Mon, 28 Jun 2010 11:00:51 -0400 SECURITY: Multiple XSS in Special:ChangeStyle. Reported by Mesut Timur of Mavituna Security - thanks! 1.0.6pl2
Dan Fuhry <dan@enanocms.org> [Mon, 28 Jun 2010 11:00:51 -0400] rev 336
SECURITY: Multiple XSS in Special:ChangeStyle. Reported by Mesut Timur of Mavituna Security - thanks!
Mon, 28 Dec 2009 16:52:41 -0500 Fixed a couple non-security sanitizer and editor bugs
Dan [Mon, 28 Dec 2009 16:52:41 -0500] rev 335
Fixed a couple non-security sanitizer and editor bugs
Mon, 28 Dec 2009 12:19:47 -0500 Updated current-stable tag
Dan [Mon, 28 Dec 2009 12:19:47 -0500] rev 334
Updated current-stable tag
Mon, 24 Aug 2009 12:33:36 -0400 Stable release: Enano CMS 1.0.6pl1
Dan [Mon, 24 Aug 2009 12:33:36 -0400] rev 333
Stable release: Enano CMS 1.0.6pl1
Sat, 22 Aug 2009 13:31:09 -0400 Fixed lockup on unclosed HTML tags in wikiformat_process_block() 1.0.6pl1
Dan [Sat, 22 Aug 2009 13:31:09 -0400] rev 332
Fixed lockup on unclosed HTML tags in wikiformat_process_block()
Sat, 22 Aug 2009 13:30:39 -0400 Version bumped to v1.0.6pl1
Dan [Sat, 22 Aug 2009 13:30:39 -0400] rev 331
Version bumped to v1.0.6pl1
Fri, 21 Aug 2009 11:50:22 -0400 SECURITY: Comments: fix poor sanitization of subject on initial submit
Dan [Fri, 21 Aug 2009 11:50:22 -0400] rev 330
SECURITY: Comments: fix poor sanitization of subject on initial submit
Sat, 21 Mar 2009 18:58:41 -0400 Merging nighthawk and scribus branches
Dan [Sat, 21 Mar 2009 18:58:41 -0400] rev 329
Merging nighthawk and scribus branches
Sat, 21 Mar 2009 18:57:34 -0400 Fixed typo in function call to check for apache 2.2
Dan [Sat, 21 Mar 2009 18:57:34 -0400] rev 328
Fixed typo in function call to check for apache 2.2
Sun, 18 Jan 2009 18:59:29 -0500 Added license block to AmigaLink captcha engine and set this engine as the default; clarified licensing situation for this module in licenses/index.html
Dan [Sun, 18 Jan 2009 18:59:29 -0500] rev 327
Added license block to AmigaLink captcha engine and set this engine as the default; clarified licensing situation for this module in licenses/index.html
Sun, 18 Jan 2009 18:13:48 -0500 Updated current-stable tag
Dan [Sun, 18 Jan 2009 18:13:48 -0500] rev 326
Updated current-stable tag
Sun, 18 Jan 2009 18:11:42 -0500 Re-merged 1.0.6 tag
Dan [Sun, 18 Jan 2009 18:11:42 -0500] rev 325
Re-merged 1.0.6 tag
Sun, 18 Jan 2009 18:10:48 -0500 Continuation of previous commit in admin CP; EditSidebar: updated strings to be more accurate (thanks again Vadi)
Dan [Sun, 18 Jan 2009 18:10:48 -0500] rev 324
Continuation of previous commit in admin CP; EditSidebar: updated strings to be more accurate (thanks again Vadi)
Sun, 18 Jan 2009 18:10:21 -0500 Pageutils: Also delete page-specific ACL rules when deleting a page (thanks Vadi)
Dan [Sun, 18 Jan 2009 18:10:21 -0500] rev 323
Pageutils: Also delete page-specific ACL rules when deleting a page (thanks Vadi)
Sun, 18 Jan 2009 18:09:55 -0500 SECURITY: Enforce denied history_view on previous revisions
Dan [Sun, 18 Jan 2009 18:09:55 -0500] rev 322
SECURITY: Enforce denied history_view on previous revisions
Sun, 18 Jan 2009 18:09:08 -0500 Removed some crufty CSS classes in enano-shared (thanks Vadi)
Dan [Sun, 18 Jan 2009 18:09:08 -0500] rev 321
Removed some crufty CSS classes in enano-shared (thanks Vadi)
Sat, 17 Jan 2009 12:08:28 -0500 Stable release: Enano CMS 1.0.6 (Roane)
