RedHatRHSA-2013:1524(RHSA-2013:1524) Moderate: openstack-keystone security and bug fix update
EPSS
Percentile
68.5%
The openstack-keystone packages provide Keystone, a Python implementation
of the OpenStack identity service API, which provides Identity, Token,
Catalog, and Policy services.
It was found that tokens issued to a tenant were not invalidated when that
tenant was disabled in Keystone. This could allow users assigned to a
disabled tenant to retain access to resources they should no longer be able
to access. (CVE-2013-4222)
These updated packages have been upgraded to upstream version 2013.1.4,
which provides a number of bug fixes over the previous version.
(BZ#1021641)
This update also fixes the following bug:
- WebOb 1.0 has been removed from the Red Hat Openstack 3.0 package
requirements; all packages now use WebOb 1.2.3. (BZ#1012694)
All users of openstack-keystone are advised to upgrade to these updated
packages, which correct these issues. After installing the updated
packages, the Keystone service (openstack-keystone) will be restarted
automatically.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| RedHat | 6 | noarch | openstack-keystone-doc | < 2013.1.4-1.el6ost | openstack-keystone-doc-2013.1.4-1.el6ost.noarch.rpm |
| RedHat | 6 | src | openstack-keystone | < 2013.1.4-1.el6ost | openstack-keystone-2013.1.4-1.el6ost.src.rpm |
| RedHat | 6 | noarch | openstack-keystone | < 2013.1.4-1.el6ost | openstack-keystone-2013.1.4-1.el6ost.noarch.rpm |
| RedHat | 6 | noarch | python-keystone | < 2013.1.4-1.el6ost | python-keystone-2013.1.4-1.el6ost.noarch.rpm |
Related
