Changelog: Unterschied zwischen den Versionen

Aus Ameise-de
Zur Navigation springenZur Suche springen
Keine Bearbeitungszusammenfassung
Keine Bearbeitungszusammenfassung
Zeile 1: Zeile 1:
== Client ==
== AMEISE Gesamtsystem ==


=== Version 3.4 ===
* released 2007-02-15
{| style="width:100%;border:0px solid green;padding:0em; color: black;"
|-
| style="padding-left:1em"|
''BUGs''
|-
| style="padding-left:2em"|
* Fixed CVE-2007-1001, GD wbmp used with invalid image size (by Ivan Fratric) (Pierre)
* Fixed a header injection via Subject and To parameters to the mail() function (MOPB-34 by Stefan Esser) (Ilia)
* Fixed asciiz byte truncation inside mail() (MOPB-33 by Stefan Esser) (Ilia)
* Fixed wrong length calculation in unserialize S type (MOPB-29 by Stefan Esser) (Stas)
* Fixed a bug in mb_parse_str() that can be used to activate register_globals (MOPB-26 by Stefan Esser) (Ilia)
* Fixed unallocated memory access/double free in in array_user_key_compare() (MOPB-24 by Stefan Esser) (Stas)
* Fixed a double free inside session_regenerate_id() (MOPB-22 by Stefan Esser) (Ilia)
|-
| style="padding-left:1em"|
''NEW FEATUREs''
|-
| style="padding-left:2em"|
* Fixed CVE-2007-1001, GD wbmp used with invalid image size (by Ivan Fratric) (Pierre)
* Fixed a header injection via Subject and To parameters to the mail() function (MOPB-34 by Stefan Esser) (Ilia)
* Fixed asciiz byte truncation inside mail() (MOPB-33 by Stefan Esser) (Ilia)
* Fixed wrong length calculation in unserialize S type (MOPB-29 by Stefan Esser) (Stas)
* Fixed a bug in mb_parse_str() that can be used to activate register_globals (MOPB-26 by Stefan Esser) (Ilia)
* Fixed unallocated memory access/double free in in array_user_key_compare() (MOPB-24 by Stefan Esser) (Stas)
* Fixed a double free inside session_regenerate_id() (MOPB-22 by Stefan Esser) (Ilia)
|}
=== Version 3.3 ===
{| style="width:100%;border:0px solid green;padding:0em; color: black;"
|-
| style="padding-left:1em"|
''BUGs''
|-
| style="padding-left:2em"|
* Fixed CVE-2007-1001, GD wbmp used with invalid image size (by Ivan Fratric) (Pierre)
* Fixed a header injection via Subject and To parameters to the mail() function (MOPB-34 by Stefan Esser) (Ilia)
* Fixed asciiz byte truncation inside mail() (MOPB-33 by Stefan Esser) (Ilia)
* Fixed wrong length calculation in unserialize S type (MOPB-29 by Stefan Esser) (Stas)
* Fixed a bug in mb_parse_str() that can be used to activate register_globals (MOPB-26 by Stefan Esser) (Ilia)
* Fixed unallocated memory access/double free in in array_user_key_compare() (MOPB-24 by Stefan Esser) (Stas)
* Fixed a double free inside session_regenerate_id() (MOPB-22 by Stefan Esser) (Ilia)
|-
| style="padding-left:1em"|
''NEW FEATUREs''
|-
| style="padding-left:2em"|
* Fixed CVE-2007-1001, GD wbmp used with invalid image size (by Ivan Fratric) (Pierre)
* Fixed a header injection via Subject and To parameters to the mail() function (MOPB-34 by Stefan Esser) (Ilia)
* Fixed asciiz byte truncation inside mail() (MOPB-33 by Stefan Esser) (Ilia)
* Fixed wrong length calculation in unserialize S type (MOPB-29 by Stefan Esser) (Stas)
* Fixed a bug in mb_parse_str() that can be used to activate register_globals (MOPB-26 by Stefan Esser) (Ilia)
* Fixed unallocated memory access/double free in in array_user_key_compare() (MOPB-24 by Stefan Esser) (Stas)
* Fixed a double free inside session_regenerate_id() (MOPB-22 by Stefan Esser) (Ilia)
|}
=== Version 3.2 ===
{| style="width:100%;border:0px solid green;padding:0em; color: black;"
|-
| style="padding-left:1em"|
''BUGs''
|-
| style="padding-left:2em"|
* Fixed CVE-2007-1001, GD wbmp used with invalid image size (by Ivan Fratric) (Pierre)
* Fixed a header injection via Subject and To parameters to the mail() function (MOPB-34 by Stefan Esser) (Ilia)
* Fixed asciiz byte truncation inside mail() (MOPB-33 by Stefan Esser) (Ilia)
* Fixed wrong length calculation in unserialize S type (MOPB-29 by Stefan Esser) (Stas)
* Fixed a bug in mb_parse_str() that can be used to activate register_globals (MOPB-26 by Stefan Esser) (Ilia)
