Changelog: Unterschied zwischen den Versionen

Aus Ameise-de
Wechseln zu:Navigation, Suche
Zeile 1: Zeile 1:
== Client ==
+
== AMEISE Gesamtsystem ==
  
 
 
=== Version 3.4 ===
 
* released 2007-02-15
 
{| style="width:100%;border:0px solid green;padding:0em; color: black;"
 
|-
 
| style="padding-left:1em"|
 
''BUGs''
 
|-
 
| style="padding-left:2em"|
 
* Fixed CVE-2007-1001, GD wbmp used with invalid image size (by Ivan Fratric) (Pierre)
 
* Fixed a header injection via Subject and To parameters to the mail() function (MOPB-34 by Stefan Esser) (Ilia)
 
* Fixed asciiz byte truncation inside mail() (MOPB-33 by Stefan Esser) (Ilia)
 
* Fixed wrong length calculation in unserialize S type (MOPB-29 by Stefan Esser) (Stas)
 
* Fixed a bug in mb_parse_str() that can be used to activate register_globals (MOPB-26 by Stefan Esser) (Ilia)
 
* Fixed unallocated memory access/double free in in array_user_key_compare() (MOPB-24 by Stefan Esser) (Stas)
 
* Fixed a double free inside session_regenerate_id() (MOPB-22 by Stefan Esser) (Ilia)
 
|-
 
| style="padding-left:1em"|
 
''NEW FEATUREs''
 
|-
 
| style="padding-left:2em"|
 
* Fixed CVE-2007-1001, GD wbmp used with invalid image size (by Ivan Fratric) (Pierre)
 
* Fixed a header injection via Subject and To parameters to the mail() function (MOPB-34 by Stefan Esser) (Ilia)
 
* Fixed asciiz byte truncation inside mail() (MOPB-33 by Stefan Esser) (Ilia)
 
* Fixed wrong length calculation in unserialize S type (MOPB-29 by Stefan Esser) (Stas)
 
* Fixed a bug in mb_parse_str() that can be used to activate register_globals (MOPB-26 by Stefan Esser) (Ilia)
 
* Fixed unallocated memory access/double free in in array_user_key_compare() (MOPB-24 by Stefan Esser) (Stas)
 
* Fixed a double free inside session_regenerate_id() (MOPB-22 by Stefan Esser) (Ilia)
 
|}
 
 
 
=== Version 3.3 ===
 
{| style="width:100%;border:0px solid green;padding:0em; color: black;"
 
|-
 
| style="padding-left:1em"|
 
''BUGs''
 
|-
 
| style="padding-left:2em"|
 
* Fixed CVE-2007-1001, GD wbmp used with invalid image size (by Ivan Fratric) (Pierre)
 
* Fixed a header injection via Subject and To parameters to the mail() function (MOPB-34 by Stefan Esser) (Ilia)
 
* Fixed asciiz byte truncation inside mail() (MOPB-33 by Stefan Esser) (Ilia)
 
* Fixed wrong length calculation in unserialize S type (MOPB-29 by Stefan Esser) (Stas)
 
* Fixed a bug in mb_parse_str() that can be used to activate register_globals (MOPB-26 by Stefan Esser) (Ilia)
 
* Fixed unallocated memory access/double free in in array_user_key_compare() (MOPB-24 by Stefan Esser) (Stas)
 
* Fixed a double free inside session_regenerate_id() (MOPB-22 by Stefan Esser) (Ilia)
 
|-
 
| style="padding-left:1em"|
 
''NEW FEATUREs''
 
|-
 
| style="padding-left:2em"|
 
* Fixed CVE-2007-1001, GD wbmp used with invalid image size (by Ivan Fratric) (Pierre)
 
* Fixed a header injection via Subject and To parameters to the mail() function (MOPB-34 by Stefan Esser) (Ilia)
 
* Fixed asciiz byte truncation inside mail() (MOPB-33 by Stefan Esser) (Ilia)
 
