Mercurial > p > roundup > code

annotate website/issues/html/home.about.html @ 8062:28aa76443f58

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
fix(security): fix CVE-2024-39124, CVE-2024-39124, and CVE-2024-39125 Directions for fixing: * `CVE-2024-39124`_ - :ref:`classhelpers (_generic.help.html) are vulnerable to an XSS attack. <CVE-2024-39124>` Requires fixing tracker homes. * `CVE-2024-39125`_ - :ref:`if Referer header is set to a script tag, it will be executed. <CVE-2024-39125>` Fixed in release 2.4.0, directions available for fixing in prior versions. * `CVE-2024-39126`_ - :ref:`PDF, XML and SVG files downloaded from an issue can contain embedded JavaScript which is executed. <CVE-2024-39126>` Fixed in release 2.4.0, directions available for fixing in prior versions. prior to 2.4.0 release this weekend that fixes the last two CVE's.
author John Rouillard <rouilj@ieee.org>
date Tue, 09 Jul 2024 09:07:09 -0400
parents 4155ed7f00f4
children
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
6246
4155ed7f00f4 Add about page.
John Rouillard <rouilj@ieee.org>
parents:
diff changeset
1 <!-- dollarId: issue.index,v 1.2 2001/07/29 04:07:37 richard Exp dollar-->
4155ed7f00f4 Add about page.
John Rouillard <rouilj@ieee.org>
parents:
diff changeset
2
4155ed7f00f4 Add about page.
John Rouillard <rouilj@ieee.org>
parents:
diff changeset
3 <tal:block metal:use-macro="templates/page/macros/icing">
4155ed7f00f4 Add about page.
John Rouillard <rouilj@ieee.org>
parents:
diff changeset
4
4155ed7f00f4 Add about page.
John Rouillard <rouilj@ieee.org>
parents:
diff changeset
5 <title metal:fill-slot="head_title" i18n:translate="" >
4155ed7f00f4 Add about page.
John Rouillard <rouilj@ieee.org>
parents:
diff changeset
6 About this Tracker
4155ed7f00f4 Add about page.
John Rouillard <rouilj@ieee.org>
parents:
diff changeset
7 </title>
4155ed7f00f4 Add about page.
John Rouillard <rouilj@ieee.org>
parents:
diff changeset
8 <tal:block metal:fill-slot="body_title" i18n:translate="">
4155ed7f00f4 Add about page.
John Rouillard <rouilj@ieee.org>
parents:
diff changeset
9 About this Tracker
4155ed7f00f4 Add about page.
John Rouillard <rouilj@ieee.org>
parents:
diff changeset
10 </tal:block>
4155ed7f00f4 Add about page.
John Rouillard <rouilj@ieee.org>
parents:
diff changeset
11
4155ed7f00f4 Add about page.
John Rouillard <rouilj@ieee.org>
parents:
diff changeset
12 <div class="content" metal:fill-slot="content">
4155ed7f00f4 Add about page.
John Rouillard <rouilj@ieee.org>
parents:
diff changeset
13
4155ed7f00f4 Add about page.
John Rouillard <rouilj@ieee.org>
parents:
diff changeset
14 <span tal:condition="not:python:request.user.hasRole('Admin')"
4155ed7f00f4 Add about page.
John Rouillard <rouilj@ieee.org>
parents:
diff changeset
15 tal:omit-tag="python:1" i18n:translate="">
4155ed7f00f4 Add about page.
John Rouillard <rouilj@ieee.org>
parents:
diff changeset
16 Please login with your username and password to find out about
4155ed7f00f4 Add about page.
John Rouillard <rouilj@ieee.org>
parents:
diff changeset
17 this tracker.
4155ed7f00f4 Add about page.
John Rouillard <rouilj@ieee.org>
parents:
diff changeset
18 </span>
4155ed7f00f4 Add about page.
John Rouillard <rouilj@ieee.org>
parents:
diff changeset
19
4155ed7f00f4 Add about page.
John Rouillard <rouilj@ieee.org>
parents:
diff changeset
20 <div tal:condition="python:request.user.hasRole('Admin')"
4155ed7f00f4 Add about page.
John Rouillard <rouilj@ieee.org>
parents:
diff changeset
21 tal:omit-tag="python:1" i18n:translate="">
4155ed7f00f4 Add about page.
John Rouillard <rouilj@ieee.org>
parents:
diff changeset
22 <div tal:replace="structure python:utils.AboutPage(db)"></div>
4155ed7f00f4 Add about page.
John Rouillard <rouilj@ieee.org>
parents:
diff changeset
23 </div>
4155ed7f00f4 Add about page.
John Rouillard <rouilj@ieee.org>
parents:
diff changeset
24 </div>
4155ed7f00f4 Add about page.
John Rouillard <rouilj@ieee.org>
parents:
diff changeset
25
4155ed7f00f4 Add about page.
John Rouillard <rouilj@ieee.org>
parents:
diff changeset
26 </tal:block>
Roundup Issue Tracker: http://roundup-tracker.org/