Dotclear


Ignore:
Files:
3 edited

Legend:

Unmodified
Added
Removed

  • .hgtags

    r3317 r3379  
    3131d23a41b088d94d55829a1644eedcc16f626d03ce 2.10.1 
    3232e8ad524d494dfbff909875b953db9f945a0f999c 2.10.2 
     33e4744a9b44d89e52cd5038da93f8453f62a62a4f 2.10.3 

  • CHANGELOG

    r3316 r3377  
     1Dotclear 2.10.3 - 2016-11-01 
     2=========================================================== 
     3* Security: Fix CVE-2016-7903: Password Reset Address Spoof — Thank's Hongkun Zeng for report 
     4* Security: Fix CVE-2016-7902: Media Manager, unrestricted File Upload — Thank's Hongkun Zeng for report 
     5* CSP: Cope with external sources used in editor's iframe to preview public external content 
     6* Fix: Cope with post.post_position field during flat import 
     7* Fix: Prevents precondition failed during currently activated theme update 
     8* Fix: Remove unecessary header (cope by dotclear) in page plugin 
     9* Fix: Let some proxies playing with standard http and https ports 
     10* Fix: Let SSL runs through a proxy, it may be ok, sometimes 
     11* 🐛 → Various bugs and typos fixed 
     12 
    113Dotclear 2.10.2 - 2016-08-17 
    214=========================================================== 

  • admin/auth.php

    r3352 r3358  
    8888          $recover_key = $core->auth->setRecoverKey($user_id,$user_email); 
    8989 
    90           $subject = mail::B64Header('DotClear '.__('Password reset')); 
     90          $subject = mail::B64Header('Dotclear '.__('Password reset')); 
    9191          $message = 
    9292          __('Someone has requested to reset the password for the following site and username.')."\n\n". 
     
    113113          $recover_res = $core->auth->recoverUserPassword($akey); 
    114114 
    115           $subject = mb_encode_mimeheader('DotClear '.__('Your new password'),'UTF-8','B'); 
     115          $subject = mb_encode_mimeheader('Dotclear '.__('Your new password'),'UTF-8','B'); 
    116116          $message = 
    117117          __('Username:').' '.$recover_res['user_id']."\n". 
     
    119119          preg_replace('/\?(.*)$/','',$page_url); 
    120120 
    121           $headers[] = 'From: dotclear@'.$_SERVER['HTTP_HOST']; 
     121          $headers[] = 'From: '.(defined('DC_ADMIN_MAILFROM') && DC_ADMIN_MAILFROM ? DC_ADMIN_MAILFROM : 'dotclear@local'); 
    122122          $headers[] = 'Content-Type: text/plain; charset=UTF-8;'; 
    123123 
Note: See TracChangeset for help on using the changeset viewer.

Sites map