8 files changed, 14 insertions, 75 deletions
diff --git a/meta-openstack/recipes-devtools/python/python-cinder_git.bb b/meta-openstack/recipes-devtools/python/python-cinder_git.bb
index 237377d..0374b79 100644
--- a/meta-openstack/recipes-devtools/python/python-cinder_git.bb
+++ b/meta-openstack/recipes-devtools/python/python-cinder_git.bb
@@ -19,8 +19,8 @@ SRC_URI = "git://github.com/openstack/${SRCNAME}.git;branch=stable/havana \
    file://fix_cinder_memory_leak.patch \
        "
-SRCREV="8b5fb8409322f61d8b610c97c109a61bf48a940e"
+SRCREV="81259f36f57e91b31009fbd209ea2a07a2ceb213"
-PV="2013.2.2+git${SRCPV}"
+PV="2013.2.3+git${SRCPV}"
 S = "${WORKDIR}/git"
 inherit setuptools update-rc.d identity default_configs
diff --git a/meta-openstack/recipes-devtools/python/python-glance_git.bb b/meta-openstack/recipes-devtools/python/python-glance_git.bb
index d2f5f21..e9e8353 100644
--- a/meta-openstack/recipes-devtools/python/python-glance_git.bb
+++ b/meta-openstack/recipes-devtools/python/python-glance_git.bb
@@ -11,8 +11,8 @@ SRC_URI = "git://github.com/openstack/${SRCNAME}.git;branch=stable/havana \
           file://glance.init \
           "
-SRCREV="1690a739cd94efe6cb2af8e794a4acdf59de54cd"
+SRCREV="396ca82f7e359b430a6cb0a6162d7bc937367705"
-PV="2013.2.2+git${SRCPV}"
+PV="2013.2.3+git${SRCPV}"
 S = "${WORKDIR}/git"
diff --git a/meta-openstack/recipes-devtools/python/python-heat_git.bb b/meta-openstack/recipes-devtools/python/python-heat_git.bb
index bd32aca..b5dd958 100644
--- a/meta-openstack/recipes-devtools/python/python-heat_git.bb
+++ b/meta-openstack/recipes-devtools/python/python-heat_git.bb
@@ -12,8 +12,8 @@ SRC_URI = "git://github.com/openstack/${SRCNAME}.git;branch=stable/havana \
           file://heat.init \
 "
-SRCREV="ff6901141fbbc0a13604491aaba01a60487d6f6d"
+SRCREV="58de9e6415f5bdabde708c8584b21b59b7e96a88"
-PV="2013.2.2+git${SRCPV}"
+PV="2013.2.3+git${SRCPV}"
 S = "${WORKDIR}/git"
 do_install_append() {
diff --git a/meta-openstack/recipes-devtools/python/python-horizon_git.bb b/meta-openstack/recipes-devtools/python/python-horizon_git.bb
index f4cc16f..11cc854 100644
--- a/meta-openstack/recipes-devtools/python/python-horizon_git.bb
+++ b/meta-openstack/recipes-devtools/python/python-horizon_git.bb
@@ -37,8 +37,8 @@ SRC_URI = "git://github.com/openstack/${SRCNAME}.git;branch=stable/havana \
    file://local_settings.py \
    "
-SRCREV="b2259b352fd1e00a269b8275afa8093223598235"
+SRCREV="cd1de75ee2a8c246d5564e96ccc48185816c2290"
-PV="2013.2+git${SRCPV}"
+PV="2013.2.3+git${SRCPV}"
 S = "${WORKDIR}/git"
 inherit setuptools update-rc.d python-dir default_configs
diff --git a/meta-openstack/recipes-devtools/python/python-keystone/CVE-2014-2828-keystone-1300274.patch b/meta-openstack/recipes-devtools/python/python-keystone/CVE-2014-2828-keystone-1300274.patch
deleted file mode 100644
index 1c5392f..0000000
--- a/meta-openstack/recipes-devtools/python/python-keystone/CVE-2014-2828-keystone-1300274.patch
+++ /dev/null
@@ -1,60 +0,0 @@
-From e364ba5b12de8e4c11bd80bcca903f9615dcfc2e Mon Sep 17 00:00:00 2001
-From: Florent Flament <florent.flament-ext@cloudwatt.com>
-Date: Tue, 1 Apr 2014 12:48:22 +0000
-Subject: Sanitizes authentication methods received in requests.
