Bug 47206

Summary: getMailFromMailOrUid must not execute code on import
Product: UCS Reporter: Philipp Hahn <hahn>
Component: univention-libAssignee: Philipp Hahn <hahn>
Status: CLOSED FIXED QA Contact: Felix Botner <botner>
Severity: normal    
Priority: P5 CC: best
Version: UCS 4.3Flags: hahn: Patch_Available+
Target Milestone: UCS 4.3-1-errata   
Hardware: Other   
OS: Linux   
What kind of report is it?: Development Internal What type of bug is this?: ---
Who will be affected by this bug?: --- How will those affected feel about the bug?: ---
User Pain: Enterprise Customer affected?:
School Customer affected?: ISV affected?:
Waiting Support: Flags outvoted (downgraded) after PO Review:
Ticket number: Bug group (optional):
Max CVSS v3 score:

Description Philipp Hahn univentionstaff 2018-06-19 14:08:44 CEST 
Named file is in univention.lib and gets executed on module load.
It is still used by the old Horde-App.
An should be removed completely in the future.
Comment 1 Philipp Hahn univentionstaff 2018-06-20 05:48:02 CEST 
[4.3-1] 31292e0c65 Bug #47206 lib: Protect getMailFromMailOrUid module import
 base/univention-lib/debian/changelog               |  6 ++++
 base/univention-lib/python/getMailFromMailOrUid.py | 37 ++++++++++++----------
 doc/errata/staging/univention-lib.yaml             | 10 ++++++
 3 files changed, 37 insertions(+), 16 deletions(-)

Package: univention-lib
Version: 7.0.0-12A~4.3.0.201806192207
Branch: ucs_4.3-0
Scope: errata4.3-1

[4.3-1] 6d22346d79 Bug #47206 lib: Protect getMailFromMailOrUid module import YAML
 doc/errata/staging/univention-lib.yaml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)
Comment 2 Felix Botner univentionstaff 2018-06-20 11:03:11 CEST 
OK - univention-lib (getMailFromMailOrUid.py)
OK - yaml
Comment 3 Arvid Requate univentionstaff 2018-06-20 13:37:39 CEST 
<http://errata.software-univention.de/ucs/4.3/113.html>