Bug #22954: Template importing should only deserialize safe objects from YAML - Foreman

Bug #22954

Template importing should only deserialize safe objects from YAML

Added by Marek Hulán over 4 years ago. Updated about 4 years ago.

Status:

Closed

Priority:

Normal

Assignee:

Category:

Templates

Target version:

Difficulty:

Triaged:

Bugzilla link:

Pull request:

https://github.com/theforeman/foreman/pull/5340

Fixed in Releases:

Found in Releases:

Related issues

Associated revisions

Revision f2ab59d7 (diff)
Added by Marek Hulán over 4 years ago

Fixes #22954 - only deserialize safe objects

History

#1 Updated by The Foreman Bot over 4 years ago

Status changed from New to Ready For Testing
Pull request https://github.com/theforeman/foreman/pull/5340 added

#2 Updated by Tomer Brisker over 4 years ago

Related to Refactor #19846: Fix Rubocop: Security/YAMLLoad added

#3 Updated by Anonymous over 4 years ago

Legacy Backlogs Release (now unused) set to 330

#4 Updated by Marek Hulán over 4 years ago

% Done changed from 0 to 100
Status changed from Ready For Testing to Closed

Applied in changeset f2ab59d71abb022ee4d0da77eeaf24f8765010d3.

Also available in: Atom PDF