[ubuntu/precise-updates] swift 1.4.8-0ubuntu2.5 (Accepted)
Ubuntu Archive Robot
cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk
Thu Aug 6 02:58:12 UTC 2015
swift (1.4.8-0ubuntu2.5) precise-security; urgency=medium
[ Marc Deslauriers ]
* SECURITY UPDATE: metadata constraint bypass via multiple requests
- debian/patches/CVE-2014-7960.patch: add metadata checks to
swift/account/server.py, swift/common/constraints.py,
swift/common/db.py, swift/container/server.py, added tests to
test/unit/common/test_db.py,
test/functionalnosetests/test_account.py,
test/functionalnosetests/test_container.py.
- CVE-2014-7960
[ Jamie Strandboge ]
* debian/patches/CVE-2014-7960.patch:
- adjust unittests since we use webob.exc and not the newer swob
- adjust functional tests to properly skip if test environment is not
specified and to not interfere with other functional tests
* debian/control: Build-Depends on python-mock
Date: 2015-07-27 16:20:12.151779+00:00
Changed-By: Jamie Strandboge <jamie at ubuntu.com>
Signed-By: Ubuntu Archive Robot <cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk>
https://launchpad.net/ubuntu/+source/swift/1.4.8-0ubuntu2.5
-------------- next part --------------
Sorry, changesfile not available.
More information about the Precise-changes
mailing list