Ubuntu

“keystone” 2012.1+stable~20120824-a16a0ab9-0ubuntu2.5 source package in The Precise Pangolin

Publishing history

2012.1+stable~20120824-a16a0ab9-0ubuntu2.5
SUPERSEDED: Precise pocket Updates in component main and section net
  • Removed from disk on 2013-05-18.
  • Removal requested on 2013-05-17.
  • Superseded on 2013-05-16 by keystone - 2012.1.3+stable-20130423-f48dd0fc-0ubuntu1
  • Published on 2013-02-20
  • Copied from ubuntu precise in Private PPA for Ubuntu Security Team by Ubuntu Archive Robot
2012.1+stable~20120824-a16a0ab9-0ubuntu2.5
SUPERSEDED: Precise pocket Security in component main and section net
  • Removed from disk on 2013-05-18.
  • Removal requested on 2013-05-17.
  • Superseded on 2013-05-16 by keystone - 2012.1.3+stable-20130423-f48dd0fc-0ubuntu1.1
  • Published on 2013-02-20
  • Copied from ubuntu precise in Private PPA for Ubuntu Security Team by Jamie Strandboge

Changelog

keystone (2012.1+stable~20120824-a16a0ab9-0ubuntu2.5) precise-security; urgency=low

  * SECURITY UPDATE: fix EC2-style authentication for disabled users
    - debian/patches/CVE-2013-0282.patch: adjust keystone/contrib/ec2/core.py
      to ensure user and tenant are enabled in EC2
    - CVE-2013-0282
    - LP: #1121494
  * SECURITY UPDATE: fix denial of service
    - debian/patches/CVE-2013-1664+1665.patch: disable XML entity parsing
    - CVE-2013-1664
    - CVE-2013-1665
    - LP: #1100279
 -- Jamie Strandboge <email address hidden>   Tue, 19 Feb 2013 11:57:49 -0600