git-annex/doc/devblog/day_504__security_hole_part_6.mdwn

13 lines
626 B
Text
Raw Normal View History

2018-06-21 18:50:20 +00:00
Was getting dangerously close to burnt out, or exhaustion leading to
mistakes, so yesterday I took the day off, aside from spending the morning
babysitting the android build every half hour. (It did finally succeed.)
Today, got back into it, and implemented a fix for CVE-2018-10859 and also
the one case of CVE-2018-10857 that had not been dealt with before.
This fix was really a lot easier than the previous fixes for
CVE-2018-10857.
Unfortunately this did mean not letting URL and WORM keys be downloaded
from many special remotes by default, which is going to be painful for some.
2018-06-26 02:14:32 +00:00
[[!meta date="June 20 2018 5:00 pm"]]