backups/grapevine
1
0
Fork 0
mirror of https://gitlab.computer.surgery/matrix/grapevine.git synced 2026-02-04 15:51:23 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions
grapevine/book
History
Olivia Lee 0aae932bc9 validate additional fields for incoming remote membership 
This was missed in the initial fix in 9a50c244 ("validate event type and
membership for create_join and create_invite"), but significantly less
impactful than the original vulnerability because it only affects
invite/join events that are able to pass auth/signature checks with our
server's signature. You could use this to forge invite events from a
local user, but not much else.
2025-12-30 17:48:33 -08:00
..
contributing add a style guide 2024-12-11 14:01:38 -08:00
installing document that conduwuit migration is unlikely to work 2025-04-11 13:10:23 -07:00
changelog.md validate additional fields for incoming remote membership 2025-12-30 17:48:33 -08:00
code-of-conduct.md add a code of conduct 2024-06-17 16:39:22 -07:00
contributing.md move security info to its own page 2024-12-11 13:26:16 -08:00
installing.md document supported targets 2024-12-13 16:59:13 -08:00
introduction.md improve link accessibility 2025-08-06 12:27:45 -07:00
migration.md move conduit migration to installing section 2024-12-13 16:59:13 -08:00
SUMMARY.md document that conduwuit migration is unlikely to work 2025-04-11 13:10:23 -07:00