|
|
(5 intermediate revisions by 2 users not shown) |
Line 1: |
Line 1: |
| == Client == | | == AMEISE System == |
|
| |
|
| | | === Version 5.0 === |
| | | * released March 21, 2015 |
| === Version 3.4 === | |
| * released 2007-02-15 | |
| {| style="width:100%;border:0px solid green;padding:0em; color: black;" | | {| style="width:100%;border:0px solid green;padding:0em; color: black;" |
| |-
| |
| | style="padding-left:1em"|
| |
| ''BUGs''
| |
| |-
| |
| | style="padding-left:2em"|
| |
| * Fixed CVE-2007-1001, GD wbmp used with invalid image size (by Ivan Fratric) (Pierre)
| |
| * Fixed a header injection via Subject and To parameters to the mail() function (MOPB-34 by Stefan Esser) (Ilia)
| |
| * Fixed asciiz byte truncation inside mail() (MOPB-33 by Stefan Esser) (Ilia)
| |
| * Fixed wrong length calculation in unserialize S type (MOPB-29 by Stefan Esser) (Stas)
| |
| * Fixed a bug in mb_parse_str() that can be used to activate register_globals (MOPB-26 by Stefan Esser) (Ilia)
| |
| * Fixed unallocated memory access/double free in in array_user_key_compare() (MOPB-24 by Stefan Esser) (Stas)
| |
| * Fixed a double free inside session_regenerate_id() (MOPB-22 by Stefan Esser) (Ilia)
| |
| |- | | |- |
| | style="padding-left:1em"| | | | style="padding-left:1em"| |
Line 23: |
Line 9: |
| |- | | |- |
| | style="padding-left:2em"| | | | style="padding-left:2em"| |
| * Fixed CVE-2007-1001, GD wbmp used with invalid image size (by Ivan Fratric) (Pierre) | | * New REQ-C14-01, Client interface supports multiple selection of arguments (Santina) |
| * Fixed a header injection via Subject and To parameters to the mail() function (MOPB-34 by Stefan Esser) (Ilia) | | * New REQ-C14-02, AORTA toolkit and Client support password encryption (Dano) |
| * Fixed asciiz byte truncation inside mail() (MOPB-33 by Stefan Esser) (Ilia) | | * New REQ-S14-01, Development environment moved to git (Dano) |
| * Fixed wrong length calculation in unserialize S type (MOPB-29 by Stefan Esser) (Stas)
| |
| * Fixed a bug in mb_parse_str() that can be used to activate register_globals (MOPB-26 by Stefan Esser) (Ilia)
| |
| * Fixed unallocated memory access/double free in in array_user_key_compare() (MOPB-24 by Stefan Esser) (Stas)
| |
| * Fixed a double free inside session_regenerate_id() (MOPB-22 by Stefan Esser) (Ilia)
| |
| |}
| |
| | |
| | |
| === Version 3.3 ===
| |
| {| style="width:100%;border:0px solid green;padding:0em; color: black;"
| |
| |- | | |- |
| | style="padding-left:1em"| | | | style="padding-left:1em"| |
Line 40: |
Line 17: |
| |- | | |- |
| | style="padding-left:2em"| | | | style="padding-left:2em"| |
| * Fixed CVE-2007-1001, GD wbmp used with invalid image size (by Ivan Fratric) (Pierre) | | * Fixed CR-C14-01, System crashes due to too many parallel requests (Dano) |
| * Fixed a header injection via Subject and To parameters to the mail() function (MOPB-34 by Stefan Esser) (Ilia)
| | * Fixed CR-C14-02, Performance problems with MySQL database (Bollin) |
| * Fixed asciiz byte truncation inside mail() (MOPB-33 by Stefan Esser) (Ilia)
| |
| * Fixed wrong length calculation in unserialize S type (MOPB-29 by Stefan Esser) (Stas) | |
| * Fixed a bug in mb_parse_str() that can be used to activate register_globals (MOPB-26 by Stefan Esser) (Ilia)
| |
| * Fixed unallocated memory access/double free in in array_user_key_compare() (MOPB-24 by Stefan Esser) (Stas)
