1 |
idella4 14/06/27 10:53:30 |
2 |
|
3 |
Added: CVE-2014-4615.patch |
4 |
Log: |
5 |
sec. patch wrt Bug #515050, add IUSE, doc build, fix test phase, rm vuln. version |
6 |
|
7 |
(Portage version: 2.2.10/cvs/Linux x86_64, signed Manifest commit with key 0xB8072B0D) |
8 |
|
9 |
Revision Changes Path |
10 |
1.1 dev-python/pycadf/files/CVE-2014-4615.patch |
11 |
|
12 |
file : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/dev-python/pycadf/files/CVE-2014-4615.patch?rev=1.1&view=markup |
13 |
plain: http://sources.gentoo.org/viewvc.cgi/gentoo-x86/dev-python/pycadf/files/CVE-2014-4615.patch?rev=1.1&content-type=text/plain |
14 |
|
15 |
Index: CVE-2014-4615.patch |
16 |
=================================================================== |
17 |
https://review.openstack.org/#/c/94878/ |
18 |
Owner gordon chung |
19 |
Project openstack/pycadf |
20 |
Branch master |
21 |
Topic bug1321080 |
22 |
Uploaded May 22, 2014 10:12 PM |
23 |
Updated May 23, 2014 3:34 AM |
24 |
Status Merged |
25 |
|
26 |
Commit Message: remove token from notifier middleware |
27 |
|
28 |
notifier middleware is capturing token and sending it to MQ. this |
29 |
is not advisable so we should filter it out. |
30 |
|
31 |
Change-Id: I11d9f2f23fc3b60c945c33d4d02bd7640d88a083 |
32 |
Closes-Bug: #1321080 |
33 |
diff --git a/pycadf/middleware/notifier.py b/pycadf/middleware/notifier.py |
34 |
index fc921f8..621c8b4 100644 |
35 |
--- a/pycadf/middleware/notifier.py |
36 |
+++ b/pycadf/middleware/notifier.py |
37 |
@@ -88,7 +88,7 @@ |
38 |
include them. |
39 |
""" |
40 |
return dict((k, v) for k, v in six.iteritems(environ) |
41 |
- if k.isupper()) |
42 |
+ if k.isupper() and k != 'HTTP_X_AUTH_TOKEN') |
43 |
|
44 |
@log_and_ignore_error |
45 |
def process_request(self, request): |