[ubuntu-cloud-archive/grizzly-updates] python-keystoneclient (Accepted)
James Page
james.page at ubuntu.com
Thu Jun 6 17:51:22 UTC 2013
python-keystoneclient (1:0.2.3-0ubuntu2.2~cloud0) precise-grizzly; urgency=low
.
* New security update for the Ubuntu Cloud Archive.
.
python-keystoneclient (1:0.2.3-0ubuntu2.2) raring-security; urgency=low
.
* SECURITY UPDATE: fix auth_token middleware neglects to check expiry of
signed token when using PKI
- debian/patches/CVE-2013-2104.patch: explicitly check the expiry on the
tokens, and reject tokens that have expired. Also update test data
- fix-v3-with-uuid-and-memcache-expiring.patch: required for above
- CVE-2013-2104
- LP: #1179615
* debian/patches/fix-testsuite-with-sbuild.patch: adjust testsuite to work
with modern sbuild
* debian/patches/fix-testsuite-for-2038-problem.patch: Adjust json example
cert data to use 2037 instead of 2112 and regenerate the certs
Date: Tue, 04 Jun 2013 10:58:22 -0700
Changed-By: Adam Gandelman <adamg at ubuntu.com>
Signed-By: Adam Gandelman
Published-By: James Page <james.page at ubuntu.com>
More information about the Cloud-archive-changes
mailing list