(cloudstack-www) branch blog-fix updated: more blog fixes

Mon, 13 Jan 2025 03:00:08 -0800 

This is an automated email from the ASF dual-hosted git repository.

dahn pushed a commit to branch blog-fix
in repository https://gitbox.apache.org/repos/asf/cloudstack-www.git


The following commit(s) were added to refs/heads/blog-fix by this push:
     new f8aac46cd more blog fixes
f8aac46cd is described below

commit f8aac46cdeab20ac39dc26430970f35a217179c3
Author: Daan Hoogland <d...@onecht.net>
AuthorDate: Mon Jan 13 11:59:51 2025 +0100

    more blog fixes
---
 blog/2025-01-13-Unauthorised-access-to-annotations/index.md | 4 +++-
 blog/authors.yml                                            | 7 +++++++
 2 files changed, 10 insertions(+), 1 deletion(-)

diff --git a/blog/2025-01-13-Unauthorised-access-to-annotations/index.md 
b/blog/2025-01-13-Unauthorised-access-to-annotations/index.md
index 30c4c3e34..344fdc702 100644
--- a/blog/2025-01-13-Unauthorised-access-to-annotations/index.md
+++ b/blog/2025-01-13-Unauthorised-access-to-annotations/index.md
@@ -2,7 +2,7 @@
 layout: post
 title: 'CVE-2025-22828: Unauthorised access to annotations'
 tags: [announcement]
-authors: [NuxRo]
+authors: [nux]
 slug: unauthorised-access-to-annotations
 ---
 
@@ -18,6 +18,8 @@ Affected versions:
 
 CloudStack users can add and read comments (annotations) on resources they are 
authorised to access. 
 
+<!-- truncate -->
+
 Due to an access validation issue that affects Apache CloudStack versions from 
4.16.0, users who have access, prior access or knowledge of resource UUIDs can 
list and add comments (annotations) to such resources. 
 
 An attacker with a user-account and access or prior knowledge of resource 
UUIDs may exploit this issue to read contents of the comments (annotations) or 
add malicious comments (annotations) to such resources. 
diff --git a/blog/authors.yml b/blog/authors.yml
index d831cb26e..75b978862 100644
--- a/blog/authors.yml
+++ b/blog/authors.yml
@@ -51,3 +51,10 @@ joaojandre:
   title: Committer
   url: https://github.com/JoaoJandre
   image_url: https://github.com/JoaoJandre.png
+
+nux:
+  name: Nux "Luciano" Ro
+  title: PMC Member
+  url: https://github.com/NuxRo
+  image_url: https://github.com/NuxRo.png
+

Reply via email to