b1c8f1006c
Fixes a security issue: Validation of the user language option was broken by a code change in May 2005, opening the possibility of remote code execution as this parameter is used in forming a class name dynamically created with eval(). The validation has been corrected in this version. All prior 1.5 release and prelease versions are affected; 1.4 and earlier and not affected. PR: ports/90335 Submitted by: Thomas Vogt <thomas@bsdunix.ch> Approved by: maintainer timeout |
||
|---|---|---|
| .. | ||
| distinfo | ||
| Makefile | ||
| pkg-descr | ||
| pkg-message | ||