fixes for bug 494026 CVE-2013-7048

Package-Manager: portage-2.2.7/cvs/Linux x86_64 Manifest-Sign-Key: 0x2471EB3E40AC5AC3
author: Matt Thode <prometheanfire@gentoo.org> 2014-01-27 08:45:00 +0000
committer: Matt Thode <prometheanfire@gentoo.org> 2014-01-27 08:45:00 +0000
commit: 57d3436023151f06a0438c32a78917c9d0d4d59f (patch)
tree: f20ea7d73a92977a703ca5eaf8eab03756048461 /sys-cluster
parent: removing the old and jankey, adding the new hotness (diff)
download: historical-57d3436023151f06a0438c32a78917c9d0d4d59f.tar.gz
historical-57d3436023151f06a0438c32a78917c9d0d4d59f.tar.bz2
historical-57d3436023151f06a0438c32a78917c9d0d4d59f.zip
6 files changed, 102 insertions, 19 deletions
diff --git a/sys-cluster/nova/ChangeLog b/sys-cluster/nova/ChangeLog
index ae74072ccbc3..44ec415afa41 100644
--- a/sys-cluster/nova/ChangeLog
+++ b/sys-cluster/nova/ChangeLog
@@ -1,6 +1,15 @@
 # ChangeLog for sys-cluster/nova
 # Copyright 1999-2014 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/sys-cluster/nova/ChangeLog,v 1.48 2014/01/23 16:31:28 prometheanfire Exp $
+# $Header: /var/cvsroot/gentoo-x86/sys-cluster/nova/ChangeLog,v 1.49 2014/01/27 08:44:51 prometheanfire Exp $
+
+*nova-2013.2.1-r3 (27 Jan 2014)
+*nova-2013.1.4-r5 (27 Jan 2014)
+
+  27 Jan 2014; Matthew Thode <prometheanfire@gentoo.org>
+  +files/CVE-2013-7048-grizzly.patch, +files/CVE-2013-7048-havana.patch,
+  +nova-2013.1.4-r5.ebuild, +nova-2013.2.1-r3.ebuild, -nova-2013.1.4-r4.ebuild,
+  -nova-2013.2.1-r2.ebuild:
+  fixes for bug 494026 CVE-2013-7048
 
 *nova-2013.2.1-r2 (23 Jan 2014)
 *nova-2013.1.4-r4 (23 Jan 2014)
diff --git a/sys-cluster/nova/Manifest b/sys-cluster/nova/Manifest
index b0053ecd7431..b591936f2fa8 100644
--- a/sys-cluster/nova/Manifest
+++ b/sys-cluster/nova/Manifest
@@ -7,6 +7,8 @@ AUX CVE-2013-4497-grizzly-2.patch 1945 SHA256 8c4be7bc42b485afd64d5ec1dd61ecfb55
 AUX CVE-2013-6419_2013.1.4.patch 5711 SHA256 0af9859e7cd0373c3c69fbb7d2256976412599cd079e696344288a81d3422bcd SHA512 b6f2fd940278cf7fa7b0a1d54d6c069f73a5c3462c4adb536c03d611c197ba3509d4464a7ef7539213ba51d749efc5ecc85800a4f86998464cdc2beb42bafd7e WHIRLPOOL ba62d91c0135a8328ca3e4048223630d2c2c133a2231e80655dc4d7dd0b772d1f81402aafaf7ec8742a77ee7cc58e7cf03d915e2058669a105c4553ccc976b48
