projects / platal.git / blame
| Commit | Line | Data |
|---|---|---|
| 358c62cd VZ |
1 | # List of security fixes that have been committed to the "master" branch. |
| 2 | # This list is used to programmatically determine if a checkout of plat/al has | |
| 3 | # known vulnerabilities (which is useful for automatically disabling an unused | |
| 4 | # and unsafe checkout). | |
| 5 | # | |
| 6 | # In order to guarantee that only patched checkouts do have an updated SECURITY | |
| 7 | # file, updates of this file should be done within the same sommit that actually | |
| 8 | # fixes the security issue. Since the commit id is not known yet, it can be | |
| 9 | # replaced by '00000000', and updated later. | |
| 10 | # | |
| 11 | # Format: <date> <commit id> <commit description> | |
| 12 | # The commit id should refer to the id in the "master" branch, if the initial | |
| 13 | # commit in a version branch had another name. | |
| 14 | ||
| ac3ccae4 | 15 | 2012-01-04 a471e374 Fixes access to list administration. |
| dbe8d7f0 | 16 | 2010-10-28 4c5a5921 Registration allowed reactivation and resetting password of disabled accounts. |
| 452ad69a SJ |
17 | 2010-06-23 aa8a2914 Fix visibility of emails, groups, death info on profile. |
| 18 | 2010-04-02 3e2442cd Fix freetext visibility. | |
| 358c62cd VZ |
19 | 2009-10-19 e10bc2ef Prevents auth-groupex from leaking data to third-party attackers. |
| 20 | 2008-12-21 a25cdc91 Fixes a SQL injection in geoloc.inc.php. |