* Fixed unallocated memory access/double free in in array_user_key_compare() (MOPB-24 by Stefan Esser) (Stas)
* Fixed a double free inside session_regenerate_id() (MOPB-22 by Stefan Esser) (Ilia)
|-
| style="padding-left:1em"|
''NEW FEATUREs''
|-
| style="padding-left:2em"|
* Fixed CVE-2007-1001, GD wbmp used with invalid image size (by Ivan Fratric) (Pierre)
* Fixed a header injection via Subject and To parameters to the mail() function (MOPB-34 by Stefan Esser) (Ilia)
* Fixed asciiz byte truncation inside mail() (MOPB-33 by Stefan Esser) (Ilia)
* Fixed wrong length calculation in unserialize S type (MOPB-29 by Stefan Esser) (Stas)
* Fixed a bug in mb_parse_str() that can be used to activate register_globals (MOPB-26 by Stefan Esser) (Ilia)
* Fixed unallocated memory access/double free in in array_user_key_compare() (MOPB-24 by Stefan Esser) (Stas)
* Fixed a double free inside session_regenerate_id() (MOPB-22 by Stefan Esser) (Ilia)
|}
=== Version 3.1 ===
{| style="width:100%;border:0px solid green;padding:0em; color: black;"
|-
| style="padding-left:1em"|
''BUGs''
|-
| style="padding-left:2em"|
* Fixed CVE-2007-1001, GD wbmp used with invalid image size (by Ivan Fratric) (Pierre)
* Fixed a header injection via Subject and To parameters to the mail() function (MOPB-34 by Stefan Esser) (Ilia)
* Fixed asciiz byte truncation inside mail() (MOPB-33 by Stefan Esser) (Ilia)
* Fixed wrong length calculation in unserialize S type (MOPB-29 by Stefan Esser) (Stas)
* Fixed a bug in mb_parse_str() that can be used to activate register_globals (MOPB-26 by Stefan Esser) (Ilia)
* Fixed unallocated memory access/double free in in array_user_key_compare() (MOPB-24 by Stefan Esser) (Stas)
* Fixed a double free inside session_regenerate_id() (MOPB-22 by Stefan Esser) (Ilia)
|-
| style="padding-left:1em"|
''NEW FEATUREs''
|-
| style="padding-left:2em"|
* Fixed CVE-2007-1001, GD wbmp used with invalid image size (by Ivan Fratric) (Pierre)
* Fixed a header injection via Subject and To parameters to the mail() function (MOPB-34 by Stefan Esser) (Ilia)
* Fixed asciiz byte truncation inside mail() (MOPB-33 by Stefan Esser) (Ilia)
* Fixed wrong length calculation in unserialize S type (MOPB-29 by Stefan Esser) (Stas)
* Fixed a bug in mb_parse_str() that can be used to activate register_globals (MOPB-26 by Stefan Esser) (Ilia)
* Fixed unallocated memory access/double free in in array_user_key_compare() (MOPB-24 by Stefan Esser) (Stas)
* Fixed a double free inside session_regenerate_id() (MOPB-22 by Stefan Esser) (Ilia)
|}
=== Version 3.0 ===
{| style="width:100%;border:0px solid green;padding:0em; color: black;"
|-
| style="padding-left:1em"|
''BUGs''
|-
| style="padding-left:2em"|
* Fixed CVE-2007-1001, GD wbmp used with invalid image size (by Ivan Fratric) (Pierre)
* Fixed a header injection via Subject and To parameters to the mail() function (MOPB-34 by Stefan Esser) (Ilia)
* Fixed asciiz byte truncation inside mail() (MOPB-33 by Stefan Esser) (Ilia)
* Fixed wrong length calculation in unserialize S type (MOPB-29 by Stefan Esser) (Stas)
* Fixed a bug in mb_parse_str() that can be used to activate register_globals (MOPB-26 by Stefan Esser) (Ilia)
* Fixed unallocated memory access/double free in in array_user_key_compare() (MOPB-24 by Stefan Esser) (Stas)
* Fixed a double free inside session_regenerate_id() (MOPB-22 by Stefan Esser) (Ilia)
|-
| style="padding-left:1em"|
''NEW FEATUREs''
|-
| style="padding-left:2em"|
* Fixed CVE-2007-1001, GD wbmp used with invalid image size (by Ivan Fratric) (Pierre)
* Fixed a header injection via Subject and To parameters to the mail() function (MOPB-34 by Stefan Esser) (Ilia)
* Fixed asciiz byte truncation inside mail() (MOPB-33 by Stefan Esser) (Ilia)
* Fixed wrong length calculation in unserialize S type (MOPB-29 by Stefan Esser) (Stas)
* Fixed a bug in mb_parse_str() that can be used to activate register_globals (MOPB-26 by Stefan Esser) (Ilia)
* Fixed unallocated memory access/double free in in array_user_key_compare() (MOPB-24 by Stefan Esser) (Stas)
* Fixed a double free inside session_regenerate_id() (MOPB-22 by Stefan Esser) (Ilia)
|}
== Server ==


=== Version 3.4 ===
=== Version 3.4 ===
* released 2007-05-15
{| style="width:100%;border:0px solid green;padding:0em; color: black;"
{| style="width:100%;border:0px solid green;padding:0em; color: black;"
|-
|-
Zeile 159: Zeile 10:
|-
|-
| style="padding-left:2em"|
| style="padding-left:2em"|
* Fixed CVE-2007-1001, GD wbmp used with invalid image size (by Ivan Fratric) (Pierre)
* Fixed CR07-C-01, Timeouts im Client durch Datenbank Deadlocks (Pohl)
* Fixed a header injection via Subject and To parameters to the mail() function (MOPB-34 by Stefan Esser) (Ilia)
* Fixed CR07-C-02, Falsche Synchronisation der Client Hilfskomponenten (Pohl)
* Fixed asciiz byte truncation inside mail() (MOPB-33 by Stefan Esser) (Ilia)
* Fixed CR06-C-13, Sonderzeichen in der Befehlsauswahlliste (Bollin)
* Fixed wrong length calculation in unserialize S type (MOPB-29 by Stefan Esser) (Stas)
* Fixed CR06-D-02, Alte DB-Initialisierungtsscripts (Pohl)
* Fixed a bug in mb_parse_str() that can be used to activate register_globals (MOPB-26 by Stefan Esser) (Ilia)
* Fixed unallocated memory access/double free in in array_user_key_compare() (MOPB-24 by Stefan Esser) (Stas)
* Fixed a double free inside session_regenerate_id() (MOPB-22 by Stefan Esser) (Ilia)
|-
|-
| style="padding-left:1em"|
| style="padding-left:1em"|
Zeile 171: Zeile 19:
|-
|-
| style="padding-left:2em"|
| style="padding-left:2em"|
* Fixed CVE-2007-1001, GD wbmp used with invalid image size (by Ivan Fratric) (Pierre)
* New REQ-S07-01, Hinzufuegen neues Kommando (show me all activities) (Bollin)
* Fixed a header injection via Subject and To parameters to the mail() function (MOPB-34 by Stefan Esser) (Ilia)
* New REQ-C07-03, Entfernen des Friendly Peers aufgrund von Resourcen-Problemen (Pohl)
* Fixed asciiz byte truncation inside mail() (MOPB-33 by Stefan Esser) (Ilia)
* New REQ-C07-04, Ratgeber gibt kontextsensitives Feedback (Pohl, Kury)
* Fixed wrong length calculation in unserialize S type (MOPB-29 by Stefan Esser) (Stas)
* Fixed a bug in mb_parse_str() that can be used to activate register_globals (MOPB-26 by Stefan Esser) (Ilia)
* Fixed unallocated memory access/double free in in array_user_key_compare() (MOPB-24 by Stefan Esser) (Stas)
* Fixed a double free inside session_regenerate_id() (MOPB-22 by Stefan Esser) (Ilia)
|}
|}




