]> git.apps.os.sepia.ceph.com Git - ceph-ci.git/commit
projects / ceph-ci.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: eb6dbee) | patch
[CVE-2024-48916] rgw/sts: fix to disallow unsupported JWT algorithms
authorPritha Srivastava <prsrivas@redhat.com>
Tue, 5 Nov 2024 06:33:00 +0000 (12:03 +0530)
committerPritha Srivastava <prsrivas@redhat.com>
Tue, 5 Nov 2024 15:35:25 +0000 (21:05 +0530)
commit919da3696668a07c6810dfa39301950c81c2eba4
treef8ca2ed06baafd58c6c149df30fe5b16b76b300ftree | snapshot
parenteb6dbeec139c51a4b82c8ba0eb1cc831a349ef2ccommit | diff
[CVE-2024-48916] rgw/sts: fix to disallow unsupported JWT algorithms
while authenticating AssumeRoleWithWebIdentity using JWT obtained
from an external IDP.

fixes: https://tracker.ceph.com/issues/68836

Signed-off-by: Pritha Srivastava <prsrivas@redhat.com>
src/rgw/rgw_rest_sts.cc diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.