Your message dated Thu, 25 Sep 2014 07:36:32 +0000 with message-id <[email protected]> and subject line Bug#762748: fixed in python-keystonemiddleware 1.0.0-3 has caused the Debian Bug report #762748, regarding [CVE-2014-7144] TLS cert verification option not honoured in paste configs to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact [email protected] immediately.) -- 762748: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=762748 Debian Bug Tracking System Contact [email protected] with problems
--- Begin Message ---Package: python-keystonemiddleware Severity: important Tags: security upstream patch fixed-upstream Hi there, the following vulnerabilities were published for python-keystonemiddleware: CVE-2014-7144: TLS cert verification option not honoured in paste configs If you fix the vulnerabilities please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: http://seclists.org/oss-sec/2014/q3/620 https://review.openstack.org/#/c/113191/ Please adjust the affected versions in the BTS as needed. Regards, luciano
--- End Message ---
--- Begin Message ---Source: python-keystonemiddleware Source-Version: 1.0.0-3 We believe that the bug you reported is fixed in the latest version of python-keystonemiddleware, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to [email protected], and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Thomas Goirand <[email protected]> (supplier of updated python-keystonemiddleware package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing [email protected]) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Thu, 25 Sep 2014 07:16:29 +0000 Source: python-keystonemiddleware Binary: python-keystonemiddleware python-keystonemiddleware-doc Architecture: source all Version: 1.0.0-3 Distribution: unstable Urgency: medium Maintainer: PKG OpenStack <[email protected]> Changed-By: Thomas Goirand <[email protected]> Description: python-keystonemiddleware - Middleware for OpenStack Identity (Keystone) - Python 2.x python-keystonemiddleware-doc - Middleware for OpenStack Identity (Keystone) - doc Closes: 762748 Changes: python-keystonemiddleware (1.0.0-3) unstable; urgency=medium . * Added CVE-2014-7144_convert_the_conf_value_into_correct_type.patch. Thanks to Luciano Bello <[email protected]> for the report (Closes: #762748). Checksums-Sha1: f8b8c735c5895e69f01ea6dab9449e711a0cecb1 2930 python-keystonemiddleware_1.0.0-3.dsc 6b7c2a6c42b116fa83f884efbbbd7d909dc79472 5500 python-keystonemiddleware_1.0.0-3.debian.tar.xz 7a95c65649365e16c26aa7d3f1e8e3bc7f050a33 52174 python-keystonemiddleware_1.0.0-3_all.deb ce43771b8c0a3685be0d5a534f8bcdf3001648ec 68454 python-keystonemiddleware-doc_1.0.0-3_all.deb Checksums-Sha256: 5abb2d87b8d78ff0ccb4da5f1392173726a2f9086f2d688eff3d73303c066262 2930 python-keystonemiddleware_1.0.0-3.dsc c79095d6d312332c8a3b73de63f54883b3e042f059f3fdebf5e1ebda74ab26d0 5500 python-keystonemiddleware_1.0.0-3.debian.tar.xz 252f1d75eb848e83e72c1bcd00ec9e71b7d1ef73c86e8ca1b9aebd4454672ca7 52174 python-keystonemiddleware_1.0.0-3_all.deb b0f26567235c0fa294a6bcd4904aaa958b8fcd08e7626f1ebfd211969ae97b59 68454 python-keystonemiddleware-doc_1.0.0-3_all.deb Files: 9ca7966e95ece3c9a908ae35acc7a469 52174 python optional python-keystonemiddleware_1.0.0-3_all.deb 4258ac0b599573c52776bc4f9994c73f 68454 doc optional python-keystonemiddleware-doc_1.0.0-3_all.deb 5c756c43af7e1e5806c6c91dff4b29bd 2930 python optional python-keystonemiddleware_1.0.0-3.dsc 39623b270e2347dc0370d65380429e75 5500 python optional python-keystonemiddleware_1.0.0-3.debian.tar.xz -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBCAAGBQJUI8H9AAoJENQWrRWsa0P+nvMP/280jGvNPZ4xG7xJ5IuxwWsG PXNFi4MY06j9F7jvaI4HxboX3T5NQYH0yvUpnAX+C5fnziiuxrK+Kc00WOgGHE8b t4aXJ9c9RnTwiz8xUMsk1OCqrunzYOmshTGBQrgbnqsJat50u1+uBZZvZyzp1OaF xOPVOPvs59Z5FU/gOw6oHfvBTPw6hkiuRG4xYyMvpt0wdTZ7Frp0VvyAvnWgW08z Ki57NLib6Jubw6aT9CYOuGFPS2KJkWJUuYOVfvS6NDRPfl6VpKy5PoXqGdOyyOxq 4vWUwc/ABX1RHylFxTc4ilY6c0ZdHUmQiDOEsjOzwf48/L33ChmYfjhYPusSPDYo 9LCGcv0Dd9KMoRTjj6EYjJFpatNG8LcAkW7nynoOkMbi/OGPBltxSrgnFjQ4SoGj 78sjxt6slIxyIMvYKy+N7KosG8STtWrdDGjQtZpcBTVRitvDArEqZZFFpp1+itbn fIe8xqdX7fOK0muhoRG4ObaEf3m4S+J42FyQzUAM3CJs7TgNy04Hd0RFEnm44Bl/ Byn/UfZzVxKfAxSIvjOHrt6JuOLB3ZT9ju7xpF19gFlEHnGD5IaXFzT1QO5qbOGk qNlvxSGM/d2fAL5Z33V9XN5LWkGYZrWUIQAuvgDTBpz3Rnc324Xl/Y/CzbIFQNer u3F2wASkRyHznm0+9TqP =RhKa -----END PGP SIGNATURE-----
--- End Message ---
