comparison flys-artifacts/ChangeLog @ 2098:8284c8fca840

Removed security problem when working with map infos. flys-artifacts/trunk@3650 c6561f87-3c4e-4783-a992-168aeb5c3f6f
author Sascha L. Teichmann <sascha.teichmann@intevation.de>
date Wed, 11 Jan 2012 11:54:16 +0000
parents a18ec861b4a4
children 925c88ecb842
comparison
equal deleted inserted replaced
2097:a18ec861b4a4 2098:8284c8fca840
1 2012-01-11 Sascha L. Teichmann <sascha.teichmann@intevation.de>
2
3 * src/main/java/de/intevation/flys/artifacts/services/MapInfoService.java:
4 Removed XPath injection security hole. A serious one because it allowed
5 inspecting the conf.xml file ... with all the db passwords.
6
1 2012-01-11 Sascha L. Teichmann <sascha.teichmann@intevation.de> 7 2012-01-11 Sascha L. Teichmann <sascha.teichmann@intevation.de>
2 8
3 * src/main/java/de/intevation/flys/artifacts/services/MapInfoService.java, 9 * src/main/java/de/intevation/flys/artifacts/services/MapInfoService.java,
4 src/main/java/de/intevation/flys/exports/XYChartGenerator.java: 10 src/main/java/de/intevation/flys/exports/XYChartGenerator.java:
5 Removed superfluous imports. 11 Removed superfluous imports.

http://dive4elements.wald.intevation.org