You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@shiro.apache.org by GitBox <gi...@apache.org> on 2020/03/11 19:18:44 UTC
[GitHub] [shiro] bdemers opened a new pull request #203:
FirstSuccessfulStrategy now detects empty principal correctly
bdemers opened a new pull request #203: FirstSuccessfulStrategy now detects empty principal correctly
URL: https://github.com/apache/shiro/pull/203
Fixes: SHIRO-747
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
With regards,
Apache Git Services
[GitHub] [shiro] carnil commented on issue #203: [SHIRO-747]
FirstSuccessfulStrategy now detects empty principal correctly
Posted by GitBox <gi...@apache.org>.
carnil commented on issue #203: [SHIRO-747] FirstSuccessfulStrategy now detects empty principal correctly
URL: https://github.com/apache/shiro/pull/203#issuecomment-606378624
@bdemers: thank you
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
With regards,
Apache Git Services
[GitHub] [shiro] bdemers commented on issue #203: [SHIRO-747]
FirstSuccessfulStrategy now detects empty principal correctly
Posted by GitBox <gi...@apache.org>.
bdemers commented on issue #203: [SHIRO-747] FirstSuccessfulStrategy now detects empty principal correctly
URL: https://github.com/apache/shiro/pull/203#issuecomment-605442534
The release yes, the CVE no.
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
With regards,
Apache Git Services
[GitHub] [shiro] carnil edited a comment on issue #203: [SHIRO-747]
FirstSuccessfulStrategy now detects empty principal correctly
Posted by GitBox <gi...@apache.org>.
carnil edited a comment on issue #203: [SHIRO-747] FirstSuccessfulStrategy now detects empty principal correctly
URL: https://github.com/apache/shiro/pull/203#issuecomment-605424542
@bdemers: Is this merge request relating to CVE-2020-1957 and https://www.openwall.com/lists/oss-security/2020/03/23/2?
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
With regards,
Apache Git Services
[GitHub] [shiro] carnil commented on issue #203: [SHIRO-747]
FirstSuccessfulStrategy now detects empty principal correctly
Posted by GitBox <gi...@apache.org>.
carnil commented on issue #203: [SHIRO-747] FirstSuccessfulStrategy now detects empty principal correctly
URL: https://github.com/apache/shiro/pull/203#issuecomment-605445582
Hi
On Sat, Mar 28, 2020 at 05:42:46AM -0700, Brian Demers wrote:
> The release yes, the CVE no.
Thanks for the feedback. Would it be possible to share then
information on what exactly fix the CVE? The
https://www.openwall.com/lists/oss-security/2020/03/23/2 post is not
very specific to that an that would help downstream (speaking with my
Debian hat on here) to track down the affected versions in the
respective distributions.
Thanks a lot, I realize if this does not correlate to SHIRO-747 and
this pull request that you want a separate issue filled to discuss
that? If so I can open a new one.
Regards,
Salvatore
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
With regards,
Apache Git Services
[GitHub] [shiro] fpapon merged pull request #203: [SHIRO-747]
FirstSuccessfulStrategy now detects empty principal correctly
Posted by GitBox <gi...@apache.org>.
fpapon merged pull request #203: [SHIRO-747] FirstSuccessfulStrategy now detects empty principal correctly
URL: https://github.com/apache/shiro/pull/203
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
With regards,
Apache Git Services
[GitHub] [shiro] carnil commented on issue #203: [SHIRO-747]
FirstSuccessfulStrategy now detects empty principal correctly
Posted by GitBox <gi...@apache.org>.
carnil commented on issue #203: [SHIRO-747] FirstSuccessfulStrategy now detects empty principal correctly
URL: https://github.com/apache/shiro/pull/203#issuecomment-605424542
Is this merge request relating to CVE-2020-1957 and https://www.openwall.com/lists/oss-security/2020/03/23/2?
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
With regards,
Apache Git Services
[GitHub] [shiro] bdemers commented on issue #203: [SHIRO-747]
FirstSuccessfulStrategy now detects empty principal correctly
Posted by GitBox <gi...@apache.org>.
bdemers commented on issue #203: [SHIRO-747] FirstSuccessfulStrategy now detects empty principal correctly
URL: https://github.com/apache/shiro/pull/203#issuecomment-606270322
@carnil the fix (a path traversal issue): https://github.com/apache/shiro/commit/3708d7907016bf2fa12691dff6ff0def1249b8ce#diff-98f7bc5c0391389e56531f8b3754081aL139
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
With regards,
Apache Git Services