kpriv/pkgsrc
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
pkgsrc/www/contao35
History
taca aaeff9c265 www/contao35: update to 3.5.35 
Version 3.5.35 (2018-04-18)
---------------------------

### Fixed
Fix an XSS vulnerability in the system log (see CVE-2018-10125).

CVE-2018-10125

With a manipulated request, an attacker can implant a script which is executed
when a logged in back end user opens the system log.  The attacker themselves
does not have to be logged in.

The problem affects Contao 3.0.0 to 3.5.34, 4.0.0 to 4.4.17 and 4.5.0 to
4.5.7. We highly recommend you to update.
2018-04-23 14:00:17 +00:00
..
files
DEINSTALL
DESCR
distinfo www/contao35: update to 3.5.35 2018-04-23 14:00:17 +00:00
INSTALL
Makefile www/contao35: update to 3.5.35 2018-04-23 14:00:17 +00:00
MESSAGE
PLIST www/contao35: update to 3.5.34 2018-03-06 16:25:38 +00:00