Project Filelist for FusionForge
File Release Notes and Changelog
Release Name: 5.3.4
This is a bugfix-only release, fixing the security problem identified by CVE-2015-0850 (arbitrary command execution via specially crafted URL passed to the Git plugin).
Prevent arbitrary command execution via clone URL parameter of the method to create secondary Git repositories. Found by Ansgar Burchardt <firstname.lastname@example.org>.