[sldev] [SECURITY] Release Notes for Second Life
1.18.3(5) September 20, 2007
Lawson English
lenglish5 at cox.net
Thu Sep 20 19:17:48 PDT 2007
Argent Stonecutter wrote:
>> Release Notes for Second Life 1.18.3(5) September 20, 2007
>> =====================================
>> Bug fixes:
>> * Fixed login failure when declining optional updates
>> * Fixed VWR-2487: Covenant Details between live version and release
>> candidate version
>> * Fixed VWR-2484: Icons missing from Mac OS X build
>> * Fixed VWR-2482: build tree misses the cursors_mac directory
>> * Fixed VWR-2378: Failure to enable the "Update" button in the
>> profile/classifieds tab, after a "Set Location" update.
>
> I was expecting to also see something like:
>> Changes:
>> * Fix URL handler exploit described here:
>> http://blog.secondlife.com/2007/09/18/second-life-url-handler-exploit/
>
> Did this not apply to the RC, was this fixed without an entry in the
> release notes, or is the RC still vulnerable?
>
I'm guessing still vulnerable since it wasn't mentioned, or... they
forgot to mention.
More information about the SLDev
mailing list