Skip to content

webui: Fix URL rewrite vulnerability in zend-http component#1213

Merged
pstorz merged 6 commits intomasterfrom
dev/fbergkemper/master/zf-patch
Sep 12, 2022
Merged

webui: Fix URL rewrite vulnerability in zend-http component#1213
pstorz merged 6 commits intomasterfrom
dev/fbergkemper/master/zf-patch

Conversation

@frb121
Copy link
Contributor

@frb121 frb121 commented Aug 1, 2022
edited by pstorz
Loading

Updates affected zendframework component zend-http
and required component dependencies.

See composer.json for version details.

GHSA: GHSA-f6p5-76fp-m248

Thank you for contributing to the Bareos Project!

Please check

  • Short description and the purpose of this PR is present above this paragraph
  • Your name is present in the AUTHORS file (optional)

If you have any questions or problems, please give a comment in the PR.

Helpful documentation and best practices

Checklist for the reviewer of the PR (will be processed by the Bareos team)

General
  • PR name is meaningful
  • Purpose of the PR is understood
  • Separate commit for this PR in the CHANGELOG.md, PR number referenced is same
  • Commit descriptions are understandable and well formatted
Source code quality
  • Source code changes are understandable
  • Variable and function names are meaningful
  • Code comments are correct (logically and spelling)
  • Required documentation changes are present and part of the PR
  • bareos-check-sources --since-merge does not report any problems
  • git status should not report modifications in the source tree after building and testing

@frb121 frb121 force-pushed the dev/fbergkemper/master/zf-patch branch from ebd2329 to d5baad9 Compare August 1, 2022 10:31
@frb121 frb121 self-assigned this Aug 1, 2022
@pstorz pstorz added the onhold label Aug 11, 2022
@frb121 frb121 removed the onhold label Sep 1, 2022
@frb121 frb121 force-pushed the dev/fbergkemper/master/zf-patch branch 8 times, most recently from b33e9d3 to 59a9116 Compare September 6, 2022 15:13
@frb121 frb121 requested a review from pstorz September 7, 2022 12:46
pstorz
pstorz requested changes Sep 7, 2022
View reviewed changes
Copy link
Member

@pstorz pstorz left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Good work, but we need to document that bareos-webui is not available for CentOS7/RHEL7 anymore.

@frb121
Copy link
Contributor Author

frb121 commented Sep 8, 2022

I've put another commit 8d8125d on top which updates the system requirements of the webui install section in our documentation.

@frb121 frb121 requested a review from pstorz September 8, 2022 10:13
pstorz
pstorz requested changes Sep 12, 2022
View reviewed changes
Copy link
Member

@pstorz pstorz left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Please squash the "fixup" commits"

@frb121 frb121 force-pushed the dev/fbergkemper/master/zf-patch branch from 8d8125d to 6e5ab70 Compare September 12, 2022 09:57
@pstorz pstorz merged commit c04b5d9 into master Sep 12, 2022
@pstorz pstorz deleted the dev/fbergkemper/master/zf-patch branch September 12, 2022 13:44
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@pstorz pstorz pstorz approved these changes

Assignees

@frb121 frb121

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@frb121 @pstorz