Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status
summaryrefslogtreecommitdiff
path: root/www-apps
diff options
context:
space:
mode:
authorMatt Thode <prometheanfire@gentoo.org>2013-12-13 17:13:28 +0000
committerMatt Thode <prometheanfire@gentoo.org>2013-12-13 17:13:28 +0000
commit45784d47e5e4745cef8a8ad151fbf20753316f08 (patch)
treeed40f658047757a119e03a11742b4544f3cbfadd /www-apps
parentfix for CVE-2013-6391 (diff)
downloadhistorical-45784d47e5e4745cef8a8ad151fbf20753316f08.tar.gz
historical-45784d47e5e4745cef8a8ad151fbf20753316f08.tar.bz2
historical-45784d47e5e4745cef8a8ad151fbf20753316f08.zip
fixes for CVE-2013-6858 badness removed
Package-Manager: portage-2.2.7/cvs/Linux x86_64 Manifest-Sign-Key: 0x2471EB3E40AC5AC3
Diffstat (limited to 'www-apps')
-rw-r--r--www-apps/horizon/ChangeLog11
-rw-r--r--www-apps/horizon/Manifest26
-rw-r--r--www-apps/horizon/files/cve-2013-6858_2013.1.4.patch73
-rw-r--r--www-apps/horizon/files/cve-2013-6858_2013.2.patch77
-rw-r--r--www-apps/horizon/horizon-2013.1.4-r1.ebuild (renamed from www-apps/horizon/horizon-2013.1.4.ebuild)4
-rw-r--r--www-apps/horizon/horizon-2013.2-r2.ebuild (renamed from www-apps/horizon/horizon-2013.2.ebuild)29
6 files changed, 207 insertions, 13 deletions
diff --git a/www-apps/horizon/ChangeLog b/www-apps/horizon/ChangeLog
index dcc99e219e7d..c68e7ee5f3a7 100644
--- a/www-apps/horizon/ChangeLog
+++ b/www-apps/horizon/ChangeLog
@@ -1,6 +1,15 @@
# ChangeLog for www-apps/horizon
# Copyright 1999-2013 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/www-apps/horizon/ChangeLog,v 1.16 2013/11/27 04:37:26 idella4 Exp $
+# $Header: /var/cvsroot/gentoo-x86/www-apps/horizon/ChangeLog,v 1.17 2013/12/13 17:13:20 prometheanfire Exp $
+
+*horizon-2013.2-r2 (13 Dec 2013)
+*horizon-2013.1.4-r1 (13 Dec 2013)
+
+ 13 Dec 2013; Matthew Thode <prometheanfire@gentoo.org>
+ +files/cve-2013-6858_2013.1.4.patch, +files/cve-2013-6858_2013.2.patch,
+ +horizon-2013.1.4-r1.ebuild, +horizon-2013.2-r2.ebuild,
+ -horizon-2013.1.4.ebuild, -horizon-2013.2.ebuild:
+ fixes for CVE-2013-6858 badness removed
*horizon-2013.2-r1 (27 Nov 2013)
diff --git a/www-apps/horizon/Manifest b/www-apps/horizon/Manifest
index 20c8b731061e..d37867e986ce 100644
--- a/www-apps/horizon/Manifest
+++ b/www-apps/horizon/Manifest
@@ -1,20 +1,32 @@
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
+AUX cve-2013-6858_2013.1.4.patch 3435 SHA256 5b2d82ab1ba1167b0b8adcdad2757f3364bbbb7662990c7515aea16744824444 SHA512 2d69872c07b84956596540345d45fad28495954f552692a52f193c8dfc2a4988cd343dde35699d6acb1b6c697e00dffd4d04d909fc07091cbf4f81b0af7cdb9f WHIRLPOOL a59fde5342b3f2f74e0faa6ffc2e1a5a088ecd2face334b262f3f121d18b04d55af6535fc7e472738436c568c655f267de05bb04602060c93a326b6ceb98c31a
