Many hyperlinks are disabled.
Use anonymous login
to enable hyperlinks.
50 check-ins occurring around 2017-07-21 04:22:57.
|
2017-08-12
| ||
| 18:47 | Enhance the ssh:// URL to be cautious about the fossil= query parameter. Only commands "fossil" and "echo" (with an optional path) are accepted. check-in: cb43937d8c user: drh tags: trunk | |
| 18:34 | Also disallow wildcard characters in blob_append_escape_arg(). check-in: d5b015946d user: drh tags: trunk | |
| 18:30 | Disallow the ';' character in blob_append_escape_arg(). check-in: 3bbac57534 user: drh tags: trunk | |
| 18:24 | Fix another problem with the needEscape computation in blob_append_escaped_arg() check-in: 9eea719af6 user: drh tags: trunk | |
| 18:22 | The windows test macro is "_WIN32" without a trailing "_". check-in: 49ae1785a6 user: drh tags: trunk | |
| 18:20 | Fix the needEscape calculation in blob_append_escaped_arg(). check-in: 9690d370e0 user: drh tags: trunk | |
| 18:15 | Change the shell_escape() procedure into blob_append_escaped_arg(). Have that procedure raise a fatal error if the argument to be appended contains dodgy characters that might pose a security risk. Also, prepend "./" in front of arguments that begin with "-" to prevent them from looking like switches. check-in: 3b191c984b user: drh tags: trunk | |
| 16:20 | Avoid another attack vector when using SSH sync protocol by not calling a shell interpreter. Fixes only Unix-like environments by using execvp() instead of a string that can be mishandled by /bin/sh. Superseded by [3b191c984b] &co. Closed-Leaf check-in: ce7baa9798 user: andybradford tags: ssh-shell-cleanup | |
| 04:19 | Typo correction check-in: 45a3d4b167 user: andygoth tags: trunk | |
|
2017-08-11
| ||
| 16:00 | Increase the version number to 2.4 and update the change log. check-in: 3ebbe7bcaa user: drh tags: trunk | |
| 15:29 | Fix the SSH sync protocol to avoid "ssh" command-line option injection attacks such as those fixed in Git 2.14.1, Mercurial 4.2.3, and Subversion 1.9.7. As "ssh://" URLs cannot be buried out of sight in Fossil, the vulnerability does not appear to be as severe as in those other systems. check-in: 1f63db591c user: drh tags: trunk | |
|
2017-08-07
| ||
| 20:22 | Hyperlinks to the SSL versions of the website. Redirect to the local unversioned source for the "precompiled binaries" link on the homepage. check-in: b130b64cb4 user: drh tags: trunk | |
|
2017-08-06
| ||
| 23:48 | Restore end-of-line spaces used to demonstrate mid-paragraph line break in markdown.md. The spaces were removed by [23895c7b99] which appeared to clean house on end-of-line whitespace in addition to its documented purpose. check-in: 1e491f6cc5 user: andygoth tags: trunk | |
| 23:32 | Document Markdown tables (never knew this feature existed), and improve consistency of formatting check-in: 6f69ccdc69 user: andygoth tags: trunk | |
|
2017-08-05
| ||
| 04:17 | Enable processing of versioned manifest setting when creating zips and tarballs outside of an open checkout directory check-in: da23bec780 user: andygoth tags: trunk | |
| 03:45 | Simplify manifest generation logic in zip page check-in: b9de60427a user: andygoth tags: trunk | |
| 03:23 | Correct the /doc page to support read-only repositories check-in: 95edba6534 user: andygoth tags: trunk | |
|
2017-07-31
| ||
| 17:42 | Update the built-in SQLite to the 4th release candidate for 3.20.0. check-in: 2a615bed11 user: drh tags: trunk | |
|
2017-07-28
| ||
| 19:41 | (cherry-pick): Fix a problem with markdown rendering for "code". check-in: dad3706248 user: jan.nijtmans tags: branch-2.3 | |
| 18:41 | Fix a problem with markdown rendering for "code". check-in: 04de083ec8 user: drh tags: trunk | |
| 00:49 | Update the built-in SQLite to the 3rd 3.20.0 release candidate. check-in: 8ffba76b73 user: drh tags: trunk | |
|
2017-07-25
| ||
| 15:38 | Better error checking in the mkversion utility program used during the build process. check-in: 8b9ce19e38 user: drh tags: trunk | |
| 14:38 | Update the selfhosting information to talk about the new www3.fossil-scm.org. check-in: 5698492fbb user: drh tags: trunk | |
|
2017-07-24
| ||
| 14:26 | Update the built-in SQLite to the second 3.20.0 release candidate. check-in: c45b8f4534 user: drh tags: trunk | |
|
2017-07-21
| ||
| 04:22 | Improve UI based test documentation with minor corrections to requirements and URLs. check-in: 0a2be0648b user: andybradford tags: trunk | |
