This repository has been archived on 2024-05-31. You can view files and clone it, but cannot push or open issues or pull requests.
authentik/authentik
Jens L cd88b91686
security: fix CVE 2022 23555 (#4274)
* add flow to invitation

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* show warning on invitation page

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* add security advisory

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* add tests

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-12-23 14:18:13 +01:00
..
admin admin: add authorisations metric (#3811) 2022-10-19 00:06:45 +02:00
api sources/saml: revamp SAML Source (#3785) 2022-10-14 17:04:47 +02:00
blueprints blueprints: fix error when cleaning up unset attribute 2022-10-21 22:12:59 +02:00
core core: set prehydrated locale based on active backend locale 2022-10-28 19:43:24 +02:00
crypto providers/oauth2: fix issues with es256 and add tests (#3808) 2022-10-18 22:01:29 +02:00
events core: explicitly enable locales (#3889) 2022-10-28 19:42:49 +02:00
flows *: backport CVE-2022-46145 fix 2022-12-01 10:40:51 +02:00
lib root: add global fallback throttle 2022-10-15 23:51:36 +02:00
outposts flows: optimise queries (#3818) 2022-10-19 22:53:07 +02:00
policies flows: optimise queries (#3818) 2022-10-19 22:53:07 +02:00
providers flows: optimise queries (#3818) 2022-10-19 22:53:07 +02:00
recovery root: fix settings for managed not loaded 2021-11-15 19:49:03 +01:00
root core: bump channels from 3.0.5 to 4.0.0 (#3799) 2022-10-18 22:34:27 +02:00
sources sources/saml: set username field to name_id attribute 2022-10-24 21:53:37 +02:00
stages security: fix CVE 2022 23555 (#4274) 2022-12-23 14:18:13 +01:00
tenants core: explicitly enable locales (#3889) 2022-10-28 19:42:49 +02:00
__init__.py release: 2022.10.3 2022-12-02 23:01:17 +02:00