Changelog: Difference between revisions

From Ameise-en
Jump to navigationJump to search
No edit summary
No edit summary
Line 1: Line 1:
== Client ==
== AMEISE System ==
 




=== Version 3.4 ===
=== Version 3.4 ===
* released 2007-02-15
* released 2007-05-15
{| style="width:100%;border:0px solid green;padding:0em; color: black;"
|-
| style="padding-left:1em"|
''BUGs''
|-
| style="padding-left:2em"|
* Fixed CVE-2007-1001, GD wbmp used with invalid image size (by Ivan Fratric) (Pierre)
* Fixed a header injection via Subject and To parameters to the mail() function (MOPB-34 by Stefan Esser) (Ilia)
* Fixed asciiz byte truncation inside mail() (MOPB-33 by Stefan Esser) (Ilia)
* Fixed wrong length calculation in unserialize S type (MOPB-29 by Stefan Esser) (Stas)
* Fixed a bug in mb_parse_str() that can be used to activate register_globals (MOPB-26 by Stefan Esser) (Ilia)
* Fixed unallocated memory access/double free in in array_user_key_compare() (MOPB-24 by Stefan Esser) (Stas)
* Fixed a double free inside session_regenerate_id() (MOPB-22 by Stefan Esser) (Ilia)
|-
| style="padding-left:1em"|
''NEW FEATUREs''
|-
| style="padding-left:2em"|
* Fixed CVE-2007-1001, GD wbmp used with invalid image size (by Ivan Fratric) (Pierre)
* Fixed a header injection via Subject and To parameters to the mail() function (MOPB-34 by Stefan Esser) (Ilia)
* Fixed asciiz byte truncation inside mail() (MOPB-33 by Stefan Esser) (Ilia)
* Fixed wrong length calculation in unserialize S type (MOPB-29 by Stefan Esser) (Stas)
* Fixed a bug in mb_parse_str() that can be used to activate register_globals (MOPB-26 by Stefan Esser) (Ilia)
* Fixed unallocated memory access/double free in in array_user_key_compare() (MOPB-24 by Stefan Esser) (Stas)
* Fixed a double free inside session_regenerate_id() (MOPB-22 by Stefan Esser) (Ilia)
|}
 
 
=== Version 3.3 ===
{| style="width:100%;border:0px solid green;padding:0em; color: black;"
{| style="width:100%;border:0px solid green;padding:0em; color: black;"
|-
| style="padding-left:1em"|
''BUGs''
|-
| style="padding-left:2em"|
* Fixed CVE-2007-1001, GD wbmp used with invalid image size (by Ivan Fratric) (Pierre)
* Fixed a header injection via Subject and To parameters to the mail() function (MOPB-34 by Stefan Esser) (Ilia)
* Fixed asciiz byte truncation inside mail() (MOPB-33 by Stefan Esser) (Ilia)
* Fixed wrong length calculation in unserialize S type (MOPB-29 by Stefan Esser) (Stas)
* Fixed a bug in mb_parse_str() that can be used to activate register_globals (MOPB-26 by Stefan Esser) (Ilia)
* Fixed unallocated memory access/double free in in array_user_key_compare() (MOPB-24 by Stefan Esser) (Stas)
* Fixed a double free inside session_regenerate_id() (MOPB-22 by Stefan Esser) (Ilia)
|-
|-
| style="padding-left:1em"|
| style="padding-left:1em"|
Line 52: Line 10:
|-
|-
| style="padding-left:2em"|
| style="padding-left:2em"|
* Fixed CVE-2007-1001, GD wbmp used with invalid image size (by Ivan Fratric) (Pierre)
* New REQ-S07-01, Adding a new command (show me all activities) (Bollin)
* Fixed a header injection via Subject and To parameters to the mail() function (MOPB-34 by Stefan Esser) (Ilia)
* New REQ-C07-03, Removing the friendly peer component due to resource problems (Pohl)
* Fixed asciiz byte truncation inside mail() (MOPB-33 by Stefan Esser) (Ilia)
* New REQ-C07-04, Advisor gives context-sensitive feedback (Pohl, Kury)
* Fixed wrong length calculation in unserialize S type (MOPB-29 by Stefan Esser) (Stas)
* Fixed a bug in mb_parse_str() that can be used to activate register_globals (MOPB-26 by Stefan Esser) (Ilia)
* Fixed unallocated memory access/double free in in array_user_key_compare() (MOPB-24 by Stefan Esser) (Stas)
* Fixed a double free inside session_regenerate_id() (MOPB-22 by Stefan Esser) (Ilia)
|}
 
