[PKG-Openstack-devel] Bug#762748: [CVE-2014-7144] TLS cert verification option not honoured in paste configs
Luciano Bello
luciano at debian.org
Wed Sep 24 21:32:43 UTC 2014
Package: python-keystonemiddleware
Severity: important
Tags: security upstream patch fixed-upstream
Hi there,
the following vulnerabilities were published for python-keystonemiddleware:
CVE-2014-7144: TLS cert verification option not honoured in paste configs
If you fix the vulnerabilities please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
For further information see:
http://seclists.org/oss-sec/2014/q3/620
https://review.openstack.org/#/c/113191/
Please adjust the affected versions in the BTS as needed.
Regards, luciano
More information about the Openstack-devel
mailing list