Project Filelist for FusionForge

File Release Notes and Changelog

Release Name: 5.3.4

Release Notes

This is a bugfix-only release, fixing the security problem identified by CVE-2015-0850 (arbitrary command execution via specially crafted URL passed to the Git plugin).

Change Log

Prevent arbitrary command execution via clone URL parameter of the method to create secondary Git repositories. Found by Ansgar Burchardt <ansgar@debian.org>.