Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

OSS merge for CVE-2020-27195 #9139

Merged
merged 4 commits into from
Oct 21, 2020
Merged

OSS merge for CVE-2020-27195 #9139

merged 4 commits into from
Oct 21, 2020

Commits on Oct 21, 2020

  1. artifact/template: prevent file sandbox escapes 

    Ensure that the client honors the client configuration for the
`template.disable_file_sandbox` field when validating the jobspec's
`template.source` parameter, and not just with consul-template's own `file`
function.

Prevent interpolated `template.source`, `template.destination`, and
`artifact.destination` fields from escaping file sandbox.
    @tgross
    tgross committed Oct 21, 2020
    Configuration menu
    Copy the full SHA
    9096fd6 View commit details
    Browse the repository at this point in the history

  2. changelog entry

    @tgross
    tgross committed Oct 21, 2020
    Configuration menu
    Copy the full SHA
    43e0844 View commit details
    Browse the repository at this point in the history

  3. upgrade guide documentation

    @tgross
    tgross committed Oct 21, 2020
    Configuration menu
    Copy the full SHA
    e0b6566 View commit details
    Browse the repository at this point in the history

  4. bump website version to 0.12.6

    @tgross
    tgross committed Oct 21, 2020
    Configuration menu
    Copy the full SHA
    9c6cb80 View commit details
    Browse the repository at this point in the history