Permalink
Commits on Nov 10, 2011
  1. 3.3.10.5 release

    lem9 committed Nov 10, 2011
  2. ChangeLog for 3.3.10.5

    lem9 committed Nov 10, 2011
  3. Disable XML loading plugins on old PHP

    When libxml_disable_entity_loader is not available, we can not guarantee
    safe handling of XML data.
    nijel committed with lem9 Nov 7, 2011
  4. Disable loading of external XML entities when loading XML

    Fixes CVE-2011-4107
    nijel committed with lem9 Nov 7, 2011
  5. Fix merge conflicts

    lem9 committed Nov 10, 2011
Commits on Aug 24, 2011
  1. 3.3.10.4 release

    lem9 committed Aug 24, 2011
  2. ChangeLog for 3.3.10.4

    lem9 committed Aug 24, 2011
Commits on Aug 19, 2011
  1. Missing sanitization on the table, column and index names leads to XS…

    …S vulnerabilities, see PMASA-2011-13
    helmo committed Aug 19, 2011
Commits on Aug 18, 2011
Commits on Aug 8, 2011
  1. XSS fixes

    helmo committed Aug 5, 2011
  2. XSS fixes

    helmo committed Aug 5, 2011
  3. XSS fixes

    helmo committed Aug 5, 2011
Commits on Jul 23, 2011
  1. 3.3.10.3 release

    lem9 committed Jul 23, 2011
  2. 3.3.10.3 release date

    lem9 committed Jul 23, 2011
Commits on Jul 22, 2011
  1. Updated/fixed Changelog

    helmo committed Jul 22, 2011
Commits on Jul 12, 2011
  1. [security] Fixed possible session manipulation in swekey authenticati…

    …on, see PMASA-2011-12
    helmo committed Jul 9, 2011
Commits on Jul 3, 2011
  1. 3.3.10.2 release

    lem9 committed Jul 3, 2011
Commits on Jun 30, 2011
  1. Fixed filtering of a file path, which allowed for directory traversal…

    …, see PMASA-2011-8
    helmo committed Jun 30, 2011
Commits on Jun 29, 2011
Commits on May 20, 2011
  1. 3.3.10.1

    lem9 committed May 20, 2011
  2. XSS on Tracking page

    lem9 committed May 20, 2011
Commits on May 19, 2011
  1. XSS in Tracking page, more

    helmo committed May 19, 2011
  2. XSS in Tracking page

    helmo committed May 19, 2011
Commits on Mar 19, 2011
  1. 3.3.10

    lem9 committed Mar 19, 2011
Commits on Mar 12, 2011
  1. 3.3.10-rc1

    lem9 committed Mar 12, 2011
Commits on Feb 21, 2011
  1. Resort

    nijel committed Feb 21, 2011