Fri, 22 Feb 2008 12:51:53 -0500 | Dan | Merging fixes and updates from stable branch | file | diff | annotate |
Sat, 19 Jan 2008 00:47:52 -0500 | Dan | Not sure if $taboo was getting sanitized or not. Possibly an SQL injection vulnerability that allows maliciously crafted group names to inject SQL at a later date when the group CP is loaded. Unconfirmed, theoretical fix. | file | diff | annotate |
Mon, 18 Feb 2008 16:27:28 -0500 | Dan | Started (but disabled) work on the new theme manager, 1.1.2 is being released with this thing halfway done. | file | diff | annotate |