Mercurial Mercurial > pub > hg > cubicweb / file revision
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
debian/control
author Laurent Peuch <cortex@worlddomination.be>
Fri, 12 Apr 2019 12:31:14 +0200
changeset 12584 6eba53763482
parent 12567 26744ad37953
child 12620 824105876352
permissions -rw-r--r--
Use secure hash algorithm in WebConfiguration.sign_text Fix: PendingDeprecationWarning: HMAC() without an explicit digestmod argument is deprecated. The default hash algorithm used by hmac.new is md5. As of today, md5 is so weak that it's the equivalent of plaintext and can't be considered to be secured at all. Therefor, we switch to a secure hash algorithm. The rational for choosing sha3_512 is: * the recommended algorithm is at least sha_256 * the stronger, the more secured and sha3_512 is the stronger available * thinking about the future this should keep this part of the code safe long enough before people think about checking it again You can read more about choosing a secure hash algorithm in the NIST recommendations https://csrc.nist.gov/Projects/Hash-Functions/NIST-Policy-on-Hash-Functions This code modification should normally be transparent since check_text_sign is exactly this code 'self.sign_text(text) == signature' and that sign_text is only used in combination with it. The only impact is that the hash is going to move from 32 char to 128 which might make html page a bit bigger and that sha3_512 is slow to compute (which is a good thing for security)

Source: cubicweb
Section: web
Priority: optional
Maintainer: Logilab S.A. <contact@logilab.fr>
Uploaders: Sylvain Thenault <sylvain.thenault@logilab.fr>,
           David Douard <david.douard@logilab.fr>,
Build-Depends:
 debhelper (>= 9),
 dh-python,
 dh-systemd,
 python-all,
 python-setuptools,
 python-six (>= 1.4.0),
 python-docutils,
 python-sphinx,
 python-logilab-common (>= 1.4.0),
 python-logilab-mtconverter,
 python-markdown,
 python-tz,
 python-rql (>= 0.34.0),
 python-yams (>= 0.45.0),
 python-lxml,
 python-setuptools,
 python-pyramid,
 python-pyramid-multiauth,
 python-waitress,
 python-passlib,
 python-repoze.lru,
 python-wsgicors,
 python-filelock,
 sphinx-common,
Standards-Version: 3.9.6
Homepage: https://www.cubicweb.org
X-Python-Version: >= 2.7


Package: python-cubicweb
Architecture: all
Depends:
 ${misc:Depends},
 ${python:Depends},
 python-six (>= 1.4.0),
 python-logilab-mtconverter (>= 0.8.0),
 python-logilab-common (>= 1.4.0),
 python-logilab-database (>= 1.15.0),
 python-yams (>= 0.45.0),
 python-rql (>= 0.34.0),
 python-lxml,
 python-markdown,
 python-passlib,
 python-tz,
 graphviz,
 python-filelock,
 gettext,
Recommends:
 cubicweb-ctl (= ${source:Version}),
 python-cubicweb-postgresql-support (= ${source:Version})
 | sqlite3,
 python-cubicweb-pyramid (= ${source:Version}),
# common recommends
 python-simpletal (>= 4.0),
 python-crypto,
# web recommends (mostly)
 python-docutils (>= 0.6),
 python-vobject,
 fckeditor,
 python-fyzz,
 python-imaging,
 python-rdflib,
 python-werkzeug,
# dev recommends
 python-pysqlite2,
Suggests:
 python-zmq,
 python-cwclientlib (>= 0.4.0),
 python-cubicweb-documentation (= ${source:Version}),
 w3c-dtd-xhtml,
 xvfb,
Replaces:
 cubicweb (<< 3.24.0-1~),
 cubicweb-server (<< 3.24.0-1~),
 cubicweb-web (<< 3.24.0-1~),
 cubicweb-core,
 cubicweb-common (<< 3.24.0-1~),
Breaks:
 cubicweb (<< 3.24.0-1~),
 cubicweb-server (<< 3.24.0-1~),
 cubicweb-inlinedit (<< 1.1.1),
 cubicweb-bootstrap (<< 0.6.6),
 cubicweb-folder (<< 1.10.0),
 cubicweb-web (<< 3.24.0-1~),
 cubicweb-comment (<< 1.9.1),
 cubicweb-person (<< 1.8.0),
 cubicweb-geocoding (<< 0.2.0),
 cubicweb-invoice (<< 0.6.1),
 cubicweb-mercurial-server (<< 0.4.2),
 cubicweb-forgotpwd (<< 0.4.3),
 cubicweb-registration (<< 0.4.3),
 cubicweb-vcsfile (<< 1.15.0),
 cubicweb-bootstrap (<< 0.6),
 cubicweb-common (<< 3.24.0-1~),
Provides:
 cubicweb,
 cubicweb-server,
 cubicweb-web-frontend,
 cubicweb-web,
 cubicweb-common,
Conflicts:
 cubicweb-multisources,
 cubicweb-core,
Description: the complete CubicWeb framework
 CubicWeb is a semantic web application framework.
 .
 This metapackage will install all the components you need to run cubicweb on a
 single machine. You can also deploy cubicweb by running the different process
 on different computers, in which case you need to install the corresponding
 packages on the different hosts.