 AUX CVE-2013-6437-2012.1.4.patch 5005 SHA256 75f90ee952d352d739c4702d72b9301c7bacd1a38fcf6601dd432cd4b057a85f SHA512 bdaba7dac2e98f251f6da04052b3bc0167068191685317b05a532372931d1c85c87a091133375b39a84ca87d961730e6f19c3aaae2ca9b7affc9fd0e47825d75 WHIRLPOOL 0404d151b89bb9852f359e27d7f553d9b80ed610a6f960a2d4a2372bf98817f7e0e69c177f2cfd15ff85a0f1043fa013b36f848c6a5b00b4a78a857bd2767a33
 AUX CVE-2013-6437-2012.2.1.patch 5116 SHA256 bca9608d40b0c70abebad6911ddb14a49f81412242465294dac0b809966f7303 SHA512 d948575d99e30663a6ab4ab84099b1a1990d1423e83ab353bf81ab1f89f2f6d69e822bc24c2f92a8f25447f6b8faf4891a6174d6c901b5703dfa897c4342d748 WHIRLPOOL 0d78c7d87d73366c6892a7c3170838c30788807e5b82766bd3bb01f0c3123c5107d1557ea7a074836dc7af6d28dc79a868adae3336e9e3a5284ea289b666f816
+AUX CVE-2013-7048-grizzly.patch 1607 SHA256 0cf630148eebfe3360da46b8e769b053569b1bab07785653aaaf17898e097c35 SHA512 7239c8252727919792fd3195200edd42321c56a48af63be84cc89fa0efd953b886f171b69c6077f642a3feaccbf966daf6548554598699f3874449cc36f84f85 WHIRLPOOL d568e79df0c9e0b32881ce6aab8e1b5c629b35f0914cf5b5bd6e00d6d62b1b667b9a40b13fb2fa67dbd911d9f40b83bb3a098134f165ba53671ece9ce87d680b
+AUX CVE-2013-7048-havana.patch 1607 SHA256 6d95ec92890d58b5e2da2134eb2d3305de0844d71f20113c959e25bb0a9c75bb SHA512 f58b40c013eb0411f0f13bc5c685e662b5316685077f6935ff999d16d5f080e57ef347fac2f413e172909692456d64bed0d3ffec56f97d4a3b75daea02998cd5 WHIRLPOOL cf330136157e772204f7b5572a3eae2a745aa56a0e940ee2c14a891346ddcaf4792abc7836126b18d1b5c2a4f138b4e88773f72a2b90cd3d3f560f582d5e4c6f
 AUX CVE-2013-7130-stable-grizzly.patch 7860 SHA256 be82900f1f91e02a6298cf5872f7ff9b3915a9485631c743c1c7f0dcbc172178 SHA512 4b967aa333d55a25133722b828f2f94acf777598ccef31027911ad17e17b9d766b29b7b23cda8bb4ec659623c9e5c4fbe330394a54cd4434b793f97f5cc406ac WHIRLPOOL 3a646f94f4ecd8b7433bd66b6d55cfa96e63178f313db1e31d99a51f3e303aa25246ecd70c8a33fc6f7d31cd810c7e65a1d45758671d65ac56167686ce8616c0
 AUX CVE-2013-7130-stable-havana.patch 6536 SHA256 30fe28b32a6ab5cb329a7673289e1cbf29bb0ae679d17e98b2821a49e9a85b4a SHA512 e7742b5f91a43ef535a54f515f15a90de438d37303945d6cee6a3c490cfa4e26ebca0006bc4e009a580528151727658a5fada953614acb0f5643504b9f283c23 WHIRLPOOL 440eb7a5ec2b7a64d9d391abbebfd7a7700dcd708fffbb96d35b8b82a3533c818233702f55b2ab11616369f03288d43b48b91587e2cb02316f8539fc3713c23d
 AUX nova-confd 101 SHA256 d9013141618d1e8b8ba85297155747d9c8fc362238de7bba3108b9a2539c8c73 SHA512 4c7ec1d123f2cdaf394d1f4824df861bbe309b0b329db44080160d81746cd0fc9d4cc1b35da0f66ab075f1d4e835ababfb7bccaf4a2e931e60f2c0ac572a552e WHIRLPOOL 6a237357a3905d29a96b32c37f6d189e4f5cefc0986bb091e24a79295191332143741c604c2a9fd44484c75b3be89742a5570862cf0cd4ba225425f7f32b5348
