github-mirror/discourse
2
0
Fork 0
mirror of https://github.com/discourse/discourse.git synced 2024-12-14 10:13:41 +08:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity
fa3c46cf07
discourse/app
History
David Taylor fa3c46cf07
SECURITY: Improve validation of SNS subscription confirm (#14672) 
An upstream validation bug in the aws-sdk-sns library could enable RCE under certain circumstances. This commit updates the upstream gem, and adds additional validation to provide defense-in-depth.
2021-10-20 22:20:35 +01:00
..
assets SECURITY: escape cat name (#14155) 2021-08-25 18:14:10 -06:00
controllers FIX: Make autotag watched words case insensitive (#13043) 2021-05-14 16:52:10 +03:00
helpers FIX: Allow file-change events soon after reloading (#13065) 2021-05-14 12:36:53 -04:00
jobs SECURITY: Improve validation of SNS subscription confirm (#14672) 2021-10-20 22:20:35 +01:00
mailers FEATURE: Auto-activate users invited by email (#12675) 2021-04-14 12:15:56 +03:00
models SECURITY: User's read state for topic is leaked to unauthorized clients. 2021-08-12 12:44:39 +08:00
serializers SECURITY: XSS in bookmarks list (#13311) 2021-06-07 16:59:12 +02:00
services FIX: Make replace watched words work with wildcard (#13084) 2021-05-18 12:09:47 +03:00
views DEV: Minor changes to /theme-qunit landing page (#13032) 2021-05-11 10:45:07 -04:00