* Fixed wrong length calculation in unserialize S type (MOPB-29 by Stefan Esser) (Stas)
 
* Fixed a bug in mb_parse_str() that can be used to activate register_globals (MOPB-26 by Stefan Esser) (Ilia)
 
* Fixed unallocated memory access/double free in in array_user_key_compare() (MOPB-24 by Stefan Esser) (Stas)
 
* Fixed a double free inside session_regenerate_id() (MOPB-22 by Stefan Esser) (Ilia)
 
|}
 
 
 
=== Version 3.2 ===
 
{| style="width:100%;border:0px solid green;padding:0em; color: black;"
 
|-
 
| style="padding-left:1em"|
 
''BUGs''
 
|-
 
| style="padding-left:2em"|
 
* Fixed CVE-2007-1001, GD wbmp used with invalid image size (by Ivan Fratric) (Pierre)
 
* Fixed a header injection via Subject and To parameters to the mail() function (MOPB-34 by Stefan Esser) (Ilia)
 
* Fixed asciiz byte truncation inside mail() (MOPB-33 by Stefan Esser) (Ilia)
 
* Fixed wrong length calculation in unserialize S type (MOPB-29 by Stefan Esser) (Stas)
 
* Fixed a bug in mb_parse_str() that can be used to activate register_globals (MOPB-26 by Stefan Esser) (Ilia)
 
* Fixed unallocated memory access/double free in in array_user_key_compare() (MOPB-24 by Stefan Esser) (Stas)
 
* Fixed a double free inside session_regenerate_id() (MOPB-22 by Stefan Esser) (Ilia)
 
|-
 
| style="padding-left:1em"|
 
''NEW FEATUREs''
 
|-
 
| style="padding-left:2em"|
 
* Fixed CVE-2007-1001, GD wbmp used with invalid image size (by Ivan Fratric) (Pierre)
 
* Fixed a header injection via Subject and To parameters to the mail() function (MOPB-34 by Stefan Esser) (Ilia)
 
* Fixed asciiz byte truncation inside mail() (MOPB-33 by Stefan Esser) (Ilia)
 
* Fixed wrong length calculation in unserialize S type (MOPB-29 by Stefan Esser) (Stas)
 
* Fixed a bug in mb_parse_str() that can be used to activate register_globals (MOPB-26 by Stefan Esser) (Ilia)
 
* Fixed unallocated memory access/double free in in array_user_key_compare() (MOPB-24 by Stefan Esser) (Stas)
 
* Fixed a double free inside session_regenerate_id() (MOPB-22 by Stefan Esser) (Ilia)
 
|}
 
 
 
=== Version 3.1 ===
 
{| style="width:100%;border:0px solid green;padding:0em; color: black;"
 
|-
 
| style="padding-left:1em"|
 
''BUGs''
 
|-
 
| style="padding-left:2em"|
 
* Fixed CVE-2007-1001, GD wbmp used with invalid image size (by Ivan Fratric) (Pierre)
 
* Fixed a header injection via Subject and To parameters to the mail() function (MOPB-34 by Stefan Esser) (Ilia)
 
* Fixed asciiz byte truncation inside mail() (MOPB-33 by Stefan Esser) (Ilia)
 
* Fixed wrong length calculation in unserialize S type (MOPB-29 by Stefan Esser) (Stas)
 
* Fixed a bug in mb_parse_str() that can be used to activate register_globals (MOPB-26 by Stefan Esser) (Ilia)
 
* Fixed unallocated memory access/double free in in array_user_key_compare() (MOPB-24 by Stefan Esser) (Stas)
 
* Fixed a double free inside session_regenerate_id() (MOPB-22 by Stefan Esser) (Ilia)
 
|-
 
| style="padding-left:1em"|
 
''NEW FEATUREs''
 
|-
 
| style="padding-left:2em"|
 
* Fixed CVE-2007-1001, GD wbmp used with invalid image size (by Ivan Fratric) (Pierre)
 
