Package "python3-simplestreams"

Name: python3-simplestreams


Library and tools for using Simple Streams data

Latest version: 0.1.0~bzr341-0ubuntu2.4
Release: trusty (14.04)
Level: updates
Repository: universe
Head package: simplestreams
Homepage: http://launchpad.net/simplestreams


Download "python3-simplestreams"

Other versions of "python3-simplestreams" in Trusty

Repository Area Version
base universe 0.1.0~bzr341-0ubuntu1
security universe 0.1.0~bzr341-0ubuntu2.3


Version: 0.1.0~bzr341-0ubuntu2.4 2015-10-21 17:06:54 UTC

  simplestreams (0.1.0~bzr341-0ubuntu2.4) trusty-proposed; urgency=medium

  [ Felipe Reyes ]
  * d/p/lp1346935-fix-bucket-creation-on-rgw.patch: Fix bucket creation when
    ceph-radosgw is used to provide a Swift API (LP: #1346935).

 -- Scott Moser Thu, 08 Oct 2015 15:15:21 -0400

Source diff to previous version
1346935 [SRU] Failing to create simplestreams bucket on ceph-radosgw

Version: 0.1.0~bzr341-0ubuntu2.3 2015-09-25 20:06:27 UTC

  simplestreams (0.1.0~bzr341-0ubuntu2.3) trusty-security; urgency=high

  * export checksummer in simplestreams.util (LP: #1499749)
    Users of simplestreams.util checksummer would get an AttributeError
    because this was moved.

 -- Scott Moser Fri, 25 Sep 2015 11:15:24 -0400

Source diff to previous version
1499749 Exception in bootresources.py prevents downloading boot pxe images

Version: 0.1.0~bzr341-0ubuntu2.2 2015-09-25 00:06:28 UTC

  simplestreams (0.1.0~bzr341-0ubuntu2.2) trusty-security; urgency=medium

  * SECURITY UPDATE: insufficient verification of GPG signatures
    allowing malicious injection into images
    - debian/patches/lp1487004-use-checksumming-reader.patch: Ensure
      that users of the BasicMirrorWriter get exceptions when importing
      data that has invalid checksum or sizes. (LP: #1487004)
    - CVE-2015-1337
    - debian/patches/lp1487004-sru-safetynet.patch:
      provide a backwards compatible behavior via setting
      SS_MISSING_ITEM_CHECKSUM_BEHAVIOR=silent. See bug for more info.

 -- Scott Moser Tue, 22 Sep 2015 17:12:43 -0400

Source diff to previous version
1487004 Malicious server can bypass gpg verification and inject malicious images
CVE-2015-1337 RESERVED

Version: 0.1.0~bzr341-0ubuntu2.1 2015-06-03 15:07:02 UTC

  simplestreams (0.1.0~bzr341-0ubuntu2.1) trusty-proposed; urgency=medium

  * GlanceMirror: identify images as i686 not i386 (LP: #1454775)
    When uploading i386 images to glance, mark their architecture as i686
    rather than i386 so that the openstack scheduler will schedule them.

 -- Scott Moser <email address hidden> Wed, 13 May 2015 14:33:29 -0400

Source diff to previous version
1454775 incorrect architecture label on i386 images

Version: 0.1.0~bzr341-0ubuntu2 2014-07-30 01:06:31 UTC

  simplestreams (0.1.0~bzr341-0ubuntu2) trusty-proposed; urgency=medium

  * debian/patches/1-add-item-filter-to-glancemirror.patch: add
    filter support, expose in sstream-mirror-glance (LP: #1339842)
 -- Michael McCracken <email address hidden> Fri, 11 Jul 2014 13:01:54 -0700

1339842 GlanceMirror item filters are hardcoded

About   -   Send Feedback to @ubuntu_updates