-When a user authenticates against Identity V3 API, he can specify
-multiple authentication methods. This patch removes duplicates, which
-could have been used to achieve DoS attacks.
-Closes-Bug: 1300274
-(cherry picked from commit ef868ad92c00e23a4a5e9eb71e3e0bf5ae2fff0c)
-Cherry-pick from https://review.openstack.org/#/c/84425/
-Change-Id: I6e60324309baa094a5e54b012fb0fc528fea72ab
-diff --git a/keystone/auth/controllers.py b/keystone/auth/controllers.py
-index c3399df..4944316 100644
--- a/keystone/auth/controllers.py
-+++ b/keystone/auth/controllers.py
-@@ -225,7 +225,13 @@ class AuthInfo(object):
-         :returns: list of auth method names
- 
-         """
-        return self.auth['identity']['methods'] or []
-+        # Sanitizes methods received in request's body
-+        # Filters out duplicates, while keeping elements' order.
-+        method_names = []
-+        for method in self.auth['identity']['methods']:
-+            if method not in method_names:
-+                method_names.append(method)
-+        return method_names
- 
-     def get_method_data(self, method):
-         """Get the auth method payload.
-diff --git a/keystone/tests/test_v3_auth.py b/keystone/tests/test_v3_auth.py
-index d07e6ae..e89e29f 100644
--- a/keystone/tests/test_v3_auth.py
-+++ b/keystone/tests/test_v3_auth.py
-@@ -81,6 +81,18 @@ class TestAuthInfo(test_v3.RestfulTestCase):
-                           None,
-                           auth_data)
- 
-+    def test_get_method_names_duplicates(self):
-+        auth_data = self.build_authentication_request(
-+            token='test',
-+            user_id='test',
-+            password='test')['auth']
-+        auth_data['identity']['methods'] = ['password', 'token',
-+                                            'password', 'password']
-+        context = None
-+        auth_info = auth.controllers.AuthInfo(context, auth_data)
-+        self.assertEqual(auth_info.get_method_names(),
-+                         ['password', 'token'])
-+
-     def test_get_method_data_invalid_method(self):
-         auth_data = self.build_authentication_request(
-             user_id='test',
-- 
-cgit v0.10.1
diff --git a/meta-openstack/recipes-devtools/python/python-keystone_git.bb b/meta-openstack/recipes-devtools/python/python-keystone_git.bb
index 982a088..d8fb4ab 100644
--- a/meta-openstack/recipes-devtools/python/python-keystone_git.bb
+++ b/meta-openstack/recipes-devtools/python/python-keystone_git.bb
@@ -13,11 +13,10 @@ SRC_URI = "git://github.com/openstack/${SRCNAME}.git;branch=stable/havana \
           file://keystone \
           file://openrc \
           file://Update-test-core-ETCDIR-location.patch \
-           file://CVE-2014-2828-keystone-1300274.patch \
          "
-SRCREV="a96d1a44bc0f074729c312e5c2a0f0875edf1765"
+SRCREV="e7c29874e5a0e43f4f0e9970556c701af508152f"
-PV="2013.2.2+git${SRCPV}"
+PV="2013.2.3+git${SRCPV}"
 S = "${WORKDIR}/git"
