Fixes validation problems with base64 encoded images in CSS.

add newest plugin types to info plugin

removed tabs

message increase for hotfix

Swedish language update

correctly count deleted users in plain auth FS#2800

reloading the user list after the delete action will make sure the count
is always correct.

Increased strength of auto generated passwords a bit

If you want better random initialization and more control over the
password strength install the passpolicy plugin.

check for spam in summary as well, added common spam summary

apply media_isexternal in ml()

update hashes in tests

update common_ml test for hash change

fixed syntax fuckup

AUTH_PASSWORD_GENERATE event added

This is needed to replace the password generator by a plugin
implementation. Related to PR #166 and FS#2147

fix problem when ldap returns no groups FS#2788

fix ldap deref option FS2798

Do not pass timelimit and deref settings to ldap_search. These values
should be set globally via ldap_set_option() instead (as we do for
deref).

treat empty AD credentials as NULL values FS#2781

Korean language update

we now require PHP 5.2.0 at least

moved X-UA-Compatible from meta tag to be sent by http header instead

make password reset token completely random

No need for HMAC here because there's no length attack vector here. We
only care for the existance of the file and each reset request is
completely (rando

make password reset token completely random

No need for HMAC here because there's no length attack vector here. We
only care for the existance of the file and each reset request is
completely (random) independent from each other.

show more ...

use HMAC in password reset token FS#2794

use HMAC for CSRF security tokens FS#2794

use hmac for external ressource hash FS#2794

use HMAC in media_token FS#2794

added HMAC support to PassHash class FS#2794