|
|
| Zeile 1: |
Zeile 1: |
| == Client == | | == AMEISE Gesamtsystem == |
|
| |
|
|
| |
|
| |
| === Version 3.4 ===
| |
| * released 2007-02-15
| |
| {| style="width:100%;border:0px solid green;padding:0em; color: black;"
| |
| |-
| |
| | style="padding-left:1em"|
| |
| ''BUGs''
| |
| |-
| |
| | style="padding-left:2em"|
| |
| * Fixed CVE-2007-1001, GD wbmp used with invalid image size (by Ivan Fratric) (Pierre)
| |
| * Fixed a header injection via Subject and To parameters to the mail() function (MOPB-34 by Stefan Esser) (Ilia)
| |
| * Fixed asciiz byte truncation inside mail() (MOPB-33 by Stefan Esser) (Ilia)
| |
| * Fixed wrong length calculation in unserialize S type (MOPB-29 by Stefan Esser) (Stas)
| |
| * Fixed a bug in mb_parse_str() that can be used to activate register_globals (MOPB-26 by Stefan Esser) (Ilia)
| |
| * Fixed unallocated memory access/double free in in array_user_key_compare() (MOPB-24 by Stefan Esser) (Stas)
| |
| * Fixed a double free inside session_regenerate_id() (MOPB-22 by Stefan Esser) (Ilia)
| |
| |-
| |
| | style="padding-left:1em"|
| |
| ''NEW FEATUREs''
| |
| |-
| |
| | style="padding-left:2em"|
| |
| * Fixed CVE-2007-1001, GD wbmp used with invalid image size (by Ivan Fratric) (Pierre)
| |
| * Fixed a header injection via Subject and To parameters to the mail() function (MOPB-34 by Stefan Esser) (Ilia)
| |
| * Fixed asciiz byte truncation inside mail() (MOPB-33 by Stefan Esser) (Ilia)
| |
| * Fixed wrong length calculation in unserialize S type (MOPB-29 by Stefan Esser) (Stas)
| |
| * Fixed a bug in mb_parse_str() that can be used to activate register_globals (MOPB-26 by Stefan Esser) (Ilia)
| |
| * Fixed unallocated memory access/double free in in array_user_key_compare() (MOPB-24 by Stefan Esser) (Stas)
| |
| * Fixed a double free inside session_regenerate_id() (MOPB-22 by Stefan Esser) (Ilia)
| |
| |}
| |
|
| |
|
| |
| === Version 3.3 ===
| |
| {| style="width:100%;border:0px solid green;padding:0em; color: black;"
| |
| |-
| |
| | style="padding-left:1em"|
| |
| ''BUGs''
| |
| |-
| |
| | style="padding-left:2em"|
| |
| * Fixed CVE-2007-1001, GD wbmp used with invalid image size (by Ivan Fratric) (Pierre)
| |
| * Fixed a header injection via Subject and To parameters to the mail() function (MOPB-34 by Stefan Esser) (Ilia)
| |
| * Fixed asciiz byte truncation inside mail() (MOPB-33 by Stefan Esser) (Ilia)
| |
| * Fixed wrong length calculation in unserialize S type (MOPB-29 by Stefan Esser) (Stas)
| |
| * Fixed a bug in mb_parse_str() that can be used to activate register_globals (MOPB-26 by Stefan Esser) (Ilia)
| |
| * Fixed unallocated memory access/double free in in array_user_key_compare() (MOPB-24 by Stefan Esser) (Stas)
| |
| * Fixed a double free inside session_regenerate_id() (MOPB-22 by Stefan Esser) (Ilia)
| |
| |-
| |
| | style="padding-left:1em"|
| |
| ''NEW FEATUREs''
| |
| |-
| |
| | style="padding-left:2em"|
| |
| * Fixed CVE-2007-1001, GD wbmp used with invalid image size (by Ivan Fratric) (Pierre)
| |
| * Fixed a header injection via Subject and To parameters to the mail() function (MOPB-34 by Stefan Esser) (Ilia)
| |
| * Fixed asciiz byte truncation inside mail() (MOPB-33 by Stefan Esser) (Ilia)
| |
| * Fixed wrong length calculation in unserialize S type (MOPB-29 by Stefan Esser) (Stas)
| |
| * Fixed a bug in mb_parse_str() that can be used to activate register_globals (MOPB-26 by Stefan Esser) (Ilia)
| |
