Bug#843232: marked as pending

Thomas Goirand Sun, 06 Nov 2016 02:24:59 -0800

tag 843232 pending
thanks

Hello,


Bug #843232 reported by you has been fixed in the Git repository. You can
see the changelog below, and you can check the diff of the fix at:

    http://git.debian.org/?p=openstack/heat.git;a=commitdiff;h=d4c8d62

---
commit d4c8d629f0c53d1d3d2ad153bb0802f96e75336f
Author: Thomas Goirand <z...@debian.org>
Date:   Sun Nov 6 11:13:33 2016 +0100

    CVE-2016-9185: Prevent template validate from scanning ports
    
      * CVE-2016-9185: template source URL allows network port scan. Applied
        upstream fix: "Prevent template validate from scanning ports"
        (Closes: #843232).

diff --git a/debian/changelog b/debian/changelog
index c73db2c..c6c2353 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,11 @@
+heat (2014.1.3-7+deb8u1) jessie-security; urgency=medium
+
+  * CVE-2016-9185: template source URL allows network port scan. Applied
+    upstream fix: "Prevent template validate from scanning ports"
+    (Closes: #843232).
+
+ -- Thomas Goirand <z...@debian.org>  Sun, 06 Nov 2016 11:11:36 +0100
+
 heat (2014.1.3-7) unstable; urgency=medium
 
   * Removed the use of PROTOCOL_SSLv3 which is removed form Debian.

Bug#843232: marked as pending

Reply via email to