security: fix CVE 2024 52287

[BeryJu]

Details

REPLACE ME

---

Checklist

• Local tests pass (ak test authentik/)
• The code has been formatted (make lint-fix)

If an API change has been made

• The API schema has been updated (make gen-build)

If changes to the frontend have been made

• The code has been formatted (make web)

If applicable

• The documentation has been updated
• The documentation has been formatted (make website)

[netlify]

✅ Deploy Preview for authentik-docs ready!

Name	Link
🔨 Latest commit	a7c0f21
🔍 Latest deploy log	https://app.netlify.com/sites/authentik-docs/deploys/673f2f08fee3a600077a047a
😎 Deploy Preview	https://deploy-preview-12114--authentik-docs.netlify.app
📱 Preview on mobile	Toggle QR Code... Use your smartphone camera to open QR code link.

---

To edit notification comments on pull requests, go to your Netlify site configuration.

[netlify]

✅ Deploy Preview for authentik-storybook ready!

Name	Link
🔨 Latest commit	a7c0f21
🔍 Latest deploy log	https://app.netlify.com/sites/authentik-storybook/deploys/673f2f09de07040008e88aa2
😎 Deploy Preview	https://deploy-preview-12114--authentik-storybook.netlify.app
📱 Preview on mobile	Toggle QR Code... Use your smartphone camera to open QR code link.

---

To edit notification comments on pull requests, go to your Netlify site configuration.

[codecov]

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 92.61%. Comparing base (e5caa76) to head (a7c0f21).
Report is 9 commits behind head on main.

✅ All tests successful. No failed tests found.

Additional details and impacted files

@@            Coverage Diff             @@
##             main   #12114      +/-   ##
==========================================
- Coverage   92.66%   92.61%   -0.06%     
==========================================
  Files         761      761              
  Lines       37935    37963      +28     
==========================================
+ Hits        35154    35159       +5     
- Misses       2781     2804      +23     

Flag	Coverage Δ
e2e	49.07% <18.18%> (-0.13%)	⬇️
integration	24.83% <0.00%> (-0.02%)	⬇️
unit	90.20% <100.00%> (+0.01%)	⬆️

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

---

🚨 Try these New Features:

• JS Bundle Analysis - Avoid shipping oversized bundles

[BeryJu]

/cherry-pick version-2024.10

[BeryJu]

/cherry-pick version-2024.8

[gcp-cherry-pick-bot]

Cherry-pick failed with Merge error e9c29e1644e9199b4ba58d2b10eb8c322138eea2 into temp-cherry-pick-7491de-version-2024.8

[github-actions]

authentik PR Installation instructions

Instructions for docker-compose

Add the following block to your .env file:

AUTHENTIK_IMAGE=ghcr.io/goauthentik/dev-server
AUTHENTIK_TAG=gh-a7c0f219e281691c5f9b9b13f49c47a3664ebe5a
AUTHENTIK_OUTPOSTS__CONTAINER_IMAGE_BASE=ghcr.io/goauthentik/dev-%(type)s:gh-%(build_hash)s

For arm64, use these values:

AUTHENTIK_IMAGE=ghcr.io/goauthentik/dev-server
AUTHENTIK_TAG=gh-a7c0f219e281691c5f9b9b13f49c47a3664ebe5a-arm64
AUTHENTIK_OUTPOSTS__CONTAINER_IMAGE_BASE=ghcr.io/goauthentik/dev-%(type)s:gh-%(build_hash)s

Afterwards, run the upgrade commands from the latest release notes.

Instructions for Kubernetes

Add the following block to your values.yml file:

authentik:
    outposts:
        container_image_base: ghcr.io/goauthentik/dev-%(type)s:gh-%(build_hash)s
global:
    image:
        repository: ghcr.io/goauthentik/dev-server
        tag: gh-a7c0f219e281691c5f9b9b13f49c47a3664ebe5a

For arm64, use these values:

authentik:
    outposts:
        container_image_base: ghcr.io/goauthentik/dev-%(type)s:gh-%(build_hash)s
global:
    image:
        repository: ghcr.io/goauthentik/dev-server
        tag: gh-a7c0f219e281691c5f9b9b13f49c47a3664ebe5a-arm64

Afterwards, run the upgrade commands from the latest release notes.