debian/0000755000000000000000000000000012015740421007162 5ustar debian/copyright0000644000000000000000000000364111751557170011136 0ustar This package was debianized by Oleksandr Moskalenko on Mon, 16 Oct 2006 22:00:11 -0600. It was downloaded from . Upstream Authors: Julian Krause and Ben Bangart. Copyright (c) 2006, 2007 Ben Bangert, Mike Bayer, Philip Jenvey and contributors. All rights reserved. License: This package is licensed under the BSD License. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: 1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. 2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. 3. The name of the author or contributors may not be used to endorse or promote products derived from this software without specific prior written permission. THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. The Debian packaging is copyright 2006-2010, Oleksandr Moskalenko and is licensed under the modified BSD License above. debian/clean0000644000000000000000000000001411751560352010173 0ustar *egg-info/* debian/control0000644000000000000000000000645111751562077010612 0ustar Source: beaker Section: python Priority: optional Maintainer: Debian Python Modules Team Uploaders: Oleksandr Moskalenko , Piotr Ożarowski Build-Depends: debhelper (>= 7) Build-Depends-Indep: python-all (>= 2.6.6-3), python3-all (>= 3.1.2-8), python-setuptools (>= 0.6b3-1~), python3-setuptools Standards-Version: 3.9.3 X-Python-Version: >= 2.5 Homepage: http://pypi.python.org/pypi/Beaker Vcs-Svn: svn://svn.debian.org/python-modules/packages/beaker/trunk/ Vcs-Browser: http://svn.debian.org/viewsvn/python-modules/packages/beaker/trunk/ Package: python-beaker Architecture: all Depends: ${python:Depends}, ${misc:Depends}, python Recommends: python-pkg-resources Suggests: python-sqlalchemy (>= 0.4), python-pycryptopp | python-crypto, python-pylibmc | python-memcache Enhances: python-pylons Description: cache and session library Beaker is a web session and general caching library that includes WSGI middleware for use in web applications. . As a general caching library, Beaker can handle storing for various times any Python object that can be pickled with optional back-ends on a fine-grained basis. . Features: * Fast, robust performance * Multiple reader/single writer lock system to avoid duplicate simultaneous cache creation * Cache back-ends include dbm, file, memory, memcached, and database (using SQLAlchemy for multiple-db vendor support) * Signed cookies to prevent session hijacking/spoofing * Cookie-only sessions to remove the need for a database or file backend (ideal for clustered systems) * Extensible Container object to support new back-ends * Caches can be divided into namespaces (to represent templates, objects, etc.) then keyed for different copies * Create functions for automatic call-backs to create new cache copies after expiration * Fine-grained toggling of back-ends, keys, and expiration per Cache object Package: python3-beaker Architecture: all Depends: ${python3:Depends}, ${misc:Depends} Recommends: ${python3:Recommends}, python3-pkg-resources Suggests: ${python3:Suggests}, python3-sqlalchemy # Suggests: python3-pycryptopp | python3-crypto, python3-pylibmc | python3-memcache Description: cache and session library for Python 3 Beaker is a web session and general caching library that includes WSGI middleware for use in web applications. . As a general caching library, Beaker can handle storing for various times any Python object that can be pickled with optional back-ends on a fine-grained basis. . Features: * Fast, robust performance * Multiple reader/single writer lock system to avoid duplicate simultaneous cache creation * Cache back-ends include dbm, file, memory, memcached, and database (using SQLAlchemy for multiple-db vendor support) * Signed cookies to prevent session hijacking/spoofing * Cookie-only sessions to remove the need for a database or file backend (ideal for clustered systems) * Extensible Container object to support new back-ends * Caches can be divided into namespaces (to represent templates, objects, etc.) then keyed for different copies * Create functions for automatic call-backs to create new cache copies after expiration * Fine-grained toggling of back-ends, keys, and expiration per Cache object debian/rules0000755000000000000000000000224211751562404010253 0ustar #!/usr/bin/make -f # -*- makefile -*- PYVERS=$(shell pyversions -vr) PY3VERS=$(shell py3versions -vs) -include /usr/share/python/python.mk ifeq (,$(py_libdir)) py_libdir = /usr/lib/python$(subst python,,$(1))/site-packages endif pkgdir = $(CURDIR)/debian/python$(if $(patsubst 3.%,,$(1)),,3)-beaker clean: dh_testdir dh_testroot rm -rf build find . -name *.py[co] -delete dh_clean build-* build: build-indep build-arch: build-indep: dh_testdir python setup.py build touch $@ install: $(PYVERS:%=install-python%) $(PY3VERS:%=install-python%) install-python%: python$* setup.py install \ $(py_setup_install_args) \ --single-version-externally-managed \ --root $(call pkgdir,$*) -dpkg --compare-versions '$*' lt '2.5' && \ rm -f $(call pkgdir,$*)/$(call py_libdir,$*)/beaker/ext/google.py binary-indep: build install dh_testdir dh_testroot dh_installdirs dh_installchangelogs dh_installdocs dh_installexamples dh_python2 dh_python3 dh_compress -X.py dh_fixperms dh_installdeb dh_gencontrol dh_md5sums dh_builddeb -- -Z bzip2 binary-arch: binary: binary-indep binary-arch .PHONY: build build-arch clean binary-indep binary-arch binary install debian/changelog0000644000000000000000000002311012015737740011043 0ustar beaker (1.6.3-1.1) unstable; urgency=low * Non-maintainer upload. * Fix security issue, with PyCrypto not securing data such that an attacker could possibly determine parts of the encrypted payload. Patch by Miloslav Trmac of Redhat. [CVE-2012-3458] Closes: #684890 -- David Prévot Fri, 24 Aug 2012 13:54:13 -0400 beaker (1.6.3-1) unstable; urgency=low [ Andrey Rahmatullin ] * Update Standards-Version to 3.9.1 (no change needed) * Switch from dh_pysupport to dh_python2 [ Piotr Ożarowski ] * New upstream release - delete_cookie's expire date calculated via timedelta instead or .replace(year=2003). Closes: #661670 * Remove egg-info/* files in clean target (regenerated in install) - debhelper compatibility level bumped to 7 (debian/clean file used) * Source format changed to 3.0 (quilt) * Standards-Version bumped to 3.9.3 (no changes needed) -- Piotr Ożarowski Sun, 06 May 2012 22:26:32 +0200 beaker (1.5.4-4) unstable; urgency=low * Upload to unstable -- Piotr Ożarowski Thu, 23 Sep 2010 20:55:25 +0200 beaker (1.5.4-3) experimental; urgency=low * Rebuild against newer python3 package (python3.1 now uses /usr/lib/python3/) * Minimum python3-all version bumped to 3.1.2-8 -- Piotr Ożarowski Sun, 12 Sep 2010 17:36:35 +0200 beaker (1.5.4-2) experimental; urgency=low * Provide python3-beaker * Provide pydist files -- Piotr Ożarowski Mon, 06 Sep 2010 21:51:45 +0200 beaker (1.5.4-1) unstable; urgency=low * New upstream release -- Piotr Ożarowski Sat, 19 Jun 2010 12:30:25 +0200 beaker (1.5.3-1) unstable; urgency=low * New upstream release -- Piotr Ożarowski Wed, 03 Mar 2010 00:37:43 +0100 beaker (1.5.2-1) unstable; urgency=low * New upstream release * Add python-pkg-resources to Recommends * Move python-sqlalchemy to Suggests * Add python-pylibmc | python-memcache and python-pycryptopp | python-crypto to Suggests -- Piotr Ożarowski Tue, 02 Mar 2010 22:00:18 +0100 beaker (1.5.1-4) unstable; urgency=low * debian/control: - Switched package to DPMT group maintenance with Piotr Ozarowski and myself as uploaders for now. - Updated Standards-Version to 3.8.4. * debian/copyright: Changed debian packaging copyright to BSD and updated upstream copyright to BSD. -- Oleksandr Moskalenko Thu, 18 Feb 2010 14:53:43 -0600 beaker (1.5.1-3) unstable; urgency=low [ Piotr Ożarowski ] * Really drop Python 2.4 (Closes: #564209) -- Debian Python Modules Team Sun, 24 Jan 2010 20:58:42 +0100 beaker (1.5.1-2) unstable; urgency=low * debian/control: Dropped python2.4. -- OM Fri, 08 Jan 2010 09:42:18 -0600 beaker (1.5.1-1) unstable; urgency=low * New upstream