Subversion Repositories ALCASAR

Rev

Rev 2328 | Go to most recent revision | Show entire file | Ignore whitespace | Details | Blame | Last modification | View Log

Rev 2328 Rev 2333
Line 1... Line 1...
1 
# $Id: CHANGELOG 2328 2017-07-11 12:44:01Z tom.houdayer $
 1 
# $Id: CHANGELOG 2333 2017-07-11 16:25:45Z tom.houdayer $
2 
 
 2 
 
3 
********** ALCASAR CHANGELOG **********
 3 
********** ALCASAR CHANGELOG **********
4 
 
 4 
 
5 
-------------------- 3.1.3 --------------------
 5 
-------------------- 3.1.3 --------------------
6 
NEWS
 6 
NEWS
Line 17... Line 17...
17 
	- New ACC menu (with JS instead of PHP reload).
 17 
	- New ACC menu (with JS instead of PHP reload).
18 
	- Add option to allow unsecure login for user interception.
 18 
	- Add option to allow unsecure login for user interception.
19 
 
 19 
 
20 
BUGS
 20 
BUGS
21 
	- Display info field for DHCP static equipment
 21 
	- Display info field for DHCP static equipment
- 
 
 22 
	- Fix bug which the encrypted password is printed in a random column in the ACC user editor.
22 
 
 23 
 
23 
SECU
 24 
SECU
24 
	- Rename Fail2Ban rule "alcasar_acc-htdigest" to "alcasar_acc" (iptables does not support long name).
 25 
	- Rename Fail2Ban rule "alcasar_acc-htdigest" to "alcasar_acc" (iptables does not support long name).
25 
	- Remove '/usr/bin/openssl' sudo privilege for 'apache' user.
 26 
	- Remove '/usr/bin/openssl' sudo privilege for 'apache' user.
26 
	- Escape exec() parameters in ACC to prevent RCE attacks.
 27 
	- Escape exec() parameters in ACC to prevent RCE attacks.