| |
| * Fixed a double free inside session_regenerate_id() (MOPB-22 by Stefan Esser) (Ilia)
| |
| |-
| |
| | style="padding-left:1em"|
| |
| ''NEW FEATUREs''
| |
| |-
| |
| | style="padding-left:2em"|
| |
| * Fixed CVE-2007-1001, GD wbmp used with invalid image size (by Ivan Fratric) (Pierre)
| |
| * Fixed a header injection via Subject and To parameters to the mail() function (MOPB-34 by Stefan Esser) (Ilia)
| |
| * Fixed asciiz byte truncation inside mail() (MOPB-33 by Stefan Esser) (Ilia)
| |
| * Fixed wrong length calculation in unserialize S type (MOPB-29 by Stefan Esser) (Stas)
| |
| * Fixed a bug in mb_parse_str() that can be used to activate register_globals (MOPB-26 by Stefan Esser) (Ilia)
| |
| * Fixed unallocated memory access/double free in in array_user_key_compare() (MOPB-24 by Stefan Esser) (Stas)
| |
| * Fixed a double free inside session_regenerate_id() (MOPB-22 by Stefan Esser) (Ilia)
| |
| |} | | |} |
|
| |
|
|
| |
|
| === Version 3.2 === | | === Version 3.4 === |
| | * released May 15, 2007 |
| {| style="width:100%;border:0px solid green;padding:0em; color: black;" | | {| style="width:100%;border:0px solid green;padding:0em; color: black;" |
| |-
| |
| | style="padding-left:1em"|
| |
| ''BUGs''
| |
| |-
| |
| | style="padding-left:2em"|
| |
| * Fixed CVE-2007-1001, GD wbmp used with invalid image size (by Ivan Fratric) (Pierre)
| |
| * Fixed a header injection via Subject and To parameters to the mail() function (MOPB-34 by Stefan Esser) (Ilia)
| |
| * Fixed asciiz byte truncation inside mail() (MOPB-33 by Stefan Esser) (Ilia)
| |
| * Fixed wrong length calculation in unserialize S type (MOPB-29 by Stefan Esser) (Stas)
| |
| * Fixed a bug in mb_parse_str() that can be used to activate register_globals (MOPB-26 by Stefan Esser) (Ilia)
| |
| * Fixed unallocated memory access/double free in in array_user_key_compare() (MOPB-24 by Stefan Esser) (Stas)
| |
| * Fixed a double free inside session_regenerate_id() (MOPB-22 by Stefan Esser) (Ilia)
| |
| |- | | |- |
| | style="padding-left:1em"| | | | style="padding-left:1em"| |
Line 81: |
Line 30: |
| |- | | |- |
| | style="padding-left:2em"| | | | style="padding-left:2em"| |
| * Fixed CVE-2007-1001, GD wbmp used with invalid image size (by Ivan Fratric) (Pierre) | | * New REQ-S07-01, Adding a new command (show me all activities) (Bollin) |
| * Fixed a header injection via Subject and To parameters to the mail() function (MOPB-34 by Stefan Esser) (Ilia)
| | * New REQ-C07-03, Removing the friendly peer component due to resource problems (Pohl) |
| * Fixed asciiz byte truncation inside mail() (MOPB-33 by Stefan Esser) (Ilia)
| | * New REQ-C07-04, Advisor gives context-sensitive feedback (Pohl, Kury) |
| * Fixed wrong length calculation in unserialize S type (MOPB-29 by Stefan Esser) (Stas)
| |
| * Fixed a bug in mb_parse_str() that can be used to activate register_globals (MOPB-26 by Stefan Esser) (Ilia) | |
| * Fixed unallocated memory access/double free in in array_user_key_compare() (MOPB-24 by Stefan Esser) (Stas)
| |
| * Fixed a double free inside session_regenerate_id() (MOPB-22 by Stefan Esser) (Ilia)
| |
| |}
| |
| | |
| | |
| === Version 3.1 ===
| |
| {| style="width:100%;border:0px solid green;padding:0em; color: black;"
| |
| |-
| |
| | style="padding-left:1em"|
| |
| ''BUGs''
| |
| |-
| |
