[Pkg-ganeti-devel] [ganeti] 01/02: Fix regression after CVE-2015-7945
Apollon Oikonomopoulos
apoikos at moszumanska.debian.org
Fri Jan 15 14:47:45 UTC 2016
This is an automated email from the git hooks/post-receive script.
apoikos pushed a commit to branch debian/stable/jessie
in repository ganeti.
commit b2c0eac10679cb27554528d9ffa77b86c2f39d3d
Author: Apollon Oikonomopoulos <apoikos at debian.org>
Date: Wed Jan 13 11:50:34 2016 +0200
Fix regression after CVE-2015-7945
Backport upstream commit 09fb8fc73c.
Closes: #810850
---
debian/patches/CVE-2015-7945 | 24 ++++++++++++++++++++++++
1 file changed, 24 insertions(+)
diff --git a/debian/patches/CVE-2015-7945 b/debian/patches/CVE-2015-7945
index b807a3e..2e9d9bf 100644
--- a/debian/patches/CVE-2015-7945
+++ b/debian/patches/CVE-2015-7945
@@ -42,3 +42,27 @@ Date: Tue Dec 22 18:01:29 2015 +0000
"drbd_info": drbd_info,
"pstatus": dev_pstatus,
"sstatus": dev_sstatus,
+
+commit 43cbdbf4442020203d39f383f75488225a588c1b
+Author: Hrvoje Ribicic <riba at google.com>
+Date: Fri Aug 21 19:46:18 2015 +0000
+
+ Do not attempt to use the DRBD secret in gnt-instance info
+
+ ... so just redact what is output.
+
+ Signed-off-by: Hrvoje Ribicic <riba at google.com>
+ Reviewed-by: Klaus Aehlig <aehlig at google.com>
+
+diff --git a/lib/client/gnt_instance.py b/lib/client/gnt_instance.py
+index 1dd1415..fff4eb2 100644
+--- a/lib/client/gnt_instance.py
++++ b/lib/client/gnt_instance.py
+@@ -960,7 +960,6 @@ def _FormatDiskDetails(dev_type, dev, roman):
+ compat.TryToRoman(drbd_info["secondary_minor"],
+ convert=roman))),
+ ("port", str(compat.TryToRoman(drbd_info["port"], roman))),
+- ("auth key", str(drbd_info["secret"])),
+ ]
+ elif dev_type == constants.DT_PLAIN:
+ vg_name, lv_name = dev["logical_id"]
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-ganeti/ganeti.git
More information about the Pkg-ganeti-devel
mailing list