 
=== Version 3.2 ===
{| style="width:100%;border:0px solid green;padding:0em; color: black;"
|-
|-
| style="padding-left:1em"|
| style="padding-left:1em"|
Line 69: Line 18:
|-
|-
| style="padding-left:2em"|
| style="padding-left:2em"|
* Fixed CVE-2007-1001, GD wbmp used with invalid image size (by Ivan Fratric) (Pierre)
* Fixed CR-C07-01, Timeouts during a simulation run due to database deadlocks (Pohl)
* Fixed a header injection via Subject and To parameters to the mail() function (MOPB-34 by Stefan Esser) (Ilia)
* Fixed CR-C07-02, Incorrect synchronisation of the supervisor components (Pohl)
* Fixed asciiz byte truncation inside mail() (MOPB-33 by Stefan Esser) (Ilia)
* Fixed CR-C06-13, Special characters in the command selection list (Bollin)
* Fixed wrong length calculation in unserialize S type (MOPB-29 by Stefan Esser) (Stas)
* Fixed CR-C06-02, Old database initilisation scripts (Pohl)
* Fixed a bug in mb_parse_str() that can be used to activate register_globals (MOPB-26 by Stefan Esser) (Ilia)
* Fixed unallocated memory access/double free in in array_user_key_compare() (MOPB-24 by Stefan Esser) (Stas)
* Fixed a double free inside session_regenerate_id() (MOPB-22 by Stefan Esser) (Ilia)
|-
| style="padding-left:1em"|
''NEW FEATUREs''
|-
| style="padding-left:2em"|
* Fixed CVE-2007-1001, GD wbmp used with invalid image size (by Ivan Fratric) (Pierre)
* Fixed a header injection via Subject and To parameters to the mail() function (MOPB-34 by Stefan Esser) (Ilia)
* Fixed asciiz byte truncation inside mail() (MOPB-33 by Stefan Esser) (Ilia)
* Fixed wrong length calculation in unserialize S type (MOPB-29 by Stefan Esser) (Stas)
* Fixed a bug in mb_parse_str() that can be used to activate register_globals (MOPB-26 by Stefan Esser) (Ilia)
* Fixed unallocated memory access/double free in in array_user_key_compare() (MOPB-24 by Stefan Esser) (Stas)
* Fixed a double free inside session_regenerate_id() (MOPB-22 by Stefan Esser) (Ilia)
|}
 
 
=== Version 3.1 ===
{| style="width:100%;border:0px solid green;padding:0em; color: black;"
|-
| style="padding-left:1em"|
''BUGs''
|-
| style="padding-left:2em"|
* Fixed CVE-2007-1001, GD wbmp used with invalid image size (by Ivan Fratric) (Pierre)
* Fixed a header injection via Subject and To parameters to the mail() function (MOPB-34 by Stefan Esser) (Ilia)
* Fixed asciiz byte truncation inside mail() (MOPB-33 by Stefan Esser) (Ilia)
* Fixed wrong length calculation in unserialize S type (MOPB-29 by Stefan Esser) (Stas)
* Fixed a bug in mb_parse_str() that can be used to activate register_globals (MOPB-26 by Stefan Esser) (Ilia)
* Fixed unallocated memory access/double free in in array_user_key_compare() (MOPB-24 by Stefan Esser) (Stas)
* Fixed a double free inside session_regenerate_id() (MOPB-22 by Stefan Esser) (Ilia)
|-
| style="padding-left:1em"|
''NEW FEATUREs''
|-
| style="padding-left:2em"|
* Fixed CVE-2007-1001, GD wbmp used with invalid image size (by Ivan Fratric) (Pierre)
* Fixed a header injection via Subject and To parameters to the mail() function (MOPB-34 by Stefan Esser) (Ilia)
* Fixed asciiz byte truncation inside mail() (MOPB-33 by Stefan Esser) (Ilia)
* Fixed wrong length calculation in unserialize S type (MOPB-29 by Stefan Esser) (Stas)
* Fixed a bug in mb_parse_str() that can be used to activate register_globals (MOPB-26 by Stefan Esser) (Ilia)
* Fixed unallocated memory access/double free in in array_user_key_compare() (MOPB-24 by Stefan Esser) (Stas)
* Fixed a double free inside session_regenerate_id() (MOPB-22 by Stefan Esser) (Ilia)
|}
 
