~ubuntu-branches/debian/sid/keystone/sid

Committer: Package Import Robot
Author(s): Thomas Goirand
Date: 2013-02-19 12:56:42 UTC
Revision ID: package-import@ubuntu.com-20130219125642-lkow6z7yq6b84ho3

Tags: 2012.1.1-13

http://bugs.debian.org/700947

http://bugs.debian.org/700948

* CVE-2013-0282: Ensure EC2 users and tenant are enabled (Closes: #700947).
* CVE-2013-0280: Information leak and Denial of Service using XML entities
(Closes: #700948).

files added:
.pc/CVE-2013-0280_Information-leak-and-Denial-of-Service-using-XML-entities.patch

.pc/CVE-2013-0280_Information-leak-and-Denial-of-Service-using-XML-entities.patch/keystone

.pc/CVE-2013-0280_Information-leak-and-Denial-of-Service-using-XML-entities.patch/keystone/common

.pc/CVE-2013-0280_Information-leak-and-Denial-of-Service-using-XML-entities.patch/keystone/common/serializer.py

.pc/CVE-2013-0282_ensure-user-tenant-enabled-ec2.patch

.pc/CVE-2013-0282_ensure-user-tenant-enabled-ec2.patch/keystone

.pc/CVE-2013-0282_ensure-user-tenant-enabled-ec2.patch/keystone/contrib

.pc/CVE-2013-0282_ensure-user-tenant-enabled-ec2.patch/keystone/contrib/ec2

.pc/CVE-2013-0282_ensure-user-tenant-enabled-ec2.patch/keystone/contrib/ec2/core.py

debian/patches/CVE-2013-0280_Information-leak-and-Denial-of-Service-using-XML-entities.patch

debian/patches/CVE-2013-0282_ensure-user-tenant-enabled-ec2.patch

files modified:
.pc/applied-patches

debian/changelog

debian/patches/series

keystone/common/serializer.py

keystone/contrib/ec2/core.py

Show diffs side-by-side

added added

removed removed

.pc/applied-patches

CVE-2012-4457-Raise_unauthorized_if_tenant_disabled.patch

ensures-User-is-member-of-tenant-in-ec2-validation.patch

CVE-2013-0247_denial_of_service_through_invalid_token_requests.patch

CVE-2013-0282_ensure-user-tenant-enabled-ec2.patch

CVE-2013-0280_Information-leak-and-Denial-of-Service-using-XML-entities.patch

Older »