group.of.nepali.translators team mailing list archive
-
group.of.nepali.translators team
-
Mailing list archive
-
Message #01673
[Bug 1571491] [NEW] possible auth bypass
Public bug reported:
The snapd authentication can by bypassed by sending invalid auth:
headers and logout is not revmoing the local authentication data.
Regression potential: worst case is that snap authentication no longer
works which is preferable to an auth bypass.
** Affects: snapd (Ubuntu)
Importance: Critical
Status: In Progress
** Affects: snapd (Ubuntu Xenial)
Importance: Critical
Status: In Progress
** Also affects: snapd (Ubuntu Xenial)
Importance: Undecided
Status: New
** Changed in: snapd (Ubuntu Xenial)
Importance: Undecided => Critical
** Changed in: snapd (Ubuntu Xenial)
Status: New => In Progress
--
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1571491
Title:
possible auth bypass
Status in snapd package in Ubuntu:
In Progress
Status in snapd source package in Xenial:
In Progress
Bug description:
The snapd authentication can by bypassed by sending invalid auth:
headers and logout is not revmoing the local authentication data.
Regression potential: worst case is that snap authentication no longer
works which is preferable to an auth bypass.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/snapd/+bug/1571491/+subscriptions
Follow ups