Ubuntu
swift package

Change logs for swift source package in Trusty

Trusty (14.04)
Change log

swift (1.13.1-0ubuntu1.5) trusty-security; urgency=medium

  [ Jamie Strandboge ]
  * SECURITY UPDATE: disallow unsafe tempurl operations to point to
    unauthorized data
    - debian/patches/CVE-2015-5223.patch: disallow creation of DLO object
      manifests if non-safe tempurl request includes X-Object-Manifest header
    - CVE-2015-5223
    - LP: #1453948

  [ Marc Deslauriers ]
  * SECURITY UPDATE: DoS via incorrectly closed client connections
    - debian/patches/CVE-2016-0737.patch: get better at closing WSGI
      iterables in swift/common/middleware/dlo.py,
      swift/common/middleware/slo.py, swift/common/request_helpers.py,
      swift/common/swob.py, swift/common/utils.py,
      test/unit/common/middleware/helpers.py,
      test/unit/common/middleware/test_dlo.py,
      test/unit/common/middleware/test_slo.py.
    - CVE-2016-0737
  * SECURITY UPDATE: DoS via incorrectly closed server connections
    - debian/patches/CVE-2016-0738.patch: fix memory/socket leak in proxy
      on truncated SLO/DLO GET in swift/common/request_helpers.py,
      test/unit/common/middleware/test_slo.py.
    - CVE-2016-0738
  * Thanks to Red Hat for the patch backports!
  * debian/patches/fix-ubuntu-tests.patch: disable another test that no
    longer works on buildds.

 -- Marc Deslauriers <email address hidden>  Tue, 12 Sep 2017 07:36:43 -0400

swift (1.13.1-0ubuntu1.3) trusty; urgency=medium

  * Fix issue where swift daemons crash while writing logs to a stopped
    rsyslogd /dev/log socket. (LP: #1683076)
    - d/patches/fix-infinite-recursion-logging.patch: Cherry-picked from
      upstream stable/newton branch to avoid infinite loops when logging
      while rsyslogd is stopped.

 -- Billy Olsen <email address hidden>  Mon, 03 Jul 2017 22:22:58 -0700

swift (1.13.1-0ubuntu1.2) trusty-security; urgency=medium

  * SECURITY UPDATE: metadata constraint bypass via multiple requests
    - debian/patches/CVE-2014-7960.patch: add metadata checks to
      swift/account/server.py, swift/common/constraints.py,
      swift/common/db.py, swift/container/server.py, added tests to
      test/functional/test_account.py, test/functional/test_container.py,
      test/unit/common/test_db.py.
    - CVE-2014-7960
  * SECURITY UPDATE: object deletion via x-versions-location container
    - debian/patches/CVE-2015-1856.patch: prevent unauthorized delete in
      swift/proxy/controllers/obj.py, added tests to
      test/functional/tests.py, test/unit/proxy/test_server.py.
    - CVE-2015-1856

 -- Marc Deslauriers <email address hidden>  Wed, 22 Jul 2015 11:03:05 -0400

swift (1.13.1-0ubuntu1.1) trusty-security; urgency=medium

  * SECURITY UPDATE: properly quote www-authenticate header value
    - debian/patches/CVE-2014-3497.patch: urllib2.quote() the Swift realm in
      swift/common/swob.py
    - CVE-2014-3497
    - LP: #1327414
 -- Jamie Strandboge <email address hidden>   Tue, 24 Jun 2014 07:08:11 -0500

swift (1.13.1-0ubuntu1) trusty; urgency=medium

  * New upstream release (LP: #1299055).
 -- Chuck Short <email address hidden>   Thu, 17 Apr 2014 04:52:50 -0400

swift (1.13.1~rc2-0ubuntu1) trusty; urgency=medium

  [ Chuck Short ]
  * New upstream release candidate (LP: #1299055).

