File _patchinfo of Package patchinfo.7111

<patchinfo incident="7111">
  <issue id="1053267" tracker="bnc">VUL-0: fossil: potential XSS vulnerability on the /help webpage</issue>
  <category>security</category>
  <rating>moderate</rating>
  <packager>rmax</packager>
  <description>This update for fossil to version 2.3 fixes the following issues:
 
- Potential XSS vulnerability on the /help webpage (boo#1053267)

This update also contains all upstream improvements and fixes in version 2.3:

- Update internal Unicode character tables, used in regular expression handling, from version 9.0 to 10.0.
- Show the last-sync-URL on the /urllist page
- Added the "Event Summary" activity report
- Added the "Security Audit" page, available to administrators only
- Added the Last Login time to the user list page, for administrators only
- Added the --numstat option to the fossil diff command
- Limit the size of the heap and stack on unix systems, as a proactive defense against the Stack Clash attack
- Fix "database locked" warnings caused by "PRAGMA optimize"
- Documentation updates
</description>
  <summary>Security update for fossil</summary>
</patchinfo>
Places

File _patchinfo of Package patchinfo.7111

Places
