Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Restrict allowed classes during deserialization of signature files #253

Merged
merged 3 commits into from
Dec 26, 2023
Merged

Restrict allowed classes during deserialization of signature files #253

merged 3 commits into from
Dec 26, 2023

Commits on Jul 6, 2023

  1. Restrict allowed classes during deserialization of signature files 

    Because signature files are created using Java Serialization, adds a new
`SignatureObjectInputStream` which restricts the classes which are allowed
to be loaded when reading signature files to increase security.
    @Marcono1234
    Marcono1234 committed Jul 6, 2023
    Configuration menu
    Copy the full SHA
    e52e4dc View commit details
    Browse the repository at this point in the history

Commits on Dec 26, 2023

  1. Fix typo in test

    @Marcono1234
    Marcono1234 committed Dec 26, 2023
    Configuration menu
    Copy the full SHA
    51ff768 View commit details
    Browse the repository at this point in the history

  2. Merge remote-tracking branch 'remotes/origin/master' into marcono1234… 

    …/deserialization-restrictions
    @Marcono1234
    Marcono1234 committed Dec 26, 2023
    Configuration menu
    Copy the full SHA
    9bcf0c7 View commit details
    Browse the repository at this point in the history