Commit graph

2 commits

Author SHA1 Message Date
Alicia Cozine
f509a22f9d
add changelog categories, update CVE fragments to use security_fix category (#69968)
* use security_fix category in changelogs for CVEs

* these fragments do not say CVE but are security fixes

Co-authored-by: Alicia Cozine <acozine@users.noreply.github.com>
2020-06-11 10:24:01 -07:00
Brian Coca
28f9fbdb5e
safely use vault to edit secrets (#68644)
* when possible, use filedescriptors from mkstemp to avoid race
  * when using path strings, ensure we are always creating the file

CVE-2020-1740
Fixes #67798

Co-authored-by: samdoran
2020-04-03 10:19:01 -04:00