keystone (1:2013.1.1-0ubuntu2.1) raring-security; urgency=low
* SECURITY UPDATE: fix authentication bypass when using LDAP backend
- debian/patches/CVE-2013-2157.patch: identity/backends/ldap/core.py is
adjusted to raise an assertion for invalid password when using LDAP and
an empty password is submitted
- CVE-2013-2157
- LP: #1187305
Date: 2013-06-13 19:10:15.431879+00:00
Changed-By: Jamie Strandboge <[email protected]>
Signed-By: Ubuntu Archive Robot
<[email protected]>
https://launchpad.net/ubuntu/raring/+source/keystone/1:2013.1.1-0ubuntu2.1
Sorry, changesfile not available.
--
Raring-changes mailing list
[email protected]
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/raring-changes
