[cyber] I: 4.0/branch packages: +2 (6855)

Сб Авг 7 01:53:26 UTC 2010

	2 UPDATED packages

typo3-dummy - Dummy site for TYPO3
* Fri Aug 06 2010 Michael Shigorin <mike на altlinux> 4.2.14-alt0.M40.1
- 4.2.14: regression fixes for important security fixes in 4.2.13
- 4.2.13: major/medium security fixes:
  + several XSS in backend (valid backend login required)
  + open redirection in backend (valid backend login required)
  + SQL injection in some backend record editing forms
    (special backend login/configuration required)
  + arbitrary code execution depending on server configuration
    (valid backend login required to upload .phtml)
  + webroot path disclosure possible with defective extensions
  + Extension Manager: XSS and arbitrary file access
    (valid backend admin login required)
  + form content element data check failure (spam abuse)
  + header injection with jumpurl feature
  + frontend login box: open redirection, XSS
  + install tool: session fixation
  + t3lib_htmlmail includes the exact CMS version in headers
* Sat Jul 04 2009 Michael Shigorin <mike на altlinux> 4.2.8-alt0.M40.1

typo3_src - A free, feature rich, Content Management Framework/System
* Fri Aug 06 2010 Michael Shigorin <mike на altlinux> 4.2.14-alt0.M40.1
- 4.2.14
* Sat Jul 04 2009 Michael Shigorin <mike на altlinux> 4.2.8-alt0.M40.1

Total 6855 source packages.