[Php-blog-plugin-cvs] additional_plugins/serendipity_event_freetag ChangeLog, 1.43, 1.44 serendipit
A reliable, secure & extensible PHP blog | Not mainstream since 2002
Brought to you by:
garvinhicking,
jhermanns
Menu
▾
▴
[Php-blog-plugin-cvs] additional_plugins/serendipity_event_freetag ChangeLog, 1.43, 1.44 serendipity_event_freetag.php, 1.148, 1.149
|
From: Garvin H. <gar...@us...> - 2011-05-30 20:25:26
|
Update of /cvsroot/php-blog/additional_plugins/serendipity_event_freetag
In directory vz-cvs-2.sog:/tmp/cvs-serv20438
Modified Files:
ChangeLog serendipity_event_freetag.php
Log Message:
SSCHADV2011-004
Index: ChangeLog
===================================================================
RCS file: /cvsroot/php-blog/additional_plugins/serendipity_event_freetag/ChangeLog,v
retrieving revision 1.43
retrieving revision 1.44
diff -u -d -r1.43 -r1.44
--- ChangeLog 9 May 2011 08:19:30 -0000 1.43
+++ ChangeLog 30 May 2011 20:25:24 -0000 1.44
@@ -1,3 +1,8 @@
+3.22:
+-----
+
+Fix possible XSS, reported by Stefan Schurtz (SSCHADV2011-004)
+
3.21:
-----
Index: serendipity_event_freetag.php
===================================================================
RCS file: /cvsroot/php-blog/additional_plugins/serendipity_event_freetag/serendipity_event_freetag.php,v
retrieving revision 1.148
retrieving revision 1.149
diff -u -d -r1.148 -r1.149
--- serendipity_event_freetag.php 9 May 2011 08:19:30 -0000 1.148
+++ serendipity_event_freetag.php 30 May 2011 20:25:24 -0000 1.149
@@ -70,7 +70,7 @@
'smarty' => '2.6.7',
'php' => '4.1.0'
));
- $propbag->add('version', '3.21');
+ $propbag->add('version', '3.22');
$propbag->add('event_hooks', array(
'frontend_fetchentries' => true,
'frontend_fetchentry' => true,
@@ -1261,7 +1261,7 @@
global $serendipity;
$tags = $this->getTagCloudTags($tag);
- $serendipity['smarty']->assign('freetag_tagTitle', is_array($this->displayTag) ? implode(' + ',$this->displayTag) : $this->displayTag);
+ $serendipity['smarty']->assign('freetag_tagTitle', htmlspecialchars(is_array($this->displayTag) ? implode(' + ',$this->displayTag) : $this->displayTag));
if (!empty($tags)) {
$serendipity['smarty']->assign('freetag_hasTags', true);
|