Accepted glance 2:25.0.0-2 (source) into unstable
- To: debian-devel-changes@lists.debian.org
- Subject: Accepted glance 2:25.0.0-2 (source) into unstable
- From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
- Date: Tue, 24 Jan 2023 16:39:58 +0000
- Debian: DAK
- Debian-architecture: source
- Debian-archive-action: accept
- Debian-changes: glance_25.0.0-2_source.changes
- Debian-source: glance
- Debian-suite: unstable
- Debian-version: 2:25.0.0-2
- Dkim-signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=ftp-master.debian.org; s=smtpauto.fasolo; h=Date:Message-Id: Content-Transfer-Encoding:Content-Type:Subject:MIME-Version:To:Reply-To:From: Cc:Content-ID:Content-Description:In-Reply-To:References; bh=lk5GxOhSEhlPcgn61ss0bFt0VOD+c/yGkyY2AJvJ6CQ=; b=cIJrY8YFvf3258hkMKQ7bGRfHL UBoK+bPpU82o4ZgB9/tr7brHoQJ2EEzWfX+TsflVah3iHpYLNUSjSZ8k+jja5tPLe787AhyY7D9ks LcYCE23SukGEBUQm5YPWeIJe0Bq2SD2I7LTEkEvgojjkUFti7zTVFb9Ys6hlAV4itxLFyrJULke0Q 6WMmAPvtzCqiOIWgIyc8LsZVGTXH9SG8IihNwuYKW/SmJDuo5wTKNwP+yOd/VG/tLMJ+BHTJk6oBI N7fx7oTQKheW4szlL8Qj5w5h91R6lneL0Z2J2UvzLIqlQgF7Ill1aYbyETuWqnq4aU/b3cZ8qMt/c cBU/Wx1w==;
- Mail-followup-to: debian-devel@lists.debian.org
- Message-id: <E1pKML0-008y1W-Li@fasolo.debian.org>
- Reply-to: debian-devel@lists.debian.org
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Tue, 24 Jan 2023 16:51:31 +0100
Source: glance
Architecture: source
Version: 2:25.0.0-2
Distribution: unstable
Urgency: high
Maintainer: Debian OpenStack <team+openstack@tracker.debian.org>
Changed-By: Thomas Goirand <zigo@debian.org>
Closes: 1029563
Changes:
glance (2:25.0.0-2) unstable; urgency=high
.
* CVE-2022-47951: vulnerability in VMDK image processing. By supplying a
specially created VMDK flat image which references a specific backing file
path, an authenticated user may convince systems to return a copy of that
file's contents from the server resulting in unauthorized access to
potentially sensitive data. Added upstream patch:
CVE-2022-47951-Enforce_image_safety_during_image_conversion.patch
(Closes: #1029563).
Checksums-Sha1:
f56b459a74f546285379f0e7c50dc75d8928fc1f 3787 glance_25.0.0-2.dsc
4dd37858906bebc273d42bd33b00c893e9259cbc 19280 glance_25.0.0-2.debian.tar.xz
9f6ae9809d8b67164125a61e0cfecd0ded251e40 18496 glance_25.0.0-2_amd64.buildinfo
Checksums-Sha256:
ee752adbf1e940c39e96db847d2bc4efd9b8c7d6f96a810106e1e64f4102e6f5 3787 glance_25.0.0-2.dsc
c7acfc24801e95673f1f26eb3ea913c2be5f713bfe073d86bfffd8adaf87437a 19280 glance_25.0.0-2.debian.tar.xz
c377e2c1f8a23e116b12e28b7e8e96a3cb04fe0c39886880b8fa55849ac75bf4 18496 glance_25.0.0-2_amd64.buildinfo
Files:
1f777f000e31fe587a8616c98595325c 3787 net optional glance_25.0.0-2.dsc
5c821447f6032523ac8b0b83a64de4e4 19280 net optional glance_25.0.0-2.debian.tar.xz
a020222d7de619a6a35e3e66865699d1 18496 net optional glance_25.0.0-2_amd64.buildinfo
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEEoLGp81CJVhMOekJc1BatFaxrQ/4FAmPQAywACgkQ1BatFaxr
Q/654A//UQZCTjEgUNNDjUmM8iZ1C0WtKsF5fnMY1AHXzw49XCq0GgbOeI1Gb1A5
krG0JPvn1qV/yoMUkDyBMj3YI+qUNp9TECzsX5yQbUodI6cnRXCDZxLmebCqAtNJ
N2qDZ6j2nRylCX772QnR+DQwPEcuHZ8faUt+K7lQsAuPQhFD/FibhE9Q5Br7xRU1
PRPUBAjmwOtMKegVIpnlzDMZnTAi2lpNB0rkLL196yIe91zVZm/ZaDaf+GI586nR
wSG0jsxGi7w2HCa/ZNJOuErmSy5xigk4CDgNKijdW5TVb3lbDj5Z0Kkh9ekOYeA3
ZzRjkxOPdIad5qy58UAaDSdAbwhDehNcZocmobW210fjVbBRwH7KpoFiPRfbuZkS
6Q4JTPompmqAPeniGLou8leFi0rcxJtbAlhMNWFkd9aBSFGOavpP7c5H1/geDui5
Ds1g88WsaDbBW5JWZZzsCy1tf349KAq4DXHI7C9Y3LKW3DnFVzEcfm52DewmSc/1
qCo6i7QIKxzmMoVm0/MzHZYumY00RPum2IhcvRKA371zPiaXjD83yfLkTaB2voWu
XcD7TG4NC21fNo38BWpBQwM38mqrsn7hK7uD+XYMa4K6Sn0SZ5cGs8i84HRO6lIw
MeiTg90PTlQ1tZD4DEoVtDjlDXHkBbOPtUEELY2QVU/T6IhD0Gk=
=Nsjq
-----END PGP SIGNATURE-----