Tue, 12 Jul 2011 22:13:37 -0400 |
Dan Fuhry |
SECURITY: Fixed several XSS vulns reported by Secunia, mostly in Private Messaging. Also backported CSRF protection API from 1.1.x, and protected Private Messaging and logout functions.
|
file |
diff |
annotate
|
Mon, 28 Jun 2010 11:00:51 -0400 |
Dan Fuhry |
SECURITY: Multiple XSS in Special:ChangeStyle. Reported by Mesut Timur of Mavituna Security - thanks!
1.0.6pl2
|
file |
diff |
annotate
|
Sat, 17 Jan 2009 11:51:17 -0500 |
Dan |
Rebrand as v1.0.6 (Roane)
|
file |
diff |
annotate
|
Thu, 28 Feb 2008 12:33:01 -0500 |
Dan |
Rebrand as 1.0.4 (Ellyyllon)
|
file |
diff |
annotate
|
Fri, 01 Feb 2008 22:31:57 -0500 |
Dan |
Made all captcha fields case-insensitive (thanks pkeating)
|
file |
diff |
annotate
|
Sun, 20 Jan 2008 23:18:03 -0500 |
Dan |
Fixed broken regenCaptcha() in Special:Register
|
file |
diff |
annotate
|
Tue, 18 Dec 2007 23:47:33 -0500 |
Dan |
Merging in a few stray changes from the MySQL branch
|
file |
diff |
annotate
|
Tue, 18 Dec 2007 23:44:55 -0500 |
Dan |
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
|
file |
diff |
annotate
|
Sat, 15 Dec 2007 18:11:59 -0500 |
Dan |
Set Content-type on AJAX login key request to application/json to hopefully block ad injection
|
file |
diff |
annotate
|
Wed, 12 Dec 2007 21:37:23 -0500 |
Dan |
Rebrand as 1.0.3 (Dyrad)
|
file |
diff |
annotate
|
Sun, 25 Nov 2007 17:53:03 -0500 |
Dan |
Fixed highlighting in search results; changed search algorithm to give more score for terms found in page title; hopefully (hackishly) fixed login_key_cache getting too long
|
file |
diff |
annotate
|
Sat, 24 Nov 2007 00:53:23 -0500 |
Dan |
Fixed a number of issues with SQL query readability and some undefined index-ish errors; consequently the SQL report feature was added
|
file |
diff |
annotate
|
Sun, 18 Nov 2007 18:44:55 -0500 |
Dan |
Major fixes to the ban system - large IP match lists don't slow down the server miserably anymore.
|
file |
diff |
annotate
|
Sat, 17 Nov 2007 20:31:01 -0500 |
Dan |
Major improvements in the security of the CAPTCHA system (no SQL injection or anything like that); fixed denied form submission due to _af_acting on form object wrongly switched to true
|
file |
diff |
annotate
|