-
Holger Just authored
The cache did not distinguish between cached credentials for read and write access. As it does not check permissions again if there is a cache hit, users with authorization for either reading or writing could poison the cache and subsequently authorize themselves for both access types. Original fix is by Jean-Philippe Lang, http://www.redmine.org/issues/9567
2d240fc3
Name |
Last commit
|
Last update |
---|---|---|
.. | ||
Redmine.pm | ||
create_views.sql | ||
reposman.rb | ||
svnserve.wrapper |