RHEL 6 : python-keystoneclient (RHSA-2014:0382)

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2014:0382 advisory. Python-keystoneclient is a client library and a command line utility for interacting with the OpenStack Identity API. The OpenStack Identity authtoke...

python-keystoneclient vulnerable to context confusion in Keystone auth_token middleware

A context confusion vulnerability was identified in Keystone authtoken middleware shipped in python-keystoneclient before 0.7.0. By doing repeated requests, with sufficient load on the target system, an authenticated user may in certain situations assume another authenticated user's complete...