← Back to branch summary

~ubuntu-branches/ubuntu/trusty/swift/trusty-updates

Viewing all changes in revision 64.

  • Committer: Package Import Robot
  • Author(s): Marc Deslauriers
  • Date: 2015-07-22 11:03:05 UTC
  • Revision ID: package-import@ubuntu.com-20150722110305-eq79r0smfdtmh5o8
Tags: 1.13.1-0ubuntu1.2
* SECURITY UPDATE: metadata constraint bypass via multiple requests
  - debian/patches/CVE-2014-7960.patch: add metadata checks to
    swift/account/server.py, swift/common/constraints.py,
    swift/common/db.py, swift/container/server.py, added tests to
    test/functional/test_account.py, test/functional/test_container.py,
    test/unit/common/test_db.py.
  - CVE-2014-7960
* SECURITY UPDATE: object deletion via x-versions-location container
  - debian/patches/CVE-2015-1856.patch: prevent unauthorized delete in
    swift/proxy/controllers/obj.py, added tests to
    test/functional/tests.py, test/unit/proxy/test_server.py.
  - CVE-2015-1856

expand all expand all

Show diffs side-by-side

added added

removed removed

Lines of Context: