Debian Patches
Status for keystone/2:29.0.0-2
| Patch | Description | Author | Forwarded | Bugs | Origin | Last update |
|---|---|---|---|---|---|---|
| install-missing-files.patch | install missing files | Thomas Goirand <zigo@debian.org> | not-needed | 2019-08-18 | ||
| do-not-set-chartset-in-flask-responce.patch | Do not set charset in flask responce =================================================================== |
Thomas Goirand <zigo@debian.org> | no | 2024-01-22 | ||
| set-deprecation-warnings-to-ignore.patch | Set deprecation warnings to ignore Otherwise, Keystone FTBFS in Unstable. | Thomas Goirand <zigo@debian.org> | no | 2025-03-13 | ||
| CVE-2026-33551~OSSA-2026-005_Prevent_unauthorized_EC2_credential_creation_and_deletion.patch | CVE-2026-33551~OSSA-2026-005: Prevent unauthorized EC2 credential creation and deletion A restricted application credential could be used to create EC2 credentials granting full user access to S3, bypassing the role restriction. Add the same _check_unrestricted_application_credential guard that already protects application credential create/delete endpoints. . Additionally, tighten the ec2_create_credential and ec2_delete_credential policies to require at least member role, as these are write operations that should not be accessible to reader-role users regardless of whether they are using an application credential. diff --git a/keystone/api/users.py b/keystone/api/users.py index 9970271..86ce09b 100644 |
Grzegorz Grasza <xek@redhat.com> | yes | debian upstream | upstream, https://review.opendev.org/c/openstack/keystone/+/983593 | 2026-04-10 |
All known versions for source package 'keystone'
- 2:29.0.0-3 (sid)
- 2:29.0.0-2 (forky)
- 2:27.0.0-3+deb13u1 (trixie-security, trixie)
- 2:22.0.2-0+deb12u1 (bookworm, bookworm-security)