-
Committer:
Package Import Robot
-
Author(s):
Thomas Goirand
-
Date:
2011-09-11 05:15:26 UTC
-
mfrom:
(1.3.2)
-
Revision ID:
package-import@ubuntu.com-20110911051526-yc7qzbh04hqmj4ny
Tags: 0.29.18-1+lenny2
* QA upload fixing:
- Removed old iGlobalWall folder which included unwanted information.
- Removed sourceless OSX mod_log_sql.so files (Closes: #637469).
- Fixes lists shell injection issue (Closes: #637477).
- Sets unix rights to non-world readable for the apache2.conf file,
since it contains SQL access password (Closes: #637485).
- Now htmlspecialchars() the output of DNS & MX, preventing a possible
HTML injection issue (Closes: #637584).
- Fixes "package installer includes php files in untrusted directories"
if some package install packages are installed (Closes: #637629, #637630).
- Adds htmlspecialchars() in the ticket display.
- Fixes sudo access to chrootuid is giving access to root using the new
dtc-chroot-wrapper (Closes: #637618).
- Not using htpasswd -b to create .htpasswd files (Closes: #637537).
- Checks $_SERVER["addrlink"] input correctly, since it could lead to very
bad SQL insertion (Closes: #637487 ).
- Fixes an SQL injection in package installer (Closes: #637632).
- Fixes an SQL injection in the draw_user_admin.php (Closes: #637669).