Supybot.markdown: add fixing commits

Closes #7
This commit is contained in:
Mikaela Suomalainen 2015-01-04 11:01:20 +02:00
parent 8f031ea911
commit 724b1f2644

View File

@ -25,6 +25,8 @@ where ! is the prefix character.
Misc is loaded by default and cannot be unloaded without modifying the Misc is loaded by default and cannot be unloaded without modifying the
config. config.
* [Limnoria issue #157](https://github.com/ProgVal/Limnoria/issues/157)
* Fixing commits: [3526d5d](https://github.com/ProgVal/Limnoria/commit/3526d5dabf587457a43af8bee8d4db21986e8222) & [e11dc28](https://github.com/ProgVal/Limnoria/commit/e11dc28025de877b1b6cf059013eef88337b7e44)
* [Ubuntu bug #996947](https://bugs.launchpad.net/ubuntu/+source/supybot/+bug/996947) * [Ubuntu bug #996947](https://bugs.launchpad.net/ubuntu/+source/supybot/+bug/996947)
* [Debian bug #672214](https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=672214) * [Debian bug #672214](https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=672214)
@ -42,6 +44,8 @@ For example:
This requires Math plugin which comes with Supybot, but isn't load by This requires Math plugin which comes with Supybot, but isn't load by
default. default.
* [Limnoria issue #354](https://github.com/ProgVal/Limnoria/issues/354)
* Fixing commit: [695078e](https://github.com/ProgVal/Limnoria/commit/695078edeb91e5ff1eec728fedf0e0c27b55c505)
* [Ubuntu bug #996950](https://bugs.launchpad.net/ubuntu/+source/supybot/+bug/996950) * [Ubuntu bug #996950](https://bugs.launchpad.net/ubuntu/+source/supybot/+bug/996950)
* [Debian bug 672215](https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=672215) * [Debian bug 672215](https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=672215)
@ -55,6 +59,9 @@ account, take over a channel by telling the bot to give flags
(if it has correct flags), change password of the account and everything (if it has correct flags), change password of the account and everything
else what you do with network services. else what you do with network services.
* *This was only reported at IRC and I am unable to find issue report
or fixing commit. ~~Mikaela on 2015-01-04.*
### 4. Web page with special characters in \<title\> can be used to send DCC/CTCP commands. ### 4. Web page with special characters in \<title\> can be used to send DCC/CTCP commands.
This doesn't mean only things like CTCP actions (also known as /me), This doesn't mean only things like CTCP actions (also known as /me),
@ -69,17 +76,28 @@ Usage:
!web fetch <malicious.page.here> !web fetch <malicious.page.here>
``` ```
*This was only reported at IRC and I am unable to find issue report
or fixing commit. ~~Mikaela on 2015-01-04.*
### 5. Web Titlte/Fetch can be used for DoS ### 5. Web Titlte/Fetch can be used for DoS
They are vulnerable to queries to servers which have custom headers They are vulnerable to queries to servers which have custom headers
which can lead to DoS. which can lead to DoS.
*This was only reported at IRC and I am unable to find issue report
or fixing commit. ~~Mikaela on 2015-01-04.*
### 6. QuoteGrabs grab command also works in PM ### 6. QuoteGrabs grab command also works in PM
and can grab private content such as `user register` or `user identify` or and can grab private content such as `user register` or `user identify` or
with the case of owner possibly NickServ passwords and others not so nice with the case of owner possibly NickServ passwords and others not so nice
things. things.
*It appears this issue was only reported at IRC.*
* Fixing commit: [a3346343679f3bdf8c77d9efb5a2097e215d51df](https://github.com/ProgVal/Limnoria/commit/a3346343679f3bdf8c77d9efb5a2097e215d51df)
### Are these issues publicly known? ### Are these issues publicly known?
**Of course they are.** Issue reports are below the actual issues. **Of course they are.** Issue reports are below the actual issues.