| * Fixed unallocated memory access/double free in in array_user_key_compare() (MOPB-24 by Stefan Esser) (Stas)
| |
| * Fixed a double free inside session_regenerate_id() (MOPB-22 by Stefan Esser) (Ilia)
| |
| |}
| |
|
| |
|
| |
| === Version 3.2 ===
| |
| {| style="width:100%;border:0px solid green;padding:0em; color: black;"
| |
| |-
| |
| | style="padding-left:1em"|
| |
| ''BUGs''
| |
| |-
| |
| | style="padding-left:2em"|
| |
| * Fixed CVE-2007-1001, GD wbmp used with invalid image size (by Ivan Fratric) (Pierre)
| |
| * Fixed a header injection via Subject and To parameters to the mail() function (MOPB-34 by Stefan Esser) (Ilia)
| |
| * Fixed asciiz byte truncation inside mail() (MOPB-33 by Stefan Esser) (Ilia)
| |
| * Fixed wrong length calculation in unserialize S type (MOPB-29 by Stefan Esser) (Stas)
| |
| * Fixed a bug in mb_parse_str() that can be used to activate register_globals (MOPB-26 by Stefan Esser) (Ilia)
| |
| * Fixed unallocated memory access/double free in in array_user_key_compare() (MOPB-24 by Stefan Esser) (Stas)
| |
| * Fixed a double free inside session_regenerate_id() (MOPB-22 by Stefan Esser) (Ilia)
| |
| |-
| |
| | style="padding-left:1em"|
| |
| ''NEW FEATUREs''
| |
| |-
| |
| | style="padding-left:2em"|
| |
| * Fixed CVE-2007-1001, GD wbmp used with invalid image size (by Ivan Fratric) (Pierre)
| |
| * Fixed a header injection via Subject and To parameters to the mail() function (MOPB-34 by Stefan Esser) (Ilia)
| |
| * Fixed asciiz byte truncation inside mail() (MOPB-33 by Stefan Esser) (Ilia)
| |
| * Fixed wrong length calculation in unserialize S type (MOPB-29 by Stefan Esser) (Stas)
| |
| * Fixed a bug in mb_parse_str() that can be used to activate register_globals (MOPB-26 by Stefan Esser) (Ilia)
| |
| * Fixed unallocated memory access/double free in in array_user_key_compare() (MOPB-24 by Stefan Esser) (Stas)
| |
| * Fixed a double free inside session_regenerate_id() (MOPB-22 by Stefan Esser) (Ilia)
| |
| |}
| |
|
| |
|
| |
| === Version 3.1 ===
| |
| {| style="width:100%;border:0px solid green;padding:0em; color: black;"
| |
| |-
| |
| | style="padding-left:1em"|
| |
| ''BUGs''
| |
| |-
| |
| | style="padding-left:2em"|
| |
| * Fixed CVE-2007-1001, GD wbmp used with invalid image size (by Ivan Fratric) (Pierre)
| |
| * Fixed a header injection via Subject and To parameters to the mail() function (MOPB-34 by Stefan Esser) (Ilia)
| |
| * Fixed asciiz byte truncation inside mail() (MOPB-33 by Stefan Esser) (Ilia)
| |
| * Fixed wrong length calculation in unserialize S type (MOPB-29 by Stefan Esser) (Stas)
| |
| * Fixed a bug in mb_parse_str() that can be used to activate register_globals (MOPB-26 by Stefan Esser) (Ilia)
| |
| * Fixed unallocated memory access/double free in in array_user_key_compare() (MOPB-24 by Stefan Esser) (Stas)
| |
| * Fixed a double free inside session_regenerate_id() (MOPB-22 by Stefan Esser) (Ilia)
| |
| |-
| |
| | style="padding-left:1em"|
| |
| ''NEW FEATUREs''
| |
| |-
| |
| | style="padding-left:2em"|
| |
| * Fixed CVE-2007-1001, GD wbmp used with invalid image size (by Ivan Fratric) (Pierre)
| |
| * Fixed a header injection via Subject and To parameters to the mail() function (MOPB-34 by Stefan Esser) (Ilia)
| |
| * Fixed asciiz byte truncation inside mail() (MOPB-33 by Stefan Esser) (Ilia)
| |
| * Fixed wrong length calculation in unserialize S type (MOPB-29 by Stefan Esser) (Stas)
| |
| * Fixed a bug in mb_parse_str() that can be used to activate register_globals (MOPB-26 by Stefan Esser) (Ilia)
| |
| * Fixed unallocated memory access/double free in in array_user_key_compare() (MOPB-24 by Stefan Esser) (Stas)
| |
| * Fixed a double free inside session_regenerate_id() (MOPB-22 by Stefan Esser) (Ilia)
| |
| |}
| |
|
| |
|
| |
| === Version 3.0 ===
| |
| {| style="width:100%;border:0px solid green;padding:0em; color: black;"
| |
| |-
| |
| | style="padding-left:1em"|
| |
| ''BUGs''
| |
| |-
| |
| | style="padding-left:2em"|
| |
| * Fixed CVE-2007-1001, GD wbmp used with invalid image size (by Ivan Fratric) (Pierre)
| |
| * Fixed a header injection via Subject and To parameters to the mail() function (MOPB-34 by Stefan Esser) (Ilia)
| |
| * Fixed asciiz byte truncation inside mail() (MOPB-33 by Stefan Esser) (Ilia)
| |
| * Fixed wrong length calculation in unserialize S type (MOPB-29 by Stefan Esser) (Stas)
| |
| * Fixed a bug in mb_parse_str() that can be used to activate register_globals (MOPB-26 by Stefan Esser) (Ilia)
| |
| * Fixed unallocated memory access/double free in in array_user_key_compare() (MOPB-24 by Stefan Esser) (Stas)
| |
| * Fixed a double free inside session_regenerate_id() (MOPB-22 by Stefan Esser) (Ilia)
| |
| |-
| |
| | style="padding-left:1em"|
| |
| ''NEW FEATUREs''
| |
| |-
| |
| | style="padding-left:2em"|
| |
| * Fixed CVE-2007-1001, GD wbmp used with invalid image size (by Ivan Fratric) (Pierre)
| |
| * Fixed a header injection via Subject and To parameters to the mail() function (MOPB-34 by Stefan Esser) (Ilia)
| |
| * Fixed asciiz byte truncation inside mail() (MOPB-33 by Stefan Esser) (Ilia)
| |
| * Fixed wrong length calculation in unserialize S type (MOPB-29 by Stefan Esser) (Stas)
| |
| * Fixed a bug in mb_parse_str() that can be used to activate register_globals (MOPB-26 by Stefan Esser) (Ilia)
| |
| * Fixed unallocated memory access/double free in in array_user_key_compare() (MOPB-24 by Stefan Esser) (Stas)
| |
| * Fixed a double free inside session_regenerate_id() (MOPB-22 by Stefan Esser) (Ilia)
| |
| |}
| |
|
| |
|
| |
|
| |
| == Server ==
| |
|
| |
|
| === Version 3.4 === | | === Version 3.4 === |
| | * released 2007-05-15 |
| {| style="width:100%;border:0px solid green;padding:0em; color: black;" | | {| style="width:100%;border:0px solid green;padding:0em; color: black;" |
| |- | | |- |
| Zeile 159: |
Zeile 10: |
| |- | | |- |
| | style="padding-left:2em"| | | | style="padding-left:2em"| |
| * Fixed CVE-2007-1001, GD wbmp used with invalid image size (by Ivan Fratric) (Pierre) | | * Fixed CR07-C-01, Timeouts im Client durch Datenbank Deadlocks (Pohl) |
| * Fixed a header injection via Subject and To parameters to the mail() function (MOPB-34 by Stefan Esser) (Ilia) | | * Fixed CR07-C-02, Falsche Synchronisation der Client Hilfskomponenten (Pohl) |
| * Fixed asciiz byte truncation inside mail() (MOPB-33 by Stefan Esser) (Ilia) | | * Fixed CR06-C-13, Sonderzeichen in der Befehlsauswahlliste (Bollin) |
| * Fixed wrong length calculation in unserialize S type (MOPB-29 by Stefan Esser) (Stas)
| | * Fixed CR06-D-02, Alte DB-Initialisierungtsscripts (Pohl) |
| * Fixed a bug in mb_parse_str() that can be used to activate register_globals (MOPB-26 by Stefan Esser) (Ilia) | |
| * Fixed unallocated memory access/double free in in array_user_key_compare() (MOPB-24 by Stefan Esser) (Stas)
| |
| * Fixed a double free inside session_regenerate_id() (MOPB-22 by Stefan Esser) (Ilia)
| |
| |- | | |- |
| | style="padding-left:1em"| | | | style="padding-left:1em"| |
