Uploaded image for project: 'Opencast'
  1. MH-13156

Set the auth scheme to digest for inter-server communication

    Details

    • Type: Task
    • Status: Open
    • Priority: Major
    • Resolution: Unresolved
    • Affects Version/s: 3.6, 4.3, 5.1
    • Fix Version/s: 3.7, 4.4, 5.5, 6.3
    • Component/s: Backend Software

      Description

      As discussed on committers list, constrain the auth scheme to digest for inter-server communication.

      This change is a partial mitigation for CVE-2018-16153 identified and described by Lars Kiesow.

        TestRail: Results

          Attachments

            Activity

              People

              • Assignee:
                smarquard Stephen Marquard
                Reporter:
                smarquard Stephen Marquard
              • Watchers:
                1 Start watching this issue

                Dates

                • Created:
                  Updated:

                  TestRail: Cases