+AUX cve-2013-6858_2013.2.patch 3578 SHA256 9e4a6e84bfa27386d3fb55454d10bcaf186ef3a823a5cf6da01d394a403dcf98 SHA512 6375bf2adcab8e954750770af6928af9a9073babb24c1723b7994dc837294a7e154a287166c547ee8ca5899e1a83c0cefb2a1324d77a3d904b5a896c6fd30dad WHIRLPOOL 6dbc7390b0867087670ae965adefcf604c659d7087b4de7cfa67ae7d51b43108afc25772e44855beccfaa08de10750e0f7230a1ef15f42f3b71b64b6f2eebeb9
DIST horizon-2013.1.4.tar.gz 1789471 SHA256 fb24b6d8b38d199a8ab0174335df63c7612e74a02e4f0883ee8a3181ce07b4ab SHA512 de0b24452348ea166107d33e285341a5754207f1da441b4f8383969f0f00421f626f4e0941f555dc23a3ce84792579bf2e240ffad5f4d4e7f168ca0cb47f833a WHIRLPOOL a552be48f903f06f1d296fe2b9ea18e369efcfbd2584aeff79aa40b87f52d588c201a1c26ea2f83b242db45d07139b0e6ca9ca5a662ac167657140b005b8f39b
DIST horizon-2013.2.tar.gz 2580489 SHA256 f19d274966218ba678ce3ecdcc131f787a4614f1bd6cf6b7d24a88bcf79863f6 SHA512 2680b7b6a86b064eddbd52a281d8d1d419a0051d88160c24178095c414549e9b1f9ac11d4ad81d59b638eac928b2a1afe7f37fa266415807b53ec462964b6a1a WHIRLPOOL 502bb0387d01ca7145f9697cfa7ba657d4961024e86f16cd9f2b069df9a4d90addb44eb6947353c21f14a680b30f8a03a468ffbaa44a2a77a86752f2d8de236d
-EBUILD horizon-2013.1.4.ebuild 1488 SHA256 ddd2f01f65e68fb7b7cfc6d440a957ef463fd30896fade07631812a9eb552b2a SHA512 e778391599314bc3d411b5cf5e2df5bd8fa0f13780f37b83936375ba93700ac0e8a68e218e5046bfd57a6e57487faae262728957635ec6f90b302b0508836af7 WHIRLPOOL 7da9847174ed0a00fd236aec49bd11d55e0aed969a7314950b2c14fd21eb1a52cf29f0f617e8ea2e42e090caeda8062a96455e8618bf2213a9bd585d297ccaee
+EBUILD horizon-2013.1.4-r1.ebuild 1547 SHA256 11df634aad004e66b6f084a1d87f5e7b6e6e29392970156536ba2cfc839ebfae SHA512 9fa73fdef05d3d68f32381ddc9df007644ec1e6fa4fa29244022a1dfdba3baa9c8b14d7c6065f3c5574064e493e71b9f25616884fb15d531ea8f28c35acbdd9e WHIRLPOOL dc0e328926504e0d640ba89f292039163f6f13466b2923aad1e43fbe6609813eab74f190a8582b9f9d405dcf50cc2e8a55cb5d5594a70dca9088413db15d5b86
EBUILD horizon-2013.1.9999.ebuild 1499 SHA256 07e3946b50ec0b6e9d702baa587227774c904c4b575ace0ebb1c66fa062856b6 SHA512 630b6c008b97f527345fcd5fac91513813916be81427dfe08f0b54c14aa73a76f1a52ea16782c928acfbf1471f239878bea50339185fb55dd2062ff4505c0145 WHIRLPOOL 85d7bae9b4bb177cbb671692463aea1e29e503f00e726abf5ed868ab533f01f6e3e9cb0153ed4fd29d183ab54d196a09ad8161978fd49b6d7a357d2140662506
EBUILD horizon-2013.2-r1.ebuild 2500 SHA256 43707b472133ccd549a15419f1fa45340d393333b6fa531a101599dea3baf62b SHA512 c4de215a06af0ccced95a08172fbbd3ccf7311fe1fa88b126c4ecc6ae5e32c8d2c251427cd11ff2bd8d445325febe42e7b9ec8cad5861d26999cf00073c75d67 WHIRLPOOL 03c03e6e1ee3163a61eefab844766efa06df723d525dcf5a8080ff5c1cae003328aca9c4c15ee56d49b397d784f7ba6810438c47442580654bd223507d562ae6
