Package: gosa / 2.7.4+reloaded2-1+deb8u2
Metadata
Package | Version | Patches format |
---|---|---|
gosa | 2.7.4+reloaded2-1+deb8u2 | 3.0 (quilt) |
Patch series
view the series filePatch | File delta | Description |
---|---|---|
0001_smarty3.patch | (download) |
gosa-core/html/index.php |
1 1 + 0 - 0 ! |
more smarty3 robustness |
0002_style robustness.patch | (download) |
gosa-core/include/functions.inc |
5 5 + 0 - 0 ! |
make generated image styles more robust |
0003_xss vulnerability on login screen.patch | (download) |
gosa-core/html/index.php |
2 1 + 1 - 0 ! |
escape html entities to fix xss at the login screen |
0004_fix get post.patch | (download) |
gosa-core/include/functions.inc |
2 1 + 1 - 0 ! |
fix get_post for non-strings |
0005_fix password expiry status.patch | (download) |
gosa-core/plugins/personal/posix/class_posixAccount.inc |
2 1 + 1 - 0 ! |
fix expiration status when shadowmax is used |
0006_code injection in samba hash generation.patch | (download) |
gosa-core/include/class_core.inc |
2 1 + 1 - 0 ! |
[patch] (see #1221) udpate samba hash generation due to a possible code injection command line parameter will be passed base64 encoded to avoid complex escaping sequences that may alter the initial passphrase git-svn-id: https://oss.gonicus.de/repositories/gosa/trunk@21280 594d385d-05f5-0310-b6e9-bd551577e9d8 |
0007_update sambaHashHook description.patch | (download) |
gosa-core/contrib/gosa.conf.5 |
4 2 + 2 - 0 ! |
[patch] (see #1221) update sambaHashHook description git-svn-id: https://oss.gonicus.de/repositories/gosa/trunk@21281 594d385d-05f5-0310-b6e9-bd551577e9d8 |
1001_fix mass ldapimport.patch | (download) |
ldapmanager/addons/ldapmanager/class_csvimport.inc (arbeidskopi) |
14 11 + 3 - 0 ! |
fix ldap mass import. |
1002_trim decrypt.patch | (download) |
gosa-core/include/functions.inc |
2 1 + 1 - 0 ! |
decryption of ldap password fails (encrypted with gosa-encrypt-passwords) Abstract: The decryption of the LDAP password (which has been encrypted by gosa-encrypt-passwords) seems to fail. . When trying to login at the GOsa web interface, an error regarding the LDAP connection happens ('Error while connecting to LDAP: Could not bind to ... '). . After copying gosa.conf.orig to gosa.conf (with read permissions for group www-data), things work again as expected. . So the decryption of the LDAP password which has been encrypted by running gosa-encrypt-passwords does not seem to work. |
1003_RequestHeader no underscores apache24.patch | (download) |
gosa-core/bin/gosa-encrypt-passwords |
2 1 + 1 - 0 ! |
don't use underscores in request header variables Andreas B. Mundt <andi.mundt@web.de> Since Apache2.4: Translation of headers to environment variables is more strict than before to mitigate some possible cross-site-scripting attacks via header injection. Headers containing invalid characters (including underscores) are now silently dropped. |
1004_fix typos in man pages.patch | (download) |
gosa-core/contrib/gosa.conf.5 |
16 8 + 8 - 0 ! |
fix typos and hyphen-used-as-minus-sign issues in man pages |
1009_fix insertDhcp icon in dhcp section overview.patch | (download) |
gosa-core/include/functions.inc |
15 8 + 7 - 0 ! |
fix label extraction from image paths |
1010_fix entry removal in mail plugin.patch | (download) |
mail/admin/groups/mail/class_groupMail.inc |
6 3 + 3 - 0 ! |
fix entry removal in mail plugin |
1011_define isPluginModified.patch | (download) |
gosa-core/include/class_tabs.inc |
1 1 + 0 - 0 ! |
define undefined usertabs::$ispluginmodified |
1012_allow one level domains in email addresses.patch | (download) |
gosa-core/include/utils/class_tests.inc |
4 2 + 2 - 0 ! |
allow one-level domains in email addresses |
2001_fix smarty location.patch | (download) |
gosa-core/include/php_setup.inc |
6 5 + 1 - 0 ! |
adapt location for debian packaged smarty |
2002_fix template location.patch | (download) |
gosa-core/include/functions.inc |
2 1 + 1 - 0 ! |
fix location of configuration template. |
2003_fix class mapping.patch | (download) |
gosa-core/include/class_config.inc |
4 2 + 2 - 0 ! |
fix location of auto-generated class mapping file |
2004_fix locale location.patch | (download) |
gosa-core/include/php_setup.inc |
2 1 + 1 - 0 ! |
fixed location of auto-generated locales |
2005_no image warning.patch | (download) |
gosa-core/update-gosa |
2 1 + 1 - 0 ! |
don't throw warnings in update-gosa on already existing image files |
2006_sasl password change.patch | (download) |
gosa-core/include/password-methods/class_password-methods-sasl.inc |
2 0 + 2 - 0 ! |
handle sasl password change correctly |
2007_gen uids like gosa26.patch | (download) |
gosa-core/include/functions.inc |
2 1 + 1 - 0 ! |
re-instate gosa 2.6 uid-from-fullname generation |
2008_enable csv import on clean installs.patch | (download) |
gosa-core/contrib/gosa.conf |
2 2 + 0 - 0 ! |
enable csv/ldif import on clean installs |
2009_allow Debian blends to override gosa conf.patch | (download) |
gosa-core/include/class_config.inc |
15 15 + 0 - 0 ! |
debian edu and debian lan take care of maintaining its own version of gosa.conf |