LiRuochen_WorkFlow/MaxKey
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
1,879 Commits 1 Branch 73 Tags
b9e8a6c09d4cd36b6444fafb5894e8bccbc59b03
Commit Graph

1879 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
MaxKey
b9e8a6c09d jars update 2022-11-22 11:02:52 +08:00
MaxKey
1f86fb4a74 Merge pull request #94 from BulkSecurityGeneratorProjectV2/fix/JLL/temporary_file_local_information_disclosure 
[SECURITY] Fix Temporary File Information Disclosure Vulnerability
 2022-11-21 21:08:15 +08:00
Jonathan Leitschuh
5112a787ad vuln-fix: Temporary File Information Disclosure 
This fixes temporary file information disclosure vulnerability due to the use
of the vulnerable `File.createTempFile()` method. The vulnerability is fixed by
using the `Files.createTempFile()` method which sets the correct posix permissions.

Weakness: CWE-377: Insecure Temporary File
Severity: Medium
CVSSS: 5.5
Detection: CodeQL & OpenRewrite (https://public.moderne.io/recipes/org.openrewrite.java.security.SecureTempFileCreation)

Reported-by: Jonathan Leitschuh <Jonathan.Leitschuh@gmail.com>
Signed-off-by: Jonathan Leitschuh <Jonathan.Leitschuh@gmail.com>

Bug-tracker: https://github.com/JLLeitschuh/security-research/issues/18


Co-authored-by: Moderne <team@moderne.io>
 2022-11-19 02:04:21 +00:00
MaxKey
a9e040a6d7 v3.5.10 ReleaseNotes 2022-11-18 15:30:41 +08:00
MaxKey
abe95a82b6 v3.5.10 2022-11-18 15:30:00 +08:00
shibanglin
6fd08b9e35 所有表格列宽、表格操作列按钮最多显示2两个,多的采用更多下拉方式呈现 2022-11-18 10:15:33 +08:00
shibanglin
0bd384b76a 提交短信认证后端逻辑判断 2022-11-18 10:14:47 +08:00
MaxKey
756993053b maxkey-mgt-log 2022-11-18 08:34:16 +08:00
MaxKey
6d84ab6d8a Update environment.ts 2022-11-16 16:31:04 +08:00
MaxKey
95e51d2774 frontend format code 2022-11-16 09:23:55 +08:00
MaxKey
c65f800ae4 frontend format code 2022-11-16 09:06:11 +08:00
MaxKey
0e763b5e2b bcrypt 2022-11-12 11:25:03 +08:00
MaxKey
0efb479c66 properties PasswordEncoder 2022-11-12 11:20:57 +08:00
MaxKey
8a76b59a46 3.5.10 2022-11-12 11:20:41 +08:00
MaxKey
3222ba7043 网易企业邮箱单点登录优化 2022-11-08 16:03:14 +08:00
MaxKey
3297ee30aa Pretty SQL , Json , XML optimize 2022-11-08 16:02:54 +08:00
MaxKey
3ecfa6d480 SAML receiverEndpoint 2022-11-08 15:32:50 +08:00
MaxKey
df2f99088a ExtendApi Image 2022-11-07 15:54:10 +08:00
MaxKey
207be12c81 SharedPassword 2022-11-05 11:01:34 +08:00
MaxKey
64f2adb2a0 JsonFormat 2022-11-05 11:01:25 +08:00
MaxKey
0ba5d18589 springSecurity 5.7.5 2022-11-04 21:13:42 +08:00
MaxKey
6bd2231a1c App credential to string type 2022-11-04 21:13:31 +08:00
MaxKey
9bf04827e0 SAML SubjectGenerator 2022-11-04 10:15:15 +08:00
MaxKey
3eb72ae209 Update SamlMetadataEndpoint.java 2022-10-27 18:45:13 +08:00
MaxKey
d223386366 README 2022-10-26 15:03:40 +08:00
MaxKeyTop
a5c4caf3a1 !16 fix:getProcessorNull 
Merge pull request !16 from tzk007/main
 2022-10-25 05:45:24 +00:00
ZhaokaiTian
8b6b967fc3 fix_bug:https://gitee.com/dromara/MaxKey/issues/I5X10K 2022-10-25 13:14:52 +08:00
MaxKey
f4b47ac282 frontend_docker 3.5.9 v3.5.9 2022-10-24 19:14:04 +08:00
MaxKey
d56e6063b6 v3.5.9 ReleaseNotes 2022-10-24 18:39:20 +08:00
MaxKey
733992f97a v3.5.9 ReleaseNotes 2022-10-24 18:35:31 +08:00
MaxKey
1b498a78dd v3.5.9 readme 2022-10-24 18:29:41 +08:00
MaxKey
f7e249b440 v3.5.9 SQL 2022-10-24 18:07:58 +08:00
MaxKey
775bae2a23 maxkey nginx.conf fix 2022-10-24 18:07:36 +08:00
MaxKey
8e7423773b processorType fix_bug:#I5X10K 
rename type to processorType
 2022-10-24 17:49:46 +08:00
MaxKeyTop
6cd58c50a0 !15 fix_bug: getProcessor's type is error 
Merge pull request !15 from tzk007/fix_getProcessorTypeError
 2022-10-24 09:42:07 +00:00
ZhaokaiTian
57f5d632fd fix_bug:https://gitee.com/dromara/MaxKey/issues/I5X10K 2022-10-24 16:41:21 +08:00
MaxKey
bd6812c334 info 2022-10-23 11:00:56 +08:00
MaxKey
2eb62684cc ReleaseNotes v 3.5.9 2022-10-22 17:36:40 +08:00
MaxKey
d810cfe22e Update SingleLogout.java 2022-10-22 17:09:30 +08:00
MaxKey
91a6fd6d4d v3.5.9 VERSION 2022-10-22 16:28:52 +08:00
MaxKey
e4b9ed463b SingleLogout trace 2022-10-22 16:26:16 +08:00
MaxKey
3e9f0bf502 HttpRequestAdapter optimize 2022-10-22 16:25:59 +08:00
MaxKey
4ccf108944 jars update 
springBoot 2.7.5
springSecurity 5.7.4
mysqlconnectorjavaVersion 8.0.30
 2022-10-22 16:25:27 +08:00
MaxKey
d4500e7553 refresh_token with static 2022-10-18 11:29:06 +08:00
MaxKey
31ebb5c85a synchronizer-jdbc 2022-10-16 17:23:34 +08:00
MaxKey
ec4a20f9a0 properties optimize 2022-10-16 16:24:02 +08:00
MaxKey
d2802c186b Spring Boot Admin enabled default false 2022-10-16 16:13:34 +08:00
MaxKey
ad15a08248 update images 2022-10-16 12:50:03 +08:00
MaxKey
54330cf4b0 app saml20 合并SAML和元数据配置 2022-10-16 12:19:23 +08:00
MaxKey
2fddb2910c apps status and ExtendAttr 2022-10-16 09:10:00 +08:00