Your message dated Wed, 06 Feb 2013 02:47:37 +0000 with message-id <e1u2v2v-0000fp...@franck.debian.org> and subject line Bug#699835: fixed in keystone 2012.1.1-12 has caused the Debian Bug report #699835, regarding keystone: CVE-2013-0247: Keystone denial of service through invalid token requests to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 699835: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=699835 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
--- Begin Message ---Package: keystone Severity: grave Tags: security Justification: user security hole Hi, the following vulnerability was published for keystone. CVE-2013-0247[0]: Keystone denial of service through invalid token requests Patches should be available via [1]. If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: [0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0247 http://security-tracker.debian.org/tracker/CVE-2013-0247 [1] https://lists.launchpad.net/openstack/msg20689.html Please adjust the affected versions in the BTS as needed. Regards, Salvatore
--- End Message ---
--- Begin Message ---Source: keystone Source-Version: 2012.1.1-12 We believe that the bug you reported is fixed in the latest version of keystone, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 699...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Thomas Goirand <z...@debian.org> (supplier of updated keystone package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@debian.org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.8 Date: Wed, 06 Feb 2013 09:52:07 +0800 Source: keystone Binary: python-keystone keystone keystone-doc Architecture: source all Version: 2012.1.1-12 Distribution: unstable Urgency: low Maintainer: PKG OpenStack <openstack-de...@lists.alioth.debian.org> Changed-By: Thomas Goirand <z...@debian.org> Description: keystone - OpenStack identity service keystone-doc - OpenStack identity service - documentation python-keystone - OpenStack identity service - library Closes: 699835 Changes: keystone (2012.1.1-12) unstable; urgency=low . * CVE-2013-0247: Keystone denial of service through invalid token requests (Closes: #699835). Checksums-Sha1: ba2661a72d48f45f124587b39cdeded4f732d355 1902 keystone_2012.1.1-12.dsc 0af6cb8d28c1eb27de93de6f05811ac89ec3cb85 28470 keystone_2012.1.1-12.debian.tar.gz 3eb0bc1365fc5e6b3156c4a645da7629870a5b0a 93240 python-keystone_2012.1.1-12_all.deb 8c4176ff456128f38f0e27ff44a794fa5862ae36 18338 keystone_2012.1.1-12_all.deb ae54d6fef3f4e26ebed9963ea6306d505a7e57c7 240660 keystone-doc_2012.1.1-12_all.deb Checksums-Sha256: 47bba32c1a5277b777e6c73a3d315763c1cdf38362e5b53ccc5499d1050ca48e 1902 keystone_2012.1.1-12.dsc 2d8720e327c3786eeaa5b86123d75b0a3b722e5174ac1595bd517f49f63e0142 28470 keystone_2012.1.1-12.debian.tar.gz 82b86448682e9f0e39050188a211e174bf04d0f2d9642d0619d43881537ac9a9 93240 python-keystone_2012.1.1-12_all.deb 6315d40686c0e5a9f86e644047852545ffce182c1ebcb49ab77d14583020c7a6 18338 keystone_2012.1.1-12_all.deb 8f3a5198079cc32c2b5271dd2b767ec9ebce242f2af36740051a449db48592ac 240660 keystone-doc_2012.1.1-12_all.deb Files: 7491ad50b55b820ef5d2b5286d57940b 1902 net extra keystone_2012.1.1-12.dsc c3070057b6d53ab34046d6e64adae352 28470 net extra keystone_2012.1.1-12.debian.tar.gz c992d48a0b03346b265b0f3834a1a727 93240 python extra python-keystone_2012.1.1-12_all.deb 31a38d32e66abfc5c249a8c923336b74 18338 python extra keystone_2012.1.1-12_all.deb e5a6f2a61b94fd36dc92a425b9ab810d 240660 doc extra keystone-doc_2012.1.1-12_all.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iEYEARECAAYFAlERuG0ACgkQl4M9yZjvmkkdAgCg1wKTmombFWVPsjiAwOxge0wJ h8YAoIaGyVYXESI6m6jP966PrfWxyn/c =+ES/ -----END PGP SIGNATURE-----
--- End Message ---
