security: fix vulnerability in redirect url during auth
This commit is contained in:
parent
68b46aa720
commit
c6cfa24dcc
|
@ -4,9 +4,11 @@ Note: Breaking changes between versions are indicated by "💥".
|
|||
|
||||
## Unreleased
|
||||
|
||||
- [Security] Fix vulnerability in redirect url during authentication (see [commit](https://github.com/overhangio/edx-platform/commit/06550411e34c04376fa3d757e1f068f464f816e6)).
|
||||
|
||||
## v13.1.3 (2022-02-01)
|
||||
|
||||
- [Security] Fix vulnerability in call to invalid enrollment API (see [commit](https://github.com/overhangio/edx-platform/commit/e9369cffde92e765117bbd4dfbee7dc29213493a)).
|
||||
- [Security] Fix vulnerability in call to invalid enrollment API (see [commit](https://github.com/openedx/edx-platform/commit/a140c674799c527e961e37c5e46cb7dc1ffef5ac)).
|
||||
- [Bugfix] Fix "Internal Server Error / AttributeError / object has no attribute 'get_metadata'" in learning MFE.
|
||||
- [Improvement] Replace all links to github.com/edx by github.com/openedx, following the migration of all repositories.
|
||||
- [Bugfix] Fix `k8s start caddy` command.
|
||||
|
|
|
@ -62,8 +62,11 @@ RUN git fetch --depth=2 https://github.com/openedx/edx-platform/ 85eb44445b8a620
|
|||
# https://github.com/openedx/edx-platform/pull/29741
|
||||
RUN git fetch --depth=2 https://github.com/openedx/edx-platform/ a76a79f973ca05f3921fa2a3428fa7052868a725 && git cherry-pick a76a79f973ca05f3921fa2a3428fa7052868a725
|
||||
# Security fix: invalid enrollment error vulnerability
|
||||
# https://github.com/overhangio/edx-platform/commit/e9369cffde92e765117bbd4dfbee7dc29213493a
|
||||
RUN git fetch --depth=2 https://github.com/overhangio/edx-platform/ e9369cffde92e765117bbd4dfbee7dc29213493a && git cherry-pick e9369cffde92e765117bbd4dfbee7dc29213493a
|
||||
# https://github.com/openedx/edx-platform/commit/a140c674799c527e961e37c5e46cb7dc1ffef5ac
|
||||
RUN git fetch --depth=2 https://github.com/openedx/edx-platform/ a140c674799c527e961e37c5e46cb7dc1ffef5ac && git cherry-pick a140c674799c527e961e37c5e46cb7dc1ffef5ac
|
||||
# Security fix: redirect url vulnerability
|
||||
# https://github.com/overhangio/edx-platform/commit/06550411e34c04376fa3d757e1f068f464f816e6
|
||||
RUN git fetch --depth=2 https://github.com/openedx/edx-platform/ 06550411e34c04376fa3d757e1f068f464f816e6 && git cherry-pick 06550411e34c04376fa3d757e1f068f464f816e6
|
||||
{% endif %}
|
||||
|
||||
{# Example: RUN git fetch --depth=2 https://github.com/openedx/edx-platform <GITSHA1> && git cherry-pick <GITSHA1> #}
|
||||
|
|
Loading…
Reference in New Issue