[ubuntu/precise-security] keystone 2012.1+stable~20120824-a16a0ab9-0ubuntu2.2 (Accepted)
Steve Beattie
sbeattie at ubuntu.com
Wed Sep 12 23:28:14 UTC 2012
keystone (2012.1+stable~20120824-a16a0ab9-0ubuntu2.2) precise-security; urgency=low
* SECURITY UPDATE: Pre-existing tokens continue to be valid after
granting or revoking a user's access (LP: #1041396)
- debian/patches/keystone-CVE-2012-4413.patch: invalidate all user
tokens upon role grant/revoke
- CVE-2012-4413
Date: 2012-09-12 18:00:18.726543+00:00
Changed-By: Steve Beattie <sbeattie at ubuntu.com>
https://launchpad.net/ubuntu/precise/+source/keystone/2012.1+stable~20120824-a16a0ab9-0ubuntu2.2
-------------- next part --------------
Sorry, changesfile not available.
More information about the Precise-changes
mailing list