Bug 1337079 (CVE-2016-4911)
Summary: | CVE-2016-4911 openstack-keystone: Incorrect Audit IDs in Keystone Fernet Tokens can result in revocation bypass | ||||||
---|---|---|---|---|---|---|---|
Product: | [Other] Security Response | Reporter: | Andrej Nemec <anemec> | ||||
Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> | ||||
Status: | CLOSED UPSTREAM | QA Contact: | |||||
Severity: | medium | Docs Contact: | |||||
Priority: | medium | ||||||
Version: | unspecified | CC: | abaron, abhgupta, aileenc, aortega, apevec, apevec, ayoung, bfilippov, chazlett, chrisw, dmcphers, gmollett, itamar, jdennis, jialiu, jokerman, jonathansteffan, jose.castro.leon, jschluet, kseifried, lhh, lmeyer, lpeer, markmc, mmccomas, nkinder, rbryant, rduartes, sclewis, srevivo, tdecacqu, tiwillia | ||||
Target Milestone: | --- | Keywords: | Security | ||||
Target Release: | --- | ||||||
Hardware: | All | ||||||
OS: | Linux | ||||||
Whiteboard: | |||||||
Fixed In Version: | Doc Type: | If docs needed, set a value | |||||
Doc Text: | Story Points: | --- | |||||
Clone Of: | Environment: | ||||||
Last Closed: | 2016-08-11 23:15:19 UTC | Type: | --- | ||||
Regression: | --- | Mount Type: | --- | ||||
Documentation: | --- | CRM: | |||||
Verified Versions: | Category: | --- | |||||
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||
Cloudforms Team: | --- | Target Upstream Version: | |||||
Embargoed: | |||||||
Bug Depends On: | 1337345, 1337346 | ||||||
Bug Blocks: | 1337081 | ||||||
Attachments: |
|
Description
Andrej Nemec
2016-05-18 08:59:40 UTC
Created attachment 1163873 [details]
mitaka patch
|