=== Version 3.3 ===
=== Version 3.3 ===
* released 2006-12-15
{| style="width:100%;border:0px solid green;padding:0em; color: black;"
{| style="width:100%;border:0px solid green;padding:0em; color: black;"
|-
|-
Zeile 208: Zeile 53:
* Fixed a double free inside session_regenerate_id() (MOPB-22 by Stefan Esser) (Ilia)
* Fixed a double free inside session_regenerate_id() (MOPB-22 by Stefan Esser) (Ilia)
|}
|}
=== Version 3.2 ===
{| style="width:100%;border:0px solid green;padding:0em; color: black;"
|-
| style="padding-left:1em"|
''BUGs''
|-
| style="padding-left:2em"|
* Fixed CVE-2007-1001, GD wbmp used with invalid image size (by Ivan Fratric) (Pierre)
* Fixed a header injection via Subject and To parameters to the mail() function (MOPB-34 by Stefan Esser) (Ilia)
* Fixed asciiz byte truncation inside mail() (MOPB-33 by Stefan Esser) (Ilia)
* Fixed wrong length calculation in unserialize S type (MOPB-29 by Stefan Esser) (Stas)
* Fixed a bug in mb_parse_str() that can be used to activate register_globals (MOPB-26 by Stefan Esser) (Ilia)
* Fixed unallocated memory access/double free in in array_user_key_compare() (MOPB-24 by Stefan Esser) (Stas)
* Fixed a double free inside session_regenerate_id() (MOPB-22 by Stefan Esser) (Ilia)
|-
| style="padding-left:1em"|
''NEW FEATUREs''
|-
| style="padding-left:2em"|
* Fixed CVE-2007-1001, GD wbmp used with invalid image size (by Ivan Fratric) (Pierre)
* Fixed a header injection via Subject and To parameters to the mail() function (MOPB-34 by Stefan Esser) (Ilia)
* Fixed asciiz byte truncation inside mail() (MOPB-33 by Stefan Esser) (Ilia)
* Fixed wrong length calculation in unserialize S type (MOPB-29 by Stefan Esser) (Stas)
* Fixed a bug in mb_parse_str() that can be used to activate register_globals (MOPB-26 by Stefan Esser) (Ilia)
* Fixed unallocated memory access/double free in in array_user_key_compare() (MOPB-24 by Stefan Esser) (Stas)
* Fixed a double free inside session_regenerate_id() (MOPB-22 by Stefan Esser) (Ilia)
|}
=== Version 3.1 ===
{| style="width:100%;border:0px solid green;padding:0em; color: black;"
|-
| style="padding-left:1em"|
''BUGs''
|-
| style="padding-left:2em"|
* Fixed CVE-2007-1001, GD wbmp used with invalid image size (by Ivan Fratric) (Pierre)
* Fixed a header injection via Subject and To parameters to the mail() function (MOPB-34 by Stefan Esser) (Ilia)
* Fixed asciiz byte truncation inside mail() (MOPB-33 by Stefan Esser) (Ilia)
* Fixed wrong length calculation in unserialize S type (MOPB-29 by Stefan Esser) (Stas)
* Fixed a bug in mb_parse_str() that can be used to activate register_globals (MOPB-26 by Stefan Esser) (Ilia)
* Fixed unallocated memory access/double free in in array_user_key_compare() (MOPB-24 by Stefan Esser) (Stas)
* Fixed a double free inside session_regenerate_id() (MOPB-22 by Stefan Esser) (Ilia)
|-
| style="padding-left:1em"|
''NEW FEATUREs''
|-
| style="padding-left:2em"|
* Fixed CVE-2007-1001, GD wbmp used with invalid image size (by Ivan Fratric) (Pierre)
* Fixed a header injection via Subject and To parameters to the mail() function (MOPB-34 by Stefan Esser) (Ilia)
* Fixed asciiz byte truncation inside mail() (MOPB-33 by Stefan Esser) (Ilia)
* Fixed wrong length calculation in unserialize S type (MOPB-29 by Stefan Esser) (Stas)
* Fixed a bug in mb_parse_str() that can be used to activate register_globals (MOPB-26 by Stefan Esser) (Ilia)
* Fixed unallocated memory access/double free in in array_user_key_compare() (MOPB-24 by Stefan Esser) (Stas)
* Fixed a double free inside session_regenerate_id() (MOPB-22 by Stefan Esser) (Ilia)
|}
=== Version 3.0 ===
{| style="width:100%;border:0px solid green;padding:0em; color: black;"
|-
| style="padding-left:1em"|
''BUGs''
|-
| style="padding-left:2em"|
* Fixed CVE-2007-1001, GD wbmp used with invalid image size (by Ivan Fratric) (Pierre)
* Fixed a header injection via Subject and To parameters to the mail() function (MOPB-34 by Stefan Esser) (Ilia)
* Fixed asciiz byte truncation inside mail() (MOPB-33 by Stefan Esser) (Ilia)
* Fixed wrong length calculation in unserialize S type (MOPB-29 by Stefan Esser) (Stas)
* Fixed a bug in mb_parse_str() that can be used to activate register_globals (MOPB-26 by Stefan Esser) (Ilia)
* Fixed unallocated memory access/double free in in array_user_key_compare() (MOPB-24 by Stefan Esser) (Stas)
* Fixed a double free inside session_regenerate_id() (MOPB-22 by Stefan Esser) (Ilia)
|-
| style="padding-left:1em"|
''NEW FEATUREs''
|-
| style="padding-left:2em"|
* Fixed CVE-2007-1001, GD wbmp used with invalid image size (by Ivan Fratric) (Pierre)
* Fixed a header injection via Subject and To parameters to the mail() function (MOPB-34 by Stefan Esser) (Ilia)
* Fixed asciiz byte truncation inside mail() (MOPB-33 by Stefan Esser) (Ilia)
* Fixed wrong length calculation in unserialize S type (MOPB-29 by Stefan Esser) (Stas)
* Fixed a bug in mb_parse_str() that can be used to activate register_globals (MOPB-26 by Stefan Esser) (Ilia)
* Fixed unallocated memory access/double free in in array_user_key_compare() (MOPB-24 by Stefan Esser) (Stas)
* Fixed a double free inside session_regenerate_id() (MOPB-22 by Stefan Esser) (Ilia)
|}


