Good Morning Everyone, This morning Patrick found a security bug in pagure. We fixed it and made a new release: 2.2.2 with the fix. This is the corresponding changelog: * Mon Jul 04 2016 Pierre-Yves Chibon <pingou@xxxxxxxxxxxx> - 2.2.2-1 - Update to 2.2.2 - Security fix release blocking all html related mimetype when displaying the raw files and forces the browser to download them instead (Thanks to Patrick Uiterwijk for finding this issue) Prod and stg have been upgraded for it. If you are running your own pagure instance, make sure to pull/apply the following fix: https://pagure.io/pagure/c/dbcc8abdde2e78acd6bae7fe5cc095294193686b Thanks for your attention, Pierre
Attachment:
signature.asc
Description: PGP signature
_______________________________________________ infrastructure mailing list infrastructure@xxxxxxxxxxxxxxxxxxxxxxx https://lists.fedoraproject.org/admin/lists/infrastructure@xxxxxxxxxxxxxxxxxxxxxxx