##// END OF EJS Templates
Commit Message Age Author Refs
load previous
r2201:ef4a80b9
Added tag v4.9.1 for changeset d9aa3b27ac9f
0
r2200:d9aa3b27
release: Finish preparation for 4.9.1
0
r2199:ec0f640e
release: updated pip2nix output for 4.9.1
0
r2198:2a472a97
release: Start preparation for 4.9.1
0
r2197:4edcf89e
docs: added release notes for 4.9.1
0
r2196:2338f289
select2: always escape .text attributes to prevent XSS via vcs references.
0
r2195:af6ecbb0
repo-forks: stable, security, fix issue when forging fork_repo_id could allow reading other people forks.
0
r2194:90609677
auth: don't expose full set of permissions into channelstream payload. This leads to resource discovery security vulnerability
0
r2193:20e24a44
user-groups: fix potential problem with group sync of external plugins. - when using external plugin we used to check for a parameter that set the sync mode. The problem is we only checked if the flag was there. So toggling sync on and off set the value and then left the key still set but with None. This confused the sync and thought the group should be synced !
0
r2192:a51e727d
security: limit the maximum password lenght to 72 characters to prevent possible server side resource consumption attack. - bcrypt heavy computation can lead to DOS using a very long password .eg 10**8 lenght. - we allowed this on registration or on password update
0
r2023:9d6857d7
Added tag v4.9.0 for changeset c5a2b7d0e4bb
0
r2022:c5a2b7d0
release: Finish preparation for 4.9.0
0
r2021:6e1dc3cb
release: updated pip2nix output for 4.9.0
0
r2020:246cc9d7
release: Start preparation for 4.9.0
0
r2019:ca2092ce
docs: added release notes for 4.9.0
0
r2018:2eaa3326
docs: updated svn configuration to prevent 400 errors on certain Apache versions.
0
r2017:2c6364ff
events: make sure we propagate our dummy request with proper application_url. - handles proper proxy prefix - handles https and reverse proxies
0
r2016:062a6c2d
pyramid: ported pyramid routing for events
0
r1856:25c48cf5
docs: small rst fixes.
0
r1855:b193ee24
Added tag v4.8.0 for changeset 9731914f8976
0
load next
< 1 .. 9 10 11 12 13 .. 20 >
showing 20 out of 393 commits