Format: 1.8 Date: Wed, 26 Oct 2022 04:32:36 +0000 Source: barbican Binary: barbican-api barbican-common barbican-doc barbican-keystone-listener barbican-worker python-barbican Architecture: source Version: 1:6.0.1-0ubuntu1.2~cloud0 Distribution: xenial Urgency: medium Maintainer: Ubuntu Developers Changed-By: Openstack Ubuntu Testing Bot Description: barbican-api - OpenStack Key Management Service - API Server barbican-common - OpenStack Key Management Service - common files barbican-doc - OpenStack Key Management Service - doc barbican-keystone-listener - OpenStack Key Management Service - Keystone Listener barbican-worker - OpenStack Key Management Service - Worker Node python-barbican - OpenStack Key Management Service - Python files Changes: barbican (1:6.0.1-0ubuntu1.2~cloud0) xenial-queens; urgency=medium . * New update for the Ubuntu Cloud Archive. . barbican (1:6.0.1-0ubuntu1.2) bionic-security; urgency=medium . * SECURITY UPDATE: access policy bypass via query string injection - debian/patches/CVE-2022-3100.patch: don't use contents of query string in barbican/api/controllers/__init__.py. - CVE-2022-3100 Checksums-Sha1: 74c4f571604194b37fc0f8fb25fbeb27e2a6227d 3902 barbican_6.0.1-0ubuntu1.2~cloud0.dsc 8efdfe31f42102e9734b81d20eb03be79033b892 608158 barbican_6.0.1.orig.tar.gz 9b41f7ba7c6e669166b98ecd4279a5690bfd49cd 13876 barbican_6.0.1-0ubuntu1.2~cloud0.debian.tar.xz Checksums-Sha256: 14d6b8d2815dd1b458f715f264c8fda66ce72efb74917028977a48878094a91a 3902 barbican_6.0.1-0ubuntu1.2~cloud0.dsc 4e2f6a88fe60adf810fb70c899303553c64eadd04c50e2d7bc5cc2e65395470d 608158 barbican_6.0.1.orig.tar.gz e9cdcd95e45c5eddec2dec639dccb8b910b7ee4a91372c15efb076c1ff7850b7 13876 barbican_6.0.1-0ubuntu1.2~cloud0.debian.tar.xz Files: a47e5220c13dd1a9b5f09558202eba65 3902 net extra barbican_6.0.1-0ubuntu1.2~cloud0.dsc 98367118809041868e78641c731475ba 608158 net extra barbican_6.0.1.orig.tar.gz 4524be10dba790cb52bb5a6fdf3c765a 13876 net extra barbican_6.0.1-0ubuntu1.2~cloud0.debian.tar.xz Original-Maintainer: PKG OpenStack