Debian Patches

Status for python-keystonemiddleware/10.1.0-4

Patch Description Author Forwarded Bugs Origin Last update
no-intersphinx.patch No intersphinx.
Thomas Goirand <> not-needed 2017-10-05
CVE-2022-2447_Remove_cache_invalidation_when_using_expired_token.patch Remove cache invalidation when using expired token This can create a race condition for long running services that reuse
their token (eg. Kubernetes Cinder CSI plugin) in this case for
1 [user] Asks nova to attach a volume to a server
2 ...the user's token expires
3 [user] Asks cinder if the volume has been attached
4 [nova] Asks cinder to attach the volume
In step 3 the token is marked as invalid in the cache and step 4 fails
even if allow_expired is true

diff --git a/keystonemiddleware/auth_token/ b/keystonemiddleware/auth_token/
index 0feed6f..ddb2ddc 100644
Jorge Merlino <> yes upstream upstream, 2022-10-05

All known versions for source package 'python-keystonemiddleware'