[tryton-debian-vcs] suds branch debian updated. debian/0.4.1-13-3-g0a77e4b
Mathias Behrle
tryton-debian-vcs at alioth.debian.org
Mon May 26 11:11:03 UTC 2014
The following commit has been merged in the debian branch:
https://alioth.debian.org/plugins/scmgit/cgi-bin/gitweb.cgi/?p=tryton/suds.git;a=commitdiff;h=debian/0.4.1-13-3-g0a77e4b
commit 0a77e4b59b138ea4bb9de627b915b42b78611593
Author: Mathias Behrle <mathiasb at m9s.biz>
Date: Mon May 26 13:10:57 2014 +0200
Releasing debian version 0.4.1-14.
diff --git a/debian/changelog b/debian/changelog
index 4b4e2c7..fa49023 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,11 @@
+suds (0.4.1-14) unstable; urgency=medium
+
+ * Removing accidently doubled option pgpsigurlmangle from watch file.
+ * Improving 02-fix-unsecure-cache-path.patch to remove temporary files
+ on program exit.
+
+ -- Mathias Behrle <mathiasb at m9s.biz> Mon, 26 May 2014 12:50:37 +0200
+
suds (0.4.1-13) unstable; urgency=medium
* Removing LC_ALL=C.UTF-8 as build environment.
commit 5bf701c5cf7aa3bd67953fe3ff2895f7f88dcd6f
Author: Mathias Behrle <mathiasb at m9s.biz>
Date: Mon May 26 12:47:36 2014 +0200
Improving 02-fix-unsecure-cache-path.patch to remove temporary files on program exit.
This patch uses
- https://bitbucket.org/jurko/suds/issue/15/insecure-temporary-directory-use
- https://bitbucket.org/jurko/suds/commits/3126ac3a406c37f9982f01ad0ca4ed42cf9a47cb
- https://bitbucket.org/jurko/suds/commits/aee4b2f0318f4b4545a1da826149edaa2c047460
diff --git a/debian/patches/02-fix-unsecure-cache-path.patch b/debian/patches/02-fix-unsecure-cache-path.patch
index dcda33c..bb92bec 100644
--- a/debian/patches/02-fix-unsecure-cache-path.patch
+++ b/debian/patches/02-fix-unsecure-cache-path.patch
@@ -1,26 +1,331 @@
-Author: Mathias Behrle <mathiasb at m9s.biz>
+Author: Jurko Gospodnetić
Description: Fix for CVE-2013-2217:
Use secure temporary directory creation when initializing
file-based URL cache.
+
+ This patch is taken from the suds-jurko fork of suds at
+ https://bitbucket.org/jurko/suds. It removes the cache
+ files on exit of the calling program.
+
+ References:
+ https://bitbucket.org/jurko/suds/issue/15/insecure-temporary-directory-use
+ https://bitbucket.org/jurko/suds/commits/3126ac3a406c37f9982f01ad0ca4ed42cf9a47cb
+ https://bitbucket.org/jurko/suds/commits/aee4b2f0318f4b4545a1da826149edaa2c047460
Bug: https://bugzilla.redhat.com/show_bug.cgi?id=978696
Bug-Debian: http://bugs.debian.org/714340
Forwarded: https://bugzilla.redhat.com/show_bug.cgi?id=978696#c14
---- suds.orig/suds/cache.py 2013-06-29 16:26:16.930326017 +0200
-+++ suds/suds/cache.py 2013-06-29 16:02:15.000000000 +0200
-@@ -19,6 +19,7 @@
+--- suds.orig/suds/cache.py 2014-05-25 23:31:24.697791871 +0200
++++ suds/suds/cache.py 2014-05-25 23:34:02.112407424 +0200
+@@ -1,6 +1,6 @@
+ # This program is free software; you can redistribute it and/or modify
+ # it under the terms of the (LGPL) GNU Lesser General Public License as
+-# published by the Free Software Foundation; either version 3 of the
++# published by the Free Software Foundation; either version 3 of the
+ # License, or (at your option) any later version.
