fix for CVE-2014-0162

Package-Manager: portage-2.2.8-r1/cvs/Linux x86_64 Manifest-Sign-Key: 0x2471EB3E40AC5AC3
author: Matt Thode <prometheanfire@gentoo.org> 2014-04-11 15:19:23 +0000
committer: Matt Thode <prometheanfire@gentoo.org> 2014-04-11 15:19:23 +0000
commit: 0862aaa30e325cbad2e9f171329786ca3c29a35b (patch)
tree: b4a7686664928f4bd0aa7fc69dcc450b9d68d2c7 /app-admin
parent: Describe multiload-nandhp for XFCE_PLUGINS="" (diff)
download: historical-0862aaa30e325cbad2e9f171329786ca3c29a35b.tar.gz
historical-0862aaa30e325cbad2e9f171329786ca3c29a35b.tar.bz2
historical-0862aaa30e325cbad2e9f171329786ca3c29a35b.zip
5 files changed, 253 insertions, 19 deletions
diff --git a/app-admin/glance/ChangeLog b/app-admin/glance/ChangeLog
index edf934980394..2e4384139999 100644
--- a/app-admin/glance/ChangeLog
+++ b/app-admin/glance/ChangeLog
@@ -1,6 +1,13 @@
 # ChangeLog for app-admin/glance
 # Copyright 1999-2014 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/app-admin/glance/ChangeLog,v 1.37 2014/04/06 06:07:42 prometheanfire Exp $
+# $Header: /var/cvsroot/gentoo-x86/app-admin/glance/ChangeLog,v 1.38 2014/04/11 15:19:16 prometheanfire Exp $
+
+*glance-2013.2.3-r1 (11 Apr 2014)
+
+  11 Apr 2014; Matthew Thode <prometheanfire@gentoo.org>
+  +files/CVE-2014-0162-2013.2.3.patch, +glance-2013.2.3-r1.ebuild,
+  -glance-2013.2.3.ebuild, metadata.xml:
+  fix for CVE-2014-0162
 
 *glance-2013.2.3 (06 Apr 2014)
 
diff --git a/app-admin/glance/Manifest b/app-admin/glance/Manifest
index 9f44ea8145d2..56e8fb7968bc 100644
--- a/app-admin/glance/Manifest
+++ b/app-admin/glance/Manifest
@@ -1,30 +1,31 @@
 -----BEGIN PGP SIGNED MESSAGE-----
 Hash: SHA256
 
+AUX CVE-2014-0162-2013.2.3.patch 8811 SHA256 408529c141db1a12fadf926e1a1cd2e56a1e53c174afc7eaeed16bcdb81bd9d4 SHA512 505c111aac28e2eac759ba58488cbef096c70f20f130654058cae619f8e49c51047240550f66fe303d463ccfc1cafb2a57dd1f3dfd54a5170db9534a8cd4eb03 WHIRLPOOL 4e45e27509a8770b9c9c897a6abd23f4648800168f41c632311bfa8a5cf17b5d695cf495e4c68885cdec05f0f80a1e66c1b2235333e4c79e2cc69898f1a03ef5
 AUX glance-2013.2-sphinx_mapping.patch 582 SHA256 043c3f7ef413cf3675920880af57943b909ec9f3376f6e86a1ae1d5948d9ad98 SHA512 d012ce5eaed00c3ba7b6219813cee503f68cdb14b8e50eedc731afc63767e1867749d6e4824611e0d024b2fdebfe5a2b3ad53b0ad7b18a39defcc17094da4a0f WHIRLPOOL 659bf94e7740be3ea0d2f130b332e694ebdcca8b90acfb479b8502eec4b867eda999ec2c6cdecc1f3dcbe3e3ddf72798c76bdf16ab4ab561ce61975a451c4585
 AUX glance-gbug-474064-grizzly.patch 2377 SHA256 df92ba14455d4379f0c2297f1f087d7f3f08118e6129e45b0e5bf5fd26c7aba1 SHA512 a284b6002c3b4ae39678eb0c492b3adb6311b115761ef43f38427dc08670c0ebfb4011a3879291ee6acdf9480ca135b4cff77f41b7af9fe7a837effafba2c6f0 WHIRLPOOL 8adfcc80adf72b501a7123c29454c446b86c05917cc8a910f799db5c223fc0efb02240f36b842c05c08e8347ae6d6273ddfa088a03f0f65eee0cbfc40176c9c2
 AUX glance.confd 25 SHA256 5a53dcf1eece81a06a2dd0856b15f8abe20eb1072361b110f752e396e86a7843 SHA512 13e671d4544e58d7397c1a87eb1048ed4bb9561587fcd63783e377b2d25e810222ca3944e0c8cf13c524e64f94c435b456a0d6f7cacfb148e275377699a11ca9 WHIRLPOOL 862a310fbdd7b68f132c45797210011b607d9b5c8937d60c9f5933a4d625bc985ad0277fea26804681b7e0a674dc9da15fbef40502c4052d6742ef0a94e88f3d
 AUX glance.initd 660 SHA256 76cab7a39e7aea3b51a5f64e5ac9224b00b9f7347f763b8310de1253d62a2a02 SHA512 9973dc64ac7d235a646d78a859fac9ef9d977a5528f76a4562ebccb019fe28ae97fd2713a7d380f95e8004d167cda2d21f0925825857ac7ce60177168ab55812 WHIRLPOOL 05c590f36ab2f0c077d5c6ff3ac206c92477dbb671f3ec7938ed4f84c1555a2c1fdee960d6e57e6574d1f64d76102a5716d5f2bfc130d922bbe0f466dc93a9c5
 DIST glance-2013.2.3.tar.gz 1334068 SHA256 8766f8d198ec513c46519f1c44f99a4845ba3c04e7b7c41893cb3d5a7c2a9a28 SHA512 0e4aeacff8bcb10ab563d8b951da81eb3bebfdec6ac381ff3d5f21aad2efbb89db8ee54ec3beffe127331df55fc1445ad3e2891f1955aa8963919f274e07e86c WHIRLPOOL 5f805e15a3a8f1231672494213df3147b1dc38eb39fa8d4a0d6f70a3b489c2f016e78bd864a92816eb8581433c4fcbec597e766787cd2fa9f0122860ce257c81
-EBUILD glance-2013.2.3.ebuild 5026 SHA256 e7dc50365b2223d60cf51b6f8f52932f8c9d035e3c7fbf5eed5a03a6f464ccbc SHA512 b152aa64623c5629fe6e175133bcb4794519f3ff858620b8aa64f65c2f05f408939454fbec5097fbccac75f6b857bc9a6af14a85a7d149c1346aa98c6ad5ea50 WHIRLPOOL 6ee2682c85bd52cebc5eed9c24abb3ae649ecc2438e01ec642e2272411fd151d1bf28b4ddc378db722c4353a8414f222a9698a308aaed446c2b3d4aec77f6029
+EBUILD glance-2013.2.3-r1.ebuild 5074 SHA256 c80809d49e13f0f764e3b9aa189a4a69ff7797bf686ce64eb95bcd4267d42cab SHA512 aff576e4292b518baae2662f942a06b6a14814a614a5648a290e7249858813d406f2b6948d77d21ff67b183c1d317a3ea0fea2a222c28f87f0b8afe73e3c2d01 WHIRLPOOL 65ffe068c88b09e55f54345c44018947e09f85d1d214939201a0f29e6e5cabb40b1a5eeaabc95d6cc71cc35a385f2146d4b636b9cfb6c63a90df9023d0e8f3d6
 EBUILD glance-2013.2.9999.ebuild 5038 SHA256 16b123433bbdf44b99624108eb4be1159b0ea4c75eabdfd4d8aa3cc0742957b1 SHA512 44af4b647587d9df5186c29ea157da1607fc5cbdbde34c2aeccc32670949097c46372ca36c686203d6eb29ec493123feda2522440d6f4f7b872128a8dea872c4 WHIRLPOOL 61d39954d8515fc5f82278a8d5d541b363567627cf345c28b67929a6a439a5838c77b1af2eaf033d20217c5c473eb67f208d5a6207ec016fc0ab28063c3a2cbe
 EBUILD glance-9999.ebuild 3029 SHA256 a0274ad3f834ad7be23bbcaea00c4a8422857bb3903f89954da901ebeeb7872b SHA512 2c9baf347f3577c4fcb62d1bed5f328e2dbd8e2c2149e1dd4b5b4d317520da5e8fa09d8c352d7bbeeb65c4debb35d3fc9df5c436fc51f707717e18bddeb4743e WHIRLPOOL 7f3a20e0ff8404c4ef130b1b2a84543e91acc95d51d332028dca474a2e2e44c2aae2f5e409b2258eec35a09c4c34c93939f99fd182c8050fb845d462e9bde0d4
-MISC ChangeLog 7973 SHA256 ed5d069a345f8d35cc5c9dc054e8002a7e9926c04f66e75f66d0cd3039f59e59 SHA512 59b219ccc5d74cee7da794d172f602fcfe799de9647d7496c6a9b2376f86accea02e6a5eb08ad5ecb21c6ba8268aa761d42b630632fba585df1b1961d4d75729 WHIRLPOOL 0797dc85e561dbc88ff1ccef7378d3886bcbe2767563092fc92bdb91beed4ed1396e5f2131e45a10407845e3eae01c71a62743b62198f8064ad305c2a71f6ca0
