authentik

mirror of https://github.com/goauthentik/authentik synced 2026-04-27 09:57:31 +02:00

Author	SHA1	Message	Date
Teffen Ellis	6ed5cb5249	website/docs: Modal and wizard button labels (#21549 ) * website/integrations: rename "Create with Provider" to "New Application" The application list page now uses a split-button labeled "New Application" instead of the old "Create with Provider" dropdown. Update all 113 integration guides to match. * website/docs: update flow, stage, and policy button labels - "Create" → "New Flow", "New Stage", "New Policy" for trigger buttons - "Finish" → "Create Flow", "Create Stage", "Create Policy" for submit - "Create and bind stage" → "New Stage" / "Bind Existing Stage" - "Create" (binding submit) → "Create Stage Binding" * website/docs: update provider button labels - "Create" → "New Provider" for trigger buttons - "Create with Provider" → "New Application" in RAC docs - "Create" → "New Property Mapping", "New RAC Endpoint", "New Prompt" for related entity creation * website/docs: update directory button labels - "Create" → "New Source" for federation/social login pages - "Create" → "New Role", submit → "Create Role" - "Create" → "New Invitation" - Policy binding submit → "Create Policy Binding" * website/docs: update endpoint device and system management button labels - "Create" → "New Endpoint Connector", "New Enrollment Token", "New Device Access Group", "New Flow" - Submit → "Create Device Access Group" - "Create" → "New Notification Rule", "New Notification Transport" - Binding submit → "Create Policy Binding" * Reorganize policy documentation * website/docs: address policy docs review feedback * post-rebase * website/docs: Reorganize policy documentation -- Revisions (#21601) * apply suggestions * Fix escaped. * Fix whitespace. * Update button label. * Fix phrasing. * Fix phrasing. * Clean up stragglers. * Format. --------- Co-authored-by: Dominic R <dominic@sdko.org>	2026-04-16 17:35:38 +00:00
Dominic R	404570a4d2	website/docs: Reorganize policy documentation (#21133 ) * Reorganize policy documentation * website/docs: address policy docs review feedback * post-rebase * website/docs: Reorganize policy documentation -- Revisions (#21601) * apply suggestions --------- Co-authored-by: Teffen Ellis <592134+GirlBossRush@users.noreply.github.com>	2026-04-16 07:11:52 -04:00
Dominic R	090d09fcdd	website: fix typos (#20996 )	2026-03-20 16:43:34 +00:00
Dewi Roberts	8fccf27b38	website/docs: add 2025 pentest (#20626 ) * Start * Add links * Links * sidebar * Update website/docs/security/audits-and-certs/2025-09-includesec.md Co-authored-by: Dominic R <dominic@sdko.org> Signed-off-by: Dewi Roberts <dewi@goauthentik.io> * Update website/docs/security/audits-and-certs/2025-09-includesec.md Co-authored-by: Dominic R <dominic@sdko.org> Signed-off-by: Dewi Roberts <dewi@goauthentik.io> * Update website/docs/security/audits-and-certs/2025-09-includesec.md Co-authored-by: Dominic R <dominic@sdko.org> Signed-off-by: Dewi Roberts <dewi@goauthentik.io> * Update 2025-09-includesec.md Signed-off-by: Dewi Roberts <dewi@goauthentik.io> * Apply suggestions from code review Co-authored-by: Dominic R <dominic@sdko.org> Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com> Signed-off-by: Dewi Roberts <dewi@goauthentik.io> * Update website/docs/security/audits-and-certs/2025-09-includesec.md Co-authored-by: Dominic R <dominic@sdko.org> Signed-off-by: Dewi Roberts <dewi@goauthentik.io> * Add link --------- Signed-off-by: Dewi Roberts <dewi@goauthentik.io> Co-authored-by: Dominic R <dominic@sdko.org> Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com>	2026-03-03 12:30:15 -05:00
Dominic R	e056dbdadd	website/docs, integrations: fix language (#20338 )	2026-02-17 09:03:07 +00:00
authentik-automation[bot]	aeb2457767	security: CVE-2026-25748 (#20240 ) Co-authored-by: authentik-automation[bot] <135050075+authentik-automation[bot]@users.noreply.github.com> Co-authored-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>	2026-02-12 15:17:01 +00:00
