[SECURITY] Untrusted GP data is unserialized in old CSH handling
authorMarcus Krause <marcus.krause@typo3.org>
Wed, 15 Aug 2012 10:21:04 +0000 (12:21 +0200)
committerOliver Hader <oliver.hader@typo3.org>
Wed, 15 Aug 2012 10:21:11 +0000 (12:21 +0200)
commit05d760ac56d7295b8f42c766c90d2f12d50dab37
treea9c008490a954c9136e29e9c97b1c2380fb3fa85
parent06c16f87b44b00e4a34f5c56003a4a3569f4d03b
[SECURITY] Untrusted GP data is unserialized in old CSH handling

Using the old and already deprecated CSH handling in TYPO3 backend,
untrusted GP data is unserialized. There's no longer a code path
in TYPO3 to generate the GP data. So we can safely remove all
leftovers.

Change-Id: I522cc774e65754ebbf05e6d1df65da41e7ab3f8a
Fixes: #33520
Releases: 6.0, 4.7, 4.6, 4.5
Security-Commit: ac048ef7f8a789b218c2fa170747122beb594277
Security-Bulletin: TYPO3-CORE-SA-2012-004
Reviewed-on: http://review.typo3.org/13767
Reviewed-by: Oliver Hader
Tested-by: Oliver Hader
typo3/sysext/cshmanual/mod/index.php