On Fri, March 4, 2016 6:14 am, Axel Beckert wrote:
Hi J.C.
On Thu, Mar 03, 2016 at 12:13:51PM -0800, J.C. Cleaver wrote:
Three distinct problems:
1) criticaleditor should only be rejecting based on POSTs
2) criticalview is a regular CGI, not a secure one
3) ackinfo wasn't allowing ack submission directly from svcstatus POSTs
#3 is my fault -- I actually was not aware that the NK feature placed
the
form in that spot.
The attached patch seems to fix all three of these issues for me. I'd
appreciate it if y'all could test.
Fixes my issue: I can ack issues from the svcstatus view of critical
hosts again. Thanks!
Shall I expect a 4.3.27 rather soon or shall I fix this in Debian for
now with this patch? I tend to the latter.
For today, I'd suggest the patch.
I'd like to validate further and catch any other issues that might crop up
before 4.3.27 (early next week).
Regards,
-jc