--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2015-11656
2015-07-16 00:06:43
--------------------------------------------------------------------------------

Name        : python-keystonemiddleware
Product     : Fedora 22
Version     : 1.3.2
Release     : 1.fc22
URL         : https://launchpad.net/keystonemiddleware
Summary     : Middleware for OpenStack Identity
Description :
This package contains middleware modules designed to provide authentication
and authorization features to web services other than OpenStack Keystone.
The most prominent module is keystonemiddleware.auth_token.
This package does not expose any CLI or Python API features.

--------------------------------------------------------------------------------
Update Information:

Update to upstream 1.3.2 which incldes fix for CVE-2015-1852
Update to upstream 1.3.1 + S3token incorrect condition expression for ssl_insecure CVE-2015-1852
--------------------------------------------------------------------------------
ChangeLog:

* Tue Jul 14 2015 Alan Pevec  1.3.2-1
- Update to upstream 1.3.2
* Fri May  1 2015 Alan Pevec  1.3.1-1
- Update to upstream 1.3.1
- S3token incorrect condition expression for ssl_insecure CVE-2015-1852
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1209527 - CVE-2015-1852 OpenStack keystonemiddleware/keystoneclient: S3Token TLS cert verification option not honored
        https://bugzilla.redhat.com/show_bug.cgi?id=1209527
--------------------------------------------------------------------------------

This update can be installed with the "yum" update program.  Use
su -c 'yum update python-keystonemiddleware' at the command line.
For more information, refer to "Managing Software with yum",
available at .

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/security/
--------------------------------------------------------------------------------
_______________________________________________
package-announce mailing list
package-announce@lists.fedoraproject.org
https://lists.fedoraproject.org/admin/lists/package-announce.lists.fedoraproject.org/

Fedora 22: python-keystonemiddleware Security Update

July 19, 2015
Update to upstream 1.3.2 which incldes fix for CVE-2015-1852 Update to upstream 1.3.1 + S3token incorrect condition expression for ssl_insecure CVE-2015-1852

Summary

This package contains middleware modules designed to provide authentication

and authorization features to web services other than OpenStack Keystone.

The most prominent module is keystonemiddleware.auth_token.

This package does not expose any CLI or Python API features.

Update Information:

Update to upstream 1.3.2 which incldes fix for CVE-2015-1852 Update to upstream 1.3.1 + S3token incorrect condition expression for ssl_insecure CVE-2015-1852

Change Log

* Tue Jul 14 2015 Alan Pevec 1.3.2-1 - Update to upstream 1.3.2 * Fri May 1 2015 Alan Pevec 1.3.1-1 - Update to upstream 1.3.1 - S3token incorrect condition expression for ssl_insecure CVE-2015-1852

References

[ 1 ] Bug #1209527 - CVE-2015-1852 OpenStack keystonemiddleware/keystoneclient: S3Token TLS cert verification option not honored https://bugzilla.redhat.com/show_bug.cgi?id=1209527

Update Instructions

This update can be installed with the "yum" update program. Use su -c 'yum update python-keystonemiddleware' at the command line. For more information, refer to "Managing Software with yum", available at .

Severity
Name : python-keystonemiddleware
Product : Fedora 22
Version : 1.3.2
Release : 1.fc22
URL : https://launchpad.net/keystonemiddleware
Summary : Middleware for OpenStack Identity

Related News

11.Locks IsometricPattern Esm H320
2 - 3 min read
The upcoming release of Linux Mint 22 will introduce significant changes, particularly in handling XApp , GNOME applications, and the Software
2.Motherboard Esm H320
2 - 3 min read
German software engineer Lennart Poettering recently presented run0 , a new tool in systemd v256 that aims to address the security concerns
22.Lock ScreenEffect Esm H320
2 - 3 min read
Red Hat recently released its newest enterprise Linux distro, Red Hat Enterprise Linux (RHEL) 9.4 , which introduces several features designed to
8.Locks HexConnections CodeGlobe Esm H320
1 - 2 min read
The latest release of Debian , one of the oldest and most trusted distributions within the Linux ecosystem, redefines security, stability, and
20.Lock AbstractDigital Circular Esm H320
1 - 2 min read
The Ubuntu security team has recently discovered and addressed multiple vulnerabilities in the Apache HTTP Server. The vulnerabilities affected
1.Penguin Landscape Esm H320
1 - 2 min read
A critical vulnerability was discovered in the Linux kernel's netfilter subsystem, specifically within the nf_tables component, posing potential
19.Laptop Bed Esm H320
2 - 3 min read
The release of Google Chrome 124 addresses four vulnerabilities, including a critical security flaw that can enable attackers to execute arbitrary
23.Tablet Connections Esm H320
2 - 3 min read
The release of Ubuntu 24.04 LTS , also known as Noble Numbat, brings various security enhancements and exciting new features . These improvements
Sign Up

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved