~ubuntu-branches/debian/sid/keystone/sid

Committer: Package Import Robot
Author(s): Thomas Goirand
Date: 2013-02-19 12:56:42 UTC
Revision ID: package-import@ubuntu.com-20130219125642-lkow6z7yq6b84ho3

Tags: 2012.1.1-13

http://bugs.debian.org/700947

http://bugs.debian.org/700948

* CVE-2013-0282: Ensure EC2 users and tenant are enabled (Closes: #700947).
* CVE-2013-0280: Information leak and Denial of Service using XML entities
(Closes: #700948).

files added:
.pc/CVE-2013-0280_Information-leak-and-Denial-of-Service-using-XML-entities.patch

.pc/CVE-2013-0280_Information-leak-and-Denial-of-Service-using-XML-entities.patch/keystone

.pc/CVE-2013-0280_Information-leak-and-Denial-of-Service-using-XML-entities.patch/keystone/common

.pc/CVE-2013-0280_Information-leak-and-Denial-of-Service-using-XML-entities.patch/keystone/common/serializer.py

.pc/CVE-2013-0282_ensure-user-tenant-enabled-ec2.patch

.pc/CVE-2013-0282_ensure-user-tenant-enabled-ec2.patch/keystone

.pc/CVE-2013-0282_ensure-user-tenant-enabled-ec2.patch/keystone/contrib

.pc/CVE-2013-0282_ensure-user-tenant-enabled-ec2.patch/keystone/contrib/ec2

.pc/CVE-2013-0282_ensure-user-tenant-enabled-ec2.patch/keystone/contrib/ec2/core.py

debian/patches/CVE-2013-0280_Information-leak-and-Denial-of-Service-using-XML-entities.patch

debian/patches/CVE-2013-0282_ensure-user-tenant-enabled-ec2.patch

files modified:
.pc/applied-patches

debian/changelog

debian/patches/series

keystone/common/serializer.py

keystone/contrib/ec2/core.py

Show diffs side-by-side

added added

removed removed

debian/changelog

keystone (2012.1.1-13) unstable; urgency=high

* CVE-2013-0282: Ensure EC2 users and tenant are enabled (Closes: #700947).

* CVE-2013-0280: Information leak and Denial of Service using XML entities

(Closes: #700948).

-- Thomas Goirand <zigo@debian.org> Tue, 19 Feb 2013 12:56:42 +0800

keystone (2012.1.1-12) unstable; urgency=low

* CVE-2013-0247: Keystone denial of service through invalid token requests

Older »