Overview
Request 1169082 accepted
- version update to 8.1.28
. Fixed bug GHSA-wpj3-hf5j-x4v4 (__Host-/__Secure- cookie bypass due to
partial CVE-2022-31629 fix). (CVE-2024-2756) (nielsdos) [bsc#1222857]
. Fixed bug GHSA-h746-cjrr-wfmr (password_verify can erroneously return true,
opening ATO risk). (CVE-2024-3096) (Jakub Zelenka) [bsc#1222858]
Request History
pgajdos created request
- version update to 8.1.28
. Fixed bug GHSA-wpj3-hf5j-x4v4 (__Host-/__Secure- cookie bypass due to
partial CVE-2022-31629 fix). (CVE-2024-2756) (nielsdos) [bsc#1222857]
. Fixed bug GHSA-h746-cjrr-wfmr (password_verify can erroneously return true,
opening ATO risk). (CVE-2024-3096) (Jakub Zelenka) [bsc#1222858]
factory-auto accepted review
Check script succeeded
maintbot added openSUSE:Backports:SLE-15-SP5:Update as a reviewer
Submission for None by someone who is not maintainer in the devel project (openSUSE:Backports:SLE-15-SP5:Update). Please review
maintbot accepted review
ok
msmeissn accepted review
ok
licensedigger accepted review
ok
licensedigger approved review
ok
msmeissn moved maintenance target to openSUSE:Maintenance:18353
msmeissn accepted request
accepted request 1169082:Thanks!
For information about the update, see https://build.opensuse.org/project/maintenance_incidents/openSUSE:Maintenance