Package "keystone"
Name: |
keystone
|
Description: |
OpenStack identity service - Daemons
|
Latest version: |
1:2014.1.5-0ubuntu1 |
Release: |
trusty (14.04) |
Level: |
updates |
Repository: |
main |
Homepage: |
http://launchpad.net/keystone |
Links
Download "keystone"
Other versions of "keystone" in Trusty
Packages in group
Deleted packages are displayed in grey.
Changelog
keystone (1:2014.1.5-0ubuntu1) trusty; urgency=medium
* Resynchronize with stable/icehouse (91255f1) (LP: #1467533):
- [a1548eb] backend_argument should be marked secret
- [e6eba4b] Remove oslo.serialization from requirements.txt
- [0e0efdb] Work with pymongo 3.0
- [91255f1] Deal with PEP-0476 certificate chaining checking
* d/p/drop-oslo-serialization.patch: Dropped; Fixed upstream.
* d/p/fix-requirements.patch: Rebased
-- Corey Bryant Mon, 22 Jun 2015 10:14:38 -0400
|
Source diff to previous version |
keystone (1:2014.1.4-0ubuntu2) trusty; urgency=medium
* d/p/drop-oslo-serialization.patch: Drop oslo.serialization (LP: #1437741).
* d/control: Set minimum python-six dependency to 1.5.2 (LP: #1403114).
-- Corey Bryant <email address hidden> Mon, 30 Mar 2015 09:07:47 -0400
|
Source diff to previous version |
1437741 |
[SRU] keystone drop invalid oslo.serialization requirement |
|
keystone (1:2014.1.3-0ubuntu2.1) trusty-security; urgency=medium
* No change rebuild for security:
- [878f12e] Adds a whitelist for endpoint catalog substitution
+ CVE-2014-3621
+ LP: #1354208
-- Marc Deslauriers <email address hidden> Tue, 21 Oct 2014 12:13:36 -0400
|
Source diff to previous version |
1354208 |
[OSSA 2014-029] Catalog replacement allows reading config (CVE-2014-3621) |
CVE-2014-3621 |
The catalog url replacement in Keystone before 2013.2.3 and 2014.1 before 2014.1.2.1 allows remote authenticated users to read sensitive configuratio |
|
keystone (1:2014.1.3-0ubuntu2) trusty; urgency=medium
[ Edward Hope-Morley ]
* Added python-ldap as install dep (LP: #1364854)
-- Chuck Short <email address hidden> Fri, 10 Oct 2014 12:54:47 -0400
|
Source diff to previous version |
1364854 |
python-ldap is needed as a dependency of keystone |
|
keystone (1:2014.1.2.1-0ubuntu1.1) trusty-security; urgency=medium
* No change rebuild for security:
- [7378512] Block delegation escalation of privilege
+ CVE-2014-3476
+ LP: #1324592
- [44555e8] Ensure that in v2 auth tenant_id matches trust
+ CVE-2014-3520
+ LP: #1331912
- [6cbf835] Fix revocation event handling with MySQL
+ CVE-2014-5251
+ LP: #1347961
- [bdb88c6] Fix for V2 token issued_at time changing
+ CVE-2014-5252
+ LP: #1348820
- [317f9d3] Fix revoking domain-scoped tokens
+ CVE-2014-5253
+ LP: #1349597
-- Jamie Strandboge <email address hidden> Thu, 21 Aug 2014 09:06:13 -0500
|
1324592 |
[OSSA 2014-018] Trust scope can be circumvented by chaining trusts (CVE-2014-3476) |
1331912 |
[OSSA 2014-022] V2 Trusts allow trustee to emulate trustor in other projects (CVE-2014-3520) |
1347961 |
[OSSA 2014-026] Revocation events are broken with mysql (CVE-2014-5251) |
1348820 |
[OSSA 2014-026] Token issued_at time changes on /v3/auth/token GET requests (CVE-2014-5252) |
1349597 |
[OSSA 2014-026] Domain-scoped tokens don't get revoked (CVE-2014-5253) |
CVE-2014-3476 |
OpenStack Identity (Keystone) before 2013.2.4, 2014.1 before 2014.1.2, ... |
CVE-2014-3520 |
Keystone V2 trusts privilege escalation through user supplied project id |
CVE-2014-5251 |
vulnerabilities in Keystone revocation events |
CVE-2014-5252 |
vulnerabilities in Keystone revocation events |
CVE-2014-5253 |
vulnerabilities in Keystone revocation events |
|
About
-
Send Feedback to @ubuntu_updates