Ubuntu
keystone package

keystone 2012.2.4-0ubuntu3.1 source package in Ubuntu

Changelog

keystone (2012.2.4-0ubuntu3.1) quantal-security; urgency=low

  * SECURITY UPDATE: fix auth_token middleware neglects to check expiry of
    signed token when using PKI
    - debian/patches/CVE-2013-2104.patch: explicitly check the expiry on the
      tokens, and reject tokens that have expired. Also update test data
    - CVE-2013-2104
    - LP: #1179615
  * debian/patches/fix-testsuite-for-2038-problem.patch: Adjust json example
    cert data to use 2037 instead of 2112 and regenerate the certs. Also
    adjust token expiry data to use 2037 instead of 2999.
  * SECURITY UPDATE: fix authentication bypass when using LDAP backend
    - debian/patches/CVE-2013-2157.patch: identity/backends/ldap/core.py is
      adjusted to raise an assertion for invalid password when using LDAP and
      an empty password is submitted
    - CVE-2013-2157
    - LP: #1187305
 -- Jamie Strandboge <email address hidden>   Thu, 13 Jun 2013 13:42:44 -0500

Upload details

Uploaded by:
Jamie Strandboge
Uploaded to:
Quantal
Original maintainer:
Ubuntu Developers
Architectures:
all
Section:
net
Urgency:
Low Urgency

See full publishing history Publishing

Series Pocket Published Component Section

Builds

Quantal: [FULLYBUILT] i386

Downloads

File Size SHA-256 Checksum
keystone_2012.2.4.orig.tar.gz 542.4 KiB ab3a9a6c1f8ef9b95a73920883294f888f298db6330b8d4ed43e28354e8ca7af
keystone_2012.2.4-0ubuntu3.1.debian.tar.gz 31.4 KiB 48dd88010fdd4a7e7d52e141a154d6cd805a67492a4b11b67e9006ecc3dd9739
keystone_2012.2.4-0ubuntu3.1.dsc 2.5 KiB a9b52955e680456b5e3af5206e9dfb18bbcba23aff34946d3361dc4278bf0cfd

View changes file

Binary packages built by this source

keystone: No summary available for keystone in ubuntu quantal.

No description available for keystone in ubuntu quantal.

keystone-doc: No summary available for keystone-doc in ubuntu quantal.

No description available for keystone-doc in ubuntu quantal.

python-keystone: No summary available for python-keystone in ubuntu quantal.

No description available for python-keystone in ubuntu quantal.