lp:ubuntu/precise-updates/swift
- Get this branch:
- bzr branch lp:ubuntu/precise-updates/swift
Branch merges
Branch information
Recent revisions
- 41. By Jamie Strandboge
-
[ Marc Deslauriers ]
* SECURITY UPDATE: metadata constraint bypass via multiple requests
- debian/patches/ CVE-2014- 7960.patch: add metadata checks to
swift/account/ server. py, swift/common/ constraints. py,
swift/common/ db.py, swift/container /server. py, added tests to
test/unit/common/ test_db. py,
test/functionalnoset ests/test_ account. py,
test/functionalnoset ests/test_ container. py.
- CVE-2014-7960[ Jamie Strandboge ]
* debian/patches/ CVE-2014- 7960.patch:
- adjust unittests since we use webob.exc and not the newer swob
- adjust functional tests to properly skip if test environment is not
specified and to not interfere with other functional tests
* debian/control: Build-Depends on python-mock - 40. By Marc Deslauriers
-
* SECURITY UPDATE: timing side-channel attack in TempURL
- debian/patches/ CVE-2014- 0006.patch: use constant time comparison in
swift/common/ middleware/ tempurl. py.
- CVE-2014-0006 - 39. By Jamie Strandboge
-
* SECURITY UPDATE: Fix handling of DELETE obj reqs with old timestamp
- debian/patches/ CVE-2013- 4155.patch: don't create tombstone files when
a file with a newer timestamp exists
- CVE-2013-4155
- LP: #1196932 - 38. By Jamie Strandboge
-
* SECURITY UPDATE: fix unchecked input in XML responses
- debian/patches/ CVE-2013- 2161.patch: use saxutils. quoteattr( ) on account
name
- CVE-2013-2161
- LP: #1183884
* SECURITY UPDATE: optionally allow using secure json serialization instead
of pickle.
- debian/patches/ CVE-2012- 4406.patch: add memcache_ serialization_ support
option and update man pages
- debian/patches/ memcache_ serialization_ support- default- to-zero. patch:
default to insecure pickle configuration for people upgrading.
Interested users can adjust this as desired
- CVE-2012-4406
- LP: #1006414 - 36. By Chuck Short
-
* New upstream release.
* debian/patches/ fix-ubuntu- unittests. patch: Refreshed.
* debian/patches/ fix-doc- no-network. patch: Dont access network when
trying to build docs. - 35. By Chuck Short
-
* debian/rules: Make the build fail if the testsuite doesnt pass.
* debian/patches/ fix-ubuntu- unittests. patch: Various fixes to build
swift in the buildds. - 34. By James Page
-
* Fixup upstart configurations (LP: #954477):
- d/rules: Correctly generate ALL upstart configurations when
building for Ubuntu.
- d/*.upstart.in: Update upstart config's to use new conf file locations. - 33. By Chuck Short
-
[ Chuck Short ]
* New upstream release.[ Thierry Carrez (ttx) ]
* Remove swift-stats-populate, swift-stats-report and stats.conf-sample to
match Swift 1.4.7 contents
Branch metadata
- Branch format:
- Branch format 7
- Repository format:
- Bazaar repository format 2a (needs bzr 1.16 or later)
- Stacked on:
- lp:ubuntu/saucy/swift