christianlight/tutor
7
0
Fork 0
mirror of https://github.com/ChristianLight/tutor.git synced 2024-06-01 13:50:47 +00:00
Code Issues Releases Activity

sec: fix rotation of JWT tokens for disabled users

Browse Source
This commit is contained in:
Régis Behmo 2022-12-01 11:49:56 +01:00 committed by Régis Behmo
parent 08a14c80db
commit 143b656e83
2 changed files with 4 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
changelog.d/20221201_114916_regis_sec_jwt_token_rotation.md Normal file
View File

@ -0,0 +1 @@
- [Security] Fix rotation of JWT tokens for disabled users. (by @regisb)

3
tutor/templates/build/openedx/Dockerfile
View File

@ -59,6 +59,9 @@ RUN curl -fsSL https://github.com/overhangio/edx-platform/commit/e16f8c0986.patc
# Fix drag-n-drop v2 xblock vulnerability
# https://github.com/openedx/edx-platform/pull/31354
RUN curl -fsSL https://github.com/overhangio/edx-platform/commit/527b4993ae.patch | git am
# Fix refresh of JWT tokens for disabled users
# https://github.com/overhangio/edx-platform/tree/overhangio/sec-fix-user-retiring
RUN curl -fsSL https://github.com/overhangio/edx-platform/commit/4df942b32b.patch | git am
{%- endif %}
{# Example: RUN curl -fsSL https://github.com/openedx/edx-platform/commit/<GITSHA1> | git am #}