Bug#687434: unblock: keystone/2012.1.1-6 (fixes: CVE-2012-4413)
On Thu, 2012-09-13 at 00:54 +0800, Thomas Goirand wrote:
> Please unblock package keystone. This fixes CVE-2012-4413. Debdiff is
> attached.
Unblocked.
> Note that I am well aware of #687311 (I was the one who reported it),
> but I would like to fix this one later on, using urgency=low, so it
> has more time for testing before migration. Please let me know if I
> should lower the severity of #687311 for the package to migrate, or
> if the release team has some magic way to let it migrate anyway.
Neither should be necessary. The changes in 2012.1.1-5 can't possibly
have introduced that bug, so it should be marked as found in a more
sensible version.
Regards,
Adam
Reply to: