summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMatthew Thode <prometheanfire@gentoo.org>2014-10-11 23:34:40 +0000
committerMatthew Thode <prometheanfire@gentoo.org>2014-10-11 23:34:40 +0000
commit1b96a96c2e97bad554dc253dc8f6aa52b5a21c29 (patch)
treef1a99fd74e82bfdabfe859d883236d10a632b8a9 /www-apps
parentbup (diff)
downloadgentoo-2-1b96a96c2e97bad554dc253dc8f6aa52b5a21c29.tar.gz
gentoo-2-1b96a96c2e97bad554dc253dc8f6aa52b5a21c29.tar.bz2
gentoo-2-1b96a96c2e97bad554dc253dc8f6aa52b5a21c29.zip
bup
(Portage version: 2.2.8-r2/cvs/Linux x86_64, signed Manifest commit with key 0x2471eb3e40ac5ac3)
Diffstat (limited to 'www-apps')
-rw-r--r--www-apps/horizon/ChangeLog9
-rw-r--r--www-apps/horizon/files/2014.1.2-CVE-2014-3594.patch53
-rw-r--r--www-apps/horizon/horizon-2014.1.3.ebuild (renamed from www-apps/horizon/horizon-2014.1.2.ebuild)5
-rw-r--r--www-apps/horizon/horizon-2014.1.9999.ebuild10
4 files changed, 17 insertions, 60 deletions
diff --git a/www-apps/horizon/ChangeLog b/www-apps/horizon/ChangeLog
index f4ea88310b07..039fe1bdcad5 100644
--- a/www-apps/horizon/ChangeLog
+++ b/www-apps/horizon/ChangeLog
@@ -1,6 +1,13 @@
# ChangeLog for www-apps/horizon
# Copyright 1999-2014 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/www-apps/horizon/ChangeLog,v 1.33 2014/08/21 20:59:43 prometheanfire Exp $
+# $Header: /var/cvsroot/gentoo-x86/www-apps/horizon/ChangeLog,v 1.34 2014/10/11 23:34:40 prometheanfire Exp $
+
+*horizon-2014.1.3 (11 Oct 2014)
+
+ 11 Oct 2014; Matthew Thode <prometheanfire@gentoo.org>
+ +horizon-2014.1.3.ebuild, -files/2014.1.2-CVE-2014-3594.patch,
+ -horizon-2014.1.2.ebuild, horizon-2014.1.9999.ebuild:
+ bup
*horizon-2014.1.2 (21 Aug 2014)
diff --git a/www-apps/horizon/files/2014.1.2-CVE-2014-3594.patch b/www-apps/horizon/files/2014.1.2-CVE-2014-3594.patch
deleted file mode 100644
index 564e53b0d634..000000000000
--- a/www-apps/horizon/files/2014.1.2-CVE-2014-3594.patch
+++ /dev/null
@@ -1,53 +0,0 @@
-From ba908ae88d5925f4f6783eb234cc4ea95017472b Mon Sep 17 00:00:00 2001
-From: Julie Pichon <jpichon@redhat.com>
-Date: Tue, 29 Jul 2014 16:17:44 +0100
-Subject: Fix XSS issue with the unordered_list filter
-
-When using the unordered_list filter in a Horizon table (as opposed to
-a template directly), autoescaping is not set by default and the input
-wasn't sanitised.
-
-Closes-Bug: #1349491
-Change-Id: Id82eefe48ccb17a158751ec65d24f3ac779380ec
-
-diff --git a/openstack_dashboard/dashboards/admin/aggregates/tables.py b/openstack_dashboard/dashboards/admin/aggregates/tables.py
-index 5cefae1..f0c2122 100644
---- a/openstack_dashboard/dashboards/admin/aggregates/tables.py
-+++ b/openstack_dashboard/dashboards/admin/aggregates/tables.py
-@@ -93,6 +93,10 @@ def get_zone_hosts(zone):
- return host_details
-
-
-+def safe_unordered_list(value):
-+ return filters.unordered_list(value, autoescape=True)
-+
-+
- class HostAggregatesTable(tables.DataTable):
- name = tables.Column('name', verbose_name=_('Name'))
- availability_zone = tables.Column('availability_zone',
-@@ -100,11 +104,11 @@ class HostAggregatesTable(tables.DataTable):
- hosts = tables.Column(get_aggregate_hosts,
- verbose_name=_("Hosts"),
- wrap_list=True,
-- filters=(filters.unordered_list,))
-+ filters=(safe_unordered_list,))
- metadata = tables.Column(get_metadata,
