[ubuntu/utopic-proposed] heat 2014.1-0ubuntu3 (Accepted)
Marc Deslauriers
marc.deslauriers at ubuntu.com
Fri May 23 17:19:15 UTC 2014
heat (2014.1-0ubuntu3) utopic; urgency=medium
* SECURITY UPDATE: template URL information leakage
- debian/patches/CVE-2014-3801.patch: Don't dynamically create provider
types in the global env in heat/engine/environment.py, added test to
heat/tests/test_provider_template.py.
- CVE-2014-3801
Date: Fri, 23 May 2014 09:38:25 -0400
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Signed-By: Chuck Short <chuck.short at canonical.com>
https://launchpad.net/ubuntu/utopic/+source/heat/2014.1-0ubuntu3
-------------- next part --------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.8
Date: Fri, 23 May 2014 09:38:25 -0400
Source: heat
Binary: python-heat heat-common heat-engine heat-api heat-api-cfn heat-api-cloudwatch
Architecture: source
Version: 2014.1-0ubuntu3
Distribution: utopic
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Description:
heat-api - OpenStack orchestration service - ReST API
heat-api-cfn - OpenStack orchestration service - CFN API
heat-api-cloudwatch - OpenStack orchestration service - CloudWatch API
heat-common - OpenStack orchestration service - common files
heat-engine - OpenStack orchestration service - engine
python-heat - OpenStack orchestration service - Python files
Changes:
heat (2014.1-0ubuntu3) utopic; urgency=medium
.
* SECURITY UPDATE: template URL information leakage
- debian/patches/CVE-2014-3801.patch: Don't dynamically create provider
types in the global env in heat/engine/environment.py, added test to
heat/tests/test_provider_template.py.
- CVE-2014-3801
Checksums-Sha1:
d46a3477b01a089dd5a6da6d55bf436e215e0e5a 2722 heat_2014.1-0ubuntu3.dsc
79bd8842b8433239ed7018196126a1019856a367 9744 heat_2014.1-0ubuntu3.debian.tar.xz
Checksums-Sha256:
4cee699b6e60a718b29a895f86f79f7885abec3da9ccf729327c3b62ef987084 2722 heat_2014.1-0ubuntu3.dsc
c694fbe3d3841cc7fb12b58cc459d55e180deba2ba42ed7de1913ca009927f90 9744 heat_2014.1-0ubuntu3.debian.tar.xz
Files:
67f1d206a9a22421fdce07435fb4aee4 2722 web optional heat_2014.1-0ubuntu3.dsc
c7004b4b2ce349d52d01a3a080504303 9744 web optional heat_2014.1-0ubuntu3.debian.tar.xz
Original-Maintainer: PKG OpenStack <openstack-devel at lists.alioth.debian.org>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iEYEARECAAYFAlN/gsMACgkQIHZ33voUATtmPgCfV0srho8D/XGXRZQMFXQqdmiX
5QkAnjG+4B7a6HGEPB8PzpA0oHf7dPXr
=mvlR
-----END PGP SIGNATURE-----
More information about the Utopic-changes
mailing list