+EBUILD horizon-2013.2-r2.ebuild 2561 SHA256 7874edb401e3d9a30f3135f8169ad4f51598952d16313eded062f5797a66879f SHA512 04b07c551fea61c07889c4093dcf50d052059a6240816c5348b4d91c7a7219089420fe56eeebf84026e4aaed8848e58da6a8a0ee476d35400dffec86db1e1199 WHIRLPOOL d7e53bd82d57620c3c0d382a0b312a760a1dbb448f296e61c92c5d090bff54e0dd58c74d4304380a6052c75bb7dc11c7a2b729309afe584dda77560fd6b5c7fb
EBUILD horizon-2013.2.9999.ebuild 2521 SHA256 9cf61186c33ff8e75e3828c66e7650119cb16ae8185356cdac5542e99bdadf56 SHA512 90a89aee5620318df17dfa5a01e5cc7fa24c48f5920a3049426c01bd5e647745fa03056b07f44743563d0ca79e7e42f170e9122467c31ed5539cfbcaf72c7f90 WHIRLPOOL b2a884b03932ca0ed8ebfd49a5c5de102cf37ef2a7d7dc86c337ad96f7a1feb9ea9b59a4b0275d824e81f9c2780ea0618c225e3cc2b98345f15b78cd4dff67d8
-EBUILD horizon-2013.2.ebuild 1795 SHA256 ed925118719483fa9514a9499675b5dd4d366be13736ea5d67d93dca55cabcd9 SHA512 96216d14a0aeeadd2bc371b6eda0751656049d1e0547d9253681fe54bdc511fd188016de8f06cf8d9ae840a64d265782e7ef67aa65e65c07f067a091430db734 WHIRLPOOL 91747ce8fe77ecd3ba03bee4f03e2d0fddf103cd3ca709f52b87b48bacc6fcb9099a77d768c38d4abb816fed32d93b55ef1071b1bcdf2d2d925e707864d4b3fd
EBUILD horizon-9999.ebuild 1821 SHA256 3fadff63ffdc90d06b0cae7d7fb978a6216f69877c95902476c5a63e541a986b SHA512 c885f318493458a07954178e7719358dffb20449dbd170f37212fc3c60553c9146c85d523846fb8f8475867d91b5ce0743e6635fcf29980f1facab0dd71bfe5b WHIRLPOOL 3c0f946b69708d507b15a8f79cfa7080cf6ba06bb51aa8f1d81224acf0cc819ad8df2e50eeb6db805ce5442b8df1b8794d00ba8e6d7d9ea59e2314cde45e308a
-MISC ChangeLog 3008 SHA256 75f7c6e8a78454fdc5fb9f8ca4ed6848d6c9181f2ec63abae35a7834d2b17cbc SHA512 6e19796c52bf17eb74835f0340473a78850c07624e9ebb002e824600207808805ded88f7d468927d1935f954979acd9e27d02582795413d9a926e98816103467 WHIRLPOOL f453e74ce6130ced826b77264099819bdaabac163faf0455045b5aeb5762913e8d69484fdf324ced96552b596e751349019fef7007a5a2c6cddecf133ff5c804
+MISC ChangeLog 3368 SHA256 222509a1da71038e002ef197b9445625c5c06e73c590c6dc0c8ae94a29eedbea SHA512 0b2e5261b7706a6305d1d98e3937e3f12b41bc15081850d996d2235c7043890e3343ea43de80d84f3af6b4cb193a21322bab8c20deb6e3b6c76e403aaf04e9ca WHIRLPOOL 703d6e0c12cb5f9cd57575aa3df88cbf5be9cfdc262ea065e1e07b25448cc41e50b7bfd80411c58ab119b0a9e2065bd2fa32fdbf6a0de5fbf28d30309418e59d
MISC metadata.xml 502 SHA256 8a64a12fb6d42791ddde4f06dbeb1e32359e41fafb25b69b16d773eabf18ad57 SHA512 35da4f1a5a38b64361e5003731e9a0bfc81498c3e43b9b9e5b152d6fad2d8157a3632b737a9987bcec726d1057c52b05ee73e4fc280d9353f4649fe20c0b5915 WHIRLPOOL 028f50558b926a576c36fa0da5dfce8cae2a948f0adb4cd71df2f17e806565caaa0698dc262a484012e8c5d9d8cc6d0f4ef77983ea6d79b6b8b3e03ec80b7ea1
-----BEGIN PGP SIGNATURE-----
-Version: GnuPG v2.0.19 (GNU/Linux)
+Version: GnuPG v2.0.22 (GNU/Linux)
-iEYEAREIAAYFAlKVdxkACgkQso7CE7gHKw20XQCgyvgkOlmeAC10roowMEA1oLs1
-eXsAoIPnXEFHtBF1eSfOj/yQKuLqJ22V