| | style="padding-left:2em"|
| |
| * Fixed CVE-2007-1001, GD wbmp used with invalid image size (by Ivan Fratric) (Pierre)
| |
| * Fixed a header injection via Subject and To parameters to the mail() function (MOPB-34 by Stefan Esser) (Ilia)
| |
| * Fixed asciiz byte truncation inside mail() (MOPB-33 by Stefan Esser) (Ilia)
| |
| * Fixed wrong length calculation in unserialize S type (MOPB-29 by Stefan Esser) (Stas)
| |
| * Fixed a bug in mb_parse_str() that can be used to activate register_globals (MOPB-26 by Stefan Esser) (Ilia)
| |
| * Fixed unallocated memory access/double free in in array_user_key_compare() (MOPB-24 by Stefan Esser) (Stas)
| |
| * Fixed a double free inside session_regenerate_id() (MOPB-22 by Stefan Esser) (Ilia)
| |
| |-
| |
| | style="padding-left:1em"|
| |
| ''NEW FEATUREs''
| |
| |-
| |
| | style="padding-left:2em"|
| |
| * Fixed CVE-2007-1001, GD wbmp used with invalid image size (by Ivan Fratric) (Pierre) | |
| * Fixed a header injection via Subject and To parameters to the mail() function (MOPB-34 by Stefan Esser) (Ilia)
| |
| * Fixed asciiz byte truncation inside mail() (MOPB-33 by Stefan Esser) (Ilia)
| |
| * Fixed wrong length calculation in unserialize S type (MOPB-29 by Stefan Esser) (Stas)
| |
| * Fixed a bug in mb_parse_str() that can be used to activate register_globals (MOPB-26 by Stefan Esser) (Ilia)
| |
| * Fixed unallocated memory access/double free in in array_user_key_compare() (MOPB-24 by Stefan Esser) (Stas)
| |
| * Fixed a double free inside session_regenerate_id() (MOPB-22 by Stefan Esser) (Ilia)
| |
| |}
| |
| | |
| | |
| === Version 3.0 ===
| |
| {| style="width:100%;border:0px solid green;padding:0em; color: black;"
| |
| |-
| |
| | style="padding-left:1em"|
| |
| ''BUGs''
| |
| |-
| |
| | style="padding-left:2em"|
| |
| * Fixed CVE-2007-1001, GD wbmp used with invalid image size (by Ivan Fratric) (Pierre)
| |
| * Fixed a header injection via Subject and To parameters to the mail() function (MOPB-34 by Stefan Esser) (Ilia)
| |
| * Fixed asciiz byte truncation inside mail() (MOPB-33 by Stefan Esser) (Ilia)
| |
| * Fixed wrong length calculation in unserialize S type (MOPB-29 by Stefan Esser) (Stas)
| |
| * Fixed a bug in mb_parse_str() that can be used to activate register_globals (MOPB-26 by Stefan Esser) (Ilia)
| |
| * Fixed unallocated memory access/double free in in array_user_key_compare() (MOPB-24 by Stefan Esser) (Stas)
| |
| * Fixed a double free inside session_regenerate_id() (MOPB-22 by Stefan Esser) (Ilia)
| |
| |-
| |
| | style="padding-left:1em"|
| |
| ''NEW FEATUREs''
| |
| |-
| |
| | style="padding-left:2em"|
| |
| * Fixed CVE-2007-1001, GD wbmp used with invalid image size (by Ivan Fratric) (Pierre)
| |
| * Fixed a header injection via Subject and To parameters to the mail() function (MOPB-34 by Stefan Esser) (Ilia)
| |
| * Fixed asciiz byte truncation inside mail() (MOPB-33 by Stefan Esser) (Ilia)
| |
| * Fixed wrong length calculation in unserialize S type (MOPB-29 by Stefan Esser) (Stas)
| |
| * Fixed a bug in mb_parse_str() that can be used to activate register_globals (MOPB-26 by Stefan Esser) (Ilia)
| |
| * Fixed unallocated memory access/double free in in array_user_key_compare() (MOPB-24 by Stefan Esser) (Stas)
| |
| * Fixed a double free inside session_regenerate_id() (MOPB-22 by Stefan Esser) (Ilia)
| |
| |}
| |
| | |
| | |
| | |
| == Server ==
