Project

General

Profile

Actions
Copy link

Bug #19704

closed

Upcoming security fix in Foreman breaks KeepCurrentUser middleware

Added by Marek Hulán over 7 years ago. Updated over 6 years ago.

Status:
Closed
Priority:
Normal
Assignee:
Marek Hulán
Category:
Foreman plugin
Target version:
foreman-tasks-0.9.2
Difficulty:
Triaged:
Bugzilla link:
Pull request:
https://github.com/theforeman/foreman-tasks/pull/252
Fixed in Releases:
Found in Releases:
Red Hat JIRA:

Description

Katello tests failures revealed KeepCurrentUser middleware can fail when stored user is admin. It seems that org/loc scope is not restored and the admin won't be found when the change from #19612 will be present (planned for Foreman 1.15.1).

Related issues 3 (0 open3 closed)

Related to Foreman - Bug #19612: CVE-2017-7505: User scoped in organization with permissions for user management can manage administrators that are not assigned to any organizationClosedMarek Hulán05/22/2017Actions
Related to Katello - Bug #19664: Upcoming security fix in Foreman breaks Katello testsClosedMarek Hulán05/25/2017Actions
Related to Katello - Bug #20040: Can't create new productResolvedJustin Sherrill06/18/2017Actions
Actions
Copy link

Also available in: Atom PDF