Bug 1140859
Summary: | Cross-site scripting security vulnerability related to viewing tomcat logs | |||
---|---|---|---|---|
Product: | [Community] Spacewalk | Reporter: | Stephen Herr <sherr> | |
Component: | Server | Assignee: | Stephen Herr <sherr> | |
Status: | CLOSED CURRENTRELEASE | QA Contact: | Red Hat Satellite QA List <satqe-list> | |
Severity: | unspecified | Docs Contact: | ||
Priority: | unspecified | |||
Version: | 2.2 | |||
Target Milestone: | --- | |||
Target Release: | --- | |||
Hardware: | Unspecified | |||
OS: | Unspecified | |||
Whiteboard: | ||||
Fixed In Version: | spacewalk-java-2.2.124-1 | Doc Type: | Bug Fix | |
Doc Text: | Story Points: | --- | ||
Clone Of: | ||||
: | 1140863 1141327 (view as bug list) | Environment: | ||
Last Closed: | 2014-09-12 16:08:22 UTC | Type: | Bug | |
Regression: | --- | Mount Type: | --- | |
Documentation: | --- | CRM: | ||
Verified Versions: | Category: | --- | ||
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | ||
Cloudforms Team: | --- | Target Upstream Version: | ||
Embargoed: | ||||
Bug Depends On: | ||||
Bug Blocks: | 1140863, 1141327, 1207293 |
Description
Stephen Herr
2014-09-11 21:16:07 UTC
Committing to Spacewalk master: 64e887448ef01e956256a03cc71b71e0f086a1c5 Cherry-picking to Spacewalk master: 9707946c4ac17a1c1124e682f157fc2f69959f82 The second commit has in comment 1 should read "Cherry-picking to Spacewalk 2.2". Updated spacewalk-java packages that fix this vulnerability are now available in Spacewalk 2.2. |