 
=== Version 3.0 ===
{| style="width:100%;border:0px solid green;padding:0em; color: black;"
|-
| style="padding-left:1em"|
''BUGs''
|-
| style="padding-left:2em"|
* Fixed CVE-2007-1001, GD wbmp used with invalid image size (by Ivan Fratric) (Pierre)
* Fixed a header injection via Subject and To parameters to the mail() function (MOPB-34 by Stefan Esser) (Ilia)
* Fixed asciiz byte truncation inside mail() (MOPB-33 by Stefan Esser) (Ilia)
* Fixed wrong length calculation in unserialize S type (MOPB-29 by Stefan Esser) (Stas)
* Fixed a bug in mb_parse_str() that can be used to activate register_globals (MOPB-26 by Stefan Esser) (Ilia)
* Fixed unallocated memory access/double free in in array_user_key_compare() (MOPB-24 by Stefan Esser) (Stas)
* Fixed a double free inside session_regenerate_id() (MOPB-22 by Stefan Esser) (Ilia)
|-
| style="padding-left:1em"|
''NEW FEATUREs''
|-
| style="padding-left:2em"|
* Fixed CVE-2007-1001, GD wbmp used with invalid image size (by Ivan Fratric) (Pierre)
* Fixed a header injection via Subject and To parameters to the mail() function (MOPB-34 by Stefan Esser) (Ilia)
* Fixed asciiz byte truncation inside mail() (MOPB-33 by Stefan Esser) (Ilia)
* Fixed wrong length calculation in unserialize S type (MOPB-29 by Stefan Esser) (Stas)
* Fixed a bug in mb_parse_str() that can be used to activate register_globals (MOPB-26 by Stefan Esser) (Ilia)
* Fixed unallocated memory access/double free in in array_user_key_compare() (MOPB-24 by Stefan Esser) (Stas)
* Fixed a double free inside session_regenerate_id() (MOPB-22 by Stefan Esser) (Ilia)
|}
 
 
 
== Server ==
 
=== Version 3.4 ===
{| style="width:100%;border:0px solid green;padding:0em; color: black;"
|-
| style="padding-left:1em"|
''BUGs''
|-
| style="padding-left:2em"|
* Fixed CVE-2007-1001, GD wbmp used with invalid image size (by Ivan Fratric) (Pierre)
* Fixed a header injection via Subject and To parameters to the mail() function (MOPB-34 by Stefan Esser) (Ilia)
* Fixed asciiz byte truncation inside mail() (MOPB-33 by Stefan Esser) (Ilia)
* Fixed wrong length calculation in unserialize S type (MOPB-29 by Stefan Esser) (Stas)
* Fixed a bug in mb_parse_str() that can be used to activate register_globals (MOPB-26 by Stefan Esser) (Ilia)
* Fixed unallocated memory access/double free in in array_user_key_compare() (MOPB-24 by Stefan Esser) (Stas)
* Fixed a double free inside session_regenerate_id() (MOPB-22 by Stefan Esser) (Ilia)
|-
| style="padding-left:1em"|
''NEW FEATUREs''
|-
| style="padding-left:2em"|
* Fixed CVE-2007-1001, GD wbmp used with invalid image size (by Ivan Fratric) (Pierre)
* Fixed a header injection via Subject and To parameters to the mail() function (MOPB-34 by Stefan Esser) (Ilia)
* Fixed asciiz byte truncation inside mail() (MOPB-33 by Stefan Esser) (Ilia)
* Fixed wrong length calculation in unserialize S type (MOPB-29 by Stefan Esser) (Stas)
* Fixed a bug in mb_parse_str() that can be used to activate register_globals (MOPB-26 by Stefan Esser) (Ilia)
* Fixed unallocated memory access/double free in in array_user_key_compare() (MOPB-24 by Stefan Esser) (Stas)
* Fixed a double free inside session_regenerate_id() (MOPB-22 by Stefan Esser) (Ilia)
|}
|}




