[Linpha-cvs] linpha ChangeLog,1.1276,1.1277
Status: Inactive
Brought to you by:
bzrudi
Menu
▾
▴
[Linpha-cvs] linpha ChangeLog,1.1276,1.1277
|
From: Florian A. <fan...@us...> - 2008-04-13 20:59:39
|
Update of /cvsroot/linpha/linpha In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv8921 Modified Files: ChangeLog Log Message: 2008-04-13 flo * fixed LinPHA "maps_type" Local File Inclusion Vulnerability reported here: http://secunia.com/advisories/29724/ Index: ChangeLog =================================================================== RCS file: /cvsroot/linpha/linpha/ChangeLog,v retrieving revision 1.1276 retrieving revision 1.1277 diff -C2 -d -r1.1276 -r1.1277 *** ChangeLog 7 Feb 2008 15:06:58 -0000 1.1276 --- ChangeLog 13 Apr 2008 20:59:33 -0000 1.1277 *************** *** 1,2 **** --- 1,6 ---- + 2008-04-13 flo + * fixed LinPHA "maps_type" Local File Inclusion Vulnerability + reported here: http://secunia.com/advisories/29724/ + ############################################### ### ### *************** *** 452,458 **** use htmlspecialchars() before write logger events to database or to text file for example: ! User <?php echo system($_GET['cwd']); ?>: login failed! will be replaced by: ! User <?php echo system($_GET['cwd']); ?>: login failed! 2006-02-16 flo --- 456,462 ---- use htmlspecialchars() before write logger events to database or to text file for example: ! User <?php echo something evil ?>: login failed! will be replaced by: ! User <?php echo 'cwd' ?>: login failed! 2006-02-16 flo |
