OpenStack Identity (keystone)

  1. Bug #1041396
  2. Comment #42

Comment 42 for bug 1041396

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to keystone (master)

Reviewed: https://review.openstack.org/12868
Committed: http://github.com/openstack/keystone/commit/efb6b3fca0ba0ad768b3e803a324043095d326e2
Submitter: Jenkins
Branch: master

commit efb6b3fca0ba0ad768b3e803a324043095d326e2
Author: Dolph Mathews <email address hidden>
Date: Fri Sep 7 14:35:21 2012 -0500

    Delete user tokens after role grant/revoke

    Delete user tokens when a new role is granted or revoked, in order to
    prevent old tokens to continue to be valid for the original set of
    roles for the remainder of the token's lifespan.

    Addresses CVE-2012-4413.
    Fixes bug 1041396.

    Change-Id: Iecf891f274b67408f568b949a7028362c4c30312