[geeklog-cvs] geeklog-1.3/docs history,1.168,1.168.2.1 install.html,1.28,1.28.2.1
dhaun at iowaoutdoors.org
dhaun at iowaoutdoors.org
Mon May 31 06:52:19 EDT 2004
Update of /var/cvs/geeklog-1.3/docs
In directory www:/tmp/cvs-serv13789/docs
Modified Files:
Tag: geeklog_1_3_9_1
history install.html
Log Message:
Updated documentation and version number.
Index: install.html
===================================================================
RCS file: /var/cvs/geeklog-1.3/docs/install.html,v
retrieving revision 1.28
retrieving revision 1.28.2.1
diff -C2 -d -r1.28 -r1.28.2.1
*** install.html 14 Mar 2004 20:37:53 -0000 1.28
--- install.html 31 May 2004 10:52:16 -0000 1.28.2.1
***************
*** 139,143 ****
<li>Unpack the tarball *within* your web tree by running the following in your shell (this assumes you have ssh access and that you are working with the tarball <i>on the designated server </i>- this can be locally or hosted elsewhere):<br>
<br>
! <code>tar -zxvf geeklog-1.3.9.tar.gz</code><br>
<br>
<b>FTP, Windows Users:</b> unpack the tarball on your <i>local computer</i> and upload the result to your designated server. Everything uploads as ASCII except the images.<br>
--- 139,143 ----
<li>Unpack the tarball *within* your web tree by running the following in your shell (this assumes you have ssh access and that you are working with the tarball <i>on the designated server </i>- this can be locally or hosted elsewhere):<br>
<br>
! <code>tar -zxvf geeklog-1.3.9sr1.tar.gz</code><br>
<br>
<b>FTP, Windows Users:</b> unpack the tarball on your <i>local computer</i> and upload the result to your designated server. Everything uploads as ASCII except the images.<br>
Index: history
===================================================================
RCS file: /var/cvs/geeklog-1.3/docs/history,v
retrieving revision 1.168
retrieving revision 1.168.2.1
diff -C2 -d -r1.168 -r1.168.2.1
*** history 14 Mar 2004 20:42:12 -0000 1.168
--- history 31 May 2004 10:52:16 -0000 1.168.2.1
***************
*** 1,4 ****
--- 1,36 ----
GeekLog History/Changes:
+ Jun 1, 2004 (1.3.9sr1)
+ -----------
+
+ This release addresses the following security issues:
+
+ - It was possible to post anonymous comments, even when anonymous comment
+ posting had been switched off in config.php [Vinny, Dirk]
+ - Added an additional check for the comment speed limit [Vinny]
+ - It was still possible to read the comments to stories, even when the user
+ didn't have access to the story's topic (provided they knew the story id)
+ [Vinny, Dirk]
+ - If none of the topics were visible for anonymous users, the site's index
+ page may still have displayed some stories for anonymous users, depending on
+ the stories' permissions [Vinny, Dirk]
+ - Users still got Daily Digest emails for topics from which they had been
+ removed (bug #178) [Dirk]
+ - It was possible to subscribe to the Daily Digest for all topics, even if the
+ user did not have access to certain topics [Dirk]
+ - Don't list stories or comments in the user profile if the current user isn't
+ allowed to see the topics they were posted under (bug #208) [Dirk]
+
+ Non-security related fixes:
+
+ - Fixed an SQL error in COM_showTopics if users excluded topics (in their
+ preferences) [Dirk]
+ - Fixed sporadic "Duplicate entry '...' for key 1." messages in error.log
+ (caused by the handling of pseudo-session ids for anonymous users) [Dirk]
+ - Fixed incorrect author names in Daily Digest (bug #207) [Dirk]
+ - The plugin_profileblocksedit_<plugin-name> Plugin API function wasn't working
+ due to a missing piece of code in usersettings.php [Dirk]
+
+
Mar 14, 2004 (1.3.9)
------------
More information about the geeklog-cvs
mailing list