=== Version 3.3 ===
=== Version 3.3 ===
* released 2006-12-15
{| style="width:100%;border:0px solid green;padding:0em; color: black;"
{| style="width:100%;border:0px solid green;padding:0em; color: black;"
|-
| style="padding-left:1em"|
''BUGs''
|-
| style="padding-left:2em"|
* Fixed CVE-2007-1001, GD wbmp used with invalid image size (by Ivan Fratric) (Pierre)
* Fixed a header injection via Subject and To parameters to the mail() function (MOPB-34 by Stefan Esser) (Ilia)
* Fixed asciiz byte truncation inside mail() (MOPB-33 by Stefan Esser) (Ilia)
* Fixed wrong length calculation in unserialize S type (MOPB-29 by Stefan Esser) (Stas)
* Fixed a bug in mb_parse_str() that can be used to activate register_globals (MOPB-26 by Stefan Esser) (Ilia)
* Fixed unallocated memory access/double free in in array_user_key_compare() (MOPB-24 by Stefan Esser) (Stas)
* Fixed a double free inside session_regenerate_id() (MOPB-22 by Stefan Esser) (Ilia)
|-
| style="padding-left:1em"|
''NEW FEATUREs''
|-
| style="padding-left:2em"|
* Fixed CVE-2007-1001, GD wbmp used with invalid image size (by Ivan Fratric) (Pierre)
* Fixed a header injection via Subject and To parameters to the mail() function (MOPB-34 by Stefan Esser) (Ilia)
* Fixed asciiz byte truncation inside mail() (MOPB-33 by Stefan Esser) (Ilia)
* Fixed wrong length calculation in unserialize S type (MOPB-29 by Stefan Esser) (Stas)
* Fixed a bug in mb_parse_str() that can be used to activate register_globals (MOPB-26 by Stefan Esser) (Ilia)
* Fixed unallocated memory access/double free in in array_user_key_compare() (MOPB-24 by Stefan Esser) (Stas)
* Fixed a double free inside session_regenerate_id() (MOPB-22 by Stefan Esser) (Ilia)
|}
=== Version 3.2 ===
{| style="width:100%;border:0px solid green;padding:0em; color: black;"
|-
| style="padding-left:1em"|
''BUGs''
|-
| style="padding-left:2em"|
* Fixed CVE-2007-1001, GD wbmp used with invalid image size (by Ivan Fratric) (Pierre)
* Fixed a header injection via Subject and To parameters to the mail() function (MOPB-34 by Stefan Esser) (Ilia)
* Fixed asciiz byte truncation inside mail() (MOPB-33 by Stefan Esser) (Ilia)
* Fixed wrong length calculation in unserialize S type (MOPB-29 by Stefan Esser) (Stas)
* Fixed a bug in mb_parse_str() that can be used to activate register_globals (MOPB-26 by Stefan Esser) (Ilia)
* Fixed unallocated memory access/double free in in array_user_key_compare() (MOPB-24 by Stefan Esser) (Stas)
* Fixed a double free inside session_regenerate_id() (MOPB-22 by Stefan Esser) (Ilia)
|-
|-
| style="padding-left:1em"|
| style="padding-left:1em"|
Line 229: Line 33:
|-
|-
| style="padding-left:2em"|
| style="padding-left:2em"|
* Fixed CVE-2007-1001, GD wbmp used with invalid image size (by Ivan Fratric) (Pierre)
* New REQ-C06-05, The feedback of the simulator is formated as a html textual(Pohl)
* Fixed a header injection via Subject and To parameters to the mail() function (MOPB-34 by Stefan Esser) (Ilia)
* New REQ-C06-06, Line breaks are added for a better predictive text input (Pohl)
* Fixed asciiz byte truncation inside mail() (MOPB-33 by Stefan Esser) (Ilia)
* New REQ-S06-06, Changing the model to cover the whole academic year 2007 (Bollin)
* Fixed wrong length calculation in unserialize S type (MOPB-29 by Stefan Esser) (Stas)
* Fixed a bug in mb_parse_str() that can be used to activate register_globals (MOPB-26 by Stefan Esser) (Ilia)
* Fixed unallocated memory access/double free in in array_user_key_compare() (MOPB-24 by Stefan Esser) (Stas)
* Fixed a double free inside session_regenerate_id() (MOPB-22 by Stefan Esser) (Ilia)
|}
 
 
=== Version 3.1 ===
{| style="width:100%;border:0px solid green;padding:0em; color: black;"
|-
|-
| style="padding-left:1em"|
| style="padding-left:1em"|
Line 246: Line 41:
|-
|-
| style="padding-left:2em"|
| style="padding-left:2em"|
* Fixed CVE-2007-1001, GD wbmp used with invalid image size (by Ivan Fratric) (Pierre)
* Fixed CR-C06-04, AORTA handout mingled different simulation runs in several graphs (Pohl)
* Fixed a header injection via Subject and To parameters to the mail() function (MOPB-34 by Stefan Esser) (Ilia)
* Fixed CR-C06-03, Simulation core crash due to a SESAM bug (Bollin)
* Fixed asciiz byte truncation inside mail() (MOPB-33 by Stefan Esser) (Ilia)
* Fixed wrong length calculation in unserialize S type (MOPB-29 by Stefan Esser) (Stas)
* Fixed a bug in mb_parse_str() that can be used to activate register_globals (MOPB-26 by Stefan Esser) (Ilia)
* Fixed unallocated memory access/double free in in array_user_key_compare() (MOPB-24 by Stefan Esser) (Stas)
* Fixed a double free inside session_regenerate_id() (MOPB-22 by Stefan Esser) (Ilia)
|-
| style="padding-left:1em"|
''NEW FEATUREs''
|-
| style="padding-left:2em"|
* Fixed CVE-2007-1001, GD wbmp used with invalid image size (by Ivan Fratric) (Pierre)
* Fixed a header injection via Subject and To parameters to the mail() function (MOPB-34 by Stefan Esser) (Ilia)
* Fixed asciiz byte truncation inside mail() (MOPB-33 by Stefan Esser) (Ilia)
* Fixed wrong length calculation in unserialize S type (MOPB-29 by Stefan Esser) (Stas)
* Fixed a bug in mb_parse_str() that can be used to activate register_globals (MOPB-26 by Stefan Esser) (Ilia)
* Fixed unallocated memory access/double free in in array_user_key_compare() (MOPB-24 by Stefan Esser) (Stas)
* Fixed a double free inside session_regenerate_id() (MOPB-22 by Stefan Esser) (Ilia)
|}
|}


