Branch: refs/heads/master Home: https://github.com/openSUSE/open-build-service Commit: a825d7a0e8b6a826ad8667605ba02091f94d8e74 https://github.com/openSUSE/open-build-service/commit/a825d7a0e8b6a826ad8667... Author: Björn Geuken <bgeuken@suse.de> Date: 2015-08-28 (Fri, 28 Aug 2015) Changed paths: M src/api/app/controllers/webui/apidocs_controller.rb Log Message: ----------- [webui] Fix hakiri report: File Access Ensure that users can't fetch files from other directories (by adding '../' to the filepath). Commit: a43b39885bade797b1abea1c97fbe016a86e1d87 https://github.com/openSUSE/open-build-service/commit/a43b39885bade797b1abea... Author: Björn Geuken <bgeuken@suse.de> Date: 2015-08-28 (Fri, 28 Aug 2015) Changed paths: M src/api/app/controllers/webui/package_controller.rb Log Message: ----------- [webui] Fix hakiri reports: File access Commit: b19737c44c0e111f12aff104b39da7615e858f9b https://github.com/openSUSE/open-build-service/commit/b19737c44c0e111f12aff1... Author: Björn Geuken <bgeuken@suse.de> Date: 2015-09-01 (Tue, 01 Sep 2015) Changed paths: M src/api/app/controllers/webui/apidocs_controller.rb M src/api/app/controllers/webui/package_controller.rb Log Message: ----------- Merge pull request #1070 from bgeuken/hakiri_file_access Hakiri file access Compare: https://github.com/openSUSE/open-build-service/compare/7b10b1c15c08...b19737...