Package "python-glance-doc"

  glance (2012.1.3+stable-20130423-74b067df-0ubuntu1) precise-proposed; urgency=low

  * Resynchronize with stable/essex (74b067df) (LP: #1089488):
    - [74b067d] v1 api returns location as header for cached images LP: 1135541
    - [37d4d96] glance image-download can display backend Swift password
      LP: 1098962
    - [efd7e75] Non-admin users can cause public glance images to be deleted
      from the backend storage repository (LP: #1065187)
    - [e6be061] Jenkins jobs fail because of incompatibility between sqlalchemy-
      migrate and the newest sqlalchemy-0.8.0b1 (LP: #1073569)
  * Dropped patches, superseeded by snapshot:
    - debian/patches/CVE-2013-1840.patch [74b067d]
    - debian/patches/CVE-2013-0212.patch [37d4d96]
    - debian/patches/CVE-2012-4573.patch [efd7e75]
 -- Yolanda <email address hidden> Wed, 24 Apr 2013 14:58:09 +0200

  glance (2012.1.3+stable~20120821-120fcf-0ubuntu1.5) precise-security; urgency=low

  * SECURITY UPDATE: fix information disclosure via Glance v1 API
    - debian/patches/CVE-2013-1840.patch: adjust api/middleware/cache.py to
      not show image_meta['location']
    - CVE-2013-1840
    - LP: #1135541
 -- Jamie Strandboge <email address hidden> Thu, 14 Mar 2013 15:06:48 -0500

  glance (2012.1.3+stable~20120821-120fcf-0ubuntu1.3) precise-security; urgency=low

  * SECURITY UPDATE: information disclosure via swift error messages
    - debian/patches/CVE-2013-0212.patch: adjust glance/store/swift.py to
      mot show URLs and credentials in error messages and log output
    - CVE-2013-0212
 -- Jamie Strandboge <email address hidden> Mon, 28 Jan 2013 13:51:45 -0600

  glance (2012.1.3+stable~20120821-120fcf-0ubuntu1.2) precise-security; urgency=low

  * SECURITY UPDATE: deletion of arbitrary public and shared images via
    authenticated user
    - debian/patches/CVE-2012-4573.patch: adjust glance/api/v1/images.py to
      ensure image is owned by user before delayed_deletion
    - CVE-2012-4573
 -- Jamie Strandboge <email address hidden> Thu, 08 Nov 2012 07:19:39 -0600

  glance (2012.1.3+stable~20120821-120fcf-0ubuntu1) precise-proposed; urgency=low

  * New upstream snapshot. (LP: #1041120)
  * Resynchronzie with stable/essex:
    - Glance add uploads a double image if using ssl and images is smaller
      than 4k. (LP: #1007093)
    - If response.environ is None, instance fails to spawn.
      (LP: #1010560)
    - exception.BadStoreURL exposes sensitive information to end users.
      (LP: #1012268)
    - glance-cache.conf needs metadata encryption key (LP: #1012752)
    - image.upload notification doesn't report size (LP: #1018246)
    - Admins should be able to share image regardless of ownership.
      (LP: #1021054)
    - Glance scrubber date formatting fails with postgres (LP: #1022369)
    - Support zero-size image creation. (LP: #1025353)
    - Image id not contained in swift chunk debug message. (LP: #1028433)
    - qpid_heartbeat setting is ineffective. (LP: #1032314)
    - Image properties that reference image ids are not updated to UUIDs.
      (LP: #975651)
    - Migration 012_id_to_uuid attempts to convert IDs twice for non-sqlite
      databases. (LP: #975655)
    - multiprocess glance-api failed to exit when stopped by ctrl+c.
      (LP: #978130)
    - /usr/bin/glance's built-in pager breaks redirection.
      (LP: #978610)
    - Content-Length and Transfer-Encoding are mutually exclusive HTTP headers
      (LP: #981332)
    - glance add command - incorrect help text (LP: #997565)
  * debian/patches/convert_properties_to_uuid.patch: Dropped no longer
    needed.
  * debian/patches/fix-pep8-ubuntu.patch: Dropped no longer needed.
 -- Adam Gandelman <email address hidden> Fri, 24 Jun 2012 03:14:33 -0400