Project Filelist for FusionForge
File Release Notes and Changelog
Release Name: 5.3.4
Release Notes
This is a bugfix-only release, fixing the security problem identified by CVE-2015-0850 (arbitrary command execution via specially crafted URL passed to the Git plugin).
Change Log
Prevent arbitrary command execution via clone URL parameter of the method to create secondary Git repositories. Found by Ansgar Burchardt <ansgar@debian.org>.