authentik-automation[bot]	97b6c9533f	security: CVE-2026-25922 (#20241 ) Co-authored-by: authentik-automation[bot] <135050075+authentik-automation[bot]@users.noreply.github.com>	2026-02-12 14:51:19 +00:00
authentik-automation[bot]	c880c9f4ab	security: CVE-2026-25227 (#20239 ) Co-authored-by: authentik-automation[bot] <135050075+authentik-automation[bot]@users.noreply.github.com>	2026-02-12 14:45:50 +00:00
Jens L.	af831304c6	website/docs: generate CVE sidebar (#20098 ) * website/docs: generate CVE sidebar Signed-off-by: Jens Langhammer <jens@goauthentik.io> * docs Signed-off-by: Jens Langhammer <jens@goauthentik.io> * slightly less warnings Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2026-02-08 16:46:43 +01:00
Tana M Berry	d4d6c466a9	website/docs: enhance blueprint docs (#15984 ) * draft of note about bp behviour when modified * Update website/docs/customize/blueprints/index.mdx Co-authored-by: Dewi Roberts <dewi@goauthentik.io> Signed-off-by: Tana M Berry <tanamarieberry@yahoo.com> * clarify title * more tweaks * tweaks * more content, rearranged headings * tweak * more content about creating a bp instance * create new page for procedures * tweaks * add to sidebar, tweaks * fixed conflict * add link to procedurals * typo * more content * more links, more tips * wip * Apply suggestion from @dominic-r Signed-off-by: Dominic R <dominic@sdko.org> * Apply suggestion from @dominic-r Signed-off-by: Dominic R <dominic@sdko.org> * final tweaks * jens and dewi edits * tweaks * more Dewi and Jens edits yay --------- Signed-off-by: Tana M Berry <tanamarieberry@yahoo.com> Signed-off-by: Dominic R <dominic@sdko.org> Co-authored-by: Dewi Roberts <dewi@goauthentik.io> Co-authored-by: Dominic R <dominic@sdko.org>	2025-11-20 13:00:57 -06:00
authentik-automation[bot]	9dbdfc3f1b	internal: Automated internal backport: 1498-oauth2-cc-user-active.sec.patch to authentik-main (#18265 ) Automated internal backport of patch 1498-oauth2-cc-user-active.sec.patch to authentik-main Co-authored-by: authentik-automation[bot] <135050075+authentik-automation[bot]@users.noreply.github.com>	2025-11-19 15:01:06 +01:00
authentik-automation[bot]	6672e6aaa4	internal: Automated internal backport: 1487-invitation-expiry.sec.patch to authentik-main (#18264 ) Automated internal backport of patch 1487-invitation-expiry.sec.patch to authentik-main Co-authored-by: authentik-automation[bot] <135050075+authentik-automation[bot]@users.noreply.github.com>	2025-11-19 14:54:24 +01:00
Dewi Roberts	230b1b5850	website/docs: updates img-src csp (#18010 )	2025-11-06 15:53:53 -05:00
Tana M Berry	56b3137ef2	Revert "website: Fix broken schema links, non-relative paths, unapplied redirect aliases" (#16902 ) Revert "website: Fix broken schema links, non-relative paths, unapplied redir…" This reverts commit `0e56195c82`.	2025-09-22 01:01:01 +02:00
Dominic R	0e56195c82	website: Fix broken schema links, non-relative paths, unapplied redirect aliases (#16900 ) * website: fix broken schema links * website: Use download links. * website: Use env constants for URLs. * website: Add schema redirects. * website: Use path alias for integrations. * website: Use docs alias in integrations. * website: Use relative links, better dead-link checking. * website: Fix nested docs prefix affecting redirects. Add aliases. * website: Remove hard links. * website: Replace hardcoded edit URL with environment URL. --------- Co-authored-by: Teffen Ellis <teffen@goauthentik.io>	2025-09-21 14:32:26 -04:00
Dewi Roberts	bb193a4a15	website/docs: fix typos (#16716 ) Fix typos	2025-09-11 14:21:22 +01:00
Teffen Ellis	e280159946	website: Docusaurus 3.8 (#15097 ) website: Upgrade Docusaurus. Split API build.	2025-07-23 16:42:01 +02:00
Jens L.	7a4c6b9b50	security: fix CVE-2025-53942 (#15719 ) Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2025-07-22 14:21:05 +02:00
Jens L.	7100d3c674	security: fix CVE-2025-52553 (#15289 ) Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2025-06-27 15:26:39 +02:00
