security: fix CVE-2023-48228 by BeryJu · Pull Request #7666 · goauthentik/authentik

BeryJu · 2023-11-21T17:00:58Z

Details

REPLACE ME

Checklist

Local tests pass (ak test authentik/)
The code has been formatted (make lint-fix)

If an API change has been made

The API schema has been updated (make gen-build)

If changes to the frontend have been made

The code has been formatted (make web)
The translation files have been updated (make i18n-extract)

If applicable

The documentation has been updated
The documentation has been formatted (make website)

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

netlify · 2023-11-21T17:01:05Z

✅ Deploy Preview for authentik-storybook ready!

Name	Link
🔨 Latest commit	`cdb36b4`
🔍 Latest deploy log	https://app.netlify.com/sites/authentik-storybook/deploys/655ce24d2c970900087aa555
😎 Deploy Preview	https://deploy-preview-7666--authentik-storybook.netlify.app
📱 Preview on mobile	Toggle QR Code... Use your smartphone camera to open QR code link.

To edit notification comments on pull requests, go to your Netlify site configuration.

BeryJu · 2023-11-21T17:01:12Z

/cherry-pick version-2023.10

BeryJu · 2023-11-21T17:01:16Z

/cherry-pick version-2023.8

netlify · 2023-11-21T17:02:43Z

✅ Deploy Preview for authentik ready!

Name	Link
🔨 Latest commit	`cdb36b4`
🔍 Latest deploy log	https://app.netlify.com/sites/authentik/deploys/655ce24d2c970900087aa551
😎 Deploy Preview	https://deploy-preview-7666--authentik.netlify.app
📱 Preview on mobile	Toggle QR Code... Use your smartphone camera to open QR code link.
Lighthouse	1 paths audited Performance: 95 (🔴 down 1 from production) Accessibility: 90 (no change from production) Best Practices: 100 (no change from production) SEO: 80 (no change from production) PWA: - View the detailed breakdown and full score reports

To edit notification comments on pull requests, go to your Netlify site configuration.

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* main: website/docs: add CVE-2023-48228 to release notes security: fix CVE-2023-48228 (#7666) website/docs: prepare 2023.10.4 release notes (#7641) web/admin: fix admins not able to delete MFA devices (#7660) web/flows: use aria-invalid attribute to better show invalid input fields (#7661) web: bump the esbuild group in /web with 2 updates (#7650) web: bump the eslint group in /tests/wdio with 2 updates (#7654) website: bump @types/react from 18.2.37 to 18.2.38 in /website (#7645) web: bump the sentry group in /web with 2 updates (#7647) web: bump the eslint group in /web with 2 updates (#7649) web: bump @types/codemirror from 5.60.13 to 5.60.14 in /web (#7651) web: bump typescript from 5.2.2 to 5.3.2 in /tests/wdio (#7656) web: bump the babel group in /web with 2 updates (#7648) core: bump django-filter from 23.3 to 23.4 (#7646) website: bump typescript from 5.2.2 to 5.3.2 in /website (#7644) web: bump @types/chart.js from 2.9.40 to 2.9.41 in /web (#7652) web: bump typescript from 5.2.2 to 5.3.2 in /web (#7653) web: bump the wdio group in /tests/wdio with 2 updates (#7655) web: bump wdio-wait-for from 3.0.8 to 3.0.9 in /tests/wdio (#7657)

…tik#7668) security: fix CVE-2023-48228 (goauthentik#7666) Signed-off-by: Jens Langhammer <jens@goauthentik.io> Co-authored-by: Jens L <jens@goauthentik.io>

security: fix CVE-2023-48228

cdb36b4

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

BeryJu requested review from a team as code owners November 21, 2023 17:00

BeryJu merged commit b88e394 into main Nov 21, 2023

BeryJu deleted the security/CVE-2023-48228 branch November 21, 2023 17:10

This was referenced Nov 21, 2023

security: fix CVE-2023-48228 (cherry-pick #7666) #7668

Merged

security: fix CVE-2023-48228 (cherry-pick #7666) #7669

Merged

gcp-cherry-pick-bot bot pushed a commit that referenced this pull request Nov 21, 2023

security: fix CVE-2023-48228 (#7666)

7a2110e

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

gcp-cherry-pick-bot bot pushed a commit that referenced this pull request Nov 21, 2023

security: fix CVE-2023-48228 (#7666)

8fe02b2

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

security: fix CVE-2023-48228#7666

security: fix CVE-2023-48228#7666
BeryJu merged 1 commit intomainfrom
security/CVE-2023-48228

BeryJu commented Nov 21, 2023

Uh oh!

netlify bot commented Nov 21, 2023 •

edited

Loading

Uh oh!

BeryJu commented Nov 21, 2023

Uh oh!

BeryJu commented Nov 21, 2023

Uh oh!

netlify bot commented Nov 21, 2023 •

edited

Loading

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant

Uh oh!

Conversation

BeryJu commented Nov 21, 2023

Details

Checklist

Uh oh!

netlify bot commented Nov 21, 2023 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

✅ Deploy Preview for authentik-storybook ready!

Uh oh!

BeryJu commented Nov 21, 2023

Uh oh!

BeryJu commented Nov 21, 2023

Uh oh!

netlify bot commented Nov 21, 2023 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

✅ Deploy Preview for authentik ready!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant

netlify bot commented Nov 21, 2023 •

edited

Loading

netlify bot commented Nov 21, 2023 •

edited

Loading