cakephp 1.3.15-1+deb7u2build0.14.04.1 source package in Ubuntu
Changelog
cakephp (1.3.15-1+deb7u2build0.14.04.1) trusty-security; urgency=medium * fake sync from Debian cakephp (1.3.15-1+deb7u2) wheezy-security; urgency=high * Non-maintainer upload by the LTS team. * Fix CVE-2016-4793: The getClientIP function allowed remote attackers to spoof their IP address. This vulnerability could be used to bypass access control lists to get access to sensitive data, or lead to higher severity vulnerabilities if untrusted data returned by getClientIP() is treated as safe and used without appropriate sanitization within SQL queries, system command calls etc. cakephp (1.3.15-1+deb7u1) wheezy-security; urgency=medium * Address SSRF (Server Side Request Forgery) attack by ensuring included files are "regular" (eg. `./foo.xml`) rather than merely existing (eg. `/dev/urandom`, etc.). (Closes: #832283) -- Tyler Hicks <email address hidden> Wed, 15 Mar 2017 20:37:24 +0000
Upload details
- Uploaded by:
- Tyler Hicks
- Uploaded to:
- Trusty
- Original maintainer:
- lamby
- Architectures:
- all
- Section:
- web
- Urgency:
- Very Urgent
See full publishing history Publishing
Series | Published | Component | Section | |
---|---|---|---|---|
Trusty | updates | universe | web | |
Trusty | security | universe | web |
Downloads
File | Size | SHA-256 Checksum |
---|---|---|
cakephp_1.3.15.orig.tar.gz | 966.7 KiB | 3cf8c91f34077509993154b9f86c27812fcb55e21c5a61844af293ad710587c7 |
cakephp_1.3.15-1+deb7u2build0.14.04.1.debian.tar.gz | 8.2 KiB | 0da73ee7751f5a4ba0498151e82584169d4379dcb5f4c60b7362af70f9ba0a2a |
cakephp_1.3.15-1+deb7u2build0.14.04.1.dsc | 1.9 KiB | 25fa2ee8422290fc84902fa5eb92b9335177fab0d2f3699188f07eb4a3c489a5 |
Available diffs
Binary packages built by this source
- cakephp: MVC rapid application development framework for PHP
CakePHP is a flexible model-view-
controller rapid application development
framework for PHP inspired by Ruby on Rails.
.
CakePHP makes developing applications swiftly and with the least amount of
hassle:
.
* compatibility with PHP4 and PHP5
* integrated CRUD for database interaction and simplified queries including
scaffolding
* request dispatcher with good looking, custom URLs
* fast and flexible templating (PHP syntax, with helpers)
* useful core features (access control lists, AJAX integration, etc.)
* works from any website subdirectory
- cakephp-scripts: MVC rapid application development framework for PHP (scripts)
CakePHP is a flexible model-view-
controller rapid application development
framework for PHP inspired by Ruby on Rails.
.
This package contains the bake.php and acl.php scripts for creating (or
"baking") CakePHP applications and modifying Access Control Lists.