Page tree

Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

MidPoint code was fixed to set up embedded Tomcat in such a way, that only a very large HTML forms will be stored on disk. MidPoint code was also changed to avoid storing password in Wicket temporary files. Those fixes are supposed to resolve the root cause of this issue, because passwords should not get stored in any temporary file as well.

Credit

Variants of this This issue were was reported by PrinceNullByte by the means of EU-Free and Open Source Software Auditing (EU-FOSSA2) project.

...