+ #
+ # This program is distributed in the hope that it will be useful,
+@@ -19,6 +19,8 @@
"""
import os
+import tempfile
++import shutil
import suds
from tempfile import gettempdir as tmp
from suds.transport import *
-@@ -138,7 +139,7 @@
+@@ -50,7 +52,7 @@
+ @rtype: any
+ """
+ raise Exception('not-implemented')
+-
++
+ def getf(self, id):
+ """
+ Get a object from the cache by ID.
+@@ -60,7 +62,7 @@
+ @rtype: any
+ """
+ raise Exception('not-implemented')
+-
++
+ def put(self, id, object):
+ """
+ Put a object into the cache.
+@@ -70,7 +72,7 @@
+ @type object: any
+ """
+ raise Exception('not-implemented')
+-
++
+ def putf(self, id, fp):
+ """
+ Write a fp into the cache.
+@@ -80,33 +82,33 @@
+ @type fp: file-like object.
+ """
+ raise Exception('not-implemented')
+-
++
+ def purge(self, id):
+ """
+ Purge a object from the cache by id.
+ @param id: A object ID.
+- @type id: str
++ @type id: str
+ """
+ raise Exception('not-implemented')
+-
++
+ def clear(self):
+ """
+ Clear all objects from the cache.
+ """
+ raise Exception('not-implemented')
+-
++
+
+ class NoCache(Cache):
+ """
+ The passthru object cache.
+ """
+-
++
+ def get(self, id):
+ return None
+-
++
+ def getf(self, id):
+ return None
+-
++
+ def put(self, id, object):
+ pass
+
+@@ -119,6 +121,9 @@
+ A file-based URL cache.
+ @cvar fnprefix: The file name prefix.
+ @type fnsuffix: str
++ @cvar remove_default_location_on_exit: Whether to remove the default cache
++ location on process exit (default=True).
++ @type remove_default_location_on_exit: bool
+ @ivar duration: The cached file duration which defines how
+ long the file will be cached.
+ @type duration: (unit, value)
+@@ -127,7 +132,10 @@
+ """
+ fnprefix = 'suds'
+ units = ('months', 'weeks', 'days', 'hours', 'minutes', 'seconds')
+-
++ __default_location = None
++ remove_default_location_on_exit = True
++
++
+ def __init__(self, location=None, **duration):
+ """
+ @param location: The directory for the cached files.
+@@ -138,12 +146,12 @@
@type duration: {unit:value}
"""
if location is None:
- location = os.path.join(tmp(), 'suds')
-+ location = tempfile.mkdtemp()
++ location = self.__get_default_location()
self.location = location
self.duration = (None, 0)
self.setduration(**duration)
+ self.checkversion()
+-
++
+ def fnsuffix(self):
+ """
+ Get the file name suffix
+@@ -151,10 +159,10 @@
+ @rtype: str
+ """
+ return 'gcf'
+-
++
+ def setduration(self, **duration):
+ """
+- Set the caching duration which defines how long the
++ Set the caching duration which defines how long the
+ file will be cached.
+ @param duration: The cached file duration which defines how
+ long the file will be cached. A duration=0 means forever.
+@@ -167,7 +175,7 @@
+ raise Exception('must be: %s' % str(self.units))
+ self.duration = arg
+ return self
+-
++
+ def setlocation(self, location):
+ """
+ Set the location (directory) for the cached files.
+@@ -175,7 +183,20 @@
+ @type location: str
+ """
+ self.location = location
+-
++
++ @staticmethod
++ def __get_default_location():
++ """
++ Returns the current process's default cache location folder.
++ The folder is determined lazily on first call.
