mbirth/LuckyCoinkydink
1
0
Fork 0
Code Issues Pull Requests Activity

It's really hard to find out when it's 72 characters ...

Browse Source 
References #348
This commit is contained in:
Matthias Mees 2015-06-17 21:32:16 +02:00
parent ce57ec8a38
commit a148f7b227
1 changed files with 67 additions and 67 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

134
docs/NEWS_OLD
View File

@ -1,7 +1,7 @@
(The latest changes are documented in the NEWS-file)
Version 1.6.2 (May 16th, 2012)
-----------------------------------------------------------------------
------------------------------------------------------------------------
* Fix SQL injection for comment.php used in read-context.
(Thanks to High-Tech Bridge SA Security Release Lab, Advisory
@ -9,7 +9,7 @@ Version 1.6.2 (May 16th, 2012)
Version 1.6.1 (May 8th, 2012)
-----------------------------------------------------------------------
------------------------------------------------------------------------
* Improved escaping of backend plugin management for DB query
and media selector output (Stefan Schurtz)
@ -33,7 +33,7 @@ Version 1.6.1 (May 8th, 2012)
Version 1.6 (October 27th 2011)
-----------------------------------------------------------------------
------------------------------------------------------------------------
* Fix XSS issue in mediadatabase and karma filtering, thanks to
Stefan Schurtz
@ -189,7 +189,7 @@ Version 1.6 (October 27th 2011)
Version 1.5.5 (December 21st, 2010)
-----------------------------------------------------------------------
------------------------------------------------------------------------
* Due to security issues in the bundled Xinha WYSIWYG,
disabled the PHP-based plugins (which are not utilized by
@ -198,7 +198,7 @@ Version 1.5.5 (December 21st, 2010)
Version 1.5.4 (August 26th, 2010)
-----------------------------------------------------------------------
------------------------------------------------------------------------
* Fix XSS in backend, thanks to High-Tech Bridge SA #HTB22595
@ -219,7 +219,7 @@ Version 1.5.4 (August 26th, 2010)
Version 1.5.3 (May 10th, 2010)
-----------------------------------------------------------------------
------------------------------------------------------------------------
* Added workaround for dynamic configuration of Xinha plugins
ExtendedFilemanager, ImageManager,
@ -228,19 +228,19 @@ Version 1.5.3 (May 10th, 2010)
Version 1.5.2 (January 25th, 2010)
-----------------------------------------------------------------------
------------------------------------------------------------------------
* Fixed SQL upgrade path for SQLite.
Version 1.5.1 (December 21st, 2009)
-----------------------------------------------------------------------
------------------------------------------------------------------------
* Fix bug with not showing "html" type configuration items.
Version 1.5 (December 21st, 2009)
-----------------------------------------------------------------------
------------------------------------------------------------------------
* Show backend comment pagination in footer and header
@ -431,7 +431,7 @@ Version 1.5 (December 21st, 2009)
Version 1.4.2 (June?, 2009)
-----------------------------------------------------------------------
------------------------------------------------------------------------
* Changed spamblock plugin for text filtering to ignore trailing
or prepending spaces in blacklists (garvinhicking)
@ -444,7 +444,7 @@ Version 1.4.2 (June?, 2009)
Version 1.4.1 (January 16th, 2009)
-----------------------------------------------------------------------
------------------------------------------------------------------------
* Fix missing index key creation for statistics tables in the
statistics plugin (isotopp)
@ -459,7 +459,7 @@ Version 1.4.1 (January 16th, 2009)
Version 1.4 (December 29th, 2008)
-----------------------------------------------------------------------
------------------------------------------------------------------------
* Added new event hooks for future support of WYSIWYG button
modifications (judebert) [1.4-beta2]
@ -655,7 +655,7 @@ Version 1.4 (December 29th, 2008)
Version 1.3.1 (April 22nd, 2008)
-----------------------------------------------------------------------
------------------------------------------------------------------------
* Add XSS security checks for installer, even though very
hypothetical application :) (Hanno Boeck)
@ -670,7 +670,7 @@ Version 1.3.1 (April 22nd, 2008)
Version 1.3 (March 18th, 2008)
-----------------------------------------------------------------------
------------------------------------------------------------------------
* Fix possible XSS injection for published trackbacks, thanks to
Peter Höwe!
