UbuntuUpdates.org

Bugs fixes in "keystone"

Origin Bug number Title Date fixed
Launchpad 1331912 [OSSA 2014-022] V2 Trusts allow trustee to emulate trustor in other projects (CVE-2014-3520) 2014-08-21
Launchpad 1324592 [OSSA 2014-018] Trust scope can be circumvented by chaining trusts (CVE-2014-3476) 2014-08-21
CVE CVE-2014-5253 vulnerabilities in Keystone revocation events 2014-08-21
CVE CVE-2014-5252 vulnerabilities in Keystone revocation events 2014-08-21
CVE CVE-2014-5251 vulnerabilities in Keystone revocation events 2014-08-21
CVE CVE-2014-3520 Keystone V2 trusts privilege escalation through user supplied project id 2014-08-21
CVE CVE-2014-3476 OpenStack Identity (Keystone) before 2013.2.4, 2014.1 before 2014.1.2, ... 2014-08-21
Launchpad 1349597 [OSSA 2014-026] Domain-scoped tokens don't get revoked (CVE-2014-5253) 2014-08-21
Launchpad 1348820 [OSSA 2014-026] Token issued_at time changes on /v3/auth/token GET requests (CVE-2014-5252) 2014-08-21
Launchpad 1347961 [OSSA 2014-026] Revocation events are broken with mysql (CVE-2014-5251) 2014-08-21
Launchpad 1331912 [OSSA 2014-022] V2 Trusts allow trustee to emulate trustor in other projects (CVE-2014-3520) 2014-08-21
Launchpad 1324592 [OSSA 2014-018] Trust scope can be circumvented by chaining trusts (CVE-2014-3476) 2014-08-21
Launchpad 1297705 keystone logrotate configuration causing service disruption 2014-03-28
Launchpad 1298959 FFE for keystone 2014.1.rc1 2014-03-28
Launchpad 1292478 missing dependencies on lockfile and kombu 2014-03-28
Launchpad 1297705 keystone logrotate configuration causing service disruption 2014-03-28
Launchpad 1298959 FFE for keystone 2014.1.rc1 2014-03-28
Launchpad 1292478 missing dependencies on lockfile and kombu 2014-03-28
Launchpad 1290423 maintainer scripts always/inconsistently run db_sync during upgrade 2014-03-13
Launchpad 1289935 Revoke API calls non-existant method in revoke map syncronize 2014-03-13



About   -   Send Feedback to @ubuntu_updates