--- a/components/python/django_openstack_auth/patches/CVE-2014-8124.patch	Thu Apr 16 01:36:32 2015 -0700
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,29 +0,0 @@
-django_openstack_auth patch for CVE-2014-8124.  This will be fixed in
-a future version of django_openstack_auth
-
-From e676c88a329af57d6c4f13df54f6e1e06c1f8360 Mon Sep 17 00:00:00 2001
-From: eric <[email protected]>
-Date: Mon, 8 Dec 2014 16:38:26 -0700
-Subject: [PATCH] Horizon login page contains DOS attack mechanism
-
-the horizon login page (and middleware) accesses the session
-too early in the login process, which will create session records
-in the session backend.  This is especially problematic when non-cookie
-backends are used.
-
-Co-Authored-By: Tihomir Trifonov <[email protected]>
-Co-Authored-By: Eric Peterson <[email protected]>
-
-Change-Id: I9a4999eb5f053515575ef09b8ba9d3bb3f114e5c
-Closes-Bug: 1394370
-
---- django_openstack_auth-1.1.3/openstack_auth/forms.py.orig
-+++ django_openstack_auth-1.1.3/openstack_auth/forms.py
-@@ -96,7 +96,6 @@ class Login(AuthenticationForm):
-             msg = 'Login failed for user "%(username)s".' % \
-                 {'username': username}
-             LOG.warning(msg)
--            self.request.session.flush()
-             raise forms.ValidationError(exc)
-         if hasattr(self, 'check_for_test_cookie'):  # Dropped in django 1.7
-             self.check_for_test_cookie()