diff --git a/meta-openstack/recipes-devtools/python/python-neutron_git.bb b/meta-openstack/recipes-devtools/python/python-neutron_git.bb
index 6deb0d3..4cf4751 100644
--- a/meta-openstack/recipes-devtools/python/python-neutron_git.bb
+++ b/meta-openstack/recipes-devtools/python/python-neutron_git.bb
@@ -16,8 +16,8 @@ SRC_URI = "git://github.com/openstack/${SRCNAME}.git;branch=stable/havana \
           file://dhcp_agent.ini \
           file://neutron-dhcp-agent-netns-cleanup.cron \
          "
-SRCREV="8cb9d895675f2a89c6b741da4b594f416fbeee5a"
+SRCREV="a8417d78c2675a2ceb5dbfcee70948a88d69e747"
-PV="2013.2.2+git${SRCPV}"
+PV="2013.2.3+git${SRCPV}"
 S = "${WORKDIR}/git"
diff --git a/meta-openstack/recipes-devtools/python/python-nova_git.bb b/meta-openstack/recipes-devtools/python/python-nova_git.bb
index d77260e..8ffc6df 100644
--- a/meta-openstack/recipes-devtools/python/python-nova_git.bb
+++ b/meta-openstack/recipes-devtools/python/python-nova_git.bb
@@ -22,8 +22,8 @@ SRC_URI += "file://nova-all \
            file://nova.conf \
            file://openrc \
           "
-SRCREV="feedcb240807cdfa354d27ebe3a4b7f416504a62"
+SRCREV="a3a955507d9d4b3e2688847fe45f88a26be3e8cc"
-PV="2013.2.2+git${SRCPV}"
+PV="2013.2.3+git${SRCPV}"
 S = "${WORKDIR}/git"

diff --git a/meta-openstack/recipes-devtools/python/python-cinder_git.bb b/meta-openstack/recipes-devtools/python/python-cinder_git.bb index 237377d..0374b79 100644 --- a/meta-openstack/recipes-devtools/python/python-cinder_git.bb +++ b/meta-openstack/recipes-devtools/python/python-cinder_git.bb
@@ -19,8 +19,8 @@ SRC_URI = "git://github.com/openstack/${SRCNAME}.git;branch=stable/havana \
19	file://fix_cinder_memory_leak.patch \	19	file://fix_cinder_memory_leak.patch \
20	"	20	"
21		21
22	SRCREV="8b5fb8409322f61d8b610c97c109a61bf48a940e"	22	SRCREV="81259f36f57e91b31009fbd209ea2a07a2ceb213"
23	PV="2013.2.2+git${SRCPV}"	23	PV="2013.2.3+git${SRCPV}"
24	S = "${WORKDIR}/git"	24	S = "${WORKDIR}/git"
25		25
26	inherit setuptools update-rc.d identity default_configs	26	inherit setuptools update-rc.d identity default_configs


diff --git a/meta-openstack/recipes-devtools/python/python-glance_git.bb b/meta-openstack/recipes-devtools/python/python-glance_git.bb index d2f5f21..e9e8353 100644 --- a/meta-openstack/recipes-devtools/python/python-glance_git.bb +++ b/meta-openstack/recipes-devtools/python/python-glance_git.bb
@@ -11,8 +11,8 @@ SRC_URI = "git://github.com/openstack/${SRCNAME}.git;branch=stable/havana \
11	file://glance.init \	11	file://glance.init \
12	"	12	"
13		13
14	SRCREV="1690a739cd94efe6cb2af8e794a4acdf59de54cd"	14	SRCREV="396ca82f7e359b430a6cb0a6162d7bc937367705"
15	PV="2013.2.2+git${SRCPV}"	15	PV="2013.2.3+git${SRCPV}"
16		16
17	S = "${WORKDIR}/git"	17	S = "${WORKDIR}/git"
18		18


diff --git a/meta-openstack/recipes-devtools/python/python-heat_git.bb b/meta-openstack/recipes-devtools/python/python-heat_git.bb index bd32aca..b5dd958 100644 --- a/meta-openstack/recipes-devtools/python/python-heat_git.bb +++ b/meta-openstack/recipes-devtools/python/python-heat_git.bb
@@ -12,8 +12,8 @@ SRC_URI = "git://github.com/openstack/${SRCNAME}.git;branch=stable/havana \
12	file://heat.init \	12	file://heat.init \
13	"	13	"
14		14
15	SRCREV="ff6901141fbbc0a13604491aaba01a60487d6f6d"	15	SRCREV="58de9e6415f5bdabde708c8584b21b59b7e96a88"
16	PV="2013.2.2+git${SRCPV}"	16	PV="2013.2.3+git${SRCPV}"
17	S = "${WORKDIR}/git"	17	S = "${WORKDIR}/git"
18		18
19	do_install_append() {	19	do_install_append() {


diff --git a/meta-openstack/recipes-devtools/python/python-horizon_git.bb b/meta-openstack/recipes-devtools/python/python-horizon_git.bb index f4cc16f..11cc854 100644 --- a/meta-openstack/recipes-devtools/python/python-horizon_git.bb +++ b/meta-openstack/recipes-devtools/python/python-horizon_git.bb
@@ -37,8 +37,8 @@ SRC_URI = "git://github.com/openstack/${SRCNAME}.git;branch=stable/havana \
37	file://local_settings.py \	37	file://local_settings.py \
38	"	38	"
39		39
40	SRCREV="b2259b352fd1e00a269b8275afa8093223598235"	40	SRCREV="cd1de75ee2a8c246d5564e96ccc48185816c2290"
41	PV="2013.2+git${SRCPV}"	41	PV="2013.2.3+git${SRCPV}"
42	S = "${WORKDIR}/git"	42	S = "${WORKDIR}/git"
43		43
44	inherit setuptools update-rc.d python-dir default_configs	44	inherit setuptools update-rc.d python-dir default_configs


diff --git a/meta-openstack/recipes-devtools/python/python-keystone/CVE-2014-2828-keystone-1300274.patch b/meta-openstack/recipes-devtools/python/python-keystone/CVE-2014-2828-keystone-1300274.patch deleted file mode 100644 index 1c5392f..0000000 --- a/meta-openstack/recipes-devtools/python/python-keystone/CVE-2014-2828-keystone-1300274.patch +++ /dev/null
@@ -1,60 +0,0 @@
1	From e364ba5b12de8e4c11bd80bcca903f9615dcfc2e Mon Sep 17 00:00:00 2001
2	From: Florent Flament <florent.flament-ext@cloudwatt.com>
3	Date: Tue, 1 Apr 2014 12:48:22 +0000
4	Subject: Sanitizes authentication methods received in requests.
5
6	When a user authenticates against Identity V3 API, he can specify
7	multiple authentication methods. This patch removes duplicates, which
8	could have been used to achieve DoS attacks.
9
10	Closes-Bug: 1300274
11	(cherry picked from commit ef868ad92c00e23a4a5e9eb71e3e0bf5ae2fff0c)
12	Cherry-pick from https://review.openstack.org/#/c/84425/
13
14	Change-Id: I6e60324309baa094a5e54b012fb0fc528fea72ab
15
16	diff --git a/keystone/auth/controllers.py b/keystone/auth/controllers.py
17	index c3399df..4944316 100644
18	--- a/keystone/auth/controllers.py
19	+++ b/keystone/auth/controllers.py
20	@@ -225,7 +225,13 @@ class AuthInfo(object):
21	:returns: list of auth method names
22
23	"""
24	- return self.auth['identity']['methods'] or []
25	+ # Sanitizes methods received in request's body
26	+ # Filters out duplicates, while keeping elements' order.
27	+ method_names = []
28	+ for method in self.auth['identity']['methods']:
29	+ if method not in method_names:
30	+ method_names.append(method)
31	+ return method_names
32
33	def get_method_data(self, method):
34	"""Get the auth method payload.
