tag name | v1.1.0 (4f91f8c3518e4b49a28ad88a25dbce38e853b611) |
tag date | 2011-12-05 18:58:56 -0800 |
tagged by | Eric Wong <normalperson@yhbt.net> |
tagged object | commit a1c4506c01... |
download | clogger-1.1.0.tar.gz |
---|
clogger 1.1.0 - more escaping!
This release fixes potential vulnerabilities when escape sequences are viewed in certain terminals. The 0x7F-0xFF byte range is escaped to match behavior of nginx 1.0.9+, as some character sets may have escape characters in that range. $cookie_* values are now escaped to be consistent with the behavior of the $http_cookie value. All users of $cookie_* in their log format must upgrade (of course there may be no Clogger users other than myself, and I don't use $cookie_*)