ubuntu/+source/keystone:applied/debian/wheezy

Last commit made on 2013-06-14
Get this branch:
git clone -b applied/debian/wheezy https://git.launchpad.net/ubuntu/+source/keystone
Members of Ubuntu Server Dev import team can upload to this branch. Log in for directions.

Branch merges

Branch information

Name:
applied/debian/wheezy
Repository:
lp:ubuntu/+source/keystone

Recent commits

af8d9b1... by Thomas Goirand <email address hidden> on 2013-05-10

Import patches-applied version 2012.1.1-13+wheezy1 to applied/debian/jessie

Imported using git-ubuntu import.

Changelog parent: 7223402da2cf8657b1b7efc366f6ce5f4b923fe4
Unapplied parent: fd4e4693cb7767549dfbda25f59cb51ae6b27ab7

New changelog entries:
  * CVE-2013-2059: Keystone tokens not immediately invalidated when user is
    deleted [OSSA 2013-011]. Added backported to Essex patch which I picked-up
    from Launchpad. Thanks to the Canonical security team (Closes: #707598).

fd4e469... by Thomas Goirand <email address hidden> on 2013-05-10

CVE-2013-2059 Revoke tokens on user delete

Gbp-Pq: CVE-2013-2059_essex_Deleted_user_can_still_create_instances.patch.

a09872f... by Thomas Goirand <email address hidden> on 2013-05-10

Ignore XML entities

Gbp-Pq: CVE-2013-1664_CVE-2013-1665_Information-leak-and-Denial-of-Service-using-XML-entities.patch.

b7c1069... by Thomas Goirand <email address hidden> on 2013-05-10

CVE-2013-0282 Keystone EC2-style authentication accepts disabled user/tenants

Gbp-Pq: CVE-2013-0282_ensure-user-tenant-enabled-ec2.patch.

0179a5b... by Thomas Goirand <email address hidden> on 2013-05-10

CVE-2013-0247: Keystone denial of service through invalid token requests

Gbp-Pq: CVE-2013-0247_denial_of_service_through_invalid_token_requests.patch.

ef155f5... by Thomas Goirand <email address hidden> on 2013-05-10

Ensures User is member of tenant in ec2 validation

Gbp-Pq: ensures-User-is-member-of-tenant-in-ec2-validation.patch.

42144a6... by Thomas Goirand <email address hidden> on 2013-05-10

Raise unauthorized if tenant disabled

Gbp-Pq: CVE-2012-4457-Raise_unauthorized_if_tenant_disabled.patch.

4202b03... by Thomas Goirand <email address hidden> on 2013-05-10

Require authz for user role list

Gbp-Pq: CVE-2012-4456-Some_actions_in_Keystone_admin_API_do_not_validate_token.patch.

82a3372... by Thomas Goirand <email address hidden> on 2013-05-10

CVE-2012-4413: Revoking a role does not affect existing tokens

Gbp-Pq: CVE-2012-4413_Revoking-a-role-does-not-affect-existing-tokens.patch.

01a4f7d... by Thomas Goirand <email address hidden> on 2013-05-10

Lack of authorization for adding users to tenants

Gbp-Pq: CVE-2012-3542_Lack-of-authorization-for-adding-users-to-tenants.patch.