Dominic R	14038ba8d2	website/docs: configuration: remove deprecated key for session storage location (#14431 ) * website/docs: configuration: remove deprecated key for session storage location Signed-off-by: Dominic R <dominic@sdko.org> * Update default.yml Signed-off-by: Dominic R <dominic@sdko.org> * cve fix Signed-off-by: Dominic R <dominic@sdko.org> * Update CVE-2025-29928.md Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com> Signed-off-by: Dominic R <dominic@sdko.org> * add * Update website/docs/security/cves/CVE-2025-29928.md Signed-off-by: Dominic R <dominic@sdko.org> * Update website/docs/security/cves/CVE-2025-29928.md Signed-off-by: Tana M Berry <tanamarieberry@yahoo.com> * Update website/docs/install-config/configuration/configuration.mdx Signed-off-by: Tana M Berry <tanamarieberry@yahoo.com> * Update website/docs/install-config/configuration/configuration.mdx Signed-off-by: Tana M Berry <tanamarieberry@yahoo.com> * Update website/docs/security/cves/CVE-2025-29928.md Signed-off-by: Dominic R <dominic@sdko.org> * Update website/docs/security/cves/CVE-2025-29928.md Signed-off-by: Tana M Berry <tanamarieberry@yahoo.com> * Update website/docs/security/cves/CVE-2025-29928.md Signed-off-by: Tana M Berry <tanamarieberry@yahoo.com> * Update website/docs/security/cves/CVE-2025-29928.md Signed-off-by: Tana M Berry <tanamarieberry@yahoo.com> * bump build --------- Signed-off-by: Dominic R <dominic@sdko.org> Signed-off-by: Tana M Berry <tanamarieberry@yahoo.com> Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com> Co-authored-by: Tana M Berry <tana@goauthentik.io>	2025-05-30 12:05:04 -05:00
Jens L.	608f63e9a2	website/docs: add reference to setting in CVE (#13707 ) * website/docs: add reference to setting in CVE Signed-off-by: Jens Langhammer <jens@goauthentik.io> * reword Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2025-03-28 17:42:45 +01:00
Jens L.	eae18d0016	website/docs: fix 2025 CVE category title (#13703 ) * website/docs: fix 2025 CVE category title Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add sideeffect of changing session backend Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2025-03-28 14:55:56 +01:00
Jens L.	71294b7deb	security: fix CVE-2025-29928 (#13695 ) Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2025-03-28 14:20:09 +01:00
Teffen Ellis	a714c781a6	website: Use Docusaurus Frontmatter for badges (#12893 ) website/docs: Reduce redundant usage of badges. Move badge logic to components. - Fix JSX class name warning. - Remove duplicate titles. - Flesh out `support_level` frontmatter.	2025-02-19 18:03:05 +00:00
Tana M Berry	22d6dd3098	website/docs: fix 2 links to cobalt restesting pdf (#12895 ) * fix link to results * fix second bad link to pdf --------- Co-authored-by: Tana M Berry <tana@goauthentik.com>	2025-01-30 18:12:33 +01:00
Tana M Berry	a117918cd6	website/docs: add page about the Cobalt pentest (#12249 ) * draft for collab * links * added link to see all audits * corrections and fix explanations Signed-off-by: Fletcher Heisler <fheisler@users.noreply.github.com> --------- Signed-off-by: Fletcher Heisler <fheisler@users.noreply.github.com> Co-authored-by: Tana M Berry <tana@goauthentik.com> Co-authored-by: Fletcher Heisler <fheisler@users.noreply.github.com>	2024-12-09 07:57:34 -06:00
dependabot[bot]	3996bdac33	website: Bump prettier from 3.3.3 to 3.4.1 in /website (#12205 ) * website: Bump prettier from 3.3.3 to 3.4.1 in /website Bumps [prettier](https://github.com/prettier/prettier) from 3.3.3 to 3.4.1. - [Release notes](https://github.com/prettier/prettier/releases) - [Changelog](https://github.com/prettier/prettier/blob/main/CHANGELOG.md) - [Commits](https://github.com/prettier/prettier/compare/3.3.3...3.4.1) --- updated-dependencies: - dependency-name: prettier dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * update formatting Signed-off-by: Jens Langhammer <jens@goauthentik.io> * sigh Signed-off-by: Jens Langhammer <jens@goauthentik.io> * disable flaky test Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: Jens Langhammer <jens@goauthentik.io> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Jens Langhammer <jens@goauthentik.io>	2024-11-27 15:14:19 +01:00
Felix Schäfer	6c1ad982a1	website/docs: Fix CSP syntax (#12124 ) Fix CSP syntax Scheme sources need to not have quotes https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy#scheme-source Signed-off-by: Felix Schäfer <felix.schaefer@tu-dortmund.de>	2024-11-25 18:58:44 +01:00
Jens L.	85bb638243	security: fix CVE 2024 52289 (#12113 ) * initial migration Signed-off-by: Jens Langhammer <jens@goauthentik.io> * migrate tests Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix loading Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix Signed-off-by: Jens Langhammer <jens@goauthentik.io> * start dynamic ui Signed-off-by: Jens Langhammer <jens@goauthentik.io> * initial ui Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add serialize Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add error message handling Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix/add tests Signed-off-by: Jens Langhammer <jens@goauthentik.io> * prepare docs Signed-off-by: Jens Langhammer <jens@goauthentik.io> * migrate to new input Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix tests Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2024-11-21 14:46:43 +01:00
Jens L.	5ea4580884	security: fix CVE 2024 52307 (#12115 ) * security: fix CVE-2024-52307 Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add docs Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix tests Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2024-11-21 14:24:28 +01:00
Jens L.	e9c29e1644	security: fix CVE 2024 52287 (#12114 ) * security: CVE-2024-52287 Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add tests Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2024-11-21 14:22:46 +01:00
Simonyi Gergő	a9b3a4cf25	website/docs: add CSP to hardening (#11970 ) * add CSP to hardening * re-word docs Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com> Signed-off-by: Simonyi Gergő <28359278+gergosimonyi@users.noreply.github.com> * fix typo * use the correct term "location" instead of "origin" in CSP docs * reword docs * add comments to permissive CSP directives * add warning about overwriting existing CSP headers --------- Signed-off-by: Simonyi Gergő <28359278+gergosimonyi@users.noreply.github.com> Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com>	2024-11-21 14:20:04 +01:00
Simonyi Gergő	6b155621fe	blueprints: add default Password policy (#11793 ) * add password policy to default password change flow This change complies with the minimal compositional requirements by NIST SP 800-63 Digital Identity Guidelines. See https://pages.nist.gov/800-63-4/sp800-63b.html#password More work is needed to comply with other parts of the Guidelines, specifically > If the chosen password is found on the blocklist, the CSP or verifier > [...] SHALL provide the reason for rejection. and > Verifiers SHALL offer guidance to the subscriber to assist the user in > choosing a strong password. This is particularly important following > the rejection of a password on the blocklist as it discourages trivial > modification of listed weak passwords. * add docs for default Password policy * remove HIBP from default Password policy * add zxcvbn to default Password policy * add fallback password error message to password policy, fix validation policy Signed-off-by: Jens Langhammer <jens@goauthentik.io> * reword docs Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com> Signed-off-by: Simonyi Gergő <28359278+gergosimonyi@users.noreply.github.com> * add HIBP caveat Co-authored-by: Jens L. <jens@goauthentik.io> Signed-off-by: Simonyi Gergő <28359278+gergosimonyi@users.noreply.github.com> * separate policy into separate blueprint Signed-off-by: Jens Langhammer <jens@goauthentik.io> * use password policy for oobe flow Signed-off-by: Jens Langhammer <jens@goauthentik.io> * kiss Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io> Signed-off-by: Simonyi Gergő <28359278+gergosimonyi@users.noreply.github.com> Co-authored-by: Jens Langhammer <jens@goauthentik.io> Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com>	2024-11-11 13:31:30 +01:00
