dotlrn 2.5.0+dfsg-2 source package in Debian
Changelog
dotlrn (2.5.0+dfsg-2) unstable; urgency=high * Fixed severe vulnerability in the api-browser: it was possible to pass to the query parameter "path" a relative path, which might contain path traversals like ../../.. . With these all files with read permissions can be delivered via the server. Applied Patch: http://fisheye.openacs.org/changelog/OpenACS/?cs=oacs-5-5:gustafn:20101125091953 * Updated translations: - Japanease. Closes: #602151 - Vietnamese. Closes: #599609 - Czech. Closes: #599608 -- Hector Romojaro <email address hidden> Thu, 25 Nov 2010 13:48:29 +0100
Upload details
- Uploaded by:
- Hector Romojaro
- Uploaded to:
- Sid
- Original maintainer:
- Hector Romojaro
- Architectures:
- all
- Section:
- web
- Urgency:
- Very Urgent
See full publishing history Publishing
| Series | Published | Component | Section | |
|---|---|---|---|---|
| Squeeze | release | main | web |
Builds
Downloads
| File | Size | SHA-256 Checksum |
|---|---|---|
| dotlrn_2.5.0+dfsg-2.dsc | 1.2 KiB | 47408b298bcd10fc2b2fa1fcb2fea27fa23179cada3f9de86488b9ec9bfe8ef7 |
| dotlrn_2.5.0+dfsg.orig.tar.gz | 24.7 MiB | 11c81b6683c94dd2bb59dfecc8c5a41096ba17e56a6bca9968a10dd6449921c9 |
| dotlrn_2.5.0+dfsg-2.diff.gz | 49.9 KiB | e441a06f28966606bc11562d4e52b2d30d9b729a94118449296c149d2c398c58 |
No changes file available.
