From 63eeae3357b94edfdd5b652fd97fe878403be9f8 Mon Sep 17 00:00:00 2001
From: Derek Jones
Date: Tue, 10 Feb 2009 19:08:56 +0000
Subject: Changed the algorithm used in _reset_post_array() to no longer rely
on eval(), plugging an arbitrary script execution hole
http://codeigniter.com/bug_tracker/bug/6068/
---
user_guide/changelog.html | 1 +
1 file changed, 1 insertion(+)
(limited to 'user_guide')
diff --git a/user_guide/changelog.html b/user_guide/changelog.html
index 457db56a1..63eb75ccd 100644
--- a/user_guide/changelog.html
+++ b/user_guide/changelog.html
@@ -64,6 +64,7 @@ SVN Revision:
- Libraries
+ - Fixed an arbitrary script execution security flaw (#6068) in the Form Validation library (thanks to hkk)
- Changed default current page indicator in the Pagination library to use <strong> instead of <b>
- A "HTTP/1.1 400 Bad Request" header is now sent when disallowed characters are encountered.
- Added <big>, <small>, <q>, and <tt> to the Typography parser's inline elements.
--
cgit v1.2.3-24-g4f1b