You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
A security issue was found if you are using this module and kanso push to deploy your ddoc because the URL of the location is inadvertently written to the ddoc. The URL is sensitive because it can also include authentication information.
Initial security report was on Jul 12, 2017 [1] and doesn't contain much info because it was kept private initially. A fix [2] was applied a few days later to the setting package on Git and pushed to package repo as well. I created a PR [3] (@caolan, please review and merge) to update the settings package readme to include a security note about upgrading to version >= 0.16.
A security issue was found if you are using this module and
kanso push
to deploy your ddoc because the URL of the location is inadvertently written to the ddoc. The URL is sensitive because it can also include authentication information.Initial security report was on Jul 12, 2017 [1] and doesn't contain much info because it was kept private initially. A fix [2] was applied a few days later to the setting package on Git and pushed to package repo as well. I created a PR [3] (@caolan, please review and merge) to update the settings package readme to include a security note about upgrading to version >= 0.16.
[1] medic/cht-core#3648
[2] d5c8307
[3] #2
The text was updated successfully, but these errors were encountered: