Package: keystone Severity: grave Tags: security patch Hi, the following vulnerability was published for keystone.
CVE-2013-2014[0]: | Concurrent requests with large POST body can crash the keystone process. | This can be used by Malicious and lead to DOS to Cloud Service Provider. If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. Upstream patch: https://review.openstack.org/#/c/22661/ Seems to be fixed for experimental in 2013.1-1. For further information see: [0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2014 http://security-tracker.debian.org/tracker/CVE-2013-2014 -- Nico Golde - XMPP: n...@jabber.ccc.de - GPG: 0xA0A0AAAA
pgpHdX9ExAZ3O.pgp
Description: PGP signature
