You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
If you pulled the openknowledge/ckan-base or openknowledge/ckan-dev images on or after 2023-01-30 you will notice that two things happen:
Existing login sessions will be closed, forcing users to re-login
Existing API Tokens will no longer work
This is because due to CVE-2023-22746, changes were made to the images to ensure a unique session secret key was used when creating a container, to avoid sharing the same key across instances. As a new key will be used, old API Tokens will no longer work and will need to be re-generated.
To avoid this in the future make sure to persist the various secret keys in your .env file with the rest of your secrets:
If you pulled the
openknowledge/ckan-baseoropenknowledge/ckan-devimages on or after 2023-01-30 you will notice that two things happen:This is because due to CVE-2023-22746, changes were made to the images to ensure a unique session secret key was used when creating a container, to avoid sharing the same key across instances. As a new key will be used, old API Tokens will no longer work and will need to be re-generated.
To avoid this in the future make sure to persist the various secret keys in your
.envfile with the rest of your secrets:docker-ckan/.env.example
Lines 9 to 12 in 4746d8c
If you had your secrets defined in the
.envfile as above you won't be affected by this change (i.e. your API Tokens will keep working as expected)The text was updated successfully, but these errors were encountered: