[SECURITY] Untrusted GP data is unserialized in old CSH handling (05d760ac) · Commits · TYPO3 / TYPO3.CMS

Commit 05d760ac authored 12 years ago by

Marcus Krause Committed by Oliver Hader 12 years ago

[SECURITY] Untrusted GP data is unserialized in old CSH handling

Using the old and already deprecated CSH handling in TYPO3 backend,
untrusted GP data is unserialized. There's no longer a code path
in TYPO3 to generate the GP data. So we can safely remove all
leftovers.

Change-Id: I522cc774e65754ebbf05e6d1df65da41e7ab3f8a
Fixes: #33520
Releases: 6.0, 4.7, 4.6, 4.5
Security-Commit: ac048ef7f8a789b218c2fa170747122beb594277
Security-Bulletin: TYPO3-CORE-SA-2012-004
Reviewed-on: http://review.typo3.org/13767
Reviewed-by: Oliver Hader
Tested-by: Oliver Hader

parent 06c16f87

Hide whitespace changes

Inline Side-by-side

Showing with 0 additions and 10 deletions

Please register or to comment