| |
| | |
| === Version 3.4 ===
| |
| {| style="width:100%;border:0px solid green;padding:0em; color: black;"
| |
| |- | | |- |
| | style="padding-left:1em"| | | | style="padding-left:1em"| |
Line 159: |
Line 38: |
| |- | | |- |
| | style="padding-left:2em"| | | | style="padding-left:2em"| |
| * Fixed CVE-2007-1001, GD wbmp used with invalid image size (by Ivan Fratric) (Pierre) | | * Fixed CR-C07-01, Client timeouts during a simulation run due to database deadlocks (Pohl) |
| * Fixed a header injection via Subject and To parameters to the mail() function (MOPB-34 by Stefan Esser) (Ilia)
| | * Fixed CR-C07-02, Incorrect synchronisation of the supervisor components (Pohl) |
| * Fixed asciiz byte truncation inside mail() (MOPB-33 by Stefan Esser) (Ilia)
| | * Fixed CR-C06-13, Special characters in the command selection list (Bollin) |
| * Fixed wrong length calculation in unserialize S type (MOPB-29 by Stefan Esser) (Stas)
| | * Fixed CR-C06-02, Old database initialization scripts (Pohl) |
| * Fixed a bug in mb_parse_str() that can be used to activate register_globals (MOPB-26 by Stefan Esser) (Ilia)
| |
| * Fixed unallocated memory access/double free in in array_user_key_compare() (MOPB-24 by Stefan Esser) (Stas)
| |
| * Fixed a double free inside session_regenerate_id() (MOPB-22 by Stefan Esser) (Ilia)
| |
| |-
| |
| | style="padding-left:1em"|
| |
| ''NEW FEATUREs''
| |
| |-
| |
| | style="padding-left:2em"|
| |
| * Fixed CVE-2007-1001, GD wbmp used with invalid image size (by Ivan Fratric) (Pierre) | |
| * Fixed a header injection via Subject and To parameters to the mail() function (MOPB-34 by Stefan Esser) (Ilia)
| |
| * Fixed asciiz byte truncation inside mail() (MOPB-33 by Stefan Esser) (Ilia) | |
| * Fixed wrong length calculation in unserialize S type (MOPB-29 by Stefan Esser) (Stas)
| |
| * Fixed a bug in mb_parse_str() that can be used to activate register_globals (MOPB-26 by Stefan Esser) (Ilia)
| |
| * Fixed unallocated memory access/double free in in array_user_key_compare() (MOPB-24 by Stefan Esser) (Stas) | |
| * Fixed a double free inside session_regenerate_id() (MOPB-22 by Stefan Esser) (Ilia)
| |
| |} | | |} |
|
| |
|
|
| |
|
| === Version 3.3 === | | === Version 3.3 === |
| | * released Dec. 15, 2006 |
| {| style="width:100%;border:0px solid green;padding:0em; color: black;" | | {| style="width:100%;border:0px solid green;padding:0em; color: black;" |
| |-
| |
| | style="padding-left:1em"|
| |
| ''BUGs''
| |
| |-
| |
| | style="padding-left:2em"|
| |
| * Fixed CVE-2007-1001, GD wbmp used with invalid image size (by Ivan Fratric) (Pierre)
| |
| * Fixed a header injection via Subject and To parameters to the mail() function (MOPB-34 by Stefan Esser) (Ilia)
| |
| * Fixed asciiz byte truncation inside mail() (MOPB-33 by Stefan Esser) (Ilia)
| |
| * Fixed wrong length calculation in unserialize S type (MOPB-29 by Stefan Esser) (Stas)
| |
| * Fixed a bug in mb_parse_str() that can be used to activate register_globals (MOPB-26 by Stefan Esser) (Ilia)
| |
| * Fixed unallocated memory access/double free in in array_user_key_compare() (MOPB-24 by Stefan Esser) (Stas)
| |
| * Fixed a double free inside session_regenerate_id() (MOPB-22 by Stefan Esser) (Ilia)
| |
| |- | | |- |
| | style="padding-left:1em"| | | | style="padding-left:1em"| |
Line 200: |
Line 53: |
| |- | | |- |