-=w1dj
+iQIcBAEBCAAGBQJSq0A5AAoJECRx6z5ArFrDP9AQAICa6bb6+1aGQxs/fp/iSMYG
+PGNrFPJq6O6hCRtdIhHbejCiLTKi33/R01S/4wKS6KleII8S3GLhy5vug5NnpoRE
+VUsWKYKE94afPfNGPxZYBmnJOaoeWwm26A3CR+VRSRE/W3fy5Z3qDb8Nc9bOeAYv
+KlJpMl3mBRSLjtSOZ8gHkfbx/T0P8aKr7JORfcZ7B9SVx5HpbXJHlrFxyLznBRMl
+npl8SUQNU2WRoSQNy1IsrQlhDFFzziCtYc6ZPni1VMlmU5Qv3ZBaQBVCL5y3Rdyy
+3dRvyxcUWO0i9v4euAxdS5nsrRrqW2Jt/kBs0VK3/Meb6xheXBJNFlSvtkuih4Vm
+jQ4xKBfR9hzMD2oXj1FxU/gVB+lwdLibvq3Vr3zhJUMLgBnnRkPWiUfKBA7cdfKz
+3yG3AvSz2SmEfVeQEbpkny3ffwabkrKrEECaySS1rdFqFq6wpGb+M+Dud4s0k9af
+0qw3r2mGWfBmnBZeKDWsd3oWacEEis7OkxRTx7GteWrdV7ElvhUct7rE+GXHbt8h
+iZw73k/1suDxi8d0vb91PDYaGh84qxD3oxyH+JmqrSXwwCBdogK57XXKmiBHpAtI
+YIYBiDHbCtiaoY8ioWciRzbTvQ1s6QDR2joObvtFUgaI1ExB3ROm4uYhp7I4Urri
+OTahM1c3GJPIygemj6CZ
+=/rn9
-----END PGP SIGNATURE-----
diff --git a/www-apps/horizon/files/cve-2013-6858_2013.1.4.patch b/www-apps/horizon/files/cve-2013-6858_2013.1.4.patch
new file mode 100644
index 000000000000..19a5bc85e8a9
--- /dev/null
+++ b/www-apps/horizon/files/cve-2013-6858_2013.1.4.patch
@@ -0,0 +1,73 @@
+From: Rob Raymond <rob.raymond@hp.com>
+Date: Mon, 4 Nov 2013 19:12:40 +0000 (-0700)
+Subject: Fix bug by escaping strings from Nova before displaying them
+X-Git-Url: https://review.openstack.org/gitweb?p=openstack%2Fhorizon.git;a=commitdiff_plain;h=b14debc73132d1253220192e110f00f62ddb8bbc
+
+Fix bug by escaping strings from Nova before displaying them
+
+Fixes bug #1247675
+
+(cherry-picked from commit b8ff480)
+Change-Id: I3637faafec1e1fba081533ee020f4ee218fea101
+---
+
+diff --git a/openstack_dashboard/dashboards/project/images_and_snapshots/volume_snapshots/tables.py b/openstack_dashboard/dashboards/project/images_and_snapshots/volume_snapshots/tables.py
+index 2311e5c..17a4fb5 100644
+--- a/openstack_dashboard/dashboards/project/images_and_snapshots/volume_snapshots/tables.py
++++ b/openstack_dashboard/dashboards/project/images_and_snapshots/volume_snapshots/tables.py
+@@ -17,6 +17,7 @@
+ import logging
+
+ from django.core.urlresolvers import reverse
++from django.utils import html
+ from django.utils import safestring
+ from django.utils.http import urlencode
+ from django.utils.translation import ugettext_lazy as _
+@@ -68,6 +69,7 @@ class SnapshotVolumeNameColumn(tables.Column):
+ request = self.table.request
+ volume_name = api.cinder.volume_get(request,
+ snapshot.volume_id).display_name
++ volume_name = html.escape(volume_name)
+ return safestring.mark_safe(volume_name)
+
+ def get_link_url(self, snapshot):
+diff --git a/openstack_dashboard/dashboards/project/volumes/tables.py b/openstack_dashboard/dashboards/project/volumes/tables.py
+index b14145b..e5426c1 100644
+--- a/openstack_dashboard/dashboards/project/volumes/tables.py