@@ -14,27 +16,27 @@ AUX nova-initd 1496 SHA256 5b5f928335ac345103492555c3bc57407f547915b099762d0087a
 AUX nova-sudoers 78 SHA256 9e88c2843fb74cc46802c0b103067ad12915ec50335d05e546a5dba76acb4a76 SHA512 22c0606c6335b2d1a03bd18a319a54f16f76f091b2e8416dbba05ce7c15890beff7f32f0322eb5ba3f2a5c750436cacbe0cee189b390b878e3f0c0df219ef984 WHIRLPOOL bc42ae1d12e9f900b263fd5c3d0f59062f46fbec1ff97c0bceb234082bea5943eb64795b4f5e102b8e2749c6868163e5924467088cad42df09345e3406e5f83c
 DIST nova-2013.1.4.tar.gz 5801779 SHA256 0491ec81552b9c407021941ea1c477d5bcd93ec1dcc66d5fc0c1cef594dac760 SHA512 de1addcbc4577c4a376d8762e44d6f7c455bd63ba0be9d8a6a7176ef7a24e85f2bf9014e31d1180e42e48308ee6a17dcf039da2739388501a5fedbad8e5a7f0c WHIRLPOOL 08898e55b7380bd1852c00dcd8e03d4eb06c8c888688d66ba717842929973235eb9d6d34dda4be2700f208a7ff9e088de2690a74acd97f5cb6b81bcce743ece3
 DIST nova-2013.2.1.tar.gz 8937179 SHA256 b1a4ccb24d9a55b7ef0edc1a2b4ba374d52360a1f41148c92823787e8747401e SHA512 34b8e05128e000770731c63c4240071b8a764913b42bc9284a79af3d76fb10d6c825ca78e490762237a8ee416ce04a9a3f0c7ddcad54cb6830fd6376851d050f WHIRLPOOL 9a54affc20c10d88f0f559528b5d24ce71a073b90d710b7d84be53d150a2cfe47e766a4eda3638620ba8d7075b7f354af1ada2489eb04f8d18cdeb9cee5d5016
-EBUILD nova-2013.1.4-r4.ebuild 5469 SHA256 0e69374d3dad28e8f8836a9db74ae005942de8f6d297e389e769190008bd2f78 SHA512 75773feaee68f407cd359b7b27824aae1c8cfbba118237d429ce8c33bebef355028b26ba08e1335cb146b73dd5666e6d2cd86cb482c4f131ecddbbd34d116076 WHIRLPOOL 2593e0171c8abeafb5ddbb7d1a4f6931793cd25a16577cc033889dfa3f52044c53149de7f474dab74862e1f02a11c55258e18887b8b8e6c1627e37269f81c114
+EBUILD nova-2013.1.4-r5.ebuild 5512 SHA256 21e05c0b067c81e408d4edee1060328f23bcd807a850fd7eed504562db070949 SHA512 80b1e59d946ad29fbe5ff4fb8269a143deaba8949b7c39e9167eb0288f9d587a5161cf7b369b491fc735353d787bb2cd572dcb8fe374e8df79a2ba1f587ec9b4 WHIRLPOOL cb1cc492ea255b0c61f904497d8d2b058221de6263926a2484c73ef41be48724410cb6268f49a85287275c6bd20a5a5523fee5240ae75faac755242e21805585
 EBUILD nova-2013.1.9999.ebuild 5070 SHA256 1dd4815b62e7290b24f0a6ebed20b388546d1cc143fc9ee3ecf1fc9a572188c6 SHA512 d75b2d6e7c100b86627f06de5d14b9094b3074f8bf758b5f9195f5fd589bf3bd0fe6a5d0ac9d1b74e604754b905f9e2020c953631da7549156de6b50bb273b09 WHIRLPOOL 83349cd2a1d59d7faef7112d786e223dcc0403664ce763cfb8b793b1ad7fb2d68b33dc1134eafc9cddccfd366815013e578e992080d280d29239e33cfdd12e46
