The root cause appears to be a bug in passlib. We should write a simple reproducer and report it upstream.
We should still work around the bug in keystone, obviously. Since this version of keystone hasn't been "released" yet, I don't think we need to go through the information embargo and security advisory on this. Thoughts?
Also, is this function used anywhere else in OpenStack that may also need a workaround put in place?
The root cause appears to be a bug in passlib. We should write a simple reproducer and report it upstream.
We should still work around the bug in keystone, obviously. Since this version of keystone hasn't been "released" yet, I don't think we need to go through the information embargo and security advisory on this. Thoughts?
Also, is this function used anywhere else in OpenStack that may also need a workaround put in place?