From 84074d411ce774406aa4e485437e7b5302d931bc Mon Sep 17 00:00:00 2001 From: Bruce Ashfield Date: Fri, 9 May 2014 15:18:08 -0400 Subject: core: update core components to latest havana/stable releases Signed-off-by: Bruce Ashfield --- .../recipes-devtools/python/python-cinder_git.bb | 4 +- .../recipes-devtools/python/python-glance_git.bb | 4 +- .../recipes-devtools/python/python-heat_git.bb | 4 +- .../recipes-devtools/python/python-horizon_git.bb | 4 +- .../CVE-2014-2828-keystone-1300274.patch | 60 ---------------------- .../recipes-devtools/python/python-keystone_git.bb | 5 +- .../recipes-devtools/python/python-neutron_git.bb | 4 +- .../recipes-devtools/python/python-nova_git.bb | 4 +- 8 files changed, 14 insertions(+), 75 deletions(-) delete mode 100644 meta-openstack/recipes-devtools/python/python-keystone/CVE-2014-2828-keystone-1300274.patch (limited to 'meta-openstack/recipes-devtools/python') diff --git a/meta-openstack/recipes-devtools/python/python-cinder_git.bb b/meta-openstack/recipes-devtools/python/python-cinder_git.bb index 237377d..0374b79 100644 --- a/meta-openstack/recipes-devtools/python/python-cinder_git.bb +++ b/meta-openstack/recipes-devtools/python/python-cinder_git.bb @@ -19,8 +19,8 @@ SRC_URI = "git://github.com/openstack/${SRCNAME}.git;branch=stable/havana \ file://fix_cinder_memory_leak.patch \ " -SRCREV="8b5fb8409322f61d8b610c97c109a61bf48a940e" -PV="2013.2.2+git${SRCPV}" +SRCREV="81259f36f57e91b31009fbd209ea2a07a2ceb213" +PV="2013.2.3+git${SRCPV}" S = "${WORKDIR}/git" inherit setuptools update-rc.d identity default_configs diff --git a/meta-openstack/recipes-devtools/python/python-glance_git.bb b/meta-openstack/recipes-devtools/python/python-glance_git.bb index d2f5f21..e9e8353 100644 --- a/meta-openstack/recipes-devtools/python/python-glance_git.bb +++ b/meta-openstack/recipes-devtools/python/python-glance_git.bb @@ -11,8 +11,8 @@ SRC_URI = "git://github.com/openstack/${SRCNAME}.git;branch=stable/havana \ file://glance.init \ " -SRCREV="1690a739cd94efe6cb2af8e794a4acdf59de54cd" -PV="2013.2.2+git${SRCPV}" +SRCREV="396ca82f7e359b430a6cb0a6162d7bc937367705" +PV="2013.2.3+git${SRCPV}" S = "${WORKDIR}/git" diff --git a/meta-openstack/recipes-devtools/python/python-heat_git.bb b/meta-openstack/recipes-devtools/python/python-heat_git.bb index bd32aca..b5dd958 100644 --- a/meta-openstack/recipes-devtools/python/python-heat_git.bb +++ b/meta-openstack/recipes-devtools/python/python-heat_git.bb @@ -12,8 +12,8 @@ SRC_URI = "git://github.com/openstack/${SRCNAME}.git;branch=stable/havana \ file://heat.init \ " -SRCREV="ff6901141fbbc0a13604491aaba01a60487d6f6d" -PV="2013.2.2+git${SRCPV}" +SRCREV="58de9e6415f5bdabde708c8584b21b59b7e96a88" +PV="2013.2.3+git${SRCPV}" S = "${WORKDIR}/git" do_install_append() { diff --git a/meta-openstack/recipes-devtools/python/python-horizon_git.bb b/meta-openstack/recipes-devtools/python/python-horizon_git.bb index f4cc16f..11cc854 100644 --- a/meta-openstack/recipes-devtools/python/python-horizon_git.bb +++ b/meta-openstack/recipes-devtools/python/python-horizon_git.bb @@ -37,8 +37,8 @@ SRC_URI = "git://github.com/openstack/${SRCNAME}.git;branch=stable/havana \ file://local_settings.py \ " -SRCREV="b2259b352fd1e00a269b8275afa8093223598235" -PV="2013.2+git${SRCPV}" +SRCREV="cd1de75ee2a8c246d5564e96ccc48185816c2290" +PV="2013.2.3+git${SRCPV}" S = "${WORKDIR}/git" inherit setuptools update-rc.d python-dir default_configs diff --git a/meta-openstack/recipes-devtools/python/python-keystone/CVE-2014-2828-keystone-1300274.patch b/meta-openstack/recipes-devtools/python/python-keystone/CVE-2014-2828-keystone-1300274.patch deleted file mode 100644 index 1c5392f..0000000 --- a/meta-openstack/recipes-devtools/python/python-keystone/CVE-2014-2828-keystone-1300274.patch +++ /dev/null @@ -1,60 +0,0 @@ -From e364ba5b12de8e4c11bd80bcca903f9615dcfc2e Mon Sep 17 00:00:00 2001 -From: Florent Flament -Date: Tue, 1 Apr 2014 12:48:22 +0000 -Subject: Sanitizes authentication methods received in requests. - -When a user authenticates against Identity V3 API, he can specify -multiple authentication methods. This patch removes duplicates, which -could have been used to achieve DoS attacks. - -Closes-Bug: 1300274 -(cherry picked from commit ef868ad92c00e23a4a5e9eb71e3e0bf5ae2fff0c) -Cherry-pick from https://review.openstack.org/#/c/84425/ - -Change-Id: I6e60324309baa094a5e54b012fb0fc528fea72ab - -diff --git a/keystone/auth/controllers.py b/keystone/auth/controllers.py -index c3399df..4944316 100644 ---- a/keystone/auth/controllers.py -+++ b/keystone/auth/controllers.py -@@ -225,7 +225,13 @@ class AuthInfo(object): - :returns: list of auth method names - - """ -- return self.auth['identity']['methods'] or [] -+ # Sanitizes methods received in request's body -+ # Filters out duplicates, while keeping elements' order. -+ method_names = [] -+ for method in self.auth['identity']['methods']: -+ if method not in method_names: -+ method_names.append(method) -+ return method_names - - def get_method_data(self, method): - """Get the auth method payload. -diff --git a/keystone/tests/test_v3_auth.py b/keystone/tests/test_v3_auth.py -index d07e6ae..e89e29f 100644 ---- a/keystone/tests/test_v3_auth.py -+++ b/keystone/tests/test_v3_auth.py -@@ -81,6 +81,18 @@ class TestAuthInfo(test_v3.RestfulTestCase): - None, - auth_data) - -+ def test_get_method_names_duplicates(self): -+ auth_data = self.build_authentication_request( -+ token='test', -+ user_id='test', -+ password='test')['auth'] -+ auth_data['identity']['methods'] = ['password', 'token', -+ 'password', 'password'] -+ context = None -+ auth_info = auth.controllers.AuthInfo(context, auth_data) -+ self.assertEqual(auth_info.get_method_names(), -+ ['password', 'token']) -+ - def test_get_method_data_invalid_method(self): - auth_data = self.build_authentication_request( - user_id='test', --- -cgit v0.10.1 - diff --git a/meta-openstack/recipes-devtools/python/python-keystone_git.bb b/meta-openstack/recipes-devtools/python/python-keystone_git.bb index 982a088..d8fb4ab 100644 --- a/meta-openstack/recipes-devtools/python/python-keystone_git.bb +++ b/meta-openstack/recipes-devtools/python/python-keystone_git.bb @@ -13,11 +13,10 @@ SRC_URI = "git://github.com/openstack/${SRCNAME}.git;branch=stable/havana \ file://keystone \ file://openrc \ file://Update-test-core-ETCDIR-location.patch \ - file://CVE-2014-2828-keystone-1300274.patch \ " -SRCREV="a96d1a44bc0f074729c312e5c2a0f0875edf1765" -PV="2013.2.2+git${SRCPV}" +SRCREV="e7c29874e5a0e43f4f0e9970556c701af508152f" +PV="2013.2.3+git${SRCPV}" S = "${WORKDIR}/git" diff --git a/meta-openstack/recipes-devtools/python/python-neutron_git.bb b/meta-openstack/recipes-devtools/python/python-neutron_git.bb index 6deb0d3..4cf4751 100644 --- a/meta-openstack/recipes-devtools/python/python-neutron_git.bb +++ b/meta-openstack/recipes-devtools/python/python-neutron_git.bb @@ -16,8 +16,8 @@ SRC_URI = "git://github.com/openstack/${SRCNAME}.git;branch=stable/havana \ file://dhcp_agent.ini \ file://neutron-dhcp-agent-netns-cleanup.cron \ " -SRCREV="8cb9d895675f2a89c6b741da4b594f416fbeee5a" -PV="2013.2.2+git${SRCPV}" +SRCREV="a8417d78c2675a2ceb5dbfcee70948a88d69e747" +PV="2013.2.3+git${SRCPV}" S = "${WORKDIR}/git" diff --git a/meta-openstack/recipes-devtools/python/python-nova_git.bb b/meta-openstack/recipes-devtools/python/python-nova_git.bb index d77260e..8ffc6df 100644 --- a/meta-openstack/recipes-devtools/python/python-nova_git.bb +++ b/meta-openstack/recipes-devtools/python/python-nova_git.bb @@ -22,8 +22,8 @@ SRC_URI += "file://nova-all \ file://nova.conf \ file://openrc \ " -SRCREV="feedcb240807cdfa354d27ebe3a4b7f416504a62" -PV="2013.2.2+git${SRCPV}" +SRCREV="a3a955507d9d4b3e2688847fe45f88a26be3e8cc" +PV="2013.2.3+git${SRCPV}" S = "${WORKDIR}/git" -- cgit v1.2.3-54-g00ecf