« back to all changes in this revision
Viewing changes to debian/changelog
- Committer: Package Import Robot
- Date: 2012-10-01 05:52:23 UTC
- Revision ID: package-import@ubuntu.com-20121001055223-7fldz5pv6lc80w9f
* Fixes sometimes failing keystone.postrm (db_get in some conditions can
return false), and fixed non-consistant indenting.
* Uses /usr/share/keystone/keystone.conf instead of /usr/share/doc/keystone
/keystone.conf.sample for temporary storing the conf file (this was a policy
violation, as the doc folder should never be required).
* Fixes CVE-2012-4457: fails to raise Unauthorized user error for disabled,
CVE-2012-4456: fails to validate tokens in Admin API (Closes: #689210).
return false), and fixed non-consistant indenting.
* Uses /usr/share/keystone/keystone.conf instead of /usr/share/doc/keystone
/keystone.conf.sample for temporary storing the conf file (this was a policy
violation, as the doc folder should never be required).
* Fixes CVE-2012-4457: fails to raise Unauthorized user error for disabled,
CVE-2012-4456: fails to validate tokens in Admin API (Closes: #689210).
- files added:
- .pc/CVE-2012-4456-Some_actions_in_Keystone_admin_API_do_not_validate_token.patch
- .pc/CVE-2012-4456-Some_actions_in_Keystone_admin_API_do_not_validate_token.patch/keystone
- .pc/CVE-2012-4456-Some_actions_in_Keystone_admin_API_do_not_validate_token.patch/keystone/catalog
- .pc/CVE-2012-4456-Some_actions_in_Keystone_admin_API_do_not_validate_token.patch/keystone/identity
- .pc/CVE-2012-4456-Some_actions_in_Keystone_admin_API_do_not_validate_token.patch/tests
- .pc/CVE-2012-4457-Raise_unauthorized_if_tenant_disabled.patch
- .pc/CVE-2012-4457-Raise_unauthorized_if_tenant_disabled.patch/keystone
- .pc/CVE-2012-4457-Raise_unauthorized_if_tenant_disabled.patch/tests
- files modified:
- .pc/applied-patches
added
removed
debian/changelog
