tag 828063 pending
thanks
Hello,
Bug #828063 reported by you has been fixed in the Git repository. You can
see the changelog below, and you can check the diff of the fix at:
http://git.debian.org/?p=openstack/python-muranoclient.git;a=commitdiff;h=4ef2bdf
---
commit 4ef2bdfe1f2f3398ba098200b882c4bf7b6565b1
Author: Thomas Goirand <[email protected]>
Date: Mon Jun 27 19:16:14 2016 +0000
* CVE-2016-4972: RCE vulnerability in Openstack Murano using insecure YAML
tags. Adds upstream patch: Use yaml.SafeLoader instead of yaml.Loader.
(Closes: #828063).
diff --git a/debian/changelog b/debian/changelog
index bec44a1..4d1ed6d 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,11 @@
+python-muranoclient (0.8.4-2) experimental; urgency=medium
+
+ * CVE-2016-4972: RCE vulnerability in Openstack Murano using insecure YAML
+ tags. Adds upstream patch: Use yaml.SafeLoader instead of yaml.Loader.
+ (Closes: #828063).
+
+ -- Thomas Goirand <[email protected]> Mon, 27 Jun 2016 19:12:11 +0000
+
python-muranoclient (0.8.4-1) experimental; urgency=medium
[ Ondřej Nový ]
