[Demexp-dev] Re: [demexp-fr] demexp 0.6.3
Oops, I forgot to give attribution to bugs in changelog and announcement. I hate that. David MENTRE <[EMAIL PROTECTED]> writes: > - (bug) it was impossible to create an empty base with root account >without activating autotest mode; Bug found by Thomas PETAZZONI. > - (security issue) anybody could change the public/private status of a >question. Bug found by Frederic LEHOBEY. Yours, d. -- pub 1024D/A3AD7A2A 2004-10-03 David MENTRE <[EMAIL PROTECTED]> 5996 CC46 4612 9CA4 3562 D7AC 6C67 9E96 A3AD 7A2A ___ Demexp-dev mailing list Demexp-dev@nongnu.org http://lists.nongnu.org/mailman/listinfo/demexp-dev
Re: [Demexp-dev] Problem with preference saving ?
Hello, Thomas Petazzoni <[EMAIL PROTECTED]> writes: > Anyway, I think that a proper fix would involve > throwing an exception in io.ml when the bases cannot be loaded, and in > demexp-server.ml, when this exception is catched, initialize a default > participant base. This bug is now fixed. I have used a much simpler scheme that the one you proposed: the empty participant base (with root access) is created at server startup and is overwritten if a .dmxp file is loaded. Yours, d. -- pub 1024D/A3AD7A2A 2004-10-03 David MENTRE <[EMAIL PROTECTED]> 5996 CC46 4612 9CA4 3562 D7AC 6C67 9E96 A3AD 7A2A ___ Demexp-dev mailing list Demexp-dev@nongnu.org http://lists.nongnu.org/mailman/listinfo/demexp-dev
Re: [Demexp-dev] While hacking with David
Frederic Lehobey <[EMAIL PROTECTED]> writes: > 1/ Anybody (even anonymous) can change public / private status of the > question (this huge hole is understood and practically solved). :) This security issue is now fixed is latest stable release. Yours, d. -- pub 1024D/A3AD7A2A 2004-10-03 David MENTRE <[EMAIL PROTECTED]> 5996 CC46 4612 9CA4 3562 D7AC 6C67 9E96 A3AD 7A2A ___ Demexp-dev mailing list Demexp-dev@nongnu.org http://lists.nongnu.org/mailman/listinfo/demexp-dev
[Demexp-dev] demexp 0.6.3
Hello/Bonjour, [ Français en dessous ] A new version of demexp is out, it fixes one bug and one security issue: - (bug) it was impossible to create an empty base with root account without activating autotest mode; - (security issue) anybody could change the public/private status of a question. The new 0.6.3 is available at usual places. [ English above ] Une nouvelle version de demexp est sortie. Elle corrige un bug et un trou de sécurité: - (bug) il était impossible de créer une base vierge avec le compte root sans compiler en mode autotest ; - (sécurité) n'importe qui pouvait changer le statut privé/public d'une question. La nouvelle version 0.6.3 est disponible aux endroits habituels. Yours/Amicalemement, d. -- pub 1024D/A3AD7A2A 2004-10-03 David MENTRE <[EMAIL PROTECTED]> 5996 CC46 4612 9CA4 3562 D7AC 6C67 9E96 A3AD 7A2A ___ Demexp-dev mailing list Demexp-dev@nongnu.org http://lists.nongnu.org/mailman/listinfo/demexp-dev