Ubuntu
glance package

Merge lp://staging/~yolanda.robla/ubuntu/precise/glance/essex-sru into lp://staging/ubuntu/precise-updates/glance

  1. Precise (12.04)
  2. essex-sru
  3. Merge into precise-updates
Proposed by Yolanda Robla
Status: Rejected
Rejected by: James Page
Proposed branch: lp://staging/~yolanda.robla/ubuntu/precise/glance/essex-sru
Merge into: lp://staging/ubuntu/precise-updates/glance
Diff against target: 1573 lines (+309/-1085)
21 files modified
.gitignore (+0/-11)
.gitreview (+0/-5)
.mailmap (+0/-19)
.pc/CVE-2012-4573.patch/glance/api/v1/images.py (+0/-973)
.pc/applied-patches (+0/-1)
.pc/fix_migration_012_foreign_keys.patch/Authors (+1/-0)
Authors (+1/-0)
PKG-INFO (+15/-0)
debian/changelog (+18/-0)
debian/glance-api.logrotate (+1/-1)
debian/glance-registry.logrotate (+1/-1)
debian/patches/CVE-2012-4573.patch (+0/-35)
debian/patches/fix_migration_012_foreign_keys.patch (+22/-26)
debian/patches/series (+0/-1)
glance.egg-info/PKG-INFO (+15/-0)
glance.egg-info/SOURCES.txt (+217/-0)
glance.egg-info/dependency_links.txt (+1/-0)
glance.egg-info/top_level.txt (+1/-0)
glance/vcsversion.py (+7/-0)
setup.cfg (+8/-11)
tools/pip-requires (+1/-1)
To merge this branch: bzr merge lp://staging/~yolanda.robla/ubuntu/precise/glance/essex-sru
Reviewer Review Type Date Requested Status
James Page Disapprove
Review via email: mp+140451@code.staging.launchpad.net

This proposal supersedes a proposal from 2012-12-18.

To post a comment you must log in.
Revision history for this message
James Page (james-page) wrote : Posted in a previous version of this proposal

Yolanda

Specifically what was the pep8 issue that was causing the build to fail?

[ Yolanda Robla ]
* debian/rules: skipping pep8 tests to allow building

review: Needs Information
Revision history for this message
James Page (james-page) wrote :

As discussed with Yolanda on IRC, this update is pretty much no-change as the security issue is already patched and the jenkins problem does not effect Ubuntu.

review: Disapprove

Unmerged revisions

53. By Yolanda Robla

removed skipping pep8 tests
fix typos in changelog

52. By Yolanda Robla

[ Adam Gandelman ]
* debian/glance-{registry, api}.logrotate: Fix incorrect logfile
  locations. (LP: #1049314)

[ Yolanda Robla ]
* debian/rules: skipping pep8 tests to allow building

[ Yolanda Robla Mota ]
* Resynchronize with stable/essex (efd7e75b):
  - [efd7e75] Non-admin users can cause public glance images to be deleted
    from the backend storage repository (CVE-2012-4573)
  - [e6be061] Jenkins jobs fail because of incompatibility between sqlalchemy-
    migrate and the newest sqlalchemy-0.8.0b1 (LP: #1073569)

* Dropped patches, superseeded by snapshot:
  - debian/patches/CVE-2012-4573.patch: [efd7e75]

51. By Jamie Strandboge

* SECURITY UPDATE: deletion of arbitrary public and shared images via
  authenticated user
  - debian/patches/CVE-2012-4573.patch: adjust glance/api/v1/images.py to
    ensure image is owned by user before delayed_deletion
  - CVE-2012-4573

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
The diff is not available at this time. You can reload the page or download it.

Subscribers

People subscribed via source and target branches

to all changes: