[ubuntu-cloud-archive/grizzly-proposed] keystone (Accepted)
James Page
james.page at ubuntu.com
Sat Jun 15 19:03:45 UTC 2013
keystone (1:2013.1.1-0ubuntu2.1~cloud0) precise-grizzly; urgency=low
.
* New security update for the Ubuntu Cloud Archive.
.
keystone (1:2013.1.1-0ubuntu2.1) raring-security; urgency=low
.
* SECURITY UPDATE: fix authentication bypass when using LDAP backend
- debian/patches/CVE-2013-2157.patch: identity/backends/ldap/core.py is
adjusted to raise an assertion for invalid password when using LDAP and
an empty password is submitted
- CVE-2013-2157
- LP: #1187305
Date: Thu, 13 Jun 2013 19:51:29 -0700
Changed-By: Adam Gandelman <adamg at ubuntu.com>
Signed-By: Adam Gandelman
Published-By: James Page <james.page at ubuntu.com>
More information about the Cloud-archive-changes
mailing list