This repository has been archived by the owner on Feb 22, 2022. It is now read-only.
[stable/oauth2-proxy] Upgrade to 5.0+ to resolve security issue #21198
Labels
lifecycle/stale
Denotes an issue or PR has remained open with no activity and has become stale.
Comments
|
This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Any further update will cause the issue/pull request to no longer be considered stale. Thank you for your contributions. |
stale
bot
added
the
lifecycle/stale
|
This issue is being automatically closed due to inactivity. |
|
Not sure why these bots are closed many valid issues. @jeremyolliver do you get any workaround ?
.... |
This was referenced Jun 3, 2020
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Hi, I noticed on the README at https://github.com/pusher/oauth2_proxy#security that there's an open redirect vulnerability which requires running oauth2-proxy 5.0+ to resolve. The latest version in this chart to date runs 4.0 - I'd like to continue running the official stable helm chart that packages this, but it's important that this contains available security fixes. I'm not yet sure if I'll have time to submit a PR, so I wanted to file this to track the issue first.
The text was updated successfully, but these errors were encountered: