##// END OF EJS Templates
auth: add scope and login restrictions to rhodecode plugin, and scope restriction to token plugin....
auth: add scope and login restrictions to rhodecode plugin, and scope restriction to token plugin. - allows limiting the usage of builtin auth to HTTP only (so force usage of tokens) - allows migration to something like saml keeping only super-admin for login.

File last commit:

r2665:f42f8690 stable
r3392:5cc5c872 default
Show More
release-notes-4.11.6.rst
41 lines | 489 B | text/x-rst | RstLexer
/ docs / release-notes / release-notes-4.11.6.rst
docs: added 4.11.6 release notes
r2665 |RCE| 4.11.6 |RNS|
------------------
Release Date
^^^^^^^^^^^^
- 2018-03-28
New Features
^^^^^^^^^^^^
General
^^^^^^^
Security
^^^^^^^^
- api(high): fixed unauthorized access to repositories using forged api requests.
Performance
^^^^^^^^^^^
Fixes
^^^^^
Upgrade notes
^^^^^^^^^^^^^
- Unscheduled security release addressing found vulnerability in the API that
allows attackers to gain access to repositories in unauthorized way by forging
data in the API request.