nocebo/diaspora
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
diaspora/app
History
Maxwell Salzberg 190fceaf5c [SECURITY FIX] please update your pod ASAP 
This is a fix for public messages, where a malicious pod could spoof a message from someone a user was connected to, as the verified signatures were not checked that the object was also from said sender.  This hole only affected public messages, and the private part of code had the correct checks
THX to s-f-s(Stephan Schulz) for reporting and tracking down this issue, and props to Raven24(florian.staudacher@gmx.at) for helping me test the patch
2012-07-02 10:00:12 -07:00
..
assets [SECURITY FIX] please update your pod ASAP 2012-07-02 10:00:12 -07:00
controllers Fixed Issue #3382 - The comments under postings are missing when using the #tags -view 2012-06-18 22:46:01 -06:00
helpers Rails.root and File.join cleanup 2012-06-11 03:13:20 -07:00
mailers Render invitation email without a layout 2012-05-17 17:51:20 -07:00
models Merge pull request #3260 from panckreous/twitter-conf 2012-06-26 10:34:08 -07:00
presenters Rails.root and File.join cleanup 2012-06-11 03:13:20 -07:00
uploaders #2322 -- rotate uploaded images based on the meta-data 2012-06-17 19:47:34 -06:00
views string concatenation is still bad 2012-06-24 12:21:52 +02:00