yahoo-eng-team team mailing list archive

Thread
Date

[Bug 1046905] Re: Memcached Token Backend does not support list tokens

To: yahoo-eng-team@xxxxxxxxxxxxxxxxxxx
From: Launchpad Bug Tracker <1046905@xxxxxxxxxxxxxxxxxx>
Date: Thu, 16 May 2013 17:28:30 -0000
Reply-to: Bug 1046905 <1046905@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

This bug was fixed in the package keystone - 2012.1.3+stable-20130423
-f48dd0fc-0ubuntu1

---------------
keystone (2012.1.3+stable-20130423-f48dd0fc-0ubuntu1) precise-proposed; urgency=low

  * Resynchronize with stable/essex (LP: #1089488):
    - [7402f5e] EC2 authentication does not ensure user or tenant is enabled
      LP: 1121494
    - [8945567] DoS through XML entity expansion (CVE-2013-1664) LP: 1100282
    - [7b5b72f] Add size validations for /tokens.
    - [ef1e682] docutils 0.10 incompatible with sphinx 1.1.3 LP: 1091333
    - [8735009] Removing user from a tenant isn't invalidating user access to
      tenant (LP: #1064914)
    - [025b1d5] Jenkins jobs fail because of incompatibility between sqlalchemy-
      migrate and the newest sqlalchemy-0.8.0b1 (LP: #1073569)
    - [ddb4019] Open 2012.1.4 development
    - [0e1f05e] memcache driver needs protection against unicode user keys
      (LP: #1056373)
    - [176ee9b] Token invalidation in case of role grant/revoke should be
      limited to affected tenant (LP: #1050025)
    - [58ac669] Token validation includes revoked roles (CVE-2012-4413)
      (LP: #1041396)
    - [cd1e48a] Memcached Token Backend does not support list tokens
      (LP: #1046905)
    - [5438d3b] Update user's default tenant partially succeeds without authz
      (LP: #1040626)
  * Dropped patches, superseeded by new snapshot:
    - debian/patches/CVE-2013-0282.patch [7402f5e]
    - debian/patches/CVE-2013-1664+1665.patch [8945567]
    - debian/patches/keystone-CVE-2012-5571.patch [8735009]
    - debian/patches/keystone-CVE-2012-4413.patch [58ac669]
    - debian/patches/keystone-CVE-2012-3542.patch [5438d3b]
  * Refreshed patches:
    - debian/patches/CVE-2013-0247.patch
    - debian/patches/fix-ubuntu-tests.patch
 -- Yolanda <yolanda.robla@xxxxxxxxxxxxx>   Tue, 23 Apr 2013 10:30:16 +0200

** Changed in: keystone (Ubuntu Precise)
       Status: Fix Committed => Fix Released

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2012-3542

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2012-4413

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2012-5571

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2013-0247

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2013-0282

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2013-1664

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to Keystone.
https://bugs.launchpad.net/bugs/1046905

Title:
  Memcached Token Backend does not support list tokens

Status in OpenStack Identity (Keystone):
  Fix Released
Status in Keystone essex series:
  Fix Released
Status in “keystone” package in Ubuntu:
  Fix Released
Status in “keystone” source package in Precise:
  Fix Released

Bug description:
  Tokens in Memcached cannot be listed by user id.

To manage notifications about this bug go to:
https://bugs.launchpad.net/keystone/+bug/1046905/+subscriptions