Bug 1729149
Summary: | CVE-2019-10198 tfm-rubygem-foreman-tasks: Authorization bypasses when accessing task details [rhn_satellite_6-default] | ||
---|---|---|---|
Product: | Red Hat Satellite | Reporter: | Adam Ruzicka <aruzicka> |
Component: | Tasks Plugin | Assignee: | Adam Ruzicka <aruzicka> |
Status: | CLOSED ERRATA | QA Contact: | Peter Dragun <pdragun> |
Severity: | medium | Docs Contact: | |
Priority: | medium | ||
Version: | 6.4 | CC: | aruzicka, cbuissar, dmoppert, egolov, inecas, mzalewsk, pdwyer, tbrisker |
Target Milestone: | 6.6.0 | Keywords: | SecurityTracking, Triaged |
Target Release: | Unused | ||
Hardware: | Unspecified | ||
OS: | Unspecified | ||
Whiteboard: | |||
Fixed In Version: | tfm-rubygem-foreman-tasks-0.15.5.3-1 | Doc Type: | If docs needed, set a value |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2019-10-22 12:47:50 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | |||
Bug Blocks: | 1729130 |
Description
Adam Ruzicka
2019-07-11 13:15:57 UTC
Created from redmine issue https://projects.theforeman.org/issues/27275 Upstream bug assigned to aruzicka *** Bug 1729143 has been marked as a duplicate of this bug. *** Moving this bug to POST for triage into Satellite 6 since the upstream issue https://projects.theforeman.org/issues/27275 has been resolved. *** Bug 1729351 has been marked as a duplicate of this bug. *** Verified with steps from problem description. Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHSA-2019:3172 |