Skip to content


Subversion checkout URL

You can clone with
Download ZIP
Commits on Apr 25, 2004
  1. @perusionmike
  2. @racke
Commits on Apr 24, 2004
  1. @racke
Commits on Apr 23, 2004
  1. @perusionmike
Commits on Apr 22, 2004
  1. @racke
  2. @perusionmike

    * Add Interchange::Link, a mod_perl 1.99/2.0 link program.

    perusionmike authored
    * Documentation embedded in module, and also in README.
  3. @jonjensen

    Update ui-version.

    jonjensen authored
Commits on Apr 21, 2004
  1. @racke
  2. @racke
Commits on Apr 20, 2004
  1. @racke

    translation added

    racke authored
  2. @racke

    merge 5.1.1 changelog entry

    racke authored
  3. @racke

    missing <p> tag added

    racke authored
  4. @jonjensen
  5. @jonjensen
  6. @racke
  7. @racke
  8. @racke
  9. @racke

    merged changes 1.1 vs

    racke authored
    +++ +++
    added Russian translation of debconf templates (Closes: #137663)
Commits on Apr 19, 2004
  1. @racke
  2. @perusionmike

    * Add NN$ to the filter spec for length, shows only last NN characters

    perusionmike authored
      of string preceded by a fake ... ellipsis.
    	[filter 10]A long string that needs truncating.[/filter]
    	[filter 10.]A long string that needs truncating.[/filter]
    	[filter 10$]A long string that needs truncating.[/filter]
    	A long str
    	A long str...
      I thought about .NN, but it didn't seem as logical to my Perlish mind.
  3. @racke

    EFSNet payment module added

    racke authored
  4. @racke
  5. @racke
Commits on Apr 18, 2004
  1. * Re-created the missing 5.0.1 entries.

    Kevin Walsh authored
  2. * Commented out the ::logDebug() calls.

    Kevin Walsh authored
Commits on Apr 17, 2004
  1. @perusionmike
  2. @perusionmike
Commits on Apr 16, 2004
  1. * Vend::Payment::EFSNet module, written and donated by Chris

    Kevin Walsh authored
    	  Wenham of Synesmedia with the following text:
    	  The following module interfaces to Concord EFSNet's credit card
    	  gateway ( and is being donated to
    	  the community under the GPL.  I built it by copying the
    	  Authorize.Net module and modifying it to EFSNet's spec, but it
    	  supports sale, auth, settle, capture, void, return and credit.
    	  This module has been certified by EFSNet as version 1.1.0, so if
    	  you make any non-trivial changes you'll need to go through their
    	  certification process again. I can provide the certification
    	  letters I received, upon request, if you need them.
    	  Thanks Chris!
  2. @perusionmike

    * Remove security hole where by a non-admin user with write permission

    perusionmike authored
      to files for ITL could elevate their login status to admin.
    	logout=[userdb logout]
    		$Config->{AdminUserDB}{default} = 1;
    	login=[userdb function=login username=mike password=pass]
      This would cause setting of $Vend::admin.
    * Create a new %Global::ReadOnlyCfg hash with the pristine
      values from the initial configuration. At catalog configuration
      time, the values from AdminUserDB and UserDB_repository are
      copied over.
    * The UserDB login function now references the read-only config
      to determine admin status.
    * TODO: Make all functions reference this read-only config.
    * Not from an exploit, from a code read.
    * TODO: Determine if 5.0 and/or 5.2 should be patched.
  3. @perusionmike
  4. @perusionmike

    * Fix security hole. A user, should they be able to execute embedded …

    perusionmike authored
      could do
      		delete $Config->{AdminUserDB};
      and then log in as an admin.
      No known exploits, just from a code read. There is still a hole, as
      we need to set some of these values read-only, but this will help.
Commits on Apr 15, 2004
  1. @racke
  2. @perusionmike
  3. @perusionmike
Something went wrong with that request. Please try again.