-- 2.3.2 release 20151224 "Glenavullen" --

U015) Stefan Assmann <sassmann@kpanic.de>
      BUG. format string vulnerability with -Sv
      FIX. save.c, select.c

U014) Wei-Lun Chao <bluebat@member.fsf.org>
      ADD. update traditional chinese translation
      FIX. zh_TW.po

U013) Mingye Wang <arthur200126@gmail.com>
      ADD. simplified chinese translation
      FIX. zh_CN.po

U012) Thomas E. Dickey <dickey@invisible-island.net>
      ADD. update configure macros
      FIX. aclocal.m4

U011) Dennis Preiser <dennis@d--p.de>
      BUG. uue parts in mime articles were not mime decoded before uue
           decoding
      BUG. used freed fp if cooking of article fails
      BUG. Cygwin >= 2.0 was treated as Cygwin < 1.7
      BUG. ncurses >= 6.0 wasn't recognized
      BUG. possible crash on initial reconnect loop when network is down
      BUG. socket not closed on early exit
      BUG. memory leak when aborting index_group() from select level
      BUG. memory leak when reading mailgroup articles without Message-ID
      BUG. memory leak in makecfg
      BUG. in thread level space calculation for %F was wrong with
           S'ubject or 'P'ercent threading active
      BUG. in thread level show_author was ignored with S'ubject or 'P'ercent
           threading active
      BUG. thread level didn't show subject with 'P'ercent or 'M'ultibyte
           threading active and '%T' present in thread_format
      ADD. AttachSelect and AttachPipe now perform charset translation for
           text/*-parts
      ADD. handle CRLF spread over two lines in base64 decoding
      ADD. options to color external quotes (extquote_handling,
           extquote_regex, col_extquote)
      ADD. skip over RFC 2231 language parameter in encoded words
      ADD. RFC 2231 parameter value continuation
      ADD. allow comments in Content-* headers
      REM. groupname_max_length tinrc option (replaced by select_format)
      FIX. extern.h, rfc2046.h, tcurses.h, tin.h, tinrc.h, version.h, art.c
           attrib.c, color.c, config.c, cook.c, group.c, init.c, lang.c
           main.c, makecfg.c, memory.c, misc.c, nntplib.c, options_menu.c
           page.c, rfc2045.c, rfc2046.c, rfc2047.c, save.c, select.c, string.c
           thread.c, tincfg.tbl, tin.[15], configure[.in]

U010) Joe Hansen <joedalton2@yahoo.dk>
      ADD. updated danish translation
      FIX. da.po

U009) Urs Janssen <urs@tin.org>
      ADD. updated german translation
      ADD. config.guess, config.sub update
      ADD. fix hypothetic null pointer dereference
      ADD. allow hand supplied Sender header with external news
      ADD. avoid useless strdup()/free()
      ADD. onion TLD to disallowed TLDs
      ADD. removed redundant conditions in auth code
      ADD. --enable-heapsort is now default
      ADD. --enable-ipv6 is now default
      REM. dead code
      BUG. wrong format string in CLOSEDIR macro used
      BUG. uncontrolled format string in nntp error messages.
      BUG. tin_errno wasn't always cleared when aborting index_group()
      BUG. in batch mode rebindable keys were malloed but not freed
      FIX. auth.c, cook.c, group.c, lang.c, main.c, misc.c, nntplib.c
           page.c, post.c, prompt.c, rfc2047.c, search.c, thread.c, policy.h
           tin.h, de.po, config.guess, config.sub, configure[.in]
           Makefile[.in]

U008) Toomas Soome <Toomas.Soome@microlink.ee>
      ADD. updated estonian translation
      FIX. et.po

-- 2.3.1 release 20141224 "Tallant" --

U007) Dennis Preiser <dennis@d--p.de>
      ADD. also validate "utf8" input
      FIX. misc.c

U006) Joe Hansen <joedalton2@yahoo.dk>
      ADD. updated danish translation
      FIX. da.po

U005) Urs Janssen <urs@tin.org>
      ADD. fix hypothetic null pointer dereference
      ADD. config.guess, config.sub update
      ADD. updated german translation
      FIX. proto.h, filter.c, post.c, save.c, tin.1, config.guess, config.sub
           de.po

-- 2.3.0 release 20141003 "Glenfoyle" --

U004) Joe Hansen <joedalton2@yahoo.dk>
      ADD. updated danish translation
      FIX. da.po

U003) Urs Janssen <urs@tin.org>
      ADD. !HAVE_LONG_FILE_NAMES code path to my_tmpfile()
      ADD. allow TLDs with up to 14 chars (.cancerresearch) in
           URL_REGEX and NEWS_REGEX
      BUG. memleak in normalize() if libidn is used for normalization
      BUG. '-d' didn't work as it was always overwritten by tinrc setting
      ADD. config.sub update
      FIX. attrib.c, config.c, filter.c, mail.c, my_tmpfile.c, string.c
           config.sub, tin.[15]

U002) Dennis Preiser <dennis@d--p.de>
      BUG. in base64 encoding multibyte chars could have been broken into
           multiple encoded words which is prohibited by RFC 2047
      FIX. rfc2047.c

U001) Matt Anton <tin@syrius.org>
      ADD. updated french translation
      FIX. fr.po

-- 2.2.1 release 20140504 "Tober an Righ" --

 004) Dennis Preiser <dennis@d--p.de>
      BUG. don't stop utf8 validation on first \n
      BUG. possible buffer overrun in build_gline().
      BUG. missing check for art->refptr in build_tline().
      ADD. handle space-stuffing from RFC 2646 4.4
      ADD. tweak URL_REGEX, don't stop before closing ) if there was an
           opening ( in the url.
      ADD. allow editing of captured URL before spwaning viewer
      FIX. cook.c, misc.c, page.c, rfc2046.c, select.c, thread.c, rfc2046.h
           tin.h

 003) Matt Anton <tin@syrius.org>
      ADD. updated french translation
      FIX. fr.po

 002) Toomas Soome <Toomas.Soome@microlink.ee>
      ADD. updated estonian translation
      FIX. et.po

 001) Urs Janssen <urs@tin.org>
      ADD. config.guess, config.sub update
      ADD. updated german translation
      ADD. no-c-format hint for xgettext
      BUG. hypothetic 1 byte buffer overrun in read_newsrc_active_file() with
           newsgoup names longer than 511 bytes (RFC 3977 guarantees them to
           be 497 bytes max).
      BUG. hypothetic out of bounds write in msg_add_header() if more than
           MAX_MSG_HEADERS are added automatically
      BUG. don't null strings will illegal multibyte sequences, just replace
           eveything after the fist illegal sequence with ?
      FIX. active.c, config.c, feed.c, lang.c, page.c, post.c, read.c,
           rfc2046.c, string.c, config.guess, config.sub, de.po

-- 2.2.0 release 20131224 "Lochindaal" --

For changes made till the 2.2.0 release look at CHANGES.old