Dan [Sat, 17 Jan 2009 12:08:28 -0500] rev 320
Stable release: Enano CMS 1.0.6 (Roane)
Sat, 17 Jan 2009 11:57:02 -0500 Updated readme for Roane 1.0.6
Dan [Sat, 17 Jan 2009 11:57:02 -0500] rev 319
Updated readme for Roane
Sat, 17 Jan 2009 11:51:17 -0500 Rebrand as v1.0.6 (Roane)
Dan [Sat, 17 Jan 2009 11:51:17 -0500] rev 318
Rebrand as v1.0.6 (Roane)
Sat, 17 Jan 2009 11:32:52 -0500 Merging branches
Dan [Sat, 17 Jan 2009 11:32:52 -0500] rev 317
Merging branches
Sat, 17 Jan 2009 11:32:18 -0500 SECURITY: Fix XSS under IE in closing tags (shared sanitizer)
Dan [Sat, 17 Jan 2009 11:32:18 -0500] rev 316
SECURITY: Fix XSS under IE in closing tags (shared sanitizer)
Sat, 17 Jan 2009 11:31:45 -0500 Minor fix to OS detection in install
Dan [Sat, 17 Jan 2009 11:31:45 -0500] rev 315
Minor fix to OS detection in install
Sat, 29 Nov 2008 22:50:19 -0500 Plugins can now register their own custom actions for $_GET["do"]. (Backport from unstable)
Dan [Sat, 29 Nov 2008 22:50:19 -0500] rev 314
Plugins can now register their own custom actions for $_GET["do"]. (Backport from unstable)
Thu, 27 Nov 2008 10:57:50 -0500 Stable release: Enano CMS 1.0.5 (Ferrishyn)
Dan [Thu, 27 Nov 2008 10:57:50 -0500] rev 313
Stable release: Enano CMS 1.0.5 (Ferrishyn)
Thu, 27 Nov 2008 10:38:00 -0500 Remove some unused/obsolete release tags 1.0.5
Dan [Thu, 27 Nov 2008 10:38:00 -0500] rev 312
Remove some unused/obsolete release tags
Thu, 27 Nov 2008 10:26:49 -0500 [cosmetic only] lowercase release name in installer splash
Dan [Thu, 27 Nov 2008 10:26:49 -0500] rev 311
[cosmetic only] lowercase release name in installer splash
Thu, 27 Nov 2008 10:21:58 -0500 Made UX for Windows patch more pleasant including external documentation. Breaking change to dynamic download script.
Dan [Thu, 27 Nov 2008 10:21:58 -0500] rev 310
Made UX for Windows patch more pleasant including external documentation. Breaking change to dynamic download script.
Tue, 25 Nov 2008 22:08:00 -0500 Updated readme for Ferrishyn
Dan [Tue, 25 Nov 2008 22:08:00 -0500] rev 309
Updated readme for Ferrishyn
Fri, 07 Nov 2008 08:56:53 -0500 Fixed sanitization of full page IDs with accidental parse of escaped hex character in dirtify_page_id(). Thanks Asterion; see http://forum.enanocms.org/post/20/
Dan [Fri, 07 Nov 2008 08:56:53 -0500] rev 308
Fixed sanitization of full page IDs with accidental parse of escaped hex character in dirtify_page_id(). Thanks Asterion; see http://forum.enanocms.org/post/20/
Tue, 16 Sep 2008 08:20:14 -0400 Fixed IPv6 address match (the one from phpBB3 did not work)
Dan [Tue, 16 Sep 2008 08:20:14 -0400] rev 307
Fixed IPv6 address match (the one from phpBB3 did not work)
Wed, 10 Sep 2008 06:57:54 -0400 Fixed SQL parse errors caused by conversion to \r\n by some FTP/zip clients (hackish workaround that isn't Enano's fault)
Dan [Wed, 10 Sep 2008 06:57:54 -0400] rev 306
Fixed SQL parse errors caused by conversion to \r\n by some FTP/zip clients (hackish workaround that isn't Enano's fault)
Fri, 22 Aug 2008 01:05:42 -0400 Forgot to update, merging heads from nighthawk and scribus
Dan [Fri, 22 Aug 2008 01:05:42 -0400] rev 305
Forgot to update, merging heads from nighthawk and scribus
Fri, 22 Aug 2008 01:04:20 -0400 Redid tags to match version numbers; only latest release will be tagged as such from now on. Hopefully Mercurial registers this.
