dev-python/pycadf/files/CVE-2014-4615.patch - platform/external/gentoo/overlays/gentoo - Git at Google

 https://review.openstack.org/#/c/94878/
 Owner	gordon chung
 Project	openstack/pycadf
 Branch	master
 Topic	bug1321080
 Uploaded	May 22, 2014 10:12 PM
 Updated		May 23, 2014 3:34 AM
 Status	Merged

 Commit Message:		remove token from notifier middleware

 notifier middleware is capturing token and sending it to MQ. this
 is not advisable so we should filter it out.

 Change-Id: I11d9f2f23fc3b60c945c33d4d02bd7640d88a083
 Closes-Bug: #1321080
 diff --git a/pycadf/middleware/notifier.py b/pycadf/middleware/notifier.py
 index fc921f8..621c8b4 100644
 --- a/pycadf/middleware/notifier.py
 +++ b/pycadf/middleware/notifier.py
 @@ -88,7 +88,7 @@
          include them.
          """
          return dict((k, v) for k, v in six.iteritems(environ)
 -                    if k.isupper())
 +                    if k.isupper() and k != 'HTTP_X_AUTH_TOKEN')

      @log_and_ignore_error
      def process_request(self, request):
	https://review.openstack.org/#/c/94878/
	Owner gordon chung
	Project openstack/pycadf
	Branch master
	Topic bug1321080
	Uploaded May 22, 2014 10:12 PM
	Updated May 23, 2014 3:34 AM
	Status Merged

	Commit Message: remove token from notifier middleware

	notifier middleware is capturing token and sending it to MQ. this
	is not advisable so we should filter it out.

	Change-Id: I11d9f2f23fc3b60c945c33d4d02bd7640d88a083
	Closes-Bug: #1321080
	diff --git a/pycadf/middleware/notifier.py b/pycadf/middleware/notifier.py
	index fc921f8..621c8b4 100644
	--- a/pycadf/middleware/notifier.py
	+++ b/pycadf/middleware/notifier.py
	@@ -88,7 +88,7 @@
	include them.
	"""
	return dict((k, v) for k, v in six.iteritems(environ)
	- if k.isupper())
	+ if k.isupper() and k != 'HTTP_X_AUTH_TOKEN')

	@log_and_ignore_error
	def process_request(self, request):