From cf9f95e02ccb77e5d5cbfa9779b0f29984c7ed63aca8b17798ba8b9e0ce76eff Mon Sep 17 00:00:00 2001 From: Alexandre Rogoski Date: Mon, 28 Nov 2011 01:33:10 +0000 Subject: [PATCH] =?UTF-8?q?-=20Update=20to=202.4.4:=20=20=20-=20[Security:?= =?UTF-8?q?=20CELERYSA-0001]=20Daemons=20would=20set=20effective=20id?= =?UTF-8?q?=E2=80=99s=20=20=20=20=20rather=20than=20real=20id=E2=80=99s=20?= =?UTF-8?q?when=20the=20--uid/--gid=20arguments=20to=20=20=20=20=20celeryd?= =?UTF-8?q?-multi,=20celeryd=5Fdetach,=20celerybeat=20and=20celeryev=20wer?= =?UTF-8?q?e=20used.=20=20=20=20=20This=20means=20privileges=20weren?= =?UTF-8?q?=E2=80=99t=20properly=20dropped,=20and=20that=20it=20=20=20=20?= =?UTF-8?q?=20would=20be=20possible=20to=20regain=20supervisor=20privilege?= =?UTF-8?q?s=20later.=20=20=20-=20Processes=20pool:=20Fixed=20rare=20deadl?= =?UTF-8?q?ock=20at=20shutdown=20(Issue=20#523).=20=20=20-=20Webhook=20tas?= =?UTF-8?q?ks=20issued=20the=20wrong=20HTTP=20POST=20headers=20(Issue=20#5?= =?UTF-8?q?15).=20=20=20=20=20The=20Content-Type=20header=20has=20been=20c?= =?UTF-8?q?hanged=20from=20=20=20=20=20application/json=20=E2=87=92=20appl?= =?UTF-8?q?ication/x-www-form-urlencoded,=20and=20adds=20=20=20=20=20a=20p?= =?UTF-8?q?roper=20Content-Length=20header.=20=20=20-=20Daemonization=20co?= =?UTF-8?q?okbook:=20Adds=20a=20configuration=20example=20using=20=20=20?= =?UTF-8?q?=20=20Django=20and=20virtualenv=20together=20(Issue=20#505).=20?= =?UTF-8?q?=20=20-=20Generic=20init=20scripts=20now=20automatically=20crea?= =?UTF-8?q?tes=20log=20and=20pid=20=20=20=20=20file=20directories=20(Issue?= =?UTF-8?q?=20#545).?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-celery?expand=0&rev=43 --- celery-2.4.3.tar.bz2 | 3 --- celery-2.4.4.tar.bz2 | 3 +++ python-celery.changes | 21 +++++++++++++++++++++ python-celery.spec | 2 +- 4 files changed, 25 insertions(+), 4 deletions(-) delete mode 100644 celery-2.4.3.tar.bz2 create mode 100644 celery-2.4.4.tar.bz2 diff --git a/celery-2.4.3.tar.bz2 b/celery-2.4.3.tar.bz2 deleted file mode 100644 index 2dfd69c..0000000 --- a/celery-2.4.3.tar.bz2 +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:a3d1b7244702f2f841031605dc0e8b88827a4d86c713a9434713d28247f79e99 -size 810113 diff --git a/celery-2.4.4.tar.bz2 b/celery-2.4.4.tar.bz2 new file mode 100644 index 0000000..0972a21 --- /dev/null +++ b/celery-2.4.4.tar.bz2 @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:b6234cbc928dc5dd82f89fd6c97fcf748809dec17dbc3af20defd028eee2dfc3 +size 810772 diff --git a/python-celery.changes b/python-celery.changes index 144668f..3d09e27 100644 --- a/python-celery.changes +++ b/python-celery.changes @@ -1,3 +1,24 @@ +------------------------------------------------------------------- +Fri Nov 25 21:56:24 UTC 2011 - alexandre@exatati.com.br + +- Update to 2.4.4: + - [Security: CELERYSA-0001] Daemons would set effective id’s + rather than real id’s when the --uid/--gid arguments to + celeryd-multi, celeryd_detach, celerybeat and celeryev were used. + + This means privileges weren’t properly dropped, and that it + would be possible to regain supervisor privileges later. + + - Processes pool: Fixed rare deadlock at shutdown (Issue #523). + - Webhook tasks issued the wrong HTTP POST headers (Issue #515). + The Content-Type header has been changed from + application/json ⇒ application/x-www-form-urlencoded, and adds + a proper Content-Length header. + - Daemonization cookbook: Adds a configuration example using + Django and virtualenv together (Issue #505). + - Generic init scripts now automatically creates log and pid + file directories (Issue #545). + ------------------------------------------------------------------- Tue Nov 22 22:25:20 UTC 2011 - alexandre@exatati.com.br diff --git a/python-celery.spec b/python-celery.spec index 99c0e97..e056181 100644 --- a/python-celery.spec +++ b/python-celery.spec @@ -19,7 +19,7 @@ %{!?python_sitearch: %global python_sitearch %(%{__python} -c "from distutils.sysconfig import get_python_lib; print get_python_lib(1)")} Name: python-celery -Version: 2.4.3 +Version: 2.4.4 Release: 0 Url: http://celeryproject.org Summary: Distributed Task Queue