[ubuntu-cloud-archive/folsom-proposed] keystone (Accepted)

James Page james.page at ubuntu.com
Fri Feb 22 08:38:36 UTC 2013


 keystone (2012.2.1-0ubuntu1.2~cloud0) precise-folsom; urgency=low
 .
   * New security update for the Ubuntu Cloud Archive.
 .
 keystone (2012.2.1-0ubuntu1.2) quantal-security; urgency=low
 .
   * SECURITY UPDATE: fix EC2-style authentication for disabled users
     - debian/patches/CVE-2013-0282.patch: adjust keystone/contrib/ec2/core.py
       to ensure user and tenant are enabled in EC2
     - CVE-2013-0282
     - LP: #1121494
   * SECURITY UPDATE: fix denial of service
     - debian/patches/CVE-2013-1664+1665.patch: disable XML entity parsing
     - CVE-2013-1664
     - CVE-2013-1665
     - LP: #1100279
     - LP: #1100282

Date: Wed, 20 Feb 2013 16:15:39 -0800
Changed-By: Adam Gandelman <adamg at ubuntu.com>
Signed-By: Adam Gandelman
Published-By: James Page <james.page at ubuntu.com>



More information about the Cloud-archive-changes mailing list