Authors/ChangeLog for 2.29.2
Change-Id: I19d7c37e2f4b63f8743560b6b6569c0bc096ee65
This commit is contained in:
parent
d8d04ef43c
commit
1987983127
1
AUTHORS
1
AUTHORS
|
@ -398,6 +398,7 @@ Takashi Kajinami (tkajinam@redhat.com)
|
|||
Takashi Natsume (natsume.takashi@lab.ntt.co.jp)
|
||||
TheSriram (sriram@klusterkloud.com)
|
||||
Thiago da Silva (thiagodasilva@gmail.com)
|
||||
Thibault Person (thibault.person@ovhcloud.com)
|
||||
Thierry Carrez (thierry@openstack.org)
|
||||
Thomas Goirand (thomas@goirand.fr)
|
||||
Thomas Herve (therve@redhat.com)
|
||||
|
|
16
CHANGELOG
16
CHANGELOG
|
@ -1,3 +1,19 @@
|
|||
swift (2.29.2, yoga stable backports)
|
||||
|
||||
* Fixed a security issue in how `s3api` handles XML parsing that allowed
|
||||
authenticated S3 clients to read arbitrary files from proxy servers.
|
||||
Refer to CVE-2022-47950 for more information.
|
||||
|
||||
* Constant-time string comparisons are now used when checking S3 API
|
||||
signatures.
|
||||
|
||||
* Fixed a path-rewriting bug introduced in Python 3.7.14, 3.8.14, 3.9.14,
|
||||
and 3.10.6 that could cause some `domain_remap` requests to be routed to
|
||||
the wrong object.
|
||||
|
||||
* Improved compatibility with certain FIPS-mode-enabled systems.
|
||||
|
||||
|
||||
swift (2.29.1, OpenStack Yoga)
|
||||
|
||||
* This is the final stable branch that will support Python 2.7.
|
||||
|
|
|
@ -0,0 +1,20 @@
|
|||
---
|
||||
security:
|
||||
- |
|
||||
Fixed a security issue in how ``s3api`` handles XML parsing that allowed
|
||||
authenticated S3 clients to read arbitrary files from proxy servers.
|
||||
Refer to `CVE-2022-47950 <https://cve.circl.lu/cve/CVE-2022-47950>`__
|
||||
for more information.
|
||||
|
||||
- |
|
||||
Constant-time string comparisons are now used when checking S3 API
|
||||
signatures.
|
||||
|
||||
fixes:
|
||||
- |
|
||||
Fixed a path-rewriting bug introduced in Python 3.7.14, 3.8.14, 3.9.14,
|
||||
and 3.10.6 that could cause some ``domain_remap`` requests to be routed to
|
||||
the wrong object.
|
||||
|
||||
- |
|
||||
Improved compatibility with certain FIPS-mode-enabled systems.
|
Loading…
Reference in New Issue