barbican 1:10.1.0-0ubuntu2.1 source package in Ubuntu
Changelog
barbican (1:10.1.0-0ubuntu2.1) focal-security; urgency=medium
* SECURITY UPDATE: Access restrictions bypass
- debian/patches/CVE-2022-23451.patch: Change access policies to
secret metadata in barbican/common/policies/secretmeta.py. Add a new
role in barbican/common/policies/base.py and make use of these changes
in barbican/api/controllers/__init__.py,
barbican/api/controllers/secretmeta.py and
barbican/api/controllers/secrets.py.
- debian/patches/CVE-2022-23451-post.patch: Change secret policies in
barbican/common/policies/secrets.py, add tests in
barbican/tests/api/test_resources_policy.py and
functionaltests/api/v1/functional/test_secrets_rbac.py and update
api guide in api-guide/source/acls.rst.
- CVE-2022-23451
* SECURITY UPDATE: Ownership bypass
- debian/patches/CVE-2022-23452.patch: Update container secret policies
in barbican/common/policies/containers.py and add a new role in
barbican/common/policies/base.py.
- CVE-2022-23452
-- Rodrigo Figueiredo Zaiden <email address hidden> Wed, 20 Apr 2022 18:00:29 -0300
Upload details
- Uploaded by:
- Rodrigo Figueiredo Zaiden
- Uploaded to:
- Focal
- Original maintainer:
- Ubuntu Developers
- Architectures:
- all
- Section:
- net
- Urgency:
- Medium Urgency
See full publishing history Publishing
| Series | Published | Component | Section |
|---|
Downloads
| File | Size | SHA-256 Checksum |
|---|---|---|
| barbican_10.1.0.orig.tar.gz | 620.0 KiB | 1b0a390a7081a554fda4c39418529b790081e12fcd0ed0a47a7b73ef02e723bd |
| barbican_10.1.0-0ubuntu2.1.debian.tar.xz | 19.1 KiB | b16e612c69dda7de0ab42452ee4c9eb17a3334cfac07fc16d1c7030fd77bc9d8 |
| barbican_10.1.0-0ubuntu2.1.dsc | 3.9 KiB | 323bddddb643ac29566d1b24a09d63290c889ac01cacf2bb017f6a4ba1241be5 |
Available diffs
Binary packages built by this source
- barbican-api: OpenStack Key Management Service - API Server
The Barbican project provides services for secure storage, provisioning and
management of sensitive client secret information such as encryption keys. It
is aims at being useful for all environments, including large ephemeral
Clouds.
.
This package contains the Barbican API Server.
- barbican-common: OpenStack Key Management Service - common files
The Barbican project provides services for secure storage, provisioning and
management of sensitive client secret information such as encryption keys. It
is aims at being useful for all environments, including large ephemeral
Clouds.
.
This package contains common files for Barbican.
- barbican-doc: OpenStack Key Management Service - doc
The Barbican project provides services for secure storage, provisioning and
management of sensitive client secret information such as encryption keys. It
is aims at being useful for all environments, including large ephemeral
Clouds.
.
This package contains the documentation.
- barbican-keystone-listener: OpenStack Key Management Service - Keystone Listener
The Barbican project provides services for secure storage, provisioning and
management of sensitive client secret information such as encryption keys. It
is aims at being useful for all environments, including large ephemeral
Clouds.
.
This package contains the Barbican Keystone Listener daemon.
- barbican-worker: OpenStack Key Management Service - Worker Node
The Barbican project provides services for secure storage, provisioning and
management of sensitive client secret information such as encryption keys. It
is aims at being useful for all environments, including large ephemeral
Clouds.
.
This package contains the Barbican Worker Node.
- python3-barbican: OpenStack Key Management Service - Python 3 files
The Barbican project provides services for secure storage, provisioning and
management of sensitive client secret information such as encryption keys. It
is aims at being useful for all environments, including large ephemeral
Clouds.
.
This package contains the Python 3 files and libraries.
