Mercurial > p > roundup > code

annotate website/issues/TEMPLATE-INFO.txt @ 8062:28aa76443f58

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
fix(security): fix CVE-2024-39124, CVE-2024-39124, and CVE-2024-39125 Directions for fixing: * `CVE-2024-39124`_ - :ref:`classhelpers (_generic.help.html) are vulnerable to an XSS attack. <CVE-2024-39124>` Requires fixing tracker homes. * `CVE-2024-39125`_ - :ref:`if Referer header is set to a script tag, it will be executed. <CVE-2024-39125>` Fixed in release 2.4.0, directions available for fixing in prior versions. * `CVE-2024-39126`_ - :ref:`PDF, XML and SVG files downloaded from an issue can contain embedded JavaScript which is executed. <CVE-2024-39126>` Fixed in release 2.4.0, directions available for fixing in prior versions. prior to 2.4.0 release this weekend that fixes the last two CVE's.
author John Rouillard <rouilj@ieee.org>
date Tue, 09 Jul 2024 09:07:09 -0400
parents 40329ed1cced
children
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
6105
40329ed1cced add mising template info so it can be used as a template
John Rouillard <rouilj@ieee.org>
parents:
diff changeset
1 Name: issue
40329ed1cced add mising template info so it can be used as a template
John Rouillard <rouilj@ieee.org>
parents:
diff changeset
2 Description: this is the issue tracker for roundup.
40329ed1cced add mising template info so it can be used as a template
John Rouillard <rouilj@ieee.org>
parents:
diff changeset
3 Intended-For: production use by roundup.
40329ed1cced add mising template info so it can be used as a template
John Rouillard <rouilj@ieee.org>
parents:
diff changeset
4
Roundup Issue Tracker: http://roundup-tracker.org/