On 11/22, Dominic Cleal wrote: > Reminder: 1.14-stable's due to be branched in a week or two, see the > schedule at > http://projects.theforeman.org/projects/foreman/wiki/Foreman_114_Schedule. > > Please ensure develop's kept stable for this process. Installer modules > will be released at around the same time.
I'd like to raise attention over https://github.com/theforeman/foreman/pull/3961 - it's a CVE with permissions that has been open for quite a while already. It fundamentally changes how permissions are handled when there is no org/loc associated to an user. The sooner we merge it, the sooner we'll discover bugs associated to that behavior that our tests did not cover. > > -- > Dominic Cleal > [email protected] > > -- > You received this message because you are subscribed to the Google Groups > "foreman-dev" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > For more options, visit https://groups.google.com/d/optout. -- Daniel Lobato Garcia @dLobatog blog.daniellobato.me daniellobato.me GPG: http://keys.gnupg.net/pks/lookup?op=get&search=0x7A92D6DD38D6DE30 Keybase: https://keybase.io/elobato -- You received this message because you are subscribed to the Google Groups "foreman-dev" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
signature.asc
Description: PGP signature
