diff options
| author | Jason Unovitch <junovitch@FreeBSD.org> | 2017-01-06 03:18:20 +0000 |
|---|---|---|
| committer | Jason Unovitch <junovitch@FreeBSD.org> | 2017-01-06 03:18:20 +0000 |
| commit | 147a47fef2a9308c27a907b4c5f6a7017b287ac7 (patch) | |
| tree | 4811e886767313036dd76efdb2a62ad238a62e4e /security | |
| parent | 81b9a5e7216b9bf43594c4d376e977fa0ce36a73 (diff) | |
| download | freebsd-ports-147a47fef2a9308c27a907b4c5f6a7017b287ac7.zip | |
Document security issues fixed in CodeIgniter 3.1.0 and 3.1.2
Note the security issue in CodeIgniter 3.1.1 is documented being valid on
PHP 5.3 only.
Security: https://vuxml.FreeBSD.org/freebsd/5e439ee7-d3bd-11e6-ae1b-002590263bf5.html
Security: https://vuxml.FreeBSD.org/freebsd/496160d3-d3be-11e6-ae1b-002590263bf5.html
Diffstat (limited to 'security')
| -rw-r--r-- | security/vuxml/vuln.xml | 53 |
1 files changed, 53 insertions, 0 deletions
diff --git a/security/vuxml/vuln.xml b/security/vuxml/vuln.xml index 8644ffe3a349..0302c27da338 100644 --- a/security/vuxml/vuln.xml +++ b/security/vuxml/vuln.xml @@ -58,6 +58,59 @@ Notes: * Do not forget port variants (linux-f10-libxml2, libxml2, etc.) --> <vuxml xmlns="http://www.vuxml.org/apps/vuxml-1"> + <vuln vid="496160d3-d3be-11e6-ae1b-002590263bf5"> + <topic>codeigniter -- multiple vulnerabilities</topic> + <affects> + <package> + <name>codeigniter</name> + <range><lt>3.1.2</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml"> + <p>The CodeIgniter changelog reports:</p> + <blockquote cite="https://www.codeigniter.com/user_guide/changelog.html"> + <p>Fixed a number of new vulnerabilities in Security Library method + xss_clean().</p> + </blockquote> + </body> + </description> + <references> + <url>https://www.codeigniter.com/user_guide/changelog.html</url> + </references> + <dates> + <discovery>2016-10-28</discovery> + <entry>2017-01-06</entry> + </dates> + </vuln> + + <vuln vid="5e439ee7-d3bd-11e6-ae1b-002590263bf5"> + <topic>codeigniter -- multiple vulnerabilities</topic> + <affects> + <package> + <name>codeigniter</name> + <range><lt>3.1.0</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml"> + <p>The CodeIgniter changelog reports:</p> + <blockquote cite="https://www.codeigniter.com/user_guide/changelog.html"> + <p>Fixed an SQL injection in the ‘odbc’ database driver.</p> + <p>Updated set_realpath() Path Helper function to filter-out php:// + wrapper inputs.</p> + </blockquote> + </body> + </description> + <references> + <url>https://www.codeigniter.com/user_guide/changelog.html</url> + </references> + <dates> + <discovery>2016-07-26</discovery> + <entry>2017-01-06</entry> + </dates> + </vuln> + <vuln vid="eafa3aec-211b-4dd4-9b8a-a664a3f0917a"> <topic>w3m -- multiple vulnerabilities</topic> <affects> |