++++ b/openstack_dashboard/dashboards/project/volumes/tables.py
+@@ -19,7 +19,7 @@ import logging
+ from django.core.urlresolvers import reverse, NoReverseMatch
+ from django.template.defaultfilters import title
+ from django.utils import safestring
+-from django.utils.html import strip_tags
++from django.utils import html
+ from django.utils.translation import ugettext_lazy as _
+
+ from horizon import exceptions
+@@ -111,7 +111,7 @@ def get_attachment_name(request, attachment):
+ "attachment information."))
+ try:
+ url = reverse("horizon:project:instances:detail", args=(server_id,))
+- instance = '<a href="%s">%s</a>' % (url, name)
++ instance = '<a href="%s">%s</a>' % (url, html.escape(name))
+ except NoReverseMatch:
+ instance = name
+ return instance
+@@ -132,7 +132,7 @@ class AttachmentColumn(tables.Column):
+ # without the server name...
+ instance = get_attachment_name(request, attachment)
+ vals = {"instance": instance,
+- "dev": attachment["device"]}
++ "dev": html.escape(attachment["device"])}
+ attachments.append(link % vals)
+ return safestring.mark_safe(", ".join(attachments))
+
+@@ -225,7 +225,7 @@ class AttachmentsTable(tables.DataTable):
+ def get_object_display(self, attachment):
+ instance_name = get_attachment_name(self.request, attachment)
+ vals = {"dev": attachment['device'],
+- "instance_name": strip_tags(instance_name)}
++ "instance_name": html.escape(instance_name)}
+ return _("%(dev)s on instance %(instance_name)s") % vals
+
+ def get_object_by_id(self, obj_id):
diff --git a/www-apps/horizon/files/cve-2013-6858_2013.2.patch b/www-apps/horizon/files/cve-2013-6858_2013.2.patch
new file mode 100644
index 000000000000..885aecbd190b
--- /dev/null
+++ b/www-apps/horizon/files/cve-2013-6858_2013.2.patch
@@ -0,0 +1,77 @@
+From 6179f70290783e55b10bbd4b3b7ee74db3f8ef70 Mon Sep 17 00:00:00 2001
+From: Rob Raymond <rob.raymond@hp.com>
+Date: Mon, 4 Nov 2013 12:12:40 -0700
+Subject: [PATCH] Fix bug by escaping strings from Nova before displaying them
+
+Fixes bug #1247675
+
+(cherry-picked from commit b8ff480)
+Change-Id: I3637faafec1e1fba081533ee020f4ee218fea101
+---
+ .../project/images_and_snapshots/volume_snapshots/tables.py | 2 ++
+ openstack_dashboard/dashboards/project/volumes/tables.py | 8 ++++----
+ 2 files changed, 6 insertions(+), 4 deletions(-)
+
+diff --git a/openstack_dashboard/dashboards/project/images_and_snapshots/volume_snapshots/tables.py b/openstack_dashboard/dashboards/project/images_and_snapshots/volume_snapshots/tables.py
+index 17008f5..e5a3c69 100644
+--- a/openstack_dashboard/dashboards/project/images_and_snapshots/volume_snapshots/tables.py
++++ b/openstack_dashboard/dashboards/project/images_and_snapshots/volume_snapshots/tables.py
+@@ -15,6 +15,7 @@
+ # under the License.
