Welcome, Guest! Log In | Create Account

Share

LXR Cross Referencer

File Release Notes and Changelog

Release Name: lxr-0.9.4

Notes:
Fixes a security vulnerability that allowed access to any file readable by the uid running the webserver.  General  improvements to input validation which should also avoid other security problems.

Multiple bugfixes and new unit tests.


Changes:
2005-05-05 23:01  mbox

        * tests/: CVSTest.pm, SecurityTest.pm (utags: release-0-9-4):
          Updates to testcode

2005-05-05 22:59  mbox

        * .htaccess (tags: release-0-9-4): PerlTaintCheck doesn't work for
          some reason - so switch it off.

2005-05-05 00:21  mbox

        * .htaccess, lib/LXR/Files/CVS.pm (tags: release-0-9-4),
          tests/AllTests.pm (tags: release-0-9-4), tests/CVSTest.pm,
          tests/lxr.conf (tags: release-0-9-4): Add test cases for Security
Enable taint mode for mod_perl - should
          reduce security vulnerabilities

2005-05-05 00:19  mbox

        * lib/LXR/Common.pm (tags: release-0-9-4), tests/SecurityTest.pm:
          Fix for security vulnerability:  malicious values in 'version'
Fixes bug [ 1194360 ]files outside the
          directory traversal

2005-04-30 22:30  mbox

        * templates/lxr.conf (tags: release-0-9-4): tcl is not supported in
Fixes bug [ 1042310 ] Noet - so comment out.
          langid for language tcl

2005-04-30 02:35  mbox

        * lib/LXR/Index/Postgres.pm (tags: release-0-9-4): Fix missing
          ${prefix} tags.

2005-01-05 17:13  mbox

        * INSTALL (tags: release-0-9-4, merge-to-mainline): Fix bug 103178:
          Document that MySQL 4.x is needed

2004-12-04 23:21  mbox

        * tests/TestRunner.pl (tags: release-0-9-4, merge-to-mainline): New
          script to run all LXR testcode

2004-10-26 18:08  brondsem

        * diff (tags: release-0-9-4, merge-to-mainline): update $PATH for
          diff (gnu diff is more likely to be in /usr/local/bin so look
          there first)

2004-10-25 21:18  brondsem

        * initdb-oracle.sql (tags: release-0-9-4, merge-to-mainline):
          update with new tables/columns

2004-10-19 20:19  brondsem

        * lib/LXR/Lang/generic.conf (tags: release-0-9-4,
          merge-to-mainline): fix "shell" capitalization to match that used
          in lxr.conf

2004-10-18 23:19  brondsem

        * lib/LXR/Index/Oracle.pm (tags: release-0-9-4, merge-to-mainline):
          oops, retract local change

2004-10-18 21:45  brondsem

        * lib/LXR/Index/: Mysql.pm (tags: release-0-9-4), Postgres.pm
          (utags: merge-to-mainline): fix order of delete statements

2004-10-18 21:42  brondsem

        * lib/LXR/Index/Oracle.pm: merge many old structure changes from
          Mysql.pm

2004-10-18 21:22  brondsem

        * search (tags: release-0-9-4, merge-to-mainline): handle errors a
          bit better; also, rearrange piping in swishsearch for iPlanet

2004-10-18 20:09  brondsem

        * lib/LXR/Index/Oracle.pm: some oracle fixes

2004-10-11 20:39  brondsem

        * INSTALL: explain icons for unlucky people who can't use Apache

2004-09-06 22:55  mbox

        * tests/README (tags: release-0-9-4, merge-to-mainline): Describe
          how to run the automatic tests

2004-09-06 22:54  mbox

        * tests/ConfigTest.pm (tags: release-0-9-4, merge-to-mainline): Fix
          test to work correctly

 

About SourceForge

Find Software

Develop Software

Community

Help

Copyright © 2010 Geeknet, Inc. All rights reserved. Terms of Use