| Zeile 171: |
Zeile 19: |
| |- | | |- |
| | style="padding-left:2em"| | | | style="padding-left:2em"| |
| * Fixed CVE-2007-1001, GD wbmp used with invalid image size (by Ivan Fratric) (Pierre) | | * New REQ-S07-01, Hinzufuegen neues Kommando (show me all activities) (Bollin) |
| * Fixed a header injection via Subject and To parameters to the mail() function (MOPB-34 by Stefan Esser) (Ilia) | | * New REQ-C07-03, Entfernen des Friendly Peers aufgrund von Resourcen-Problemen (Pohl) |
| * Fixed asciiz byte truncation inside mail() (MOPB-33 by Stefan Esser) (Ilia)
| | * New REQ-C07-04, Ratgeber gibt kontextsensitives Feedback (Pohl, Kury) |
| * Fixed wrong length calculation in unserialize S type (MOPB-29 by Stefan Esser) (Stas)
| |
| * Fixed a bug in mb_parse_str() that can be used to activate register_globals (MOPB-26 by Stefan Esser) (Ilia)
| |
| * Fixed unallocated memory access/double free in in array_user_key_compare() (MOPB-24 by Stefan Esser) (Stas) | |
| * Fixed a double free inside session_regenerate_id() (MOPB-22 by Stefan Esser) (Ilia)
| |
| |} | | |} |
|
| |
|
|
| |
|
| === Version 3.3 === | | === Version 3.3 === |
| | * released 2006-12-15 |
| {| style="width:100%;border:0px solid green;padding:0em; color: black;" | | {| style="width:100%;border:0px solid green;padding:0em; color: black;" |
| |- | | |- |
| Zeile 208: |
Zeile 53: |
| * Fixed a double free inside session_regenerate_id() (MOPB-22 by Stefan Esser) (Ilia) | | * Fixed a double free inside session_regenerate_id() (MOPB-22 by Stefan Esser) (Ilia) |
| |} | | |} |
|
| |
|
| |
| === Version 3.2 ===
| |
| {| style="width:100%;border:0px solid green;padding:0em; color: black;"
| |
| |-
| |
| | style="padding-left:1em"|
| |
| ''BUGs''
| |
| |-
| |
| | style="padding-left:2em"|
| |
| * Fixed CVE-2007-1001, GD wbmp used with invalid image size (by Ivan Fratric) (Pierre)
| |
| * Fixed a header injection via Subject and To parameters to the mail() function (MOPB-34 by Stefan Esser) (Ilia)
| |
| * Fixed asciiz byte truncation inside mail() (MOPB-33 by Stefan Esser) (Ilia)
| |
| * Fixed wrong length calculation in unserialize S type (MOPB-29 by Stefan Esser) (Stas)
| |
| * Fixed a bug in mb_parse_str() that can be used to activate register_globals (MOPB-26 by Stefan Esser) (Ilia)
| |
| * Fixed unallocated memory access/double free in in array_user_key_compare() (MOPB-24 by Stefan Esser) (Stas)
| |
| * Fixed a double free inside session_regenerate_id() (MOPB-22 by Stefan Esser) (Ilia)
| |
| |-
| |
| | style="padding-left:1em"|
| |
| ''NEW FEATUREs''
| |
| |-
| |
| | style="padding-left:2em"|
| |
| * Fixed CVE-2007-1001, GD wbmp used with invalid image size (by Ivan Fratric) (Pierre)
| |
| * Fixed a header injection via Subject and To parameters to the mail() function (MOPB-34 by Stefan Esser) (Ilia)
| |
| * Fixed asciiz byte truncation inside mail() (MOPB-33 by Stefan Esser) (Ilia)
| |
| * Fixed wrong length calculation in unserialize S type (MOPB-29 by Stefan Esser) (Stas)
| |
| * Fixed a bug in mb_parse_str() that can be used to activate register_globals (MOPB-26 by Stefan Esser) (Ilia)
| |
| * Fixed unallocated memory access/double free in in array_user_key_compare() (MOPB-24 by Stefan Esser) (Stas)
| |
| * Fixed a double free inside session_regenerate_id() (MOPB-22 by Stefan Esser) (Ilia)
| |
| |}
| |
|
| |
|
| |
| === Version 3.1 ===
| |
| {| style="width:100%;border:0px solid green;padding:0em; color: black;"
| |
| |-
| |