release. -- Oleksandr Moskalenko Thu, 07 Jan 2010 23:25:19 -0600 beaker (1.4.1-1) unstable; urgency=low * New upstream release. -- Oleksandr Moskalenko Mon, 21 Sep 2009 21:40:11 -0400 beaker (1.4-1) unstable; urgency=low * New upstream release. * debian/changelog: Updated standards-version to 3.8.3.0. -- Oleksandr Moskalenko Wed, 19 Aug 2009 23:30:28 -0400 beaker (1.3.1-1) unstable; urgency=low [ Piotr Ożarowski ] * New upstream release. * debian/rules works fine with python2.6 and its dist-packages now * Short and long description updated * Moved python-all and python-setuptools to Build-Depends-Indep * debian/dirs removed, no longer needed * Standards-version bumped to 3.8.2 (no changes needed) -- Debian Python Modules Team Tue, 16 Jun 2009 21:34:05 +0200 beaker (1.3-1) unstable; urgency=low * New upstream release. * debian/control: Updated standards version to 3.8.1. -- Oleksandr Moskalenko Thu, 23 Apr 2009 09:33:15 -0500 beaker (1.2.2-1) unstable; urgency=low * New upstream release. -- Oleksandr Moskalenko Mon, 23 Feb 2009 13:31:18 -0700 beaker (1.2.1-1) unstable; urgency=low * New upstream release. -- Oleksandr Moskalenko Mon, 09 Feb 2009 17:40:28 -0700 beaker (1.2-1) unstable; urgency=low * New upstream release. -- Oleksandr Moskalenko Mon, 26 Jan 2009 12:40:21 -0700 beaker (1.1.3-1) unstable; urgency=low * New upstream release, confirmed to work with sqlalchemy 0.5. -- Oleksandr Moskalenko Thu, 15 Jan 2009 12:32:12 -0700 beaker (1.1.2-1) unstable; urgency=low * New upstream release. -- Oleksandr Moskalenko Tue, 25 Nov 2008 08:15:08 -0700 beaker (1.1-1) unstable; urgency=low * New upstream release. * debian/NEWS: added a note about incompatible cache. * debian/ruls: Removed -i from dh_* calls. * have dirs, so remove python-beaker.dirs. * debian/control: Moved python-support to Build-Depends-Indep. -- Oleksandr Moskalenko Sun, 23 Nov 2008 12:53:39 -0700 beaker (1.0.3-1) unstable; urgency=low * New upstream release. -- Oleksandr Moskalenko Wed, 05 Nov 2008 11:39:09 -0700 beaker (1.0.2-2) experimental; urgency=low * debian/control - switch Vcs-Browser field to viewsvn -- Sandro Tosi Mon, 03 Nov 2008 22:12:45 +0100 beaker (1.0.2-1) unstable; urgency=low * New upstream release. * debian/control: - Removed XS-Python-Version - not needed by python-support. - Removed XB-Python-Version - not needed by python-support. - Removed python (>= 2.3.3) from Build-Depends - not needed by python-support. - Removed python from Depends. Only ${python:Depends} is necessary there. -- Oleksandr Moskalenko Tue, 30 Sep 2008 13:20:11 -0600 beaker (1.0-1) unstable; urgency=low [ Oleksandr Moskalenko ] * New upstream release, required for pylons 0.9.7 release candidate. [ Carlos Galisteo ] * debian/control - Homepage field added. -- Oleksandr Moskalenko Fri, 15 Aug 2008 10:23:13 -0600 beaker (0.9.5-1) unstable; urgency=low * New upstream release. * debian/rules: Do not put google.py into python2.'s dirs (Closes: #479484). * debian/control: - Updated Standarts-Version to 3.8.0 per lintian warning. - Changed Build-Depends python-setuptools from 0.6b3-1 to 0.6b3 per lintian warning. -- Oleksandr Moskalenko Tue, 01 Jul 2008 12:22:13 -0600 beaker (0.9.4-1) unstable; urgency=low * New upstream release. -- Oleksandr Moskalenko Thu, 24 Apr 2008 11:51:10 -0600 beaker (0.9.2.d1-1) unstable; urgency=low * Package upstream trunk as a new release to upload unreleased fixes. -- Oleksandr Moskalenko Sun, 24 Feb 2008 10:37:53 -0700 beaker (0.9.2-1) unstable; urgency=low * New upstream release. -- Oleksandr Moskalenko Sat, 16 Feb 2008 16:49:21 -0700 beaker (0.9-1) unstable; urgency=low * New upstream release. * debian/control: - Updated Standards-Version to 3.7.3. - Changed section from "web" to "python" as recommended by lintian. -- Oleksandr Moskalenko Sun, 06 Jan 2008 22:32:31 -0700 beaker (0.8-1) unstable; urgency=low [ Oleksandr Moskalenko ] * New upstream release. [Piotr Ożarowski ] * Rename XS-Vcs-* fields to Vcs-* (dpkg supports them now) -- Oleksandr Moskalenko Tue, 30 Oct 2007 18:17:15 -0600 beaker (0.7.5-1) unstable; urgency=low * New upstream release. -- Oleksandr Moskalenko Tue, 04 Sep 2007 16:42:49 -0600 beaker (0.7.4-1) unstable; urgency=low * New upstream release. -- Oleksandr Moskalenko Sun, 15 Jul 2007 16:40:21 -0600 beaker (0.7.3-1) unstable; urgency=low * New upstream release. -- Oleksandr Moskalenko Tue, 26 Jun 2007 16:04:20 -0600 beaker (0.7.2-1) unstable; urgency=low * New upstream release. * (0.7.1-1): [Piotr Ożarowski ] - python-myghtyutils dependency removed (no longer used). - python-sqlalchemy added to Recommends. -- Oleksandr Moskalenko Mon, 21 May 2007 09:09:44 -0600 beaker (0.6.3-3) unstable; urgency=low * Piotr Ożarowski : + New python-support handles egg's directory name correctly - bump python-support required version - remove mv part from debian/rules -- Oleksandr Moskalenko Mon, 14 May 2007 09:39:09 -0600 beaker (0.6.3-2) unstable; urgency=low * Etch has been released. Upload into Unstable. -- Oleksandr Moskalenko Tue, 10 Apr 2007 11:44:44 -0600 beaker (0.6.3-1) experimental; urgency=low * New upstream version (upload to experimental until Etch releases). -- Oleksandr Moskalenko Thu, 29 Mar 2007 16:17:55 -0600 beaker (0.6.2-2) experimental; urgency=low * debian/control: - Added Debian Python Modules Team to Uploaders. - Added XS-Vcs-Svn and XS-Vcs-Browser control fields. -- Oleksandr Moskalenko Mon, 29 Jan 2007 11:37:37 -0700 beaker (0.6.2-1) experimental; urgency=low * New upstream version (upload to experimental due to Etch freeze). -- Oleksandr Moskalenko Fri, 12 Jan 2007 11:00:59 -0700 beaker (0.6.1-1) unstable; urgency=low * Initial release (Closes: #393756). -- Oleksandr Moskalenko Mon, 16 Oct 2006 22:46:18 -0600 debian/python3-beaker.pydist0000644000000000000000000000002611751557170013266 0ustar Beaker python3-beaker debian/source/0000755000000000000000000000000011751557170010477 5ustar debian/source/format0000644000000000000000000000001411647112575011705 0ustar 3.0 (quilt) debian/patches/0000755000000000000000000000000012015741100010604 5ustar debian/patches/fix_CVE-2012-3458.patch0000644000000000000000000000225712015741100014101 0ustar From: Ben Bangert Subject : Fix security issue CVE-2012-3458 Fix security issue, with PyCrypto not securing data such that an attacker could possibly determine parts of the encrypted payload. Patch by Miloslav Trmac of Redhat. [CVE-2012-3458] Origin: upstream, https://github.com/bbangert/beaker/commit/91becae76101cf87ce8cbfabe3af2622fc328fe5 Bug-Debian: http://bugs.debian.org/684890 --- beaker-1.6.3.orig/beaker/crypto/pycrypto.py +++ beaker-1.6.3/beaker/crypto/pycrypto.py @@ -15,17 +15,18 @@ try: except ImportError: from Crypto.Cipher import AES + from Crypto.Util import Counter def aesEncrypt(data, key): - cipher = AES.new(key) + cipher = AES.new(key, AES.MODE_CTR, + counter=Counter.new(128, initial_value=0)) - data = data + (" " * (16 - (len(data) % 16))) return cipher.encrypt(data) def aesDecrypt(data, key): - cipher = AES.new(key) - - return cipher.decrypt(data).rstrip() + cipher = AES.new(key, AES.MODE_CTR, + counter=Counter.new(128, initial_value=0)) + return cipher.decrypt(data) def getKeyLength(): return 32 debian/patches/series0000644000000000000000000000003012015740421012017 0ustar fix_CVE-2012-3458.patch debian/watch0000644000000000000000000000011711751557170010227 0ustar version=3 http://pypi.python.org/packages/source/B/Beaker/Beaker-(.*)\.tar\.gz debian/python-beaker.pydist0000644000000000000000000000002511751557170013202 0ustar Beaker python-beaker debian/compat0000644000000000000000000000000211751560647010400 0ustar 7 debian/NEWS0000644000000000000000000000100411751557170007671 0ustar beaker (1.1-1) unstable; urgency=low From: Ben Bangert Subject: Beaker 1.1 Release Beaker 1.1 has been released. I only mention it here because those upgrading should note that the pickled file format for Beaker has CHANGED. This means that ALL PRIOR BEAKER CACHE FILES SHOULD BE REMOVED AFTER UPGRADING. Otherwise your application will throw errors as it won't find the expected values in the cache. -- Oleksandr Moskalenko Sun, 23 Nov 2008 12:53:39 -0700