-EBUILD nova-2013.2.1-r2.ebuild 5181 SHA256 efbe3d0d2ee7eb826f65afc978ad44e3612d2fb890c58368d0eec49a4267e57d SHA512 456b1a3dadb2c10d486a297732b39e9fee3839c7565a2008c66b9eccd5c9766c01423f6602a4ce16adc2652a04806ee40e05c0b60d50a572c478114d51c937c1 WHIRLPOOL 9c8edb98bbfd16f7a5c086b6f61183d78a7b13ac2f27e8f190c68d7af59d88bb17f2a335ca922d3bcefd83930efeeecdd9f39c822e281446fb324ae70965c413
+EBUILD nova-2013.2.1-r3.ebuild 5223 SHA256 dbb4782a5bb5ea79331a80add9f15b8d15fb5d1a58eff60e2d33fe8d57eea7b1 SHA512 00e9fc3f31aa224b023c272b63affbe6a83143aa0f51acc4c95eefdc6c51fe0b6e6821476e956a1071bae693a1587f21b093bfc8cba01401ec45b1472146f5ed WHIRLPOOL f4f94abc52b465ced44d189154a23c739dde9b52cc2da49477d0bd627f62574c9929db5f73cb8a4f4ce2a23b77beec8f78e958f3040a23eeb6847a741435676a
 EBUILD nova-2013.2.9999.ebuild 5086 SHA256 9a7a79415aa6c5597a7eaac6967c9a69e917c183dc6424f5eaaed42753c996ab SHA512 b964c5fe5caf221fd00c94444470b3c638b504352fdaf48985784a157cbb1b71379af34e10bb9977da99dede7e6eb67e3ceb8d40bcd5b570639d609cb710a724 WHIRLPOOL 2088fe0677075c2efdaebdd9a5295146daba5a2f1bf0d3bd85c24ca891564176523a324445325e7b7f2019c7dfcdbc2cede820b89fa417746fadb2a0796a0f89
 EBUILD nova-9999.ebuild 5225 SHA256 8336956c0a15fd17e15f748c6445c3b144f2a9047dd8257ba3dda7a7b7f1ad01 SHA512 6d961e646096eb4df5814d31b06352f999291becefa5e8fdd88afd14e6ede54e583ba224e474e1122e90b114da4136782cd8336afb467c61fc5400a7dd3a05e8 WHIRLPOOL c4bad3d35be8adb4af48562507ef213185e6d722541226e7d8bedd02578265c035874b371f432db4d1db222fc2776cc74374a508ca562a30dae622a86e0bab10
-MISC ChangeLog 11689 SHA256 aee0af3bed3bd1cb489cfe7d2465c0bcd7fb7fe88de301c080cfa94aa40e80d2 SHA512 7dbadc7f394870ba5083545fc28850b10a35efa6cb03b15b096ed008b71478b6f9af6f553fac80ef2c11499ca9d4b82089360f39a4dd919217b14abad6a98b7c WHIRLPOOL 72b73d0f25ffd0ce88a8fea3324557a72ba5c0eeabc6c71f927351b4390d6292aa6d3d22853a4625708376b9f1c4a04356be943d5ef93e3a07acc5e70cb95672
+MISC ChangeLog 12030 SHA256 7a0fe236a97b54eb8d34d33918c76115840b59484e3ed93b5ea00f430070e4de SHA512 1effda4e7cd0f8d5c6c05621391e23035810e034343a60624679bf702070ec861fb8f647350c229d6edad2497596c75ad9c5367783cdac554132f8513733cd67 WHIRLPOOL 2162254d2086c651e31f8fda1f005eabab7737b7230c4ceb5250793547751ac0ecaa48ad0f8e62e2f0d9dfc4fe286ce5f1b11f68ea79d7b2567977ea53202082
