[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Taking care of Keystone in Stretch and Jessie

Hi team!

I released an update of Keystone for a quite serious problem related to
ec2 credentials where a user can become admin. I was able to fix the
last 4 releases of OpenStack. Though I don't have the energy to
investigate these CVEs in Stretch and Jessie. Probably Keystone over
there isn't even affected, I don't know.

Is anyone interested to do the work? If so, best would be to look at the
4 patches I added to the security release of Keystone in Buster.


Thomas Goirand (zigo)

Reply to: