Accepted glance 2:21.0.0-2+deb11u1 (source) into proposed-updates
- To: debian-changes@lists.debian.org
- Subject: Accepted glance 2:21.0.0-2+deb11u1 (source) into proposed-updates
- From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
- Date: Sat, 04 Feb 2023 17:17:10 +0000
- Debian: DAK
- Debian-architecture: source
- Debian-archive-action: accept
- Debian-changes: glance_21.0.0-2+deb11u1_source.changes
- Debian-source: glance
- Debian-suite: proposed-updates
- Debian-version: 2:21.0.0-2+deb11u1
- Dkim-signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=ftp-master.debian.org; s=smtpauto.fasolo; h=Date:Message-Id: Content-Transfer-Encoding:Content-Type:Subject:MIME-Version:To:Reply-To:From: Cc:Content-ID:Content-Description:In-Reply-To:References; bh=8GP+k/KB6nyW/bfS3aMJYMkvq6SAxBqB7jxuonR90+E=; b=T4gcA8a3NlJy9iryu0go+g1zbu bDACwpNGpoSVPXTlpvn2u73cMvdIBWeyhE2tEPMm9HcWq6ENZ0Dce+8kaLXjSO2A1qxZ/jr3I/uym I9KLB9yVtG0VK+2jpQU1Wikw5dloHKABd+hBLsncFdbGGsHr2OxlUQrAnx/+iw7ruSEZM+REkmrxe 3RUkq2hznRSaU+Gjx3g9NAORISKd8iqdn7RmTeERQ0nLQ48Oi8mttV7NDt96vV8+0Eh9P+J1q97L1 KYFDmr0S+3GJVFSHKRgreyNVS+wlCVVS1uRB1AfmIwxeyM7xxAWTjee2uf7okcm09wxHHdZENJfRb UalhFZDg==;
- Mail-followup-to: debian-devel@lists.debian.org
- Message-id: <E1pOMA2-006hyU-PV@fasolo.debian.org>
- Reply-to: debian-devel@lists.debian.org
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Wed, 18 Jan 2023 10:14:44 +0100
Source: glance
Architecture: source
Version: 2:21.0.0-2+deb11u1
Distribution: bullseye-security
Urgency: medium
Maintainer: Debian OpenStack <team+openstack@tracker.debian.org>
Changed-By: Thomas Goirand <zigo@debian.org>
Closes: 1029563
Changes:
glance (2:21.0.0-2+deb11u1) bullseye-security; urgency=medium
.
* CVE-2022-47951: By supplying a specially created VMDK flat image which
references a specific backing file path, an authenticated user may convince
systems to return a copy of that file's contents from the server resulting
in unauthorized access to potentially sensitive data. Add upstream patch
cve-2022-47951-glance-stable-victoria.patch (Closes: #1029563).
Checksums-Sha1:
a55a859e2366820084168fa126fb8e887120c8c9 3768 glance_21.0.0-2+deb11u1.dsc
5bc58570ac46747db867f53e6633bba8a68d2f0a 1471508 glance_21.0.0.orig.tar.xz
c8ee1328ec0761ce296fe0fb83d1e7b4d11f25d2 18852 glance_21.0.0-2+deb11u1.debian.tar.xz
ffbc487672efc487022e797d9a5f96536ad56882 18111 glance_21.0.0-2+deb11u1_amd64.buildinfo
Checksums-Sha256:
738bf183334415d0c78e9546e1c395b225809bfa18b4fc800d6c37ab81ebbba2 3768 glance_21.0.0-2+deb11u1.dsc
7e9e96711ca27913cae31c0992a90edd4f572a66768162324ce8aa79ccc7820d 1471508 glance_21.0.0.orig.tar.xz
18312e8c4b194415b0a06a8419b3451f57b16a1f0e37fa4a8c376b2544b45e57 18852 glance_21.0.0-2+deb11u1.debian.tar.xz
264766a40f873ed3fae836c778652c0469d81845a30e676e75cf313483335d4d 18111 glance_21.0.0-2+deb11u1_amd64.buildinfo
Files:
89ab7d0ac9486b299ce7125985186a0d 3768 net optional glance_21.0.0-2+deb11u1.dsc
bef1454ed9865225181e6ec7df9b23ff 1471508 net optional glance_21.0.0.orig.tar.xz
0c1aceab581b54b7a88324cd5aba21a0 18852 net optional glance_21.0.0-2+deb11u1.debian.tar.xz
fd037e53d5c991c0885fddb7d0a2419e 18111 net optional glance_21.0.0-2+deb11u1_amd64.buildinfo
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEEoLGp81CJVhMOekJc1BatFaxrQ/4FAmPXv+kACgkQ1BatFaxr
Q/5MRw/+PIR+Km+VwZXdTJPt72V7XaAlouB4nutToHm1TF93w5vshObfo44nSVQe
CdBxbcPp8TdzsYM143KWzp2WVu2b/Wy2MNpvAtIvz5Pbqxbw4hX7RDBIW7hHR9cn
JjlBL6tHrN7sZP+sPjQP4Lp9MoqevkSBtlimhrE5yBg+r+SEIwuos2P/m6oDoj7v
Dwr5flg6gQ7OcpKz482dzn6fK5HaPB6Xf9QYaLL/5L0ZsDgxLAP5eiq/oLQvo6HU
n+u1ipgDdOltFbIAttFp8+uBqKeOVXzpaAfSmQkjJQm5hpaj4DOCBM4bTYMii672
2SgfqTqFw9TYsiA4SvnJ6Iy3ll9m7/7bU4yADBdtlOWW9SZ+YxDooKlc5KWZQIPj
P0W7pPitP1UcjqDwfJErX2odVSIbUL5W4Oln1jLBlLeK+OA5IjWayp41o/tTwCma
UVKScs40mlp+NUsRkIxPrqWie6PEn1scn/L+aFk5uWWBBp5IRqvJdu3ikCcFJVBD
5mJYP6TZp9Rlsc7u1WvYKrCWxhqAOc99tyfj+v41E8VOLhNcn5NExtZTeF8K8j5d
NqwkXhlVFlAHu6y4IbqUtSzluUJxYo7UbaLdLwAh7VpAGIe11/gSbEz1UG9LH8Ny
uiD/O1AgzACmo1eEHS3gTWqOfHdK/sgbNy1vDNKNoTDs6vza1t4=
=Y2Jg
-----END PGP SIGNATURE-----