[Secure-testing-commits] r39423 - data/CVE
Moritz Muehlenhoff
jmm at moszumanska.debian.org
Tue Feb 2 21:33:46 UTC 2016
Author: jmm
Date: 2016-02-02 21:33:46 +0000 (Tue, 02 Feb 2016)
New Revision: 39423
Modified:
data/CVE/list
Log:
heat, keystone no-dsa
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-02-02 21:31:58 UTC (rev 39422)
+++ data/CVE/list 2016-02-02 21:33:46 UTC (rev 39423)
@@ -9222,11 +9222,13 @@
CVE-2015-7546 [Potential reuse of revoked Identity tokens]
RESERVED
- keystone <unfixed>
+ [wheezy] - keystone <no-dsa> (Too intrusive to backport, needs to switch to different token provider)
+ [jessie] - keystone <no-dsa> (Too intrusive to backport, needs to switch to different token provider)
- python-keystonemiddleware <unfixed>
+ [jessie] - python-keystonemiddleware <no-dsa> (Too intrusive to backport, needs to switch to different token provider)
NOTE: https://wiki.openstack.org/wiki/OSSN/OSSN-0062
NOTE: Keystone: <= 2015.1.2, >= 8.0.0 <= 8.0.1
NOTE: Keystonemiddleware: >= 1.5.0 <= 1.5.3, >= 1.6.0 <= 2.3.2
- TODO: check
CVE-2015-7544
RESERVED
NOT-FOR-US: redhat-support-plugin-rhev
@@ -15230,6 +15232,7 @@
NOTE: https://www.samba.org/samba/security/CVE-2015-5296.html
CVE-2015-5295 (The template-validate command in OpenStack Orchestration API (Heat) ...)
- heat <unfixed>
+ [jessie] - heat <no-dsa> (Minor issue)
NOTE: Affects: <=2015.1.2, ==5.0.0
CVE-2015-5294
RESERVED
More information about the Secure-testing-commits
mailing list