@ -691,7 +691,7 @@ Version 1.3 (March 18th, 2008)
Version 1.3-beta1 (February 25th, 2008)
-----------------------------------------------------------------------
------------------------------------------------------------------------
* Fix sidebar plugin for the author's list to not include counting
drafted articles (garvinhicking)
@ -817,7 +817,7 @@ Version 1.3-beta1 (February 25th, 2008)
Version 1.2.1 (December 8th, 2007)
-----------------------------------------------------------------------
------------------------------------------------------------------------
* Updated Textile library to 2.0, by Lars Strojny
@ -852,7 +852,7 @@ Version 1.2.1 (December 8th, 2007)
Version 1.2 (August 26th, 2007)
-----------------------------------------------------------------------
------------------------------------------------------------------------
* Added bulletproof template by http://s9y-bulletproof.com
@ -1041,7 +1041,7 @@ Version 1.2 (August 26th, 2007)
Version 1.1.4 (August 8th, 2007)
-----------------------------------------------------------------------
------------------------------------------------------------------------
* Fix being able to set entryproperties values via POST-Request (and
being able to bypass password-protection of an entry, when the
@ -1049,7 +1049,7 @@ Version 1.1.4 (August 8th, 2007)
Version 1.1.3 (June 17th, 2007)
-----------------------------------------------------------------------
------------------------------------------------------------------------
* Fix SQL injection through 'commentMode' variable. Thanks to
Dr. Neal Krawetz
@ -1059,7 +1059,7 @@ Version 1.1.3 (June 17th, 2007)
Version 1.1.2 (March 1st, 2007)
-----------------------------------------------------------------------
------------------------------------------------------------------------
* Fix showing SQL error message when an empty category is selected
for viewing. Fixes an issue reported by Samenspender that was
@ -1071,7 +1071,7 @@ Version 1.1.2 (March 1st, 2007)
Version 1.1.1 (February 22nd, 2007)
-----------------------------------------------------------------------
------------------------------------------------------------------------
* Patch plugin permissionship management to properly indicate
forbidden plugins/hooks, even if the admin user is not contained
@ -1098,7 +1098,7 @@ Version 1.1.1 (February 22nd, 2007)
Version 1.1 (December 28th, 2006)
-----------------------------------------------------------------------
------------------------------------------------------------------------
* Fix better installer warning messages when directories have no
write privileges and already exist. Thanks to wagwag!
@ -1140,7 +1140,7 @@ Version 1.1 (December 28th, 2006)
Version 1.1-beta5 (October 18th, 2006)
-----------------------------------------------------------------------
------------------------------------------------------------------------
* Added new plugin hooks:
backend_templates_configuration_top
@ -1184,7 +1184,7 @@ Version 1.1-beta5 (October 18th, 2006)
Version 1.1-beta3 ()
-----------------------------------------------------------------------
------------------------------------------------------------------------
* Change permalinks to allow "%" in URLS. Fix templatedropdown
plugin to remove double "//". Fix bad htmlspecialchars of the
@ -1210,7 +1210,7 @@ Version 1.1-beta3 ()
Version 1.1-beta1 (August 14th, 2006)
-----------------------------------------------------------------------
------------------------------------------------------------------------
* Fix multiple loading of $serendipity['smarty'] theme options when
calling serendipity_smarty_init() more than once. Many thanks to
@ -1316,7 +1316,7 @@ Version 1.1-beta1 (August 14th, 2006)
Version 1.1-alpha6()
-----------------------------------------------------------------------
------------------------------------------------------------------------
* Use possibly existing local PEAR by default. Patch by Davey
(garvinhicking)
@ -1335,7 +1335,7 @@ Version 1.1-alpha6()
Version 1.1-alpha5()
-----------------------------------------------------------------------
------------------------------------------------------------------------