-MISC metadata.xml 551 SHA256 de9d9d349c334c740b04384a4f1288e7f2f8491751c38b5846fa5fdc801dd3c0 SHA512 0141af1612f84846713c8ffe8d0c4e653a77772d4e050deb5b9a47882aed9f803c7a0ebe7709f64279b04a19658f10da4aef962a70ecc7aebc2e7dce2ede4c68 WHIRLPOOL 4858e7841f26f04b1e35838cfb475cf34506fdb26e1a03f75c219d599dddac73fbc3429c80b5ac7c752fe2782445e2d492f58fc0b87da44ddc6d03b4710c8f13
+MISC ChangeLog 8198 SHA256 ed2ef914986db8d125a676c5af0843e1193d4d816af4398366df888bf4bab908 SHA512 3380e4637ed541804bb9a7df8eb7a3658f3212a2fd9848ced0c9cb10019a1c0ce8a0d19f72b27f809629cefa7a720a114b04f1f99de7c86f6f7bc6ffe37cf0e8 WHIRLPOOL 2d9bad3dcabf3a64b81d02f71568af8525197a62fd987c77b7a64edd390d1bbe4e4c334fc7d546753fdc3171540d1f48af66243036e849137ef47f80d60d54d0
+MISC metadata.xml 607 SHA256 b74d960c096528dbb7c9be6b0da777e10abe32928459f045e7c58b0156e22d95 SHA512 e38e4dd740fe55d73d6d97fd9ffa3aec5466fbb5f8e6484b125560313245ae697a0dcf612fb065125c6737a8254b6218c0703f7de79437bb2799c6c67f386e45 WHIRLPOOL 445bf712fd733fa90c395cc24fd02155bed15b092713d502b54331da9237f397877c2328adbf4049ee64ae163713ce031ebe5048c8826ed1a011d4ebcdbb681d
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v2.0.22 (GNU/Linux)
 
-iQIcBAEBCAAGBQJTQO9mAAoJECRx6z5ArFrD/gwQAM0KYPg2GtGicH+cKRDIKgCx
-QobSYQV2kKmmUEd99Jxz8RjJm+mN/jcTtYQEgGuUBh/08ugF8ma6yA0cFi7xYFax
-EM5t3NCs6NEmXgh6Y8RnaUwJ+kIQg9/ScM9YCQC4TNjU9uhZI6+I4kjedoBXIfjd
-h7GfAGYP9cnicSSIJoJilXGGOdvbBAs2ggLliyyiwHsxmqFi3NU10zCchcka0Hpq
-IAWwOcXUMfqoV04COhF7r5gX8VRiL7XKmS87U7Rua1X/SDrbaEwupWMNxxLZeHxb
-AIcE3d4NHtS7/u+AnatZi54I588zNBasHi+xl/Q533PK4U1R90Zu2oG2VgXmosrD
-upFGmIobLBH9joemzrp79Wbhm/EELFTDnWO0cESbGzfU0vb6Qc9isSL+YZMp3e1P
-qU7lee0/jKRq+TkcCm0qZUwhDwxCM4JHJV3frkTp8tgm5ICO6QlK0rTjgg552PIw
-FMVCFKl17SHq4RFLwi62vANvk9qLc4m4qaqgvSt6ioAX2GrTpT7y0/gPKx0VscCb
-mvw6Gqw26Rlmdqy/cSpTnE+uC+KkNNcVsx1aY/SRgFAcEtPTaI9llSnuJ1XI93ry
-3Vd+XhFCa7qrR11AzK+bALFkOyoiEGw52zjLF5Mvira8lOKV6K+VUaV91/zEF76O
-iQTkQNK9Gj8m2YWFcqJP
-=vdsY
+iQIcBAEBCAAGBQJTSAf9AAoJECRx6z5ArFrDFBgP/ief1xDWcZ0gCsLUPOMaZN10
+pQx83lRYUQjmqNcxITTSQA8y6eR4LDyZZAt5XLfn4jJrk2DoK0Sogb3KGq1j2DEQ
+1HQvB6ZFMEBeW39275UGKcMwjtJijeF/7yNtYdo0FujNPgVwpyUgEknvasFs1Xgt
+aIiwqysE9dN9XYNopP/56G9Eid+ZeFFbe7fEHNkizDgQPFw9XphATUmOnEoEkmo1
+V85xOrEZZ7IMAY8Qo08OI2Ni0NynQ2O5MkUCQ4lV9I80dHJ9SXj+RKG6w4cI4zhN
+shhhCSW4dCGa/bqMaFWB4euXYzgJnWMEUFsQSZJj+RWCxn0VrjGrbJ7QUFnDbs67
+agEqrY9nHTzfC5mXfGn8B62kjVvKreM/qdV5IFbb1cByOS6jZu0lYfgeQzHWdvQh
+83F3nGfsa8GcVVG1bfOkaZyKNnIwmMukSxZH56WlrhgACmyL9no1iImVW2TUhfUW
+YNBDDVa1uy2IKUetakCQJLtyw+pvlEQpjtK8c5GVtKfzBmOFla14P2+1QYyUCMQv
+b/4chU8jnM/l7TIzbw0DOyZ19MTmfSf3RQNuvN0V8dj09Z4rYImM1ZaVhJmUu3Zj
+HDKOn/NrnOfoi3sk+sK1jjDkC/St5lGVqEWTEYfrDovwqRv9/DwoCh87rWX0Fhnr
