From 904a338fd93ca603418f192d4ed915c6c1d87375 Mon Sep 17 00:00:00 2001 From: taca Date: Mon, 24 Nov 2014 13:30:49 +0000 Subject: Update contao33 to 3.3.7, security release. Version 3.3.7 (2014-11-24) -------------------------- ### Fixed Fixed a potential directory traversal vulnerability. ### Fixed Fixed a severe XSS vulnerability. In this context, the insert tag flags `base64_encode` and `base64_decode` have been removed. ### Fixed Handle nested insert tags in strip_insert_tags(). ### Fixed Correctly store the model in Dbafs::addResource() (see #7440). ### Fixed Send the request token when toggling the visibility of an element (see #7406). ### Fixed Always apply the IE security fix in the Environment class (see #7453). ### Fixed Correctly handle archives being part of multiple RSS feeds (see #7398). ### Fixed Correctly handle `0` in utf8_convert_encoding() (see #7403). ### Fixed Send a 301 redirect to forward to the language root page (see #7420). --- www/contao/Makefile.common | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'www/contao') diff --git a/www/contao/Makefile.common b/www/contao/Makefile.common index 5e01c4e4f72..3c13ff2bd61 100644 --- a/www/contao/Makefile.common +++ b/www/contao/Makefile.common @@ -1,11 +1,11 @@ -# $NetBSD: Makefile.common,v 1.84 2014/11/24 13:29:08 taca Exp $ +# $NetBSD: Makefile.common,v 1.85 2014/11/24 13:30:49 taca Exp $ # # used by www/contao32/Makefile # used by www/contao33/Makefile # current release CT32_VERSION= 3.2.16 -CT33_VERSION= 3.3.6 +CT33_VERSION= 3.3.7 CT_VERS?= 32 -- cgit v1.2.3