{"payload":{"feedbackUrl":"https://github.com/orgs/community/discussions/53140","repo":{"id":3275953,"defaultBranch":"master","name":"opentsdb","ownerLogin":"manolama","currentUserCanPush":false,"isFork":true,"isEmpty":false,"createdAt":"2012-01-26T17:59:03.000Z","ownerAvatar":"https://avatars.githubusercontent.com/u/1377700?v=4","public":true,"private":false,"isOrgOwned":false},"refInfo":{"name":"","listCacheKey":"v0:1644003185.636214","currentOid":""},"activityList":{"items":[{"before":"50d1724f9264cfcc96a84e40bcdca9d5b235c129","after":"ff02c1e95e60528275f69b31bcbf7b2ac625cea8","ref":"refs/heads/tweaks2","pushedAt":"2023-04-11T16:10:59.000Z","pushType":"force_push","commitsCount":0,"pusher":{"login":"manolama","name":"Chris Larsen","path":"/manolama","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/1377700?s=80&v=4"},"commit":{"message":"Fix for #2269 and #2267 XSS vulnerability.\nEscaping the user supplied input when outputing the HTML for the old BadRequest\nHTML handlers should help. Thanks to the reporters.\nFixes CVE-2018-13003.","shortMessageHtmlLink":"Fix for OpenTSDB#2269 and OpenTSDB#2267 XSS vulnerability."}},{"before":"1c8c855611a3708281fa99e3ac21ff8fa063f91c","after":"50d1724f9264cfcc96a84e40bcdca9d5b235c129","ref":"refs/heads/tweaks2","pushedAt":"2023-04-11T05:27:57.000Z","pushType":"force_push","commitsCount":0,"pusher":{"login":"manolama","name":"Chris Larsen","path":"/manolama","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/1377700?s=80&v=4"},"commit":{"message":"Fix for #2269 and #2267 XSS vulnerability.\nEscaping the user supplied input when outputing the HTML for the old BadRequest\nHTML handlers should help. Thanks to the reporters.\nFixes CVE-2018-13003.","shortMessageHtmlLink":"Fix for OpenTSDB#2269 and OpenTSDB#2267 XSS vulnerability."}},{"before":"87504f9f2a14d50edaf8150cb66a08ae10a2036c","after":"26be40a5e5b6ce8b0b1e4686c4b0d7911e5d8a25","ref":"refs/heads/tweaks","pushedAt":"2023-04-11T05:23:12.000Z","pushType":"force_push","commitsCount":0,"pusher":{"login":"manolama","name":"Chris Larsen","path":"/manolama","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/1377700?s=80&v=4"},"commit":{"message":"Improved fix for #2261.\nRegular expressions wouldn't catch the newlines or possibly other\ncontrol characters. Now we'll use the TAG validation code to make\nsure the inputs are only plain ASCII printables first.\nFixes CVE-2018-12972, CVE-2020-35476","shortMessageHtmlLink":"Improved fix for OpenTSDB#2261."}},{"before":"d5d41d6612bae00c039abee28be62f69ed06db87","after":"1c8c855611a3708281fa99e3ac21ff8fa063f91c","ref":"refs/heads/tweaks2","pushedAt":"2023-04-11T04:36:13.000Z","pushType":"force_push","commitsCount":0,"pusher":{"login":"manolama","name":"Chris Larsen","path":"/manolama","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/1377700?s=80&v=4"},"commit":{"message":"Fix for #2269 and #2267 XSS vulnerability.\nEscaping the user supplied input when outputing the HTML for the old BadRequest\nHTML handlers should help. Thanks to the reporters.\nFixes CVE-2018-13003.","shortMessageHtmlLink":"Fix for OpenTSDB#2269 and OpenTSDB#2267 XSS vulnerability."}},{"before":"af19333f96fe488395984487617b7cb25113345d","after":"d5d41d6612bae00c039abee28be62f69ed06db87","ref":"refs/heads/tweaks2","pushedAt":"2023-04-11T04:34:41.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"manolama","name":"Chris Larsen","path":"/manolama","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/1377700?s=80&v=4"},"commit":{"message":"Fix for #2269 and #2267 XSS vulnerability.\nEscaping the user supplied input when outputing the HTML for the old BadRequest\nHTML handlers should help. Thanks to the reporters.\nFixes CVE-2018-13003.","shortMessageHtmlLink":"Fix for OpenTSDB#2269 and OpenTSDB#2267 XSS vulnerability."}},{"before":"3f42cda07b5ecbd87100317259352163072dd190","after":"af19333f96fe488395984487617b7cb25113345d","ref":"refs/heads/tweaks2","pushedAt":"2023-04-10T20:29:35.000Z","pushType":"force_push","commitsCount":0,"pusher":{"login":"manolama","name":"Chris Larsen","path":"/manolama","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/1377700?s=80&v=4"},"commit":{"message":"Tighten up the regexes for Gnuplot URI params per multiple security reports.\nThe best way of avoiding RCEs is to disable Gnuplot, but this should help a little.","shortMessageHtmlLink":"Tighten up the regexes for Gnuplot URI params per multiple security r…"}},{"before":"4069aab5f6c6bc4f88e1c9c0d658c92cd05de450","after":"3f42cda07b5ecbd87100317259352163072dd190","ref":"refs/heads/tweaks2","pushedAt":"2023-04-10T20:25:48.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"manolama","name":"Chris Larsen","path":"/manolama","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/1377700?s=80&v=4"},"commit":{"message":"Tighten up the regexes for Gnuplot URI params per multiple security reports.\nThe best way of avoiding RCEs is to disable Gnuplot, but this should help a little.","shortMessageHtmlLink":"Tighten up the regexes for Gnuplot URI params per multiple security r…"}},{"before":"4074e3e72d11cfcbc79c5153346586c96ec451d5","after":"a161458d2b2cc2f38bed19d6b498dafba252eb6c","ref":"refs/heads/atlas","pushedAt":"2023-04-10T17:53:26.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"manolama","name":"Chris Larsen","path":"/manolama","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/1377700?s=80&v=4"},"commit":{"message":"Woah, fix for TLS?","shortMessageHtmlLink":"Woah, fix for TLS?"}}],"hasNextPage":false,"hasPreviousPage":false,"activityType":"all","actor":null,"timePeriod":"all","sort":"DESC","perPage":30,"cursor":"djE6ks8AAAADFnFVdQA","startCursor":null,"endCursor":null}},"title":"Activity · manolama/opentsdb"}