swift

History

John Dickinson dd9d97458e Prevent unauthorized delete in versioned container

An authenticated user can delete the most recent version of any
versioned object who's name is known if the user has listing access
to the x-versions-location container. Only Swift setups with
allow_version setting are affected.

This patch closes this bug, tracked as CVE-2015-1856

Co-Authored-By: Clay Gerrard <clay.gerrard@gmail.com>
Co-Authored-By: Christian Schwede <info@cschwede.de>
Co-Authored-By: Alistair Coles <alistair.coles@hp.com>

Closes-Bug: 1430645
Change-Id: Ibacc7413afe7cb6f77d92e5941dcfdf4768ffa18

2015-04-13 23:34:10 -07:00

functional

Prevent unauthorized delete in versioned container

2015-04-13 23:34:10 -07:00

probe

Fix common misspellings

2015-03-24 11:07:56 +01:00

unit

Prevent unauthorized delete in versioned container

2015-04-13 23:34:10 -07:00

__init__.py

In-process swift server for functional tests

2014-04-29 08:45:11 -04:00

sample.conf

Minor change to the service token sample test config

2015-02-27 11:54:50 +00:00