Accepted cinder 2:21.0.0-3 (source) into unstable
- To: debian-devel-changes@lists.debian.org
- Subject: Accepted cinder 2:21.0.0-3 (source) into unstable
- From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
- Date: Tue, 24 Jan 2023 17:05:54 +0000
- Debian: DAK
- Debian-architecture: source
- Debian-archive-action: accept
- Debian-changes: cinder_21.0.0-3_source.changes
- Debian-source: cinder
- Debian-suite: unstable
- Debian-version: 2:21.0.0-3
- Dkim-signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=ftp-master.debian.org; s=smtpauto.fasolo; h=Date:Message-Id: Content-Transfer-Encoding:Content-Type:Subject:MIME-Version:To:Reply-To:From: Cc:Content-ID:Content-Description:In-Reply-To:References; bh=qJjJfB4GGgAaquIOvMI1ZGAUUAyczrd1ZTJWcilcVJE=; b=qF7Dwy4FlMdOfBhJVfq3t5viAQ ndv+/kPmPV0YMtRI/QFP02kIxIpYvR7EewKMgC4fsE7eFD/ZbplETSMnwgAceUe+VMHY0g3wYSFj6 k+T5wKX5pI7dIj0v4GlZZsgBku+NdrWmglbannMYWDMW7EnChVqP2P+6/gtENFMYcpduF0+3WLVcE oacjG1OuZQIdkh4GoT1P2B1okupBaqdg/9OjYX7sB3cv6wBoGYjml0TGcv/sLQbgMrQQ6G1QxOIUG eBWYi2MRhiZLofshFeIWGKEsNCVvw3zdE1GbS4Fm8OLsda5QIbwgV5BETGXL/RQ3luWH1SOuu+UzL ZH3MiIGQ==;
- Mail-followup-to: debian-devel@lists.debian.org
- Message-id: <E1pKMk6-0092a4-Gp@fasolo.debian.org>
- Reply-to: debian-devel@lists.debian.org
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Tue, 24 Jan 2023 17:19:39 +0100
Source: cinder
Architecture: source
Version: 2:21.0.0-3
Distribution: unstable
Urgency: high
Maintainer: Debian OpenStack <team+openstack@tracker.debian.org>
Changed-By: Thomas Goirand <zigo@debian.org>
Closes: 1029562
Changes:
cinder (2:21.0.0-3) unstable; urgency=high
.
* CVE-2022-47951: By supplying a specially created VMDK flat image which
references a specific backing file path, an authenticated user may convince
systems to return a copy of that file's contents from the server resulting
in unauthorized access to potentially sensitive data. Add upstream patch
CVE-2022-47951_Check_VMDK_subformat_against_an_allowed_list.patch
(Closes: #1029562).
Checksums-Sha1:
ff9fae0e04f0f99aa8d88f627b2022b4fb3ddf32 4396 cinder_21.0.0-3.dsc
d9db718bc3602928f27dcb8c834476547914b876 55472 cinder_21.0.0-3.debian.tar.xz
2a9de52658f4bd89432024a6ac6cb61b170c12d9 19923 cinder_21.0.0-3_amd64.buildinfo
Checksums-Sha256:
ce11d02c81c3c4b719516709e726c52a30eb97e30fb9b39a0f9614a1b67a54c3 4396 cinder_21.0.0-3.dsc
bb8effedcaddb3a9dc041800e8ac50da9332a49212996d51a4c0ec24bbffbe92 55472 cinder_21.0.0-3.debian.tar.xz
340b8ebdcdece6fb23e2a86ff91d7fa1b4dbace8c0b043a082754f6ab7f73cea 19923 cinder_21.0.0-3_amd64.buildinfo
Files:
bab02674d7045d2422acdc8ed57d8b12 4396 net optional cinder_21.0.0-3.dsc
9bc3fcf59e4a74524344791e6a2e1014 55472 net optional cinder_21.0.0-3.debian.tar.xz
0b3daad95a7e2056b16e43050ea5704f 19923 net optional cinder_21.0.0-3_amd64.buildinfo
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEEoLGp81CJVhMOekJc1BatFaxrQ/4FAmPQCQQACgkQ1BatFaxr
Q/52XQ/9ENsx/BfAxqJtwD2xeHPSNN41D7XziZTlw2Mu53z9Ml5G+RhY0tJxfMIS
wlmxVcg47vqLUV3gRjKmG9p61ML1XylLZABmP1O/a1d3PDWZW4MlQvXhhchSkaAJ
2w7XN0GLWjpK/brCjUuHQU06/asso7hL1YNow/6x2XASl0OupVHHC2EJBBlIOPtm
tC8H/w6ACTohLDUPkCTVrTW7aj1zKXz4Hhoel5McjohVwIeaT15Nu7iIIGoeFgSG
ysiKH8oBjDsKUPj81KLOW8JLhv+PcTyuiAonxSaafPEmS8bysGtQue9tEOVb7Y2T
0koJ4aAEm8zqt95ugoZ/DAt8QqR0k39X1eSSxfOkG/ZN1kwb/hgDrj5DkG72LbjM
HVKuJpilfyC+0dDNU3H1GeQqs/4/t99gHzE9EAPaatlM5k2atAmovHp2o4DOdrwy
Cd6FyUxY1Gv2ZrTNKJkp5f5cyhaabGc02yke5oT/eDFqaOB3uAV+gJedlTWtcQTE
SXE3qzli0trYQJcNyEDAqyu/dmkdwGhrcBZ3B3TdIsTpc1uLDeP3qEDUdl+fGbWT
YQfYtbDb5vWIxSdNXXFHG34QW9UAg41QyVQB/9giRgK/5yS+JUx/m1/M3Se51NiI
rQh5pzeJOOI+kjiE2IwPrNtdpuwzC6eNkrvs8euF6KdHFrlZ958=
=rdSP
-----END PGP SIGNATURE-----