From ${URL} : ========================================================= OSSA-2016-005: Potential reuse of revoked Identity tokens ========================================================= :Date: January 29, 2016 :CVE: CVE-2015-7546 Affects ~~~~~~ - Keystone: <= 2015.1.2, >= 8.0.0 <= 8.0.1 - Keystonemiddleware: >= 1.5.0 <= 1.5.3, >= 1.6.0 <= 2.3.2 Description ~~~~~~~~~~ Liu Sheng reported a vulnerability in Keystone. By manipulating a token content, an authenticated user may prevent its revocation. This can allow unauthorized access to cloud resources if a revoked token is intercepted by an attacker. Only keystone setups using PKI or PKIZ token are affected Patches ~~~~~~ - https://review.openstack.org/266045 (keystone) (Kilo) - https://review.openstack.org/266607 (keystonemiddleware) (Kilo) - https://review.openstack.org/266022 (keystone) (Liberty) - https://review.openstack.org/265988 (keystonemiddleware) (Liberty) - https://review.openstack.org/258141 (keystone) (Mitaka) - https://review.openstack.org/258143 (keystonemiddleware) (Mitaka) Credits ~~~~~~ - Liu Sheng from Huawei (CVE-2015-7546) References ~~~~~~~~~ - https://bugs.launchpad.net/bugs/1490804 - https://wiki.openstack.org/wiki/OSSN/OSSN-0062 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7546 Notes ~~~~ - The keystone fix is included in 2015.1.3 (Kilo) and will be included in a future 8.0.2 (Liberty) releases. - The keystonemiddleware fix will be included in future 1.5.4 (Kilo) and 2.3.3 (Liberty) releases. - Both keystone and keystonemiddleware needs to be updated @maintainer(s): after the bump, in case we need to stabilize the package, please let us know if it is ready for the stabilization or not.
fixed in: =dev-python/keystonemiddleware-2.3.1-r1 =dev-python/keystonemiddleware-2.3.2-r1 arches, please stabilize both
amd64 stable
x86 stable. Maintainer(s), please cleanup. Security, please vote.
GLSA Vote: No
@maintainer(s), what is the intention for 1.5.x branch? 1.5.4 is still not out with the proper fix. Thanks
Can we clean 1.5.x and 2.2.0?
cleaned up