--- - branch: MAIN date: Tue Dec 10 15:22:20 UTC 2013 files: - new: '1.3' old: '1.2' path: pkgsrc/www/typo3_61/Makefile pathrev: pkgsrc/www/typo3_61/Makefile@1.3 type: modified - new: '1.3' old: '1.2' path: pkgsrc/www/typo3_61/distinfo pathrev: pkgsrc/www/typo3_61/distinfo@1.3 type: modified id: 20131210T152220Z.30dd3d4187dcf9f130a9eb9ddb23b682967653cb log: "Update typo3_61 package to 6.1.7 (TYPO3 6.1.7).\n\n- Fix multiple vulnerabilities in TYPO3 CMS:\n\thttp://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2013-004/\n\n2013-12-10 \ afbadea [RELEASE] Release of TYPO3 6.1.7 (TYPO3 Release Team)\n2013-12-10 \ 7481971 #31206 [SECURITY] XSS in header link of all content elements (Anja Leichsenring)\n2013-12-10 cb8db28 #42772 [SECURITY] XSS in colorpicker wizard (Marcus Krause)\n2013-12-10 2d29894 #45043 [SECURITY] Prevent editor controlled hmac content (Franz G. Jahn)\n2013-12-10 dca9c88 #48691 [SECURITY] XSS in backend user adminstration (Marc Bastian Heinrichs)\n2013-12-10 450e5d3 \ #41714 [SECURITY] Information Disclosure in Wizards (Helmut Hummel)\n2013-12-10 \ 7e7f9e3 #54099 [SECURITY] Fix open redirection in openid extension (Helmut Hummel)\n2013-12-10 ad11945 #36768 [SECURITY] XSS in be_layout wizard (Anja Leichsenring)\n2013-12-10 18e0491 #47086 [SECURITY] XSS in beuser VH (Anja Leichsenring)\n2013-12-10 cbbeefd #54074 [SECURITY] Remove possible XSS from ActionController Error output (Anja Leichsenring)\n2013-12-10 \ 163947a #54073 [SECURITY] Unsafe unserialize of GET parameter in Add-Wizard (Steffen Ritter)\n2013-12-02 d21a628 #54124 [BUGFIX] ClientUtility does not detect Internet Explorer 11 (Stefan Neufeind)\n2013-12-02 e538020 #54117 \ [BUGFIX] Add missing namespacing for calling GeneralUtility (Stefan Neufeind)\n2013-11-29 3a66a0e #42651 [BUGFIX] ext:adodb Restrict connection wizard to admins (Christian Kuhn)\n" module: pkgsrc subject: 'CVS commit: pkgsrc/www/typo3_61' unixtime: '1386688940' user: taca