Skip to content
This repository has been archived by the owner on Apr 12, 2021. It is now read-only.
Permalink

Comparing changes

Choose two branches to see what’s changed or to start a new pull request. If you need to, you can also or learn more about diff comparisons.

Open a pull request

Create a new pull request by comparing changes across two branches. If you need to, you can also . Learn more about diff comparisons here.
base repository: NixOS/nixpkgs-channels
base: 9c44146647b7
Choose a base ref
...
head repository: NixOS/nixpkgs-channels
compare: 7d0b089bf37d
Choose a head ref
  • 3 commits
  • 2 files changed
  • 3 contributors

Commits on Apr 27, 2020

  1. oauth2_proxy: Backport security fix (CVE-2017-1000070) 

    Since 20.03 still uses old oauth2_proxy (3.2.0), which is not compatible
with the newest one (5.1.0), this change backports an important security
fix to 3.2.0:

oauth2-proxy/oauth2-proxy@a316f8a

The vulnerability is an open redirect, where a bad actor can redirect a
session to another domain using `/\` in redirect URIs.
    @knl
    knl committed Apr 27, 2020
    Copy the full SHA
    92ab877 View commit details
    Browse the repository at this point in the history

  2. teams: fixing pulseaudio access 

    (cherry picked from commit 73e4647)
    @Mic92
    Elyhaka authored and Mic92 committed Apr 27, 2020
    Copy the full SHA
    b4f2f29 View commit details
    Browse the repository at this point in the history

  3. Merge pull request #86108 from knl/security-fix-oauth2_proxy

    @Mic92
    Mic92 committed Apr 27, 2020
    Copy the full SHA
    7d0b089 View commit details
    Browse the repository at this point in the history