Accepted zookeeper 3.4.13-6+deb11u1 (source) into oldstable-proposed-updates
- To: debian-changes@lists.debian.org
- Subject: Accepted zookeeper 3.4.13-6+deb11u1 (source) into oldstable-proposed-updates
- From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
- Date: Sat, 04 Nov 2023 12:49:14 +0000
- Debian: DAK
- Debian-architecture: source
- Debian-archive-action: accept
- Debian-changes: zookeeper_3.4.13-6+deb11u1_source.changes
- Debian-source: zookeeper
- Debian-suite: oldstable-proposed-updates
- Debian-version: 3.4.13-6+deb11u1
- Dkim-signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=ftp-master.debian.org; s=smtpauto.fasolo; h=Date:Message-Id: Content-Transfer-Encoding:Content-Type:Subject:MIME-Version:To:Reply-To:From: Cc:Content-ID:Content-Description:In-Reply-To:References; bh=8NfhILl7VE/dwUz0k580ufd6ZQjdkvQKSqJ274mbBwI=; b=oBGNCn4clGz6d0A026x40J+uZO MT5DYAiMazFzFnfHNnukgrCwUPri9Je+NKS3BAprPryoVLgILtxbDFzjmJQyNOEQy1dO+1y22Ndp/ U8a07+API1NGthQro2qfdo9M4gdReV7QYHXVTdKWPW8ROxZ0+KfMpWJqHdCCtURup8VZjKZPH/pZO RKNAPijBROIQGN7MD5uCXP9fT6UTmG9E6DN3V5eq475DHh2Jl58wxZ9XPEla7Ofg8vW3ZGCXqZkzi 6h+j0EWLWrfB2KZmvpzgADlJnzVewgi14sduh7YzqAv6dSOPKGiRLFpsYOrulRuExWtwfCFhvSLVg b7FCg5Eg==;
- Mail-followup-to: debian-devel@lists.debian.org
- Message-id: <E1qzG5S-001IfV-N6@fasolo.debian.org>
- Reply-to: debian-devel@lists.debian.org
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Sat, 28 Oct 2023 23:16:44 +0200
Source: zookeeper
Architecture: source
Version: 3.4.13-6+deb11u1
Distribution: bullseye-security
Urgency: medium
Maintainer: Debian Java Maintainers <pkg-java-maintainers@lists.alioth.debian.org>
Changed-By: Pierre Gruet <pgt@debian.org>
Closes: 1054224
Changes:
zookeeper (3.4.13-6+deb11u1) bullseye-security; urgency=medium
.
* Team upload:
- CVE-2023-44981: Prevent a potential authorisation bypass vulnerability.
If SASL Quorum Peer authentication was enabled (via
quorum.auth.enableSasl), authorisation was performed by verifying that
the instance part in the SASL authentication ID was listed in the zoo.cfg
server list. However, this value is optional, and, if missing (such as in
'eve@EXAMPLE.COM'), the authorisation check will be skipped. As a result,
an arbitrary endpoint could join the cluster and begin propagating
counterfeit changes to the leader, essentially giving it complete
read-write access to the data tree. (Closes: #1054224)
Checksums-Sha1:
cd54ff6306b6f2053cfb4020a9159d1aa1624059 3041 zookeeper_3.4.13-6+deb11u1.dsc
8d1fed2574e8645060154fcffdf7918ea5858377 1970528 zookeeper_3.4.13.orig.tar.xz
b650c655fd9b27811042e89fd48816a5fe08272d 63300 zookeeper_3.4.13-6+deb11u1.debian.tar.xz
fdebce856845a509f7097da27586d02a58cecffe 19074 zookeeper_3.4.13-6+deb11u1_amd64.buildinfo
Checksums-Sha256:
4c871960c79a09b9bbee6ef720deefb83a6be56414e23c5f77e18edadee04529 3041 zookeeper_3.4.13-6+deb11u1.dsc
4f303a575a3e981d5ef8fe43a4fec157f320841a502eff96ae7cda902c278d2f 1970528 zookeeper_3.4.13.orig.tar.xz
ea9f1710fce0a0f9913d0fb814d096d8805dab70fece5b087893be2a5c11e94e 63300 zookeeper_3.4.13-6+deb11u1.debian.tar.xz
83b9c92db65d92eab232871e6189c971264765d304120d1c6efd9a8a3be341ae 19074 zookeeper_3.4.13-6+deb11u1_amd64.buildinfo
Files:
4aea6814b61fd728b90990f2d86467b1 3041 java optional zookeeper_3.4.13-6+deb11u1.dsc
a9fc5be7cbdeef5fb41bb87d58ce41bd 1970528 java optional zookeeper_3.4.13.orig.tar.xz
0304ab044c5a96385ea1544f4d2ffabc 63300 java optional zookeeper_3.4.13-6+deb11u1.debian.tar.xz
6b7810d9a65d8bd8d8ff367fe53bdff7 19074 java optional zookeeper_3.4.13-6+deb11u1_amd64.buildinfo
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEM8soQxPpC9J9y0UjYAMWptwndHYFAmU/tiYACgkQYAMWptwn
dHbFpxAAqjdkZM/UnHXcJ1heimeWZmGVBx1eJGAB2tec7aLsL3YWmP99sQuD18LN
FgaEIOj+54LaFxLyPAup0paCGoDH4kAXEYWWtyjaSX/+oCvOq8UCB0XxBaExs3q1
B0g5KMi2pL4WiK/WKee62PSRGSEVFiYDkuAqIElVK+19EwUotDxHDVZUU2bjNpsi
lkj6vGWU+5Whosk2JaIr6ixejMKBHDA6bYA++xnpO0SQuAekaWyqMXyAnkPJvOiw
octHwUgltAgBL0x6mwSsoa6J+09AxEY8MoDDUzegloDJ067a2dAOVK6N0JSQ0WHL
EhM2RjlaqczVs01EACToyHp/G5OdKuwErbkCHI/xSxMqJgVcnmj9S93fKsHoKcoO
aqJeDgTfRtFAx5c477vVzGBtIe87wFq6RWbs7pNM1vY+V7rbYMPkpvcOHfmkEDra
gjJ7Uc7McpUv3s6WdVdrh0uINiVH1RcZNhyZajyjw2lP4qCXU9ohXBtQXEpRklkq
RyZ/mozw1KpfXCROlrctf3pAeogIOt+dAtX7FqTVE8y//yJiDOe1lIzk+Lw4B6lm
sBKGuraMR4roCVXpfAVwj3E1tnHmtjjnDBRLgMG0pRo4YbmNGCMckQIbik20dyR5
WXNIMsTNnEFaVgyAFPY3J5yYMiihMho50f5VLp5kSOaDLBgUqus=
=CYax
-----END PGP SIGNATURE-----