-
Notifications
You must be signed in to change notification settings - Fork 4.9k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Improper PAM authorization handling #6810
Comments
Approved on huntr.dev, thank you! |
@ysf You already included a potential fix in the report, do you wanna do a PR or do you prefer me to investigate? (former is faster). |
The idea was that you can look of the patch suits you. If so, I'll push it to a branch. Regular it's not possible to pick up the other bounty. I'll create a PR asap. |
There it is. Sry for my github inconvenience. |
FYI I will conduct a patch release 0.12.5 before I hit the "Confirm Fix" button on huntr.dev. |
The 0.12.5 has been released that includes the patch of the reported issue. |
Gogs version
<= 0.13
Git version
N/A
Operating system
Archlinux
Database
n/a
Describe the bug
The security policy states not disclosing anything. So here is the report on huntr.dev it is only viewable to people with write access to this repository, an me: https://huntr.dev/bounties/ea82cfc9-b55c-41fe-ae58-0d0e0bd7ab62/
To reproduce
See report
Expected behavior
See report
Additional context
No response
Code of Conduct
The text was updated successfully, but these errors were encountered: