Debian Package Tracker

From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
To: <>
Subject: Accepted barbican 1:11.0.0-3+deb11u1 (source) into stable-security
Date: Tue, 04 Oct 2022 19:03:45 +0000
Signed by: Thomas Goirand <zigo@debian.org>
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Mon, 20 Jun 2022 12:04:47 +0200
Source: barbican
Architecture: source
Version: 1:11.0.0-3+deb11u1
Distribution: bullseye-security
Urgency: medium
Maintainer: Debian OpenStack <team+openstack@tracker.debian.org>
Changed-By: Thomas Goirand <zigo@debian.org>
Closes: 1021139
Changes:
 barbican (1:11.0.0-3+deb11u1) bullseye-security; urgency=medium
 .
   * Add increase_DEFAULT_MAX_SECRET_BYTES.patch.
   * CVE-2022-3100: access policy bypass via query string injection. Added
     upstream patch: query_string_were_mistakenly_being_used_in_the_....patch
     (Closes: #1021139).
Checksums-Sha1:
 4da4dd6ee29718ae00d66c23c44d4869fd97adee 3670 barbican_11.0.0-3+deb11u1.dsc
 f71408566db91dcbf468f6917bc53cfcb7f5422d 479268 barbican_11.0.0.orig.tar.xz
 71d86a0af8657204b65a9436adc7f322e7e8b3a0 11460 barbican_11.0.0-3+deb11u1.debian.tar.xz
 f3e7d23f8f863bf37e46e8706e4bc56ee52fd8a1 21819 barbican_11.0.0-3+deb11u1_amd64.buildinfo
Checksums-Sha256:
 ae571649120d2468e055d02ff7a18fd7e9780fad190adea5ef35dc452d668ba0 3670 barbican_11.0.0-3+deb11u1.dsc
 aad3c143b1d2badfac0eeae6b78af275a9bb031c05c005de6e55bd212d9c33f7 479268 barbican_11.0.0.orig.tar.xz
 c7f278ca873cda8805711b049295cfacb48179d67dd879a999757d011ec7ecc9 11460 barbican_11.0.0-3+deb11u1.debian.tar.xz
 6c4c339051194c53676183d90d32439a75324a3e51dd076ee917c7254eecce40 21819 barbican_11.0.0-3+deb11u1_amd64.buildinfo
Files:
 d9526e0649405d015015ce6887327365 3670 net optional barbican_11.0.0-3+deb11u1.dsc
 efac4c90ea7f9efc1f97e1d441f25656 479268 net optional barbican_11.0.0.orig.tar.xz
 f6bcc7caf814a0d108a744e46e652653 11460 net optional barbican_11.0.0-3+deb11u1.debian.tar.xz
 72f056a6c58e1bed66e331a231c29e92 21819 net optional barbican_11.0.0-3+deb11u1_amd64.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEoLGp81CJVhMOekJc1BatFaxrQ/4FAmM8ZVkACgkQ1BatFaxr
Q/5f5RAAijpX9Oo7INThRZSyi6ZdCHCIdITxECoo0YXG6qDQhKsJs9zcgnV8cZPG
p5ixozRUyGNlFj3wP7P0GcqaQRRukoFD7OFMJ3xLvVhrTIBhfKHMISkQSjHh/dV+
SZpSSHp2A8jntqdYxMJxK43+k8Qnsb1g4DiPub5vtDCFF4gsl+E5MHrC4epE62qi
dQGdRQg0oOmeTSVT/Bhsu8u6zgLTPymdvPE9a1wcyQFIbej/iuLyGzIZW6DrxKdU
cefDgimv9hHuZnut0NBf7AkRAFcJrzKevygOjrwkwVnXFaEO5LqkRShRqiteuPyI
I3MkjbvFh+6xOQAYGHxYNIv2sruH5dMeXJAWtW1Rt/DEB3T4gHqn0kur4rqgT9d4
PMhIAtWU/Hh4kbYBfm/1oBEO3KWrI8fndop2D1fYdmwOJc6tNNrk/tU27sGheDgG
HmPxGtNWwFiBuxEmJmf5uEOLYi+l45MND3/B6JmpExA863P1RwKbZAfZA8EVkxMw
R4ektzz5pqAoDNiRopaq/jRPHp0VYN41M5aFXrvwkMPjGWTMnBkyDKqsZshnawkY
1bMWeQQ7ZkX+RjmbKWqXprDJp5V3r0hazNqD0zGz8WYZ5ESkF8qJ6L4QblECjnWQ
YMNJKidy3yuy5HDbQv40cj4kZH3cGXY0QqD9iD7NpKZG1Rr2xHI=
=KhZr
-----END PGP SIGNATURE-----
News for package barbican
