← Back to branch summary

~ubuntu-branches/ubuntu/precise/swift/precise-security

~ubuntu-branches/ubuntu/precise/swift/precise-security

Viewing all changes in revision 38.

Committer: Package Import Robot
Author(s): Jamie Strandboge
Date: 2013-06-17 14:56:56 UTC
Revision ID: package-import@ubuntu.com-20130617145656-vodjz6dpgduikobg

Tags: 1.4.8-0ubuntu2.2

https://launchpad.net/bugs/1183884

https://launchpad.net/bugs/1006414

* SECURITY UPDATE: fix unchecked input in XML responses
  - debian/patches/CVE-2013-2161.patch: use saxutils.quoteattr() on account
    name
  - CVE-2013-2161
  - LP: #1183884
* SECURITY UPDATE: optionally allow using secure json serialization instead
  of pickle.
  - debian/patches/CVE-2012-4406.patch: add memcache_serialization_support
    option and update man pages
  - debian/patches/memcache_serialization_support-default-to-zero.patch:
    default to insecure pickle configuration for people upgrading.
    Interested users can adjust this as desired
  - CVE-2012-4406
  - LP: #1006414

files added:
.pc/.quilt_patches

.pc/.quilt_series

.pc/CVE-2012-4406.patch

.pc/CVE-2012-4406.patch/AUTHORS

.pc/CVE-2012-4406.patch/doc

.pc/CVE-2012-4406.patch/doc/manpages

.pc/CVE-2012-4406.patch/doc/manpages/proxy-server.conf.5

.pc/CVE-2012-4406.patch/etc

.pc/CVE-2012-4406.patch/etc/memcache.conf-sample

.pc/CVE-2012-4406.patch/etc/proxy-server.conf-sample

.pc/CVE-2012-4406.patch/swift

.pc/CVE-2012-4406.patch/swift/common

.pc/CVE-2012-4406.patch/swift/common/memcached.py

.pc/CVE-2012-4406.patch/swift/common/middleware

.pc/CVE-2012-4406.patch/swift/common/middleware/memcache.py

.pc/CVE-2012-4406.patch/test

.pc/CVE-2012-4406.patch/test/unit

.pc/CVE-2012-4406.patch/test/unit/common

.pc/CVE-2012-4406.patch/test/unit/common/middleware

.pc/CVE-2012-4406.patch/test/unit/common/middleware/test_memcache.py

.pc/CVE-2012-4406.patch/test/unit/common/test_memcached.py

.pc/CVE-2013-2161.patch

.pc/CVE-2013-2161.patch/swift

.pc/CVE-2013-2161.patch/swift/account

.pc/CVE-2013-2161.patch/swift/account/server.py

.pc/CVE-2013-2161.patch/test

.pc/CVE-2013-2161.patch/test/unit

.pc/CVE-2013-2161.patch/test/unit/account

.pc/CVE-2013-2161.patch/test/unit/account/test_server.py

.pc/memcache_serialization_support-default-to-zero.patch

.pc/memcache_serialization_support-default-to-zero.patch/doc

.pc/memcache_serialization_support-default-to-zero.patch/doc/manpages

.pc/memcache_serialization_support-default-to-zero.patch/doc/manpages/proxy-server.conf.5

.pc/memcache_serialization_support-default-to-zero.patch/etc

.pc/memcache_serialization_support-default-to-zero.patch/etc/memcache.conf-sample

.pc/memcache_serialization_support-default-to-zero.patch/etc/proxy-server.conf-sample

.pc/memcache_serialization_support-default-to-zero.patch/swift

.pc/memcache_serialization_support-default-to-zero.patch/swift/common

.pc/memcache_serialization_support-default-to-zero.patch/swift/common/middleware

.pc/memcache_serialization_support-default-to-zero.patch/swift/common/middleware/memcache.py

.pc/memcache_serialization_support-default-to-zero.patch/test

.pc/memcache_serialization_support-default-to-zero.patch/test/unit

.pc/memcache_serialization_support-default-to-zero.patch/test/unit/common

.pc/memcache_serialization_support-default-to-zero.patch/test/unit/common/middleware

.pc/memcache_serialization_support-default-to-zero.patch/test/unit/common/middleware/test_memcache.py

debian/patches/CVE-2012-4406.patch

debian/patches/CVE-2013-2161.patch

debian/patches/memcache_serialization_support-default-to-zero.patch

files modified:
.pc/applied-patches

AUTHORS

debian/changelog

debian/patches/series

doc/manpages/proxy-server.conf.5

etc/memcache.conf-sample

etc/proxy-server.conf-sample

swift/account/server.py

swift/common/memcached.py

swift/common/middleware/memcache.py

test/unit/account/test_server.py

test/unit/common/middleware/test_memcache.py

test/unit/common/test_memcached.py

Show diffs side-by-side

added added

removed removed

.pc/.quilt_patches

.pc/.quilt_series

.pc/CVE-2012-4406.patch/

.pc/CVE-2012-4406.patch/AUTHORS

.pc/CVE-2012-4406.patch/doc/

.pc/CVE-2012-4406.patch/doc/manpages/

.pc/CVE-2012-4406.patch/doc/manpages/proxy-server.conf.5

.pc/CVE-2012-4406.patch/etc/

.pc/CVE-2012-4406.patch/etc/memcache.conf-sample

.pc/CVE-2012-4406.patch/etc/proxy-server.conf-sample

.pc/CVE-2012-4406.patch/swift/

.pc/CVE-2012-4406.patch/swift/common/

.pc/CVE-2012-4406.patch/swift/common/memcached.py

.pc/CVE-2012-4406.patch/swift/common/middleware/

.pc/CVE-2012-4406.patch/swift/common/middleware/memcache.py

.pc/CVE-2012-4406.patch/test/

.pc/CVE-2012-4406.patch/test/unit/

.pc/CVE-2012-4406.patch/test/unit/common/

.pc/CVE-2012-4406.patch/test/unit/common/middleware/

.pc/CVE-2012-4406.patch/test/unit/common/middleware/test_memcache.py

.pc/CVE-2012-4406.patch/test/unit/common/test_memcached.py

.pc/CVE-2013-2161.patch/

.pc/CVE-2013-2161.patch/swift/

.pc/CVE-2013-2161.patch/swift/account/

.pc/CVE-2013-2161.patch/swift/account/server.py

.pc/CVE-2013-2161.patch/test/

.pc/CVE-2013-2161.patch/test/unit/

.pc/CVE-2013-2161.patch/test/unit/account/

.pc/CVE-2013-2161.patch/test/unit/account/test_server.py

.pc/applied-patches

.pc/memcache_serialization_support-default-to-zero.patch/

.pc/memcache_serialization_support-default-to-zero.patch/doc/

.pc/memcache_serialization_support-default-to-zero.patch/doc/manpages/

.pc/memcache_serialization_support-default-to-zero.patch/doc/manpages/proxy-server.conf.5

.pc/memcache_serialization_support-default-to-zero.patch/etc/

.pc/memcache_serialization_support-default-to-zero.patch/etc/memcache.conf-sample

.pc/memcache_serialization_support-default-to-zero.patch/etc/proxy-server.conf-sample

.pc/memcache_serialization_support-default-to-zero.patch/swift/

.pc/memcache_serialization_support-default-to-zero.patch/swift/common/

.pc/memcache_serialization_support-default-to-zero.patch/swift/common/middleware/

.pc/memcache_serialization_support-default-to-zero.patch/swift/common/middleware/memcache.py

.pc/memcache_serialization_support-default-to-zero.patch/test/

.pc/memcache_serialization_support-default-to-zero.patch/test/unit/

.pc/memcache_serialization_support-default-to-zero.patch/test/unit/common/

.pc/memcache_serialization_support-default-to-zero.patch/test/unit/common/middleware/

.pc/memcache_serialization_support-default-to-zero.patch/test/unit/common/middleware/test_memcache.py

debian/changelog

debian/patches/CVE-2012-4406.patch

debian/patches/CVE-2013-2161.patch

debian/patches/memcache_serialization_support-default-to-zero.patch

debian/patches/series

doc/manpages/proxy-server.conf.5

etc/memcache.conf-sample

etc/proxy-server.conf-sample

swift/account/server.py

swift/common/memcached.py

swift/common/middleware/memcache.py

test/unit/account/test_server.py

test/unit/common/middleware/test_memcache.py

test/unit/common/test_memcached.py

Older »