carnil commented on issue #203: [SHIRO-747] FirstSuccessfulStrategy now detects empty principal correctly URL: https://github.com/apache/shiro/pull/203#issuecomment-605445582 Hi On Sat, Mar 28, 2020 at 05:42:46AM -0700, Brian Demers wrote: > The release yes, the CVE no. Thanks for the feedback. Would it be possible to share then information on what exactly fix the CVE? The https://www.openwall.com/lists/oss-security/2020/03/23/2 post is not very specific to that an that would help downstream (speaking with my Debian hat on here) to track down the affected versions in the respective distributions. Thanks a lot, I realize if this does not correlate to SHIRO-747 and this pull request that you want a separate issue filled to discuss that? If so I can open a new one. Regards, Salvatore
---------------------------------------------------------------- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: [email protected] With regards, Apache Git Services
