head	1.7;
access;
symbols
	SHIELA_1_1_7:1.7
	SHIELA_1_1_6:1.6
	SHIELA_1_1_5:1.6
	SHIELA_1_1_4:1.6
	SHIELA_1_1_3:1.6
	SHIELA_1_1_2:1.5
	SHIELA_1_1_1:1.4
	SHIELA_1_1_0:1.4
	SHIELA_1_0_4:1.2
	SHIELA_1_0_3:1.2
	SHIELA_1_0_2:1.2
	SHIELA_1_0_1:1.2
	SHIELA_1_0_0:1.2
	SHIELA_0_9_2:1.1.1.1
	SHIELA_0_9_1:1.1.1.1
	SHIELA_0_9_0:1.1.1.1
	vendor:1.1.1;
locks; strict;
comment	@# @;


1.7
date	2006.07.25.13.00.52;	author rse;	state Exp;
branches;
next	1.6;
commitid	UTwOJP02yJXz4fGr;

1.6
date	2004.06.27.07.44.03;	author rse;	state Exp;
branches;
next	1.5;

1.5
date	2004.05.10.18.01.03;	author rse;	state Exp;
branches;
next	1.4;

1.4
date	2004.05.05.13.18.47;	author rse;	state Exp;
branches;
next	1.3;

1.3
date	2004.01.16.12.09.44;	author rse;	state Exp;
branches;
next	1.2;

1.2
date	2002.12.21.09.42.57;	author rse;	state Exp;
branches;
next	1.1;

1.1
date	2000.06.18.14.30.47;	author rse;	state Exp;
branches
	1.1.1.1;
next	;

1.1.1.1
date	2000.06.18.14.30.47;	author rse;	state Exp;
branches;
next	;


desc
@@


1.7
log
@Fix "arbitrary shell command execution" security bug caused by
missing shell command argument escaping for user supplied arguments.

Submitted by: Brian Caswell <bmc@@shmoo.com>, Sourcefire
@
text
@   _        ___  ____ ____  ____        _     _      _
  |_|_ _   / _ \/ ___/ ___||  _ \   ___| |__ (_) ___| | __ _
  _|_||_| | | | \___ \___ \| |_) | / __| '_ \| |/ _ \ |/ _` |
 |_||_|_| | |_| |___) |__) |  __/  \__ \ | | | |  __/ | (_| |
  |_|_|_|  \___/|____/____/|_|     |___/_| |_|_|\___|_|\__,_|

  OSSP shiela - Access Control and Logging Facility for CVS
  ____________________________________________________________________

  THANKS

  Credit has to be given to the following people who contributed ideas,
  stuff, bugfixes, hints etc. (in alphabetical order):

  o Denis Barbier               <barbier@@imacs.polytechnique.fr>
  o Brian Caswell               <bmc@@shmoo.com>
  o Markus Sander               <msander@@de.cw.com>
  o Michael Schloh v. Bennewitz <michael.schloh@@cw.com>
  o Christoph Schug             <chris@@schug.net>
  o Geoff Thorpe                <geoff@@geoffthorpe.net>

  ...and all other OSSP shiela users who gave me feedback but I've forgot.

@


1.6
log
@Fix determination of the line counts in the "Changes" field
by no longer announcing to the CVS server that OSSP shiela can
handle "MT" (message tagged) responses. The problem is CVS 1.12.x
starts to send some important responses as "MT" responses now and
OSSP shiela only accepts "M" responses.

Determined by: Geoff Thorpe <geoff@@geoffthorpe.net>
@
text
@d16 1
@


1.5
log
@Fixed two more warnings about undefined variables.

Submitted by: Michael Schloh von Bennewitz
@
text
@d19 1
@


1.4
log
@remove trailing whitespaces
@
text
@d15 4
a18 3
  o Denis Barbier            <barbier@@imacs.polytechnique.fr>
  o Markus Sander            <msander@@de.cw.com>
  o Christoph Schug          <chris@@schug.net>
@


1.3
log
@give credit where credit is due
@
text
@d2 1
a2 1
  |_|_ _   / _ \/ ___/ ___||  _ \   ___| |__ (_) ___| | __ _ 
d9 1
a9 1
  
@


1.2
log
@Consistently switch to the "OSSP shiela" branding.
@
text
@d17 1
@


1.1
log
@Initial revision
@
text
@d1 5
a5 5
   ____  _     _      _    
  / ___|| |__ (_) ___| | __ _
  \___ \| '_ \| |/ _ \ |/ _` |
   ___) | | | | |  __/ | (_| |
  |____/|_| |_|_|\___|_|\__,_|
d7 1
a7 1
  Shiela - Access Control and Logging Facility for CVS
d16 1
d18 1
a18 1
  ...and all other Shiela users who gave me feedback but I've forgot.
@


1.1.1.1
log
@Import of OSSP Shiela

@
text
@@