Demo Discussion

Forum Config Examples Contributions Vulnerabilities

Discussion forum about ELOG, Page 624 of 808  Not logged in

Find |  Login |  Help

Full | Summary | Threaded | Hide attachments     -- All entries -- Last day Last 3 Days Last week Last month Last 3 Months Last 6 Months Last Year -- Category -- Info Bug report Bug fix Question Request Comment Other  6457 Entries

Goto page Previous  1, 2, 3 ... 623, 624, 625 ... 806, 807, 808   Next

ID Date Icon Author Author Email Category OS ELOG Version Subject   1562   Thu Dec 22 01:17:12 2005   PJ Meyer pjm@pjmeyer.org Question   2.6 New docs? Just looked at change log for 2.6 was wondering where the documentation for the new additions/changes is/are.   1564   Thu Dec 22 08:58:25 2005   Stefan Ritt stefan.ritt@psi.ch Question   2.6 Re: New docs? PJ Meyer wrote: Just looked at change log for 2.6 was wondering where the documentation for the new additions/changes is/are. I usually keep http://midas.psi.ch/elog/config.html up-to-date, but I agree that it's a bit hard to find the additions there, that's why there is the change log The ELCode is described on a separate page, which can also be accessed by clicking on the ELCode link below the text box of the logbook entry page.   1607   Wed Jan 18 17:20:45 2006   Chris Warner christopher_warner@dcd.uscourts.gov Bug report Linux 2.6 Buffer Overflow? Users can access root level directories by using a modified URL. I saw on some security web sites that this was a problem in previous versions. Was it not fixed in 2.6? To recreate enter http://yourhost.yourdomain.com/../../../../etc/passwd view your password file in the browser. If this was previously reported, is there a fix? Chris Warner   1608   Thu Jan 19 10:31:05 2006   Stefan Ritt stefan.ritt@psi.ch Bug report Linux 2.6 Re: Buffer Overflow? Chris Warner wrote: Users can access root level directories by using a modified URL. I saw on some security web sites that this was a problem in previous versions. Was it not fixed in 2.6? To recreate enter http://yourhost.yourdomain.com/../../../../etc/passwd view your password file in the browser. If this was previously reported, is there a fix? Chris Warner Thanks for telling me, I didn't know. I was able to reproduce your problem under certain conditions, and I just released version 2.6.1 to fix it. However it has nothing to do with an old buffer overflow (see elog:941). I would strongly advise everybody to upgrade as soon as possible.   1615   Fri Jan 20 02:53:40 2006   Chris Warner christopher_warner@dcd.uscourts.gov Comment Linux 2.6 Re: Buffer Overflow? Stefan Ritt wrote: Chris Warner wrote: Users can access root level directories by using a modified URL. I saw on some security web sites that this was a problem in previous versions. Was it not fixed in 2.6? To recreate enter http://yourhost.yourdomain.com/../../../../etc/passwd view your password file in the browser. If this was previously reported, is there a fix? Chris Warner Thanks for telling me, I didn't know. I was able to reproduce your problem under certain conditions, and I just released version 2.6.1 to fix it. However it has nothing to do with an old buffer overflow (see elog:941). I would strongly advise everybody to upgrade as soon as possible. Thanks for the quick response!   1785   Mon Apr 3 16:31:37 2006   Steve Jones steve.jones@freescale.com Question All 2.6 Numerous questions that I am hoping to get a response on Stefan, I have several issues/questions that I am still hoping to get an answer on. Any chance? If you would rather you can send email to me directly. Thanks Steve   1786   Mon Apr 3 16:32:52 2006   Stefan Ritt stefan.ritt@psi.ch Question All 2.6 Re: Numerous questions that I am hoping to get a response on Steve Jones wrote: Stefan, I have several issues/questions that I am still hoping to get an answer on. Any chance? If you would rather you can send email to me directly. I'm pretty busy these days, since we have a deadline on April 18th. I started already working weekends, so not much time is left for ELOG. But I hope it will get better by the end of this month.   1787   Mon Apr 3 16:39:33 2006   Steve Jones steve.jones@freescale.com Question All 2.6 Re: Numerous questions that I am hoping to get a response on Steve Jones wrote: Stefan Ritt wrote: Steve Jones wrote: Stefan, I have several issues/questions that I am still hoping to get an answer on. Any chance? If you would rather you can send email to me directly. I'm pretty busy these days, since we have a deadline on April 18th. I started already working weekends, so not much time is left for ELOG. But I hope it will get better by the end of this month. I fully understand and appreciate your response!

Goto page Previous  1, 2, 3 ... 623, 624, 625 ... 806, 807, 808   Next

ELOG V3.1.5-3fb85fa6