Univention Bugzilla – Full Text Bug Listing |
Summary: | Remove deprecated child-src from Content-Security-Policy | ||
---|---|---|---|
Product: | UCS | Reporter: | Florian Best <best> |
Component: | UMC (Generic) | Assignee: | Jannik Ahlers <ahlers> |
Status: | CLOSED FIXED | QA Contact: | Johannes Keiser <keiser> |
Severity: | normal | ||
Priority: | P5 | CC: | requate |
Version: | UCS 4.2 | ||
Target Milestone: | UCS 4.3-0-errata | ||
Hardware: | Other | ||
OS: | Linux | ||
See Also: | https://forge.univention.org/bugzilla/show_bug.cgi?id=45423 | ||
What kind of report is it?: | Development Internal | What type of bug is this?: | --- |
Who will be affected by this bug?: | --- | How will those affected feel about the bug?: | --- |
User Pain: | Enterprise Customer affected?: | ||
School Customer affected?: | ISV affected?: | ||
Waiting Support: | Flags outvoted (downgraded) after PO Review: | ||
Ticket number: | Bug group (optional): | Browser compatibility | |
Max CVSS v3 score: |
Description
Florian Best
2017-10-26 10:32:48 CEST
I fixed the bug but there's no release scope yet univention-management-console (10.0.4-5) 5315ee093bfd | Bug #45599: Remove deprecated child-src from Content-Security-Policy The child-src directive only had to be removed from the conffiles and the ucr variable creation files of the univention-managemnt-console package. OK child-src is removed from the CSP The umc/http/content-security-policy/child-src ucr variable is still set if an upgrade is made. Can u add a dpkg version compare in postinst and unset the ucr variable univention-management-console (10.0.4-8) ab1ac6e731f2 | Bug #45599: remove ucr variable Successful build Package: univention-management-console Version: 10.0.4-8A~4.3.0.201804041148 Branch: ucs_4.3-0 Scope: errata4.3-0 the ucr variable now gets removed. univention-management-console (10.0.4-9) b6f869348b6d | Bug #45599: fix typo Successful build Package: univention-management-console Version: 10.0.4-9A~4.3.0.201804171016 Branch: ucs_4.3-0 Scope: errata4.3-0 OK child-src is removed from the CSP OK ucr variable for child-src is removed -> verified |