josh/django-mfa2
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Fixing CVE-2022-42731 for v2.5

Browse Source
This commit is contained in:
Mohamed ElKalioby
2022-10-10 17:46:03 +03:00
parent 5fbb505e98
commit 90f297d90f
3 changed files with 3 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
CHANGELOG.md
View File

@@ -1,5 +1,5 @@
# Change Log # Change Log
## 2.5.1 ## 2.5.2
* Fix: CVE-2022-42731: related to possibility of registration replay attack thanks to 'SSE (Secure Systems Engineering)' * Fix: CVE-2022-42731: related to possibility of registration replay attack thanks to 'SSE (Secure Systems Engineering)'
## 2.5.0 ## 2.5.0

2
mfa/FIDO2.py
View File

@@ -57,7 +57,7 @@ def complete_reg(request):
att_obj = AttestationObject((data['attestationObject'])) att_obj = AttestationObject((data['attestationObject']))
server = getServer() server = getServer()
auth_data = server.register_complete( auth_data = server.register_complete(
request.session.pop['fido_state'], request.session.pop('fido_state'),
client_data, client_data,
att_obj att_obj
) )

2
setup.py
View File

@@ -4,7 +4,7 @@ from setuptools import find_packages, setup
setup( setup(
name='django-mfa2', name='django-mfa2',
version='2.5.1', version='2.5.2',
description='Allows user to add 2FA to their accounts', description='Allows user to add 2FA to their accounts',
long_description=open("README.md").read(), long_description=open("README.md").read(),
long_description_content_type="text/markdown", long_description_content_type="text/markdown",