"Desc: Input passed via the parameter 'sortby' is not properly
sanitised before being returned to the user or used in SQL queries.
This can be exploited to manipulate SQL queries by injecting
arbitrary SQL code. The param 'num' is vulnerable to a XSS issue
where the attacker can execute arbitrary HTML and script code in
a user's browser session in context of an affected site."
Security issues require admin login.
ClamAV 0.97.5 addresses possible evasion cases in some archive formats
(CVE-2012-1457, CVE-2012-1458, CVE-2012-1459). It also addresses stability
issues in portions of the bytecode engine. This release is recommended for all
users.
Don't redirect errors to /dev/null and don't return true(1)
unconditionally. Instead, don't check for the existence of index.theme.
This will allow us to catch errors that may be happening because of a
missing dependency in the chain.
Some hidden issues may appear, in which case please contact me.
discussed with and ok blind jasper@
unconditionally. Instead, don't check for the existence of index.theme.
This will allow us to catch errors that may be happening because of a
missing dependency in the chain.
Some hidden issues may appear, in which case please contact me.
discussed with and ok blind jasper@
Text files are nowadays usually encoded in Unicode, and may consist of
very different scripts - from Latin letters to Chinese Hanzi -, with
many kinds of special characters - accents, right-to-left writing marks,
hyphens, Roman numbers, and much more. But the POSIX platform APIs for
text do not contain adequate functions for dealing with particular
properties of many Unicode characters. In fact, the POSIX APIs for text
have several assumptions at their base which don't hold for Unicode
text.
This library provides functions for manipulating Unicode strings and for
manipulating C strings according to the Unicode standard.
small tweaks and ok jasper@
- since we no longer have GCC3_ARCHES, simplify, no way it's gonna compile
on a GCC2_ARCH anyways (size matters)
- so, we have only SHARED_ONLY arches, remove those frags as well.
- fold back qt4-sqlite since sqlite is part of core now.
cmake-based ports that use "CHECK_LIBRARY_EXISTS(pthread ...)".
Fix libpthread linking for devel/llvm too (additional care was
needed).
No fallout in a bulk build: thanks landry!
