[aur-dev] AUR 1.8.1 released

Lukas Fleischer archlinux at cryptocrack.de
Wed Mar 9 12:08:35 EST 2011

We've just released 1.8.1 [1]! :)

This one's primarily a bug fix release. It improves blacklist handling
and promotes full InnoDB conversion, including some database schema

IMPORTANT: It also contains a fix for a potential SQL injection
vulnerability - all maintainers of AUR setups are encouraged to upgrade,
soon! Thanks to Dan for pointing this out and for providing patches for
this a lot more.

Other changes include:

* Per-user session limits (FS#12898, defaulting to 8 sessions per user).
* Searching for non-out-of-date packages (fixes FS#17896).
* Packages with subdirectories are rejected (fixes FS#22995).
* Automatic adoption when updating an orphan package (fixes FS#22992).
* ZIP bomb protection (fixes FS#22991).

Check the Git log [2] for a complete list.

The official Arch Linux AUR setup [3] will be upgraded soon!

[1] http://projects.archlinux.org/aur.git/commit/?id=29b2f3b3
[2] http://projects.archlinux.org/aur.git/log/?id=29b2f3b3
[3] https://aur.archlinux.org/

More information about the aur-dev mailing list