mhonarc-commits
[Top] [All Lists]
<prev [Date] next>
[Advanced]

CVS: mhonarc/MHonArc CHANGES,1.84,1.84.2.1

2002-12-21 17:44:05
from [Earl Hood <earl(_at_)earlhood(_dot_)com>] [Permanent Link] 
Update of /cvsroot/mhonarc/mhonarc/MHonArc
In directory subversions:/tmp/cvs-serv10529

Modified Files:
      Tag: v2-5-13-sp
	CHANGES 
Log Message:
* XSS Fix.


Index: CHANGES
===================================================================
RCS file: /cvsroot/mhonarc/mhonarc/MHonArc/CHANGES,v
retrieving revision 1.84
retrieving revision 1.84.2.1
diff -C2 -r1.84 -r1.84.2.1
*** CHANGES	21 Oct 2002 16:55:51 -0000	1.84
--- CHANGES	22 Dec 2002 00:43:56 -0000	1.84.2.1
***************
*** 14,17 ****
--- 14,25 ----
  YYYY/MM/DD
  ============================================================================
+ 2002/12/21	(2.5.14)
+ 
+ * Security patch release: This release fixes a cross-site scripting
+   (XSS) vulnerability in m2h_text_html::filter (the HTML filter).
+   A specially crafted HTML message can have scripting markup get
+   by the script filtering done by m2h_text_html::filter.
+ 
+ ============================================================================
  2002/10/21	(2.5.13)
  

---------------------------------------------------------------------
To sign-off this list, send email to majordomo(_at_)mhonarc(_dot_)org with the
message text UNSUBSCRIBE MHONARC-DEV
[More with this subject...]
Previous by Date:  CVS: mhonarc/MHonArc/doc/faq envs.html,1.17,1.18, Earl Hood <earl(_at_)earlhood(_dot_)com>
Next by Date:  CVS: mhonarc/MHonArc/lib mhamain.pl,2.50,2.50.2.1 mhtxthtml.pl,2.22,2.22.2.1, Earl Hood <earl(_at_)earlhood(_dot_)com>
Previous by Thread:  CVS: mhonarc/MHonArc/doc/faq envs.html,1.17,1.18, Earl Hood <earl(_at_)earlhood(_dot_)com>
Next by Thread:  CVS: mhonarc/MHonArc/lib mhamain.pl,2.50,2.50.2.1 mhtxthtml.pl,2.22,2.22.2.1, Earl Hood <earl(_at_)earlhood(_dot_)com>
Indexes:  [Date] [Top] [All Lists]