Dotclear


Ignore:
Files:
3 edited

Legend:

Unmodified
Added
Removed

  • .hgtags

    r3379 r3317  
    3131d23a41b088d94d55829a1644eedcc16f626d03ce 2.10.1 
    3232e8ad524d494dfbff909875b953db9f945a0f999c 2.10.2 
    33 e4744a9b44d89e52cd5038da93f8453f62a62a4f 2.10.3 

  • CHANGELOG

    r3377 r3316  
    1 Dotclear 2.10.3 - 2016-11-01 
    2 =========================================================== 
    3 * Security: Fix CVE-2016-7903: Password Reset Address Spoof — Thank's Hongkun Zeng for report 
    4 * Security: Fix CVE-2016-7902: Media Manager, unrestricted File Upload — Thank's Hongkun Zeng for report 
    5 * CSP: Cope with external sources used in editor's iframe to preview public external content 
    6 * Fix: Cope with post.post_position field during flat import 
    7 * Fix: Prevents precondition failed during currently activated theme update 
    8 * Fix: Remove unecessary header (cope by dotclear) in page plugin 
    9 * Fix: Let some proxies playing with standard http and https ports 
    10 * Fix: Let SSL runs through a proxy, it may be ok, sometimes 
    11 * 🐛 → Various bugs and typos fixed 
    12  
    131Dotclear 2.10.2 - 2016-08-17 
    142=========================================================== 

  • admin/auth.php

    r3358 r3352  
    8888          $recover_key = $core->auth->setRecoverKey($user_id,$user_email); 
    8989 
    90           $subject = mail::B64Header('Dotclear '.__('Password reset')); 
     90          $subject = mail::B64Header('DotClear '.__('Password reset')); 
    9191          $message = 
    9292          __('Someone has requested to reset the password for the following site and username.')."\n\n". 
     
    113113          $recover_res = $core->auth->recoverUserPassword($akey); 
    114114 
    115           $subject = mb_encode_mimeheader('Dotclear '.__('Your new password'),'UTF-8','B'); 
     115          $subject = mb_encode_mimeheader('DotClear '.__('Your new password'),'UTF-8','B'); 
    116116          $message = 
    117117          __('Username:').' '.$recover_res['user_id']."\n". 
     
    119119          preg_replace('/\?(.*)$/','',$page_url); 
    120120 
    121           $headers[] = 'From: '.(defined('DC_ADMIN_MAILFROM') && DC_ADMIN_MAILFROM ? DC_ADMIN_MAILFROM : 'dotclear@local'); 
     121          $headers[] = 'From: dotclear@'.$_SERVER['HTTP_HOST']; 
    122122          $headers[] = 'Content-Type: text/plain; charset=UTF-8;'; 
    123123 
Note: See TracChangeset for help on using the changeset viewer.

Sites map