 MISC metadata.xml 1452 SHA256 29bf3efaab7a4e45f5e442b26a7606edaed3f47e4ffec3e8990f95aea6bf2450 SHA512 537664b6ff29f4afe09eb4635c2cb06d87a6c3c3101e8ef89d1ab9b5b802c79024e94a0cce5a44ec2fd5b1cc37a251dd42156a015b6a294f219b90daff17c9c1 WHIRLPOOL c6e44f9a48fea6ae2a323e9e03d8805301fb0d94bb5634b1946909715f6c05d45c49180204d00221aae1e6dc6748347b4273fae838216b5d5d07932bc473a851
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v2.0.22 (GNU/Linux)
 
-iQIcBAEBCAAGBQJS4UQPAAoJECRx6z5ArFrD+HsP/0NBqEBPbfXwyegKYxXTedhr
-dyPqAJjGD/ibNssJJWvcczousCaEjMgK7Ei5cFxArp6ii2sGjlT1shuNpXwqy/4v
-Qw8lxqywR/DKyL7o+MHqtEPADNTmuay8uFRvpUw3WU/gexKIeT9JQi7muYgmQKBB
-7O2Z7FhdDp0pLsZX2L4Rk6EMefyG6+WmVwp72GCD2XCfk88W1XDx9JIPHtC3/8yk
-QNRtLhHPfRdeS36wG96qEstxPWXyA/CI65+dokbL9eQl/xangM9yoSXLCbKfga/T
-wOE/teKEvaxj5s8Nw6/ApVPLyeJZwLa08IRm9Q+jgjYxK39PVweYLKQ1BKUUd51Q
-JCHA36VwXvWgOjiL5sYpKj3cpnk54W/50Q95Bk1aQ2/Icq0AXDXuBWTjuVVQp+uA
-FodvZal74i9wgzCvMLLnq24gRMeMKXQs1rNid//sQWVmWJgcrjEmgD8pQnHI1Yk0
-Fatw35iU/GEMksO5QDLFB6tDMoXgcYb28uiew250pREEJACXPowguASKlUblY1cH
-EYWRy5WZusxteXUpZXN5bW9815XS5/mezfQdWZS8Un287W2/zOrHBC3m2raGN2sp
-/XVpeCawAtWzrYPTmlxg1xQB82HEJW+EVSpoMcIUvuBVey+2kLJeVaS3MVH6gSdm
-uaQc1j4KYdbvFbBP5+3a
-=FKIC
+iQIcBAEBCAAGBQJS5hy2AAoJECRx6z5ArFrD2pwQAK8q76E2QvcCpmweCSEJZHno
+scmIlSPyThBPReVHjiproB7gq4XzxBx9o5ITlTGNZmZ7OGS9F2/HWtec1P1ANu9R
+4dhtAt5ih/A1B3T49aetChJu4mLX861h2//lkxyKaGB7FNnUqPpw+OA7NNBKeE+h
+O0xuwgfL68aGwTmLf/Moz8h8/HvQM5Sb2Znid9AfW7fjwE2jyPBIEI91P7LC5MTQ
+7dMYALgptR02ngr8f23fHikNSqRh4eG2v4+Dk5BEhJGGAiqJfUktcmmXeHi+bKZJ
+GymOU2xPBsq0kULi1szyPSc04JlRwBVsIWzESQQly1DSh2fomLOtmhvGrngXtUMs
+XbUkb92mWiNt4g+X4Y1s2KXWmceejaZVQ0DVgMinitjNIt7FuuOrVx9pi+tdrZNd
+7l2QaXF4tQVZP7Bt9l33IBsZsjfJ+4NfeOsm5rzFqbXB2seNMav3lE4G1gcxayv9
+SNaaA+y5kDtwq46DEwmW5oQO7lQ3VsrmXoC9EOm7PwHe+ZJQNDCWaWlRTwrq1FKz
+UReMSPxeHuqpQqEbms1s4xP43L/okWP5WNuq+xD5ajrwwugAq8Bg4jCLd3D9xoCZ
+spDTEQX6URpPxKUMji18DjXLPlHcrEv+PRFcU4eMzXNFjEGN9e+L4rqKPvJA5SIc
+TcQ5cbBBOtNZ7w3PB9ab
+=zOVi
 -----END PGP SIGNATURE-----
diff --git a/sys-cluster/nova/files/CVE-2013-7048-grizzly.patch b/sys-cluster/nova/files/CVE-2013-7048-grizzly.patch
new file mode 100644
index 000000000000..7c9d98aa579b
--- /dev/null
+++ b/sys-cluster/nova/files/CVE-2013-7048-grizzly.patch
@@ -0,0 +1,35 @@
+From 9bd7fff8c0160057643cfc37c5e2b1cd3337d6aa Mon Sep 17 00:00:00 2001
+From: Xavier Queralt <xqueralt@redhat.com>
+Date: Wed, 27 Nov 2013 19:44:36 +0000
+Subject: Enforce permissions in snapshots temporary dir
+
+Live snapshots creates a temporary directory where libvirt driver
+creates a new image from the instance's disk using blockRebase.
