[geeklog-cvs] geeklog: Updated version numbers and list of changes
geeklog-cvs at lists.geeklog.net
geeklog-cvs at lists.geeklog.net
Sat Apr 18 07:23:26 EDT 2009
details: http://project.geeklog.net/cgi-bin/hgweb.cgi/rev/c8ee796a9cb9
changeset: 6954:c8ee796a9cb9
user: Dirk Haun <dirk at haun-online.de>
date: Sat Apr 18 09:58:24 2009 +0200
description:
Updated version numbers and list of changes
diffstat:
4 files changed, 19 insertions(+), 3 deletions(-)
public_html/admin/install/index.php | 2 +-
public_html/docs/changes.html | 7 ++++++-
public_html/docs/history | 11 +++++++++++
public_html/siteconfig.php.dist | 2 +-
diffs (62 lines):
diff -r bf1cdc081217 -r c8ee796a9cb9 public_html/admin/install/index.php
--- a/public_html/admin/install/index.php Fri Apr 17 14:42:28 2009 -0600
+++ b/public_html/admin/install/index.php Sat Apr 18 09:58:24 2009 +0200
@@ -48,7 +48,7 @@
define("LB", "\n");
}
if (!defined('VERSION')) {
- define('VERSION', '1.5.2sr3');
+ define('VERSION', '1.5.2sr4');
}
if (!defined('XHTML')) {
define('XHTML', ' /');
diff -r bf1cdc081217 -r c8ee796a9cb9 public_html/docs/changes.html
--- a/public_html/docs/changes.html Fri Apr 17 14:42:28 2009 -0600
+++ b/public_html/docs/changes.html Sat Apr 18 09:58:24 2009 +0200
@@ -16,9 +16,14 @@
<a href="history">ChangeLog</a>. The file <tt>docs/changed-files</tt> has a list
of files that have been changed since the last release.</p>
+<h2><a name="changes152sr4">Geeklog 1.5.2sr4</a></h2>
+
+<p>Bookoo of the Nine Situations Group posted another SQL injection exploit, targetting an old bug in usersettings.php. As with the previous issues, this allowed an attacker to extract the password hash for any account and is fixed with this release.</p>
+
+
<h2><a name="changes152sr3">Geeklog 1.5.2sr3</a></h2>
-<p>Bookoo of the Nine Situations Group posted another SQL injection exploit, this time targetting the webservices API. As with the previous issue, this allowed an attacker to extract the password hash for any account and is fixed with this release.
+<p>Bookoo of the Nine Situations Group posted another SQL injection exploit, this time targetting the webservices API. As with the previous issue, this allowed an attacker to extract the password hash for any account and is fixed with this release.</p>
<h2><a name="changes152sr2">Geeklog 1.5.2sr2</a></h2>
diff -r bf1cdc081217 -r c8ee796a9cb9 public_html/docs/history
--- a/public_html/docs/history Fri Apr 17 14:42:28 2009 -0600
+++ b/public_html/docs/history Sat Apr 18 09:58:24 2009 +0200
@@ -1,4 +1,15 @@
Geeklog History/Changes:
+
+Apr 18, 2009 (1.5.2sr4)
+------------
+
+This release addresses the following security issue:
+
+Bookoo of the Nine Situations Group posted another SQL injection exploit,
+targetting an old bug in usersettings.php. As with the previous issues, this
+allowed an attacker to extract the password hash for any account and is fixed
+with this release.
+
Apr 13, 2009 (1.5.2sr3)
------------
diff -r bf1cdc081217 -r c8ee796a9cb9 public_html/siteconfig.php.dist
--- a/public_html/siteconfig.php.dist Fri Apr 17 14:42:28 2009 -0600
+++ b/public_html/siteconfig.php.dist Sat Apr 18 09:58:24 2009 +0200
@@ -38,7 +38,7 @@
define('LB',"\n");
}
if (!defined('VERSION')) {
- define('VERSION', '1.5.2sr3');
+ define('VERSION', '1.5.2sr4');
}
?>
More information about the geeklog-cvs
mailing list