Navigation:
Browse pkgsrc
(this page) 2018-01-19 23:11:35 by S.P.Zeidler | Files touched by this commit (3) |  |
Log message: Pullup ticket #5686 - requested by taca www/contao35: security update Revisions pulled up: - www/contao35/Makefile 1.36 - www/contao35/PLIST 1.18 - www/contao35/distinfo 1.28 ------------------------------------------------------------------- Module Name: pkgsrc Committed By: taca Date: Thu Jan 18 16:13:31 UTC 2018 Modified Files: pkgsrc/www/contao35: Makefile PLIST distinfo Log message: www/contao35: update to 3.5.32 Contao 3.5.32 is available 2018/01/18 09:48 by Leo Feyer Contao version 3.5.32 is available. The bugfix release fixes an XSS vulnerability in the newsletter extension (CVE-2018-5478). CVE-2018-5478 The vulnerability is in the "unsubscribe" module of the newsletter \ extension and can easily be exploited by anyone in the front end. We therefore strongly recommend you to update. The problem affects Contao 2.0.0 to 3.5.31 and the Contao newsletter bundle 4.0.0 to 4.0.3. If you are not using the newsletter extension or the "unsubscribe" \ module, your installation is not affected by the vulnerability. To generate a diff of this commit: cvs rdiff -u -r1.35 -r1.36 pkgsrc/www/contao35/Makefile cvs rdiff -u -r1.17 -r1.18 pkgsrc/www/contao35/PLIST cvs rdiff -u -r1.27 -r1.28 pkgsrc/www/contao35/distinfo |
New packages: