[PKG-Openstack-devel] Bug#868185: CVE-2016-4383
Thomas Goirand
zigo at debian.org
Sun Jul 23 22:44:21 UTC 2017
Hi,
Reading the comments at https://bugs.launchpad.net/glance/+bug/1593799/,
it looks like upstream :
- will never write a fix
- don't feel like it's a big problem
- only wrote an announcement
Therefore, what's the recommended course of action for Debian? Should we
also publish the upstream recommendation? Or just ignore the issue,
assuming OpenStack users are reading the upstream announcements?
Cheers,
Thomas Goirand (zigo)
More information about the Openstack-devel
mailing list