* Fixed a header injection via Subject and To parameters to the mail() function (MOPB-34 by Stefan Esser) (Ilia)
 
* Fixed asciiz byte truncation inside mail() (MOPB-33 by Stefan Esser) (Ilia)
 
* Fixed wrong length calculation in unserialize S type (MOPB-29 by Stefan Esser) (Stas)
 
* Fixed a bug in mb_parse_str() that can be used to activate register_globals (MOPB-26 by Stefan Esser) (Ilia)
 
* Fixed unallocated memory access/double free in in array_user_key_compare() (MOPB-24 by Stefan Esser) (Stas)
 
* Fixed a double free inside session_regenerate_id() (MOPB-22 by Stefan Esser) (Ilia)
 
|}
 
 
 
=== Version 3.0 ===
 
{| style="width:100%;border:0px solid green;padding:0em; color: black;"
 
|-
 
| style="padding-left:1em"|
 
''BUGs''
 
|-
 
| style="padding-left:2em"|
 
* Fixed CVE-2007-1001, GD wbmp used with invalid image size (by Ivan Fratric) (Pierre)
 
* Fixed a header injection via Subject and To parameters to the mail() function (MOPB-34 by Stefan Esser) (Ilia)
 
* Fixed asciiz byte truncation inside mail() (MOPB-33 by Stefan Esser) (Ilia)
 
* Fixed wrong length calculation in unserialize S type (MOPB-29 by Stefan Esser) (Stas)
 
* Fixed a bug in mb_parse_str() that can be used to activate register_globals (MOPB-26 by Stefan Esser) (Ilia)
 
* Fixed unallocated memory access/double free in in array_user_key_compare() (MOPB-24 by Stefan Esser) (Stas)
 
* Fixed a double free inside session_regenerate_id() (MOPB-22 by Stefan Esser) (Ilia)
 
|-
 
| style="padding-left:1em"|
 
''NEW FEATUREs''
 
|-
 
| style="padding-left:2em"|
 
* Fixed CVE-2007-1001, GD wbmp used with invalid image size (by Ivan Fratric) (Pierre)
 
* Fixed a header injection via Subject and To parameters to the mail() function (MOPB-34 by Stefan Esser) (Ilia)
 
* Fixed asciiz byte truncation inside mail() (MOPB-33 by Stefan Esser) (Ilia)
 
* Fixed wrong length calculation in unserialize S type (MOPB-29 by Stefan Esser) (Stas)
 
* Fixed a bug in mb_parse_str() that can be used to activate register_globals (MOPB-26 by Stefan Esser) (Ilia)
 
* Fixed unallocated memory access/double free in in array_user_key_compare() (MOPB-24 by Stefan Esser) (Stas)
 
* Fixed a double free inside session_regenerate_id() (MOPB-22 by Stefan Esser) (Ilia)
 
|}
 
 
 
 
== Server ==
 
  
 
=== Version 3.4 ===
 
=== Version 3.4 ===
 +
* released 2007-05-15
 
{| style="width:100%;border:0px solid green;padding:0em; color: black;"
 
{| style="width:100%;border:0px solid green;padding:0em; color: black;"
 
|-
 
|-
Zeile 159: Zeile 10:
 
|-
 
|-
 
| style="padding-left:2em"|
 
| style="padding-left:2em"|
* Fixed CVE-2007-1001, GD wbmp used with invalid image size (by Ivan Fratric) (Pierre)
+
* Fixed CR07-C-01, Timeouts im Client durch Datenbank Deadlocks (Pohl)
* Fixed a header injection via Subject and To parameters to the mail() function (MOPB-34 by Stefan Esser) (Ilia)
+
* Fixed CR07-C-02, Falsche Synchronisation der Client Hilfskomponenten (Pohl)
* Fixed asciiz byte truncation inside mail() (MOPB-33 by Stefan Esser) (Ilia)
+
* Fixed CR06-C-13, Sonderzeichen in der Befehlsauswahlliste (Bollin)
* Fixed wrong length calculation in unserialize S type (MOPB-29 by Stefan Esser) (Stas)
+
* Fixed CR06-D-02, Alte DB-Initialisierungtsscripts (Pohl)
* Fixed a bug in mb_parse_str() that can be used to activate register_globals (MOPB-26 by Stefan Esser) (Ilia)
 
* Fixed unallocated memory access/double free in in array_user_key_compare() (MOPB-24 by Stefan Esser) (Stas)
 
* Fixed a double free inside session_regenerate_id() (MOPB-22 by Stefan Esser) (Ilia)
 
 
|-
 
|-
 
| style="padding-left:1em"|
 
| style="padding-left:1em"|
Zeile 171: Zeile 19:
 
|-
 
|-
 
| style="padding-left:2em"|
 
| style="padding-left:2em"|
* Fixed CVE-2007-1001, GD wbmp used with invalid image size (by Ivan Fratric) (Pierre)
+
* New REQ-S07-01, Hinzufuegen neues Kommando (show me all activities) (Bollin)
* Fixed a header injection via Subject and To parameters to the mail() function (MOPB-34 by Stefan Esser) (Ilia)
+
* New REQ-C07-03, Entfernen des Friendly Peers aufgrund von Resourcen-Problemen (Pohl)
* Fixed asciiz byte truncation inside mail() (MOPB-33 by Stefan Esser) (Ilia)
+
* New REQ-C07-04, Ratgeber gibt kontextsensitives Feedback (Pohl, Kury)
* Fixed wrong length calculation in unserialize S type (MOPB-29 by Stefan Esser) (Stas)
 
* Fixed a bug in mb_parse_str() that can be used to activate register_globals (MOPB-26 by Stefan Esser) (Ilia)
 
* Fixed unallocated memory access/double free in in array_user_key_compare() (MOPB-24 by Stefan Esser) (Stas)
 
* Fixed a double free inside session_regenerate_id() (MOPB-22 by Stefan Esser) (Ilia)
 
 
|}
 
|}
  
  
 
=== Version 3.3 ===
 
=== Version 3.3 ===
 +
* released 2006-12-15
 
{| style="width:100%;border:0px solid green;padding:0em; color: black;"
 
{| style="width:100%;border:0px solid green;padding:0em; color: black;"
 
|-
 
|-
Zeile 208: Zeile 53:
 
* Fixed a double free inside session_regenerate_id() (MOPB-22 by Stefan Esser) (Ilia)
 
* Fixed a double free inside session_regenerate_id() (MOPB-22 by Stefan Esser) (Ilia)
 
|}
 
|}
 
 
=== Version 3.2 ===
 
{| style="width:100%;border:0px solid green;padding:0em; color: black;"
 
|-
 
| style="padding-left:1em"|
 
''BUGs''
 
|-
 
| style="padding-left:2em"|
 
* Fixed CVE-2007-1001, GD wbmp used with invalid image size (by Ivan Fratric) (Pierre)
 
* Fixed a header injection via Subject and To parameters to the mail() function (MOPB-34 by Stefan Esser) (Ilia)
 
* Fixed asciiz byte truncation inside mail() (MOPB-33 by Stefan Esser) (Ilia)
 
* Fixed wrong length calculation in unserialize S type (MOPB-29 by Stefan Esser) (Stas)
 
* Fixed a bug in mb_parse_str() that can be used to activate register_globals (MOPB-26 by Stefan Esser) (Ilia)
 
* Fixed unallocated memory access/double free in in array_user_key_compare() (MOPB-24 by Stefan Esser) (Stas)
 
* Fixed a double free inside session_regenerate_id() (MOPB-22 by Stefan Esser) (Ilia)
 
|-
 
| style="padding-left:1em"|
 
''NEW FEATUREs''
 
|-
 
| style="padding-left:2em"|
 
* Fixed CVE-2007-1001, GD wbmp used with invalid image size (by Ivan Fratric) (Pierre)
 
* Fixed a header injection via Subject and To parameters to the mail() function (MOPB-34 by Stefan Esser) (Ilia)
 
* Fixed asciiz byte truncation inside mail() (MOPB-33 by Stefan Esser) (Ilia)
 
* Fixed wrong length calculation in unserialize S type (MOPB-29 by Stefan Esser) (Stas)
 
* Fixed a bug in mb_parse_str() that can be used to activate register_globals (MOPB-26 by Stefan Esser) (Ilia)
 
* Fixed unallocated memory access/double free in in array_user_key_compare() (MOPB-24 by Stefan Esser) (Stas)
 
* Fixed a double free inside session_regenerate_id() (MOPB-22 by Stefan Esser) (Ilia)
 
|}
 
 
 
=== Version 3.1 ===
 
{| style="width:100%;border:0px solid green;padding:0em; color: black;"
 
|-
 
| style="padding-left:1em"|
 
''BUGs''
 
|-
 
| style="padding-left:2em"|
 
* Fixed CVE-2007-1001, GD wbmp used with invalid image size (by Ivan Fratric) (Pierre)
 
* Fixed a header injection via Subject and To parameters to the mail() function (MOPB-34 by Stefan Esser) (Ilia)
 
* Fixed asciiz byte truncation inside mail() (MOPB-33 by Stefan Esser) (Ilia)
 
* Fixed wrong length calculation in unserialize S type (MOPB-29 by Stefan Esser) (Stas)
 
* Fixed a bug in mb_parse_str() that can be used to activate register_globals (MOPB-26 by Stefan Esser) (Ilia)
 
* Fixed unallocated memory access/double free in in array_user_key_compare() (MOPB-24 by Stefan Esser) (Stas)
 
* Fixed a double free inside session_regenerate_id() (MOPB-22 by Stefan Esser) (Ilia)
 
|-
 
| style="padding-left:1em"|
 
''NEW FEATUREs''
 
|-
 
| style="padding-left:2em"|
 
* Fixed CVE-2007-1001, GD wbmp used with invalid image size (by Ivan Fratric) (Pierre)
 
* Fixed a header injection via Subject and To parameters to the mail() function (MOPB-34 by Stefan Esser) (Ilia)
 
* Fixed asciiz byte truncation inside mail() (MOPB-33 by Stefan Esser) (Ilia)
 
* Fixed wrong length calculation in unserialize S type (MOPB-29 by Stefan Esser) (Stas)
 
* Fixed a bug in mb_parse_str() that can be used to activate register_globals (MOPB-26 by Stefan Esser) (Ilia)
 
* Fixed unallocated memory access/double free in in array_user_key_compare() (MOPB-24 by Stefan Esser) (Stas)
 
* Fixed a double free inside session_regenerate_id() (MOPB-22 by Stefan Esser) (Ilia)
 
|}
 
 
 
=== Version 3.0 ===
 
{| style="width:100%;border:0px solid green;padding:0em; color: black;"
 
|-
 
| style="padding-left:1em"|
 
''BUGs''
 
|-
 
| style="padding-left:2em"|
 
* Fixed CVE-2007-1001, GD wbmp used with invalid image size (by Ivan Fratric) (Pierre)
 
* Fixed a header injection via Subject and To parameters to the mail() function (MOPB-34 by Stefan Esser) (Ilia)
 
* Fixed asciiz byte truncation inside mail() (MOPB-33 by Stefan Esser) (Ilia)
 
* Fixed wrong length calculation in unserialize S type (MOPB-29 by Stefan Esser) (Stas)
 
* Fixed a bug in mb_parse_str() that can be used to activate register_globals (MOPB-26 by Stefan Esser) (Ilia)
 
* Fixed unallocated memory access/double free in in array_user_key_compare() (MOPB-24 by Stefan Esser) (Stas)
 
