|
@@ -5,6 +5,30 @@
|
|
|
.. contents::
|
|
|
:local:
|
|
|
|
|
|
+.. _version-2.2.8:
|
|
|
+
|
|
|
+2.2.8
|
|
|
+=====
|
|
|
+:release-date: 2011-11-25 16:00 P.M GMT
|
|
|
+:by: Ask Solem
|
|
|
+
|
|
|
+.. _v228-security-fixes:
|
|
|
+
|
|
|
+Security Fixes
|
|
|
+--------------
|
|
|
+
|
|
|
+* [Security: `CELERYSA-0001`_] Daemons would set effective id's rather than
|
|
|
+ real id's when the :option:`--uid`/:option:`--gid` arguments to
|
|
|
+ :program:`celeryd-multi`, :program:`celeryd_detach`,
|
|
|
+ :program:`celerybeat` and :program:`celeryev` were used.
|
|
|
+
|
|
|
+ This means privileges weren't properly dropped, and that it would
|
|
|
+ be possible to regain supervisor privileges later.
|
|
|
+
|
|
|
+
|
|
|
+.. _`CELERYSA-0001`:
|
|
|
+ http://github.com/ask/celery/tree/master/docs/sec/CELERYSA-0001.txt
|
|
|
+
|
|
|
.. _version-2.2.7:
|
|
|
|
|
|
2.2.7
|