[phpBB] svn: r301 - trunk/phpbb2

kink at wolffelaar.nl kink at wolffelaar.nl
Thu Jul 6 20:18:36 CEST 2006


Author: kink
Date: 2006-07-06 20:18:35 +0200 (Thu, 06 Jul 2006)
New Revision: 301

Modified:
   trunk/phpbb2/changelog
Log:
phpbb 2.0.20 fixed a bug with a cve id, better note it in the changelog
btw, this bug was assessed as totally insignificant, but a cve is a cve
of course.


Modified: trunk/phpbb2/changelog
===================================================================
--- trunk/phpbb2/changelog	2006-07-04 13:25:06 UTC (rev 300)
+++ trunk/phpbb2/changelog	2006-07-06 18:18:35 UTC (rev 301)
@@ -1,3 +1,9 @@
+phpbb2 (2.0.21-2) unstable; urgency=low
+
+  * 
+
+ -- Thijs Kinkhorst <thijs at debian.org>  Thu,  6 Jul 2006 20:14:24 +0200
+
 phpbb2 (2.0.21-1) unstable; urgency=low
 
   * New upstream release (Closes: #345359, #375865).
@@ -4,6 +10,8 @@
     + Addresses obscure security bug: XSS with onmouseover, only exploitable
       with Internet Explorer and Allow HTML on which is highly unrecommended
       by this package. (CVE-2005-4357, Closes: #344674, #345359)
+    + Addresses even more obscure security bug: admin_smilies.php smile_url
+      Variable XSS (CVE-2006-0437, Closes: #352635).
     + Obsoletes 027_CVE-2006-1896_admin_cmd_exec.diff.
 
   * Add 019_disable_logintries.diff: skip this new feature since it's





More information about the phpBB-l mailing list