* Fixed a double free inside session_regenerate_id() (MOPB-22 by Stefan Esser) (Ilia)
 
|-
 
| style="padding-left:1em"|
 
''NEW FEATUREs''
 
|-
 
| style="padding-left:2em"|
 
* Fixed CVE-2007-1001, GD wbmp used with invalid image size (by Ivan Fratric) (Pierre)
 
* Fixed a header injection via Subject and To parameters to the mail() function (MOPB-34 by Stefan Esser) (Ilia)
 
* Fixed asciiz byte truncation inside mail() (MOPB-33 by Stefan Esser) (Ilia)
 
* Fixed wrong length calculation in unserialize S type (MOPB-29 by Stefan Esser) (Stas)
 
* Fixed a bug in mb_parse_str() that can be used to activate register_globals (MOPB-26 by Stefan Esser) (Ilia)
 
* Fixed unallocated memory access/double free in in array_user_key_compare() (MOPB-24 by Stefan Esser) (Stas)
 
* Fixed a double free inside session_regenerate_id() (MOPB-22 by Stefan Esser) (Ilia)
 
|}
 
 
 
 
  
 
[[en:Changelog]]
 
[[en:Changelog]]

Version vom 22. August 2007, 08:36 Uhr

AMEISE Gesamtsystem

Version 3.4

  • released 2007-05-15

BUGs

  • Fixed CR07-C-01, Timeouts im Client durch Datenbank Deadlocks (Pohl)
  • Fixed CR07-C-02, Falsche Synchronisation der Client Hilfskomponenten (Pohl)
  • Fixed CR06-C-13, Sonderzeichen in der Befehlsauswahlliste (Bollin)
  • Fixed CR06-D-02, Alte DB-Initialisierungtsscripts (Pohl)

NEW FEATUREs

  • New REQ-S07-01, Hinzufuegen neues Kommando (show me all activities) (Bollin)
  • New REQ-C07-03, Entfernen des Friendly Peers aufgrund von Resourcen-Problemen (Pohl)
  • New REQ-C07-04, Ratgeber gibt kontextsensitives Feedback (Pohl, Kury)


Version 3.3

  • released 2006-12-15

BUGs

  • Fixed CVE-2007-1001, GD wbmp used with invalid image size (by Ivan Fratric) (Pierre)
  • Fixed a header injection via Subject and To parameters to the mail() function (MOPB-34 by Stefan Esser) (Ilia)
  • Fixed asciiz byte truncation inside mail() (MOPB-33 by Stefan Esser) (Ilia)
  • Fixed wrong length calculation in unserialize S type (MOPB-29 by Stefan Esser) (Stas)
  • Fixed a bug in mb_parse_str() that can be used to activate register_globals (MOPB-26 by Stefan Esser) (Ilia)
  • Fixed unallocated memory access/double free in in array_user_key_compare() (MOPB-24 by Stefan Esser) (Stas)
  • Fixed a double free inside session_regenerate_id() (MOPB-22 by Stefan Esser) (Ilia)

NEW FEATUREs

  • Fixed CVE-2007-1001, GD wbmp used with invalid image size (by Ivan Fratric) (Pierre)
  • Fixed a header injection via Subject and To parameters to the mail() function (MOPB-34 by Stefan Esser) (Ilia)
  • Fixed asciiz byte truncation inside mail() (MOPB-33 by Stefan Esser) (Ilia)
  • Fixed wrong length calculation in unserialize S type (MOPB-29 by Stefan Esser) (Stas)
  • Fixed a bug in mb_parse_str() that can be used to activate register_globals (MOPB-26 by Stefan Esser) (Ilia)
  • Fixed unallocated memory access/double free in in array_user_key_compare() (MOPB-24 by Stefan Esser) (Stas)
  • Fixed a double free inside session_regenerate_id() (MOPB-22 by Stefan Esser) (Ilia)