File _patchinfo of Package patchinfo.32072
<patchinfo incident="32072"> <issue tracker="bnc" id="1208533">Hawk2 backend error: /usr/lib64/ruby/2.5.0/rubygems/specification.rb:2327:in `raise_if_conflicts': Unable to activate sass-rails-5.1.0, because railties-5.1.4 conflicts with railties (>= 5.2.0) (Gem::ConflictError)</issue> <issue tracker="bnc" id="1216571">VUL-1: HAWK: Improve CSRF protection</issue> <issue tracker="bnc" id="1216508">VUL-1: HAWK: insecure cookie configuration</issue> <issue tracker="bnc" id="1215438">Error : "Upload must have correct MIME type (was application/octet-stream)" while uploading output of crm report to HAWK2 via Windos OS</issue> <issue tracker="bnc" id="1213454">L3-Question: How can I disable CORS configuration or set a static origin which allows including credentials (cookies) in cross origin requests for pacemaker HAWK Web service?</issue> <issue tracker="bnc" id="1215976">Hawk fails to build in Factory</issue> <issue tracker="bnc" id="1206217">[Build 58.1] openQA test fails in hawk_gui</issue> <issue tracker="bnc" id="1207930">L3-Question: hawk2's generate-ssl-cert should not replace existing key</issue> <packager>aburlakov</packager> <rating>moderate</rating> <category>recommended</category> <summary>Recommended update for hawk2</summary> <description>This update for hawk2 fixes the following issues: - Enable HttpOnly secure flag by default (bsc#1216508) - Enforse CSRF in errors_controller.rb (bsc#1216571) - Fix mime type issue in MS windows (bsc#1215438) - Parametrize CORS Access-Control-Allow-Origin header (bsc#1213454) - Tests: upgrate tests for ruby3.2 (tumbleweed) (bsc#1215976) - Upgrade for ruby3.2 (tumbleweed) (bsc#1215976) - Forbid special symbols in the category (bsc#1206217) - Fix the sass-rails version on ~5.0 (bsc#1208533) - Don't delete the private key if the public key is missing (bsc#1207930) </description> </patchinfo>
