ubuntu/+source/keystone:ubuntu/trusty-security

Last commit made on 2014-11-11
Get this branch:
git clone -b ubuntu/trusty-security https://git.launchpad.net/ubuntu/+source/keystone
Members of Ubuntu Server Dev import team can upload to this branch. Log in for directions.

Branch merges

Branch information

Name:
ubuntu/trusty-security
Repository:
lp:ubuntu/+source/keystone

Recent commits

7a7b086... by Marc Deslauriers on 2014-10-21

Import patches-unapplied version 1:2014.1.3-0ubuntu2.1 to ubuntu/trusty-security

Imported using git-ubuntu import.

Changelog parent: 01882da94759d6f70408771d75a034e91cad9fd6

New changelog entries:
  * No change rebuild for security:
    - [878f12e] Adds a whitelist for endpoint catalog substitution
      + CVE-2014-3621
      + LP: #1354208

01882da... by Chuck Short on 2014-10-10

Import patches-unapplied version 1:2014.1.3-0ubuntu2 to ubuntu/trusty-proposed

Imported using git-ubuntu import.

Changelog parent: f5921dcf8bb1d6f15b684a8abf3f1b13f2f18e8b

New changelog entries:
  [ Edward Hope-Morley ]
  * Added python-ldap as install dep (LP: #1364854)

f5921dc... by Chuck Short on 2014-10-06

Import patches-unapplied version 1:2014.1.3-0ubuntu1 to ubuntu/trusty-proposed

Imported using git-ubuntu import.

Changelog parent: 63f16f00be0c9ff359436e98dee6397fab7a8fbd

New changelog entries:
  [ Corey Bryant ]
  * Resynchronize with stable/icehouse (8485dbc) (LP: #1377136):
    - [89ebfe9] Fix tests comparing tokens
    - [6bf25d0] Fix typo on cache backend module
    - [1c8f9f9] Set LDAP certificate trust options for LDAPS and TLS
    - [878f12e] Adds a whitelist for endpoint catalog substitution
    - [a391713] Remove extraenous instantiations of managers
    - [25cbcf5] Avoid conversion of binary LDAP values
    - [b3765d7] Catalog driver generates v3 catalog from v2 catalog
    - [824f66d] Ensure token is a string
    - [30f9247] Add workaround to support tox 1.7.2
    - [80502d3] Fixes catalog URL formatting to never return None
    - [f3198d8] Updates keystone.catalog.core.format_url tests
    - [c959cbd] Ignore broken endpoints in get_catalog
    - [126440d] Ignore broken endpoints in get_v3_catalog
    - [c48ec38] No longer allow listing users by email
    - [18d4843] Fixes an issue with the XMLEquals matcher
    - [c6cd627] Implicitly ignore attributes that are mapped to None in LDAP
    - [8485dbc] Remove `with_lockmode` use from Trust SQL backend.
  * d/p/fix-requirements.patch: Rebased.
  * d/p/add-version-info.patch: Rebased.

63f16f0... by Corey Bryant on 2014-08-08

Import patches-unapplied version 1:2014.1.2.1-0ubuntu1 to ubuntu/trusty-proposed

Imported using git-ubuntu import.

Changelog parent: 765e9e607a726768e1ae438683143ef956be06d1

New changelog entries:
  [ Corey Bryant ]
  * Resynchronize with stable/icehouse (935fd60) (LP: #1354159):
    - [6cbf835] Fix revocation event handling with MySQL
    - [c900a6e] Make test_revoke expiry times distinct
    - [5c89c89] Fix revoking a scoped token from an unscoped token
    - [dfb0ff0] Add a test for revoking a scoped token from an unscoped
    - [317f9d3] Fix revoking domain-scoped tokens
    - [cccc3f3] Correct revocation event test for domain_id
    - [bdb88c6] Fix for V2 token issued_at time changing
    - [0c34e79] Add tests related to V2 token issued_at time changing
    - [8e87504] Don't override tox envdir for pep8
    - [774b6ab] Correct the region table to be InnoDB and UTF8
    - [6f8c444] HEAD responses should return same status as GET
    - [44555e8] Ensure that in v2 auth tenant_id matches trust
    - [2baae78] Do not log 14+ INFO lines on a broken pipe error (eventlet)
    - [cef4fbc] Properly invalidate cache for get_*_by_name methods
    - [e08b62a] Make sure domains are enabled by default
    - [7378512] Block delegation escalation of privilege
    - [935fd60] Encode/Decode LDAP parameters to/from UTF-8
  * d/p/fix-requirements.patch: Refreshed.
  [ James Page ]
  * d/watch: Point to tarballs.openstack.org for release artifacts.

