diff options
| author | Dan Langille <dvl@FreeBSD.org> | 2015-12-23 21:20:51 +0000 |
|---|---|---|
| committer | Dan Langille <dvl@FreeBSD.org> | 2015-12-23 21:20:51 +0000 |
| commit | 358229bc250ff3a0a76847abe4575489ab037126 (patch) | |
| tree | f304245f90544fa9c9c11712e669e91906bb106d /databases/mantis/files/patch-config__defaults__inc.php | |
| parent | - Clarify LICENSE (diff) | |
patch with security fix for CVE-2015-5059
Submitted by: Torsten Zuhlsdorff & Jason Unovitch
PR: 201106 202865
Approved by: mat (mentor)
Differential Review: D4196
Notes
Notes:
svn path=/head/; revision=404324
Diffstat (limited to 'databases/mantis/files/patch-config__defaults__inc.php')
| -rw-r--r-- | databases/mantis/files/patch-config__defaults__inc.php | 17 |
1 files changed, 17 insertions, 0 deletions
diff --git a/databases/mantis/files/patch-config__defaults__inc.php b/databases/mantis/files/patch-config__defaults__inc.php new file mode 100644 index 000000000000..dd5c680c4e6b --- /dev/null +++ b/databases/mantis/files/patch-config__defaults__inc.php @@ -0,0 +1,17 @@ +--- config_defaults_inc.php.orig 2015-11-02 10:57:53 UTC ++++ config_defaults_inc.php +@@ -2347,9 +2347,13 @@ + + /** + * Threshold needed to view project documentation ++ * Note: setting this to ANYBODY will let any user download attachments ++ * from private projects, regardless of their being a member of it. ++ * @see $g_enable_project_documentation ++ * @see $g_upload_project_file_threshold + * @global int $g_view_proj_doc_threshold + */ +- $g_view_proj_doc_threshold = ANYBODY; ++ $g_view_proj_doc_threshold = VIEWER; + + /** + * Site manager |