Mercurial > gftp.yaz

diff ChangeLog @ 666:8ff1c1647b95

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
2005-1-18 Brian Masney <masneyb@gftp.org> * lib/protocols.c (gftp_get_next_file) - if the remote server sends a path with the filename, then strip the path off of the filename. If the path didn't match the current directory, then give the user a warning. A malicious server could change the path of the downloaded by adding /../ to the path
author masneyb
date Wed, 19 Jan 2005 01:56:48 +0000
parents 2d3ea4db3106
children 6b6fbcf76d00
line wrap: on
line diff
--- a/ChangeLog	Mon Jan 17 20:58:21 2005 +0000
+++ b/ChangeLog	Wed Jan 19 01:56:48 2005 +0000
@@ -1,3 +1,10 @@
+2005-1-18 Brian Masney <masneyb@gftp.org>
+	* lib/protocols.c (gftp_get_next_file) - if the remote server sends a
+	path with the filename, then strip the path off of the filename. If the
+	path didn't match the current directory, then give the user a warning.
+	A malicious server could change the path of the downloaded by adding
+	/../ to the path
+
 2005-1-16 Brian Masney <masneyb@gftp.org>
 	* configure.in lib/Makefile.am src/gtk/Makefile.am src/text/Makefile.am
 	lib/fsp.c - added FSP to the build system
@@ -3224,7 +3231,7 @@
 
 	* cvsclean - added this script
 
-	* *.[ch] - added $Id: ChangeLog,v 1.393 2005/01/16 16:15:04 masneyb Exp $ tags
+	* *.[ch] - added $Id: ChangeLog,v 1.394 2005/01/19 01:56:48 masneyb Exp $ tags
 
 	* debian/* - updated files from Debian maintainer