Branch: refs/heads/release_15.05 Home: https://github.com/galaxyproject/galaxy Commit: cbae8fab672e302094bb5adaa3921e9feae87224 https://github.com/galaxyproject/galaxy/commit/cbae8fab672e302094bb5adaa3921... Author: Nate Coraor <nate@bx.psu.edu> Date: 2015-08-12 (Wed, 12 Aug 2015) Changed paths: M lib/galaxy/webapps/galaxy/controllers/workflow.py Log Message: ----------- Fix an XSS reflection vulnerability on the workflow import form. Commit: 8e7017a6b125ce5a079cc15c5f26148071b0c366 https://github.com/galaxyproject/galaxy/commit/8e7017a6b125ce5a079cc15c5f261... Author: Martin Cech <cech.marten@gmail.com> Date: 2015-08-12 (Wed, 12 Aug 2015) Changed paths: M lib/galaxy/webapps/tool_shed/api/repositories.py Log Message: ----------- Fix a vulnerability in the Tool Shed API that allowed unauthorized users to upload new repository versions. Commit: 25d8a54aeb6c34ebf48d9c3bead4f6390848a6a3 https://github.com/galaxyproject/galaxy/commit/25d8a54aeb6c34ebf48d9c3bead4f... Author: Nate Coraor <nate@bx.psu.edu> Date: 2015-08-12 (Wed, 12 Aug 2015) Changed paths: M lib/galaxy/webapps/tool_shed/api/repositories.py Log Message: ----------- Merge branch 'security-20150812-shed' into release_15.03 Commit: a454c93fd342783902887ecb66f63a658ad30270 https://github.com/galaxyproject/galaxy/commit/a454c93fd342783902887ecb66f63... Author: Nate Coraor <nate@bx.psu.edu> Date: 2015-08-12 (Wed, 12 Aug 2015) Changed paths: M lib/galaxy/webapps/galaxy/controllers/workflow.py Log Message: ----------- Merge branch 'security-20150812-xss' into release_15.03 Commit: 2a1b2dbb5ae83b3c6b7d4360a674432698e216da https://github.com/galaxyproject/galaxy/commit/2a1b2dbb5ae83b3c6b7d4360a6744... Author: Nicola Soranzo <nicola.soranzo@tgac.ac.uk> Date: 2015-08-12 (Wed, 12 Aug 2015) Changed paths: M lib/galaxy/auth/providers/ldap_ad.py Log Message: ----------- Prevent login with valid username/email and empty password via LDAP auth when anonymous bind is allowed. Also decreased the log level of LDAP bind exception to warning. Commit: e3e9213e28e02ed7439f7458ad079a099064e1b6 https://github.com/galaxyproject/galaxy/commit/e3e9213e28e02ed7439f7458ad079... Author: Nate Coraor <nate@bx.psu.edu> Date: 2015-08-12 (Wed, 12 Aug 2015) Changed paths: M lib/galaxy/webapps/galaxy/controllers/workflow.py Log Message: ----------- Merge branch 'security-20150812-xss' into release_15.05 Conflicts: lib/galaxy/webapps/galaxy/controllers/workflow.py Commit: 052b6a6a38fb0bba859d8c591aa78960d8b211db https://github.com/galaxyproject/galaxy/commit/052b6a6a38fb0bba859d8c591aa78... Author: Nate Coraor <nate@bx.psu.edu> Date: 2015-08-12 (Wed, 12 Aug 2015) Changed paths: M lib/galaxy/webapps/tool_shed/api/repositories.py Log Message: ----------- Merge branch 'security-20150812-shed' into release_15.05 Commit: a6a85cbc4ccbde1a39ebb9b84a47da6332a6a27c https://github.com/galaxyproject/galaxy/commit/a6a85cbc4ccbde1a39ebb9b84a47d... Author: Nate Coraor <nate@bx.psu.edu> Date: 2015-08-12 (Wed, 12 Aug 2015) Changed paths: M lib/galaxy/version.py Log Message: ----------- Bump version to 15.03.3 Commit: f01300d7da5625ac264552258b29818598d4d535 https://github.com/galaxyproject/galaxy/commit/f01300d7da5625ac264552258b298... Author: Nate Coraor <nate@bx.psu.edu> Date: 2015-08-12 (Wed, 12 Aug 2015) Changed paths: M lib/galaxy/version.py Log Message: ----------- Bump version to 15.05.1. Merge branch 'release_15.03' into release_15.05 Conflicts: lib/galaxy/version.py Compare: https://github.com/galaxyproject/galaxy/compare/15b5a336c4c0...f01300d7da56