[ubuntu-cloud-archive/grizzly-updates] keystone (Accepted)

Dave Walker (Daviey) DaveWalker at ubuntu.com
Mon Jul 1 14:50:46 UTC 2013


 keystone (1:2013.1.2-0ubuntu2~cloud0) precise-grizzly; urgency=low
 .
   * New update for the Ubuntu Cloud Archive.
 .
 keystone (1:2013.1.2-0ubuntu2) raring-proposed; urgency=low
 .
   * Rebased to include latest security updates:
     - debian/patches/CVE-2013-2157.patch: Cherry-picked from stable/grizzly.
 .
 keystone (1:2013.1.2-0ubuntu1) raring-proposed; urgency=low
 .
   * Resynchronize with stable/grizzly (8dd57da1) (LP: #1188788):
     - [8dd57da] Migration 020 incorrectly assigns roles. LP: 1186128
     - [81a4d38] Removing a user from a project would result to all members of
       that project to be removed LP: 1170649
     - [39c4ca1] default_domain_id breaks the ability to map keystone  to ldap
       LP: 1168726
     - [69d0733] Lacking initial rule for list_groups_for_user operation in
       sample policy.json LP: 1167836
     - [45fa69b] LDAP list group users should not fail if user entry deleted
       LP: 1174585
     - [6090bbe] Update sample_data.sh to match docs  LP: 1073291
     - [a00bab7] use swift stable branch
 .
 keystone (1:2013.1.1-0ubuntu2.1) raring-security; urgency=low
 .
   * SECURITY UPDATE: fix authentication bypass when using LDAP backend
     - debian/patches/CVE-2013-2157.patch: identity/backends/ldap/core.py is
       adjusted to raise an assertion for invalid password when using LDAP and
       an empty password is submitted
     - CVE-2013-2157
     - LP: #1187305

Date: Wed, 19 Jun 2013 09:57:02 -0700
Changed-By: Adam Gandelman <adamg at ubuntu.com>
Signed-By: Adam Gandelman
Published-By: Dave Walker (Daviey) <DaveWalker at ubuntu.com>



More information about the Cloud-archive-changes mailing list