On Thu, Jun 13, 2013 at 11:29 PM, Yves-Alexis Perez <cor...@debian.org> wrote: > Package: keystone > Severity: grave > Tags: security > Justification: user security hole > > Hi, > > a vulnerability was recently reported against keystone. See > http://article.gmane.org/gmane.comp.security.oss.general/10412 for the > detailed mail. > > Please include the CVE number in the changelog entry when uploading, and > please contact the security team for uploads targetting stable/oldstable > if needed. > > Regards,
Thanks Yves-Alexis! I'm attaching the patches for both the Wheezy and Unstable versions of Keystone (Folsom and Grizzly, respectively). Regrads, Prach
CVE-2013-2157_folsom_Authentication_bypass_when_using_LDAP_backend.patch
Description: Binary data
CVE-2013-2157_grizzly_Authentication_bypass_when_using_LDAP_backend.patch
Description: Binary data