Bug#707598: marked as done (CVE-2013-2059: Keystone tokens not immediately invalidated when user is deleted [OSSA 2013-011])

Thu, 16 May 2013 00:21:21 -0700 

Your message dated Thu, 16 May 2013 07:17:47 +0000
with message-id <[email protected]>
and subject line Bug#707598: fixed in keystone 2013.1.1-2
has caused the Debian Bug report #707598,
regarding CVE-2013-2059: Keystone tokens not immediately invalidated when user 
is deleted [OSSA 2013-011]
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)


-- 
707598: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=707598
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message --- 
Package: keystone
Severity: important
Tags: security patch
Justification: user security hole

Please see: http://lists.openstack.org/pipermail/openstack-announce/2013-
May/000099.html

Cheers, luciano

--- End Message ---
--- Begin Message --- 
Source: keystone
Source-Version: 2013.1.1-2

We believe that the bug you reported is fixed in the latest version of
keystone, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Thomas Goirand <[email protected]> (supplier of updated keystone package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.8
Date: Fri, 10 May 2013 10:22:18 +0800
Source: keystone
Binary: python-keystone keystone keystone-doc
Architecture: source all
Version: 2013.1.1-2
Distribution: unstable
Urgency: low
Maintainer: PKG OpenStack <[email protected]>
Changed-By: Thomas Goirand <[email protected]>
Description: 
 keystone   - OpenStack identity service
 keystone-doc - OpenStack identity service - documentation
 python-keystone - OpenStack identity service - library
Closes: 707598
Changes: 
 keystone (2013.1.1-2) unstable; urgency=low
 .
   * Uploading to unstable.
   * New upstream release:
     - Fixes CVE-2013-2059: Keystone tokens not immediately invalidated when
     user is deleted [OSSA 2013-011] (Closes: #707598).
   * Also installs httpd/keystone.py.
Checksums-Sha1: 
 21c502db045a18d172e8f87ce8efa347b6fe4bde 2292 keystone_2013.1.1-2.dsc
 da67f66ee393f71c52f28bf96cb85055deef0e38 331060 keystone_2013.1.1.orig.tar.xz
 b2c53f3799a0ab579bf4e9f2332727a9c21def5f 237293 
keystone_2013.1.1-2.debian.tar.gz
 8232ddc54bb67822979ad1173cbfe08ce7b9ae67 336232 
python-keystone_2013.1.1-2_all.deb
 7f8f16018100c4152e19d81bb4b1cf4e8f0403c6 246148 keystone_2013.1.1-2_all.deb
 df9a5d14de34947cc345673f05026ff23ee98c06 522588 keystone-doc_2013.1.1-2_all.deb
Checksums-Sha256: 
 5bbffedcda4abc3815308b25e4500246486ac4b54a29bf800f299feb8b2d07a1 2292 
keystone_2013.1.1-2.dsc
 0c13c138434c4bd626dedc309fa0fc57b5588ef2cd4e483a9c0a099874622f0d 331060 
keystone_2013.1.1.orig.tar.xz
 b46e1dfa2c4d1ed8758ad9e466c09670148050716d20c649df7f5d53274d4f32 237293 
keystone_2013.1.1-2.debian.tar.gz
 cc54dfe5d4ef51cc3b1c0e9fc3e3c7aa71c6e8c12ab3710b2c46caa187b7ba6e 336232 
python-keystone_2013.1.1-2_all.deb
 5c2d86e51101804638adb49243df87141ebe0cb06d8eb020d49a23673a7eb3c3 246148 
keystone_2013.1.1-2_all.deb
 506dd7091866af133770bcba8f17dcafcd27d358d45a63002e677bad2e4f31b7 522588 
keystone-doc_2013.1.1-2_all.deb
Files: 
 0d7e7c4eef5d34b7f2a1c397f8a27587 2292 net extra keystone_2013.1.1-2.dsc
 773671edbb4af2b11d7162afa9f95487 331060 net extra keystone_2013.1.1.orig.tar.xz
 e97659bf07d75480bb61ef00e2282d12 237293 net extra 
keystone_2013.1.1-2.debian.tar.gz
 20b4ed91ef36c00755d3ecece4d01e87 336232 python extra 
python-keystone_2013.1.1-2_all.deb
 0d1871c7b8c69bbcf1f981c4d2586071 246148 python extra 
keystone_2013.1.1-2_all.deb
 b13e4fe2f8bcd680f7905f6eeb682af2 522588 doc extra 
keystone-doc_2013.1.1-2_all.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iEYEARECAAYFAlGUhKoACgkQl4M9yZjvmkn7GACg2GTdj8HieWHaBNUji34zq08A
LHkAoLKS4y+kOw3VUvi2m3fwdx9SKSWU
=Dfij
-----END PGP SIGNATURE-----

--- End Message ---

Reply via email to