UbuntuUpdates.org

Package "keystone"

Name: keystone

Description:

OpenStack identity service - Daemons

Latest version: 2:16.0.1-0ubuntu1
Release: eoan (19.10)
Level: updates
Repository: main
Homepage: https://launchpad.net/keystone

Links


Download "keystone"


Other versions of "keystone" in Eoan

Repository Area Version
base main 2:16.0.0-0ubuntu1
security main 2:16.0.0-0ubuntu1.1

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 2:16.0.1-0ubuntu1 2020-06-03 04:07:19 UTC

  keystone (2:16.0.1-0ubuntu1) eoan; urgency=medium

  [ Corey Bryant ]
  * d/gbp.conf: Create stable/train branch.

  [ Chris MacNaughton ]
  * d/watch: Update to point at tarballs.opendev.org.
  * d/p/add-version-info.patch: Refreshed.
  * d/p/CVE-2019-19687.patch: Dropped. Fixed in 16.0.1.
  * New stable point release for OpenStack Train (LP: #1879725).

 -- Chris MacNaughton <email address hidden> Fri, 22 May 2020 06:17:06 +0000

Source diff to previous version
1879725 [SRU] Train stable releases
CVE-2019-19687 OpenStack Keystone 15.0.0 and 16.0.0 is affected by Data Leakage in the list credentials API. Any user with a role on a project is able to list any c

Version: 2:16.0.0-0ubuntu1.1 2020-01-30 15:06:26 UTC

  keystone (2:16.0.0-0ubuntu1.1) eoan-security; urgency=medium

  * SECURITY UPDATE: data leakage in the list credentials API
    - debian/patches/CVE-2019-19687.patch: fix credential list for project
      members in keystone/api/credentials.py,
      keystone/tests/protection/v3/test_credentials.py,
      releasenotes/notes/bug-1855080-08b28181b7cb2470.yaml.
    - CVE-2019-19687

 -- Marc Deslauriers <email address hidden> Fri, 24 Jan 2020 13:59:22 -0500

CVE-2019-19687 OpenStack Keystone 15.0.0 and 16.0.0 is affected by Data Leakage in the list credentials API. Any user with a role on a project is able to list any c



About   -   Send Feedback to @ubuntu_updates