Mercurial > p > roundup > code

view test/pg_service.conf @ 8062:28aa76443f58

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
fix(security): fix CVE-2024-39124, CVE-2024-39124, and CVE-2024-39125 Directions for fixing: * `CVE-2024-39124`_ - :ref:`classhelpers (_generic.help.html) are vulnerable to an XSS attack. <CVE-2024-39124>` Requires fixing tracker homes. * `CVE-2024-39125`_ - :ref:`if Referer header is set to a script tag, it will be executed. <CVE-2024-39125>` Fixed in release 2.4.0, directions available for fixing in prior versions. * `CVE-2024-39126`_ - :ref:`PDF, XML and SVG files downloaded from an issue can contain embedded JavaScript which is executed. <CVE-2024-39126>` Fixed in release 2.4.0, directions available for fixing in prior versions. prior to 2.4.0 release this weekend that fixes the last two CVE's.
author John Rouillard <rouilj@ieee.org>
date Tue, 09 Jul 2024 09:07:09 -0400
parents 8147f6deac9f
children
line wrap: on
line source

[roundup_test_db]
host=127.0.0.1
port=5432
user=rounduptest
password=rounduptest
dbname=rounduptest

[roundup_test_schema]
host=127.0.0.1
port=5432
user=rounduptest_schema
password=rounduptest
dbname=rounduptest_schema
options=-c search_path=roundup_service_dev

[roundup_test_schema_bad]
host=127.0.0.1
port=5432
user=rounduptest_schema
password=rounduptest
dbname=rounduptest_schema
options=-c search_path=
Roundup Issue Tracker: http://roundup-tracker.org/