[ubuntu-cloud-archive/folsom-updates] keystone (Accepted)
James Page
james.page at ubuntu.com
Fri Mar 1 17:59:01 UTC 2013
keystone (2012.2.1-0ubuntu1.2~cloud0) precise-folsom; urgency=low
.
* New security update for the Ubuntu Cloud Archive.
.
keystone (2012.2.1-0ubuntu1.2) quantal-security; urgency=low
.
* SECURITY UPDATE: fix EC2-style authentication for disabled users
- debian/patches/CVE-2013-0282.patch: adjust keystone/contrib/ec2/core.py
to ensure user and tenant are enabled in EC2
- CVE-2013-0282
- LP: #1121494
* SECURITY UPDATE: fix denial of service
- debian/patches/CVE-2013-1664+1665.patch: disable XML entity parsing
- CVE-2013-1664
- CVE-2013-1665
- LP: #1100279
- LP: #1100282
Date: Wed, 20 Feb 2013 16:15:39 -0800
Changed-By: Adam Gandelman <adamg at ubuntu.com>
Signed-By: Adam Gandelman
Published-By: James Page <james.page at ubuntu.com>
More information about the Cloud-archive-changes
mailing list