keystone (2012.2.1-0ubuntu1.1) quantal-security; urgency=low
* SECURITY UPDATE: fix token creation error handling
- debian/patches/CVE-2013-0247.patch: validate size of user_id, username,
password, tenant_name, tenant_id and old_token size to help guard
against a denial of service via large log files filling the disk
- CVE-2013-0247
keystone (2012.2.1-0ubuntu1) quantal-proposed; urgency=low
* Ubuntu updates:
- debian/control: Ensure keystoneclient is upgraded with keystone,
require python-keystoneclient >= 1:0.1.3. (LP: #1073273)
- Dropped patches, applied upsteram:
- debian/patches/CVE-2012-5563.patch
- debian/patches/CVE-2012-5571.patch
- debian/patches/fix-ssl-tests-lp1068851.patch
* Resynchronize with stable/folsom (7869c3ec) (LP: #1085255):
- [f9d4766] token expires time incorrect for auth by one token
(LP: #1079216)
- [80d63c8] keystone throws error when removing user from tenant.
(LP: #1078497)
- [37308dd] Removing user from a tenant isn't invalidating user access to
tenant (LP: #1064914)
- [bec9b68] Redo part of bp/sql-identiy-pam undone by bug 968519
(LP: #1068674)
- [ee645e6] Jenkins jobs fail because of incompatibility between sqlalchemy-
migrate and the newest sqlalchemy-0.8.0b1 (LP: #1073569)
- [094c494] Non PKI Tokens longer than 32 characters can never be valid
(LP: #1060389)
- [3cd343b] Openssl tests rely on expired certificate (LP: #1068851)
- [2f9807e] Set defaultbranch in .gitreview to stable/folsom
Date: 2013-01-31 19:10:11.633722+00:00
Changed-By: Jamie Strandboge <[email protected]>
https://launchpad.net/ubuntu/quantal/+source/keystone/2012.2.1-0ubuntu1.1
Sorry, changesfile not available.
--
Quantal-changes mailing list
[email protected]
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/quantal-changes
