jhamman
commented
5 years ago Thanks @rsignell-usgs!
Closed rsignell-usgs closed 5 years ago
jhamman
commented
5 years ago Thanks @rsignell-usgs!
rabernat
commented
5 years ago This change has caused some downstream problems (e.g. https://github.com/jupyterhub/zero-to-jupyterhub-k8s/issues/1215) on staging.ocean.pangeo.io. We effectively downgraded from "0.9-e120fda" to "0.8.2". Going back to an 0.8 version was probably not the right choice.
Surely the security fix was also applied to the development versions of the jhub chart. If so, could we switch to a more recent version?
jhamman
commented
5 years ago I misunderstood the z2jh changelog. My understanding was that 0.8.2 was equivalent to the development version. It seems now that they backported the fix. In any event, this is resolved based on #92.
Addresses open redirect vulnerability
Fixes #90