Re: CVE-2015-1834 CC Path Traversal vulnerability

Home Messages Hashtags Subgroups

Dieu Cao <dcao@...> #207 Yes, that's the correct commit to cherry pick for the cc path traversal vulnerability. -Dieu CF Runtime PM toggle quoted message Show quoted text On Tue, May 26, 2015 at 12:30 AM, nota-ja <dev(a)nota.m001.jp> wrote: I understand the CFF strongly recommends to upgrade to v208 or after, but for those (including us) who cannot immediately upgrade, I want to know if there is a workaround against this vulnerability. I've found that there is a commit which seems related this vulnerability: https://github.com/cloudfoundry/cloud_controller_ng/commit/5257a8af6990e71cd1e34ae8978dfe4773b32826 Cherry-picking this commit may be a workaround? Or we need another commits to cherry-pick? Thanks in advance. -- View this message in context: http://cf-dev.70369.x6.nabble.com/cf-dev-CVE-2015-1834-CC-Path-Traversal-vulnerability-tp163p173.html Sent from the CF Dev mailing list archive at Nabble.com. _______________________________________________ cf-dev mailing list cf-dev(a)lists.cloudfoundry.org https://lists.cloudfoundry.org/mailman/listinfo/cf-dev attachment.html
More All Messages By This Member

Join {cf-dev@lists.cloudfoundry.org to automatically receive all group messages.