+vKVQeiOLZThAlXRp+I7W
+=4R5t
 -----END PGP SIGNATURE-----
diff --git a/app-admin/glance/files/CVE-2014-0162-2013.2.3.patch b/app-admin/glance/files/CVE-2014-0162-2013.2.3.patch
new file mode 100644
index 000000000000..782d54a37c4f
--- /dev/null
+++ b/app-admin/glance/files/CVE-2014-0162-2013.2.3.patch
@@ -0,0 +1,223 @@
+From 13069a4017d36a549576a21ca3ec5b15c411effc Mon Sep 17 00:00:00 2001
+From: Zhi Yan Liu <zhiyanl@cn.ibm.com>
+Date: Sat, 29 Mar 2014 03:35:35 +0800
+Subject: [PATCH] To prevent remote code injection on Sheepdog store
+
+Change-Id: Iae92eaf9eb023f36a1bab7c20ea41c985f2bf51b
+Signed-off-by: Zhi Yan Liu <zhiyanl@cn.ibm.com>
+---
+ glance/store/sheepdog.py                 |   61 +++++++++++++++++-------------
+ glance/tests/unit/test_sheepdog_store.py |    3 +-
+ glance/tests/unit/test_store_location.py |   13 ++++---
+ 3 files changed, 45 insertions(+), 32 deletions(-)
+
+diff --git a/glance/store/sheepdog.py b/glance/store/sheepdog.py
+index d10aea7..2f75441 100644
+--- a/glance/store/sheepdog.py
++++ b/glance/store/sheepdog.py
+@@ -25,6 +25,7 @@ from glance.common import exception
+ from glance.openstack.common import excutils
+ import glance.openstack.common.log as logging
+ from glance.openstack.common import processutils
++from glance.openstack.common import uuidutils
+ import glance.store
+ import glance.store.base
+ import glance.store.location
+@@ -32,7 +33,7 @@ import glance.store.location
+ 
+ LOG = logging.getLogger(__name__)
+ 
+-DEFAULT_ADDR = 'localhost'
++DEFAULT_ADDR = '127.0.0.1'
+ DEFAULT_PORT = '7000'
+ DEFAULT_CHUNKSIZE = 64  # in MiB
+ 
+@@ -63,18 +64,14 @@ class SheepdogImage:
+         self.chunk_size = chunk_size
+ 
+     def _run_command(self, command, data, *params):
+-        cmd = ("collie vdi %(command)s -a %(addr)s -p %(port)s %(name)s "
+-               "%(params)s" %
+-               {"command": command,
+-                "addr": self.addr,
+-                "port": self.port,
+-                "name": self.name,
+-                "params": " ".join(map(str, params))})
++        cmd = ["collie", "vdi"]
++        cmd.extend(command)
++        cmd.extend(["-a", self.addr, "-p", self.port, self.name])
++        cmd.extend(params)
+ 
+         try:
+-            return processutils.execute(
+-                cmd, process_input=data, shell=True)[0]
+-        except processutils.ProcessExecutionError as exc:
++            return processutils.execute(*cmd, process_input=data)[0]
++        except (processutils.ProcessExecutionError, OSError) as exc:
+             LOG.error(exc)
+             raise glance.store.BackendException(exc)
+ 
+@@ -84,7 +81,7 @@ class SheepdogImage:
+ 
+         Sheepdog Usage: collie vdi list -r -a address -p port image
+         """
+-        out = self._run_command("list -r", None)
++        out = self._run_command(["list", "-r"], None)
