On 12/13/2012 03:37 PM, Moritz Muehlenhoff wrote: > Package: nova > Severity: grave > Tags: security > Justification: user security hole > > Please see http://seclists.org/oss-sec/2012/q4/435 > > Cheers, > Moritz
Hi Moritz, Thanks for opening this bug entry! I do appreciate (a lot) your commitment to the security in Debian and tracking all issues. However, this CVE is present only in Openstack Folsom, as described in the Affects: field of this link. Debian Wheezy/SID has Openstack Essex. Therefor, Debian isn't affected by this problem, and I'm closing this bug. Also, I am receiving security alerts for Openstack directly from the release manager (eg: ttx), and most of the time, one week in advance, if the bug/security-fix can be embargoed. You can assume I am aware of it (though reminding me is a good idea). Note that I'm about to upload Folsom in Experimental (it's ready on Alioth, I'm only waiting for FTP masters to approve openstack-pkg-tools which all packages now build-depends on). Cheers, and happy hacking, Thomas -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected]

