4.229.vf736b_fec02f4
·
223 commits
to refs/heads/master
since this release
Fix security SECURITY-3168 regarding escape hatch password stored in a recoverable format. Instead of relying on system security, only a hash of the password is stored on disk.
🐛 Bug fixes
- Hash escape hatch password in configuration - fix CVE-2023-50770 (#287) @michael-doubez
🚩 Known issues
- Regression(#290): PKCE code verification no longer works (must be disabled in config)
Contributors
michael-doubez