Your message dated Sat, 15 Nov 2014 10:49:17 +0000
with message-id <20141115104917.ga6...@lupin.home.powdarrmonkey.net>
and subject line Re: Bug#769416: unblock: cinder/2014.1.3-7
has caused the Debian Bug report #769416,
regarding unblock: cinder/2014.1.3-7
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)
--
769416: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=769416
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: release.debian.org
Severity: normal
User: release.debian....@packages.debian.org
Usertags: unblock
Hi,
My last upload of Cinder corrects #769223 which has been reported just right
after the previous unblock. Sorry for this.
This fix is needed after the mask_password CVE fix introduced a regression.
You can see this for more info: https://bugs.launchpad.net/cinder/+bug/1368527.
But basically, it's an issue with unicode which wasn't fixed in Icehouse yet
(it's already fixed in the latest Juno release currently in Experimental).
Please unblock cinder/2014.1.3-7.
Cheers,
Thomas Goirand (zigo)
diff -Nru cinder-2014.1.3/debian/changelog cinder-2014.1.3/debian/changelog
--- cinder-2014.1.3/debian/changelog 2014-11-11 21:00:39.000000000 +0000
+++ cinder-2014.1.3/debian/changelog 2014-11-13 13:37:30.000000000 +0000
@@ -1,3 +1,10 @@
+cinder (2014.1.3-7) unstable; urgency=medium
+
+ * Adds fix for "delete volume failed due to unicode problems" which seems to
+ happen after fixing CVE-2014-7230 & CVE-2014-7231 (Closes: #769223).
+
+ -- Thomas Goirand <z...@debian.org> Thu, 13 Nov 2014 21:36:14 +0800
+
cinder (2014.1.3-6) unstable; urgency=medium
* Fixed debconf translation nl.po encoding (Closes: #766904).
diff -Nru cinder-2014.1.3/debian/patches/series cinder-2014.1.3/debian/patches/series
--- cinder-2014.1.3/debian/patches/series 2014-11-11 21:00:39.000000000 +0000
+++ cinder-2014.1.3/debian/patches/series 2014-11-13 13:37:30.000000000 +0000
@@ -1,2 +1,3 @@
install-missing-files.patch
CVE-2014-7230_CVE-2014-7231_Sync_process_utils_from_oslo.patch
+Sync_latest_strutils_from_oslo-incubator_for_mask_password_fix.patch
diff -Nru cinder-2014.1.3/debian/patches/Sync_latest_strutils_from_oslo-incubator_for_mask_password_fix.patch cinder-2014.1.3/debian/patches/Sync_latest_strutils_from_oslo-incubator_for_mask_password_fix.patch
--- cinder-2014.1.3/debian/patches/Sync_latest_strutils_from_oslo-incubator_for_mask_password_fix.patch 1970-01-01 00:00:00.000000000 +0000
+++ cinder-2014.1.3/debian/patches/Sync_latest_strutils_from_oslo-incubator_for_mask_password_fix.patch 2014-11-13 13:37:30.000000000 +0000
@@ -0,0 +1,34 @@
+Description: Sync latest strutils from oslo-incubator for mask_password fix
+ This sync pulls in:
+ 1131b56 Enable mask_password to handle byte code strings
+ .
+ This is the only update since the last sync:
+ beca4db Sync latest strutils from oslo-incubator
+ .
+ This is needed to fix a delete volume failure when processutils
+ calls mask_password with a byte code string.
+Author: James Carey <jeca...@us.ibm.com>
+Origin: upstream, https://review.openstack.org/#/c/129613/
+Date: Tue, 16 Sep 2014 14:13:51 +0000 (+0000)
+X-Git-Url: https://review.openstack.org/gitweb?p=openstack%2Fcinder.git;a=commitdiff_plain;h=3821206ff1455ffc682739911f7f59bdde6e18d2
+Change-Id: Ie8a8c8e26abc0e387830bc9246e9a44913ae9b24
+Bug-Ubuntu: https://launchpad.net/bugs/1368527
+
+diff --git a/cinder/openstack/common/strutils.py b/cinder/openstack/common/strutils.py
+index e3e0b76..381ca3e 100644
+--- a/cinder/openstack/common/strutils.py
++++ b/cinder/openstack/common/strutils.py
+@@ -297,7 +297,12 @@ def mask_password(message, secret="***"):
+ >>> mask_password("u'original_password' : u'aaaaa'")
+ "u'original_password' : u'***'"
+ """
+- message = six.text_type(message)
++ try:
++ message = six.text_type(message)
++ except UnicodeDecodeError:
++ # NOTE(jecarey): Temporary fix to handle cases where message is a
++ # byte string. A better solution will be provided in Kilo.
++ pass
+
+ # NOTE(ldbragst): Check to see if anything in message contains any key
+ # specified in _SANITIZE_KEYS, if not then just return the message since
--- End Message ---
--- Begin Message ---
On Thu, Nov 13, 2014 at 10:06:44PM +0800, Thomas Goirand wrote:
> My last upload of Cinder corrects #769223 which has been reported just right
> after the previous unblock. Sorry for this.
>
> This fix is needed after the mask_password CVE fix introduced a regression.
> You can see this for more info:
> https://bugs.launchpad.net/cinder/+bug/1368527.
> But basically, it's an issue with unicode which wasn't fixed in Icehouse yet
> (it's already fixed in the latest Juno release currently in Experimental).
Unblocked.
--
Jonathan Wiltshire j...@debian.org
Debian Developer http://people.debian.org/~jmw
4096R: 0xD3524C51 / 0A55 B7C5 1223 3942 86EC 74C3 5394 479D D352 4C51
signature.asc
Description: Digital signature
--- End Message ---
