Bug#799369: jessie-pu: package swift/2.2.0-1

To: Thomas Goirand <zigo@debian.org>, 799369@bugs.debian.org
Subject: Bug#799369: jessie-pu: package swift/2.2.0-1
From: "Adam D. Barratt" <adam@adam-barratt.org.uk>
Date: Sat, 21 Nov 2015 17:32:11 +0000
Message-id: <[🔎] 1448127131.870.17.camel@adam-barratt.org.uk>
Reply-to: "Adam D. Barratt" <adam@adam-barratt.org.uk>, 799369@bugs.debian.org
In-reply-to: <20150918113806.30295.16324.reportbug@buzig2.mirantis.com>
References: <20150918113806.30295.16324.reportbug@buzig2.mirantis.com>

Control: tags -1 -moreinfo +confirmed

On Fri, 2015-09-18 at 13:38 +0200, Thomas Goirand wrote:

+swift (2.2.0-1+deb8u1) jessie-proposed-updates; urgency=medium
+
+  [ Thomas Goirand ]
+  * Fixed swift user creation (standardized on pkgos way).
+  * CVE-2015-1856 & OSSA 2015-006: Unauthorized delete of versioned Swift
+    object. Applied upstream patch: Prevent unauthorized delete in versioned
+    container (Closes: #783163).
+
+  [ Ondřej Nový ]
+  * Fixed service name of object-expirer.
+  * Added container-sync init script.
+  * CVE-2015-5223: Information leak via Swift tempurls.
+    Applied upstream patch: Disallow unsafe tempurl operations to point
+    to unauthorized data (Closes: #797032).

Please go ahead.

Regards,

Adam

Reply to:

Follow-Ups:
- Bug#799369: jessie-pu: package swift/2.2.0-1
  - From: "Adam D. Barratt" <adam@adam-barratt.org.uk>

Prev by Date: Processed: block 800556 with 803477
Next by Date: Processed: Re: Bug#799369: jessie-pu: package swift/2.2.0-1
Previous by thread: Bug#799369: jessie-pu: package swift/2.2.0-1
Next by thread: Processed: Re: Bug#799369: jessie-pu: package swift/2.2.0-1
Index(es):
- Date
- Thread