Debian Package Tracker

From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
To:
Subject: Accepted cinder 2:17.0.1-1+deb11u1 (source) into stable-security
Date: Wed, 01 Feb 2023 18:27:04 +0000
Signed by: Thomas Goirand <zigo@debian.org>
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Wed, 18 Jan 2023 09:06:59 +0100
Source: cinder
Architecture: source
Version: 2:17.0.1-1+deb11u1
Distribution: bullseye-security
Urgency: high
Maintainer: Debian OpenStack <team+openstack@tracker.debian.org>
Changed-By: Thomas Goirand <zigo@debian.org>
Closes: 1029562
Changes:
 cinder (2:17.0.1-1+deb11u1) bullseye-security; urgency=high
 .
   * CVE-2022-47951: By supplying a specially created VMDK flat image which
     references a specific backing file path, an authenticated user may convince
     systems to return a copy of that file's contents from the server resulting
     in unauthorized access to potentially sensitive data. Add upstream patch
     cve-2022-47951-cinder-stable-victoria.patch (Closes: #1029562).
Checksums-Sha1:
 a746edeffab61559f6687a32cfd5b23726569cb1 4446 cinder_17.0.1-1+deb11u1.dsc
 bf3252756d954a9cc64397f5412a64ff4e416155 3944016 cinder_17.0.1.orig.tar.xz
 2c2c8632317b24dbdbbc08bb329af285f59d3f5e 49680 cinder_17.0.1-1+deb11u1.debian.tar.xz
 a00e8535972e15460ec290a1d9f7b96ac2610021 19320 cinder_17.0.1-1+deb11u1_amd64.buildinfo
Checksums-Sha256:
 99c03544f718fa3bfbace7933d3f48b57686b32055abdaad65ee7ec66ffa1857 4446 cinder_17.0.1-1+deb11u1.dsc
 9079a000149f68dea0e26e0f4387a6e67299492271479e4cce47ac96ce463f70 3944016 cinder_17.0.1.orig.tar.xz
 ca459eeb760cb413279dd3c8072932eddb4caa6a3dc1ca760fb535309f784d7c 49680 cinder_17.0.1-1+deb11u1.debian.tar.xz
 6c04cab5719347687405610576804b4a4b29d0cf19392c0036136ba45972c2f7 19320 cinder_17.0.1-1+deb11u1_amd64.buildinfo
Files:
 f3572de4170a4259b5b3a5ca4730780a 4446 net optional cinder_17.0.1-1+deb11u1.dsc
 335613ed3c07981f3998174867497c78 3944016 net optional cinder_17.0.1.orig.tar.xz
 e967136fc43fd1cccb57f9b4d7602786 49680 net optional cinder_17.0.1-1+deb11u1.debian.tar.xz
 4dcdd672564c212780109728f92816f8 19320 net optional cinder_17.0.1-1+deb11u1_amd64.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEoLGp81CJVhMOekJc1BatFaxrQ/4FAmPXwY8ACgkQ1BatFaxr
Q/5/wQ//bXx2/S2HbGTuUAarAl0a+X6coLHPUou0dLecC77DnfpIuG2q427eUhbi
Met849UZnVmtVhVrM5/F8PjJdwZ5s4CcLsZTT7sIVMlP93rVY7Ds7cxFmpFIeStf
2aHMhjW7KfAgCgs3lqCer5djWAeYNr6yIpHBTVlail0B++JbpQgt701VfLa0qLJk
RRKqn/geeFUxGn3iahzRpsQCVwVnEzBJvheRYUDw0ZYzrXr6Uu3UtOK1X7INzmot
LA0ItGMPyoBqaWOXznB+2M9ToKqqGYvFYY2j9q4hgKSK0r2yNtwEomPNsljt2+J9
1TIBiOjWxaj8DauJaRfbGlTLPXJLYgP5nepaDqa/tYMIZIqQm9R+FnV3rGTKx01r
60N2BdTCMP+3yjIg2Ngsg9zeeRJCQ1YW3V10Zrb8WE+PmfFT5nivl5uZXaTiBm6Y
cfbt384lMm1ZG/8kwKVQWREDe1FOFf3dR+IKeDJAQ9uQC9whyHZZm3z17VjJhBqK
VaD8Xb0DBzj1Ws6kSPSbs8e9f1e0D/YJc7//diMC/6tZeK2NcpnQpyUD8T31abZo
4BdoExpWG10O2/ARebzlW5xIlaFPklmaLqIwbVetdAaSFaapO/M0/wKMjCusWtPS
12fF/SzFBq4pWE8wz6UnxpHQA1hBxbe5nsS1KcCQJV7tyN+MgAY=
=mWnX
-----END PGP SIGNATURE-----
News for package cinder
