We are closing this bug report because it lacks the information we need
to investigate the problem, as described in the previous comments.
Please reopen it if you can give us the missing information, and don't
hesitate to submit bug reports in the future. To reopen the bug report
you can click on
We are closing this bug report because it lacks the information we need
to investigate the problem, as described in the previous comments.
Please reopen it if you can give us the missing information, and don't
hesitate to submit bug reports in the future. To reopen the bug report
you can click on
I have prepared lp:~racb/ubuntu/oneiric/cobbler/858878_security which
addresses all of Tyler's points (thanks for the review!). Details of
testing to follow.
** Branch linked: lp:~racb/ubuntu/oneiric/cobbler/858878_security
--
You received this bug notification because you are a member of
Hi Robie - Thanks for the oneiric-security branch! I've reviewed the
diff and it looks mostly good. There are a few very minor touch-ups that
will be needed to the changelog:
1) Make the patch attribution style in the changelog match the examples
here:
** Branch linked: lp:ubuntu/oneiric-proposed/cobbler
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/858878
Title:
lack of csrf protection in cobbler-web
To manage notifications about this bug go
I've prepared an upload for oneiric-security
(lp:~racb/ubuntu/oneiric/cobbler/security_201112) but this still needs
review and testing.
** Branch linked: lp:~racb/ubuntu/oneiric/cobbler/security_201112
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is
This bug was fixed in the package cobbler - 2.2.2-0ubuntu1, but
evidently got omitted from the changelog entry. I have just verified
that CSRF protection in Precise (2.2.2-0ubuntu6) is working correctly.
Still pending: SRU for Oneiric.
** Changed in: cobbler (Ubuntu Precise)
Status:
Moving milestone to alpha-2, and starting tracking on this since it
missed alpha-1 milestone target.
** Changed in: cobbler (Ubuntu Precise)
Milestone: precise-alpha-1 = precise-alpha-2
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to
** Branch linked: lp:~racb/ubuntu/oneiric/cobbler/858878_858883
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to cobbler in Ubuntu.
https://bugs.launchpad.net/bugs/858878
Title:
lack of csrf protection in cobbler-web
To manage
** Branch linked: lp:~racb/ubuntu/oneiric/cobbler/858878_858883
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/858878
Title:
lack of csrf protection in cobbler-web
To manage notifications about
** Changed in: cobbler (Ubuntu Oneiric)
Assignee: (unassigned) = Robie Basak (racb)
** Changed in: cobbler (Ubuntu Precise)
Assignee: (unassigned) = Robie Basak (racb)
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to cobbler
** Changed in: cobbler (Ubuntu Oneiric)
Assignee: (unassigned) = Robie Basak (racb)
** Changed in: cobbler (Ubuntu Precise)
Assignee: (unassigned) = Robie Basak (racb)
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
** Changed in: cobbler (Ubuntu Precise)
Status: New = Triaged
** Changed in: cobbler (Ubuntu Oneiric)
Status: New = Triaged
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to cobbler in Ubuntu.
** Changed in: cobbler (Ubuntu Precise)
Status: New = Triaged
** Changed in: cobbler (Ubuntu Oneiric)
Status: New = Triaged
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/858878
Title:
** Changed in: cobbler (Ubuntu)
Milestone: None = precise-alpha-1
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to cobbler in Ubuntu.
https://bugs.launchpad.net/bugs/858878
Title:
lack of csrf protection in cobbler-web
To manage
While this is targeted for Precise, it also is going to need to be
backported to Oneiric as this is a security vulnerability.
** Also affects: cobbler (Ubuntu Oneiric)
Importance: High
Status: New
** Also affects: cobbler (Ubuntu Precise)
Importance: Undecided
Status: New
**
** Changed in: cobbler (Ubuntu)
Milestone: None = precise-alpha-1
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/858878
Title:
lack of csrf protection in cobbler-web
To manage notifications
While this is targeted for Precise, it also is going to need to be
backported to Oneiric as this is a security vulnerability.
** Also affects: cobbler (Ubuntu Oneiric)
Importance: High
Status: New
** Also affects: cobbler (Ubuntu Precise)
Importance: Undecided
Status: New
**
** Visibility changed to: Public
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to cobbler in Ubuntu.
https://bugs.launchpad.net/bugs/858878
Title:
lack of csrf protection in cobbler-web
To manage notifications about this bug go to:
** Changed in: cobbler (Ubuntu)
Importance: Undecided = High
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to cobbler in Ubuntu.
https://bugs.launchpad.net/bugs/858878
Title:
lack of csrf protection in cobbler-web
To manage
** Visibility changed to: Public
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/858878
Title:
lack of csrf protection in cobbler-web
To manage notifications about this bug go to:
** Changed in: cobbler (Ubuntu)
Importance: Undecided = High
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/858878
Title:
lack of csrf protection in cobbler-web
To manage notifications about
22 matches
Mail list logo