Log Message: |
- new version 1.30.3
- fixes CVE-2017-7203 Cross-Site Scripting (XSS)
- fixes CVE-2017-5367 Multiple reflected XSS
- fixes CVE-2017-5595 File disclosure and inclusion vulnerability (patch merged upstream)
- fixes CVE-2016-10204 SQL injection vulnerability
- fixes CVE-2016-10205 Session fixation vulnerability
- fixes CVE-2017-5368, CVE-2016-10206 CRSF mitigation
- new Require: php-apcu
- CRSF Magic enabled by default
- mk-tar script added to create tarball with git submodules included
- Fixes Mga#20215 (The above multiple CVEs)
|