Patch |
File delta |
Description |
01 fontsreadme.patch | (download) |
t3lib/fonts/readme.txt |
3 3 + 0 - 0 !
1 file changed, 3 insertions(+) |
---
|
02 remove jsmin dfsg.patch | (download) |
t3lib/class.t3lib_div.php |
23 12 + 11 - 0 !
1 file changed, 12 insertions(+), 11 deletions(-) |
---
|
03 add source for mediaplayer swfs.patch | (download) |
typo3/contrib/flashmedia/src/flvplayer.as |
424 424 + 0 - 0 !
typo3/contrib/flashmedia/src/player/audio-player.flp |
5 5 + 0 - 0 !
typo3/contrib/flashmedia/src/player/control.as |
494 494 + 0 - 0 !
typo3/contrib/flashmedia/src/player/emff.as |
230 230 + 0 - 0 !
4 files changed, 1153 insertions(+) |
upstream changes introduced in version 4.5.0+dfsg1~beta2-1
This patch has been created by dpkg-source during the package build.
Here's the last changelog entry, hopefully it gives details on why
those changes were made:
.
typo3-src (4.5.0+dfsg1~beta2-1) experimental; urgency=low
.
* New upstream release.
* Added source for player.swf and flvplayer.swf (see #591969).
.
The person named in the Author field signed this changelog entry.
|
04 SecBull TYPO3 CORE SA 2011 001.patch | (download) |
t3lib/class.t3lib_befunc.php |
25 17 + 8 - 0 !
t3lib/class.t3lib_lock.php |
10 7 + 3 - 0 !
t3lib/class.t3lib_tcemain.php |
2 1 + 1 - 0 !
t3lib/class.t3lib_tstemplate.php |
2 1 + 1 - 0 !
t3lib/class.t3lib_userauth.php |
4 3 + 1 - 0 !
typo3/class.browse_links.php |
8 4 + 4 - 0 !
typo3/contrib/RemoveXSS/RemoveXSS.php |
8 4 + 4 - 0 !
typo3/index.php |
19 14 + 5 - 0 !
typo3/sysext/cms/tslib/class.tslib_adminpanel.php |
2 1 + 1 - 0 !
typo3/sysext/cms/tslib/class.tslib_content.php |
5 3 + 2 - 0 !
typo3/sysext/cms/tslib/class.tslib_fe.php |
2 1 + 1 - 0 !
typo3/sysext/cms/tslib/showpic.php |
2 1 + 1 - 0 !
typo3/sysext/css_styled_content/static/setup.txt |
11 5 + 6 - 0 !
typo3/sysext/felogin/flexform.xml |
4 2 + 2 - 0 !
typo3/sysext/felogin/pi1/locallang.xml |
2 1 + 1 - 0 !
typo3/sysext/recycler/classes/helper/class.tx_recycler_helper.php |
4 2 + 2 - 0 !
typo3/sysext/recycler/classes/view/class.tx_recycler_view_deletedRecords.php |
6 3 + 3 - 0 !
typo3/wizard_colorpicker.php |
2 1 + 1 - 0 !
typo3/wizard_tsconfig.php |
2 1 + 1 - 0 !
19 files changed, 72 insertions(+), 48 deletions(-) |
---
|
05 SecBull TYPO3 CORE SA 2011 003.patch | (download) |
typo3/sysext/cms/tslib/class.tslib_fe.php |
4 2 + 2 - 0 !
1 file changed, 2 insertions(+), 2 deletions(-) |
[patch] [bugfix] disabling the cache does not work on invalid chash value
|
06 SecBull TYPO3 CORE SA 2012 001.patch | (download) |
t3lib/class.t3lib_beuserauth.php |
2 1 + 1 - 0 !
typo3/contrib/RemoveXSS/RemoveXSS.php |
2 1 + 1 - 0 !
typo3/file_rename.php |
4 2 + 2 - 0 !
typo3/show_item.php |
26 13 + 13 - 0 !
typo3/sysext/about/mod/index.php |
6 4 + 2 - 0 !
typo3/sysext/cms/layout/class.tx_cms_layout.php |
2 1 + 1 - 0 !
typo3/sysext/css_styled_content/static/setup.txt |
1 1 + 0 - 0 !
typo3/sysext/css_styled_content/static/v3.8/setup.txt |
1 1 + 0 - 0 !
typo3/sysext/css_styled_content/static/v3.9/setup.txt |
1 1 + 0 - 0 !
typo3/sysext/css_styled_content/static/v4.2/setup.txt |
1 1 + 0 - 0 !
typo3/sysext/scheduler/mod1/index.php |
3 2 + 1 - 0 !
