87 matches found
SUSE-SU-2015:1141-1 Security update for python-keystoneclient
python-keystoneclient was updated to fix two security issues: bsc928205: S3Token TLS certificate verification option not honored. CVE-2015-1852 bsc897103: TLS certificate verification option not honored in paste configs. CVE-2014-7144 Security Issues: CVE-2014-7144 CVE-2015-1852...
DEBIAN-CVE-2015-1852
The s3token middleware in OpenStack keystonemiddleware before 1.6.0 and python-keystoneclient before 1.4.0 disables certification verification when the "insecure" option is set in a paste configuration paste.ini file regardless of the value, which allows remote attackers to conduct...
PYSEC-2015-31
The s3token middleware in OpenStack keystonemiddleware before 1.6.0 and python-keystoneclient before 1.4.0 disables certification verification when the "insecure" option is set in a paste configuration paste.ini file regardless of the value, which allows remote attackers to conduct...
PYSEC-2015-30
The s3token middleware in OpenStack keystonemiddleware before 1.6.0 and python-keystoneclient before 1.4.0 disables certification verification when the "insecure" option is set in a paste configuration paste.ini file regardless of the value, which allows remote attackers to conduct...
CVE-2015-1852
The s3token middleware in OpenStack keystonemiddleware before 1.6.0 and python-keystoneclient before 1.4.0 disables certification verification when the "insecure" option is set in a paste configuration paste.ini file regardless of the value, which allows remote attackers to conduct...
CVE-2015-1852
OpenStack keystonemiddleware and python-keystoneclient are vulnerable to a man-in-the-middle attack when the paste.ini configuration’s insecure option is used. Specifically, the s3_token middleware in keystonemiddleware (and python-keystoneclient) disables TLS certificate verification if insecure...
CVE-2015-1852
The s3token middleware in OpenStack keystonemiddleware before 1.6.0 and python-keystoneclient before 1.4.0 disables certification verification when the "insecure" option is set in a paste configuration paste.ini file regardless of the value, which allows remote attackers to conduct...
CVE-2015-1852
The s3token middleware in OpenStack keystonemiddleware before 1.6.0 and python-keystoneclient before 1.4.0 disables certification verification when the "insecure" option is set in a paste configuration paste.ini file regardless of the value, which allows remote attackers to conduct...
Moderate: Red Hat Security Advisory: python-keystoneclient security update
Updated python-keystoneclient packages that fix one security issue are now available for Red Hat Enterprise Linux OpenStack Platform 4.0. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detaile...
RHEL 6 : Storage Server (RHSA-2014:0409)
Updated python-keystoneclient packages that fix one security issue are now available for Red Hat Storage 2.1. The Red Hat Security Response Team has rated this update as having Important security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating...
Moderate: Red Hat Security Advisory: python-keystoneclient security and bug fix update
Updated python-keystoneclient packages that fix one security issue and one bug are now available for Red Hat Enterprise Linux OpenStack Platform 5.0 for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring...
keystonemiddleware (=1.3.2), python-ceilometerclient (=1.0.15) +3 more potentially affected by CVE-2014-7144 via python-keystoneclient (>=1.1.0 <=1.1.1)
python-keystoneclient PYPI version =1.1.0, =0.9.4, =0.9.9 - python-neutronclient =2.3.12 Source cves: CVE-2014-7144 Source advisory: OSV:PYSEC-2014-71...
openSUSE Security Update : python-keystoneclient (openSUSE-SU-2013:1090-1)
This update of python-keystoneclient fixes a security vulnerability. - Add CVE-2013-2013.patch: allow secure user password update CVE-2013-2013, bnc817415. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE...
Fedora Update for python-keystoneclient FEDORA-2014-5555
Check for the Version of python-keystoneclient OpenVAS Vulnerability Test Fedora Update for python-keystoneclient FEDORA-2014-5555 Authors: System Generated Check Copyright: Copyright C 2014 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it...
Fedora Update for python-keystoneclient FEDORA-2014-5555
The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 20 : python-keystoneclient-0.7.1-2.fc20 (2014-5555)
Depend on correct python-six version Fix CVE-2014-0105 by update to upstream 0.7.1 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without...
[SECURITY] Fedora 20 Update: python-keystoneclient-0.7.1-2.fc20
Client library and command line utility for interacting with Openstack Identity API...
Important: Red Hat Security Advisory: python-keystoneclient security update
Updated python-keystoneclient packages that fix one security issue are now available for Red Hat Enterprise Linux OpenStack Platform 3.0. The Red Hat Security Response Team has rated this update as having Important security impact. A Common Vulnerability Scoring System CVSS base score, which give...
Important: Red Hat Security Advisory: python-keystoneclient security update
Updated python-keystoneclient packages that fix one security issue are now available for Red Hat Storage 2.1. The Red Hat Security Response Team has rated this update as having Important security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating...
OpenStack python-keystoneclient Cache安全绕过漏洞
OpenStack是由Rackspace和NASA共同开发的云计算平台,帮助服务商和企业内部实现类似于Amazon EC2和S3的云基础架构。 缓存处理多个,多次请求时存在错误,可被利用以另一个用户身份进行认证操作。 0 OpenStack python-keystoneclient 0.x OpenStack python-keystoneclient 0.7.0及之后版本以修复此漏洞,建议用户下载使用: https://launchpad.net/python-keystoneclient...