Package: python-cubicweb-postgresql-support
Architecture: all
# postgresql-client packages for backup/restore of non local database
Replaces: cubicweb-postgresql-support (<< 3.24.0-1~)
Breaks: cubicweb-postgresql-support (<< 3.24.0-1~)
Provides: cubicweb-postgresql-support
Depends:
 ${misc:Depends},
 ${python:Depends},
 python-psycopg2,
 postgresql-client
Description: postgres support for the CubicWeb framework
 CubicWeb is a semantic web application framework.
 .
 This virtual package provides dependencies to use PostgreSQL for the
 cubicweb repository.


Package: python-cubicweb-pyramid
Architecture: all
Depends:
 python-cubicweb (= ${source:Version}),
 python-pyramid (>= 1.5.0),
 python-pyramid-multiauth,
 python-waitress (>= 0.8.9),
 python-wsgicors,
 python-repoze.lru,
Recommends:
 python-pyramid-debugtoolbar
Conflicts:
 pyramid-cubicweb
Replaces:
 pyramid-cubicweb
Description: meta package to use Pyramid as HTTP server for CubicWeb
 Provides pyramid extensions to load a CubicWeb instance and serve it through
 the pyramid stack.


Package: cubicweb-ctl
Architecture: all
Depends:
 ${misc:Depends},
 ${python:Depends},
 python-cubicweb (= ${source:Version})
Description: tool to manage the CubicWeb framework
 CubicWeb is a semantic web application framework.
 .
 This package provides a control script to manage (create, upgrade, start,
 stop, etc) CubicWeb applications. It also include the init.d script
 to automatically start and stop CubicWeb applications on boot or shutdown.


Package: python-cubicweb-documentation
Architecture: all
Section: doc
Replaces: cubicweb-documentation (<< 3.24.0-1~)
Breaks: cubicweb-documentation (<< 3.24.0-1~)
Provides: cubicweb-documentation
Depends:
 ${misc:Depends},
 ${sphinxdoc:Depends},
Recommends:
 doc-base
Description: documentation for the CubicWeb framework
 CubicWeb is a semantic web application framework.
 .
 This package provides the system's documentation.


# Transitional packages after renaming of (most) binary packages

Package: cubicweb
Architecture: all
Priority: extra
Section: oldlibs
Depends:
 python-cubicweb, ${misc:Depends}
Description: transitional package
  This is a transitional package. It can safely be removed.


Package: cubicweb-server
Architecture: all
Priority: extra
Section: oldlibs
Depends:
 python-cubicweb, ${misc:Depends}
Description: transitional package
  This is a transitional package. It can safely be removed.


Package: cubicweb-postgresql-support
Architecture: all
Priority: extra
Section: oldlibs
Depends:
 python-cubicweb-postgresql-support, ${misc:Depends}
Description: transitional package
  This is a transitional package. It can safely be removed.


Package: cubicweb-web
Architecture: all
Priority: extra
Section: oldlibs
Depends:
 python-cubicweb, ${misc:Depends}
Description: transitional package
  This is a transitional package. It can safely be removed.


Package: cubicweb-common
Architecture: all
Priority: extra
Section: oldlibs
Depends:
 python-cubicweb, ${misc:Depends}
Description: transitional package
  This is a transitional package. It can safely be removed.


Package: cubicweb-dev
Architecture: all
Priority: extra
Section: oldlibs
Depends:
 python-cubicweb, ${misc:Depends}
Description: transitional package
  This is a transitional package. It can safely be removed.


Package: cubicweb-documentation
Architecture: all
Priority: extra
Section: oldlibs
Depends:
 python-cubicweb-documentation, ${misc:Depends}
Description: transitional package
  This is a transitional package. It can safely be removed.
cubicweb