+         return long(out.split(' ')[3])
+ 
+     def read(self, offset, count):
+@@ -94,7 +91,7 @@ class SheepdogImage:
+ 
+         Sheepdog Usage: collie vdi read -a address -p port image offset len
+         """
+-        return self._run_command("read", None, str(offset), str(count))
++        return self._run_command(["read"], None, str(offset), str(count))
+ 
+     def write(self, data, offset, count):
+         """
+@@ -103,7 +100,7 @@ class SheepdogImage:
+ 
+         Sheepdog Usage: collie vdi write -a address -p port image offset len
+         """
+-        self._run_command("write", data, str(offset), str(count))
++        self._run_command(["write"], data, str(offset), str(count))
+ 
+     def create(self, size):
+         """
+@@ -111,7 +108,7 @@ class SheepdogImage:
+ 
+         Sheepdog Usage: collie vdi create -a address -p port image size
+         """
+-        self._run_command("create", None, str(size))
++        self._run_command(["create"], None, str(size))
+ 
+     def delete(self):
+         """
+@@ -119,7 +116,7 @@ class SheepdogImage:
+ 
+         Sheepdog Usage: collie vdi delete -a address -p port image
+         """
+-        self._run_command("delete", None)
++        self._run_command(["delete"], None)
+ 
+     def exist(self):
+         """
+@@ -127,7 +124,7 @@ class SheepdogImage:
+ 
+         Sheepdog Usage: collie vdi list -r -a address -p port image
+         """
+-        out = self._run_command("list -r", None)
++        out = self._run_command(["list", "-r"], None)
+         if not out:
+             return False
+         else:
+@@ -138,7 +135,7 @@ class StoreLocation(glance.store.location.StoreLocation):
+     """
+     Class describing a Sheepdog URI. This is of the form:
+ 
+-        sheepdog://image
++        sheepdog://image-id
+ 
+     """
+ 
+@@ -149,10 +146,14 @@ class StoreLocation(glance.store.location.StoreLocation):
+         return "sheepdog://%s" % self.image
+ 
+     def parse_uri(self, uri):
+-        if not uri.startswith('sheepdog://'):
+-            raise exception.BadStoreUri(uri, "URI must start with %s://" %
+-                                        'sheepdog')
+-        self.image = uri[11:]
++        valid_schema = 'sheepdog://'
++        if not uri.startswith(valid_schema):
++            raise exception.BadStoreUri(_("URI must start with %s://") %
++                                        valid_schema)
++        self.image = uri[len(valid_schema):]
++        if not uuidutils.is_uuid_like(self.image):
++            raise exception.BadStoreUri(_("URI must contains well-formated "
++                                          "image id"))
+ 
+ 
+ class ImageIterator(object):
+@@ -192,7 +193,7 @@ class Store(glance.store.base.Store):
+ 
+         try:
+             self.chunk_size = CONF.sheepdog_store_chunk_size * 1024 * 1024