| | style="padding-left:2em"| | | | style="padding-left:2em"| |
| * Fixed CVE-2007-1001, GD wbmp used with invalid image size (by Ivan Fratric) (Pierre) | | * New REQ-C06-05, The feedback of the simulator is formatted as html text(Pohl) |
| * Fixed a header injection via Subject and To parameters to the mail() function (MOPB-34 by Stefan Esser) (Ilia)
| | * New REQ-C06-06, Line breaks are added for a better reading of texts by users (Pohl) |
| * Fixed asciiz byte truncation inside mail() (MOPB-33 by Stefan Esser) (Ilia) | | * New REQ-S06-06, Changing the model to cover the whole academic year 2007 (Bollin) |
| * Fixed wrong length calculation in unserialize S type (MOPB-29 by Stefan Esser) (Stas)
| |
| * Fixed a bug in mb_parse_str() that can be used to activate register_globals (MOPB-26 by Stefan Esser) (Ilia)
| |
| * Fixed unallocated memory access/double free in in array_user_key_compare() (MOPB-24 by Stefan Esser) (Stas) | |
| * Fixed a double free inside session_regenerate_id() (MOPB-22 by Stefan Esser) (Ilia)
| |
| |}
| |
| | |
| | |
| === Version 3.2 ===
| |
| {| style="width:100%;border:0px solid green;padding:0em; color: black;"
| |
| |- | | |- |
| | style="padding-left:1em"| | | | style="padding-left:1em"| |
Line 217: |
Line 61: |
| |- | | |- |
| | style="padding-left:2em"| | | | style="padding-left:2em"| |
| * Fixed CVE-2007-1001, GD wbmp used with invalid image size (by Ivan Fratric) (Pierre) | | * Fixed CR-C06-04, AORTA handout merged different simulation runs in several graphs (Pohl) |
| * Fixed a header injection via Subject and To parameters to the mail() function (MOPB-34 by Stefan Esser) (Ilia)
| | * Fixed CR-C06-03, Simulation core crash due to a SESAM bug (Bollin) |
| * Fixed asciiz byte truncation inside mail() (MOPB-33 by Stefan Esser) (Ilia)
| |
| * Fixed wrong length calculation in unserialize S type (MOPB-29 by Stefan Esser) (Stas)
| |
| * Fixed a bug in mb_parse_str() that can be used to activate register_globals (MOPB-26 by Stefan Esser) (Ilia) | |
| * Fixed unallocated memory access/double free in in array_user_key_compare() (MOPB-24 by Stefan Esser) (Stas)
| |
| * Fixed a double free inside session_regenerate_id() (MOPB-22 by Stefan Esser) (Ilia)
| |
| |-
| |
| | style="padding-left:1em"|
| |
| ''NEW FEATUREs''
| |
| |-
| |
| | style="padding-left:2em"|
| |
| * Fixed CVE-2007-1001, GD wbmp used with invalid image size (by Ivan Fratric) (Pierre)
| |
| * Fixed a header injection via Subject and To parameters to the mail() function (MOPB-34 by Stefan Esser) (Ilia)
| |
| * Fixed asciiz byte truncation inside mail() (MOPB-33 by Stefan Esser) (Ilia)
| |
| * Fixed wrong length calculation in unserialize S type (MOPB-29 by Stefan Esser) (Stas)
| |
| * Fixed a bug in mb_parse_str() that can be used to activate register_globals (MOPB-26 by Stefan Esser) (Ilia)
| |
| * Fixed unallocated memory access/double free in in array_user_key_compare() (MOPB-24 by Stefan Esser) (Stas)
| |
| * Fixed a double free inside session_regenerate_id() (MOPB-22 by Stefan Esser) (Ilia)
| |
| |} | | |} |
|
| |
|
|
| |
| === Version 3.1 ===
| |
| {| style="width:100%;border:0px solid green;padding:0em; color: black;"
| |
| |-
| |
| | style="padding-left:1em"|
| |
| ''BUGs''
| |
| |-
| |
| | style="padding-left:2em"|
| |
| * Fixed CVE-2007-1001, GD wbmp used with invalid image size (by Ivan Fratric) (Pierre)
| |
