On 4/24/19 10:02 PM, Salvatore Bonaccorso wrote:
> Hi Thomas,
>
> On Tue, Apr 02, 2019 at 10:29:33PM +0200, Moritz Mühlenhoff wrote:
>> severity 926043 important
>> thanks
>>
>> On Tue, Apr 02, 2019 at 01:56:35PM +0200, Thomas Goirand wrote:
>>> On 4/2/19 12:46 PM, Moritz Muehlenhoff wrote:
O
On 4/24/19 10:02 PM, Salvatore Bonaccorso wrote:
> Hi Thomas,
>
> On Tue, Apr 02, 2019 at 10:29:33PM +0200, Moritz Mühlenhoff wrote:
>> severity 926043 important
>> thanks
>>
>> On Tue, Apr 02, 2019 at 01:56:35PM +0200, Thomas Goirand wrote:
>>> On 4/2/19 12:46 PM, Moritz Muehlenhoff wrote:
O
Hi Thomas,
On Tue, Apr 02, 2019 at 10:29:33PM +0200, Moritz Mühlenhoff wrote:
> severity 926043 important
> thanks
>
> On Tue, Apr 02, 2019 at 01:56:35PM +0200, Thomas Goirand wrote:
> > On 4/2/19 12:46 PM, Moritz Muehlenhoff wrote:
> > > On Tue, Apr 02, 2019 at 12:33:10PM +0200, Thomas Goirand w
severity 926043 important
thanks
On Tue, Apr 02, 2019 at 01:56:35PM +0200, Thomas Goirand wrote:
> On 4/2/19 12:46 PM, Moritz Muehlenhoff wrote:
> > On Tue, Apr 02, 2019 at 12:33:10PM +0200, Thomas Goirand wrote:
> >> On 4/1/19 11:44 PM, Moritz Mühlenhoff wrote:
> >>> Instead of arguing over bug s
On 4/2/19 12:46 PM, Moritz Muehlenhoff wrote:
> On Tue, Apr 02, 2019 at 12:33:10PM +0200, Thomas Goirand wrote:
>> On 4/1/19 11:44 PM, Moritz Mühlenhoff wrote:
>>> Instead of arguing over bug severities, can't we rather fix the bug?
>>
>> Sure.
>>
>>> Ubuntu fixed this already and their versions se
On Tue, Apr 02, 2019 at 12:33:10PM +0200, Thomas Goirand wrote:
> On 4/1/19 11:44 PM, Moritz Mühlenhoff wrote:
> > Instead of arguing over bug severities, can't we rather fix the bug?
>
> Sure.
>
> > Ubuntu fixed this already and their versions seems fairly close.
>
> That's the thing. I went in
On 4/1/19 11:44 PM, Moritz Mühlenhoff wrote:
> Instead of arguing over bug severities, can't we rather fix the bug?
Sure.
> Ubuntu fixed this already and their versions seems fairly close.
That's the thing. I went into the launchpad bug report, and it's full of
small, incremental commits, from w
On Sat, Mar 30, 2019 at 08:10:39PM +0100, Moritz Muehlenhoff wrote:
> Is this something that affects cloud-init as shipped in Debian or in the way
> we generate Debian
> images for Azure?
No, it is not affected as we don't support cloud-init based
provisioning, yet.
Regards,
Bastian
--
No one
Hi Thomas,
On Sun, Mar 31, 2019 at 12:33:45AM +0100, Thomas Goirand wrote:
> If I understand well the problem, the issue is simply that some extra
> Microsoft keys may end up being setup into an Azure Debian instance. I
> don't see this as a very "grave" security issue because:
>
> 1/ Azure users
On 3/30/19 8:10 PM, Moritz Muehlenhoff wrote:
> Package: cloud-init
> Severity: grave
> Tags: security
>
> This was assigned CVE-2019-0816:
> https://code.launchpad.net/~jasonzio/cloud-init/+git/cloud-init/+merge/363445
> https://support.microsoft.com/en-us/help/4491476/extraneous-ssh-public-keys-
Package: cloud-init
Severity: grave
Tags: security
This was assigned CVE-2019-0816:
https://code.launchpad.net/~jasonzio/cloud-init/+git/cloud-init/+merge/363445
https://support.microsoft.com/en-us/help/4491476/extraneous-ssh-public-keys-added-to-authorized-keys-file-on-linux-vm
Is this something
11 matches
Mail list logo
