[ubuntu/raring-security] keystone 1:2013.1.1-0ubuntu2.1 (Accepted)
Jamie Strandboge
jamie at ubuntu.com
Fri Jun 14 02:32:23 UTC 2013
keystone (1:2013.1.1-0ubuntu2.1) raring-security; urgency=low
* SECURITY UPDATE: fix authentication bypass when using LDAP backend
- debian/patches/CVE-2013-2157.patch: identity/backends/ldap/core.py is
adjusted to raise an assertion for invalid password when using LDAP and
an empty password is submitted
- CVE-2013-2157
- LP: #1187305
keystone (1:2013.1.1-0ubuntu2) raring-proposed; urgency=low
* Rebase against latest security updates.
* Dropped patches:
- debian/patches/CVE-2013-2059.patch: [678b06a]
keystone (1:2013.1.1-0ubuntu1) raring-proposed; urgency=low
* Resynchronize with stable/grizzly (678b06a9) (LP: #1179626):
- [678b06a] Deleted user can still create instances LP: 1166670
- [b874c8f] keystone ipv6 tests fail LP: 1176204
- [3aa0f45] Set defaultbranch in .gitreview to stable/grizzly
- [c5037dd] admin_token and LDAP password show up in log in DEBUG mode
LP: 1172195
- [76efb5c] residual grants after delete action LP: 1125637
- [2b5b24e] PKI support breaks memcache token backend LP: 1119641
- [9446a99] non-default auth plugins can't be configured LP: 1157515
- [717f1aa] Upgrading from folsom to grizzly results in all tenants/users
being disabled (LP: #1167421)
Date: 2013-06-13 19:10:15.431879+00:00
Changed-By: Jamie Strandboge <jamie at ubuntu.com>
https://launchpad.net/ubuntu/raring/+source/keystone/1:2013.1.1-0ubuntu2.1
-------------- next part --------------
Sorry, changesfile not available.
More information about the Raring-changes
mailing list