Flask-Middleware / flask-security / 835

Builds	Branch	Commit	Type	Ran	Committer	Via	Coverage
835	3.4.5	3.4.5 security patch (#426)	push	08 Jan 2021 08:10PM UTC	web-flow	travis-ci	pending completion set done
834	3.4.x	3.4.5 security patch (#426)	push	08 Jan 2021 05:24PM UTC	web-flow	travis-ci	pending completion set done
833	r3.4.5	Merge 0c6b731c2 into 61d313150	Pull #426	08 Jan 2021 05:45AM UTC	web-flow	travis-ci	pending completion set done
832	3.4.x	I421backport (#425) * Fix security vuln - GET on /login or /change could reveal authentication token with no CSRF checks. (#422) GETs no longer return the auth token. closes: #421 * Backport CSRF /login vulnerability. This will go out...	push	08 Jan 2021 04:45AM UTC	web-flow	travis-ci	pending completion set done
831	master	Documentation changes for /login CSRF vulnerability. (#424) closes: #421	push	06 Jan 2021 12:06AM UTC	web-flow	travis-ci	pending completion set done
830	i421backport	Merge df4749961 into 1f13d368e	Pull #425	05 Jan 2021 09:46PM UTC	web-flow	travis-ci	pending completion set done
827	i421p2	Merge 2bf7997e9 into 183a826f3	Pull #424	05 Jan 2021 02:30AM UTC	web-flow	travis-ci	pending completion set done
826	master	Fix security vuln - QRcodes were available via GET on /qrcode - not protected with CSRF tokens (#423) Looking into how others do this (e.g. paypal) - the QRcode is embedded in the successful response to form POST. So - /tf-qrcode and /us-qrcode ...	push	04 Jan 2021 10:43PM UTC	web-flow	travis-ci	pending completion set done
825	qr418	Merge 1a17ad16b into c05afe837	Pull #423	04 Jan 2021 08:09PM UTC	web-flow	travis-ci	pending completion set done
824	qr418	Merge ff5bde12b into c05afe837	Pull #423	04 Jan 2021 05:44AM UTC	web-flow	travis-ci	pending completion set done
822	master	Fix security vuln - GET on /login or /change could reveal authentication token with no CSRF checks. (#422) GETs no longer return the auth token. closes: #421	push	02 Jan 2021 07:56PM UTC	web-flow	travis-ci	pending completion set done
821	token421	Merge 3442e0b73 into 46c766a9a	Pull #422	02 Jan 2021 03:36AM UTC	web-flow	travis-ci	pending completion set done
820	master	Change and reset password should invalidate all sessions. (#420) Now, change and reset password operations change the fs_uniquifier which will invalidate all sessions. It also will invalidate all auth tokens - which may or may not be what the ap...	push	02 Jan 2021 02:42AM UTC	web-flow	travis-ci	pending completion set done
819	authtoken3	Merge 0c7c1bd74 into 8c5a369dd	Pull #420	02 Jan 2021 01:43AM UTC	web-flow	travis-ci	pending completion set done
818	authtoken3	Merge 8843407ae into 8c5a369dd	Pull #420	01 Jan 2021 04:58PM UTC	web-flow	travis-ci	pending completion set done

← Previous
1
2
3
4
5
6
7
8
9
10
11
Next →