Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Stem thymeleaf ssti #2615

Merged
merged 4 commits into from
Jul 14, 2023
Merged

Stem thymeleaf ssti #2615

merged 4 commits into from
Jul 14, 2023

Conversation

SteKoe
Copy link
Contributor

@SteKoe SteKoe commented Jul 14, 2023
edited
Loading

BREAKING: default thymeleaf configuration now implmenents ClasspathResourceLoader ONLY.

closes #2615

@SteKoe SteKoe requested a review from a team as a code owner July 14, 2023 06:10
@SteKoe SteKoe merged commit f1f6ac6 into master Jul 14, 2023
@SteKoe SteKoe deleted the stem-thymeleaf-ssti branch July 14, 2023 06:34
SteKoe added a commit that referenced this pull request Jul 15, 2023
@SteKoe
Merge remote-tracking branch 'origin/feat/1396-wallboard-ui-filter' i…
8ed3cec 
…nto feat/1396-wallboard-ui-filter

* origin/feat/1396-wallboard-ui-filter:
  chore: nicer UI
  chore: remove dummy data
  chore: better types for ApplicationStore
  feat(#1396): add filters to wallboard
  chore: update to next SNAPSHOT version
  chore: fix build (#2617)
  chore: disable scan on push
  fix(RegistrationClient): set timeouts properly (#2616)
  fix(#2615): reduce ssti vectors for thymeleaf
  feat(ci): set new SNAPSHOT version after release (#2611)
@Subrhamanya
Copy link

@SteKoe any plan to backport this to 2.7.x?? It's truly difficult to move to java 17 suddenly so...

SteKoe added a commit that referenced this pull request May 17, 2024
@SteKoe
fix(#2615): reduce ssti vectors for thymeleaf
f084155
SteKoe added a commit that referenced this pull request May 17, 2024
@SteKoe
fix(#2615): reduce ssti vectors for thymeleaf (#3378)
3311e1b
@SteKoe
Copy link
Contributor Author

SteKoe commented May 17, 2024
edited
Loading

Hi @Subrhamanya, we have just released 2.7.16 including the fix.

@Subrhamanya
Copy link

@SteKoe thanks for the backport.

@Subrhamanya Subrhamanya mentioned this pull request Jun 11, 2024
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@erikpetzold erikpetzold erikpetzold approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@SteKoe @Subrhamanya @erikpetzold