Ubuntu
nova package

Merge lp://qastaging/~soren/ubuntu/oneiric/nova/reconcile-with-security into lp://qastaging/ubuntu/oneiric-proposed/nova

  1. Oneiric (11.10)
  2. reconcile-with-security
  3. Merge into oneiric-proposed
Proposed by Soren Hansen
Status: Rejected
Rejected by: Soren Hansen
Proposed branch: lp://qastaging/~soren/ubuntu/oneiric/nova/reconcile-with-security
Merge into: lp://qastaging/ubuntu/oneiric-proposed/nova
Diff against target: 1610 lines (+1514/-9)
10 files modified
.pc/applied-patches (+1/-0)
.pc/security-fix-lp868360.patch/Authors (+125/-0)
.pc/security-fix-lp868360.patch/nova/api/ec2/__init__.py (+440/-0)
.pc/security-fix-lp868360.patch/nova/auth/manager.py (+842/-0)
Authors (+1/-0)
debian/changelog (+30/-0)
debian/patches/security-fix-lp868360.patch (+70/-0)
debian/patches/series (+1/-0)
nova/api/ec2/__init__.py (+2/-1)
nova/auth/manager.py (+2/-8)
To merge this branch: bzr merge lp://qastaging/~soren/ubuntu/oneiric/nova/reconcile-with-security
Reviewer Review Type Date Requested Status
Ubuntu Development Team Pending
Review via email: mp+80562@code.qastaging.launchpad.net

Description of the change

Merged oneiric-security into oneiric-proposed, added changelog entry.

To post a comment you must log in.
Revision history for this message
Dave Walker (davewalker) wrote :

Hey Soren, did this package ever hit -proposed archive pocket? It's not clear to me why this is needed?

Revision history for this message
Soren Hansen (soren) wrote :

We were working on a package update for -proposed. I forget if it ever landed, but I don't think it did.

However, as this work was progressing, a security update landed in -security. We obviously want to fold that security updates into our -proposed branch. That's what this branch does.

Unmerged revisions

47. By Soren Hansen

Merge update from oneiric-security and add new changelog entry for -proposed:
* 2011.3-0ubuntu6.1 never made it past -proposed, due to 2011.3-
  0ubuntu6.2 which was a security fix (without the changes from
  2011.3-0ubuntu6.1). This upload brings the changes from 2011.3-
  0ubuntu6.1 back.
* SECURITY UPDATE: fix information leak via invalid key
  debina/patches/security-fix-lp868360.patch: adjust nova/auth/manager.py
  to not return access, secret or admin fields for User error and
  project_manager_id, description and member_ids for Project
  - LP: #868360
  - CVE-2011-XXXX

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
The diff is not available at this time. You can reload the page or download it.

Subscribers

People subscribed via source and target branches

to all changes: