Debian Package Tracker

general

source: aodh (main)
version: 7.0.0-2
maintainer: Debian OpenStack [DMD]
uploaders: Thomas Goirand [DMD]
arch: all
std-ver: 4.1.3
VCS: Git (Browse, QA)

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

old-bpo: 2.0.0-2~bpo8+1
stable: 3.0.0-4+deb9u1
stable-sec: 3.0.0-4+deb9u1
testing: 7.0.0-2
unstable: 7.0.0-2

versioned links

2.0.0-2~bpo8+1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
3.0.0-4+deb9u1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
7.0.0-2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

aodh-api
aodh-common
aodh-doc
aodh-evaluator
aodh-expirer
aodh-listener
aodh-notifier
python3-aodh

action needed

1 security issue in sid high

There is 1 open security issue in sid.

1 important issue:

CVE-2017-12440: Aodh as packaged in Openstack Ocata and Newton before change-ID I8fd11a7f9fe3c0ea5f9843a89686ac06713b7851 and before Pike-rc1 does not verify that trust IDs belong to the user when creating alarm action with the scheme trust+http, which allows remote authenticated users with knowledge of trust IDs where Aodh is the trustee to obtain a Keystone token and perform unspecified authenticated actions by adding an alarm action with the scheme trust+http, and providing a trust id where Aodh is the trustee.

Please fix it.

Created: 2017-08-19 Last update: 2018-09-07 04:16

1 security issue in buster high

There is 1 open security issue in buster.

1 important issue:

CVE-2017-12440: Aodh as packaged in Openstack Ocata and Newton before change-ID I8fd11a7f9fe3c0ea5f9843a89686ac06713b7851 and before Pike-rc1 does not verify that trust IDs belong to the user when creating alarm action with the scheme trust+http, which allows remote authenticated users with knowledge of trust IDs where Aodh is the trustee to obtain a Keystone token and perform unspecified authenticated actions by adding an alarm action with the scheme trust+http, and providing a trust id where Aodh is the trustee.

Please fix it.

Created: 2017-11-08 Last update: 2018-09-07 04:16

Depends on packages which need a new maintainer normal

The packages that aodh depends on which need a new maintainer are:

pastescript (#740531)
- Depends: python3-pastescript

Created: 2018-01-30 Last update: 2018-10-20 12:55

2 new commits since last upload, time to release? normal

vcswatch reports that this package seems to have new commits in its VCS but has not yet updated debian/changelog. You should consider updating the Debian changelog and uploading this new version into the archive.

Here are the relevant commit logs:

commit 47685591870d1c508b1b3c776b6656a2f507f998
Merge: 80122020 ee5a812f
Author: Thomas Goirand <zigo@debian.org>
Date:   Wed Sep 5 13:52:46 2018 +0200

    Merge branch 'debian/rocky' of ssh://salsa.debian.org/openstack-team/services/aodh into debian/rocky

commit ee5a812fb9c8c7fb08f8794917082bcb69826975
Author: Thomas Goirand <zigo@debian.org>
Date:   Wed Sep 5 13:46:41 2018 +0200

    Releasing to unstable.

Created: 2018-08-25 Last update: 2018-10-19 23:44

lintian reports 17 warnings normal

Lintian reports 17 warnings about this package. You should make the package lintian clean getting rid of them.

Created: 2018-04-11 Last update: 2018-04-11 06:10

Standards version of the package is outdated. wishlist

The package should be updated to follow the last version of Debian Policy (Standards-Version 4.2.1 instead of 4.1.3).

Created: 2018-04-16 Last update: 2018-09-05 17:13

news

[rss feed]

[2018-09-07] aodh 7.0.0-2 MIGRATED to testing (Debian testing watch)
[2018-09-05] Accepted aodh 7.0.0-2 (source all) into unstable (Thomas Goirand)
[2018-08-23] Accepted aodh 7.0.0-1 (source all) into experimental (Thomas Goirand)
[2018-05-10] aodh 6.0.0-7 MIGRATED to testing (Debian testing watch)
[2018-05-10] aodh 6.0.0-7 MIGRATED to testing (Debian testing watch)
[2018-05-07] Accepted aodh 6.0.0-7 (source all) into unstable (Thomas Goirand)
[2018-05-04] aodh 6.0.0-6 MIGRATED to testing (Debian testing watch)
[2018-05-02] Accepted aodh 6.0.0-6 (source all) into unstable (Thomas Goirand)
[2018-04-01] aodh 6.0.0-5 MIGRATED to testing (Debian testing watch)
[2018-04-01] aodh 6.0.0-5 MIGRATED to testing (Debian testing watch)
[2018-03-26] Accepted aodh 6.0.0-5 (source all) into unstable (Thomas Goirand)
[2018-03-13] aodh 6.0.0-4 MIGRATED to testing (Debian testing watch)
[2018-03-07] Accepted aodh 6.0.0-4 (source all) into unstable (Thomas Goirand)
[2018-03-04] aodh 6.0.0-3 MIGRATED to testing (Debian testing watch)
[2018-02-27] Accepted aodh 6.0.0-3 (source all) into unstable (Thomas Goirand)
[2018-02-22] Accepted aodh 6.0.0-2 (source all) into experimental (Thomas Goirand)
[2018-02-16] Accepted aodh 6.0.0-1 (source all) into experimental (Thomas Goirand)
[2018-01-27] aodh 5.0.0-8 MIGRATED to testing (Debian testing watch)
[2018-01-21] Accepted aodh 5.0.0-8 (source all) into unstable (Ondřej Nový)
[2018-01-03] aodh 5.0.0-6 MIGRATED to testing (Debian testing watch)
[2017-12-28] Accepted aodh 5.0.0-6 (source all) into unstable, unstable (Thomas Goirand)
[2017-12-19] aodh 5.0.0-5 MIGRATED to testing (Debian testing watch)
[2017-12-13] Accepted aodh 5.0.0-5 (source all) into unstable (Ondřej Nový)
[2017-12-04] Accepted aodh 5.0.0-4 (source all) into unstable (Thomas Goirand)
[2017-12-04] Accepted aodh 5.0.0-3 (source all) into unstable (Thomas Goirand)
[2017-11-09] aodh 5.0.0-2 MIGRATED to testing (Debian testing watch)
[2017-11-02] Accepted aodh 5.0.0-2 (source all) into unstable (Thomas Goirand)
[2017-10-16] Accepted aodh 5.0.0-1 (source all) into experimental (Thomas Goirand)
[2017-09-07] Accepted aodh 3.0.0-4+deb9u1 (source all) into proposed-updates->stable-new, proposed-updates (Thomas Goirand)
[2017-08-21] aodh REMOVED from testing (Debian testing watch)

bugs [bug history graph]

all: 1
RC: 0
I&N: 1
M&W: 0
F&P: 0
patch: 0

links

homepage
lintian (0, 17)
buildd: logs, clang, reproducibility
popcon
debci
browse source code
edit tags
security tracker

ubuntu

[Information about Ubuntu for Debian Developers]

version: 7.0.0-0ubuntu3
patches for 7.0.0-0ubuntu3