++ """
++ if not FileCache.__default_location:
++ tmp = tempfile.mkdtemp("suds-default-cache")
++ FileCache.__default_location = tmp
++ import atexit
++ atexit.register(FileCache.__remove_default_location)
++ return FileCache.__default_location
++
+ def mktmp(self):
+ """
+ Make the I{location} directory if it doesn't already exits.
+@@ -186,7 +207,18 @@
+ except:
+ log.debug(self.location, exc_info=1)
+ return self
+-
++
++ @staticmethod
++ def __remove_default_location():
++ """
++ Removes the default cache location folder.
++ This removal may be disabled by setting the
++ remove_default_location_on_exit FileCache class attribute to False.
++
++ """
++ if FileCache.remove_default_location_on_exit:
++ shutil.rmtree(FileCache.__default_location, ignore_errors=True)
++
+ def put(self, id, bfr):
+ try:
+ fn = self.__fn(id)
+@@ -197,7 +229,7 @@
+ except:
+ log.debug(id, exc_info=1)
+ return bfr
+-
++
+ def putf(self, id, fp):
+ try:
+ fn = self.__fn(id)
+@@ -209,7 +241,7 @@
+ except:
+ log.debug(id, exc_info=1)
+ return fp
+-
++
+ def get(self, id):
+ try:
+ f = self.getf(id)
+@@ -218,7 +250,7 @@
+ return bfr
+ except:
+ pass
+-
++
+ def getf(self, id):
+ try:
+ fn = self.__fn(id)
+@@ -241,7 +273,7 @@
+ if expired < dt.now():
+ log.debug('%s expired, deleted', fn)
+ os.remove(fn)
+-
++
+ def clear(self):
+ for fn in os.listdir(self.location):
+ if os.path.isdir(fn):
+@@ -249,25 +281,25 @@
+ if fn.startswith(self.fnprefix):
+ log.debug('deleted: %s', fn)
+ os.remove(os.path.join(self.location, fn))
+-
++
+ def purge(self, id):
+ fn = self.__fn(id)
+ try:
+ os.remove(fn)
+ except:
+ pass
+-
++
+ def open(self, fn, *args):
+ """
+ Open the cache file making sure the directory is created.
+ """
+ self.mktmp()
+ return open(fn, *args)
+-
++
+ def checkversion(self):
+ path = os.path.join(self.location, 'version')
+ try:
+-
++
+ f = self.open(path)
+ version = f.read()
+ f.close()
+@@ -277,23 +309,23 @@
+ self.clear()
+ f = self.open(path, 'w')
+ f.write(suds.__version__)
+- f.close()
+-
++ f.close()
++
+ def __fn(self, id):
+ name = id
+ suffix = self.fnsuffix()
+ fn = '%s-%s.%s' % (self.fnprefix, name, suffix)
+ return os.path.join(self.location, fn)
+-
+-
++
++
+ class DocumentCache(FileCache):
+ """
+ Provides xml document caching.
+ """
+-
++
+ def fnsuffix(self):
+ return 'xml'
+-
++
+ def get(self, id):
+ try:
+ fp = FileCache.getf(self, id)
+@@ -303,7 +335,7 @@
+ return p.parse(fp)
+ except:
+ FileCache.purge(self, id)
+-
++
+ def put(self, id, object):
+ if isinstance(object, Element):
+ FileCache.put(self, id, str(object))
+@@ -317,10 +349,10 @@
+ @type protocol: int
+ """
+ protocol = 2
+-
++
+ def fnsuffix(self):
+ return 'px'
+-
++
+ def get(self, id):
+ try:
+ fp = FileCache.getf(self, id)
+@@ -330,7 +362,7 @@
+ return pickle.load(fp)
+ except:
+ FileCache.purge(self, id)
+-
++
+ def put(self, id, object):
+ bfr = pickle.dumps(object, self.protocol)
+ FileCache.put(self, id, bfr)
--
suds
More information about the tryton-debian-vcs
mailing list