[Secure-testing-commits] r26321 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Fri Mar 28 19:03:51 UTC 2014


Author: carnil
Date: 2014-03-28 19:03:51 +0000 (Fri, 28 Mar 2014)
New Revision: 26321

Modified:
   data/CVE/list
Log:
Another update to CVE-2014-0105

This is to mark the wheezy version of python-keystoneclient as not
affected, as in this version the code is still in src:keystone.

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2014-03-28 18:59:22 UTC (rev 26320)
+++ data/CVE/list	2014-03-28 19:03:51 UTC (rev 26321)
@@ -6736,6 +6736,7 @@
 CVE-2014-0105 [Potential context confusion in Keystone middleware]
 	RESERVED
 	- python-keystoneclient <unfixed> (low; bug #742898)
+	[wheezy] - python-keystoneclient <not-affected> (Vulnerable code yet in src:keystone)
 	- keystone 2013.1.1-2
 	[wheezy] - keystone <no-dsa> (Minor issue)
 	NOTE: From 2013.1.1-2 the auth_token.py is in python-keystoneclient




More information about the Secure-testing-commits mailing list