Norbert Takács	1932993b2c	website/docs: fix some broken links (#11742 ) * Update security-hardening.md broken links Signed-off-by: Norbert Takács <bokker11@hotmail.com> * Removed extra link Signed-off-by: Norbert Takács <bokker11@hotmail.com> * added space back Signed-off-by: Norbert Takács <bokker11@hotmail.com> * fix netlify redirects Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> * use relative links Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> --------- Signed-off-by: Norbert Takács <bokker11@hotmail.com> Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> Co-authored-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>	2024-10-21 09:54:14 -05:00
Tana M Berry	6d5172d18a	website: latest PR for new Docs structure (#11639 ) * first pass * dependency shenanigans * move blueprints * few broken links * change config the throw errors * internal file edits * fighting links * remove sidebarDev * fix subdomain Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix relative URL Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix mismatched package versions Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix api reference build Signed-off-by: Jens Langhammer <jens@goauthentik.io> * test tweak * links hell * more links hell * links hell2 * yep last of the links * last broken link fixed * re-add cves Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add devdocs redirects * add dir * tweak netlify.toml * move latest 2 CVES into dir * fix links to moved cves * typoed title fix * fix link * remove banner * remove committed api docs Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> * integrations: remove version dropdown Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> * Update Makefile Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> * change doc links in web as well Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> * fix some more docs paths Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> * fix more docs paths Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> * ci: require ci-web.build for merging Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> * Revert "ci: require ci-web.build for merging" This reverts commit `b99a4842a9`. * remove sluf for Application * put slug back in * minor fix to trigger deploy * Spelled out Documentation in menu bar * remove image redirects... Signed-off-by: Jens Langhammer <jens@goauthentik.io> * remove explicit index.md Signed-off-by: Jens Langhammer <jens@goauthentik.io> * remove mdx first Signed-off-by: Jens Langhammer <jens@goauthentik.io> * then remove .md Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add missing prefix Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io> Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> Co-authored-by: Tana M Berry <tana@goauthentik.com> Co-authored-by: Jens Langhammer <jens@goauthentik.io> Co-authored-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>	2024-10-09 09:33:40 -05:00
Tana M Berry	6b2fced1b9	Revert "website: latest migration to new structure" (#11634 ) Revert "website: latest migration to new structure (#11522)" This reverts commit `9a89a5f94b`.	2024-10-09 00:30:50 +02:00
Tana M Berry	9a89a5f94b	website: latest migration to new structure (#11522 ) * first pass * dependency shenanigans * move blueprints * few broken links * change config the throw errors * internal file edits * fighting links * remove sidebarDev * fix subdomain Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix relative URL Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix mismatched package versions Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix api reference build Signed-off-by: Jens Langhammer <jens@goauthentik.io> * test tweak * links hell * more links hell * links hell2 * yep last of the links * last broken link fixed * re-add cves Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add devdocs redirects * add dir * tweak netlify.toml * move latest 2 CVES into dir * fix links to moved cves * typoed title fix * fix link * remove banner * remove committed api docs Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> * integrations: remove version dropdown Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> * Update Makefile Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> * change doc links in web as well Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> * fix some more docs paths Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> * fix more docs paths Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> * ci: require ci-web.build for merging Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> * Revert "ci: require ci-web.build for merging" This reverts commit `b99a4842a9`. * remove sluf for Application * put slug back in * minor fix to trigger deploy --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io> Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> Co-authored-by: Tana M Berry <tana@goauthentik.com> Co-authored-by: Jens Langhammer <jens@goauthentik.io> Co-authored-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>	2024-10-08 14:07:19 -05:00
Jens L.	ba28e6de41	security: fix CVE-2024-47070 (#11536 ) * security: fix CVE-2024-47070 Signed-off-by: Jens Langhammer <jens@goauthentik.io> * Update website/docs/security/CVE-2024-47070.md Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com> Signed-off-by: Jens L. <jens@beryju.org> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io> Signed-off-by: Jens L. <jens@beryju.org> Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com>	2024-09-27 16:18:37 +02:00
Jens L.	97a36b6c4e	security: fix CVE-2024-47077 (#11535 ) Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2024-09-27 16:17:07 +02:00
Jens L.	3daf8f8db4	security: fix CVE-2024-42490 (#11022 ) CVE-2024-42490 Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2024-08-22 17:17:06 +02:00
Davide	7fee9fd868	website/docs: fix formatting on CVE-2024-23647 (#10955 ) Update CVE-2024-23647.md Formatting errors fixed Signed-off-by: Davide <69810644+ItzDavi@users.noreply.github.com>	2024-08-19 14:06:44 +02:00
Marc 'risson' Schmitt	322ae4c4ed	website/docs: add source property mappings, rework provider property mappings (#10652 )	2024-08-07 19:30:29 +00:00
Jens L	cc18f352aa	security: fix CVE-2024-37905 (#10230 ) Co-authored-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>	2024-06-26 12:07:44 +02:00
Jens L	422eb0890c	security: fix CVE-2024-38371 (#10229 )	2024-06-26 11:24:05 +02:00
Fletcher Heisler	09cacbd76b	website/docs: add hardening advice and link directly to Cure53 results (#9670 ) docs: add hardening advice and link directly to Cure53 results Signed-off-by: Fletcher Heisler <fheisler@users.noreply.github.com>	2024-05-10 09:07:19 -04:00
Tana M Berry	85594a119c	website/docs: add new doc about extra steps for hardening authentik (#9649 ) * add to sidebar * tweaks * tweaks * add derek edit * ken edit * Update website/docs/security/security-hardening.md Co-authored-by: Jens L. <jens@goauthentik.io> Signed-off-by: Tana M Berry <tanamarieberry@yahoo.com> * tweaks --------- Signed-off-by: Tana M Berry <tanamarieberry@yahoo.com> Co-authored-by: Tana M Berry <tana@goauthentik.com> Co-authored-by: Jens L. <jens@goauthentik.io>	2024-05-09 10:02:51 -05:00
Jens L	1db322b42f	security: fix CVE-2024-23647 (#8345 ) * security: fix CVE-2024-23647 Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add tests Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add website Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2024-01-29 17:40:24 +01:00
Jens L	6649f7ab72	providers/oauth2: fix CVE-2024-21637 (#8104 ) Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2024-01-09 18:14:12 +01:00
Tana M Berry	f2aa83a731	root: update security policy to include link to cure53 report (#7853 ) * add links to the cure53 audit results * fix link * link * fighting with Docu * removed link for now * use absolute link --------- Co-authored-by: Tana Berry <tana@goauthentik.io>	2023-12-11 15:26:36 -06:00
Jens L	b88e39411c	security: fix CVE-2023-48228 (#7666 ) Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-11-21 18:10:07 +01:00

1 2

60 Commits