Mercurial > kallithea
view .hgignore @ 5810:81057be7a5c1 stable
auth: properly invoke PermFunctions (CVE-2016-3114)
This fixes a vulnerability that allowed logged-in users to edit or
delete open pull requests associated with any repository to which
they had read access, plus a related vulnerability allowing logged-in
users to delete any comment from any repository, provided they could
determine the comment ID and had read access to just one repository.
author | Søren Løvborg <sorenl@unity3d.com> |
---|---|
date | Tue, 19 Apr 2016 16:57:38 +0200 |
parents | bfa66e8887d7 |
children | 9358211ee144 |
line wrap: on
line source
syntax: glob *.pyc *.swp *.sqlite *.tox *.egg-info *.egg *.mo .eggs/ tarballcache/ syntax: regexp ^rcextensions ^build ^dist/ ^docs/build/ ^docs/_build/ ^data$ ^kallithea/tests/data$ ^sql_dumps/ ^\.settings$ ^\.project$ ^\.pydevproject$ ^\.coverage$ ^kallithea\.db$ ^test\.db$ ^Kallithea\.egg-info$ ^my\.ini$ ^fabfile.py ^\.idea$ ^\.cache$