[[en:Changelog]]
[[en:Changelog]]

Version vom 22. August 2007, 07:36 Uhr

AMEISE Gesamtsystem

Version 3.4

  • released 2007-05-15

BUGs

  • Fixed CR07-C-01, Timeouts im Client durch Datenbank Deadlocks (Pohl)
  • Fixed CR07-C-02, Falsche Synchronisation der Client Hilfskomponenten (Pohl)
  • Fixed CR06-C-13, Sonderzeichen in der Befehlsauswahlliste (Bollin)
  • Fixed CR06-D-02, Alte DB-Initialisierungtsscripts (Pohl)

NEW FEATUREs

  • New REQ-S07-01, Hinzufuegen neues Kommando (show me all activities) (Bollin)
  • New REQ-C07-03, Entfernen des Friendly Peers aufgrund von Resourcen-Problemen (Pohl)
  • New REQ-C07-04, Ratgeber gibt kontextsensitives Feedback (Pohl, Kury)


Version 3.3

  • released 2006-12-15

BUGs

  • Fixed CVE-2007-1001, GD wbmp used with invalid image size (by Ivan Fratric) (Pierre)
  • Fixed a header injection via Subject and To parameters to the mail() function (MOPB-34 by Stefan Esser) (Ilia)
  • Fixed asciiz byte truncation inside mail() (MOPB-33 by Stefan Esser) (Ilia)
  • Fixed wrong length calculation in unserialize S type (MOPB-29 by Stefan Esser) (Stas)
  • Fixed a bug in mb_parse_str() that can be used to activate register_globals (MOPB-26 by Stefan Esser) (Ilia)
  • Fixed unallocated memory access/double free in in array_user_key_compare() (MOPB-24 by Stefan Esser) (Stas)
  • Fixed a double free inside session_regenerate_id() (MOPB-22 by Stefan Esser) (Ilia)

NEW FEATUREs

  • Fixed CVE-2007-1001, GD wbmp used with invalid image size (by Ivan Fratric) (Pierre)
  • Fixed a header injection via Subject and To parameters to the mail() function (MOPB-34 by Stefan Esser) (Ilia)
  • Fixed asciiz byte truncation inside mail() (MOPB-33 by Stefan Esser) (Ilia)
  • Fixed wrong length calculation in unserialize S type (MOPB-29 by Stefan Esser) (Stas)
  • Fixed a bug in mb_parse_str() that can be used to activate register_globals (MOPB-26 by Stefan Esser) (Ilia)
  • Fixed unallocated memory access/double free in in array_user_key_compare() (MOPB-24 by Stefan Esser) (Stas)
  • Fixed a double free inside session_regenerate_id() (MOPB-22 by Stefan Esser) (Ilia)