| 03:19 | Version 2.3 - the 10th anniversary release check-in: f7914bfdfa user: drh tags: trunk, release, version-2.3 | |
|
2017-07-20
| ||
| 18:25 | Fixed commit-warning.test broken by addition of the bootstrap skin which includes a file with long lines that generated a new warning. check-in: ae83b2137f user: rberteig tags: trunk | |
|
2017-07-15
| ||
| 13:55 | Update the built-in SQLite to the first 3.20.0 release candidate. check-in: 4872a58be2 user: drh tags: trunk | |
|
2017-07-14
| ||
| 20:47 | Mention support for HTML-style comments in Markdown reference check-in: bfc29fb372 user: andygoth tags: trunk | |
|
2017-07-13
| ||
| 10:24 | merge trunk check-in: 548fabe73c user: jan.nijtmans tags: openssl-1.1 | |
| 10:22 | Update top OpenSSL 1.0.2l. Minor (harmless) compiler warnings in mkversion and codecheck1 (-Wall) check-in: 23895c7b99 user: jan.nijtmans tags: trunk | |
|
2017-07-12
| ||
| 18:55 | Remove an unused variable from the security audit webpage. check-in: 7c0b971437 user: drh tags: trunk | |
| 18:34 | Reword the header to the /fileage page to avoid disputes of commas. check-in: 74bc515d36 user: drh tags: trunk | |
| 18:08 | Update to the latest SQLite from upstream and make other changes, all to silence a few utterly harmless compiler warnings about incompletely initialized structures. check-in: 2f225b821f user: drh tags: trunk | |
| 16:57 | Be careful not to return a pointer to a webpage generator as a command-line command method. check-in: 38df2a4544 user: drh tags: trunk | |
| 11:03 | merge trunk (without SQLite update to 3.20.0 beta, but WITH support for tab-completion in the SQL shell) Closed-Leaf check-in: 107cfe0204 user: jan.nijtmans tags: fossil-2.3-with-older-SQLite | |
| 03:02 | Fix a typo on the security audit webpage. check-in: 35f712d4d8 user: drh tags: trunk | |
| 02:49 | More documentation about what the --verbose flag does for "fossil info". check-in: 9167b2d64a user: drh tags: trunk | |
|
2017-07-11
| ||
| 14:35 | Update the built-in SQLite to the latest 3.20.0 beta, including support for tab-completion in the SQL shell. check-in: a314178a81 user: drh tags: trunk | |
|
2017-07-10
| ||
| 18:19 | A minor fix for the Xekri Skin check-in: b1a7527b73 user: zakero tags: trunk | |
| 18:12 | Fixed a mouseover problem in the Xekri skin that was found by Jungle Boogie. Closed-Leaf check-in: 773f9ba75c user: zakero tags: skin-xekri-fileage-fix | |
| 14:37 | test-markdown-render and test-wiki-render command don't require to be inside a checkout. check-in: 1ba3c91994 user: mgagnon tags: trunk | |
|
2017-07-09
| ||
| 00:51 | Document italic+bold Markdown check-in: 9e67b8ab23 user: andygoth tags: trunk | |
|
2017-07-08
| ||
| 20:42 | Improve built-in Markdown reference documentation to describe more features I long wished Markdown had but just now discovered it already does check-in: 3bfdafe4aa user: andygoth tags: trunk | |
| 13:35 | An empty username on a U card is translated into "anonymous". check-in: 23d45ff9ce user: drh tags: trunk | |
| 11:01 | In the "last change" report, show the user as "anonymous" if the EVENT.USER field is NULL or an empty string. (Later:) Removed from trunk because a better solution is to not store empty strings in the EVENT.USER field in the first place. Closed-Leaf check-in: 970adec0fe user: drh tags: mistake | |
|
2017-07-07
| ||
| 19:18 | Avoid appending to g.zPath inside doc_page() loop. Instead, wait until the loop is done to modify g.zPath. When doing a directory lookup, the check-in and directory name were being repeatedly appended to g.zPath each step through the list of possible filename suffixes. This corrupted <base href> should index.html not exist, which in turn broke r... check-in: 956d4901a9 user: andygoth tags: trunk | |
| 12:59 | Merge trunk. Upgrade to OpenSSL 1.1.0f. Note that this branch only adapts the Windows buildfiles, no source-code or anything else, since Openssl 1.1.0 is (almost, not significant for fossil) upwards compatible. check-in: 4a516fb72c user: jan.nijtmans tags: openssl-1.1 | |
|
2017-07-06
| ||
| 15:32 | Fix typo in auto.def Merge trunk check-in: 10c7e0fcea user: jan.nijtmans tags: fossil-2.3-with-older-SQLite | |
|
2017-07-05
| ||
| 13:00 | In the timeline graph rendering code, hard-code the topRow value in the generated javascript. check-in: e76f3bbe45 user: drh tags: trunk | |