-
Committer:
yolanda.robla at canonical
-
Date:
2013-04-11 07:45:30 UTC
-
Revision ID:
yolanda.robla@canonical.com-20130411074530-kcr1rfquoaiphyz5
[ Jamie Strandboge ]
* SECURITY UPDATE: fix token creation error handling
- debian/patches/CVE-2013-0247.patch: validate size of user_id, username,
password, tenant_name, tenant_id and token size to help guard against a
denial of service via large log files filling the disk
- CVE-2013-0247
LP: 1121494 (CVE-2013-0282)
- [8945567] DoS through XML entity expansion (CVE-2013-1664, CVE-2013-1665)
- LP: 1100282, LP: 1100279
tenant (LP: #1064914) - CVE-2012-5571
(LP: #1040626) CVE-2012-3542