Files @ cd8fa11c5c89
Branch filter:

Location: kallithea/tox.ini

cd8fa11c5c89 206 B text/x-ini Show Annotation Show as Raw Download as Raw
mads
repogroups: fix HTML markup of descriptions

Repogroup descriptions were not urlified like repo descriptions are. That
caused incorrect rendering with posibility of XSS.

The problem was introduced in 0.4.0 with 6db3122e4d75.

Thanks to stypr of Flatt Security for reporting this vulnerability.
 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
[tox]
minversion = 1.8
envlist = py27-pytest

[testenv]
setenv =
    PYTHONHASHSEED = 0
deps =
    -r{toxinidir}/dev_requirements.txt
    python-ldap
    python-pam
commands =
    pytest: py.test {posargs}
Server instance: clio-16025 This site is powered by Kallithea 0.7.0, which is © 2010–2025 by various authors & licensed under GPLv3. – Support