| * Fixed a header injection via Subject and To parameters to the mail() function (MOPB-34 by Stefan Esser) (Ilia)
| |
| * Fixed asciiz byte truncation inside mail() (MOPB-33 by Stefan Esser) (Ilia)
| |
| * Fixed wrong length calculation in unserialize S type (MOPB-29 by Stefan Esser) (Stas)
| |
| * Fixed a bug in mb_parse_str() that can be used to activate register_globals (MOPB-26 by Stefan Esser) (Ilia)
| |
| * Fixed unallocated memory access/double free in in array_user_key_compare() (MOPB-24 by Stefan Esser) (Stas)
| |
| * Fixed a double free inside session_regenerate_id() (MOPB-22 by Stefan Esser) (Ilia)
| |
| |-
| |
| | style="padding-left:1em"|
| |
| ''NEW FEATUREs''
| |
| |-
| |
| | style="padding-left:2em"|
| |
| * Fixed CVE-2007-1001, GD wbmp used with invalid image size (by Ivan Fratric) (Pierre)
| |
| * Fixed a header injection via Subject and To parameters to the mail() function (MOPB-34 by Stefan Esser) (Ilia)
| |
| * Fixed asciiz byte truncation inside mail() (MOPB-33 by Stefan Esser) (Ilia)
| |
| * Fixed wrong length calculation in unserialize S type (MOPB-29 by Stefan Esser) (Stas)
| |
| * Fixed a bug in mb_parse_str() that can be used to activate register_globals (MOPB-26 by Stefan Esser) (Ilia)
| |
| * Fixed unallocated memory access/double free in in array_user_key_compare() (MOPB-24 by Stefan Esser) (Stas)
| |
| * Fixed a double free inside session_regenerate_id() (MOPB-22 by Stefan Esser) (Ilia)
| |
| |}
| |
|
| |
|
| |
| === Version 3.0 ===
| |
| {| style="width:100%;border:0px solid green;padding:0em; color: black;"
| |
| |-
| |
| | style="padding-left:1em"|
| |
| ''BUGs''
| |
| |-
| |
| | style="padding-left:2em"|
| |
| * Fixed CVE-2007-1001, GD wbmp used with invalid image size (by Ivan Fratric) (Pierre)
| |
| * Fixed a header injection via Subject and To parameters to the mail() function (MOPB-34 by Stefan Esser) (Ilia)
| |
| * Fixed asciiz byte truncation inside mail() (MOPB-33 by Stefan Esser) (Ilia)
| |
| * Fixed wrong length calculation in unserialize S type (MOPB-29 by Stefan Esser) (Stas)
| |
| * Fixed a bug in mb_parse_str() that can be used to activate register_globals (MOPB-26 by Stefan Esser) (Ilia)
| |
| * Fixed unallocated memory access/double free in in array_user_key_compare() (MOPB-24 by Stefan Esser) (Stas)
| |
| * Fixed a double free inside session_regenerate_id() (MOPB-22 by Stefan Esser) (Ilia)
| |
| |-
| |
| | style="padding-left:1em"|
| |
| ''NEW FEATUREs''
| |
| |-
| |
| | style="padding-left:2em"|
| |
| * Fixed CVE-2007-1001, GD wbmp used with invalid image size (by Ivan Fratric) (Pierre)
| |
| * Fixed a header injection via Subject and To parameters to the mail() function (MOPB-34 by Stefan Esser) (Ilia)
| |
| * Fixed asciiz byte truncation inside mail() (MOPB-33 by Stefan Esser) (Ilia)
| |
| * Fixed wrong length calculation in unserialize S type (MOPB-29 by Stefan Esser) (Stas)
| |
| * Fixed a bug in mb_parse_str() that can be used to activate register_globals (MOPB-26 by Stefan Esser) (Ilia)
| |
| * Fixed unallocated memory access/double free in in array_user_key_compare() (MOPB-24 by Stefan Esser) (Stas)
| |
| * Fixed a double free inside session_regenerate_id() (MOPB-22 by Stefan Esser) (Ilia)
| |
| |}
| |
|
| |
|
|
| |
|
| [[de:Changelog]] | | [[de:Changelog]] |
| [[en:Changelog]] | | [[en:Changelog]] |
| | |
| | __NOTOC__ |
| __NOEDITSECTION__ | | __NOEDITSECTION__ |