Home My Page Projects FusionForge
Summary Activity Forums Tracker Lists News SCM Files Mediawiki Hudson/Jenkins

Project Filelist for FusionForge

File Release Notes and Changelog

Release Name: 5.3.4

Release Notes

This is a bugfix-only release, fixing the security problem identified by CVE-2015-0850 (arbitrary command execution via specially crafted URL passed to the Git plugin).

Change Log

Prevent arbitrary command execution via clone URL parameter of the method to create secondary Git repositories. Found by Ansgar Burchardt <ansgar@debian.org>.