Branch: refs/heads/master
Home: https://github.com/openSUSE/open-build-service
Commit: a825d7a0e8b6a826ad8667605ba02091f94d8e74
https://github.com/openSUSE/open-build-service/commit/a825d7a0e8b6a826ad8667...
Author: Björn Geuken
Date: 2015-08-28 (Fri, 28 Aug 2015)
Changed paths:
M src/api/app/controllers/webui/apidocs_controller.rb
Log Message:
-----------
[webui] Fix hakiri report: File Access
Ensure that users can't fetch files from other directories (by adding '../' to the filepath).
Commit: a43b39885bade797b1abea1c97fbe016a86e1d87
https://github.com/openSUSE/open-build-service/commit/a43b39885bade797b1abea...
Author: Björn Geuken
Date: 2015-08-28 (Fri, 28 Aug 2015)
Changed paths:
M src/api/app/controllers/webui/package_controller.rb
Log Message:
-----------
[webui] Fix hakiri reports: File access
Commit: b19737c44c0e111f12aff104b39da7615e858f9b
https://github.com/openSUSE/open-build-service/commit/b19737c44c0e111f12aff1...
Author: Björn Geuken
Date: 2015-09-01 (Tue, 01 Sep 2015)
Changed paths:
M src/api/app/controllers/webui/apidocs_controller.rb
M src/api/app/controllers/webui/package_controller.rb
Log Message:
-----------
Merge pull request #1070 from bgeuken/hakiri_file_access
Hakiri file access
Compare: https://github.com/openSUSE/open-build-service/compare/7b10b1c15c08...b19737...