Block files with dangerous names from coming in via Storage untar.

2010-08-11 15:46:02 -07:00 · 2010-08-11 15:46:02 -07:00 · 13a222f6ce
commit 13a222f6ce
parent 9f724a7193
3 changed files with 20 additions and 3 deletions
--- a/docs/changelog/7.x.x.txt
+++ b/docs/changelog/7.x.x.txt
@ -4,6 +4,7 @@
 - fixed possible vulnerability loading template parser
 - fixed possible vulnerability loading help files
 - fixed possible vulnerability with filenames in storage locations
+ - fixed possible vulnerability with extracting tar files in storage locations

 7.9.11
 - fixed #11755: New cart does not update shipping methods correctly