Your message dated Thu, 25 Sep 2014 15:29:49 +0000 with message-id <[email protected]> and subject line Bug#762749: fixed in python-keystoneclient 1:0.11.1-1 has caused the Debian Bug report #762749, regarding [CVE-2014-7144] TLS cert verification option not honored in paste configs to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact [email protected] immediately.) -- 762749: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=762749 Debian Bug Tracking System Contact [email protected] with problems
--- Begin Message ---Package: python-keystoneclient Severity: important Tags: security upstream patch fixed-upstream Hi there, the following vulnerabilities were published for python-keystoneclient: CVE-2014-7144: TLS cert verification option not honored in paste configs If you fix the vulnerabilities please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: http://seclists.org/oss-sec/2014/q3/620 https://review.openstack.org/#/c/113191/ Please adjust the affected versions in the BTS as needed. Can you please confirm to the security-team if the stable version is affected? Regards, luciano
--- End Message ---
--- Begin Message ---Source: python-keystoneclient Source-Version: 1:0.11.1-1 We believe that the bug you reported is fixed in the latest version of python-keystoneclient, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to [email protected], and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Thomas Goirand <[email protected]> (supplier of updated python-keystoneclient package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing [email protected]) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Thu, 25 Sep 2014 14:51:59 +0000 Source: python-keystoneclient Binary: python-keystoneclient Architecture: source all Version: 1:0.11.1-1 Distribution: experimental Urgency: medium Maintainer: PKG OpenStack <[email protected]> Changed-By: Thomas Goirand <[email protected]> Description: python-keystoneclient - client library for the OpenStack Keystone API Closes: 762749 Changes: python-keystoneclient (1:0.11.1-1) experimental; urgency=medium . * New upstream release: - This fixes CVE-2014-7144 (Closes: #762749). * Updated (build-)depends for this release. * Refreshed no-intersphinx.patch. * Removed do-not-call-TestCase.setUp-twice.patch, not needed anymore. Checksums-Sha1: 8655831c131464d8145b99707cb35af24b51ef55 2937 python-keystoneclient_0.11.1-1.dsc b87fb3182bf06208af57a184ad147fc2aa14d7be 233520 python-keystoneclient_0.11.1.orig.tar.xz cb8e1625148d638bee9471dee1bd3600ce4fdb50 26892 python-keystoneclient_0.11.1-1.debian.tar.xz 5f68182a54cbcd2c140ceda35cddcc942507fdd0 434784 python-keystoneclient_0.11.1-1_all.deb Checksums-Sha256: decdee0aea22e0094eec883f7463a6e29a3c0214fe8c97ec6c5238f71124b234 2937 python-keystoneclient_0.11.1-1.dsc dd25f723695f6c8faa7fad49438e394f136748003efbfcc8aa7c7de69a583a7b 233520 python-keystoneclient_0.11.1.orig.tar.xz c160447650604b544f449339bf1929f903f50112dc1de049733ff6cf6fe37dfe 26892 python-keystoneclient_0.11.1-1.debian.tar.xz 6bcf929a32c8bf68f6dbc8593a6a379466e998ed539562b949ae5b4fb0af2a26 434784 python-keystoneclient_0.11.1-1_all.deb Files: f57d977329adf713dc2f302b6cb5d56c 434784 python extra python-keystoneclient_0.11.1-1_all.deb 6121cca7ceacb7f385694e28f88128d7 2937 python extra python-keystoneclient_0.11.1-1.dsc a423b3eca6c1cdaf983870dcf88e99ec 233520 python extra python-keystoneclient_0.11.1.orig.tar.xz 2fdb02f29b6525e70cf9c08b05262054 26892 python extra python-keystoneclient_0.11.1-1.debian.tar.xz -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBCAAGBQJUJC83AAoJENQWrRWsa0P+RfQP/2HfYIksy70HZ3pR705VvLBh BvN5alIRh2mYTPBYZQ0w1wLzCeXSrzKRlamZ+3pHP27VHFEceENepZl10IJLjSax 3768QQAfifORHF2qRKpNZXSILYp9VdMedlKx0tILB0xQEUvL1GxMc4d2WGVYCD6Z 9exe2zD767lOXfuZMKDm258Z3hVM0Ei9eU6sOWi3QdWQEaoZnGqVi+DDiu25X74Y dIHNtHZgnhzEARiE7K4y/3rZNBlGLHfmLzSCe37Hnwt+KKP+6seHtIM354uAvd1N cLXKAoP6tyACRdnqYiau4XWl9Uiq3Pu7fp9h7ECljfW4FG1gSxxvkVFU75ymKg96 5sBAN/g0vLHiuBc+OBHC3sjSrLyEQ/QSujvrIBTh4dIVl1OprF9FQrmvj9CBSHeh CK4VpLNwqaTUjj6/lOZJVt8HpH8/rN36Q6zprYsxL6LedSfr5SuwdjDpx679yqsd XQLxc8OjtLTYegP+1jwkQZqtXjjamtalc2q8MiRfFeeQMNxPruBcs6xU+kfEf5ck q6p4066z2Pi35DkHLf0f37U6mLXKm6s/tlRqTDxJHfVLQCoJZhb1y8gGQgM7tSWa qU3lqARMbZgXcDGivxCImFgbgvAXiGD8WJUiujxDXqM2qNsm4SYejxOcLyWNKx8c H+fAobZXT/UU7qkhF2sc =9unU -----END PGP SIGNATURE-----
--- End Message ---
