Re: Security release of ChartMuseum v0.8.1
toggle quoted messageShow quoted text
In a typical ChartMuseum installation, uploads are protected by a single basic auth username/password combo. In this scenario, anyone with this credential pair can upload chart packages to the wrong tenant, without using this vulnerability.
When using bearer/token auth, or when using ChartMuseum as a backend service, this issue may be more cause for concern.
Keep in mind, however, that this vulnerability also allows file uploads outside the storage root (depending on permissions and configuration).
If you have deployed ChartMuseum using the chartmuseum/chartmuseum Docker image, please upgrade to the following tag which contains the fix: v0.8.1
I've also put together a simple tool which can be used to verify that your systems have not been affected by this:
Apologies for any inconvenience this may cause. If you have any questions, please feel free to reach out to me directly on Slack/Twitter (@jdolitsky).
On Mon, Jan 14, 2019 at 2:04 PM Matt Farina <matt@...> wrote: