Mercurial > kallithea
view docs/index.rst @ 5810:81057be7a5c1 stable
auth: properly invoke PermFunctions (CVE-2016-3114)
This fixes a vulnerability that allowed logged-in users to edit or
delete open pull requests associated with any repository to which
they had read access, plus a related vulnerability allowing logged-in
users to delete any comment from any repository, provided they could
determine the comment ID and had read access to just one repository.
author | Søren Løvborg <sorenl@unity3d.com> |
---|---|
date | Tue, 19 Apr 2016 16:57:38 +0200 |
parents | 57caeb60c52b |
children | ed2fb6e84a02 cc21a2b86a30 |
line wrap: on
line source
.. _index: ####################### Kallithea Documentation ####################### **Readme** .. toctree:: :maxdepth: 1 readme **Installation** .. toctree:: :maxdepth: 1 overview installation installation_win installation_win_old installation_iis setup installation_puppet **Usage** .. toctree:: :maxdepth: 1 usage/general usage/vcs_support usage/locking usage/statistics **Administrator's guide** .. toctree:: :maxdepth: 1 usage/email usage/performance usage/backup usage/debugging usage/troubleshooting **Development** .. toctree:: :maxdepth: 1 contributing changelog **API** .. toctree:: :maxdepth: 1 api/api api/models Other topics ------------ * :ref:`genindex` * :ref:`search` .. _virtualenv: http://pypi.python.org/pypi/virtualenv .. _python: http://www.python.org/ .. _django: http://www.djangoproject.com/ .. _mercurial: http://mercurial.selenic.com/ .. _bitbucket: http://bitbucket.org/ .. _subversion: http://subversion.tigris.org/ .. _git: http://git-scm.com/ .. _celery: http://celeryproject.org/ .. _Sphinx: http://sphinx.pocoo.org/ .. _vcs: http://pypi.python.org/pypi/vcs