Project

General

Profile

Bug #22954

Template importing should only deserialize safe objects from YAML

Added by Marek Hulán 9 months ago. Updated 5 months ago.

Status:
Closed
Priority:
Normal
Assignee:
Category:
Templates
Target version:
Difficulty:
Triaged:
Bugzilla link:
Team Backlog:
Fixed in Releases:
Found in Releases:

Related issues

Related to Foreman - Refactor #19846: Fix Rubocop: Security/YAMLLoad New

Associated revisions

Revision f2ab59d7 (diff)
Added by Marek Hulán 8 months ago

Fixes #22954 - only deserialize safe objects

History

#1 Updated by The Foreman Bot 9 months ago

  • Status changed from New to Ready For Testing
  • Pull request https://github.com/theforeman/foreman/pull/5340 added

#2 Updated by Tomer Brisker 9 months ago

#3 Updated by Michael Moll 8 months ago

  • Legacy Backlogs Release (now unused) set to 330

#4 Updated by Marek Hulán 8 months ago

  • % Done changed from 0 to 100
  • Status changed from Ready For Testing to Closed

Also available in: Atom PDF