE from 600 to 2048 for Oracle, Postgres and Sybase. - Add qnprintf() to vpopmail.c for escaping strings in SQL queries. - Use qnprintf() when building queries in vmysql.c, vpgsql.c, voracle.pc, and vsybase.c. - Multiple fixes to vpgsql.c related to freeing PGresults and attempting to access NULL PGresults when reporting errors.