stable

Clone or download

Read-only

Merge commit 'refs/changes/82/8082/5' of ssh://gerrit.tuleap.net:29418/tuleap into stable

* ssh://gerrit.tuleap.net:29418/tuleap: request #10118: Remote code execution through object unserialization of a user's recent elements Conflicts: plugins/tracker/include/autoload.php

Modified Files

Name
M plugins/tracker/db/install.sql +8 −0 Go to diff View file
A plugins/tracker/db/mysql/updates/2017/201704041400_add_recently_visited_table.php +51 −0 Go to diff View file
M plugins/tracker/db/uninstall.sql +2 −0 Go to diff View file
A plugins/tracker/include/Tracker/Artifact/RecentlyVisited/RecentlyVisitedDao.php +79 −0 Go to diff View file
A plugins/tracker/include/Tracker/Artifact/RecentlyVisited/VisitRecorder.php +42 −0 Go to diff View file
A plugins/tracker/include/Tracker/Artifact/RecentlyVisited/VisitRetriever.php +54 −0 Go to diff View file
M plugins/tracker/include/Tracker/Artifact/Renderer/CopyRenderer.class.php +5 −3 Go to diff View file
M plugins/tracker/include/Tracker/Artifact/Renderer/EditAbstractRenderer.class.php +12 −6 Go to diff View file
M plugins/tracker/include/Tracker/Artifact/Renderer/EditRenderer.class.php +5 −3 Go to diff View file
M plugins/tracker/include/Tracker/Artifact/Tracker_Artifact.class.php +15 −3 Go to diff View file
M plugins/tracker/include/Tracker/Tracker.class.php +30 −9 Go to diff View file
M plugins/tracker/include/autoload.php +5 −2 Go to diff View file
M src/common/user/User.class.php +0 −57 Go to diff View file
A src/db/mysql/updates/2017/201704041400_clean_recent_element_user_preferences.php +44 −0 Go to diff View file
M tests/simpletest/common/user/UserTest.php +0 −62 Go to diff View file