lp://qastaging/~james-page/keystone/folsom-resync
- Get this branch:
- bzr branch lp://qastaging/~james-page/keystone/folsom-resync
Branch merges
- Openstack Ubuntu Testers: Pending requested
-
Diff: 169 lines (+135/-1)3 files modifieddebian/changelog (+27/-1)
debian/patches/CVE-2013-1865.patch (+107/-0)
debian/patches/series (+1/-0)
Related bugs
Related blueprints
Branch information
Recent revisions
- 161. By James Page
-
* Resync with latest security updates.
* SECURITY UPDATE: fix PKI revocation bypass
- debian/patches/ CVE-2013- 1865.patch: validate tokens from the backend
- CVE-2013-1865
* SECURITY UPDATE: fix EC2-style authentication for disabled users
- debian/patches/ CVE-2013- 0282.patch: adjust keystone/ contrib/ ec2/core. py
to ensure user and tenant are enabled in EC2
- CVE-2013-0282
* SECURITY UPDATE: fix denial of service
- debian/patches/ CVE-2013- 1664+1665. patch: disable XML entity parsing
- CVE-2013-1664
- CVE-2013-1665
* SECURITY UPDATE: fix PKI revocation bypass
- debian/patches/ CVE-2013- 1865.patch: validate tokens from the backend
- CVE-2013-1865
- LP: #1129713 - 153. By Adam Gandelman
-
debian/control: Ensure keystoneclient is upgraded with keystone,
require python-keystoneclient >= 1:0.1.3. (LP: #1073273)
Branch metadata
- Branch format:
- Branch format 7
- Repository format:
- Bazaar repository format 2a (needs bzr 1.16 or later)