- Jun 30, 2015
-
-
Gerrit Uitslag authored
-
- May 14, 2015
-
-
Eduard Díaz authored
-
- Apr 16, 2015
-
-
Tomas Darius Davainis authored
-
- Feb 24, 2015
-
-
Andreas Gohr authored
Security Fix Severity: Medium Type: Remote Priviledge Escalation Remote: yes Vulnerability Details: This fixes a security hole in the ACL plugins remote API component. The plugin failed to check for superuser permissions before executing ACL addition or deletion. This means everybody with permissions to call the XMLRPC API also had permissions to set up their own ACL rules and thus circumventing any existing rules. Risk Assessment: The XMLRPC API in DokuWiki is marked experimental and off by default. It also implements an additional safeguard by giving access to a configured circle of users and groups only. So only a minor number of DokuWiki installations will be affected at all. For affected installations the risk is high if users with access to the API are not to be trusted. Thus the overall severity of medium. Resolution: Installations applying this commit are safe. A hotfix is about to be released. Meanwhile users are advised to disable the XMLRPC API in the config manager.
-
- Jan 14, 2015
-
-
KeenRivals authored
-
- Dec 30, 2014
-
-
Marian Banica authored
-
- Dec 13, 2014
-
-
Jaroslav Lichtblau authored
-
- Oct 15, 2014
-
-
Yadav Gowda authored
-
- Oct 01, 2014
-
-
Gerrit Uitslag authored
many PHPDocs some unused variables some dynamically declared variables declared
-
- Sep 29, 2014
-
-
Gerrit Uitslag authored
-
- Sep 16, 2014
-
-
Schplurtz le Déboulonné authored
-
- Aug 02, 2014
-
-
Anika Henke authored
-
- Jul 12, 2014
-
-
Yuthana Tantirungrotechai authored
-
- Jul 10, 2014
-
-
Davor Turkalj authored
-
- May 30, 2014
-
-
Aivars Miška authored
-
- May 15, 2014
-
-
Gerrit Uitslag authored
-
- Apr 26, 2014
-
-
Myeongjin authored
-
- Apr 22, 2014
-
-
Myeongjin authored
-
- Mar 13, 2014
-
-
Janar Leas authored
-
Janar Leas authored
-
- Mar 12, 2014
-
-
Janar Leas authored
-
- Mar 11, 2014
-
-
Aleksandr Selivanov authored
-
- Mar 08, 2014
-
-
Janar Leas authored
-
- Mar 06, 2014
-
-
Janar Leas authored
-
- Mar 05, 2014
-
-
Christopher Smith authored
-
Christopher Smith authored
-
- Jan 24, 2014
-
-
Andreas Gohr authored
our translation interface used to submit empty files for a while but no longer does, so these can go
-
- Dec 30, 2013
-
-
Ivan Peltekov authored
-
- Dec 19, 2013
-
-
Dương Văn Hoàng authored
-
- Dec 06, 2013
-
-
Myeongjin authored
-
- Dec 03, 2013
-
-
zamroni authored
-
- Nov 25, 2013
-
-
Garam authored
-
- Nov 24, 2013
-
-
Tomasz Bosak authored
-
Thomas Juberg authored
-
Otto Vainio authored
-
Rami Lehti authored
-
- Nov 13, 2013
-
-
- Oct 28, 2013
-
-
Ahmad Abd-Elghany authored
-
Andreas Gohr authored
-
- Oct 25, 2013
-
-
Remon authored
-
