Mercurial > p > roundup > code

diff CHANGES.txt @ 5145:d22eb1d40d0e

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
issue2550701, issue2550891 deal with path traversal issue in TAL based template finding code. Use standard method.
author John Rouillard <rouilj@ieee.org>
date Thu, 14 Jul 2016 18:33:37 -0400
parents 9cebf686c552
children d16ba6e6624b
line wrap: on
line diff
--- a/CHANGES.txt	Thu Jul 14 18:03:04 2016 -0400
+++ b/CHANGES.txt	Thu Jul 14 18:33:37 2016 -0400
@@ -286,6 +286,12 @@
   Had to explicitly manage transactions with BEGIN IMMEDIATE and call
   sql_commit. Note that this reduces performance in return for accuracy.
   Problem reported by Matt Mackall (mpm) (John Rouillard).
+- issue2550701: Path traversal from template names. This affects the
+  tal based template engines (zopetal, chameleon). If a directory
+  with a specific name is created in the html subdirectory, the
+  template name in the url can be used to get access to files outside
+  of the tracker html directory. This has been fixed by normalizing
+  the path and comparing to the normalized path for the html directory.
 
 2016-01-11: 1.5.1
Roundup Issue Tracker: http://roundup-tracker.org/