35	diff --git a/keystone/tests/test_v3_auth.py b/keystone/tests/test_v3_auth.py
36	index d07e6ae..e89e29f 100644
37	--- a/keystone/tests/test_v3_auth.py
38	+++ b/keystone/tests/test_v3_auth.py
39	@@ -81,6 +81,18 @@ class TestAuthInfo(test_v3.RestfulTestCase):
40	None,
41	auth_data)
42
43	+ def test_get_method_names_duplicates(self):
44	+ auth_data = self.build_authentication_request(
45	+ token='test',
46	+ user_id='test',
47	+ password='test')['auth']
48	+ auth_data['identity']['methods'] = ['password', 'token',
49	+ 'password', 'password']
50	+ context = None
51	+ auth_info = auth.controllers.AuthInfo(context, auth_data)
52	+ self.assertEqual(auth_info.get_method_names(),
53	+ ['password', 'token'])
54	+
55	def test_get_method_data_invalid_method(self):
56	auth_data = self.build_authentication_request(
57	user_id='test',
58	--
59	cgit v0.10.1
60


diff --git a/meta-openstack/recipes-devtools/python/python-keystone_git.bb b/meta-openstack/recipes-devtools/python/python-keystone_git.bb index 982a088..d8fb4ab 100644 --- a/meta-openstack/recipes-devtools/python/python-keystone_git.bb +++ b/meta-openstack/recipes-devtools/python/python-keystone_git.bb
@@ -13,11 +13,10 @@ SRC_URI = "git://github.com/openstack/${SRCNAME}.git;branch=stable/havana \
13	file://keystone \	13	file://keystone \
14	file://openrc \	14	file://openrc \
15	file://Update-test-core-ETCDIR-location.patch \	15	file://Update-test-core-ETCDIR-location.patch \
16	file://CVE-2014-2828-keystone-1300274.patch \
17	"	16	"
18		17
19	SRCREV="a96d1a44bc0f074729c312e5c2a0f0875edf1765"	18	SRCREV="e7c29874e5a0e43f4f0e9970556c701af508152f"
20	PV="2013.2.2+git${SRCPV}"	19	PV="2013.2.3+git${SRCPV}"
21		20
22	S = "${WORKDIR}/git"	21	S = "${WORKDIR}/git"
23		22


diff --git a/meta-openstack/recipes-devtools/python/python-neutron_git.bb b/meta-openstack/recipes-devtools/python/python-neutron_git.bb index 6deb0d3..4cf4751 100644 --- a/meta-openstack/recipes-devtools/python/python-neutron_git.bb +++ b/meta-openstack/recipes-devtools/python/python-neutron_git.bb
@@ -16,8 +16,8 @@ SRC_URI = "git://github.com/openstack/${SRCNAME}.git;branch=stable/havana \
16	file://dhcp_agent.ini \	16	file://dhcp_agent.ini \
17	file://neutron-dhcp-agent-netns-cleanup.cron \	17	file://neutron-dhcp-agent-netns-cleanup.cron \
18	"	18	"
19	SRCREV="8cb9d895675f2a89c6b741da4b594f416fbeee5a"	19	SRCREV="a8417d78c2675a2ceb5dbfcee70948a88d69e747"
20	PV="2013.2.2+git${SRCPV}"	20	PV="2013.2.3+git${SRCPV}"
21		21
22	S = "${WORKDIR}/git"	22	S = "${WORKDIR}/git"
23		23


diff --git a/meta-openstack/recipes-devtools/python/python-nova_git.bb b/meta-openstack/recipes-devtools/python/python-nova_git.bb index d77260e..8ffc6df 100644 --- a/meta-openstack/recipes-devtools/python/python-nova_git.bb +++ b/meta-openstack/recipes-devtools/python/python-nova_git.bb
@@ -22,8 +22,8 @@ SRC_URI += "file://nova-all \
22	file://nova.conf \	22	file://nova.conf \
23	file://openrc \	23	file://openrc \
24	"	24	"
25	SRCREV="feedcb240807cdfa354d27ebe3a4b7f416504a62"	25	SRCREV="a3a955507d9d4b3e2688847fe45f88a26be3e8cc"
26	PV="2013.2.2+git${SRCPV}"	26	PV="2013.2.3+git${SRCPV}"
27		27
28	S = "${WORKDIR}/git"	28	S = "${WORKDIR}/git"
29		29