You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@nifi.apache.org by "Jonathan Leitschuh (Jira)" <ji...@apache.org> on 2022/04/06 15:59:00 UTC

[jira] [Commented] (NIFI-9785) Improve Login Credentials Writer File Handling

    [ https://issues.apache.org/jira/browse/NIFI-9785?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17518260#comment-17518260 ] 

Jonathan Leitschuh commented on NIFI-9785:
------------------------------------------

The vulnerability that this issue fixed has now been disclosed here:
[https://github.com/JLLeitschuh/security-research/security/advisories/GHSA-rvp4-r3g6-8hxq]

No CVE has been assigned at this time. This vulnerability is now public without a CVE.

> Improve Login Credentials Writer File Handling
> ----------------------------------------------
>
>                 Key: NIFI-9785
>                 URL: https://issues.apache.org/jira/browse/NIFI-9785
>             Project: Apache NiFi
>          Issue Type: Improvement
>            Reporter: David Handermann
>            Assignee: David Handermann
>            Priority: Minor
>             Fix For: 1.16.0
>
>          Time Spent: 0.5h
>  Remaining Estimate: 0h
>
> The {{StandardLoginCredentialsWriter}} reads an existing {{login-identity-providers.xml}} file and writes updated single user credentials. The implementation should be improved to streamline input and output file handling.



--
This message was sent by Atlassian Jira
(v8.20.1#820001)