+Currently this directory is created with 777 permissions making this
+directory accessible by all the users in the system.
+
+This patch changes the tempdir permissions so they have the o+x
+flag set, which is what libvirt needs to be able to write in it and
+
+Closes-Bug: #1227027
+Change-Id: I767ff5247b4452821727e92b668276004fc0f84d
+(cherry picked from commit 8a34fc3d48c467aa196f65eed444ccdc7c02f19f)
+---
+diff --git a/nova/virt/libvirt/driver.py b/nova/virt/libvirt/driver.py
+index 6b977cb..4cc85f1 100755
+--- a/nova/virt/libvirt/driver.py
++++ b/nova/virt/libvirt/driver.py
+@@ -1191,9 +1191,8 @@ class LibvirtDriver(driver.ComputeDriver):
+             try:
+                 out_path = os.path.join(tmpdir, snapshot_name)
+                 if live_snapshot:
+-                    # NOTE (rmk): libvirt needs to be able to write to the
+-                    #             temp directory, which is owned nova.
+-                    utils.execute('chmod', '777', tmpdir, run_as_root=True)
++                    # NOTE(xqueralt): libvirt needs o+x in the temp directory
++                    os.chmod(tmpdir, 0o701)
+                     self._live_snapshot(virt_dom, disk_path, out_path,
+                                         image_format)
+                 else:
+--
+cgit v0.9.2
diff --git a/sys-cluster/nova/files/CVE-2013-7048-havana.patch b/sys-cluster/nova/files/CVE-2013-7048-havana.patch
new file mode 100644
index 000000000000..aabc52d302d6
--- /dev/null
+++ b/sys-cluster/nova/files/CVE-2013-7048-havana.patch
@@ -0,0 +1,35 @@
+From 75be5abd6b3fa0f7f27fe9c805f832cd41d44a5d Mon Sep 17 00:00:00 2001
+From: Xavier Queralt <xqueralt@redhat.com>
+Date: Wed, 27 Nov 2013 19:44:36 +0000
+Subject: Enforce permissions in snapshots temporary dir
+
+Live snapshots creates a temporary directory where libvirt driver
+creates a new image from the instance's disk using blockRebase.
+Currently this directory is created with 777 permissions making this
+directory accessible by all the users in the system.
+
+This patch changes the tempdir permissions so they have the o+x
+flag set, which is what libvirt needs to be able to write in it and
+
+Closes-Bug: #1227027
+Change-Id: I767ff5247b4452821727e92b668276004fc0f84d
+(cherry picked from commit 8a34fc3d48c467aa196f65eed444ccdc7c02f19f)
+---
+diff --git a/nova/virt/libvirt/driver.py b/nova/virt/libvirt/driver.py
+index 5c05307..d427d65 100644
+--- a/nova/virt/libvirt/driver.py
++++ b/nova/virt/libvirt/driver.py
+@@ -1390,9 +1390,8 @@ class LibvirtDriver(driver.ComputeDriver):
+             try:
+                 out_path = os.path.join(tmpdir, snapshot_name)
+                 if live_snapshot:
+-                    # NOTE (rmk): libvirt needs to be able to write to the
+-                    #             temp directory, which is owned nova.