+-            self.addr = CONF.sheepdog_store_address
++            self.addr = CONF.sheepdog_store_address.strip()
+             self.port = CONF.sheepdog_store_port
+         except cfg.ConfigFileValueError as e:
+             reason = _("Error in store configuration: %s") % e
+@@ -200,10 +201,18 @@ class Store(glance.store.base.Store):
+             raise exception.BadStoreConfiguration(store_name='sheepdog',
+                                                   reason=reason)
+ 
++        if ' ' in self.addr:
++            reason = (_("Invalid address configuration of sheepdog store: %s")
++                      % self.addr)
++            LOG.error(reason)
++            raise exception.BadStoreConfiguration(store_name='sheepdog',
++                                                  reason=reason)
++
+         try:
+-            processutils.execute("collie", shell=True)
+-        except processutils.ProcessExecutionError as exc:
+-            reason = _("Error in store configuration: %s") % exc
++            cmd = ["collie", "vdi", "list", "-a", self.addr, "-p", self.port]
++            processutils.execute(*cmd)
++        except Exception as e:
++            reason = _("Error in store configuration: %s") % e
+             LOG.error(reason)
+             raise exception.BadStoreConfiguration(store_name='sheepdog',
+                                                   reason=reason)
+diff --git a/glance/tests/unit/test_sheepdog_store.py b/glance/tests/unit/test_sheepdog_store.py
+index 8eef86b..bea7e29 100644
+--- a/glance/tests/unit/test_sheepdog_store.py
++++ b/glance/tests/unit/test_sheepdog_store.py
+@@ -57,4 +57,5 @@ class TestStore(base.StoreClearingUnitTest):
+                           'fake_image_id',
+                           utils.LimitingReader(StringIO.StringIO('xx'), 1),
+                           2)
+-        self.assertEqual(called_commands, ['list -r', 'create', 'delete'])
++        self.assertEqual([['list', '-r'], ['create'], ['delete']],
++                         called_commands)
+diff --git a/glance/tests/unit/test_store_location.py b/glance/tests/unit/test_store_location.py
+index 7eec171..2464ebb 100644
+--- a/glance/tests/unit/test_store_location.py
++++ b/glance/tests/unit/test_store_location.py
+@@ -52,7 +52,7 @@ class TestStoreLocation(base.StoreClearingUnitTest):
+             'rbd://imagename',
+             'rbd://fsid/pool/image/snap',
+             'rbd://%2F/%2F/%2F/%2F',
+-            'sheepdog://imagename',
++            'sheepdog://244e75f1-9c69-4167-9db7-1aa7d1973f6c',
+             'cinder://12345678-9012-3455-6789-012345678901',
+         ]
+ 
+@@ -367,15 +367,18 @@ class TestStoreLocation(base.StoreClearingUnitTest):
+         """
+         Test the specific StoreLocation for the Sheepdog store
+         """
