[aur-dev] AUR 1.8.1 released
Loui Chang
louipc.ist at gmail.com
Sat Mar 12 08:05:46 EST 2011
On Wed 09 Mar 2011 18:08 +0100, Lukas Fleischer wrote:
> We've just released 1.8.1 [1]! :)
>
> This one's primarily a bug fix release. It improves blacklist handling
> and promotes full InnoDB conversion, including some database schema
> cleanups.
>
> IMPORTANT: It also contains a fix for a potential SQL injection
> vulnerability - all maintainers of AUR setups are encouraged to upgrade,
> soon! Thanks to Dan for pointing this out and for providing patches for
> this a lot more.
>
> Other changes include:
>
> * Per-user session limits (FS#12898, defaulting to 8 sessions per user).
> * Searching for non-out-of-date packages (fixes FS#17896).
> * Packages with subdirectories are rejected (fixes FS#22995).
> * Automatic adoption when updating an orphan package (fixes FS#22992).
> * ZIP bomb protection (fixes FS#22991).
>
> Check the Git log [2] for a complete list.
>
> The official Arch Linux AUR setup [3] will be upgraded soon!
>
> [1] http://projects.archlinux.org/aur.git/commit/?id=29b2f3b3
> [2] http://projects.archlinux.org/aur.git/log/?id=29b2f3b3
> [3] https://aur.archlinux.org/
Thanks. Nice work. :D
More information about the aur-dev
mailing list