tag 824683 pending
thanks
Hello,
Bug #824683 reported by you has been fixed in the Git repository. You can
see the changelog below, and you can check the diff of the fix at:
http://git.debian.org/?p=openstack/keystone.git;a=commitdiff;h=3304482
---
commit 3304482c3209ea766d8b8f441aafcf644499bd49
Author: Thomas Goirand <tho...@goirand.fr>
Date: Thu May 19 07:58:43 2016 +0000
* CVE-2016-4911: Incorrect Audit IDs in Keystone Fernet Tokens can result
in
revocation bypass. Add upstream patch: "Fix fernet audit ids for v2.0".
(Closes: #824683).
diff --git a/debian/changelog b/debian/changelog
index 1a5cb44..2dac690 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,4 +1,4 @@
-keystone (2:9.0.0-2) unstable; urgency=medium
+keystone (2:9.0.0-2) unstable; urgency=high
[ Ondřej Nový ]
* Use /bin/sh as su shell in postinst script explicitly
@@ -8,6 +8,9 @@ keystone (2:9.0.0-2) unstable; urgency=medium
[ Thomas Goirand ]
* Fix the cron job to not run if we're not using UUID tokens, as it otherwise
fail and fill-up the log file (LP: #1520321).
+ * CVE-2016-4911: Incorrect Audit IDs in Keystone Fernet Tokens can result in
+ revocation bypass. Add upstream patch: "Fix fernet audit ids for v2.0".
+ (Closes: #824683).
-- Thomas Goirand <z...@debian.org> Thu, 19 May 2016 07:22:58 +0000
