(RHSA-2014:1783) Moderate: python-keystoneclient security and bug fix update

Python-keystoneclient is a client library and a command line utility for
interacting with the OpenStack Identity API.

It was found that Python-keystoneclient treated all settings in paste.ini
files as string types. If the “insecure” option were set to any value in a
paste.ini configuration file, it would be evaluated as true, resulting in
TLS connections being vulnerable to man-in-the-middle attacks.
(CVE-2014-7144)

Note that when the “insecure” option was not set in paste.ini, it evaluated
to false, and verification was performed.

This update also fixes the following bug:

• Previously, when attempting to enable the use of the s3_token middleware,
  for use with the Amazon Simple Storage Service (Amazon S3) APIs, a “No
  module named webob” error was returned. (BZ#1141933)

All python-keystoneclient users are advised to upgrade to these updated
packages, which correct these issues.