Back to bug 2155942
| Who | When | What | Removed | Added |
|---|---|---|---|---|
| Anten Skrabec | 2022-12-23 01:15:46 UTC | CC | gparvin, njean, owatkins, pahickey, stcannon, teagle | |
| Anten Skrabec | 2022-12-23 01:18:53 UTC | Doc Text | A flaw was found in ghinstallation that when a request to fresh an isntallation token failed, the HTTTP request and response would be returned for debugging. The returned request contained the short-lived (10-min maximum) bearer JWT for the app. | A flaw was found in ghinstallation that when a request to fresh an installation token failed, the HTTTP request and response would be returned for debugging. The returned request contained the short-lived (10-min maximum) bearer JWT for the app. |
| Anten Skrabec | 2022-12-23 01:19:12 UTC | Comment | 0 | updated |
| Anten Skrabec | 2022-12-23 01:19:32 UTC | Doc Text | A flaw was found in ghinstallation that when a request to fresh an installation token failed, the HTTTP request and response would be returned for debugging. The returned request contained the short-lived (10-min maximum) bearer JWT for the app. | A flaw was found in ghinstallation that when a request to fresh an installation token failed, the HTTP request and response would be returned for debugging. The returned request contained the short-lived (10-min maximum) bearer JWT for the app. |
| Paige Jung | 2022-12-23 15:38:30 UTC | Doc Text | A flaw was found in ghinstallation that when a request to fresh an installation token failed, the HTTP request and response would be returned for debugging. The returned request contained the short-lived (10-min maximum) bearer JWT for the app. | A flaw was found in ghinstallation. When a request to refresh an installation token fails, the HTTP request and response are returned for debugging. The returned request contains the short-lived (10-min maximum) bearer JWT for the app and is returned back to clients. |
| Red Hat Bugzilla | 2023-07-07 08:29:01 UTC | Assignee | security-response-team | nobody |
Back to bug 2155942