1. Forum
  2. Usenet
  3. LINUX.DEBIAN.CHANGES

  • Accepted nova 2:22.0.1-2+deb11u1 (source) into proposed-updates

    From Debian FTP Masters@21:1/5 to All on Sat Feb 4 18:20:02 2023
    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA256

    Format: 1.8
    Date: Tue, 24 Jan 2023 11:31:25 +0100
    Source: nova
    Architecture: source
    Version: 2:22.0.1-2+deb11u1
    Distribution: bullseye-security
    Urgency: medium
    Maintainer: Debian OpenStack <team+openstack@tracker.debian.org>
    Changed-By: Thomas Goirand <zigo@debian.org>
    Closes: 1029561
    Changes:
    nova (2:22.0.1-2+deb11u1) bullseye-security; urgency=medium
    .
    * CVE-2022-47951: By supplying a specially created VMDK flat image which
    references a specific backing file path, an authenticated user may convince
    systems to return a copy of that file's contents from the server resulting
    in unauthorized access to potentially sensitive data. Add upstream patch
    cve-2022-47951-glance-stable-victoria.patch (Closes: #1029561). Checksums-Sha1:
    5b34041838c39107c06f2c2811399bfe5561f5e2 5339 nova_22.0.1-2+deb11u1.dsc
    00feb086c56c8df4d0d85c795e33878eea75766f 5900180 nova_22.0.1.orig.tar.xz
    4ff38fb907f356732392adc21e8dbc18040535e2 62092 nova_22.0.1-2+deb11u1.debian.tar.xz
    20f5ca56aefae0fd497b1e1c5f0417d5b6c23be9 23807 nova_22.0.1-2+deb11u1_amd64.buildinfo
    Checksums-Sha256:
    7861752c0bcf3238e0751d838637098a4c3e75bf03687c6049e52de3cc42e9c1 5339 nova_22.0.1-2+deb11u1.dsc
    8bfc2c8d721237ad67f2a15a2882f366f5423f30e2fda802b3234f4280c7a262 5900180 nova_22.0.1.orig.tar.xz
    11f2390bfe1ba6bfa583ef95cee98f377848065104579adf849167d2204a1ea1 62092 nova_22.0.1-2+deb11u1.debian.tar.xz
    daa7b094ee50822b95d2801f57895815fb26602c40277d38cc821a0677a9a909 23807 nova_22.0.1-2+deb11u1_amd64.buildinfo
    Files:
    dab63cd1547e4b92150e7904a1008d7f 5339 net optional nova_22.0.1-2+deb11u1.dsc
    e797a3036ecf56bd964a3117004dfcb8 5900180 net optional nova_22.0.1.orig.tar.xz
    9666f29b16bb260d4c7d0087773e68c3 62092 net optional nova_22.0.1-2+deb11u1.debian.tar.xz
    b80f62561804c16659e10efa4ddb9106 23807 net optional nova_22.0.1-2+deb11u1_amd64.buildinfo

    -----BEGIN PGP SIGNATURE-----

    iQIzBAEBCAAdFiEEoLGp81CJVhMOekJc1BatFaxrQ/4FAmPXwJMACgkQ1BatFaxr Q/5zgg/+PhvC0jk9mZdBuhQl1RtglBgALFD2NHbY36Z3kQgf3ZtZx/fZV2caH4F1 YBdroqbQjFelexW00MAGlUWQCJiby5cXz9lCFw5x8hyNVEvSlG4r5bG7YlHG0f2s 2IebsgS1PqD4pwGV1jd6h/zE1NZAQND9ElC/ZkcleDJHxZdZl60rLViO3dhn5Ljv jKSew9r7ZA7L+nRn7+7rDsqi6ypoo7CMhNuUzfe0AU9YawvGCbVTFmcG6NnMDK09 j1ZyhIECO7GRbkQpqv7Lv/O4ZV8sH86UqV4Ifu+26Cu3HMXFg7mmRW2DQDZQd3wi UIy3b6GRZ6itH4pEb0d2j7QxVUax2eFGE7+g3FShFz/EutxI5+DnHjE60SzUobZ9 xIygLeNBIQ9Zc9S3K/fs9aPeJNDF10rbrBag9aBMJwS9nwOJn9xgL4kVbEaxGvEF 2oIi5Hmco6SiNkrGH6Pvt1yHlltHVRcFCU2Cw8pmOFxsGR4XTXgnFQ6l7hVqhav4 CjendO9TYEGLomem1+WZsIrEBnHrKpriy4eQFQPr3rCXyWx0VEX8z8Lh41Y1miIw sQV+nm0GcR6w9io66XTpUS4WKuWDG2Jsh2bmvU+mSXlzaKlQZ8PsBpMTq7+oqxK9 HUG4GsV5+cMRxhi+tOtQ7O5OLa4JdEmn3s7v0NbGebNSl+Bj6rk=
    =H2jP
    -----END PGP SIGNATURE-----

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)