Accepted nova 2:22.0.1-2+deb11u1 (source) into proposed-updates
- To: debian-changes@lists.debian.org
- Subject: Accepted nova 2:22.0.1-2+deb11u1 (source) into proposed-updates
- From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
- Date: Sat, 04 Feb 2023 17:17:11 +0000
- Debian: DAK
- Debian-architecture: source
- Debian-archive-action: accept
- Debian-changes: nova_22.0.1-2+deb11u1_source.changes
- Debian-source: nova
- Debian-suite: proposed-updates
- Debian-version: 2:22.0.1-2+deb11u1
- Dkim-signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=ftp-master.debian.org; s=smtpauto.fasolo; h=Date:Message-Id: Content-Transfer-Encoding:Content-Type:Subject:MIME-Version:To:Reply-To:From: Cc:Content-ID:Content-Description:In-Reply-To:References; bh=+5VTd2O80UBsztnTOhZgkMntB+5UDxlKM8fQx6J2/d8=; b=l+fl8RFqu3ED2b1hCXoZ9PF5tT P4koFRhoCnPuOWNFSklqLN6RNH7PoFpTdZc1/CvU4a+XGCt4TaAo5IWhIbyCWW7vWmJSTwi219xn1 H3o4I8vYI6+JwEgIIoeGNBYWB+0+Tq6nwjIF02kCG/xA1Nk6LmrvpnaFuCVgaIGrbcxQfKfYctzQz 13hePWPn5hSazXBCOxnfEDjuoJIZAb4l75aXY8CDy+Lodyq8qAbWMlRcj6XybsacpE8HZoUekzs6O emrlc+3ZtqjcgU9ArO8M/NuTGv+biIuaaRNGNa8lafY8ObYh/1isgufYbtUZJphPWsB0arxBN2rPh K9WXRlrg==;
- Mail-followup-to: debian-devel@lists.debian.org
- Message-id: <E1pOMA3-006hyl-M4@fasolo.debian.org>
- Reply-to: debian-devel@lists.debian.org
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Tue, 24 Jan 2023 11:31:25 +0100
Source: nova
Architecture: source
Version: 2:22.0.1-2+deb11u1
Distribution: bullseye-security
Urgency: medium
Maintainer: Debian OpenStack <team+openstack@tracker.debian.org>
Changed-By: Thomas Goirand <zigo@debian.org>
Closes: 1029561
Changes:
nova (2:22.0.1-2+deb11u1) bullseye-security; urgency=medium
.
* CVE-2022-47951: By supplying a specially created VMDK flat image which
references a specific backing file path, an authenticated user may convince
systems to return a copy of that file's contents from the server resulting
in unauthorized access to potentially sensitive data. Add upstream patch
cve-2022-47951-glance-stable-victoria.patch (Closes: #1029561).
Checksums-Sha1:
5b34041838c39107c06f2c2811399bfe5561f5e2 5339 nova_22.0.1-2+deb11u1.dsc
00feb086c56c8df4d0d85c795e33878eea75766f 5900180 nova_22.0.1.orig.tar.xz
4ff38fb907f356732392adc21e8dbc18040535e2 62092 nova_22.0.1-2+deb11u1.debian.tar.xz
20f5ca56aefae0fd497b1e1c5f0417d5b6c23be9 23807 nova_22.0.1-2+deb11u1_amd64.buildinfo
Checksums-Sha256:
7861752c0bcf3238e0751d838637098a4c3e75bf03687c6049e52de3cc42e9c1 5339 nova_22.0.1-2+deb11u1.dsc
8bfc2c8d721237ad67f2a15a2882f366f5423f30e2fda802b3234f4280c7a262 5900180 nova_22.0.1.orig.tar.xz
11f2390bfe1ba6bfa583ef95cee98f377848065104579adf849167d2204a1ea1 62092 nova_22.0.1-2+deb11u1.debian.tar.xz
daa7b094ee50822b95d2801f57895815fb26602c40277d38cc821a0677a9a909 23807 nova_22.0.1-2+deb11u1_amd64.buildinfo
Files:
dab63cd1547e4b92150e7904a1008d7f 5339 net optional nova_22.0.1-2+deb11u1.dsc
e797a3036ecf56bd964a3117004dfcb8 5900180 net optional nova_22.0.1.orig.tar.xz
9666f29b16bb260d4c7d0087773e68c3 62092 net optional nova_22.0.1-2+deb11u1.debian.tar.xz
b80f62561804c16659e10efa4ddb9106 23807 net optional nova_22.0.1-2+deb11u1_amd64.buildinfo
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEEoLGp81CJVhMOekJc1BatFaxrQ/4FAmPXwJMACgkQ1BatFaxr
Q/5zgg/+PhvC0jk9mZdBuhQl1RtglBgALFD2NHbY36Z3kQgf3ZtZx/fZV2caH4F1
YBdroqbQjFelexW00MAGlUWQCJiby5cXz9lCFw5x8hyNVEvSlG4r5bG7YlHG0f2s
2IebsgS1PqD4pwGV1jd6h/zE1NZAQND9ElC/ZkcleDJHxZdZl60rLViO3dhn5Ljv
jKSew9r7ZA7L+nRn7+7rDsqi6ypoo7CMhNuUzfe0AU9YawvGCbVTFmcG6NnMDK09
j1ZyhIECO7GRbkQpqv7Lv/O4ZV8sH86UqV4Ifu+26Cu3HMXFg7mmRW2DQDZQd3wi
UIy3b6GRZ6itH4pEb0d2j7QxVUax2eFGE7+g3FShFz/EutxI5+DnHjE60SzUobZ9
xIygLeNBIQ9Zc9S3K/fs9aPeJNDF10rbrBag9aBMJwS9nwOJn9xgL4kVbEaxGvEF
2oIi5Hmco6SiNkrGH6Pvt1yHlltHVRcFCU2Cw8pmOFxsGR4XTXgnFQ6l7hVqhav4
CjendO9TYEGLomem1+WZsIrEBnHrKpriy4eQFQPr3rCXyWx0VEX8z8Lh41Y1miIw
sQV+nm0GcR6w9io66XTpUS4WKuWDG2Jsh2bmvU+mSXlzaKlQZ8PsBpMTq7+oqxK9
HUG4GsV5+cMRxhi+tOtQ7O5OLa4JdEmn3s7v0NbGebNSl+Bj6rk=
=H2jP
-----END PGP SIGNATURE-----