=== Version 3.0 ===
{| style="width:100%;border:0px solid green;padding:0em; color: black;"
|-
| style="padding-left:1em"|
''BUGs''
|-
| style="padding-left:2em"|
* Fixed CVE-2007-1001, GD wbmp used with invalid image size (by Ivan Fratric) (Pierre)
* Fixed a header injection via Subject and To parameters to the mail() function (MOPB-34 by Stefan Esser) (Ilia)
* Fixed asciiz byte truncation inside mail() (MOPB-33 by Stefan Esser) (Ilia)
* Fixed wrong length calculation in unserialize S type (MOPB-29 by Stefan Esser) (Stas)
* Fixed a bug in mb_parse_str() that can be used to activate register_globals (MOPB-26 by Stefan Esser) (Ilia)
* Fixed unallocated memory access/double free in in array_user_key_compare() (MOPB-24 by Stefan Esser) (Stas)
* Fixed a double free inside session_regenerate_id() (MOPB-22 by Stefan Esser) (Ilia)
|-
| style="padding-left:1em"|
''NEW FEATUREs''
|-
| style="padding-left:2em"|
* Fixed CVE-2007-1001, GD wbmp used with invalid image size (by Ivan Fratric) (Pierre)
* Fixed a header injection via Subject and To parameters to the mail() function (MOPB-34 by Stefan Esser) (Ilia)
* Fixed asciiz byte truncation inside mail() (MOPB-33 by Stefan Esser) (Ilia)
* Fixed wrong length calculation in unserialize S type (MOPB-29 by Stefan Esser) (Stas)
* Fixed a bug in mb_parse_str() that can be used to activate register_globals (MOPB-26 by Stefan Esser) (Ilia)
* Fixed unallocated memory access/double free in in array_user_key_compare() (MOPB-24 by Stefan Esser) (Stas)
* Fixed a double free inside session_regenerate_id() (MOPB-22 by Stefan Esser) (Ilia)
|}




[[de:Changelog]]
[[de:Changelog]]
[[en:Changelog]]
[[en:Changelog]]
__NOTOC__
__NOEDITSECTION__
__NOEDITSECTION__

Revision as of 15:44, 13 August 2013

AMEISE System

Version 3.4

  • released 2007-05-15

NEW FEATUREs

  • New REQ-S07-01, Adding a new command (show me all activities) (Bollin)
  • New REQ-C07-03, Removing the friendly peer component due to resource problems (Pohl)
  • New REQ-C07-04, Advisor gives context-sensitive feedback (Pohl, Kury)

BUGs

  • Fixed CR-C07-01, Timeouts during a simulation run due to database deadlocks (Pohl)
  • Fixed CR-C07-02, Incorrect synchronisation of the supervisor components (Pohl)
  • Fixed CR-C06-13, Special characters in the command selection list (Bollin)
  • Fixed CR-C06-02, Old database initilisation scripts (Pohl)


Version 3.3

  • released 2006-12-15

NEW FEATUREs

  • New REQ-C06-05, The feedback of the simulator is formated as a html textual(Pohl)
  • New REQ-C06-06, Line breaks are added for a better predictive text input (Pohl)
  • New REQ-S06-06, Changing the model to cover the whole academic year 2007 (Bollin)

BUGs

  • Fixed CR-C06-04, AORTA handout mingled different simulation runs in several graphs (Pohl)
  • Fixed CR-C06-03, Simulation core crash due to a SESAM bug (Bollin)


Retrieved from "https://ameise.aau.at/ameise/en/index.php?title=Changelog&oldid=2065"