tag 843232 pending
thanks
Hello,
Bug #843232 reported by you has been fixed in the Git repository. You can
see the changelog below, and you can check the diff of the fix at:
http://git.debian.org/?p=openstack/heat.git;a=commitdiff;h=d4c8d62
---
commit d4c8d629f0c53d1d3d2ad153bb0802f96e75336f
Author: Thomas Goirand <[email protected]>
Date: Sun Nov 6 11:13:33 2016 +0100
CVE-2016-9185: Prevent template validate from scanning ports
* CVE-2016-9185: template source URL allows network port scan. Applied
upstream fix: "Prevent template validate from scanning ports"
(Closes: #843232).
diff --git a/debian/changelog b/debian/changelog
index c73db2c..c6c2353 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,11 @@
+heat (2014.1.3-7+deb8u1) jessie-security; urgency=medium
+
+ * CVE-2016-9185: template source URL allows network port scan. Applied
+ upstream fix: "Prevent template validate from scanning ports"
+ (Closes: #843232).
+
+ -- Thomas Goirand <[email protected]> Sun, 06 Nov 2016 11:11:36 +0100
+
heat (2014.1.3-7) unstable; urgency=medium
* Removed the use of PROTOCOL_SSLv3 which is removed form Debian.
