New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Fix PDO prepare for CVE-2023-39524 #33758
Conversation
clotairer
commented
Aug 29, 2023
•
edited
edited
Questions | Answers |
---|---|
Branch? | develop |
Description? | Instead of using the legacy method pSQL() use a proper "prepare" via PDO. |
Type? | refacto |
Category? | BO |
BC breaks? | no |
Deprecations? | no |
How to test? | As a backoffice user, go to "edit a product" V2 page, verify the search field for "associated product" works correctly |
Fixed issue or discussion? | Fixes #33759 |
Related PRs | NC |
Sponsor company | @202-ecommerce |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
👍
to be tested by a developer (I'll do it)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Hello @clotairer and @matthieu-rolland what is the branch choice for this PR? Currently it targets develop
but PR table says develop / 8.1.x
For me, it's just a refactoring. No emergency. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Good for me then 👍 I updated the PR body
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I believe this should go inside the 8.1.x branch.
Edit: I see comment above now, nothing to change. Thanks @clotairer
UI tests https://github.com/nicosomb/ga.tests.ui.pr/actions/runs/6108071781 if all is ✅ , we can merge. |
thank you @clotairer ! |