  [ James Page ]
  * d/control: Add appropriate Breaks/Replaces to support move of man pages
    between binary packages in 1.13.1~rc1-0ubuntu1 (LP: #1306241).
 -- James Page <email address hidden>   Mon, 14 Apr 2014 11:03:23 +0100

swift (1.13.1~rc1-0ubuntu2) trusty; urgency=medium

  * d/p/ring-perms.patch: Ensure that generated rings can be read by
    the swift user, fixing autopkgtest failure (LP: #1302700).
 -- James Page <email address hidden>   Sun, 06 Apr 2014 21:10:51 +0100

swift (1.13.1~rc1-0ubuntu1) trusty; urgency=medium

  [ Chuck Short ]
  * Add new binaries:
    - d/swift-container.install: Add swift-container-info binary.
    - d/swift-account.install: Add swift-account-info binary.

  [ James Page ]
  * New upstream release candidate (LP: #1299055).
  * d/rules: Tidy dh_clean override.
  * d/rules,swift-doc.docs: Re-enable documentation build.
  * d/*.manpages: Rejig manpage installs into correct packages.
  * d/container-server.conf: Add missing container-sync section
    (LP: #1290813).
  * d/*: Wrap-and-sort.
 -- James Page <email address hidden>   Fri, 04 Apr 2014 10:57:51 +0100

swift (1.13.0-0ubuntu1) trusty; urgency=medium

  [ Chuck Short ]
  * New upstream release.

  [ James Page ]
  * Add object-expirer package and associated configuration (LP: #1235495):
    - d/control: Add swift-object-expirer package, break/replace swift-object
      from earlier versions.
    - d/swift-object.install: Drop install of swift-object-expirer.
    - d/swift-object-expirer.{install,upstart}: Install swift-object-expirer
      and associated upstart configuration.
    - d/rules,object-expirer.conf: Provide basic object-expirer configuration.
    - debian/swift-object-expirer.docs: Add full example configuration to docs.
  * d/rules,swift-container.swift-container-sync.upstart: Add upstart
    configuration for swift-container-sync process (LP: #1250171).
 -- Chuck Short <email address hidden>   Thu, 06 Mar 2014 12:29:10 -0500

swift (1.12.0-0ubuntu1) trusty; urgency=medium

  * New upstream release.
  * debian/patches/fix-ubuntu-tests.patch: Rediffed.
  * debian/rules: Add pythonpath for tests.
 -- Chuck Short <email address hidden>   Wed, 29 Jan 2014 09:14:25 -0500

swift (1.11.0-0ubuntu2) trusty; urgency=low

  * d/tests/swift-daemons: Use service command to restart daemons instead
    of directly using non-existent scripts in /etc/init.d.
 -- James Page <email address hidden>   Fri, 13 Dec 2013 09:14:19 +0000

swift (1.11.0-0ubuntu1) trusty; urgency=low

  [ Chuck Short ]
  * debian/control: open icehouse release.
  * debian/rules:
    - Fix doc installation.
    - Removed debian distribution checking.
  * Removed init scripts, they dont get installed anyways.
  * Renamed upstart.in to regular upstart jobs.
  * debian/swift-doc.docs: Drop doc/build/html.
  * debian/swift.install: Remove swift-bench and swift-bench-client, it has
    moved into its own project.
  * debian/control: Suggest swift-bench.
  * debian/fix-ubuntu-tests.patch: Disable tests that fail on buildds.

  [ James Page ]
  * d/rules: Don't clean debian/*.upstart; we need those now!
 -- Chuck Short <email address hidden>   Thu, 12 Dec 2013 10:50:46 -0500

swift (1.10.0-0ubuntu1) saucy; urgency=low

  * New upstream release (LP: #1236462).
 -- Chuck Short <email address hidden>   Thu, 17 Oct 2013 10:26:18 -0400

swift (1.10.0~rc1-0ubuntu1) saucy; urgency=low

  * New upstream release candidate.
 -- Chuck Short <email address hidden>   Wed, 09 Oct 2013 15:13:23 -0400

Ubuntuswift package

Change logs for swift source package in Trusty

Ubuntu
swift package