* Implemented Drag and Drop based plugin configuration panel for
re-ordering plugin layout. Uses JavaScript - works like old
@ -1457,7 +1457,7 @@ Version 1.1-alpha5()
Version 1.0.4 (December 1st, 2006)
-----------------------------------------------------------------------
------------------------------------------------------------------------
* Fix local file inclusion bug on systems with two conditions:
register_globals=on AND missing .htaccess for restricting access to
@ -1468,7 +1468,7 @@ Version 1.0.4 (December 1st, 2006)
Version 1.0.3 (November 7th, 2006)
-----------------------------------------------------------------------
------------------------------------------------------------------------
* Fix PHP 5.2.0 compatibility issue. (garvinhicking)
@ -1506,14 +1506,14 @@ Version 1.0.3 (November 7th, 2006)
Version 1.0.2 (October 18th, 2006)
-----------------------------------------------------------------------
------------------------------------------------------------------------
* Fix a security issue with XSS on the admin backend for registered
authors. Many thanks to Stefan Esser! (garvinhicking)
Version 1.0.1 (August 14th, 2006)
-----------------------------------------------------------------------
------------------------------------------------------------------------
* Fix problem on newer Firefox versions, where insertion of images
in the WYSIWYG editor did not work. It might be necessary to
@ -1531,7 +1531,7 @@ Version 1.0.1 (August 14th, 2006)
Version 1.0 (June 15th, 2006)
-----------------------------------------------------------------------
------------------------------------------------------------------------
* Insert logic for saving an entry that prevents the iframe for
trackbacks/xml-rpc pings to save an entry multiple times upon
@ -1586,7 +1586,7 @@ Version 1.0 (June 15th, 2006)
Version 1.0-beta2 (March 13th, 2006)
-----------------------------------------------------------------------
------------------------------------------------------------------------
* Fixed chief-editor not being able to create editors (garvinhicking)
@ -1688,7 +1688,7 @@ Version 1.0-beta2 (March 13th, 2006)
Version 1.0-beta1 (January 23rd, 2006)
-----------------------------------------------------------------------
------------------------------------------------------------------------
* Apply changes to shared installation directory detection so that
it also works with Apache's mod_userdir (elf2000)
@ -1797,7 +1797,7 @@ Version 1.0-beta1 (January 23rd, 2006)
Version 0.9.2 ()
-----------------------------------------------------------------------
------------------------------------------------------------------------
* Fix server locale order to always first use the charset locale
instead of a generic locale. Fixes bug #1384978 (garvinhicking)
@ -1837,7 +1837,7 @@ Version 0.9.2 ()
Version 0.9.1 (November 23rd, 2005)
-----------------------------------------------------------------------
------------------------------------------------------------------------
* Fix renaming authors and categories to also properly update permalinks
that have no %id% column (garvinhicking)
@ -1891,7 +1891,7 @@ Version 0.9.1 (November 23rd, 2005)
Version 0.9 (October 28th, 2005)
-----------------------------------------------------------------------
------------------------------------------------------------------------
* Spamblock plugin can now check domains against the blogg.de
blacklist (http://spam.blogg.de/blacklist.txt). Deactivated by
@ -1916,7 +1916,7 @@ Version 0.9 (October 28th, 2005)
Version 0.9-beta3 (October 21st, 2005)
-----------------------------------------------------------------------
------------------------------------------------------------------------
* Syndication plugin: Do not show E-Mail adress in RSS feed by default
(garvinhicking)
@ -1941,7 +1941,7 @@ Version 0.9-beta3 (October 21st, 2005)
Version 0.9-beta2 (October 13th, 2005)
-----------------------------------------------------------------------
------------------------------------------------------------------------
* Fix "easy installation" leading to an error with language charsets.
Thanks to Heddesheimer from the forums for spotting this!
