Your message dated Tue, 18 Feb 2014 04:03:47 +0000
with message-id <e1wfbun-0005w4...@franck.debian.org>
and subject line Bug#730626: fixed in python-swiftclient 1:2.0.2-1
has caused the Debian Bug report #730626,
regarding python-swiftclient: CVE-2013-6396
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)
--
730626: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=730626
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: python-swiftclient
Severity: grave
Tags: security upstream patch
Hi Thomas,
(This is similar to #718282, CVE-2013-4111 for python-glanceclient.)
the following vulnerability was published for python-swiftclient.
CVE-2013-6396[0]:
does not properly verify the server SSL certificates
If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
For further information see:
[0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6396
http://security-tracker.debian.org/tracker/CVE-2013-6396
[1] https://bugs.launchpad.net/python-swiftclient/+bug/1199783
Regards,
Salvatore
--- End Message ---
--- Begin Message ---
Source: python-swiftclient
Source-Version: 1:2.0.2-1
We believe that the bug you reported is fixed in the latest version of
python-swiftclient, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 730...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Thomas Goirand <z...@debian.org> (supplier of updated python-swiftclient
package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Tue, 18 Feb 2014 11:03:09 +0800
Source: python-swiftclient
Binary: python-swiftclient
Architecture: source all
Version: 1:2.0.2-1
Distribution: unstable
Urgency: high
Maintainer: PKG OpenStack <openstack-de...@lists.alioth.debian.org>
Changed-By: Thomas Goirand <z...@debian.org>
Description:
python-swiftclient - Client library for Openstack Swift API
Closes: 730626
Changes:
python-swiftclient (1:2.0.2-1) unstable; urgency=high
.
* New upstream release (Closes: #730626).
* Reviewed build-dependency for the new upstream release.
* Standards-Version: is now 3.9.5.
* Also builds the sphinx doc and package manpage.
* Adds patch to fix manpage.
Checksums-Sha1:
f75acaedf14f4b9e7549703ae2168c01dc150f98 2487 python-swiftclient_2.0.2-1.dsc
bec474512d91b9c8ad1ab75e0c1e03029f305238 43492
python-swiftclient_2.0.2.orig.tar.xz
3d764af7818c0e2acb389767eb78fe50f8c892b5 5156
python-swiftclient_2.0.2-1.debian.tar.xz
5ac6daf652fb6b82386ba05c3e1b1fcc2b9c3c93 54110
python-swiftclient_2.0.2-1_all.deb
Checksums-Sha256:
88d0137c346614eb9a35d5fc4e64ea7147b0ac3e64d5ddd710314a5c86c53aa8 2487
python-swiftclient_2.0.2-1.dsc
b8adc373a673226cef72b44eef69be09b70b4cb31ed330837cd5b6558568f952 43492
python-swiftclient_2.0.2.orig.tar.xz
2222ed9d8432ca137cfafca32598b23a37ea392de79cc72f9386e71248328d55 5156
python-swiftclient_2.0.2-1.debian.tar.xz
7f3e387cf9e9c10dbdd22b3a5790354ca579d8b09d8e20a20de3bd3dcb9cb1dd 54110
python-swiftclient_2.0.2-1_all.deb
Files:
ce4f20351e00d8ebb1380aa19a9eab51 2487 python extra
python-swiftclient_2.0.2-1.dsc
09ce4ba0a00f49c1989c696e4fa09901 43492 python extra
python-swiftclient_2.0.2.orig.tar.xz
f2071e28e106b7b6fb82120a23ff1de8 5156 python extra
python-swiftclient_2.0.2-1.debian.tar.xz
93b9960de8e53407ab9ce8a3608d636c 54110 python extra
python-swiftclient_2.0.2-1_all.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIcBAEBCAAGBQJTAtndAAoJENQWrRWsa0P+itUP/iGXu1aP9QEIrK/SdEXUh5QI
VOWwYp+Gb6VeLTHH9Ekx60PYaEhRB0yKj+Gx8iF23/Kfxmin/vBlH2zn1VTN9UET
rimwIXwhDq6GnA8J8M+BMys1J3IXrJTkS3fjS5LnS/XyoVPwZTYnT9T8C5RX/6X3
PO2g5/kHH44KNmil3jMVoWNVf8UddilNgapoJAw+BfWSmVN8N58I997MQCWbizUY
GoFndAXb9Fuv4JMGt37doEDXhNzryheR6YYHOe75j0/pk5Xsn9TwA+f/UakJ2wht
e+vP9xkm2BUA2GluJ2E4JC+jPcsgMInqrKHiIWNtsuII7Cs0GeaG7UuEtQv9l9iu
q2JDqE5to3edurVhdeXddO0IwJcXLSMhKDLKfM9+WH0gP90ErCSTdsQTSIu58irZ
QTtUe7ev3knD90rUl+IzoptcLnyrcapnLdqByyLNUYRhD/we/bCyMhJ8gnSZHsp+
8NiDXc7zNzfodymVkKc+PYvfj2zCf3gmyDloeJ9u/WVMiiHAf3jT3VahTbJ59Xmq
lAffVRDH9S+YuWaTxpDLyglnsQZLVesiaW5L+GiAaGcVvRA1Bww8ZTi7+uKxUgPH
n2vbMyYn7XsYvzW21N5c971i4RQcA+b1Rr45Ms9ZkVVkUIeNbl+Ei+vN2L8Q4jiz
YiT7QSqsZiKcJ+CyFEjx
=i0Lr
-----END PGP SIGNATURE-----
--- End Message ---
