| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
|
|
Problems found locating distfiles:
Package haskell-cgi: missing distfile haskell-cgi-20001206.tar.gz
Package nginx: missing distfile array-var-nginx-module-0.04.tar.gz
Package nginx: missing distfile encrypted-session-nginx-module-0.04.tar.gz
Package nginx: missing distfile headers-more-nginx-module-0.261.tar.gz
Package nginx: missing distfile nginx_http_push_module-0.692.tar.gz
Package nginx: missing distfile set-misc-nginx-module-0.29.tar.gz
Package nginx-devel: missing distfile echo-nginx-module-0.58.tar.gz
Package nginx-devel: missing distfile form-input-nginx-module-0.11.tar.gz
Package nginx-devel: missing distfile lua-nginx-module-0.9.16.tar.gz
Package nginx-devel: missing distfile nginx_http_push_module-0.692.tar.gz
Package nginx-devel: missing distfile set-misc-nginx-module-0.29.tar.gz
Package php-owncloud: missing distfile owncloud-8.2.0.tar.bz2
Otherwise, existing SHA1 digests verified and found to be the same on
the machine holding the existing distfiles (morden). All existing
SHA1 digests retained for now as an audit trail.
|
|
|
|
Linux/Windows binaries are in distribution.
|
|
|
|
|
|
|
|
|
|
many packages used to use ${PAX}. Use the common way of directly calling
pax, it is created as tool after all.
|
|
|
|
Changes:
New
- skipping designated URL in spider. Use options to set the spider.
- auto update menu and periodic check for update (Windows and Linux
platform only).
Fix
- the use of new external library caused slower performance of proxy.
Restored to older library.
|
|
3.2.12
======
New
- Use newest external library for HTTP handling.
- enable/disable spider to POST forms in options panel to avoid
generating unwanted traffic (default to enable). This is requested
by many users.
- Decrease the number of possible combinations crawled by spider on
forms with multiple SELECT/OPTIONS. This make crawling less
resource consuming and lower chance to affect application being scanned.
- Minor UI changes.
Fix
- Fallback database library to previous version as in Paros 3.2.10
because of a problem with hsqldb where some byte combination may
consume 100% cpu time.
- Increase width of method display in history to cater for other
longer method names.
- Default file scans may display incorrect HTTP message body if the
original message is a POST request.
3.2.11
======
New
- Revamp History log panel.
- Added "tag..." in right-click pop-up window for History log panel. This
help to quickly identify a HTTP message in History display.
- Concurrent delete of multiple URL's in the site hierarchy (sf.net request
ID 1472300).
- Use of newest db library.
Fix
- For POST request, if the body contain binary parameters of certain pattern,
it may be unable to issue a re-send because URLDecode failed to decode
properly.
|
|
Changes:
- Tracking session state problem reported (previously only restart
can reset session state).
- Paros startup problem when added server authentication into
authentication panel.
- Authentnciation entry reappear even after deleted (when proxy
reloads).
|
|
need them, for example RESTRICTED and SUBST_MESSAGE.*.
|
|
|
|
Changes:
New
- Continuous browser display when selecting in History panel.
- Use final stable version of external library.
- Record working directory for all subsequent file access within
the same Paros instance.
- Improved spider capability to crawl forms with textarea and handle
links with "&"
- Improved check for cross-site script without bracket.
- Improved check for PHP error and MySQL.
- Improved blind sql check on double quotes.
Fix
- if request body contain certain binary bytes it may cause unnecessary
encoding and corrupt the request. Fixed to always submit contain
binary bytes.
- better handling of accepted-encoding.
|
|
Duh.
|
|
vulnerabilities.
A Java based HTTP/HTTPS proxy for assessing web application vulnerabilities.
It supports editing/viewing HTTP messages on-the-fly. Other features include
spiders, client certificate, proxy-chaining, intelligent scanning for XSS
and SQL injections and more.
|
