Peter Feiner from Gridcentric, Inc. deserves special mention for
independently reporting the same underlying error:
https://bugs.launchpad.net/python-keystoneclient/+bug/1289074
He also suggested an approach to fix the error which closed the security
vulnerability as well. Thanks, Peter!
On Th
OpenStack Security Advisory: 2014-007
CVE: CVE-2014-0105
Date: March 27, 2014
Title: Potential context confusion in Keystone middleware
Reporter: Kieran Spear (University of Melbourne)
Products: python-keystoneclient
Versions: All versions up to 0.6.0
Description:
Kieran Spear from the University