Join GitHub today
GitHub is home to over 40 million developers working together to host and review code, manage projects, and build software together.Sign up
SECURITY: Fix misused _ensure_auth calls #109
Some places called
This is a pretty embarassing fuckup - a security problem on one of my projects. I hold my hands up and apologise to anyone affected by this, for this is a stupid mistake. A better test suite would have caught this.
I will see if a CVE ID is warranted for this, and apply for one if so.
Big thanks to @joshrabinowitz for finding and reporting this one, and for adding tests which demonstrated the issue.