stable/queens : lp:~ubuntu-server-dev/ubuntu/+source/keystone : Git : Code : keystone package : Ubuntu

Get this branch:: git clone -b stable/queens https://git.launchpad.net/~ubuntu-server-dev/ubuntu/+source/keystone

Members of Ubuntu Server Developers can upload to this branch. Log in for directions.

Branch merges

Branch information

Name:: stable/queens

Repository:: lp:~ubuntu-server-dev/ubuntu/+source/keystone

Recent commits

416a968... by Corey Bryant on 2020-10-27

Cleanup moved repository

This repository has moved to https://code.launchpad.net/~ubuntu-openstack-dev/ubuntu/+source/keystone/+git/keystone.

67b18db... by Corey Bryant on 2020-08-28

releasing package keystone version 2:13.0.4-0ubuntu1

0ae4254... by Corey Bryant on 2020-08-28

d/p/0001-fixing-dn-to-id.patch: Dropped. Fixed in upstream release.

7256db8... by Corey Bryant on 2020-08-28

SECURITY UPDATE: EC2 and/or credential endpoints are not protected
from a scoped context. Keystone V3 /credentials endpoint policy
logic allows to change credentials owner or target project ID.
- debian/patches/CVE-2020-12689-CVE-2020-12691.patch: Fix security
  issues with EC2 credentials, addressing several issues in the
  creation and use of EC2/S3 credentials with keystone tokens.
- CVE-2020-12689, CVE-2020-12691
SECURITY UPDATE: OAuth1 request token authorize silently ignores
roles parameter.
- debian/patches/CVE-2020-12690.patch: Ensure OAuth1 authorized
  roles are respected.
- CVE-2020-12691
SECURITY UPDATE: Keystone doesn't check signature TTL of the EC2
credential auth method.
- debian/patches/CVE-2020-12692.patch: Check timestamp of signed
  EC2 token request.
- CVE-2020-12692

49b26ee... by Chris MacNaughton on 2020-08-28