[Python-modules-commits] r5306 - in packages/python-cherrypy/trunk/debian (2 files)

kov at users.alioth.debian.org kov at users.alioth.debian.org
Sat May 10 19:45:07 UTC 2008 

    Date: Saturday, May 10, 2008 @ 19:45:04
  Author: kov
Revision: 5306

removing patch that has been applied upstream

Modified:
  packages/python-cherrypy/trunk/debian/changelog
Deleted:
  packages/python-cherrypy/trunk/debian/patches/04_CVE-2008-0252.diff

Modified: packages/python-cherrypy/trunk/debian/changelog
===================================================================
--- packages/python-cherrypy/trunk/debian/changelog	2008-05-10 19:41:54 UTC (rev 5305)
+++ packages/python-cherrypy/trunk/debian/changelog	2008-05-10 19:45:04 UTC (rev 5306)
@@ -3,8 +3,10 @@
   * New upstream release
   * debian/watch:
   - updated watch file to look for 2.3.x releases
+  * debian/patches/04_CVE-2008-0252.diff:
+  - applied upstream; removing
 
- -- Gustavo Noronha Silva <kov at debian.org>  Sat, 10 May 2008 16:41:32 -0300
+ -- Gustavo Noronha Silva <kov at debian.org>  Sat, 10 May 2008 16:44:31 -0300
 
 python-cherrypy (2.2.1-4) unstable; urgency=low
 

Deleted: packages/python-cherrypy/trunk/debian/patches/04_CVE-2008-0252.diff
===================================================================
--- packages/python-cherrypy/trunk/debian/patches/04_CVE-2008-0252.diff	2008-05-10 19:41:54 UTC (rev 5305)
+++ packages/python-cherrypy/trunk/debian/patches/04_CVE-2008-0252.diff	2008-05-10 19:45:04 UTC (rev 5306)
@@ -1,12 +0,0 @@
-diff -Nurad python-cherrypy-2.2.1~/cherrypy/filters/sessionfilter.py python-cherrypy-2.2.1/cherrypy/filters/sessionfilter.py
---- python-cherrypy-2.2.1~/cherrypy/filters/sessionfilter.py	2008-01-18 16:21:27.000000000 +0100
-+++ python-cherrypy-2.2.1/cherrypy/filters/sessionfilter.py	2008-01-18 16:23:36.000000000 +0100
-@@ -326,6 +326,8 @@
-             raise SessionStoragePathNotConfiguredError()
-         fileName = self.SESSION_PREFIX + id
-         file_path = os.path.join(storage_path, fileName)
-+        if not os.path.normpath(file_path).startswith(storage_path):
-+            raise cherrypy.HTTPError(400, "Invalid session id in cookie.")
-         return file_path
-     
-     def _lock_file(self, path):

More information about the Python-modules-commits mailing list