You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@nifi.apache.org by "Jonathan Leitschuh (Jira)" <ji...@apache.org> on 2022/04/06 15:59:00 UTC
[jira] [Commented] (NIFI-9785) Improve Login Credentials Writer File Handling
[ https://issues.apache.org/jira/browse/NIFI-9785?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17518260#comment-17518260 ]
Jonathan Leitschuh commented on NIFI-9785:
------------------------------------------
The vulnerability that this issue fixed has now been disclosed here:
[https://github.com/JLLeitschuh/security-research/security/advisories/GHSA-rvp4-r3g6-8hxq]
No CVE has been assigned at this time. This vulnerability is now public without a CVE.
> Improve Login Credentials Writer File Handling
> ----------------------------------------------
>
> Key: NIFI-9785
> URL: https://issues.apache.org/jira/browse/NIFI-9785
> Project: Apache NiFi
> Issue Type: Improvement
> Reporter: David Handermann
> Assignee: David Handermann
> Priority: Minor
> Fix For: 1.16.0
>
> Time Spent: 0.5h
> Remaining Estimate: 0h
>
> The {{StandardLoginCredentialsWriter}} reads an existing {{login-identity-providers.xml}} file and writes updated single user credentials. The implementation should be improved to streamline input and output file handling.
--
This message was sent by Atlassian Jira
(v8.20.1#820001)