| 1 |
idella4 14/06/27 10:53:30 |
| 2 |
|
| 3 |
Added: CVE-2014-4615.patch |
| 4 |
Log: |
| 5 |
sec. patch wrt Bug #515050, add IUSE, doc build, fix test phase, rm vuln. version |
| 6 |
|
| 7 |
(Portage version: 2.2.10/cvs/Linux x86_64, signed Manifest commit with key 0xB8072B0D) |
| 8 |
|
| 9 |
Revision Changes Path |
| 10 |
1.1 dev-python/pycadf/files/CVE-2014-4615.patch |
| 11 |
|
| 12 |
file : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/dev-python/pycadf/files/CVE-2014-4615.patch?rev=1.1&view=markup |
| 13 |
plain: http://sources.gentoo.org/viewvc.cgi/gentoo-x86/dev-python/pycadf/files/CVE-2014-4615.patch?rev=1.1&content-type=text/plain |
| 14 |
|
| 15 |
Index: CVE-2014-4615.patch |
| 16 |
=================================================================== |
| 17 |
https://review.openstack.org/#/c/94878/ |
| 18 |
Owner gordon chung |
| 19 |
Project openstack/pycadf |
| 20 |
Branch master |
| 21 |
Topic bug1321080 |
| 22 |
Uploaded May 22, 2014 10:12 PM |
| 23 |
Updated May 23, 2014 3:34 AM |
| 24 |
Status Merged |
| 25 |
|
| 26 |
Commit Message: remove token from notifier middleware |
| 27 |
|
| 28 |
notifier middleware is capturing token and sending it to MQ. this |
| 29 |
is not advisable so we should filter it out. |
| 30 |
|
| 31 |
Change-Id: I11d9f2f23fc3b60c945c33d4d02bd7640d88a083 |
| 32 |
Closes-Bug: #1321080 |
| 33 |
diff --git a/pycadf/middleware/notifier.py b/pycadf/middleware/notifier.py |
| 34 |
index fc921f8..621c8b4 100644 |
| 35 |
--- a/pycadf/middleware/notifier.py |
| 36 |
+++ b/pycadf/middleware/notifier.py |
| 37 |
@@ -88,7 +88,7 @@ |
| 38 |
include them. |
| 39 |
""" |
| 40 |
return dict((k, v) for k, v in six.iteritems(environ) |
| 41 |
- if k.isupper()) |
| 42 |
+ if k.isupper() and k != 'HTTP_X_AUTH_TOKEN') |
| 43 |
|
| 44 |
@log_and_ignore_error |
| 45 |
def process_request(self, request): |
Archives