-
Committer:
Package Import Robot
-
Author(s):
Jamie Strandboge
-
Date:
2013-10-22 10:09:33 UTC
-
mfrom:
(38.1.3 quantal-security)
-
Revision ID:
package-import@ubuntu.com-20131022100933-7fyykcnej5mdcb42
Tags: 2012.2.4-0ubuntu3.2
* SECURITY UPDATE: revoke user tokens when disabling/delete a project
- debian/patches/CVE-2013-4222.patch: add _delete_tokens_for_project() to
common/controller.py and use it in identity/controllers.py
(LP: #1179955)
- CVE-2013-4222
* SECURITY UPDATE: fix and test token revocation list API
- debian/patches/CVE-2013-4294.patch: fix token matching for memcache
backend token revocation (LP: #1202952)
- CVE-2013-4294