@ -1985,7 +1985,7 @@ Version 0.9-beta2 (October 13th, 2005)
Version 0.9-beta1 (September 29th, 2005)
-----------------------------------------------------------------------
------------------------------------------------------------------------
* Change Onyx RSS parser and xml_parser_* functions to already specify
the source charset, so that PHP functions can do the recoding on
@ -2214,7 +2214,7 @@ Version 0.9-beta1 (September 29th, 2005)
Version 0.8.5 (September 29th, 2005)
-----------------------------------------------------------------------
------------------------------------------------------------------------
* More Security: When changing the password in your personal preferences,
you need to insert the old password. Secure backend forms with extra
@ -2250,7 +2250,7 @@ Version 0.8.5 (September 29th, 2005)
Version 0.8.4 (August 19th, 2005)
-----------------------------------------------------------------------
------------------------------------------------------------------------
* Add HTML information about calendar arrows image size to bypass
large sizing in Internet Explorer. Thanks to frodeste from the
@ -2279,7 +2279,7 @@ Version 0.8.4 (August 19th, 2005)
Version 0.8.3 (August 4th, 2004)
-----------------------------------------------------------------------
------------------------------------------------------------------------
* Upgraded bundled libs:
Cache_Lite to 1.5.1
@ -2334,7 +2334,7 @@ Version 0.8.3 (August 4th, 2004)
Version 0.8.2 (June 29th, 2005)
-----------------------------------------------------------------------
------------------------------------------------------------------------
* fixed remote code execution vulnerability. Thanks to Gulftech
Research for pointing out that bug and Stefan Esser for helping
@ -2369,7 +2369,7 @@ Version 0.8.2 (June 29th, 2005)
Version 0.8.1 (May 17th, 2005)
-----------------------------------------------------------------------
------------------------------------------------------------------------
* Fix missing PDF thumbnail creation (imagemagick only)
(garvinhicking)
@ -2421,7 +2421,7 @@ Version 0.8.1 (May 17th, 2005)
Version 0.8 (April, 15th 2005)
-----------------------------------------------------------------------
------------------------------------------------------------------------
* Added icelandic translation by Örn Arnarson
@ -2440,7 +2440,7 @@ Version 0.8 (April, 15th 2005)
Version 0.8-beta6 (April 8th, 2005)
-----------------------------------------------------------------------
------------------------------------------------------------------------
* Remove unique constraint for url_idx on the referrer suppress table
and replaced it by a simple index. Fixes fatal errors on postgresql
@ -2458,7 +2458,7 @@ Version 0.8-beta6 (April 8th, 2005)
Version 0.8-beta5 (April 1st, 2005)
-----------------------------------------------------------------------
------------------------------------------------------------------------
* Fix XMLRPC problems for getting existing posts. Thanks a lot to
TimothyP from the forums! (garvinhicking)
@ -2494,7 +2494,7 @@ Version 0.8-beta5 (April 1st, 2005)
Version 0.8-beta3/4 (March 15th, 2005)
-----------------------------------------------------------------------
------------------------------------------------------------------------
* Drop SQL index on comment's body. This was not used in our code,
and caused trouble with large comments on pgsql and MySQL.
@ -2568,7 +2568,7 @@ Version 0.8-beta3/4 (March 15th, 2005)
Version 0.8-beta2 (March 5th, 2005)
-----------------------------------------------------------------------
------------------------------------------------------------------------
* Show "create entry" toolbar for plugins like the Emoticon Chooser
also when WYSIWYG editor is enabled (garvinhicking)
@ -2587,7 +2587,7 @@ Version 0.8-beta2 (March 5th, 2005)
Version 0.8-beta1 (March 4th, 2005)
-----------------------------------------------------------------------
------------------------------------------------------------------------
* Added Persian language and template for RTL-Languages by Omid
Mottaghi
@ -2915,7 +2915,7 @@ Version 0.8-beta1 (March 4th, 2005)
Version 0.7.1 (December 2nd, 2004)
-----------------------------------------------------------------------
------------------------------------------------------------------------
* Fixed captcha string variation on some setups by explicitly seeding
the randomness (garvinhicking)
@ -2928,7 +2928,7 @@ Version 0.7.1 (December 2nd, 2004)
Version 0.7 (November 8th, 2004)
-----------------------------------------------------------------------
------------------------------------------------------------------------
* Fixed concatenation syntax on PostgreSQL, only used by plugin
"Entrylinks". (garvinhicking)
@ -2956,14 +2956,14 @@ Version 0.7 (November 8th, 2004)
Version 0.7-rc1 (October 20th, 2004)
-----------------------------------------------------------------------
------------------------------------------------------------------------
* Fixed possible HTTP Response Splitting security issue. Thanks to
ChaoticEvil for reporting! (jannis, garvinhicking)
Version 0.7-beta4 (October 14th, 2004)
-----------------------------------------------------------------------
------------------------------------------------------------------------
* Bug #1016342 - Fixed RSS UTF8 decoding for remote RSS plugin.
