gnh1201/seeddms-code
1
0
Fork 0
mirror of https://git.code.sf.net/p/seeddms/code synced 2025-05-29 04:57:20 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Merge branch 'seeddms-5.1.x'

Browse Source
This commit is contained in:
Uwe Steinmann 2019-06-20 08:27:24 +02:00
commit 4bcb5f8e4c
1 changed files with 6 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
CHANGELOG
View File

@ -1,10 +1,12 @@
--------------------------------------------------------------------------------
Changes in version 5.1.11
--------------------------------------------------------------------------------
- fix for CVE-2019-12744, add .htaccess file to data directory, better
documentation for installing seeddms
- fix for CVE-2019-12745 and CVE-2019-12801, propperly escape strings used
in Select2 js library used by UsrMgr and GroupMgr
- fix for CVE-2019-12744 (Remote Command Execution through unvalidated
file upload), add .htaccess file to data directory, better documentation
for installing seeddms
- fix for CVE-2019-12745 (Persistent or Stored XSS in UsrMgr) and
CVE-2019-12801 (Persistent or Stored XSS in GroupMgr), propperly escape
strings used in Select2 js library used by UsrMgr and GroupMgr
- do not show attributes in search results in extra column anymore
- fix setting language during login (Closes #437)
- fix indexing documents even if no preIndexDocument hook is set (Closes #437)