Thursday, 2023-01-19

opendevreviewTim Burke proposed openstack/swift master: tests: Ensure XXE injection tests have config loaded  https://review.opendev.org/c/openstack/swift/+/87100501:03
opendevreviewJianjian Huo proposed openstack/swift master: Proxy: restructure cached updating shard ranges  https://review.opendev.org/c/openstack/swift/+/87088603:22
opendevreviewJianjian Huo proposed openstack/swift master: Proxy: move '_get_update_shard' from base class to child class.  https://review.opendev.org/c/openstack/swift/+/87102206:26
opendevreviewTim Burke proposed openstack/swift master: tests: Ensure XXE injection tests have config loaded  https://review.opendev.org/c/openstack/swift/+/87100517:50
opendevreviewTim Burke proposed openstack/swift master: tests: Ensure XXE injection tests have config loaded  https://review.opendev.org/c/openstack/swift/+/87100519:26
opendevreviewTim Burke proposed openstack/swift master: Clean up some cruft  https://review.opendev.org/c/openstack/swift/+/87118120:56
opendevreviewTim Burke proposed openstack/swift stable/victoria: Fix stable gate  https://review.opendev.org/c/openstack/swift/+/87118521:19
opendevreviewMerged openstack/swift master: tests: Ensure XXE injection tests have config loaded  https://review.opendev.org/c/openstack/swift/+/87100521:49
opendevreviewTim Burke proposed openstack/swift stable/zed: tests: Ensure XXE injection tests have config loaded  https://review.opendev.org/c/openstack/swift/+/87113522:03
opendevreviewTim Burke proposed openstack/swift stable/yoga: s3api: Prevent XXE injections  https://review.opendev.org/c/openstack/swift/+/87082622:05
zigoHi there!22:09
zigotimburke: I'm trying to backport the last CVE patch, and I'm having the first line change that fails when backporting to train:22:09
zigohttps://review.opendev.org/c/openstack/swift/+/870828/1/test/unit/common/middleware/s3api/test_multi_delete.py#45822:09
zigoAny idea why?22:09
timburkezigo, not off-hand -- do you know what *is* in body when it fails?22:12
zigotimburke: https://paste.opendev.org/show/b67mAP7NcLDa32x9xpci/22:12
zigotimburke: Does this help?22:13
timburkeyes, thanks! that seems familiar -- i feel like there was some change over the years to do with that xml declaration... let me see if i can track it down... that first test change was unrelated to the CVE, fwiw -- could probably drop it for the backport22:14
zigoFYI, I got failures in all rocky to ussuri...22:15
zigoOh ok ! :)22:15
zigoThanks, that's helpful then.22:15
zigoI'll do that.22:15
zigotimburke: Also, FYI, I had to remove the usedforsecurity=False from the md5() call, as it seems it wasn't in earlier versions.22:18
zigoWas this a new thing of that md5() function for victoria and up? Or maybe in OpenSSL?22:18
zigoLooks like the diff is in buster vs bullseye...22:18
timburkecame in with https://github.com/openstack/swift/commit/5320ecbaf2c0e77842ab1ee3eb8106948dc06704 (part of getting FIPS support)22:19
zigoOk.22:21
timburkehmmm... maybe i was remembering listing_formats wrt xml declarations... https://github.com/openstack/swift/commit/1b0172f5d31d8bb862f8c9b017cccaf657b9323022:23
zigotimburke: Do I need to also backport that, or it's just unit tests and I can ignore?22:25
timburkejust unit tests -- i'd ignore for now22:25
zigoThanks a lot.22:25
timburkefwiw, i plan on getting backports up as far back as i can -- at some point in the last month i had working gates back through stein iirc, but they keep breaking in new and diverse ways :-(22:26
timburkei can be sure to loop you in on how it goes trying to get back to train22:27
zigotimburke: I have working env. in my Jenkins to build packages (with unit tests when building) up to Rocky.22:27
zigoRocky is in Buster, so Debian LTS...22:28
opendevreviewTim Burke proposed openstack/swift stable/xena: s3api: Prevent XXE injections  https://review.opendev.org/c/openstack/swift/+/87082722:28
timburkein the meeting this week, sounded like RH still had customers on queens, so you're in good company, i guess? going to do my best; this is exactly the sort of reason why i wanted to keep those old branches around, do what i can to help downstream packagers :-)22:31
zigoThis is the first time I'm in for Debian LTS ... :)22:32
opendevreviewTim Burke proposed openstack/swift stable/yoga: s3api: Prevent XXE injections  https://review.opendev.org/c/openstack/swift/+/87082622:35
opendevreviewTim Burke proposed openstack/swift stable/xena: s3api: Prevent XXE injections  https://review.opendev.org/c/openstack/swift/+/87082722:36
zigoAll of our public clusters are now up-to-date ! :)22:44
opendevreviewTim Burke proposed openstack/swift stable/ussuri: DNM: check stable gate health  https://review.opendev.org/c/openstack/swift/+/87119822:48
timburkezigo, 🎉22:48
opendevreviewTim Burke proposed openstack/swift stable/ussuri: Add attrs to lower-constraints  https://review.opendev.org/c/openstack/swift/+/87113623:53

Generated by irclog2html.py 2.17.3 by Marius Gedminas - find it at https://mg.pov.lt/irclog2html/!