open-consul

History

Freddy e4e306210a Require operator:write to get Connect CA config (#9240 ) A vulnerability was identified in Consul and Consul Enterprise (“Consul”) such that operators with `operator:read` ACL permissions are able to read the Consul Connect CA configuration when explicitly configured with the `/v1/connect/ca/configuration` endpoint, including the private key. This allows the user to effectively privilege escalate by enabling the ability to mint certificates for any Consul Connect services. This would potentially allow them to masquerade (receive/send traffic) as any service in the mesh. -- This PR increases the permissions required to read the Connect CA's private key when it was configured via the `/connect/ca/configuration` endpoint. They are now `operator:write`.		2020-11-19 10:14:48 -07:00
..
api-docs	Require operator:write to get Connect CA config (#9240 )	2020-11-19 10:14:48 -07:00
commands	Add a CLI command for retrieving the autopilot configuration. (#9142 )	2020-11-11 13:19:02 -05:00
community	round 2	2020-09-15 12:01:47 -04:00
docs	Merge pull request #9091 from scellef/correct-upgrade-guide	2020-11-18 16:54:48 -08:00
downloads	Merge pull request #9155 from hashicorp/release/1.9.0-beta3	2020-11-13 16:45:50 -05:00
home	Add Using in Production Question (#8718 )	2020-09-21 20:08:44 -04:00
intro	[docs] Change links to the DNS information to the right place (#8675 )	2020-11-17 10:03:00 -05:00
partials	update deps, format all files	2020-07-08 19:12:34 -04:00
security	…
use-cases	Add files via upload	2020-10-13 15:16:34 -07:00
404.jsx	update dependencies	2020-05-21 14:50:45 -04:00
_app.js	[Website] Add HashiStackMenu to website (#8854 )	2020-10-09 10:48:21 -05:00
_document.js	…
_error.jsx	update dependencies	2020-05-21 14:50:45 -04:00
_temporary_button.css	…
index.jsx	Test Netlify build	2020-05-13 23:44:22 -07:00
print.css	…
style.css	Expose `expirationDate` prop in <AlertBanner/>	2020-10-23 11:19:41 -04:00