+
+ from django.core.urlresolvers import reverse # noqa
++from django.utils import html
+ from django.utils.http import urlencode # noqa
+ from django.utils import safestring
+ from django.utils.translation import ugettext_lazy as _ # noqa
+@@ -66,6 +67,7 @@ def get_raw_data(self, snapshot):
+ volume = snapshot._volume
+ if volume:
+ volume_name = volume.display_name or volume.id
++ volume_name = html.escape(volume_name)
+ else:
+ volume_name = _("Unknown")
+ return safestring.mark_safe(volume_name)
+diff --git a/openstack_dashboard/dashboards/project/volumes/tables.py b/openstack_dashboard/dashboards/project/volumes/tables.py
+index c84bf00..f993f18 100644
+--- a/openstack_dashboard/dashboards/project/volumes/tables.py
++++ b/openstack_dashboard/dashboards/project/volumes/tables.py
+@@ -17,7 +17,7 @@
+ from django.core.urlresolvers import NoReverseMatch # noqa
+ from django.core.urlresolvers import reverse # noqa
+ from django.template.defaultfilters import title # noqa
+-from django.utils.html import strip_tags # noqa
++from django.utils import html
+ from django.utils import safestring
+ from django.utils.translation import string_concat # noqa
+ from django.utils.translation import ugettext_lazy as _ # noqa
+@@ -125,7 +125,7 @@ def get_attachment_name(request, attachment):
+ "attachment information."))
+ try:
+ url = reverse("horizon:project:instances:detail", args=(server_id,))
+- instance = '<a href="%s">%s</a>' % (url, name)
++ instance = '<a href="%s">%s</a>' % (url, html.escape(name))
+ except NoReverseMatch:
+ instance = name
+ return instance
+@@ -146,7 +146,7 @@ def get_raw_data(self, volume):
+ # without the server name...
+ instance = get_attachment_name(request, attachment)
+ vals = {"instance": instance,
+- "dev": attachment["device"]}
++ "dev": html.escape(attachment["device"])}
+ attachments.append(link % vals)
+ return safestring.mark_safe(", ".join(attachments))
+
+@@ -249,7 +249,7 @@ def get_object_id(self, obj):
+ def get_object_display(self, attachment):
+ instance_name = get_attachment_name(self.request, attachment)
+ vals = {"dev": attachment['device'],
+- "instance_name": strip_tags(instance_name)}
++ "instance_name": html.escape(instance_name)}
+ return _("%(dev)s on instance %(instance_name)s") % vals
+
+ def get_object_by_id(self, obj_id):
+--
+1.8.5.1
+
diff --git a/www-apps/horizon/horizon-2013.1.4.ebuild b/www-apps/horizon/horizon-2013.1.4-r1.ebuild
index 0c43fa201674..b268a2baaeef 100644
--- a/www-apps/horizon/horizon-2013.1.4.ebuild
+++ b/www-apps/horizon/horizon-2013.1.4-r1.ebuild
@@ -1,6 +1,6 @@
