Mercurial Mercurial > upstream > oracle > userland-gate / diff
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
components/openstack/heat/patches/01-CVE-2014-3801.patch
changeset 4063 12e03e5492b8
parent 4062 f45bb9cec48c
parent 4061 5ac5027dc3e3 
--- a/components/openstack/heat/patches/01-CVE-2014-3801.patch	Fri Mar 20 22:56:27 2015 -0700
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,54 +0,0 @@
-Patch for Upstream bug 1311223.  This addresses CVE-2014-3801.  It has
-been fixed in Icehouse 2014.1.1 and Havana 2013.2.4.
-
-From 7e114a38712da8947ee7ad93eabda34f5e4aa65a Mon Sep 17 00:00:00 2001
-From: Angus Salkeld <[email protected]>
-Date: Thu, 1 May 2014 11:20:55 +1000
-Subject: Don't dynamically create provider types in the global env
-
-Only support this in user environments.
-Note: this is only when you have the following in your template
-resources:
-  thingy:
-    type: http://example.com/foo.template
-
-Doing this will avoid tenant-specific provider template URLs being
-shown globally in the resource-type listing.
-
-Co-Authored-By: Angus Salkeld <[email protected]>
-Closes-Bug: #1311223
-Change-Id: Ifa18108afacbda390b19b46a8f41bc4f018e95d6
-(cherry picked from commit a02ff20509171346d2a1d2a9df7c81aada134c52)
-
-diff --git a/heat/engine/environment.py b/heat/engine/environment.py
-index 6dd73f0..db9f2e2 100644
---- a/heat/engine/environment.py
-+++ b/heat/engine/environment.py
-@@ -187,7 +187,10 @@ class ResourceRegistry(object):
-         registry[name] = info
- 
-     def iterable_by(self, resource_type, resource_name=None):
--        if resource_type.endswith(('.yaml', '.template')):
-+        is_templ_type = resource_type.endswith(('.yaml', '.template'))
-+        if self.global_registry is not None and is_templ_type:
-+            # we only support dynamic resource types in user environments
-+            # not the global environment.
-             # resource with a Type == a template
-             # we dynamically create an entry as it has not been registered.
-             if resource_type not in self._registry:
-diff --git a/heat/tests/test_provider_template.py b/heat/tests/test_provider_template.py
-index 500cc59..e2af880 100644
---- a/heat/tests/test_provider_template.py
-+++ b/heat/tests/test_provider_template.py
-@@ -398,6 +398,8 @@ class ProviderTemplateTest(HeatTestCase):
-             self.assertIn(attrib, templ_resource.attributes)
-         for k, v in json_snippet.get("Properties").items():
-             self.assertEqual(v, templ_resource.properties[k])
-+        self.assertNotIn('WordPress_Single_Instance.yaml',
-+                         resources.global_env().registry._registry)
- 
-     def test_system_template_retrieve_by_file(self):
-         # make sure that a TemplateResource defined in the global environment
--- 
-cgit v0.10.1
-
upstream/oracle/userland-gate