Horizon: security implication: not using triggers for .js updates
Bug #1462248 reported by
Thomas Goirand
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Mirantis OpenStack |
Fix Committed
|
High
|
MOS Packaging Team | ||
6.1.x |
Fix Committed
|
High
|
Vasyl Saienko | ||
7.0.x |
Fix Released
|
High
|
MOS Packaging Team |
Bug Description
The package should be using trigger to re-do the offline compress after a javascript library is updated. Otherwise, after a security update of a libjs-* package, Horizon will continue to use an old version of said libjs files.
Have a look into the Debian package to see how it is done if you want an example.
Changed in mos: | |
milestone: | none → 7.0 |
assignee: | nobody → MOS Deployment Team (mos-deployment) |
Changed in mos: | |
importance: | Undecided → Medium |
Changed in mos: | |
assignee: | MOS Deployment Team (mos-deployment) → Vasyl Saienko (vsaienko) |
To post a comment you must log in.
Fix proposed to branch: openstack- ci/fuel- 7.0/2015. 1.0 /review. fuel-infra. org/7589
Change author: Vasyl Saienko <email address hidden>
Review: https:/