Back to bug 2227788
| Who | When | What | Removed | Added |
|---|---|---|---|---|
| Avinash Hanwate | 2023-07-31 13:48:36 UTC | CC | aileenc, alampare, alazarot, anstephe, asoldano, ataylor, avibelli, bbaranow, bgeorges, bmaxwell, boliveir, brian.stansberry, cdewolf, chazlett, chfoley, clement.escoffier, dandread, darran.lofthouse, dhanak, dkreling, dosoudil, drichtar, emingora, fjuma, gjospin, gmalinko, gsmet, hamadhan, hbraun, ibek, ivassile, iweiss, janstey, jmartisk, jpoth, jrokos, jscholz, kverlaen, lbacciot, lgao, lthon, max.andersen, mizdebsk, mnovotny, mosmerov, msochure, mstefank, msvehla, nboldt, nwallace, pdelbell, pdrozd, peholase, pgallagh, pjindal, pmackay, probinso, pskopek, rguimara, rowaters, rruss, rstancel, rsvoboda, sbiarozk, sdouglas, smaestri, sthorger, swoodman, tcunning, tom.jenkinson, tqvarnst, yfang | |
| Avinash Hanwate | 2023-07-31 14:00:11 UTC | Doc Text | A flaw was found in Spring Security. In affected versions of Spring Security, the logout support does not properly clean the security context if using serialized versions. Additionally, it is not possible to explicitly save an empty security context to the HttpSessionSecurityContextRepository. This vulnerability can keep users authenticated even after they performed logout. | |
| Avinash Hanwate | 2023-07-31 14:02:07 UTC | Depends On | 2227790 | |
| Avinash Hanwate | 2023-07-31 14:06:10 UTC | Blocks | 2227792 | |
| Paige Jung | 2023-07-31 19:59:05 UTC | CC | dfreiber, jburrell, rogbas, vkumar | |
| Flags | needinfo?(ahanwate) | |||
| Avinash Hanwate | 2023-08-17 10:09:10 UTC | Flags | needinfo?(ahanwate) | needinfo?(chazlett) |
Back to bug 2227788