(garvinhicking)
@ -3022,7 +3022,7 @@ Version 0.7-beta4 (October 14th, 2004)
Version 0.7-beta3 (September 21st, 2004)
-----------------------------------------------------------------------
------------------------------------------------------------------------
* Bug #1031444 - Fixed postgreSQL error (for older versions of
pgsql) when creating categories (garvinhicking)
@ -3054,7 +3054,7 @@ Version 0.7-beta3 (September 21st, 2004)
Version 0.7-beta2 (September 15th, 2004)
-----------------------------------------------------------------------
------------------------------------------------------------------------
* Fixed entries pagination for special cases where quickump calendar
was displayed on the left sidebar (garvinhicking)
@ -3084,7 +3084,7 @@ Version 0.7-beta2 (September 15th, 2004)
Version 0.7-beta1 (September 6th, 2004)
-----------------------------------------------------------------------
------------------------------------------------------------------------
* Disable the use of popups by default (tomsommer)
@ -3509,7 +3509,7 @@ Version 0.7-beta1 (September 6th, 2004)
Version 0.6-pl3 (June 20th, 2004)
-----------------------------------------------------------------------
------------------------------------------------------------------------
* WYSIWYG-Editor: Links were prefixed with '/' wrongly (IE only).
Now all entered links will be put to an absolute URL consistently.
@ -3525,14 +3525,14 @@ Version 0.6-pl3 (June 20th, 2004)
Version 0.6-pl2 (May 24th, 2004)
-----------------------------------------------------------------------
------------------------------------------------------------------------
* Fixed security vulnerability on servers with Register_Globals On.
(garvinhicking, gschlossnagle, tomsommer)
Version 0.6-pl1 (May 15th, 2004)
-----------------------------------------------------------------------
------------------------------------------------------------------------
* Fixed trackbacks not associated to the right entry id (garvinhicking)
@ -3540,7 +3540,7 @@ Version 0.6-pl1 (May 15th, 2004)
Version 0.6 (May 12th, 2004)
-----------------------------------------------------------------------
------------------------------------------------------------------------
[changes since 0.6-rc2]
* Creative Commons plugin bugfix (wrong 'non-commercial' case)
@ -3753,7 +3753,7 @@ Version 0.6 (May 12th, 2004)
Version 0.5-pl1 (February, 14th 2004)
-----------------------------------------------------------------------
------------------------------------------------------------------------
* Fixed XHTML-invalid anchor name (garvinhicking)
@ -3773,7 +3773,7 @@ Version 0.5-pl1 (February, 14th 2004)
Version 0.5 (February 6th, 2004)
-----------------------------------------------------------------------
------------------------------------------------------------------------
* Fixed bug not showing comment or entry admin-tools on apparently
static pages (garvinhicking, tomsommer)
@ -3847,7 +3847,7 @@ Version 0.5 (February 6th, 2004)
Version 0.4 (December 12th, 2003)
-----------------------------------------------------------------------
------------------------------------------------------------------------
* Fixed bug #841972 - Remove reference to leer.png (tomsommer)
@ -3886,7 +3886,7 @@ Version 0.4 (December 12th, 2003)
Version 0.3 (October 7th, 2003)
-----------------------------------------------------------------------
------------------------------------------------------------------------
* Fixed evaluation of the 'embed' variable and added a small 'HowTo'
to the INSTALL file (garvinhicking)
@ -4274,4 +4274,4 @@ Version 0.3 (October 7th, 2003)
Version 0.2 (April 4th, 2003)
-----------------------------------------------------------------------
------------------------------------------------------------------------