mhonarc-commits
[Top] [All Lists]
<prev [Date] next>
[Advanced]

CVS: mharc NEWS,1.28,1.29 TODO,1.10,1.11

2002-07-30 21:53:31
from [Earl Hood <earl(_at_)earlhood(_dot_)com>] [Permanent Link] 
Update of /cvsroot/mhonarc/mharc
In directory subversions:/tmp/cvs-serv6214

Modified Files:
	NEWS TODO 
Log Message:
* cgi-bin/extract-mesg.cgi.in.dist:
  . Changed returned media-type from message/rfc822 to text/plain.
    message/rfc822 is nice since some browsers can render it directly,
    but it does open potential XSS HTML email attacks.

    IMPORTANT NOTE: User upgrading are encouraged to delete
		    "cgi-bin/extract-mesg.cgi.in" and run 'make
		    configure' after extracting this release.  If you
		    really want the message/rfc822 behavior, you can
		    edit "cgi-bin/extract-mesg.cgi.in" and redefine
		    the $message_media_type variable.

* etc/apache.conf.in.dist:
  . Security related comments added.  Users are encourage to read
    if using etc/apache.conf.


Index: NEWS
===================================================================
RCS file: /cvsroot/mhonarc/mharc/NEWS,v
retrieving revision 1.28
retrieving revision 1.29
diff -C2 -r1.28 -r1.29
*** NEWS	25 Jul 2002 03:29:38 -0000	1.28
--- NEWS	31 Jul 2002 04:53:21 -0000	1.29
***************
*** 1,3 ****
--- 1,22 ----
  ===========================================================================
+ 2002/MM/DD: v0.5.1
+ 
+ * cgi-bin/extract-mesg.cgi.in.dist:
+   . Changed returned media-type from message/rfc822 to text/plain.
+     message/rfc822 is nice since some browsers can render it directly,
+     but it does open potential XSS HTML email attacks.
+ 
+     IMPORTANT NOTE: User upgrading are encouraged to delete
+ 		    "cgi-bin/extract-mesg.cgi.in" and run 'make
+ 		    configure' after extracting this release.  If you
+ 		    really want the message/rfc822 behavior, you can
+ 		    edit "cgi-bin/extract-mesg.cgi.in" and redefine
+ 		    the $message_media_type variable.
+ 
+ * etc/apache.conf.in.dist:
+   . Security related comments added.  Users are encourage to read
+     if using etc/apache.conf.
+ 
+ ===========================================================================
  2002/07/24: v0.5.0
  

Index: TODO
===================================================================
RCS file: /cvsroot/mhonarc/mharc/TODO,v
retrieving revision 1.10
retrieving revision 1.11
diff -C2 -r1.10 -r1.11
*** TODO	23 Jul 2002 04:00:21 -0000	1.10
--- TODO	31 Jul 2002 04:53:21 -0000	1.11
***************
*** 18,21 ****
--- 18,24 ----
      location.
  
+  => Make everything into modules and just have one command
+     to use to run everything.
+ 
  ===========================================================================
  $Id$

---------------------------------------------------------------------
To sign-off this list, send email to majordomo(_at_)mhonarc(_dot_)org with the
message text UNSUBSCRIBE MHONARC-DEV
[More with this subject...]
Previous by Date:  CVS: mharc/cgi-bin extract-mesg.cgi.in.dist,1.1,1.2, Earl Hood <earl(_at_)earlhood(_dot_)com>
Next by Date:  CVS: mharc/etc apache.conf.in.dist,1.4,1.5, Earl Hood <earl(_at_)earlhood(_dot_)com>
Previous by Thread:  CVS: mharc/cgi-bin extract-mesg.cgi.in.dist,1.1,1.2, Earl Hood <earl(_at_)earlhood(_dot_)com>
Next by Thread:  CVS: mharc/etc apache.conf.in.dist,1.4,1.5, Earl Hood <earl(_at_)earlhood(_dot_)com>
Indexes:  [Date] [Top] [All Lists]