← Back to branch summary

~ubuntu-branches/ubuntu/quantal/keystone/quantal-updates

Viewing all changes in revision 43.

  • Committer: Package Import Robot
  • Author(s): Jamie Strandboge
  • Date: 2013-10-22 10:09:33 UTC
  • mfrom: (38.1.3 quantal-security)
  • Revision ID: package-import@ubuntu.com-20131022100933-7fyykcnej5mdcb42
Tags: 2012.2.4-0ubuntu3.2
https://launchpad.net/bugs/1179955
https://launchpad.net/bugs/1202952
* SECURITY UPDATE: revoke user tokens when disabling/delete a project
  - debian/patches/CVE-2013-4222.patch: add _delete_tokens_for_project() to
    common/controller.py and use it in identity/controllers.py
    (LP: #1179955)
  - CVE-2013-4222
* SECURITY UPDATE: fix and test token revocation list API
  - debian/patches/CVE-2013-4294.patch: fix token matching for memcache
    backend token revocation (LP: #1202952)
  - CVE-2013-4294

expand all expand all

Show diffs side-by-side

added added

removed removed

Lines of Context: