-
Committer:
Package Import Robot
-
Author(s):
Jamie Strandboge, Marc Deslauriers, Jamie Strandboge
-
Date:
2015-07-27 10:48:47 UTC
-
Revision ID:
package-import@ubuntu.com-20150727104847-zn94ofmgyj23rp3p
Tags: 1.4.8-0ubuntu2.5
[ Marc Deslauriers ]
* SECURITY UPDATE: metadata constraint bypass via multiple requests
- debian/patches/CVE-2014-7960.patch: add metadata checks to
swift/account/server.py, swift/common/constraints.py,
swift/common/db.py, swift/container/server.py, added tests to
test/unit/common/test_db.py,
test/functionalnosetests/test_account.py,
test/functionalnosetests/test_container.py.
- CVE-2014-7960
[ Jamie Strandboge ]
* debian/patches/CVE-2014-7960.patch:
- adjust unittests since we use webob.exc and not the newer swob
- adjust functional tests to properly skip if test environment is not
specified and to not interfere with other functional tests
* debian/control: Build-Depends on python-mock