Bug #22954: Template importing should only deserialize safe objects from YAML - Foreman

Bug #22954

Template importing should only deserialize safe objects from YAML

Added by Marek Hulán 9 months ago. Updated 5 months ago.

Status:

Closed

Priority:

Normal

Assignee:

Marek Hulán

Category:

Templates

Target version:

1.18.0

Difficulty:

Triaged:

Bugzilla link:

Pull request:

https://github.com/theforeman/foreman/pull/5340

Team Backlog:

Fixed in Releases:

Found in Releases:

Related issues

Associated revisions

Revision f2ab59d7 (diff)
Added by Marek Hulán 8 months ago

Fixes #22954 - only deserialize safe objects

History

#1 Updated by The Foreman Bot 9 months ago

Status changed from New to Ready For Testing
Pull request https://github.com/theforeman/foreman/pull/5340 added

#2 Updated by Tomer Brisker 9 months ago

Related to Refactor #19846: Fix Rubocop: Security/YAMLLoad added

#3 Updated by Michael Moll 8 months ago

Legacy Backlogs Release (now unused) set to 330

#4 Updated by Marek Hulán 8 months ago

% Done changed from 0 to 100
Status changed from Ready For Testing to Closed

Applied in changeset f2ab59d71abb022ee4d0da77eeaf24f8765010d3.

Also available in: Atom PDF

Project

General

Profile

Issues

Custom queries