User: Password:
Subscribe / Log in / New account

python-keystoneclient: PKI token expiration botch

Package(s):python-keystoneclient CVE #(s):CVE-2013-2104
Created:June 4, 2013 Updated:August 12, 2013
Description: From the Ubuntu advisory:

Eoghan Glynn and Alex Meade discovered that python-keystoneclient did not properly perform expiry checks for the PKI tokens used in Keystone. If Keystone were setup to use PKI tokens (the default in Ubuntu 13.04), a previously authenticated user could continue to use a PKI token for longer than intended.

Fedora FEDORA-2013-14302 python-keystoneclient 2013-08-15
Fedora FEDORA-2013-10713 openstack-keystone 2013-08-09
openSUSE openSUSE-SU-2013:1089-1 openstack-keystone 2013-06-27
Ubuntu USN-1875-1 keystone 2013-06-13
Red Hat RHSA-2013:0944-01 python-keystoneclient 2013-06-12
Ubuntu USN-1851-1 python-keystoneclient 2013-06-03

(Log in to post comments)

Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds