On 06/23/2013 01:01 PM, Prach Pongpanich wrote: > On Sun, Jun 23, 2013 at 3:52 AM, Salvatore Bonaccorso <[email protected]> > wrote: >> Package: python-keystoneclient >> Severity: grave >> Tags: security upstream patch >> >> Hi, >> >> the following vulnerabilities were published for python-keystoneclient. >> >> CVE-2013-2166[0]: >> middleware memcache encryption bypass >> >> CVE-2013-2167[1]: >> middleware memcache signing bypass >> >> See [2] for further reference. >> >> If you fix the vulnerabilities please also make sure to include the >> CVE (Common Vulnerabilities & Exposures) ids in your changelog entry. >> > > Hi, > > I've committed to fix this bug [1]. > > [1] http://anonscm.debian.org/gitweb/?p=openstack/python-keystoneclient.git > > Regrads, > Prach
Thanks. Uploaded. Though I've noticed that some of the unit tests are failing after applying the patch (3 failures). I don't know if that is expected or not... though for what I'm doing, the client worked (keystone service-list, keystone tenant-list, etc. worked) Thomas -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected]
