Attachment 162697 Details for Bug 201106 – security fix for CVE-2015-5059

[patch] security fix for CVE-2015-5059

sec-patch-201106.diff (text/plain), 1.15 KB, created by Torsten Zühlsdorff on 2015-11-02 11:06:45 UTC

(hide)

Description:

Filename:

MIME Type:

Creator: Torsten Zühlsdorff

Created: 2015-11-02 11:06:45 UTC

Size: 1.15 KB

patch

obsolete

>Index: files/patch-config__defaults__inc.php
>===================================================================
>--- files/patch-config__defaults__inc.php	(nicht existent)
>+++ files/patch-config__defaults__inc.php	(Arbeitskopie)
>@@ -0,0 +1,17 @@
>+--- config_defaults_inc.php.orig	2015-11-02 10:57:53 UTC
>++++ config_defaults_inc.php
>+@@ -2347,9 +2347,13 @@
>+ 
>+ 	/**
>+ 	 * Threshold needed to view project documentation
>++	 * Note: setting this to ANYBODY will let any user download attachments
>++	 * from private projects, regardless of their being a member of it.
>++	 * @see $g_enable_project_documentation
>++	 * @see $g_upload_project_file_threshold
>+ 	 * @global int $g_view_proj_doc_threshold
>+ 	 */
>+-	$g_view_proj_doc_threshold = ANYBODY;
>++	$g_view_proj_doc_threshold = VIEWER;
>+ 
>+ 	/**
>+ 	 * Site manager
>
>EigenschaftsÃ¤nderungen: files/patch-config__defaults__inc.php
>___________________________________________________________________
>Added: fbsd:nokeywords
>## -0,0 +1 ##
>+yes
>\ No newline at end of property
>Added: svn:eol-style
>## -0,0 +1 ##
>+native
>\ No newline at end of property
>Added: svn:mime-type
>## -0,0 +1 ##
>+text/plain
>\ No newline at end of property

Flags:

ports: maintainer-approval? (dvl)

Actions: View | Diff

Attachments on bug 201106: 162697