7c47137f7a
This is a bugfix release for 1.2 and it is compatible with the other 1.2 versions. The main reason for this release was an important security fix. This issue was filed as CVE-2007-5742, it did allow others to view the content of files on the remote computer. We did now fix this problem by removing the option to use ../ in paths. Another problem could arise with the preference option "turn_cmd". Due to this problem the computer could either be stalled by a faulty add-on or *maybe* (we found no way to do so) some other application could be started. This option has now been removed since it probably wasn't used anyway. Beside those important changes only small things were changed. For all the other changes (really not much), have a look at the changelog. Since those are rather serious issues we do advise everybody using the 1.2.x stable series to upgrade to 1.2.8 as soon as possible. All saves and the existing content should still work after this upgrade. In general be careful in regards to add-ons you use, there might be some bad ones available even on the official add-on server because the content available there is usually not checked. |
||
|---|---|---|
| .. | ||
| patches | ||
| DESCR | ||
| distinfo | ||
| Makefile | ||
| PLIST | ||