+-        uri = 'sheepdog://imagename'
++        uri = 'sheepdog://244e75f1-9c69-4167-9db7-1aa7d1973f6c'
+         loc = glance.store.sheepdog.StoreLocation({})
+         loc.parse_uri(uri)
+-        self.assertEqual('imagename', loc.image)
++        self.assertEqual('244e75f1-9c69-4167-9db7-1aa7d1973f6c', loc.image)
+ 
+-        bad_uri = 'sheepdog:/image'
++        bad_uri = 'sheepdog:/244e75f1-9c69-4167-9db7-1aa7d1973f6c'
+         self.assertRaises(exception.BadStoreUri, loc.parse_uri, bad_uri)
+ 
+-        bad_uri = 'http://image'
++        bad_uri = 'http://244e75f1-9c69-4167-9db7-1aa7d1973f6c'
++        self.assertRaises(exception.BadStoreUri, loc.parse_uri, bad_uri)
++
++        bad_uri = 'image; name'
+         self.assertRaises(exception.BadStoreUri, loc.parse_uri, bad_uri)
+ 
+     def test_cinder_store_good_location(self):
+-- 
+1.7.9.5
+
+
diff --git a/app-admin/glance/glance-2013.2.3.ebuild b/app-admin/glance/glance-2013.2.3-r1.ebuild
index 26a181e20931..4739209804a7 100644
--- a/app-admin/glance/glance-2013.2.3.ebuild
+++ b/app-admin/glance/glance-2013.2.3-r1.ebuild
@@ -1,6 +1,6 @@
 # Copyright 1999-2014 Gentoo Foundation
 # Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/app-admin/glance/glance-2013.2.3.ebuild,v 1.1 2014/04/06 06:07:42 prometheanfire Exp $
+# $Header: /var/cvsroot/gentoo-x86/app-admin/glance/glance-2013.2.3-r1.ebuild,v 1.1 2014/04/11 15:19:16 prometheanfire Exp $
 
 EAPI=5
 PYTHON_COMPAT=( python2_7 )
@@ -85,7 +85,8 @@ RDEPEND=">=dev-python/greenlet-0.3.2[${PYTHON_USEDEP}]
 		dev-python/pyopenssl[${PYTHON_USEDEP}]
 		>=dev-python/six-1.4.1[${PYTHON_USEDEP}]"
 
-PATCHES=( "${FILESDIR}/${PN}-2013.2-sphinx_mapping.patch" )
+PATCHES=( "${FILESDIR}/${PN}-2013.2-sphinx_mapping.patch"
+		"${FILESDIR}/CVE-2014-0162-2013.2.3.patch" )
 
 pkg_setup() {
 	enewgroup glance
diff --git a/app-admin/glance/metadata.xml b/app-admin/glance/metadata.xml
index abed32058d85..d9757a109a9d 100644
--- a/app-admin/glance/metadata.xml
+++ b/app-admin/glance/metadata.xml
@@ -1,8 +1,10 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd">
 <pkgmetadata>
+  <herd>openstack</herd>
   <maintainer>
     <email>prometheanfire@gentoo.org</email>
+    <name>Matthew Thode</name>
   </maintainer>
   <longdescription lang="en">
     Provides services for discovering, registering, and retrieving virtual
author	Matt Thode <prometheanfire@gentoo.org>	2014-04-11 15:19:23 +0000
committer	Matt Thode <prometheanfire@gentoo.org>	2014-04-11 15:19:23 +0000
commit	0862aaa30e325cbad2e9f171329786ca3c29a35b (patch)
tree	b4a7686664928f4bd0aa7fc69dcc450b9d68d2c7 /app-admin
parent	Describe multiload-nandhp for XFCE_PLUGINS="" (diff)
download	historical-0862aaa30e325cbad2e9f171329786ca3c29a35b.tar.gz historical-0862aaa30e325cbad2e9f171329786ca3c29a35b.tar.bz2 historical-0862aaa30e325cbad2e9f171329786ca3c29a35b.zip