Skip to content

fix: invalid file request not properly handled #8060

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 2 commits into from
Jun 17, 2022
Merged

fix: invalid file request not properly handled #8060

merged 2 commits into from
Jun 17, 2022

Conversation

mtrezza
Copy link
Member

@mtrezza mtrezza commented Jun 17, 2022
edited
Loading

@parse-github-assistant
Copy link

parse-github-assistant bot commented Jun 17, 2022
edited
Loading

Thanks for opening this pull request!

  • ❌ Please edit your post and use the provided template when creating a new pull request. This helps everyone to understand your post better and asks for essential information to quicker review the pull request.

@codecov
Copy link

codecov bot commented Jun 17, 2022
edited
Loading

Codecov Report

Merging #8060 (6b1798b) into release (ba2b0a9) will increase coverage by 0.02%.
The diff coverage is 100.00%.

❗ Current head 6b1798b differs from pull request most recent head 4af79a4. Consider uploading reports for the commit 4af79a4 to get more accurate results

@@             Coverage Diff             @@
##           release    #8060      +/-   ##
===========================================
+ Coverage    94.15%   94.17%   +0.02%     
===========================================
  Files          182      182              
  Lines        13650    13655       +5     
===========================================
+ Hits         12852    12860       +8     
+ Misses         798      795       -3
Impacted Files Coverage Δ
src/Routers/FilesRouter.js 88.97% <100.00%> (+0.42%) ⬆️
src/RestWrite.js 94.25% <0.00%> (+0.15%) ⬆️
src/ParseServerRESTController.js 98.48% <0.00%> (+1.51%) ⬆️
src/batch.js 94.73% <0.00%> (+1.75%) ⬆️

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update ed0baa8...4af79a4. Read the comment docs.

@mtrezza mtrezza changed the title fix fix: invalid file request not properly handled Jun 17, 2022
@mtrezza mtrezza merged commit 5be375d into parse-community:release Jun 17, 2022
parseplatformorg pushed a commit that referenced this pull request Jun 17, 2022
@semantic-release-bot
chore(release): 5.2.3 [skip ci]
eb2952f 
## [5.2.3](5.2.2...5.2.3) (2022-06-17)

### Bug Fixes

* invalid file request not properly handled; this fixes a security vulnerability in which an invalid file request can crash the server ([GHSA-xw6g-jjvf-wwf9](GHSA-xw6g-jjvf-wwf9)) ([#8060](#8060)) ([5be375d](5be375d))
@parseplatformorg
Copy link
Contributor

🎉 This change has been released in version 5.2.3

@parseplatformorg parseplatformorg added the state:released Released as stable version label Jun 17, 2022
@mtrezza mtrezza mentioned this pull request Jun 17, 2022
Merged
@mtrezza mtrezza deleted the fix-file-release branch June 18, 2022 00:15
@mtrezza mtrezza mentioned this pull request Jun 18, 2022
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
state:released Released as stable version
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@mtrezza @parseplatformorg