Bug 9473

Summary: openstack-keystone new security issue CVE-2013-1865
Product: Mageia Reporter: David Walser <luigiwalser>
Component: SecurityAssignee: Sandro CAZZANIGA <cazzaniga.sandro>
Status: RESOLVED FIXED QA Contact: Sec team <security>
Severity: major    
Priority: Normal CC: cazzaniga.sandro, tmb
Version: Cauldron   
Target Milestone: ---   
Hardware: i586   
OS: Linux   
URL: http://lwn.net/Vulnerabilities/543780/
Whiteboard:
Source RPM: openstack-keystone-2012.2.1-2.mga3.src.rpm CVE:
Status comment:

Description David Walser 2013-03-21 18:00:29 CET 
Ubuntu has issued an advisory on March 20:
http://www.ubuntu.com/usn/usn-1772-1/

Reproducible: 

Steps to Reproduce:
David Walser 2013-03-21 18:00:46 CET

CC: (none) => cazzaniga.sandro
Assignee: bugsquad => cazzaniga.sandro

Comment 1 Sandro CAZZANIGA 2013-04-09 16:01:14 CEST 
A patch is coming. Thanks for your report! :)
Comment 2 Sandro CAZZANIGA 2013-04-09 16:37:27 CEST 
Patch commited, waiting to be pushed in Cauldron by sysadmins.

Status: NEW => ASSIGNED

Comment 3 David Walser 2013-04-09 16:44:38 CEST 
(In reply to Sandro Cazzaniga from comment #2)
> Patch commited, waiting to be pushed in Cauldron by sysadmins.

Thanks.  You have to send a freeze push request to the mailing list (I don't see one there yet), which has a new address now: dev@ml.mageia.org
Comment 4 Sandro CAZZANIGA 2013-04-09 16:47:03 CEST 
I sent it just a few seconds after my last comment :)
Comment 5 Sandro CAZZANIGA 2013-04-10 09:14:05 CEST 
Well, tmb just did the push, so if you're OK, we can close this bug.
Comment 6 David Walser 2013-04-10 16:21:34 CEST 
He said on the mailing list that he pushed it, but I don't see it on pkgsubmit.

CC: (none) => tmb

Comment 7 Sandro CAZZANIGA 2013-04-10 16:26:11 CEST 
I just asked the pusher.
Comment 8 David Walser 2013-04-10 16:37:44 CEST 
Fixed in openstack-keystone-2012.2.1-3.mga3.

Status: ASSIGNED => RESOLVED
Resolution: (none) => FIXED