+-                    utils.execute('chmod', '777', tmpdir, run_as_root=True)
++                    # NOTE(xqueralt): libvirt needs o+x in the temp directory
++                    os.chmod(tmpdir, 0o701)
+                     self._live_snapshot(virt_dom, disk_path, out_path,
+                                         image_format)
+                 else:
+--
+cgit v0.9.2
diff --git a/sys-cluster/nova/nova-2013.1.4-r4.ebuild b/sys-cluster/nova/nova-2013.1.4-r5.ebuild
index aacf80b50784..a6bb1ff8b2ed 100644
--- a/sys-cluster/nova/nova-2013.1.4-r4.ebuild
+++ b/sys-cluster/nova/nova-2013.1.4-r5.ebuild
@@ -1,6 +1,6 @@
 # Copyright 1999-2014 Gentoo Foundation
 # Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/sys-cluster/nova/nova-2013.1.4-r4.ebuild,v 1.1 2014/01/23 16:31:28 prometheanfire Exp $
+# $Header: /var/cvsroot/gentoo-x86/sys-cluster/nova/nova-2013.1.4-r5.ebuild,v 1.1 2014/01/27 08:44:51 prometheanfire Exp $
 
 EAPI=5
 PYTHON_COMPAT=( python2_7 )
@@ -75,6 +75,7 @@ PATCHES=(
 	"${FILESDIR}/CVE-2013-4497-grizzly-2.patch"
 	"${FILESDIR}/CVE-2013-6419_2013.1.4.patch"
 	"${FILESDIR}/CVE-2013-6437-2012.1.4.patch"
+	"${FILESDIR}/CVE-2013-7048-grizzly.patch"
 	"${FILESDIR}/CVE-2013-7130-stable-grizzly.patch"
 )
 
diff --git a/sys-cluster/nova/nova-2013.2.1-r2.ebuild b/sys-cluster/nova/nova-2013.2.1-r3.ebuild
index 2b4842a7299f..735b7e95f814 100644
--- a/sys-cluster/nova/nova-2013.2.1-r2.ebuild
+++ b/sys-cluster/nova/nova-2013.2.1-r3.ebuild
@@ -1,6 +1,6 @@
 # Copyright 1999-2014 Gentoo Foundation
 # Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/sys-cluster/nova/nova-2013.2.1-r2.ebuild,v 1.1 2014/01/23 16:31:28 prometheanfire Exp $
+# $Header: /var/cvsroot/gentoo-x86/sys-cluster/nova/nova-2013.2.1-r3.ebuild,v 1.1 2014/01/27 08:44:51 prometheanfire Exp $
 
 EAPI=5
 PYTHON_COMPAT=( python2_7 )
@@ -72,6 +72,7 @@ RDEPEND="sqlite? ( >=dev-python/sqlalchemy-0.7.8[sqlite,${PYTHON_USEDEP}]
 
 PATCHES=(
 	"${FILESDIR}/CVE-2013-6437-2012.2.1.patch"
+	"${FILESDIR}/CVE-2013-7048-havana.patch"
 	"${FILESDIR}/CVE-2013-7130-stable-havana.patch"
 )
author	Matt Thode <prometheanfire@gentoo.org>	2014-01-27 08:45:00 +0000
committer	Matt Thode <prometheanfire@gentoo.org>	2014-01-27 08:45:00 +0000
commit	57d3436023151f06a0438c32a78917c9d0d4d59f (patch)
tree	f20ea7d73a92977a703ca5eaf8eab03756048461 /sys-cluster
parent	removing the old and jankey, adding the new hotness (diff)
download	historical-57d3436023151f06a0438c32a78917c9d0d4d59f.tar.gz historical-57d3436023151f06a0438c32a78917c9d0d4d59f.tar.bz2 historical-57d3436023151f06a0438c32a78917c9d0d4d59f.zip