lp:~andreserl/+junk/cobbler

Created by Andres Rodriguez on 2011-12-09 and last modified on 2011-12-09
Get this branch:
bzr branch lp:~andreserl/+junk/cobbler
Only Andres Rodriguez can upload to this branch. If you are Andres Rodriguez please log in for upload directions.

Related bugs

Related blueprints

Branch information

Owner:
Andres Rodriguez
Status:
Development

Recent revisions

52. By Andres Rodriguez on 2011-12-09

Reverted changes back to rev50

51. By Andres Rodriguez on 2011-12-09

* SECURITY UPDATE: arbitrary code execution via PYTHON_EGG_CACHE in insecure
  location (LP: #858875)
  - debian/patches/58_fix_egg_cache.patch: move PYTHON_EGG_CACHE to
    /var/lib/cobbler/webui_cache (copied from fix to precise).
* SECURITY UPDATE: CSRF vulnerability in cobbler-web (LP: #858878)
  - debian/patches/59_add_csrf_protection.patch: use Django's built-in
    CSRF protection (taken from upstream).
* SECURITY UPDATE: arbitrary code execution via web interface (LP: #858883)
  - debian/patches/60_yaml_safe_load.patch: use yaml.safe_load instead of
    yaml.load (taken from upstream).
* SECURITY UPDATE: users.digest file is world readable (LP: #858860)
  - debian/cobbler.postinst: create /etc/cobbler/users.digest as 600
* SECURITY UPDATE: webui_sessions uses insecure permissions (LP: #863755)
  - debian/cobbler.postinst: fix permissions on webui_{sessions,cache} to
    0700

50. By Andres Rodriguez on 2011-12-02

* SRU (LP: #899283):
  - debian/patches/47_ubuntu_add_oneiric_codename.patch: Updated to add
    'precise' as a importable/supported release.

49. By Luke Yelavich on 2011-09-29

releasing version 2.1.0+git20110602-0ubuntu26

47. By Andres Rodriguez on 2011-09-08

debian/cobbler-common.install: Install missing pxeprofile_arm.template
and pxesystem_arm.template (LP: #844982).

46. By Andres Rodriguez on 2011-09-06

debian/cobbler-web.postinst: Correctly handle creation/validation of
links for the Ubuntu font for cobbler-web. (LP: #840188)

45. By Andres Rodriguez on 2011-09-01

debian/patches/57_ubuntu_dnsmasq_domain.patch: Add commented 'domain'
field on dnsmasq template to be later used by orchestra. (LP: #834172)

44. By Adam Gandelman on 2011-08-26

cobbler-web: Localize use of Ubuntu fonts, add ttf-ubuntu-font-family
as Depends. (LP #834868)

43. By Andres Rodriguez on 2011-08-23

debian/patches/52_ubuntu_default_config.patch: Update. Add 'orchestra'
to cheetah_import_whitelist

Branch metadata

Branch format:
Branch format 7
Repository format:
Bazaar repository format 2a (needs bzr 1.16 or later)
This branch contains Public information 
Everyone can see this information.

Subscribers