[Openstack-devel] Bug#689289: unblock: keystone/2012.1.1-9 (CVE-2012-445{6, 7}, +policy RC fixes)
Thomas Goirand
zigo at debian.org
Mon Oct 1 07:00:25 UTC 2012
Package: release.debian.org
Severity: normal
User: release.debian.org at packages.debian.org
Usertags: unblock
Dear Release Team,
I have applied upstream patches for CVE-2012-445{6,7} (yes, yet another
CVE in keystone...), and fixed bad handling of /etc/keystone/keystone.conf.
The later modifications have already been investigated by Julien, and I
believe they are into shape now.
If the release team prefers that I first undo keystone.conf changes so
that only the CVE fixes can migrate first, then the keystone.conf handling
gets the standard 10 days testing, that can be done too. I have no problem
doing this in 2 steps, to give more testing time for the keystone.conf
handling. But I believe it should be ok now.
The debdiff is attached. It's unfortunately not so small.
Thanks for your time working on the Wheezy release,
Please unblock keystone/2012.1.1-9,
Cheers,
Thomas Goirand (zigo)
-- System Information:
Debian Release: wheezy/sid
APT prefers testing
APT policy: (500, 'testing'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 3.2.0-3-amd64 (SMP w/2 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
-------------- next part --------------
A non-text attachment was scrubbed...
Name: keystone_2012.1.1-9.debdiff
Type: text/x-diff
Size: 22515 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/openstack-devel/attachments/20121001/24173333/attachment-0001.diff>
More information about the Openstack-devel
mailing list