Package: keystone / 2:18.0.0-3+deb11u1

Metadata

Package Version Patches format
keystone 2:18.0.0-3+deb11u1 3.0 (quilt)

Patch series

view the series file
Patch File delta Description
fixes keystone default catalog.patch | (download)

etc/default_catalog.templates | 64 32 + 32 - 0 !
1 file changed, 32 insertions(+), 32 deletions(-)

 
 fix default keystone catalog
 Fix default catalog so that it matches the region name which is set by
 default by debconf in all of the Openstack Debian packages.
install missing files.patch | (download)

MANIFEST.in | 1 1 + 0 - 0 !
1 file changed, 1 insertion(+)

 
 install missing files
CVE 2021 38155_Hide_AccountLocked_exception_from_end_users.patch | (download)

keystone/notifications.py | 2 2 + 0 - 0 !
keystone/tests/unit/common/test_notifications.py | 2 1 + 1 - 0 !
keystone/tests/unit/identity/test_backend_sql.py | 10 5 + 5 - 0 !
releasenotes/notes/bug-1688137-e4203c9a728690a7.yaml | 8 8 + 0 - 0 !
4 files changed, 16 insertions(+), 6 deletions(-)

 
: cve-2021-38155 hide accountlocked exception from end users
 This change hides the AccountLocked exception from being returned
 to the end user to hide sensitive information that a potential
 malicious person could gain insight from.
 .
 The notification handler catches the AccountLocked exception as
 before, but after sending the audit notification, it instead
 bubbles up Unauthorized rather than AccountLocked.