| | style="padding-left:1em"|
| |
| ''BUGs''
| |
| |-
| |
| | style="padding-left:2em"|
| |
| * Fixed CVE-2007-1001, GD wbmp used with invalid image size (by Ivan Fratric) (Pierre)
| |
| * Fixed a header injection via Subject and To parameters to the mail() function (MOPB-34 by Stefan Esser) (Ilia)
| |
| * Fixed asciiz byte truncation inside mail() (MOPB-33 by Stefan Esser) (Ilia)
| |
| * Fixed wrong length calculation in unserialize S type (MOPB-29 by Stefan Esser) (Stas)
| |
| * Fixed a bug in mb_parse_str() that can be used to activate register_globals (MOPB-26 by Stefan Esser) (Ilia)
| |
| * Fixed unallocated memory access/double free in in array_user_key_compare() (MOPB-24 by Stefan Esser) (Stas)
| |
| * Fixed a double free inside session_regenerate_id() (MOPB-22 by Stefan Esser) (Ilia)
| |
| |-
| |
| | style="padding-left:1em"|
| |
| ''NEW FEATUREs''
| |
| |-
| |
| | style="padding-left:2em"|
| |
| * Fixed CVE-2007-1001, GD wbmp used with invalid image size (by Ivan Fratric) (Pierre)
| |
| * Fixed a header injection via Subject and To parameters to the mail() function (MOPB-34 by Stefan Esser) (Ilia)
| |
| * Fixed asciiz byte truncation inside mail() (MOPB-33 by Stefan Esser) (Ilia)
| |
| * Fixed wrong length calculation in unserialize S type (MOPB-29 by Stefan Esser) (Stas)
| |
| * Fixed a bug in mb_parse_str() that can be used to activate register_globals (MOPB-26 by Stefan Esser) (Ilia)
| |
| * Fixed unallocated memory access/double free in in array_user_key_compare() (MOPB-24 by Stefan Esser) (Stas)
| |
| * Fixed a double free inside session_regenerate_id() (MOPB-22 by Stefan Esser) (Ilia)
| |
| |}
| |
|
| |
|
| |
| === Version 3.0 ===
| |
| {| style="width:100%;border:0px solid green;padding:0em; color: black;"
| |
| |-
| |
| | style="padding-left:1em"|
| |
| ''BUGs''
| |
| |-
| |
| | style="padding-left:2em"|
| |
| * Fixed CVE-2007-1001, GD wbmp used with invalid image size (by Ivan Fratric) (Pierre)
| |
| * Fixed a header injection via Subject and To parameters to the mail() function (MOPB-34 by Stefan Esser) (Ilia)
| |
| * Fixed asciiz byte truncation inside mail() (MOPB-33 by Stefan Esser) (Ilia)
| |
| * Fixed wrong length calculation in unserialize S type (MOPB-29 by Stefan Esser) (Stas)
| |
| * Fixed a bug in mb_parse_str() that can be used to activate register_globals (MOPB-26 by Stefan Esser) (Ilia)
| |
| * Fixed unallocated memory access/double free in in array_user_key_compare() (MOPB-24 by Stefan Esser) (Stas)
| |
| * Fixed a double free inside session_regenerate_id() (MOPB-22 by Stefan Esser) (Ilia)
| |
| |-
| |
| | style="padding-left:1em"|
| |
| ''NEW FEATUREs''
| |
| |-
| |
| | style="padding-left:2em"|
| |
| * Fixed CVE-2007-1001, GD wbmp used with invalid image size (by Ivan Fratric) (Pierre)
| |
| * Fixed a header injection via Subject and To parameters to the mail() function (MOPB-34 by Stefan Esser) (Ilia)
| |
| * Fixed asciiz byte truncation inside mail() (MOPB-33 by Stefan Esser) (Ilia)
| |
| * Fixed wrong length calculation in unserialize S type (MOPB-29 by Stefan Esser) (Stas)
| |
| * Fixed a bug in mb_parse_str() that can be used to activate register_globals (MOPB-26 by Stefan Esser) (Ilia)
| |
| * Fixed unallocated memory access/double free in in array_user_key_compare() (MOPB-24 by Stefan Esser) (Stas)
| |
| * Fixed a double free inside session_regenerate_id() (MOPB-22 by Stefan Esser) (Ilia)
| |
| |}
| |
|
| |
|
| |
|
| |
|
| |
|
| [[en:Changelog]] | | [[en:Changelog]] |