# Copyright 1999-2013 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/www-apps/horizon/horizon-2013.1.4.ebuild,v 1.1 2013/10/29 06:21:54 prometheanfire Exp $
+# $Header: /var/cvsroot/gentoo-x86/www-apps/horizon/horizon-2013.1.4-r1.ebuild,v 1.1 2013/12/13 17:13:20 prometheanfire Exp $
EAPI=5
PYTHON_COMPAT=( python2_7 )
@@ -34,3 +34,5 @@ RDEPEND=">=dev-python/django-1.4[${PYTHON_USEDEP}]
<dev-python/python-swiftclient-2[${PYTHON_USEDEP}]
dev-python/pytz[${PYTHON_USEDEP}]
dev-python/lockfile[${PYTHON_USEDEP}]"
+
+PATCHES=( "${FILESDIR}/cve-2013-6858_2013.1.4.patch" )
diff --git a/www-apps/horizon/horizon-2013.2.ebuild b/www-apps/horizon/horizon-2013.2-r2.ebuild
index 12b3ab13b486..e0825600f358 100644
--- a/www-apps/horizon/horizon-2013.2.ebuild
+++ b/www-apps/horizon/horizon-2013.2-r2.ebuild
@@ -1,24 +1,39 @@
# Copyright 1999-2013 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/www-apps/horizon/horizon-2013.2.ebuild,v 1.1 2013/10/29 06:21:54 prometheanfire Exp $
+# $Header: /var/cvsroot/gentoo-x86/www-apps/horizon/horizon-2013.2-r2.ebuild,v 1.1 2013/12/13 17:13:20 prometheanfire Exp $
EAPI=5
PYTHON_COMPAT=( python2_7 )
inherit distutils-r1
-DESCRIPTION="Horizon is a Django-based project aimed at providing a complete
-OpenStack Dashboard."
+DESCRIPTION="A Django-based project aimed at providing a complete OpenStack Dashboard."
HOMEPAGE="https://launchpad.net/horizon"
SRC_URI="http://launchpad.net/${PN}/havana/${PV}/+download/${P}.tar.gz"
LICENSE="Apache-2.0"
SLOT="0"
KEYWORDS="~amd64 ~x86"
+IUSE="test"
DEPEND="dev-python/setuptools[${PYTHON_USEDEP}]
>=dev-python/pbr-0.5.21[${PYTHON_USEDEP}]
- <dev-python/pbr-1.0[${PYTHON_USEDEP}]"
+ <dev-python/pbr-1.0[${PYTHON_USEDEP}]
+ test? ( >=dev-python/hacking-0.5.6[${PYTHON_USEDEP}]
+ <dev-python/hacking-0.8[${PYTHON_USEDEP}]
+ >=dev-python/coverage-3.6[${PYTHON_USEDEP}]
+ >=dev-python/mox-0.5.3[${PYTHON_USEDEP}]
+ dev-python/django-nose[${PYTHON_USEDEP}]
+ dev-python/nose[${PYTHON_USEDEP}]
+ dev-python/nose-exclude[${PYTHON_USEDEP}]
+ dev-python/nosexcover[${PYTHON_USEDEP}]
+ >=dev-python/openstack-nose-plugin-0.7[${PYTHON_USEDEP}]
+ >=dev-python/nosehtmloutput-0.0.3[${PYTHON_USEDEP}]
+ dev-python/selenium[${PYTHON_USEDEP}]
+ >=dev-python/sphinx-1.1.2[${PYTHON_USEDEP}]
+ =dev-python/docutils-0.9.1-r1[${PYTHON_USEDEP}]
+ dev-python/oslo-sphinx[${PYTHON_USEDEP}]
+ )"
RDEPEND=">=dev-python/django-1.4[${PYTHON_USEDEP}]
<dev-python/django-1.6[${PYTHON_USEDEP}]
>=dev-python/django-compressor-1.3[${PYTHON_USEDEP}]
@@ -40,3 +55,9 @@ RDEPEND=">=dev-python/django-1.4[${PYTHON_USEDEP}]
<dev-python/python-troveclient-1[${PYTHON_USEDEP}]
>=dev-python/pytz-2010h[${PYTHON_USEDEP}]
>=dev-python/lockfile-0.8[${PYTHON_USEDEP}]"
+
+PATCHES=( "${FILESDIR}/cve-2013-6858_2013.2.patch" )
+
+src_test() {
+ ./run_tests.sh -N --coverage
+}