From: Janusz Dobrowolski <janusz@frontaccounting.eu>
Date: Thu, 11 Nov 2010 10:00:07 +0000 (+0000)
Subject: Fixed multiply where cluese in db_pager and two other implode vulnerabilities.
X-Git-Tag: v2.4.2~19^2~497
X-Git-Url: https://delta.frontaccounting.com/gitweb/?a=commitdiff_plain;h=8ba9f97814a47b45a57d8206ea909d56878be88a;p=fa-stable.git

Fixed multiply where cluese in db_pager and two other implode vulnerabilities.
---

diff --git a/CHANGELOG.txt b/CHANGELOG.txt
index 8d4bf60a..77f65cc3 100644
--- a/CHANGELOG.txt
+++ b/CHANGELOG.txt
@@ -19,6 +19,13 @@ Legend:
 ! -> Note
 $ -> Affected files
 
+11-Nov-2010 Janusz Dobrowolski
+# Fixed slq_gen for multiply extra wghere clauses
+$ /includes/db_pager.inc
+# Fixed implode injection vulnerabilities.
+$ /includes/db/crm_contacts_db.inc
+  /sales/includes/db/cust_trans_details_db.inc
+
 10-Nov-2010 Janusz Dobrowolski
 # Additional fix for setting local_path_to_root in find_custom_file()
 $ /includes/main.inc
@@ -273,7 +280,7 @@ $ /purchasing/includes/supp_trans_class.inc
   /purchasing/view/view_supp_credit.php
   /gl/includes/db/gl_db_trans.inc
 
-06-Oct-2010 Jusz Dobrowolski
+06-Oct-2010 Janusz Dobrowolski
 # Fixed gettext for extension links.
 $ /reporting/includes/reports_classes.inc
 ! Added helper for gettext domain switching