lp:~andreserl/+junk/cobbler
- Get this branch:
- bzr branch lp:~andreserl/+junk/cobbler
Branch information
- Owner:
- Andres Rodriguez
- Status:
- Development
Recent revisions
- 51. By Andres Rodriguez
-
* SECURITY UPDATE: arbitrary code execution via PYTHON_EGG_CACHE in insecure
location (LP: #858875)
- debian/patches/ 58_fix_ egg_cache. patch: move PYTHON_EGG_CACHE to
/var/lib/cobbler/ webui_cache (copied from fix to precise).
* SECURITY UPDATE: CSRF vulnerability in cobbler-web (LP: #858878)
- debian/patches/ 59_add_ csrf_protection .patch: use Django's built-in
CSRF protection (taken from upstream).
* SECURITY UPDATE: arbitrary code execution via web interface (LP: #858883)
- debian/patches/ 60_yaml_ safe_load. patch: use yaml.safe_load instead of
yaml.load (taken from upstream).
* SECURITY UPDATE: users.digest file is world readable (LP: #858860)
- debian/cobbler. postinst: create /etc/cobbler/ users.digest as 600
* SECURITY UPDATE: webui_sessions uses insecure permissions (LP: #863755)
- debian/cobbler. postinst: fix permissions on webui_{ sessions, cache} to
0700 - 50. By Andres Rodriguez
-
* SRU (LP: #899283):
- debian/patches/ 47_ubuntu_ add_oneiric_ codename. patch: Updated to add
'precise' as a importable/supported release. - 47. By Andres Rodriguez
-
debian/
cobbler- common. install: Install missing pxeprofile_ arm.template
and pxesystem_arm.template (LP: #844982). - 46. By Andres Rodriguez
-
debian/
cobbler- web.postinst: Correctly handle creation/validation of
links for the Ubuntu font for cobbler-web. (LP: #840188) - 45. By Andres Rodriguez
-
debian/
patches/ 57_ubuntu_ dnsmasq_ domain. patch: Add commented 'domain'
field on dnsmasq template to be later used by orchestra. (LP: #834172) - 44. By Adam Gandelman
-
cobbler-web: Localize use of Ubuntu fonts, add ttf-ubuntu-
font-family
as Depends. (LP #834868) - 43. By Andres Rodriguez
-
debian/
patches/ 52_ubuntu_ default_ config. patch: Update. Add 'orchestra'
to cheetah_import_ whitelist
Branch metadata
- Branch format:
- Branch format 7
- Repository format:
- Bazaar repository format 2a (needs bzr 1.16 or later)