|
|
972dce1462
|
security: fix CVE-2023-26481 (#4832)
fix CVE-2023-26481
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
|
2023-03-02 20:15:33 +01:00 |
|
|
|
7046944bf6
|
website: link CVE and attribute reporter
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-12-25 14:17:17 +01:00 |
|
|
|
9f846d94be
|
security: fix CVE 2022 23555 (#4274)
* add flow to invitation
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* show warning on invitation page
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* add security advisory
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* add tests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-12-23 14:13:49 +01:00 |
|
|
|
84fbeb5721
|
security: fix CVE 2022 46172 (#4275)
* fallback to current user in user_write, add flag to disable user creation
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* update api and web ui
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* update default flows
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* add cve post to website
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* add tests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-12-23 14:12:58 +01:00 |
|
|
|
db95dfe38d
|
security: fix CVE 2022 46145 (#4140)
* add flow authentication requirement
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* add website for cve
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* add tests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* flows: handle FlowNonApplicableException without policy result
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* add release notes
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-12-02 16:14:25 +01:00 |
|
|
|
147ebf1a5e
|
root: rework and expand security policy
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
|
2022-11-28 12:10:53 +01:00 |
|
