Bug#686812: marked as done (swift: CVE-2012-4406)

[Debian Bug Tracking System]

Your message dated Thu, 06 Sep 2012 09:03:00 +0000
with message-id <e1t9xzi-0002zh...@franck.debian.org>
and subject line Bug#686812: fixed in swift 1.4.8-2
has caused the Debian Bug report #686812,
regarding swift: CVE-2012-4406
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
686812: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=686812
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

--- Begin Message ---

Package: swift
Severity: grave
Tags: security
Justification: user security hole

This was assigned CVE-2012-4406:
https://bugs.launchpad.net/swift/+bug/1006414

Cheers,
        Moritz

--- End Message ---

--- Begin Message ---

Source: swift
Source-Version: 1.4.8-2

We believe that the bug you reported is fixed in the latest version of
swift, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 686...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Thomas Goirand <z...@debian.org> (supplier of updated swift package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.8
Date: Thu, 06 Sep 2012 08:40:18 +0000
Source: swift
Binary: python-swift swift swift-proxy swift-object swift-container 
swift-account swift-doc
Architecture: source all
Version: 1.4.8-2
Distribution: unstable
Urgency: high
Maintainer: PKG OpenStack <openstack-de...@lists.alioth.debian.org>
Changed-By: Thomas Goirand <z...@debian.org>
Description: 
 python-swift - OpenStack Object Storage - libraries
 swift      - OpenStack Object Storage - common files
 swift-account - OpenStack Object Storage - account server
 swift-container - OpenStack Object Storage - container server
 swift-doc  - OpenStack Object Storage - documentation
 swift-object - OpenStack Object Storage - object server
 swift-proxy - OpenStack Object Storage - proxy server
Closes: 686812
Changes: 
 swift (1.4.8-2) unstable; urgency=high
 .
   * CVE-2012-4406: Do not use pickle for serialization in memcache, but JSON
   (Closes: #686812).
Checksums-Sha1: 
 8eb4306e03af91b02b7460b5b7bf56b1bcb7b896 1803 swift_1.4.8-2.dsc
 a0bcebc9c8394c6db123c9963407fe8e66f05b61 16404 swift_1.4.8-2.debian.tar.gz
 5ab786eacb09038e3163c6d07379af15a216a012 165356 python-swift_1.4.8-2_all.deb
 9555548dc7f6ddb9f48c32b51c339f91f4337c21 42818 swift_1.4.8-2_all.deb
 85c90fedc1d8551394b5c7767751d6eda9698b37 12546 swift-proxy_1.4.8-2_all.deb
 e24a66913dc6b01ff21b5868bda790e2b57df6c3 12894 swift-object_1.4.8-2_all.deb
 9f3c10343dfa0259ed3741f6b936dd1964d4eed4 11242 swift-container_1.4.8-2_all.deb
 69a68a16d345d3aca0943f1bb05e0f04e5317293 11366 swift-account_1.4.8-2_all.deb
 e73e41ecc684a873c231bf7dfe37fe59b05e1c55 255616 swift-doc_1.4.8-2_all.deb
Checksums-Sha256: 
 a648bb1f05ea89a3580f251f56ba81e67c47f93728981a4f09bdb195e59b3beb 1803 
swift_1.4.8-2.dsc
 656b793df9d27ae30c5617b27464c8559a4c2f0264de4b532771521b71d908ac 16404 
swift_1.4.8-2.debian.tar.gz
 cf6452e259d60d61a8b3e404f22d230e47fd28078ec7deeab388b0fbe58b5621 165356 
python-swift_1.4.8-2_all.deb
 8e282689ee6e391d8c2469c94edb67d752452b5f261b78f2e2f39a90c4c9d951 42818 
swift_1.4.8-2_all.deb
 84a543210847d8c3f33f3d8dc5b57c261bc6e3ce7361f9d14fda9f55028ca9f7 12546 
swift-proxy_1.4.8-2_all.deb
 a1d3a3a8d0cb3580e97306b3f1c8238467e287b0f4be225f5eb7f3c61d16bfee 12894 
swift-object_1.4.8-2_all.deb
 e9df54859d80b0fb18bd853aa09c09379ed565eccb5b79b45fcd001fb7910564 11242 
swift-container_1.4.8-2_all.deb
 347e4a1c710652c97d49c0cc699fee4b98b81585c1bd78e6173c4f05089b0266 11366 
swift-account_1.4.8-2_all.deb
 9c573c25f4ffeb2898b1a168999297069c53e2d8399b260c13e41c545ca02467 255616 
swift-doc_1.4.8-2_all.deb
Files: 
 e704b2379b4e967c0b41fe606ab923ea 1803 net optional swift_1.4.8-2.dsc
 923f045213a3762f01203088923d23b7 16404 net optional swift_1.4.8-2.debian.tar.gz
 c7bbce63d1ebef5eebf2ed53b3d34fc2 165356 python optional 
python-swift_1.4.8-2_all.deb
 57b777a5a246f3c73d43a4dc9aa9c3a6 42818 net optional swift_1.4.8-2_all.deb
 9a9b69a4136d4eac7c52891d51de1e56 12546 net optional swift-proxy_1.4.8-2_all.deb
 791d01bae18c2a8c249b1f3f8f1b72ce 12894 net optional 
swift-object_1.4.8-2_all.deb
 6fa744f0aca5882c0519a530a125f2b3 11242 net optional 
swift-container_1.4.8-2_all.deb
 49926bedbddb9a981fbc3f7a894ed7f7 11366 net optional 
swift-account_1.4.8-2_all.deb
 d9b372191a6b55a0555485fec0fabdb0 255616 doc optional swift-doc_1.4.8-2_all.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iEYEARECAAYFAlBIZNMACgkQl4M9yZjvmklH1QCfZpjTWsoQR6DzbO+90vj1giV3
BkkAmwRNN8EO8m9MVRfpTkJGa8yWwmw4
=rmKT
-----END PGP SIGNATURE-----

--- End Message ---