mart-w/kanidm
1
0
Fork 0
mirror of https://github.com/kanidm/kanidm.git synced 2025-02-23 20:47:01 +01:00
Code Issues Actions Packages Projects Releases Wiki Activity
kanidm/server
History
Firstyear c3e42ba257 security - low - fault in migrations (#3182) 
A fault existed in the server's internal migration code, where attributes
that were multivalued would be merged rather than replaced in certain
contexts. This migration path is used for access controls, meaning that
on upgrades, attributes that were meant to be removed from access
controls or changes to access control target groups were not reflected
during the upgrade process.

This has a potentially low security impact as it may have allowed
users to change their name/displayname even if the administrator
had disable the name_self_write access control.
2024-11-07 14:33:11 +10:00
..
core Correct missing CSP header (#3177) 2024-11-05 14:50:27 +10:00
daemon Remove WASM (#3148) 2024-10-26 17:19:13 +10:00
lib security - low - fault in migrations (#3182) 2024-11-07 14:33:11 +10:00
lib-macros OAuth2 Token Type (#3008) 2024-08-25 23:30:20 +00:00
testkit Remove WASM (#3148) 2024-10-26 17:19:13 +10:00
testkit-macros CLI integration test beginnings (#2261) 2023-10-30 06:10:54 +00:00
builder.sh 1399 cleanup reorg (#1412) 2023-03-01 13:10:52 +10:00
Dockerfile Remove WASM (#3148) 2024-10-26 17:19:13 +10:00