mirror of
https://we.phorge.it/source/phorge.git
synced 2024-12-29 08:50:58 +01:00
2d7abfd9fa
Summary: Via HackerOne. A researcher correctly reports that our install scripts use `HTTP`, not `HTTPS`, to fetch resources and execute them as `root`, which is a potentially significant vulnerability. Instead, use `HTTPS`. Test Plan: Verified that these URIs function correctly over `HTTPS`. Reviewers: chad Reviewed By: chad Differential Revision: https://secure.phabricator.com/D16958 |
||
---|---|---|
.. | ||
install_rhel-derivs.sh | ||
install_ubuntu.sh | ||
update_phabricator.sh |