diff options
| author |   Manoop Talasila <talasila@research.att.com> | 2019-05-30 14:43:06 +0000 |
|---|---|---|
| committer |   Gerrit Code Review <gerrit@onap.org> | 2019-05-30 14:43:06 +0000 |
| commit | 268e05aff33375197d3a1de8f3d8917608e92781 (patch) | |
| tree | af9b59f2744d65173ce701eee94c1c16dd3e67ee /readthedocs.yml | |
| parent | 44402d528557991b6a96f1ee4da5573834157d26 (diff) | |
Update git submodules
* Update docs/submodules/portal.git from branch 'master'
to ee8d6a877f7709f28da43b0f10baf659876c4bed
- Merge "Don't give user the exact exception description"
- Don't give user the exact exception description
The exact description of the exception especially if related to
cryptography cannot be given to the user as it may be abused by the
attacker.
To fix that, we started to use @ExceptionHandler for all exceptions
in the LoginController as well.
CVE: CVE-2019-12121
Issue-ID: OJSI-92
Change-Id: I100b37ff33d28ebccc2411c3acc62bdb7ce11ca8
Signed-off-by: Piotr Borelowski <p.borelowski@partner.samsung.com>
Reviewed-by: Krzysztof Opasiak <k.opasiak@samsung.com>
Acked-by: Manoop Talasila <talasila@research.att.com>
Diffstat (limited to 'readthedocs.yml')
0 files changed, 0 insertions, 0 deletions