[ubuntu/precise-security] keystone 2012.1+stable~20120824-a16a0ab9-0ubuntu2.4 (Accepted)
Jamie Strandboge
jamie at ubuntu.com
Tue Feb 5 21:45:18 UTC 2013
keystone (2012.1+stable~20120824-a16a0ab9-0ubuntu2.4) precise-security; urgency=low
* SECURITY UPDATE: fix token creation error handling
- debian/patches/CVE-2013-0247.patch: validate size of user_id, username,
password, tenant_name, tenant_id and token size to help guard against a
denial of service via large log files filling the disk
- CVE-2013-0247
Date: 2013-01-31 19:10:17.664116+00:00
Changed-By: Jamie Strandboge <jamie at ubuntu.com>
https://launchpad.net/ubuntu/precise/+source/keystone/2012.1+stable~20120824-a16a0ab9-0ubuntu2.4
-------------- next part --------------
Sorry, changesfile not available.
More information about the Precise-changes
mailing list