python-keystoneclient

CVEs related to bugs in python-keystoneclient

Open bugs

There are no CVEs related to bugs open in python-keystoneclient.

Resolved bugs

Bug	CVE(s)
Bug #938315: [OSSA-2013-013] Updating password via keystoneclient CLI should be done securely (CVE-2013-2013)	CVE-2013-2013
python-keystoneclient	Fix released, assigned to Pradeep Kilambi
Bug #1174608: [OSSA 2013-010] Insecure directory creation for signing	CVE-2013-2030
python-keystoneclient	Fix released, assigned to Dolph Mathews
Bug #1175367: [OSSA 2013-017] Memcache encryption middleware improperly implemented (CVE-2013-2166)	CVE-2013-2166
python-keystoneclient	Fix released, assigned to Thierry Carrez
Bug #1175368: [OSSA 2013-017] Memcache signing middleware improperly implemented (CVE-2013-2167)	CVE-2013-2167
python-keystoneclient	Fix released, assigned to Thierry Carrez
Bug #1177924: Use testr instead of nose as the unittest runner.	CVE-2016-0738
python-keystoneclient	Fix released, assigned to Clark Boylan
Bug #1179615: [OSSA 2013-014] auth_token middleware neglects to check expiry of signed token	CVE-2013-2104
python-keystoneclient	Fix released, assigned to Adam Young
Bug #1188189: Some server-side 'SSL' communication fails to check certificates (use of HTTPSConnection)	CVE-2013-2255
python-keystoneclient	Fix released, assigned to Jamie Lennox
Bug #1282865: [OSSA 2014-007] Keystone middleware may confuse contexts (CVE-2014-0105)	CVE-2014-0105
python-keystoneclient	Fix released, assigned to Dolph Mathews
Bug #1353315: Incorrect condition expression for ssl_insecure (CVE-2014-7144)	CVE-2014-7144
python-keystoneclient	Fix released, assigned to Qin Zhao
Bug #1411063: [OSSA 2015-007] S3token incorrect condition expression for ssl_insecure (CVE-2015-1852)	CVE-2015-1852
python-keystoneclient	Fix released (unassigned)
Bug #1490804: [OSSA 2016-005] PKI Token Revocation Bypass (CVE-2015-7546)	CVE-2015-7546
python-keystoneclient	Won't fix, assigned to Adam Young
Bug #1529836: Fix deprecated library function (os.popen()).	CVE-2016-0738
python-keystoneclient	Fix released (unassigned)