Debian Patches
Status for keystone/2:22.0.2-0+deb12u1
| Patch | Description | Author | Forwarded | Bugs | Origin | Last update |
|---|---|---|---|---|---|---|
| fixes-keystone-default-catalog.patch | Fix default keystone catalog Fix default catalog so that it matches the region name which is set by default by debconf in all of the Openstack Debian packages. diff --git a/etc/default_catalog.templates b/etc/default_catalog.templates index e885b52..936be8b 100644 |
Thomas Goirand <zigo@debian.org> | no | 2016-03-03 | ||
| install-missing-files.patch | install missing files | Thomas Goirand <zigo@debian.org> | not-needed | 2019-08-18 | ||
| Consistent_and_Secure_RBAC_Phase_1.patch | [PATCH] Consistent and Secure RBAC (Phase 1) This patch updates system-scoped policies to also accept project-admin tokens so that operators can continue to use the "admin" role to access system level APIs. The protection test job is marked non-voting since tempest does not yet expect these policy changes. A follow-up patch will make it voting again after the test changes have merged into tempest. [1] https://governance.openstack.org/tc/goals/selected/consistent-and-secure-rbac.html#phase-1 (cherry picked from commit f2f1a5c38847ddc5aa28eec9722885d9c64c6e7b) (cherry picked from commit 991662c666b6dcb410a622c9ec32e18a094757b2) |
Douglas Mendizábal <dmendiza@redhat.com> | no | 2023-12-05 | ||
| Fix_policies_for_groups.patch | Fix policies for groups This patch fixes a couple of broken policies in the groups resource. diff --git a/keystone/common/policies/group.py b/keystone/common/policies/group.py index 024ee65..8c8293c 100644 |
Douglas Mendizábal <dmendiza@redhat.com> | no | upstream, https://review.opendev.org/c/openstack/keystone/+/906892 | 2025-10-30 | |
| Allow_admin_to_access_tokens_and_credentials.patch | [PATCH] Allow admin to access tokens and credentials This patch modifies a few policies to allow users with the "admin" role to access /v3/auth/tokens and /v3/credentials. These policies were missed when we implemented Phase 1 of Secure RBAC. (cherry picked from commit b31007e1b2ecbea5e1268d3e28d6230d0f5d09b2) (cherry picked from commit 0dcc423a2621943ab9188cff3edb9bc488339fe0) (cherry picked from commit 570c19e91bc3212f748221bdab5f2976f479fa13) |
Douglas Mendizábal <dmendiza@redhat.com> | no | 2024-03-27 | ||
| Dont_enforce_when_HTTP_GET_on_s3tokens_and_ec2tokens.patch | Dont enforce when HTTP GET on s3tokens and ec2tokens When calling the s3tokens or ec2tokens API with a HTTP GET we should get a 405 Method Not Allowed but we get a 500 Internal Server Error because we enforce that method. diff --git a/keystone/api/_shared/EC2_S3_Resource.py b/keystone/api/_shared/EC2_S3_Resource.py index ff94286..7b2fc21 100644 |
Tobias Urdin <tobias.urdin@binero.se> | yes | upstream | upstream, https://review.opendev.org/c/openstack/keystone/+/908760 | 2025-10-30 |
| keystone-bug-2119646-stable-2024.1.patch | [PATCH] Add service user authentication to ec2 and s3 endpoints Add a policy to enforce authentication with a user in the service group. This maintains AWS compatibility with the added security layer. (cherry picked from commit 69d299eab04a1e1bab25eb89e0fdf7f0106b8ee5) |
Grzegorz Grasza <xek@redhat.com> | no | 2025-09-19 |
All known versions for source package 'keystone'
- 2:28.0.0-2 (sid)
- 2:28.0.0-1 (forky)
- 2:27.0.0-3+deb13u1 (trixie-security)
- 2:27.0.0-3 (trixie)
- 2:22.0.2-0+deb12u1 (bookworm-proposed-updates, bookworm-security)
- 2:22.0.0-2 (bookworm)