-
Notifications
You must be signed in to change notification settings - Fork 185
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #9492 from uyuni-project/Uyuni-2024.10
Uyuni 2024.10 patch - CVE-2024-49502 bsc#1231852, CVE-2024-49503 bsc#1231922, bsc#1231900
- Loading branch information
Showing
10 changed files
with
92 additions
and
25 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,3 +1,9 @@ | ||
------------------------------------------------------------------- | ||
Mon Nov 18 18:32:19 CET 2024 - [email protected] | ||
|
||
- version 5.1.2-0 | ||
* Limit frontend-log message size (bsc#1231900) | ||
|
||
------------------------------------------------------------------- | ||
Mon Oct 14 15:47:47 CEST 2024 - [email protected] | ||
|
||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1 +1 @@ | ||
5.1.1-0 java/ | ||
5.1.2-0 java/ |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1 +1 @@ | ||
5.1.1-0 web/ | ||
5.1.2-0 web/ |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
13 changes: 9 additions & 4 deletions
13
web/html/javascript/susemanager-setup-wizard-proxy-settings.js
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,3 +1,12 @@ | ||
------------------------------------------------------------------- | ||
Mon Nov 18 18:33:44 CET 2024 - [email protected] | ||
|
||
- version 5.1.2-0 | ||
* CVE-2024-49502: Validate proxy hostname format and escape proxy | ||
username to mitigate XSS vulnerabilities (bsc#1231852) | ||
* CVE-2024-49503: Escape organization credentials username to | ||
mitigate XSS vulnerability (bsc#1231922) | ||
|
||
------------------------------------------------------------------- | ||
Mon Oct 14 15:57:04 CEST 2024 - [email protected] | ||
|
||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters