Bug#707598: marked as done (CVE-2013-2059: Keystone tokens not immediately invalidated when user is deleted [OSSA 2013-011])

Wed, 29 May 2013 12:19:20 -0700 

Your message dated Wed, 29 May 2013 19:17:05 +0000
with message-id <[email protected]>
and subject line Bug#707598: fixed in keystone 2012.1.1-13+wheezy1
has caused the Debian Bug report #707598,
regarding CVE-2013-2059: Keystone tokens not immediately invalidated when user 
is deleted [OSSA 2013-011]
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)


-- 
707598: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=707598
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message --- 
Package: keystone
Severity: important
Tags: security patch
Justification: user security hole

Please see: http://lists.openstack.org/pipermail/openstack-announce/2013-
May/000099.html

Cheers, luciano

--- End Message ---
--- Begin Message --- 
Source: keystone
Source-Version: 2012.1.1-13+wheezy1

We believe that the bug you reported is fixed in the latest version of
keystone, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Thomas Goirand <[email protected]> (supplier of updated keystone package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.8
Date: Fri, 10 May 2013 10:09:14 +0800
Source: keystone
Binary: python-keystone keystone keystone-doc
Architecture: source all
Version: 2012.1.1-13+wheezy1
Distribution: wheezy-proposed-updates
Urgency: low
Maintainer: PKG OpenStack <[email protected]>
Changed-By: Thomas Goirand <[email protected]>
Description: 
 keystone   - OpenStack identity service
 keystone-doc - OpenStack identity service - documentation
 python-keystone - OpenStack identity service - library
Closes: 707598
Changes: 
 keystone (2012.1.1-13+wheezy1) wheezy-proposed-updates; urgency=low
 .
   * CVE-2013-2059: Keystone tokens not immediately invalidated when user is
     deleted [OSSA 2013-011]. Added backported to Essex patch which I picked-up
     from Launchpad. Thanks to the Canonical security team (Closes: #707598).
Checksums-Sha1: 
 b587bb64812f6009b1078688df30567e33d92d49 1934 keystone_2012.1.1-13+wheezy1.dsc
 4b57ee6ea66100f210af048c78be9c973495d7e5 31781 
keystone_2012.1.1-13+wheezy1.debian.tar.gz
 ef702dfdd70236e0017dc6258a1849ec301f948a 93018 
python-keystone_2012.1.1-13+wheezy1_all.deb
 4dac74564c69b83581a96f912da1c5c52d4c4ccd 18598 
keystone_2012.1.1-13+wheezy1_all.deb
 691eacf79a4466245c4ba2493593116d27abd853 240726 
keystone-doc_2012.1.1-13+wheezy1_all.deb
Checksums-Sha256: 
 a584cf246c9494d42c02a6b027cfd47aba7ea22b94165c0bd0f74088b1ef2f73 1934 
keystone_2012.1.1-13+wheezy1.dsc
 f28e58ad86ec74574d7074a82c2e2ea2b57dd2780d1470183924731ef49f819e 31781 
keystone_2012.1.1-13+wheezy1.debian.tar.gz
 577643df7eada634af514a139a126f13b5d0826bf86ff0fa91dcc8a57b9fea7b 93018 
python-keystone_2012.1.1-13+wheezy1_all.deb
 4c627e71a1a5dd6fe4a1007eef7b8815e41047637db17c5204ec78a65bb3e0c9 18598 
keystone_2012.1.1-13+wheezy1_all.deb
 6d067d97dc0fc7d7c7e36c6036418b4e2260aae22986ad5d2a9b4dbe5fe111f7 240726 
keystone-doc_2012.1.1-13+wheezy1_all.deb
Files: 
 d6649038cd86b0fef3a76c0b4071a47c 1934 net extra 
keystone_2012.1.1-13+wheezy1.dsc
 cfb036cd33e8b76b89b656667b372755 31781 net extra 
keystone_2012.1.1-13+wheezy1.debian.tar.gz
 d575f43d18e2836467dfd653e9950281 93018 python extra 
python-keystone_2012.1.1-13+wheezy1_all.deb
 512ce6c7ce9242843f0e9b7fb03cd90e 18598 python extra 
keystone_2012.1.1-13+wheezy1_all.deb
 4bf57bdfa4f80066c797ba86d8bb9a6d 240726 doc extra 
keystone-doc_2012.1.1-13+wheezy1_all.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iEYEARECAAYFAlGMXhQACgkQl4M9yZjvmkkKcACgqoMWrO6neo6SCiXIv8GGZ9xy
+JkAoJn/eeIrKdLdrhoF47CZOWDEAiz+
=A3yO
-----END PGP SIGNATURE-----

--- End Message ---

Reply via email to