Bug 9473 - openstack-keystone new security issue CVE-2013-1865
Summary: openstack-keystone new security issue CVE-2013-1865
Status: RESOLVED FIXED
Alias: None
Product: Mageia
Classification: Unclassified
Component: Security (show other bugs)
Version: Cauldron
Hardware: i586 Linux
Priority: Normal major
Target Milestone: ---
Assignee: Sandro CAZZANIGA
QA Contact: Sec team
URL: http://lwn.net/Vulnerabilities/543780/
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2013-03-21 18:00 CET by David Walser
Modified: 2013-04-10 16:37 CEST (History)
2 users (show)

See Also:
Source RPM: openstack-keystone-2012.2.1-2.mga3.src.rpm
CVE:
Status comment:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Description David Walser 2013-03-21 18:00:29 CET 
Ubuntu has issued an advisory on March 20:
http://www.ubuntu.com/usn/usn-1772-1/

Reproducible: 

Steps to Reproduce:
David Walser 2013-03-21 18:00:46 CET

CC: (none) => cazzaniga.sandro
Assignee: bugsquad => cazzaniga.sandro

Comment 1 Sandro CAZZANIGA 2013-04-09 16:01:14 CEST 
A patch is coming. Thanks for your report! :)
Comment 2 Sandro CAZZANIGA 2013-04-09 16:37:27 CEST 
Patch commited, waiting to be pushed in Cauldron by sysadmins.

Status: NEW => ASSIGNED

Comment 3 David Walser 2013-04-09 16:44:38 CEST 
(In reply to Sandro Cazzaniga from comment #2)
> Patch commited, waiting to be pushed in Cauldron by sysadmins.

Thanks.  You have to send a freeze push request to the mailing list (I don't see one there yet), which has a new address now: dev@ml.mageia.org
Comment 4 Sandro CAZZANIGA 2013-04-09 16:47:03 CEST 
I sent it just a few seconds after my last comment :)
Comment 5 Sandro CAZZANIGA 2013-04-10 09:14:05 CEST 
Well, tmb just did the push, so if you're OK, we can close this bug.
Comment 6 David Walser 2013-04-10 16:21:34 CEST 
He said on the mailing list that he pushed it, but I don't see it on pkgsubmit.

CC: (none) => tmb

Comment 7 Sandro CAZZANIGA 2013-04-10 16:26:11 CEST 
I just asked the pusher.
Comment 8 David Walser 2013-04-10 16:37:44 CEST 
Fixed in openstack-keystone-2012.2.1-3.mga3.

Status: ASSIGNED => RESOLVED
Resolution: (none) => FIXED
Note You need to log in before you can comment on or make changes to this bug.