Viewing all changes in revision 39.
- Committer: Package Import Robot
- Date: 2013-03-22 12:02:56 UTC
- mfrom: (35.1.3 quantal-proposed)
- Revision ID: package-import@ubuntu.com-20130322120256-k1bqggykh30xoxml
* Resync with latest security updates.
* SECURITY UPDATE: fix PKI revocation bypass
- debian/patches/CVE-2013-1865.patch: validate tokens from the backend
- CVE-2013-1865
* SECURITY UPDATE: fix EC2-style authentication for disabled users
- debian/patches/CVE-2013-0282.patch: adjust keystone/contrib/ec2/core.py
to ensure user and tenant are enabled in EC2
- CVE-2013-0282
* SECURITY UPDATE: fix denial of service
- debian/patches/CVE-2013-1664+1665.patch: disable XML entity parsing
- CVE-2013-1664
- CVE-2013-1665
* SECURITY UPDATE: fix PKI revocation bypass
- debian/patches/CVE-2013-1865.patch: validate tokens from the backend
- CVE-2013-1865
* SECURITY UPDATE: fix EC2-style authentication for disabled users
- debian/patches/CVE-2013-0282.patch: adjust keystone/contrib/ec2/core.py
to ensure user and tenant are enabled in EC2
- CVE-2013-0282
* SECURITY UPDATE: fix denial of service
- debian/patches/CVE-2013-1664+1665.patch: disable XML entity parsing
- CVE-2013-1664
- CVE-2013-1665
- files removed:
- .pc/CVE-2013-0247.patch
- .pc/CVE-2013-0247.patch/keystone
- .pc/CVE-2013-0247.patch/tests
- files modified:
- .pc/CVE-2013-1865.patch/keystone/service.py
expand all
collapse all
added
removed
