Fix first part of Password handling security issue2550688 (thanks Joseph Myers for reporting and Eli Collins for fixing) Small change against original patch: We still accept plaintext passwords (in known_schemes) when parsing encrypted password (e.g. from database). This way existing databases with plaintext passwords continue to work (I don't know of any, this would need patching on the users side) and all regression tests pass.

--- a/CHANGES.txt	Thu Apr 14 09:21:23 2011 +0000
+++ b/CHANGES.txt	Thu Apr 14 12:24:59 2011 +0000
@@ -75,6 +75,8 @@
   (Ralf Schlatterbeck)
 - Fixed bug in mailgw refactoring, patch issue2550697 (thanks Hubert
   Touvet)
+- Fix first part of Password handling security issue2550688 (thanks
+  Joseph Myers for reporting and Eli Collins for fixing)
 
 2010-10-08 1.4.16 (r4541)