Bug#828064: marked as pending

Thomas Goirand Mon, 27 Jun 2016 16:19:23 -0700

tag 828064 pending
thanks

Hello,


Bug #828064 reported by you has been fixed in the Git repository. You can
see the changelog below, and you can check the diff of the fix at:

    
http://git.debian.org/?p=openstack/murano-dashboard.git;a=commitdiff;h=5d15804

---
commit 5d158044322f0aae2b87a9803efc2e09782f41b8
Author: Thomas Goirand <tho...@goirand.fr>
Date:   Mon Jun 27 19:51:49 2016 +0000

      * CVE-2016-4972: RCE vulnerability in Openstack Murano using insecure YAML
        tags. Applied upstrema patch: Inherit custom yaml Loader from
        yaml.SafeLoader (Closes: #828064).

diff --git a/debian/changelog b/debian/changelog
index 9ac232d..d1b2e45 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,6 +1,9 @@
-murano-dashboard (1:2.0.0-5) UNRELEASED; urgency=medium
+murano-dashboard (1:2.0.0-5) unstable; urgency=medium
 
   * Added missing EPOC in openstack-dashboard (build-)depends.
+  * CVE-2016-4972: RCE vulnerability in Openstack Murano using insecure YAML
+    tags. Applied upstrema patch: Inherit custom yaml Loader from
+    yaml.SafeLoader (Closes: #828064).
 
  -- Thomas Goirand <z...@debian.org>  Fri, 27 May 2016 11:56:25 +0200

Bug#828064: marked as pending

Reply via email to