Welcome, Guest! Log In | Create Account

Share

Spine

Code

Programming Languages: Perl

License: GNU General Public License (GPL)

Repositories

browse code, statistics svn co https://spine.svn.sourceforge.net/svnroot/spine spine

Show:

What's happening?

  • Patch for bug #1908274

    Patch for bug #1908274 Apply patch: root@lua:/tmp/# cp apreq2cookie.patch Spine-1.3_Beta root@lua:/tmp/# cd Spine-1.3_Beta root@lua:/tmp/Spine-1.3_Beta# patch -p1 < apreq2cookie.diff patching file lib/Apache2/SPINE/Index.pm.

    2008-03-09 00:06:40 UTC by beatnik

  • Comment: Apache2::Cookie is not handled transparently

    File Added: apreq2cookie.diff.

    2008-03-09 00:01:43 UTC by beatnik

  • Apache2::Cookie is not handled transparently

    Apache2::Cookie is not handled transparently. This results in a Internal Server Error. The error log contains the following error message: Can't locate auto/Apache2/Request/cookies.al in @INC (@INC contains: /etc/perl /usr/local/lib/perl/5.8.8 /usr/local/share/perl/5.8.8 /usr/lib/perl5 /usr/share/perl5 /usr/lib/perl/5.8 /usr/share/perl/5.8 /usr/local/lib/site_perl . /etc/apache2) at...

    2008-03-05 20:08:16 UTC by beatnik

  • Comment: Macro Admin broken in 1.3 beta

    Fixed by patch #1896404.

    2008-02-18 20:16:12 UTC by beatnik

  • Patch for issue #1896376

    This fixes issue #1896376. Place the attached file in extracted archive folder "Spine-1.3_Beta/lib/SPINE/Handler/Admin". To install, use the following commands (with correct user credentials) "perl Makefile.PL && make install". Restart Apache to apply the changes.

    2008-02-18 20:12:56 UTC by beatnik

  • Macro Admin broken in 1.3 beta

    The Macro administration panel is broken in a way that it doesn't allow more than one macro to be added to the macroset.

    2008-02-18 19:30:07 UTC by beatnik

  • Comment: Cross-Site Request Forgery

    See Release 1.22.

    2007-01-31 21:35:21 UTC by beatnik

  • Comment: Authentication Bypass

    Solution: Apply spine-fix version 1.21, which fixes vulnerability #2. Until an update is available, the vendor recommends users not to visit untrusted web sites while being logged in to the administration section. See http://sourceforge.net/project/showfiles.php?group_id=5799&package_id=217167.

    2007-01-11 15:46:00 UTC by beatnik

  • Authentication Bypass

    An error exists in the authentication process, which can be exploited to login as the user "admin" with an arbitrary password. The vulnerability is reported in version 1.2. Prior versions may also be affected.

    2007-01-11 15:43:57 UTC by beatnik

  • Cross-Site Request Forgery

    A vulnerability is caused due to the application allowing administrators to perform certain actions via HTTP requests without performing any validity checks to verify the request. This can e.g. be exploited to add new users by enticing a logged-in administrator to visit a malicious web page. The vulnerability is reported in versions prior to 1.2. Version 1.2 is also affected by this...

    2007-01-11 15:42:54 UTC by beatnik

Our Numbers

About SourceForge

Find Software

Develop Software

Community

Help

Copyright © 2009 Geeknet, Inc. All rights reserved. Terms of Use