|
@@ -9,6 +9,32 @@
|
|
|
|
|
|
|
|
If you're looking for versions prior to 3.0.x you should go to :ref:`history`.
|
|
If you're looking for versions prior to 3.0.x you should go to :ref:`history`.
|
|
|
|
|
|
|
|
|
|
+.. _version-3.0.25:
|
|
|
|
|
+
|
|
|
|
|
+3.0.25
|
|
|
|
|
+======
|
|
|
|
|
+:release-date: 2014-07-10 05:00 P.M UTC
|
|
|
|
|
+
|
|
|
|
|
+Security Fixes
|
|
|
|
|
+--------------
|
|
|
|
|
+
|
|
|
|
|
+* [Security: `CELERYSA-0002`_] Insecure default umask.
|
|
|
|
|
+
|
|
|
|
|
+ The built-in utility used to daemonize the Celery worker service sets
|
|
|
|
|
+ an insecure umask by default (umask 0).
|
|
|
|
|
+
|
|
|
|
|
+ This means that any files or directories created by the worker will
|
|
|
|
|
+ end up having world-writable permissions.
|
|
|
|
|
+
|
|
|
|
|
+ Special thanks to Red Hat for originally discovering and reporting the
|
|
|
|
|
+ issue!
|
|
|
|
|
+
|
|
|
|
|
+ This version will no longer set a default umask by default, so if unset
|
|
|
|
|
+ the umask of the parent process will be used.
|
|
|
|
|
+
|
|
|
|
|
+.. _`CELERYSA-0002`:
|
|
|
|
|
+ http://github.com/celery/celery/tree/master/docs/sec/CELERYSA-0002.txt
|
|
|
|
|
+
|
|
|
.. _version-3.0.24:
|
|
.. _version-3.0.24:
|
|
|
|
|
|
|
|
3.0.24
|
|
3.0.24
|
Ask Solem