diff options
| author |   Matthew Thode <prometheanfire@gentoo.org> | 2015-05-05 15:12:11 +0000 |
|---|---|---|
| committer | Matthew Thode <prometheanfire@gentoo.org> | 2015-05-05 15:12:11 +0000 |
| commit | 5fde00fd048536e2f83b4b816ebe98d07e316c21 (patch) | |
| tree | 6f65c6fc3d3059774a9ef8caa88a56024da5ffc6 /sys-auth | |
| parent | post-kilo release (diff) | |
| download | gentoo-2-5fde00fd048536e2f83b4b816ebe98d07e316c21.tar.gz gentoo-2-5fde00fd048536e2f83b4b816ebe98d07e316c21.tar.bz2 gentoo-2-5fde00fd048536e2f83b4b816ebe98d07e316c21.zip | |
fixing a new cve 0day :D
(Portage version: 2.2.18/cvs/Linux x86_64, signed Manifest commit with key 0x33ED3FD25AFC78BA)
Diffstat (limited to 'sys-auth')
| -rw-r--r-- | sys-auth/keystone/ChangeLog | 9 | ||||
| -rw-r--r-- | sys-auth/keystone/files/CVE-2015-3646-2014.2.3.patch | 29 | ||||
| -rw-r--r-- | sys-auth/keystone/keystone-2014.2.3-r2.ebuild (renamed from sys-auth/keystone/keystone-2014.2.3-r1.ebuild) | 3 |
3 files changed, 39 insertions, 2 deletions
diff --git a/sys-auth/keystone/ChangeLog b/sys-auth/keystone/ChangeLog index 4bfd9337617b..2f302766f3fb 100644 --- a/sys-auth/keystone/ChangeLog +++ b/sys-auth/keystone/ChangeLog @@ -1,6 +1,13 @@ # ChangeLog for sys-auth/keystone # Copyright 1999-2015 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/sys-auth/keystone/ChangeLog,v 1.96 2015/04/30 20:18:34 prometheanfire Exp $ +# $Header: /var/cvsroot/gentoo-x86/sys-auth/keystone/ChangeLog,v 1.97 2015/05/05 15:12:10 prometheanfire Exp $ + +*keystone-2014.2.3-r2 (05 May 2015) + + 05 May 2015; Matthew Thode <prometheanfire@gentoo.org> + +files/CVE-2015-3646-2014.2.3.patch, +keystone-2014.2.3-r2.ebuild, + -keystone-2014.2.3-r1.ebuild: + fixing a new cve 0day :D 30 Apr 2015; Matthew Thode <prometheanfire@gentoo.org> keystone-2015.1.0.ebuild: diff --git a/sys-auth/keystone/files/CVE-2015-3646-2014.2.3.patch b/sys-auth/keystone/files/CVE-2015-3646-2014.2.3.patch new file mode 100644 index 000000000000..411ee2a78753 --- /dev/null +++ b/sys-auth/keystone/files/CVE-2015-3646-2014.2.3.patch @@ -0,0 +1,29 @@ +From 695153a523faa9310e2e20d0333c33a47334208a Mon Sep 17 00:00:00 2001 +From: Eric Brown <browne@vmware.com> +Date: Mon, 13 Apr 2015 11:37:53 -0700 +Subject: [PATCH] backend_argument should be marked secret + +Since the backend_argument can potentially contain a password, +it should be marked secret to avoid leakage into the logs. + +Closes-Bug: #1443598 + +Change-Id: I55663db4cf2df84a66de8f64fba4b4f129ae827d +(cherry picked from commit f9db1a65bd4d83d12c572ba4d5807845996ef410) +--- + keystone/common/config.py | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/keystone/common/config.py b/keystone/common/config.py +index d7f9dd8..d953e49 100644 +--- a/keystone/common/config.py ++++ b/keystone/common/config.py +@@ -313,7 +313,7 @@ + 'deployments. Small workloads (single process) ' + 'like devstack can use the dogpile.cache.memory ' + 'backend.'), +- cfg.MultiStrOpt('backend_argument', default=[], ++ cfg.MultiStrOpt('backend_argument', default=[], secret=True, + help='Arguments supplied to the backend module. ' + 'Specify this option once per argument to be ' + 'passed to the dogpile.cache backend. Example ' diff --git a/sys-auth/keystone/keystone-2014.2.3-r1.ebuild b/sys-auth/keystone/keystone-2014.2.3-r2.ebuild index 8391a2cb7d28..81cf815d9bca 100644 --- a/sys-auth/keystone/keystone-2014.2.3-r1.ebuild +++ b/sys-auth/keystone/keystone-2014.2.3-r2.ebuild @@ -1,6 +1,6 @@ # Copyright 1999-2015 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/sys-auth/keystone/keystone-2014.2.3-r1.ebuild,v 1.1 2015/04/14 16:08:20 prometheanfire Exp $ +# $Header: /var/cvsroot/gentoo-x86/sys-auth/keystone/keystone-2014.2.3-r2.ebuild,v 1.1 2015/05/05 15:12:10 prometheanfire Exp $ EAPI=5 @@ -132,6 +132,7 @@ RDEPEND=" <dev-python/posix_ipc-0.9.10[${PYTHON_USEDEP}]" PATCHES=( + "${FILESDIR}/CVE-2015-3646-2014.2.3.patch" ) pkg_setup() { |