[aur-dev] AUR 1.8.1 released
Lukas Fleischer
archlinux at cryptocrack.de
Wed Mar 9 12:08:35 EST 2011
We've just released 1.8.1 [1]! :)
This one's primarily a bug fix release. It improves blacklist handling
and promotes full InnoDB conversion, including some database schema
cleanups.
IMPORTANT: It also contains a fix for a potential SQL injection
vulnerability - all maintainers of AUR setups are encouraged to upgrade,
soon! Thanks to Dan for pointing this out and for providing patches for
this a lot more.
Other changes include:
* Per-user session limits (FS#12898, defaulting to 8 sessions per user).
* Searching for non-out-of-date packages (fixes FS#17896).
* Packages with subdirectories are rejected (fixes FS#22995).
* Automatic adoption when updating an orphan package (fixes FS#22992).
* ZIP bomb protection (fixes FS#22991).
Check the Git log [2] for a complete list.
The official Arch Linux AUR setup [3] will be upgraded soon!
[1] http://projects.archlinux.org/aur.git/commit/?id=29b2f3b3
[2] http://projects.archlinux.org/aur.git/log/?id=29b2f3b3
[3] https://aur.archlinux.org/
More information about the aur-dev
mailing list