Mercurial > p > roundup > code
view doc/sc.txt @ 8365:4ac0bbb3e440
bug(security): CVE-2025-53865 - XSS bug
Extensive fixes in devel, responsive templates known to be
exploitable.
Similar constructs in classic and minimal templates not known
to be exploitable, but changed anyway.
doc/upgrading.txt:
Reformat to 66 characters.
Update with assigned CVE number.
Add section on fixing tal:replace with unsafe data.
Document analysis and assumptions in comment in file.
doc/security.txt:
Update with CVE number.
| author | John Rouillard <rouilj@ieee.org> |
|---|---|
| date | Fri, 11 Jul 2025 19:30:27 -0400 |
| parents | 09efdecff863 |
| children |
line wrap: on
line source
.. meta:: :description: Original documentation of the Roundup Issue tracker. Includes historic Software Carpentry submissions and a short paper. =================================== Software Carpentry and Short Papers =================================== These papers are the original artifacts of Roundup. They can't be included easily in the table of contents for the documentation, so they are referenced here. All of these were written by Ka-Ping Yee, the original architect of Roundup.. A few of the pages have been updated to correct links. However you may still have to use the `wayback machine <https://web.archive.org>`_ to access some of the links on these pages. The papers in chronological order are: * `A short paper explaining Roundup <roundup_short_paper.html>`_ * `The original overview document for Roundup submitted to the Software Carpentry competition <original_overview.html>`_ * `The original specification document for Roundup submitted to the Software Carpentry competition <spec.html>`_