[1.4.x] Prevented arbitrary file inclusion with {% ssi %} tag and relative paths.

Thanks Rainer Koirikivi for the report and draft patch.

This is a security fix; disclosure to follow shortly.

Backport of 7fe5b656c9 from master

0 files changed, 0 insertions, 0 deletions