kpriv/freebsd-ports
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Document security issues fixed in CodeIgniter 3.1.0 and 3.1.2

Browse source 
Note the security issue in CodeIgniter 3.1.1 is documented being valid on
PHP 5.3 only.

Security:	https://vuxml.FreeBSD.org/freebsd/5e439ee7-d3bd-11e6-ae1b-002590263bf5.html
Security:	https://vuxml.FreeBSD.org/freebsd/496160d3-d3be-11e6-ae1b-002590263bf5.html
This commit is contained in:
Jason Unovitch 2017-01-06 03:18:20 +00:00
parent 81b9a5e721
commit 147a47fef2
Notes: svn2git 2021-03-31 03:12:20 +00:00 
svn path=/head/; revision=430680
1 changed files with 53 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

53
security/vuxml/vuln.xml
View file

@ -58,6 +58,59 @@ Notes:
* Do not forget port variants (linux-f10-libxml2, libxml2, etc.)
-->
<vuxml xmlns="http://www.vuxml.org/apps/vuxml-1">
<vuln vid="496160d3-d3be-11e6-ae1b-002590263bf5">
<topic>codeigniter -- multiple vulnerabilities</topic>
<affects>
<package>
<name>codeigniter</name>
<range><lt>3.1.2</lt></range>
</package>
</affects>
<description>
<body xmlns="http://www.w3.org/1999/xhtml">
<p>The CodeIgniter changelog reports:</p>
<blockquote cite="https://www.codeigniter.com/user_guide/changelog.html">
<p>Fixed a number of new vulnerabilities in Security Library method
xss_clean().</p>
</blockquote>
</body>
</description>
<references>
<url>https://www.codeigniter.com/user_guide/changelog.html</url>
</references>
<dates>
<discovery>2016-10-28</discovery>
<entry>2017-01-06</entry>
</dates>
</vuln>
<vuln vid="5e439ee7-d3bd-11e6-ae1b-002590263bf5">
<topic>codeigniter -- multiple vulnerabilities</topic>
<affects>
<package>
<name>codeigniter</name>
<range><lt>3.1.0</lt></range>
</package>
</affects>
<description>
<body xmlns="http://www.w3.org/1999/xhtml">
<p>The CodeIgniter changelog reports:</p>
<blockquote cite="https://www.codeigniter.com/user_guide/changelog.html">
<p>Fixed an SQL injection in the odbc database driver.</p>
<p>Updated set_realpath() Path Helper function to filter-out php://
wrapper inputs.</p>
</blockquote>
</body>
</description>
<references>
<url>https://www.codeigniter.com/user_guide/changelog.html</url>
</references>
<dates>
<discovery>2016-07-26</discovery>
<entry>2017-01-06</entry>
</dates>
</vuln>
<vuln vid="eafa3aec-211b-4dd4-9b8a-a664a3f0917a">
<topic>w3m -- multiple vulnerabilities</topic>
<affects>