Project

General

Profile

Bug #22954

Template importing should only deserialize safe objects from YAML

Added by Marek Hulán over 1 year ago. Updated about 1 year ago.

Status:
Closed
Priority:
Normal
Assignee:
Category:
Templates
Target version:
Difficulty:
Triaged:
Bugzilla link:
Team Backlog:
Fixed in Releases:
Found in Releases:

Related issues

Related to Foreman - Refactor #19846: Fix Rubocop: Security/YAMLLoad New

Associated revisions

Revision f2ab59d7 (diff)
Added by Marek Hulán over 1 year ago

Fixes #22954 - only deserialize safe objects

History

#1 Updated by The Foreman Bot over 1 year ago

  • Status changed from New to Ready For Testing
  • Pull request https://github.com/theforeman/foreman/pull/5340 added

#2 Updated by Tomer Brisker over 1 year ago

#3 Updated by Michael Moll over 1 year ago

  • Legacy Backlogs Release (now unused) set to 330

#4 Updated by Marek Hulán over 1 year ago

  • % Done changed from 0 to 100
  • Status changed from Ready For Testing to Closed

Also available in: Atom PDF