lp:~hggdh2/ubuntu/oneiric/cobbler/bug943000

Branch merges

Propose for merging

No branches dependent on this one.

Merged into lp:ubuntu/oneiric/cobbler

James Page: Approve on 2012-03-16

Ubuntu branches: Pending requested 2012-03-01

Diff: 1126 lines (+951/-18)

11 files modified

.pc/48_ubuntu_mini_iso_autodetect.patch/cobbler/modules/manage_import_debian_ubuntu.py (+2/-2)
.pc/49_ubuntu_add_arm_arch_support.patch/cobbler/modules/manage_import_debian_ubuntu.py (+2/-2)
.pc/58_ubuntu_from_git_pxe_fails_on_image.patch/cobbler/pxegen.py (+876/-0)
.pc/applied-patches (+1/-0)
cobbler/codes.py (+1/-1)
cobbler/modules/manage_import_debian_ubuntu.py (+2/-2)
cobbler/pxegen.py (+3/-4)
debian/changelog (+18/-0)
debian/patches/47_ubuntu_add_oneiric_codename.patch (+7/-7)
debian/patches/58_ubuntu_from_git_pxe_fails_on_image.patch (+38/-0)
debian/patches/series (+1/-0)

api

Related source package recipes

No recipes using this branch. (?)

Create packaging recipe

Related snap packages

Related bugs

Bug #943000: update to system fails with Exception value: 'NoneType' object has no attribute 'os_version'

Critical

Fix Released

Link a bug report

Related blueprints

54. By C de-Avillez on 2012-03-01

ajusted debian/changelog. I insist in forgetting to set it right :-(

53. By C de-Avillez on 2012-03-01

debian/patches/58_ubuntu_from_git_pxe_fails_on_image.patch:
pxegen.py crashes if an image without distro is genned. Patch
rebased & augmented from upstream Git. Other codepaths may
lead to similar crashes, but I am only correcting the specific
error we got. (LP: #943000)

52. By Andres Rodriguez on 2011-12-09

Reverted changes back to rev50

51. By Andres Rodriguez on 2011-12-09

* SECURITY UPDATE: arbitrary code execution via PYTHON_EGG_CACHE in insecure
  location (LP: #858875)
  - debian/patches/58_fix_egg_cache.patch: move PYTHON_EGG_CACHE to
    /var/lib/cobbler/webui_cache (copied from fix to precise).
* SECURITY UPDATE: CSRF vulnerability in cobbler-web (LP: #858878)
  - debian/patches/59_add_csrf_protection.patch: use Django's built-in
    CSRF protection (taken from upstream).
* SECURITY UPDATE: arbitrary code execution via web interface (LP: #858883)
  - debian/patches/60_yaml_safe_load.patch: use yaml.safe_load instead of
    yaml.load (taken from upstream).
* SECURITY UPDATE: users.digest file is world readable (LP: #858860)
  - debian/cobbler.postinst: create /etc/cobbler/users.digest as 600
* SECURITY UPDATE: webui_sessions uses insecure permissions (LP: #863755)
  - debian/cobbler.postinst: fix permissions on webui_{sessions,cache} to
    0700

50. By Andres Rodriguez on 2011-12-02

* SRU (LP: #899283):
  - debian/patches/47_ubuntu_add_oneiric_codename.patch: Updated to add
    'precise' as a importable/supported release.

49. By Luke Yelavich on 2011-09-29

releasing version 2.1.0+git20110602-0ubuntu26

48. By Luke Yelavich on 2011-09-29

Merge branch lp:~gandelman-a/ubuntu/oneiric/cobbler/lp850892

47. By Andres Rodriguez on 2011-09-08

debian/cobbler-common.install: Install missing pxeprofile_arm.template
and pxesystem_arm.template (LP: #844982).

46. By Andres Rodriguez on 2011-09-06

debian/cobbler-web.postinst: Correctly handle creation/validation of
links for the Ubuntu font for cobbler-web. (LP: #840188)

45. By Andres Rodriguez on 2011-09-01

debian/patches/57_ubuntu_dnsmasq_domain.patch: Add commented 'domain'
field on dnsmasq template to be later used by orchestra. (LP: #834172)