[PKG-Openstack-devel] Bug#754255: CVE-2014-3473, CVE-2014-3474 and CVE-2014-3475: 3 cross-site scripting problems

Salvatore Bonaccorso carnil at debian.org
Wed Jul 9 10:58:24 UTC 2014


Hi Thomas,

On Wed, Jul 09, 2014 at 04:14:24PM +0800, Thomas Goirand wrote:
> Message form the pre-OSSA team, before uploading the fixed package. Note that,
> despite the announce, 2014.1.1 is really vulnerable.
[...]
> Versions: up to 2013.2.3, and 2014.1

Just an addition: Yes indeed, this was corrected later on in the final
announce https://marc.info/?l=oss-security&m=140483587504490&w=2

Regards,
Salvatore



More information about the Openstack-devel mailing list