Path to this page:
Subject: CVS commit: pkgsrc/print/html2ps
From: Ryo ONODERA
Date: 2011-11-18 22:59:02
Message id: 20111118215902.1C6E3175DD@cvs.netbsd.org
Log Message:
Update to 1.0b7
I was unaware of version up.
* Fix html2psrc path in patch-aa
Changelog:
051211 1.0b5 Bug fixes. Added -M option.
091021 1.0b6 "Security" fix. Changed behavior for SSI, to avoid having
arbitrary readable files disclosed on a web server that uses
html2ps in a web application (cgi script etc), allowing HTML
files to be uploaded for conversion. Setting up a service like
this is begging for trouble in my opinion. (Is /bin/cat also
a vulnerability, since one can use it in a web app, allowing
uploading arbitrary parameters to it?)
100507 1.0b7 Fixed a bug introduced by the previous bug fix...
Files: