Your message dated Sun, 16 Aug 2015 09:35:20 +0000
with message-id <[email protected]>
and subject line Bug#793896: fixed in glance 2015.1.0-4
has caused the Debian Bug report #793896,
regarding glance: CVE-2015-3289: Glance task flow may fail to delete image from
backend
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
793896: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=793896
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Source: glance
Version: 2015.1.0-1
Severity: important
Tags: security upstream
Hi,
the following vulnerability was published for glance.
CVE-2015-3289[0]:
Glance task flow may fail to delete image from backend
If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
For further information see:
[0] https://security-tracker.debian.org/tracker/CVE-2015-3289
[1] http://www.openwall.com/lists/oss-security/2015/07/28/6
Regards,
Salvatore
--- End Message ---
--- Begin Message ---
Source: glance
Source-Version: 2015.1.0-4
We believe that the bug you reported is fixed in the latest version of
glance, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Thomas Goirand <[email protected]> (supplier of updated glance package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Wed, 12 Aug 2015 14:52:22 +0200
Source: glance
Binary: python-glance glance python-glance-doc glance-common glance-api
glance-registry
Architecture: source all
Version: 2015.1.0-4
Distribution: unstable
Urgency: medium
Maintainer: PKG OpenStack <[email protected]>
Changed-By: Thomas Goirand <[email protected]>
Description:
glance - OpenStack Image Service - metapackage
glance-api - OpenStack Image Service - API server
glance-common - OpenStack Image Service - common files
glance-registry - OpenStack Image Service - registry server
python-glance - OpenStack Image Service - Python client library
python-glance-doc - OpenStack Image Service - Python library documentation
Closes: 793896
Changes:
glance (2015.1.0-4) unstable; urgency=medium
.
* Fixes CVE-2015-5163: Don't import files with backed files.
* Really upload fix for CVE-2015-3289 (Closes: #793896).
Checksums-Sha1:
78e83e4ff1cdd1aefc25aa86509e35c39fff2809 3614 glance_2015.1.0-4.dsc
6e187fb8cee7df3dba0dbd835c806e73d6fed488 37392 glance_2015.1.0-4.debian.tar.xz
e73ee60b0b31ab65409cc5e8458b71238b789026 35916 glance-api_2015.1.0-4_all.deb
796b661fe083dc3532e1a646884a4eb857a3912d 42084 glance-common_2015.1.0-4_all.deb
63ce0cceebf81991e62e94a26bc3ef191e8e16ed 14178
glance-registry_2015.1.0-4_all.deb
346e6fd53601cffed8e33dbe94922fbca4add0fb 9486 glance_2015.1.0-4_all.deb
35d6aa654957f851fa86a33a4d999affbd92b32e 281480
python-glance-doc_2015.1.0-4_all.deb
be9e70622cce02b026ab368b3b559998e91603e9 440696
python-glance_2015.1.0-4_all.deb
Checksums-Sha256:
5f46e8618b9d25638ecc53bee3c737cd70662ee1f972b096c1ea81e3a70fbfd6 3614
glance_2015.1.0-4.dsc
8389f1e09211d32bb02b1bfd504fd78f71c05381ca0901ceeb65d5c582cb6156 37392
glance_2015.1.0-4.debian.tar.xz
ed0aac3e20aed81aabea23d5a8de7b49903bf007a2c8ad2dfa7c4680f2a1074a 35916
glance-api_2015.1.0-4_all.deb
e0e6027077ba9bf09aa815286c4b4a309476fe426dc251ceaa0e40fb75f87ff3 42084
glance-common_2015.1.0-4_all.deb
656f37d765ca71ca02c3e5647978174a59def880668f084c01bc8723087d7157 14178
glance-registry_2015.1.0-4_all.deb
accbcd284a6ef892a95628d484e738ab438b3a421a78a23b3a0e27ac76026395 9486
glance_2015.1.0-4_all.deb
dd14be73dd9e0dad781230801c565465309ae1c9a36125142aeb6cdd957a9422 281480
python-glance-doc_2015.1.0-4_all.deb
b6ecaa88558fca9d5aec3a6015f4ed918504dfa9a5afd9eaeaf20741d72b4ce7 440696
python-glance_2015.1.0-4_all.deb
Files:
af876c6df433b4ca538101d37f57e8d0 3614 net extra glance_2015.1.0-4.dsc
a6337cd63f2072433f11bd7630a4fda9 37392 net extra
glance_2015.1.0-4.debian.tar.xz
6a066b2abca637df232e6e160086a2bb 35916 python extra
glance-api_2015.1.0-4_all.deb
71b3e1e8d3373c2e4d4fec5b06181bc4 42084 python extra
glance-common_2015.1.0-4_all.deb
c46706b57b4c307ac711cff571b64a24 14178 python extra
glance-registry_2015.1.0-4_all.deb
dee92a70f822e4f42f66dc0dbdf58331 9486 python extra glance_2015.1.0-4_all.deb
baecd9b69e31898fe5da833a1a46eddf 281480 doc extra
python-glance-doc_2015.1.0-4_all.deb
b27f1d3f915ab25efd4511b8acaad772 440696 python extra
python-glance_2015.1.0-4_all.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIcBAEBCAAGBQJV0EfWAAoJENQWrRWsa0P+hjEP/il1q+r3xhkcvbzzHzm+Yh2B
XL68IF7v9Kj39LMUckNVmRbyPXRmj0fu+Ekq6PF64RxMoIGZ+5GPiFmqmk3cRII3
w6GzLG+aQF81m9Tb1QKOunFsFCfxFZPKMWoAzit1y01gT1Y/KW1FzNghbLuVD5WD
nRbqS5nzHsHIUy6uHZUoWZG14CKGCNw5G1tDOhY+ElulQCk429ojWXxTCnBxKNk4
xFuLRBi9DvRf6R0khilSnDrXtZrxEdhF+W2WPABTNRgv+i1w5irTB81joow94NJb
xfXiOaqptboa9hqo9sa9ckBUb1wA1uBG4HGGeHVYN4lv1u0VAb9No4MbpuZf50/s
MXox07Mcze2OL02kgbQJoIOQQXLiP+i8t0DAWayXqVRxwZY9HgMS8b2uJYlpxwmP
P4SG4+hlWgtEApZ+aVFlEL9RkG9Hq79RdHGOHPV5RA03uxWbG7VkRKH50qVLyf4u
LLFf06XDOut5C5riaqMjtGZXmixp2MPolOs4N0vQbBlPt6uOwH/bB8SbUYMxXMke
JzQs01hIek/Gb4GX3zENKjgXe5dzCYJxF9j4qpNGf3B1e3HLqz+01OIwCSHzzyfS
Ez7sZZfeQVYnm8tcfwbu1LKm3grdLHWmxaqj9pDCxGuDy1f1/jFadU6iVAOwWwsp
X90oI9nM5MfbLbcCl08x
=Kg8X
-----END PGP SIGNATURE-----
--- End Message ---
