Uploaded image for project: 'Opencast'
  1. MH-13156

Set the auth scheme to digest for inter-server communication

    Details

    • Type: Task
    • Status: Resolved
    • Priority: Major
    • Resolution: Fixed and reviewed
    • Affects versions: 3.6, 4.3, 5.1
    • Fix versions: 3.7, 6.4, 4.3, 5.4
    • Components: Backend Software

      Description

      As discussed on committers list, constrain the auth scheme to digest for inter-server communication.

      This change is a partial mitigation for CVE-2018-16153 identified and described by Lars Kiesow.

        TestRail: Results

          Attachments

            Activity

              People

              • Assignee:
                smarquard Stephen Marquard
                Reporter:
                smarquard Stephen Marquard
              • Watchers:
                1 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved:

                  TestRail: Cases