lp:ubuntu/raring-updates/keystone

Created by Ubuntu Package Importer on 2013-05-16 and last modified on 2013-10-28
Get this branch:
bzr branch lp:ubuntu/raring-updates/keystone
Members of Ubuntu branches can upload to this branch. Log in for directions.

Branch merges

Related bugs

Related blueprints

Branch information

Owner:
Ubuntu branches
Review team:
Ubuntu Development Team
Status:
Mature

Recent revisions

50. By Adam Gandelman on 2013-10-17

* Resynchronize with stable/grizzly (9666fc0) (LP: #1241202):
  - [6792499] periodic-keystone-python27-stable-grizzly fails due to"No
    module named netaddr" LP: 1212939
  - [775d7a7] Fix and test token revocation list API
  - [0876ea2] N+1 lookups in groups SQL LP: 1218675
  - [afbc75b] Disabling a tenant would not disable a user token LP: 1179955
  - [9666fc0] User operations with LDAP Identity and
    enabled_mask/user_enabled_default fail LP: 1210175

49. By Jamie Strandboge on 2013-10-22

* SECURITY UPDATE: revoke user tokens when disabling/delete a project
  - debian/patches/CVE-2013-4222.patch: add _delete_tokens_for_project() to
    common/controller.py and use it in identity/controllers.py
    (LP: #1179955)
  - CVE-2013-4222
* SECURITY UPDATE: fix and test token revocation list API
  - debian/patches/CVE-2013-4294.patch: fix token matching for memcache
    backend token revocation (LP: #1202952)
  - CVE-2013-4294

48. By Adam Gandelman on 2013-08-09

* Dropped patches, applied upstream:
  - debian/patches/CVE-2013-2157.patch: [c100fd2]
* Resynchronize with stable/grizzly (f60f742) (LP: #1210447):
  - [4b22c02] Bump stable/grizzly next version to 2013.1.3
  - [c100fd2] Force simple Bind for authentication
  - [b426022] password in clear in keystone.log LP: 1166697
  - [8ea8024] Performance issue when delete tokens for users LP: 1178063
  - [76a94c6] Editing User fails when the user already has a Primary Project
    LP: 1161963
  - [27a5b42] User roles are replaced by group roles in v3 tokens
    LP: 1197874
  - [f60f742] Unscoped tokens are revoked when assigning a role to a user
    LP: 1170186
* debian/control: Update Vcs field.

47. By Adam Gandelman on 2013-06-16

* Rebased to include latest security updates:
  - debian/patches/CVE-2013-2157.patch: Cherry-picked from stable/grizzly.

46. By Jamie Strandboge on 2013-06-13

* SECURITY UPDATE: fix authentication bypass when using LDAP backend
  - debian/patches/CVE-2013-2157.patch: identity/backends/ldap/core.py is
    adjusted to raise an assertion for invalid password when using LDAP and
    an empty password is submitted
  - CVE-2013-2157
  - LP: #1187305

45. By James Page on 2013-05-17

* Rebase against latest security updates.
* Dropped patches:
  - debian/patches/CVE-2013-2059.patch: [678b06a]

44. By Jamie Strandboge on 2013-05-07

* SECURITY UPDATE: delete user token immediately upon delete when using v2
  API
  - CVE-2013-2059.patch: adjust keystone/identity/controllers.py to call
    _delete_tokens_for_user() during delete. Also update test suite.
  - CVE-2013-2059
  - LP: #1166670

43. By Chuck Short on 2013-04-05

[ Adam Gandelman ]
* debian/patches/sql_connection.patch: Ensure SQL by default for all
  backends. (LP: #1158563)
* debian/rules: Reinstate use of test_overrides.conf to target upstream
  defaults when running unit tests.

[ Chuck Short ]
* New upstream release.

42. By Chuck Short on 2013-04-02

New upstream release.

41. By Chuck Short on 2013-03-28

New upstream release.

Branch metadata

Branch format:
Branch format 7
Repository format:
Bazaar repository format 2a (needs bzr 1.16 or later)
Stacked on:
lp:ubuntu/saucy/keystone
This branch contains Public information 
Everyone can see this information.

Subscribers