x/python-ganttclient
Code Issues Proposed changes

Sanitize EC2 manifests and image tarballs

Browse Source 
Prevent potential directory traversal with malicious EC2 image tarballs,
by making sure the tarfile is safe before unpacking it. Fixes bug 894755

Prevent potential directory traversal with malicious file names in
EC2 image manifests. Fixes bug 885167

Change-Id: If6109047307bd6e654ee9d1254f0d7f31cf741c1
This commit is contained in:
Thierry Carrez
2011-12-01 17:54:16 +01:00
parent fcbbe0d70c
commit ea2d79ff12
1 changed files with 1 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
MANIFEST.in
View File

@@ -37,6 +37,7 @@ include nova/tests/bundle/1mb.part.0
include nova/tests/bundle/1mb.part.1
include nova/tests/api/ec2/public_key/*
include nova/tests/db/nova.austin.sqlite
include nova/tests/image/*.tar.gz
include plugins/xenapi/README
include plugins/xenapi/etc/xapi.d/plugins/objectstore
include plugins/xenapi/etc/xapi.d/plugins/pluginlib_nova.py