trustchain-oc1-orchestral
/
authentik
Archived
10
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
11,578 Commits 95 Branches 330 Tags 336 MiB
Commit Graph

6 Commits

Author SHA1 Message Date
Jens L 972dce1462
security: fix CVE-2023-26481 (#4832) 
fix CVE-2023-26481

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
 2023-03-02 20:15:33 +01:00
Jens Langhammer 7046944bf6
website: link CVE and attribute reporter 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-12-25 14:17:17 +01:00
Jens L 9f846d94be
security: fix CVE 2022 23555 (#4274) 
* add flow to invitation

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* show warning on invitation page

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* add security advisory

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* add tests

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-12-23 14:13:49 +01:00
Jens L 84fbeb5721
security: fix CVE 2022 46172 (#4275) 
* fallback to current user in user_write, add flag to disable user creation

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* update api and web ui

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* update default flows

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* add cve post to website

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* add tests

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-12-23 14:12:58 +01:00
Jens L db95dfe38d
security: fix CVE 2022 46145 (#4140) 
* add flow authentication requirement

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* add website for cve

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* add tests

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* flows: handle FlowNonApplicableException without policy result

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* add release notes

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-12-02 16:14:25 +01:00
Jens Langhammer 147ebf1a5e root: rework and expand security policy 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
 2022-11-28 12:10:53 +01:00