[ubuntu-cloud-archive/grizzly-proposed] keystone (Accepted)
James Page
james.page at ubuntu.com
Thu Jun 20 08:14:24 UTC 2013
keystone (1:2013.1.2-0ubuntu2~cloud0) precise-grizzly; urgency=low
.
* New update for the Ubuntu Cloud Archive.
.
keystone (1:2013.1.2-0ubuntu2) raring-proposed; urgency=low
.
* Rebased to include latest security updates:
- debian/patches/CVE-2013-2157.patch: Cherry-picked from stable/grizzly.
.
keystone (1:2013.1.2-0ubuntu1) raring-proposed; urgency=low
.
* Resynchronize with stable/grizzly (8dd57da1) (LP: #1188788):
- [8dd57da] Migration 020 incorrectly assigns roles. LP: 1186128
- [81a4d38] Removing a user from a project would result to all members of
that project to be removed LP: 1170649
- [39c4ca1] default_domain_id breaks the ability to map keystone to ldap
LP: 1168726
- [69d0733] Lacking initial rule for list_groups_for_user operation in
sample policy.json LP: 1167836
- [45fa69b] LDAP list group users should not fail if user entry deleted
LP: 1174585
- [6090bbe] Update sample_data.sh to match docs LP: 1073291
- [a00bab7] use swift stable branch
.
keystone (1:2013.1.1-0ubuntu2.1) raring-security; urgency=low
.
* SECURITY UPDATE: fix authentication bypass when using LDAP backend
- debian/patches/CVE-2013-2157.patch: identity/backends/ldap/core.py is
adjusted to raise an assertion for invalid password when using LDAP and
an empty password is submitted
- CVE-2013-2157
- LP: #1187305
Date: Wed, 19 Jun 2013 09:57:02 -0700
Changed-By: Adam Gandelman <adamg at ubuntu.com>
Signed-By: Adam Gandelman
Published-By: James Page <james.page at ubuntu.com>
More information about the Cloud-archive-changes
mailing list