Commit | Line | Data |
---|---|---|
358c62cd VZ |
1 | # List of security fixes that have been committed to the "master" branch. |
2 | # This list is used to programmatically determine if a checkout of plat/al has | |
3 | # known vulnerabilities (which is useful for automatically disabling an unused | |
4 | # and unsafe checkout). | |
5 | # | |
6 | # In order to guarantee that only patched checkouts do have an updated SECURITY | |
7 | # file, updates of this file should be done within the same sommit that actually | |
8 | # fixes the security issue. Since the commit id is not known yet, it can be | |
9 | # replaced by '00000000', and updated later. | |
10 | # | |
11 | # Format: <date> <commit id> <commit description> | |
12 | # The commit id should refer to the id in the "master" branch, if the initial | |
13 | # commit in a version branch had another name. | |
14 | ||
ac3ccae4 | 15 | 2012-01-04 a471e374 Fixes access to list administration. |
dbe8d7f0 | 16 | 2010-10-28 4c5a5921 Registration allowed reactivation and resetting password of disabled accounts. |
452ad69a SJ |
17 | 2010-06-23 aa8a2914 Fix visibility of emails, groups, death info on profile. |
18 | 2010-04-02 3e2442cd Fix freetext visibility. | |
358c62cd VZ |
19 | 2009-10-19 e10bc2ef Prevents auth-groupex from leaking data to third-party attackers. |
20 | 2008-12-21 a25cdc91 Fixes a SQL injection in geoloc.inc.php. |