Overview
Request 155282 accepted
- update to 2.3.16 (bnc#800320) CVE-2013-0333
- backporting deep_munge
- removing [nil] from the params
- Do not mark strip_tags result as html_safe
- this obsoletes all our patches:
2-3-null_array_param.patch
2-3-null_param.patch
3-0-strip_tags.patch
- update to 2.3.15: (bnc#796712, bnc#797449, bnc#797452)
- handle missing 'HTTP_X_FORWARDED_FOR'
- added test suite for RCE bug
Request History
lijews created request
- update to 2.3.16 (bnc#800320) CVE-2013-0333
- backporting deep_munge
- removing [nil] from the params
- Do not mark strip_tags result as html_safe
- this obsoletes all our patches:
2-3-null_array_param.patch
2-3-null_param.patch
3-0-strip_tags.patch
- update to 2.3.15: (bnc#796712, bnc#797449, bnc#797452)
- handle missing 'HTTP_X_FORWARDED_FOR'
- added test suite for RCE bug
lijews accepted request