christianlight/tutor
6
0
Fork 0
mirror of https://github.com/ChristianLight/tutor.git synced 2024-11-11 07:41:02 +00:00
Code Issues Releases Activity

security: fix JWT scopes in XBlock callbacks

Browse Source 
See:
https://github.com/openedx/edx-platform/security/advisories/GHSA-qx8m-mqx3-j9fm
https://github.com/openedx/edx-platform/pull/34047
This commit is contained in:
Régis Behmo 2024-01-22 09:31:36 +01:00 committed by Régis Behmo
parent 9d3d9e60f5
commit efd8df600d
2 changed files with 3 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
changelog.d/20240122_093036_regis_jwt_security.md Normal file
View File

@ -0,0 +1 @@
- [Security] Fix JWT scopes in XBlock callbacks. (by @regisb)

2
tutor/templates/build/openedx/Dockerfile
View File

@ -51,6 +51,8 @@ RUN git config --global user.email "tutor@overhang.io" \
{{ patch("openedx-dockerfile-git-patches-default") }} {{ patch("openedx-dockerfile-git-patches-default") }}
{%- else %} {%- else %}
# Patch edx-platform # Patch edx-platform
# XBlock JWT security fix https://github.com/openedx/edx-platform/pull/34047
RUN curl -fsSL https://github.com/openedx/edx-platform/commit/89f5f69682a5e1422f89e867491e8974dd0a8208.patch | git am
{%- endif %} {%- endif %}
{# Example: RUN curl -fsSL https://github.com/openedx/edx-platform/commit/<GITSHA1>.patch | git am #} {# Example: RUN curl -fsSL https://github.com/openedx/edx-platform/commit/<GITSHA1>.patch | git am #}