[Secure-testing-commits] r22391 - data/CVE

Salvatore Bonaccorso carnil at alioth.debian.org
Wed May 29 05:59:19 UTC 2013


Author: carnil
Date: 2013-05-29 05:59:18 +0000 (Wed, 29 May 2013)
New Revision: 22391

Modified:
   data/CVE/list
Log:
add keystone and python-keystoneclient issue

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2013-05-29 04:52:08 UTC (rev 22390)
+++ data/CVE/list	2013-05-29 05:59:18 UTC (rev 22391)
@@ -3515,8 +3515,13 @@
 CVE-2013-2105
 	RESERVED
 	NOT-FOR-US: Show In Browser Ruby Gem
-CVE-2013-2104
+CVE-2013-2104 [Missing expiration check in Keystone PKI tokens validation]
 	RESERVED
+	- keystone <unfixed>
+	- python-keystoneclient <unfixed>
+	NOTE: Keystone Folsom fix: https://review.openstack.org/#/c/30743/
+	NOTE: python-keystoneclient fix: https://review.openstack.org/#/c/30742/
+	TODO: check versions and report to BTS
 CVE-2013-2103
 	RESERVED
 CVE-2013-2102




More information about the Secure-testing-commits mailing list