- verbose_name=_("Metadata"),
- wrap_list=True,
-- filters=(filters.unordered_list,))
-+ filters=(safe_unordered_list,))
-
- class Meta:
- name = "host_aggregates"
-@@ -123,7 +127,7 @@ class AvailabilityZonesTable(tables.DataTable):
- hosts = tables.Column(get_zone_hosts,
- verbose_name=_('Hosts'),
- wrap_list=True,
-- filters=(filters.unordered_list,))
-+ filters=(safe_unordered_list,))
- available = tables.Column(get_available,
- verbose_name=_('Available'),
- status=True,
---
-cgit v0.10.1
-
diff --git a/www-apps/horizon/horizon-2014.1.2.ebuild b/www-apps/horizon/horizon-2014.1.3.ebuild
index 9a3db8afb733..86a6ce11d3eb 100644
--- a/www-apps/horizon/horizon-2014.1.2.ebuild
+++ b/www-apps/horizon/horizon-2014.1.3.ebuild
@@ -1,6 +1,6 @@
# Copyright 1999-2014 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/www-apps/horizon/horizon-2014.1.2.ebuild,v 1.1 2014/08/21 20:59:43 prometheanfire Exp $
+# $Header: /var/cvsroot/gentoo-x86/www-apps/horizon/horizon-2014.1.3.ebuild,v 1.1 2014/10/11 23:34:40 prometheanfire Exp $
EAPI=5
PYTHON_COMPAT=( python2_7 )
@@ -33,7 +33,7 @@ DEPEND="dev-python/setuptools[${PYTHON_USEDEP}]
dev-python/oslo-sphinx[${PYTHON_USEDEP}]
dev-python/selenium[${PYTHON_USEDEP}]
>=dev-python/sphinx-1.1.2[${PYTHON_USEDEP}]
- <dev-python/sphinx-1.2[${PYTHON_USEDEP}]
+ <dev-python/sphinx-1.1.9999[${PYTHON_USEDEP}]
>=dev-python/testtools-0.9.34[${PYTHON_USEDEP}]
)"
RDEPEND=">=dev-python/django-1.4[${PYTHON_USEDEP}]
@@ -62,7 +62,6 @@ RDEPEND=">=dev-python/django-1.4[${PYTHON_USEDEP}]
>=dev-python/six-1.6.0[${PYTHON_USEDEP}]"
PATCHES=(
- "${FILESDIR}/2014.1.2-CVE-2014-3594.patch"
)
src_test() {
diff --git a/www-apps/horizon/horizon-2014.1.9999.ebuild b/www-apps/horizon/horizon-2014.1.9999.ebuild
index 273f9e5db196..0a1f1b9f3da6 100644
--- a/www-apps/horizon/horizon-2014.1.9999.ebuild
+++ b/www-apps/horizon/horizon-2014.1.9999.ebuild
@@ -1,6 +1,6 @@
# Copyright 1999-2014 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/www-apps/horizon/horizon-2014.1.9999.ebuild,v 1.3 2014/08/10 20:13:31 slyfox Exp $
+# $Header: /var/cvsroot/gentoo-x86/www-apps/horizon/horizon-2014.1.9999.ebuild,v 1.4 2014/10/11 23:34:40 prometheanfire Exp $
EAPI=5
PYTHON_COMPAT=( python2_7 )
@@ -34,13 +34,14 @@ DEPEND="dev-python/setuptools[${PYTHON_USEDEP}]
dev-python/oslo-sphinx[${PYTHON_USEDEP}]
dev-python/selenium[${PYTHON_USEDEP}]
>=dev-python/sphinx-1.1.2[${PYTHON_USEDEP}]
- <dev-python/sphinx-1.2[${PYTHON_USEDEP}]
+ <dev-python/sphinx-1.1.9999[${PYTHON_USEDEP}]
>=dev-python/testtools-0.9.34[${PYTHON_USEDEP}]
)"
RDEPEND=">=dev-python/django-1.4[${PYTHON_USEDEP}]
<dev-python/django-1.7[${PYTHON_USEDEP}]
>=dev-python/django-compressor-1.3[${PYTHON_USEDEP}]
>=dev-python/django-openstack-auth-1.1.4[${PYTHON_USEDEP}]
+ !~dev-python/django-openstack-auth-1.1.6[${PYTHON_USEDEP}]
>=dev-python/eventlet-0.13.0[${PYTHON_USEDEP}]
>=dev-python/httplib2-0.7.5[${PYTHON_USEDEP}]
>=dev-python/iso8601-0.1.9[${PYTHON_USEDEP}]
@@ -59,7 +60,10 @@ RDEPEND=">=dev-python/django-1.4[${PYTHON_USEDEP}]
>=dev-python/python-swiftclient-1.6[${PYTHON_USEDEP}]
>=dev-python/python-troveclient-1.0.3[${PYTHON_USEDEP}]
>=dev-python/pytz-2010h[${PYTHON_USEDEP}]
- >=dev-python/six-1.5.2[${PYTHON_USEDEP}]"
+ >=dev-python/six-1.6.0[${PYTHON_USEDEP}]"
+
+PATCHES=(
+)
src_test() {
./run_tests.sh -N --coverage