mirrors/mastodon
1
0
Fork 0
mirror of https://github.com/mastodon/mastodon.git synced 2024-11-20 03:25:17 +01:00
Code Issues Projects Releases Wiki Activity

Ignore CVE-2024-8796, which does not impact us

Browse Source
This commit is contained in:
Claire 2024-09-27 14:31:00 +02:00
parent 346c37df80
commit d2842db18d
1 changed files with 4 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
.bundler-audit.yml
View File

@ -4,3 +4,7 @@ ignore:
# We have rate-limits on authentication endpoints in place (including second # We have rate-limits on authentication endpoints in place (including second
# factor verification) since Mastodon v3.2.0 # factor verification) since Mastodon v3.2.0
- CVE-2024-0227 - CVE-2024-0227
# devise-two-factor advisory about generated secrets being weaker than expected
# We call `generate_otp_secret` ourselves with a requested length of 32 characters,
# which exceeds the recommended remediation of 26 characters, so we're safe
- CVE-2024-8796