Files @ 81057be7a5c1
Branch filter:

Location: kallithea/.hgignore

81057be7a5c1 341 B text/plain Show Annotation Show as Raw Download as Raw
Søren Løvborg
auth: properly invoke PermFunctions (CVE-2016-3114)

This fixes a vulnerability that allowed logged-in users to edit or
delete open pull requests associated with any repository to which
they had read access, plus a related vulnerability allowing logged-in
users to delete any comment from any repository, provided they could
determine the comment ID and had read access to just one repository.
 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
syntax: glob
*.pyc
*.swp
*.sqlite
*.tox
*.egg-info
*.egg
*.mo
.eggs/
tarballcache/

syntax: regexp
^rcextensions
^build
^dist/
^docs/build/
^docs/_build/
^data$
^kallithea/tests/data$
^sql_dumps/
^\.settings$
^\.project$
^\.pydevproject$
^\.coverage$
^kallithea\.db$
^test\.db$
^Kallithea\.egg-info$
^my\.ini$
^fabfile.py
^\.idea$
^\.cache$
Server instance: clio-32394 This site is powered by Kallithea 0.7.0, which is © 2010–2025 by various authors & licensed under GPLv3. – Support