On 02/17/2015 10:21 AM, Mehdi Dogguy wrote: > Tags: confirmed > > Le 2015-02-14 00:25, Thomas Goirand a écrit : >> Moritz Mühlenhoff (aka jmm) made me aware of CVE-2014-7231, which has >> been >> fixed in the release 0.2.0 of python-oslo.utils. This version has >> never been >> uploaded to Sid (I uploaded it to Experimental instead), as I didn't >> want to >> risk changing anything in OpenStack Icehouse in Jessie. >> >> But since it fixes CVE-2014-7231, I'd like now to have version 0.2.0 >> replacing >> version 0.1.1 in Jessie. Indeed, the patch available here: >> >> https://review.openstack.org/gitweb?p=openstack%2Foslo.utils.git;a=commitdiff;h=e0425691d90bce0bbe847a9ff49468ce0fab5486 >> >> > > AFAICS, 0.2.0 looks like more or less the commit you're pointing at. > Nevertheless, > If you feel more comfortable with uploading 0.2.0 than extracting a > targeted patch, > then please go ahead and notify us as soon as it hits the archive. > > Please adjust the changelog and gbp.conf though. > > Cheers.
Hi Mehdi, Thanks for your reply. Uploaded, retitling the unblock bug accordingly. Cheers, Thomas Goirand (zigo) -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected] Archive: https://lists.debian.org/[email protected]