11 files changed, 28 insertions(+), 21 deletions(-) |
---
|
07 SecBull TYPO3 CORE SA 2012 002.patch | (download) |
t3lib/error/class.t3lib_error_debugexceptionhandler.php |
4 2 + 2 - 0 !
t3lib/error/class.t3lib_error_productionexceptionhandler.php |
2 1 + 1 - 0 !
2 files changed, 3 insertions(+), 3 deletions(-) |
---
|
08 SecBull TYPO3 CORE SA 2012 004.patch | (download) |
t3lib/class.t3lib_div.php |
11 2 + 9 - 0 !
t3lib/class.t3lib_tceforms.php |
4 3 + 1 - 0 !
t3lib/class.t3lib_tceforms_inline.php |
2 1 + 1 - 0 !
t3lib/codec/class.t3lib_codec_javascriptencoder.php |
189 189 + 0 - 0 !
t3lib/core_autoload.php |
3 2 + 1 - 0 !
typo3/contrib/RemoveXSS/RemoveXSS.php |
92 60 + 32 - 0 !
typo3/sysext/cms/tslib/class.tslib_content.php |
2 1 + 1 - 0 !
typo3/sysext/indexed_search/modfunc2/class.tx_indexedsearch_modfunc2.php |
2 1 + 1 - 0 !
typo3/sysext/lowlevel/config/index.php |
6 6 + 0 - 0 !
typo3/sysext/scheduler/examples/class.tx_scheduler_testtask_additionalfieldprovider.php |
2 1 + 1 - 0 !
typo3/view_help.php |
27 24 + 3 - 0 !
11 files changed, 290 insertions(+), 50 deletions(-) |
---
|
09 SecBull TYPO3 CORE SA 2012 005.patch | (download) |
t3lib/class.t3lib_befunc.php |
14 12 + 2 - 0 !
typo3/class.show_rechis.inc |
161 140 + 21 - 0 !
2 files changed, 152 insertions(+), 23 deletions(-) |
fixes typo3-sa-2012-5 (#692775)
|
10 SecBull TYPO3 CORE SA 2013 001.patch | (download) |
t3lib/class.t3lib_div.php |
14 8 + 6 - 0 !
typo3/sysext/cms/tslib/class.tslib_content.php |
21 12 + 9 - 0 !
typo3/sysext/cms/tslib/class.tslib_fe.php |
25 23 + 2 - 0 !
typo3/sysext/extbase/Classes/Persistence/Storage/Typo3DbBackend.php |
19 12 + 7 - 0 !
4 files changed, 55 insertions(+), 24 deletions(-) |
fixes typo3-sa-2013-1 (#702574)
|
11 SecBull TYPO3 CORE SA 2013 004.patch | (download) |
t3lib/class.t3lib_formmail.php |
4 2 + 2 - 0 !
typo3/alt_doc.php |
6 3 + 3 - 0 !
typo3/mod/tools/em/class.em_index.php |
211 129 + 82 - 0 !
typo3/sysext/cms/tslib/class.tslib_content.php |
12 8 + 4 - 0 !
typo3/sysext/cms/tslib/media/scripts/fe_adminLib.inc |
30 22 + 8 - 0 !
typo3/sysext/extbase/Classes/MVC/Controller/ActionController.php |
6 0 + 6 - 0 !
typo3/sysext/openid/class.tx_openid_eid.php |
14 13 + 1 - 0 !
typo3/sysext/openid/sv1/class.tx_openid_sv1.php |
21 9 + 12 - 0 !
typo3/wizard_add.php |
4 2 + 2 - 0 !
typo3/wizard_colorpicker.php |
4 2 + 2 - 0 !
typo3/wizard_forms.php |
37 35 + 2 - 0 !
typo3/wizard_rte.php |
7 5 + 2 - 0 !
typo3/wizard_table.php |
37 36 + 1 - 0 !
13 files changed, 266 insertions(+), 127 deletions(-) |
fixes typo3-sa-2013-4 (#731999)
Includes these patches:
[SECURITY] Unsafe unserialize of GET parameter in Add-Wizard
[SECURITY] Remove possible XSS from ActionController Error output
[SECURITY] Fix open redirection in openid extension
[SECURITY] Information Disclosure in Wizards
[SECURITY] XSS in colorpicker wizard
[SECURITY] XSS in header link of all content elements
[SECURITY] Prevent editor controlled hmac content
[SECURITY] feuser_adminLib.inc allows to set arbitrary fields
[SECURITY] XSS vulnerability in extension manager
|