tag 828063 pending
thanks
Hello,
Bug #828063 reported by you has been fixed in the Git repository. You can
see the changelog below, and you can check the diff of the fix at:
http://git.debian.org/?p=openstack/python-muranoclient.git;a=commitdiff;h=6874df1
---
commit 6874df1989efd123f6609c5e9d2579e815e417dd
Author: Thomas Goirand <[email protected]>
Date: Mon Jun 27 19:01:42 2016 +0000
* CVE-2016-4972: RCE vulnerability in Openstack Murano using insecure YAML
tags. Adds upstream patch: Use yaml.SafeLoader instead of yaml.Loader.
(Closes: #828063).
diff --git a/debian/changelog b/debian/changelog
index 98cb584..1770fbc 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,10 +1,16 @@
-python-muranoclient (0.8.3-4) UNRELEASED; urgency=medium
+python-muranoclient (0.8.3-4) unstable; urgency=high
+ [ Ondřej Nový ]
* Standards-Version is 3.9.8 now (no change)
* d/rules: Removed UPSTREAM_GIT, changed to default value
* d/copyright: Changed source URL to new one
- -- Ondřej Nový <[email protected]> Sat, 09 Apr 2016 19:28:12 +0200
+ [ Thomas Goirand ]
+ * CVE-2016-4972: RCE vulnerability in Openstack Murano using insecure YAML
+ tags. Adds upstream patch: Use yaml.SafeLoader instead of yaml.Loader.
+ (Closes: #828063).
+
+ -- Thomas Goirand <[email protected]> Mon, 27 Jun 2016 18:53:01 +0000
python-muranoclient (0.8.3-3) unstable; urgency=medium
