Source: keystone Severity: grave Tags: security upstream patch Justification: user security hole
Hi Thomas, As you might know, the following vulnerability was published for keystone. CVE-2014-3476[0]: privilege escalation through trust chained delegation If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2014-3476 [1 ]http://lists.openstack.org/pipermail/openstack-announce/2014-June/000240.html Please adjust the affected versions in the BTS as needed. From the advisory at least all version up to 2013.2.3, and 2014.1 to 2014.1.1 are affected. Regards and thanks for your work, Salvatore -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
