-
Notifications
You must be signed in to change notification settings - Fork 38
Remove extra options #98
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Conversation
After analyzing some privilege escalation possibilites, it was decided it is best to remove extra options
|
I understand some people are going to be very unhappy with it. However I hope to add See also: |
|
@lhw This should be urgently deployed. I'll tag it as 1.2.11 |
|
@danfruehauf can you please request a CVE as needed for the privilege escalation flaw via https://cveform.mitre.org/ ? |
|
@carnil I've requested a CVE ID and will post it here once I've heard back from them. |
|
@kobus-v-schoor was there any news on the CVE assignment? |
|
@danfruehauf https://bugzilla.redhat.com/show_bug.cgi?id=1803499 is not publicly accessible, possible to open that up? This might be blocking the CVE assignment from MITRE if they have not enough context. |
|
CVE-2020-9355 was assigned for this issue. |
|
Darn. I can't -D anymore. Is there some way to add this? :( |
|
The PR removed the extra options, but left in the README section and the image, giving the false impression this is still supported. On the same topic, I'd really like to have |
After analyzing some privilege escalation possibilites, it was decided
it is best to remove extra options