[ubuntu/raring-security] python-keystoneclient 1:0.2.3-0ubuntu2.2 (Accepted)

Jamie Strandboge jamie at ubuntu.com
Mon Jun 3 21:54:16 UTC 2013

python-keystoneclient (1:0.2.3-0ubuntu2.2) raring-security; urgency=low

  * SECURITY UPDATE: fix auth_token middleware neglects to check expiry of
    signed token when using PKI
    - debian/patches/CVE-2013-2104.patch: explicitly check the expiry on the
      tokens, and reject tokens that have expired. Also update test data
    - fix-v3-with-uuid-and-memcache-expiring.patch: required for above
    - CVE-2013-2104
    - LP: #1179615
  * debian/patches/fix-testsuite-with-sbuild.patch: adjust testsuite to work
    with modern sbuild
  * debian/patches/fix-testsuite-for-2038-problem.patch: Adjust json example
    cert data to use 2037 instead of 2112 and regenerate the certs

Date: 2013-05-31 02:45:19.578946+00:00
Changed-By: Jamie Strandboge <jamie at ubuntu.com>
Maintainer: Chuck Short <chuck.short at canonical.com>
-------------- next part --------------
Sorry, changesfile not available.

More information about the Raring-changes mailing list