765e9e6... by Corey Bryant on 2014-06-09

Import patches-unapplied version 1:2014.1.1-0ubuntu1 to ubuntu/trusty-proposed

Imported using git-ubuntu import.

Changelog parent: ab725a1e660824655e083999318d4f8d1544cc7d

New changelog entries:
  * Resynchronize with stable/icehouse (1716748) (LP: #1328134):
    - [4408625] sql migration: ensure using innodb utf8 for assignment table
    - [786af98] SQL and LDAP fixes for get_roles_for_user_and_project user=group ID
    - [e56fe4c] Updated from global requirements
    - [0bd819c] Removed duplication with list_user_ids_for_project
    - [b932321] Allow any attributes in mapping and include in results
    - [1716748] Treat LDAP attribute names as case-insensitive
  * d/p/fix-requirements.patch: Drop minimum version of six to align to version
    in Ubuntu 14.04.

ab725a1... by James Page on 2014-04-17

Import patches-unapplied version 1:2014.1-0ubuntu1 to ubuntu/trusty-proposed

Imported using git-ubuntu import.

Changelog parent: bbdebb05937b716cedf773e8851e2bb0779c9d28

New changelog entries:
  * New upstream release (LP: #1298959).

bbdebb0... by Corey Bryant on 2014-04-08

Import patches-unapplied version 1:2014.1~rc2-0ubuntu1 to ubuntu/trusty-proposed

Imported using git-ubuntu import.

Changelog parent: acad9dbfa01ca34b47394420183340c61acf4f4b

New changelog entries:
  [ Chuck Short ]
  * debian/control: Add python-oslotest as a build dependency.
  [ Corey Bryant ]
  * New upstream release. (LP: #1298959)

acad9db... by Chuck Short on 2014-03-28

Import patches-unapplied version 1:2014.1~rc1-0ubuntu1 to ubuntu/trusty-proposed

Imported using git-ubuntu import.

Changelog parent: 60428dcc8477f427e85e7ec51c8adc075ca26321

New changelog entries:
  [ James Page ]
  * d/p/*: Refreshed
  * d/p/revoke-api.patch: Dropped, not needed for master branch.
  * d/control: Add python-kombu and python-lockfile to BD's and dependencies
    for python-keystone (LP: #1292478).
  [ Chuck Short ]
  * New upstream release. (LP: #1298959)
  * d/p/ubuntu-oslo.sphinx.patch: Dropped no longer needed.
  * debian/control: Use python-oslosphinx.
  * d/patches/add-version-info.patch: Re-enabled.
  * d/keystone.logrotate: Use copytruncate instead of restart. (LP: #1297705)

60428dc... by Corey Bryant on 2014-03-13

Import patches-unapplied version 1:2014.1~b3-0ubuntu3 to ubuntu/trusty-proposed

Imported using git-ubuntu import.

Changelog parent: 7d8fc022a5c18390e688e503c82a7ecb05c8a3f1

New changelog entries:
  * d/p/revoke-api.patch: Add upstream patch to resolve critical issue with
    token revocation (LP: #1289935).
  * d/keystone.postinst: Ensure db_sync is only run when the default sqlite
    connection is configured (LP: #1290423).

7d8fc02... by James Page on 2014-03-06

Import patches-unapplied version 1:2014.1~b3-0ubuntu2 to ubuntu/trusty-proposed

Imported using git-ubuntu import.

Changelog parent: aa277d6bd62f9fed30fb4d50633b1c6a4eda6ebd

New changelog entries:
  * Make test execution more verbose to avoid timeouts on buildds:
    - d/rules: Use run_tests.sh wrapper to execute tests.
    - d/control: Add BD on subunit.
  * d/*: Wrap and sort.