2004-09-23    Paul Lesneiwski
        - Fixed command injection vulnerability
          (Thanks to iDEFENSE Labs for the professional
          manner in which they reported this issue)
        - Fixed superglobal access 
        - Removed chdir statements
        - Distribution now only comes with config.php.sample
        - Other minor cleanup (SM_PATH, etc)

2004-05-04    Scott Heavner
	- update for v1.4.2
	- fix IMAP header/get code that was blowing up
	- dumb-down setup.php
	   - no includes unless we're doing something,
	   - move guts to functions.php
	- include ca-bundle.crt (dump of netscape's default root
          store certificates)
	- automatically create cert_in dir if not exists
	- add more detail to INSTALL
	- release v0.5
