warp-tech/warpgate v0.7.3

on GitHub

Security fixes

CVE-2023-37268 [8173f65]

Insufficient authentication checks for SSO users allowed any SSO user to elevate their permission to these of any other SSO user. All configurations using SSO are affected.

Changes

• f13a22f: HTTP: fixed #747 - don't include port in the X-Forwarded-For header
• UI: added search boxes - #761
• 4fe4bfe: fixed login errors not being displayed properly
• b1995be: Admin: disallow completely disabling authentication for a protocol