UbuntuUpdates.org

Package "keystone"


Moved to precise:main:updates


Name: keystone

Description:

OpenStack identity service - Daemons

Latest version: *DELETED*
Release: precise (12.04)
Level: proposed
Repository: main
Homepage: http://launchpad.net/keystone

Links


Download "keystone"


Other versions of "keystone" in Precise

Repository Area Version
base main 2012.1-0ubuntu1
security main 2012.1.3+stable-20130423-f48dd0fc-0ubuntu1.1
updates main 2012.1.3+stable-20130423-f48dd0fc-0ubuntu1.1

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: *DELETED* 2013-05-16 23:07:07 UTC
Moved to precise:main:updates
No changelog for deleted or moved packages.

Version: 2012.1.3+stable-20130423-f48dd0fc-0ubuntu1 2013-05-10 00:06:25 UTC

  keystone (2012.1.3+stable-20130423-f48dd0fc-0ubuntu1) precise-proposed; urgency=low

  * Resynchronize with stable/essex (LP: #1089488):
    - [7402f5e] EC2 authentication does not ensure user or tenant is enabled
      LP: 1121494
    - [8945567] DoS through XML entity expansion (CVE-2013-1664) LP: 1100282
    - [7b5b72f] Add size validations for /tokens.
    - [ef1e682] docutils 0.10 incompatible with sphinx 1.1.3 LP: 1091333
    - [8735009] Removing user from a tenant isn't invalidating user access to
      tenant (LP: #1064914)
    - [025b1d5] Jenkins jobs fail because of incompatibility between sqlalchemy-
      migrate and the newest sqlalchemy-0.8.0b1 (LP: #1073569)
    - [ddb4019] Open 2012.1.4 development
    - [0e1f05e] memcache driver needs protection against unicode user keys
      (LP: #1056373)
    - [176ee9b] Token invalidation in case of role grant/revoke should be
      limited to affected tenant (LP: #1050025)
    - [58ac669] Token validation includes revoked roles (CVE-2012-4413)
      (LP: #1041396)
    - [cd1e48a] Memcached Token Backend does not support list tokens
      (LP: #1046905)
    - [5438d3b] Update user's default tenant partially succeeds without authz
      (LP: #1040626)
  * Dropped patches, superseeded by new snapshot:
    - debian/patches/CVE-2013-0282.patch [7402f5e]
    - debian/patches/CVE-2013-1664+1665.patch [8945567]
    - debian/patches/keystone-CVE-2012-5571.patch [8735009]
    - debian/patches/keystone-CVE-2012-4413.patch [58ac669]
    - debian/patches/keystone-CVE-2012-3542.patch [5438d3b]
  * Refreshed patches:
    - debian/patches/CVE-2013-0247.patch
    - debian/patches/fix-ubuntu-tests.patch
 -- Yolanda <email address hidden> Tue, 23 Apr 2013 10:30:16 +0200

1089488 Meta bug for tracking Openstack Stable Updates
1064914 Removing user from a tenant isn't invalidating user access to tenant
1056373 memcache driver needs protection against unicode user keys
1050025 Token invalidation in case of role grant/revoke should be limited to affected tenant
1041396 Token validation includes revoked roles (CVE-2012-4413)
1046905 Memcached Token Backend does not support list tokens
1040626 Update user's default tenant partially succeeds without authz
CVE-2013-1664 Denial of service via xml entity parsing
CVE-2012-4413 openstack revoking a role does not affect existing tokens
CVE-2013-0282 EC2-style authentication accepts disabled user/tenants
CVE-2012-5571 OpenStack Keystone Essex (2012.1) and Folsom (2012.2) does not properly handle EC2 tokens when the user role has been removed from a tenant, which al
CVE-2012-3542 OpenStack Keystone, as used in OpenStack Folsom before folsom-rc1 and OpenStack Essex (2012.1), allows remote attackers to add an arbitrary user to a
CVE-2013-0247 Keystone denial of service through invalid token requests

Version: *DELETED* 2012-09-03 18:06:55 UTC
Moved to precise:main:updates
No changelog for deleted or moved packages.

Version: 2012.1+stable~20120824-a16a0ab9-0ubuntu2 2012-08-24 20:06:53 UTC

  keystone (2012.1+stable~20120824-a16a0ab9-0ubuntu2) precise-proposed; urgency=low

  * New upstream release (LP: #1041120):
    - debian/patches/0013-Flush-tenant-membership-deletion-before-user.patch:
      Dropped.
  * Resynchronize with stable/essex:
    - authenticate in ldap backend doesn't return a list of roles
      (LP: #1035428)
    - LDAP should not check username on "sn" field (LP: #997700)
    - Admin API doesn't valid token. (LP: #1006815, #1006822)
    - Memcache token backend eventually stops working. (LP: #1012381)
    - EC2 credentials not migrated from legacy (diablo) database. (LP: #1016056)
    - Deleting tenants or users does not cleanup metadata. (LP: #973243)
    - Deleting tenants does not cleanup its user associations. (LP: #974199)
    - TokenNotFound not raised in testsuite beacuse of timezone issues. (LP: #983800)
    - Token authentication for a user in a disabled tenant does not raise
      Unauthorized error. (LP: #988920)
    - export_legacy_catalog doesn't convert url names correctly. (LP: #994936)
    - Following a password compromise and subsequent password change,
      tokens remain valid. (LP: #996595)
    - Tokens remain valid after a user account is disabled. (LP: #997194)
 -- Adam Gandelman <email address hidden> Fri, 24 Aug 2012 03:34:59 -0400

1041120 Meta bug for tracking Openstack Stable Updates
1035428 authenticate in ldap backend doesn't return a list of roles
997700 LDAP should not check username on \
1006815 Admin API /v2.0/tenants/{tenant_id}/users/{user_id}/roles doesn't validate token
1012381 Memcache token backend eventually stops working
1016056 EC2 credentials not migrated from legacy (diablo) database
973243 deleting tenants or users does not clean up metadata
974199 deleting a tenant does not cleanup its user associations
983800 TokenNotFound not raised in testsuite because of timezone issues
988920 Token authentication for a user in a disabled tenant does not raise Unauthorized error
994936 export_legacy_catalog doesn't convert url names correctly
996595 Following a password compromise and subsequent password change, tokens remain valid.
997194 Tokens remain valid after a user account is disabled

Version: *DELETED* 2012-07-10 17:06:40 UTC
Moved to precise:main:updates
No changelog for deleted or moved packages.



About   -   Send Feedback to @ubuntu_updates