Dan [Fri, 22 Aug 2008 01:04:20 -0400] rev 304
Redid tags to match version numbers; only latest release will be tagged as such from now on. Hopefully Mercurial registers this.
Sun, 17 Aug 2008 08:38:15 -0400 Upgrade from 1.0.4 -> 1.0.5 now tolerates errors in user -> user_id transition in tags table
Dan [Sun, 17 Aug 2008 08:38:15 -0400] rev 303
Upgrade from 1.0.4 -> 1.0.5 now tolerates errors in user -> user_id transition in tags table
Tue, 05 Aug 2008 14:02:26 -0400 Tagging revision 290 (72ecb951b313) as release, it was never done before.
Dan [Tue, 05 Aug 2008 14:02:26 -0400] rev 302
Tagging revision 290 (72ecb951b313) as release, it was never done before.
Tue, 05 Aug 2008 14:02:18 -0400 Backported customizable 404 page from unstable (thanks Vadi); made customizable 404 page have a {STANDARD404} variable available to allow embedding the "default" 404 content.
Dan [Tue, 05 Aug 2008 14:02:18 -0400] rev 301
Backported customizable 404 page from unstable (thanks Vadi); made customizable 404 page have a {STANDARD404} variable available to allow embedding the "default" 404 content.
Mon, 04 Aug 2008 11:44:20 -0400 RNG now uses /dev/urandom instead of /dev/random to fix slowdowns during login. Potentially not as secure, but speed problems on some servers were of blocker severity.
Dan [Mon, 04 Aug 2008 11:44:20 -0400] rev 300
RNG now uses /dev/urandom instead of /dev/random to fix slowdowns during login. Potentially not as secure, but speed problems on some servers were of blocker severity.
Thu, 26 Jun 2008 21:00:25 -0400 Merging scribus and nighthawk branches
Dan [Thu, 26 Jun 2008 21:00:25 -0400] rev 299
Merging scribus and nighthawk branches
Thu, 26 Jun 2008 20:59:57 -0400 Fixed jBox hover event reference to undefined object
Dan [Thu, 26 Jun 2008 20:59:57 -0400] rev 298
Fixed jBox hover event reference to undefined object
Thu, 26 Jun 2008 20:59:23 -0400 Fixed E_STRICT under PHP 5 and 6 (reference operator in instanciation)
Dan [Thu, 26 Jun 2008 20:59:23 -0400] rev 297
Fixed E_STRICT under PHP 5 and 6 (reference operator in instanciation)
Thu, 12 Jun 2008 10:58:48 -0400 Merging in page['visible'] patch from unstable, pages marked as invisible should now be omitted from searches
Dan [Thu, 12 Jun 2008 10:58:48 -0400] rev 296
Merging in page['visible'] patch from unstable, pages marked as invisible should now be omitted from searches
Fri, 09 May 2008 23:33:11 -0400 Tagging latest revision as rebrand
Dan [Fri, 09 May 2008 23:33:11 -0400] rev 295
Tagging latest revision as rebrand
Fri, 09 May 2008 23:32:51 -0400 Rebrand as 1.0.5 (Ferrishyn)
Dan [Fri, 09 May 2008 23:32:51 -0400] rev 294
Rebrand as 1.0.5 (Ferrishyn)
Fri, 09 May 2008 23:32:00 -0400 Fixed (again) the user -> user_id transition in enano_tags table
Dan [Fri, 09 May 2008 23:32:00 -0400] rev 293
Fixed (again) the user -> user_id transition in enano_tags table
Sun, 13 Apr 2008 17:03:15 -0400 Fixed aclScopeSel control in Safari/KHTML
Dan [Sun, 13 Apr 2008 17:03:15 -0400] rev 292
Fixed aclScopeSel control in Safari/KHTML
Sun, 13 Apr 2008 17:02:42 -0400 Added enforced warning about PHP4
Dan [Sun, 13 Apr 2008 17:02:42 -0400] rev 291
Added enforced warning about PHP4
Sun, 16 Mar 2008 21:08:37 -0400 Filled and updated out the README for 1.0.4 1.0.4
Dan [Sun, 16 Mar 2008 21:08:37 -0400] rev 290
Filled and updated out the README for 1.0.4
Sat, 15 Mar 2008 16:34:28 -0400 Backporting cron fixes from unstable
Dan [Sat, 15 Mar 2008 16:34:28 -0400] rev 289
Backporting cron fixes from unstable
(0) -300 -100 -48 tip