Project

General

Custom queries

Profile

Actions
Copy link

Bug #32969

closed

Skip trusted host check for OVAL endpoints

Added by Ondřej Pražák about 4 years ago. Updated almost 4 years ago.

Status:
Closed
Priority:
Normal
Assignee:
Ondřej Pražák
Target version:
-
Difficulty:
Triaged:
No
Bugzilla link:
1980709
Pull request:
https://github.com/theforeman/smart_proxy_openscap/pull/85
Fixed in Releases:
smart_proxy_openscap 0.9.1
Found in Releases:
Red Hat JIRA:

Description

As clients are not in trusted hosts, endpoints for OVAL that are accessed by clients should not be authorized by trusted hosts.

Related issues 1 (0 open1 closed)

Related to OpenSCAP - Bug #32257: CVE-2021-20290: Any client can perform Foreman actionsClosedLukas ZapletalActions
Actions
Copy link
 #1

Updated by Ondřej Pražák about 4 years ago

  • Related to Bug #32257: CVE-2021-20290: Any client can perform Foreman actions added
Actions
Copy link
 #2

Updated by The Foreman Bot about 4 years ago

  • Status changed from New to Ready For Testing
  • Pull request https://github.com/theforeman/smart_proxy_openscap/pull/85 added
Actions
Copy link
 #3

Updated by The Foreman Bot almost 4 years ago

  • Fixed in Releases smart_proxy_openscap 0.9.2 added
Actions
Copy link
 #4

Updated by Ondřej Pražák almost 4 years ago

  • Status changed from Ready For Testing to Closed
Actions
Copy link
 #5

Updated by Ondřej Pražák almost 4 years ago

  • Bugzilla link set to 1980709
Actions
Copy link
 #6

Updated by Ondřej Pražák almost 4 years ago

  • Fixed in Releases smart_proxy_openscap 0.9.1 added
  • Fixed in Releases deleted (smart_proxy_openscap 0.9.2)
Actions
Copy link

Also available in: Atom PDF