UbuntuUpdates.org

Package "keystone"

Name: keystone

Description:

OpenStack identity service - Daemons

Latest version: 1:2014.1.5-0ubuntu1
Release: trusty (14.04)
Level: updates
Repository: main
Homepage: http://launchpad.net/keystone

Links


Download "keystone"


Other versions of "keystone" in Trusty

Repository Area Version
base main 1:2014.1-0ubuntu1
security main 1:2014.1.3-0ubuntu2.1

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 1:2014.1.5-0ubuntu1 2015-07-08 05:07:16 UTC

  keystone (1:2014.1.5-0ubuntu1) trusty; urgency=medium

  * Resynchronize with stable/icehouse (91255f1) (LP: #1467533):
    - [a1548eb] backend_argument should be marked secret
    - [e6eba4b] Remove oslo.serialization from requirements.txt
    - [0e0efdb] Work with pymongo 3.0
    - [91255f1] Deal with PEP-0476 certificate chaining checking
  * d/p/drop-oslo-serialization.patch: Dropped; Fixed upstream.
  * d/p/fix-requirements.patch: Rebased

 -- Corey Bryant Mon, 22 Jun 2015 10:14:38 -0400

Source diff to previous version

Version: 1:2014.1.4-0ubuntu2 2015-04-13 21:06:18 UTC

  keystone (1:2014.1.4-0ubuntu2) trusty; urgency=medium

  * d/p/drop-oslo-serialization.patch: Drop oslo.serialization (LP: #1437741).
  * d/control: Set minimum python-six dependency to 1.5.2 (LP: #1403114).
 -- Corey Bryant <email address hidden> Mon, 30 Mar 2015 09:07:47 -0400

Source diff to previous version
1437741 [SRU] keystone drop invalid oslo.serialization requirement

Version: 1:2014.1.3-0ubuntu2.1 2014-11-11 20:06:29 UTC

  keystone (1:2014.1.3-0ubuntu2.1) trusty-security; urgency=medium

  * No change rebuild for security:
    - [878f12e] Adds a whitelist for endpoint catalog substitution
      + CVE-2014-3621
      + LP: #1354208
 -- Marc Deslauriers <email address hidden> Tue, 21 Oct 2014 12:13:36 -0400

Source diff to previous version
1354208 [OSSA 2014-029] Catalog replacement allows reading config (CVE-2014-3621)
CVE-2014-3621 The catalog url replacement in Keystone before 2013.2.3 and 2014.1 before 2014.1.2.1 allows remote authenticated users to read sensitive configuratio

Version: 1:2014.1.3-0ubuntu2 2014-10-20 20:06:41 UTC

  keystone (1:2014.1.3-0ubuntu2) trusty; urgency=medium

  [ Edward Hope-Morley ]
  * Added python-ldap as install dep (LP: #1364854)
 -- Chuck Short <email address hidden> Fri, 10 Oct 2014 12:54:47 -0400

Source diff to previous version
1364854 python-ldap is needed as a dependency of keystone

Version: 1:2014.1.2.1-0ubuntu1.1 2014-08-21 21:06:23 UTC

  keystone (1:2014.1.2.1-0ubuntu1.1) trusty-security; urgency=medium

  * No change rebuild for security:
    - [7378512] Block delegation escalation of privilege
      + CVE-2014-3476
      + LP: #1324592
    - [44555e8] Ensure that in v2 auth tenant_id matches trust
      + CVE-2014-3520
      + LP: #1331912
    - [6cbf835] Fix revocation event handling with MySQL
      + CVE-2014-5251
      + LP: #1347961
    - [bdb88c6] Fix for V2 token issued_at time changing
      + CVE-2014-5252
      + LP: #1348820
    - [317f9d3] Fix revoking domain-scoped tokens
      + CVE-2014-5253
      + LP: #1349597
 -- Jamie Strandboge <email address hidden> Thu, 21 Aug 2014 09:06:13 -0500

1324592 [OSSA 2014-018] Trust scope can be circumvented by chaining trusts (CVE-2014-3476)
1331912 [OSSA 2014-022] V2 Trusts allow trustee to emulate trustor in other projects (CVE-2014-3520)
1347961 [OSSA 2014-026] Revocation events are broken with mysql (CVE-2014-5251)
1348820 [OSSA 2014-026] Token issued_at time changes on /v3/auth/token GET requests (CVE-2014-5252)
1349597 [OSSA 2014-026] Domain-scoped tokens don't get revoked (CVE-2014-5253)
CVE-2014-3476 OpenStack Identity (Keystone) before 2013.2.4, 2014.1 before 2014.1.2, ...
CVE-2014-3520 Keystone V2 trusts privilege escalation through user supplied project id
CVE-2014-5251 vulnerabilities in Keystone revocation events
CVE-2014-5252 vulnerabilities in Keystone revocation events
CVE-2014-5253 vulnerabilities in Keystone revocation events



About   -   Send Feedback to @ubuntu_updates