]> git.apps.os.sepia.ceph.com Git - ceph.git/commit
projects / ceph.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: ad999df) | patch
[CVE-2024-48916] rgw/sts: fix to disallow unsupported JWT algorithms 62046/head
authorPritha Srivastava <prsrivas@redhat.com>
Tue, 5 Nov 2024 06:33:00 +0000 (12:03 +0530)
committerPritha Srivastava <prsrivas@redhat.com>
Fri, 28 Feb 2025 04:35:14 +0000 (10:05 +0530)
commit6dddeccd52e5d2440beb8248a905a0588666e6d1
tree57d7cc3c50c9ec990df20c7da4a289147aea398atree | snapshot
parentad999dfb5e2c3b01657a7ffd672cf2ce393572becommit | diff
[CVE-2024-48916] rgw/sts: fix to disallow unsupported JWT algorithms
while authenticating AssumeRoleWithWebIdentity using JWT obtained
from an external IDP.

fixes: https://tracker.ceph.com/issues/68836

Signed-off-by: Pritha Srivastava <prsrivas@redhat.com>
(cherry picked from commit 919da3696668a07c6810dfa39301950c81c2eba4)
src/rgw/rgw_rest_sts.cc diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.