[SRU] Openstack 2015.1.2 point release

Hello Chuck, or anyone else affected,

Accepted ceilometer into vivid-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/ceilometer/2015.1.2-0ubuntu1 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, and change the tag from verification-needed to verification-done. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed. In either case, details of your testing will help us make a better decision.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance!

Hello Chuck, or anyone else affected,

Accepted cinder into vivid-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/cinder/1:2015.1.2-0ubuntu1 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, and change the tag from verification-needed to verification-done. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed. In either case, details of your testing will help us make a better decision.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance!

Hello Chuck, or anyone else affected,

Accepted glance into vivid-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/glance/1:2015.1.2-0ubuntu1 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, and change the tag from verification-needed to verification-done. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed. In either case, details of your testing will help us make a better decision.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance!

Hello Chuck, or anyone else affected,

Accepted neutron into vivid-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/neutron/1:2015.1.2-0ubuntu1 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, and change the tag from verification-needed to verification-done. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed. In either case, details of your testing will help us make a better decision.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance!

Hello Chuck, or anyone else affected,

Accepted nova into vivid-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/nova/1:2015.1.2-0ubuntu1 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, and change the tag from verification-needed to verification-done. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed. In either case, details of your testing will help us make a better decision.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance!

Corey, Chuck,
Can you ensure that neutron-lbaas, neutron-vpnaas, and neutron-fwaas have this bug # in their changelog and this bug has them targeted properly? neutron-fwaas will require a version bump, since I have already accepted it; but the others I can reject in the queue.

Hello Chuck, or anyone else affected,

Accepted neutron-vpnaas into vivid-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/neutron-vpnaas/1:2015.1.2-0ubuntu1 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, and change the tag from verification-needed to verification-done. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed. In either case, details of your testing will help us make a better decision.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance!

Hello Chuck, or anyone else affected,

Accepted neutron-lbaas into vivid-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/neutron-lbaas/1:2015.1.2-0ubuntu1 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, and change the tag from verification-needed to verification-done. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed. In either case, details of your testing will help us make a better decision.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance!

Hello Chuck, or anyone else affected,

Accepted neutron-fwaas into vivid-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/neutron-fwaas/2015.1.2-0ubuntu2 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, and change the tag from verification-needed to verification-done. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed. In either case, details of your testing will help us make a better decision.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance!

Hello Chuck, or anyone else affected,

Accepted keystone into vivid-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/keystone/1:2015.1.2-0ubuntu1 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, and change the tag from verification-needed to verification-done. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed. In either case, details of your testing will help us make a better decision.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance!

Hello Chuck, or anyone else affected,

Accepted horizon into vivid-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/horizon/1:2015.1.2-0ubuntu1 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, and change the tag from verification-needed to verification-done. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed. In either case, details of your testing will help us make a better decision.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance!

Hello Chuck, or anyone else affected,

Accepted keystone into vivid-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/keystone/1:2015.1.2-0ubuntu2 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, and change the tag from verification-needed to verification-done. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed. In either case, details of your testing will help us make a better decision.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance!

Hello Chris,

I've successfully tested all of these packages on vivid-proposed.

Thanks!

This bug was fixed in the package glance - 1:2015.1.2-0ubuntu1

---------------
glance (1:2015.1.2-0ubuntu1) vivid; urgency=medium

  [ Chuck Short ]
  * Resynchronize with stable/kilo (d71bae6) (LP: #1506058):
    - [15e34b5] Catch NotAuthenticated exception in import task
    - [2499162] Download forbidden when get_image_location is set.
    - [5bebd51] Cleanup chunks for deleted image if token expired
    - [9beca53] Prevent image status being directly modified via v1
    - [0b27935] Fix Request ID has a double 'req-' at the start
    - [30f0c40] return request_id in case of 500 error
    - [eb99e45] Don't import files with backed files
    - [4b26977] Allow ramdisk_id, kernel_id to be null on schema
  * debian/patches/0001-Allow-ramdisk_id-kernel_id-to-be-null-on-schema.patch:
    Dropped no longer needed.
  * debian/patches/skip-online-tests.patch: Refreshed.

  [ Corey Byrant ]
  * d/rules: Prevent dh_python2 from guessing dependencies.
  * d/control: Add python-semantic-version to Depends.

 -- Chuck Short <email address hidden> Thu, 15 Oct 2015 08:48:38 -0400

The verification of the Stable Release Update for glance has completed successfully and the package has now been released to -updates. Subsequently, the Ubuntu Stable Release Updates Team is being unsubscribed and will not receive messages about this bug report. In the event that you encounter a regression using the package from -updates please report a new bug using ubuntu-bug and tag the bug report regression-update so we can easily find any regressions.

This bug was fixed in the package ceilometer - 2015.1.2-0ubuntu1

---------------
ceilometer (2015.1.2-0ubuntu1) vivid; urgency=medium

  [ Chuck Short ]
  * Resynchronize with stable/kilo (74841ad) (LP: #1506058):
    - [74841ad] Requeuing event with workload_partitioning on publish
                failure
    - [10305c0] Prevent ceilometer expirer from causing deadlocks
    - [1084de3] Coordinator handles ToozError when joining group
    - [850ce95] fix command ceilometer event-list -q error
    - [3592176] instance:<type> meter is ignored
    - [c93ca91] Fix meter name for identity.OS-TRUST:trust.* events
    - [bec2e27] Keep the instance_type meta from polling and notification
                consistent
    - [268c803] postgres isolation level produces inconsistent reads
    - [f28b0c4] Fix alarm rest notifier logging to include severity
    - [f80cfd6] Add Kilo release note reference
    - [220c1d0] Update alarm history only if change in alarm property

  [ Corey Byrant ]
  * d/rules: Prevent dh_python2 from guessing dependencies.

 -- Chuck Short <email address hidden> Wed, 14 Oct 2015 09:58:57 -0400

This bug was fixed in the package cinder - 1:2015.1.2-0ubuntu1

---------------
cinder (1:2015.1.2-0ubuntu1) vivid; urgency=medium

  [ Chuck Short ]
  * Resynchronize with stable/kilo (1ec74b8) (LP: #1506058):
    - [1ec74b8] Fix test_misc for WebOb 1.5
    - [0105618] Prevent missing Purity hosts from raising errors
    - [64998f1] Improve 3PAR driver VLUN creation and deletion
    - [f8cf3e6] Use prefix for SolidFire template account
    - [813cf65] Fix NetApp loop in clone of NFS backed images
    - [9314616] Fix HDS HNAS driver logging password as plain text
    - [5d86fcb] Fix volume creation from image with allowed_direct_url_schemes
    - [47351ad] Handle FC LUN IDs greater 255 correctly on s390x architectures
    - [d836a8f] Prevent creating encrypted volume with image
    - [ef0d680] RemoteFS: Fix the offline snapshot delete operation
    - [d0cfa7a] remotefs: Fix doc string for _create_snapshot
    - [693465f] Storwize driver should only report active wwpn port
    - [e60bf62] Reduced file size to prevent timeout
    - [fd38f1d] Don't return Exception when volume is detached
    - [db37223] Dell SC: Fix legacy, init_conn and REST API bug
    - [b3a301b] Support host type specific block volume attachment
    - [4d27945] Add deactivate step to extend_lv

  [ Corety Byrant ]
  * d/rules: Prevent dh_python2 from guessing dependencies.

 -- Chuck Short <email address hidden> Wed, 14 Oct 2015 10:23:53 -0400

This bug was fixed in the package heat - 2015.1.2-0ubuntu1

---------------
heat (2015.1.2-0ubuntu1) vivid; urgency=medium

  [ Chuck Short ]
  * Resynchronize with stable/kilo (a4aafba) (LP: #1506058):
    - [a4aafba] Only write to template files if template data changes
    - [9e6d7c2] Make ResourceDefinition round-trip stable to avoid extra writes
    - [2f14f1f] Set resource status to FAILED when engine is down
    - [3ab316b] Include nested stacks in reset_stack_status
    - [2bffb12] Don't metadata_update all resources for deployment signals
    - [0fa81c2] Don't create events when signals don't perform an action
    - [382d038] Stack updated error if creation fails
    - [d8bdac7] Copy resource data in _delete_backup_stack
    - [8a2dcfa] Signal SoftwareDeployment resource
    - [22a404d] Allow empty/None output values
    - [9258321] Unlimited option max_resources_per_stack
    - [0d95270] Try to get the version of cloud init via popen
    - [05b2cc4] To use id instead of name when making credentials from context
    - [aeba790] Inherit files when restore
    - [ebc7994] Set correct tenant id when python-client init
    - [5d084a2] Make sure UpdatePolicy is unset for Heat scaling group
    - [d76094c] Refactor and correct purge_deleted
    - [5f86d05] Eventlet green threads not released back to pool
    - [edd2f8f] Work around problems storing huge properties in events
    - [92d2ac9] Fix RouterInterface properties validation
    - [88a216c] Adds resource uuid, volume support to lifecycle scheduler hints
    - [e889d66] Don't raise exception when get nested stack
    - [7248ec4] The cirros image is now cirros-0.3.4
    - [e9e2f50] Fix validation failure for TemplateResource
    - [be01cf1] Use atomic_key for deployment metadata updates
    - [21331a5] Always commit after deployment db operations
    - [7454b7b] Revert failing tests and use v3 for ec2 tokens
    - [cb3734b] Fix stack-list after failed update
    - [2d5f981] Fix server creation with block_device_mapping_v2
    - [274f96b] Support time-delays in server.resize
    - [034c582] ASG scaling account for cooldown timestamp & in-progress
    - [4a8282c] Correct stack identity when delete nested
    - [03ac6b1] Do not specify version for contrib plugins
    - [a748424] Switch total_resources to use stack_count_total_resources
    - [7e73da5] Don't copy exception classes
    - [8f43aee] Not all exceptions from remote stacks are internal exceptions
    - [f34a474] Fix unsupported format character error for multipart mime
  * debian/patches/fix-requirements.patch: Refreshed

  [ Corey Byrant ]
  * d/rules: Prevent dh_python2 from guessing dependencies.

 -- Chuck Short <email address hidden> Thu, 15 Oct 2015 08:50:03 -0400

This bug was fixed in the package nova - 1:2015.1.2-0ubuntu1

---------------
nova (1:2015.1.2-0ubuntu1) vivid; urgency=medium

  * Resynchronize with stable/kilo (68e9359) (LP: #1506058):
    - [68e9359] Fix quota update in init_instance on nova-compute restart
    - [d864603] Raise InstanceNotFound when save FK constraint fails
    - [db45b1e] Give instance default hostname if hostname is empty
    - [61f119e] Relax restrictions on server name
    - [2e731eb] Remove unnecessary 'context' param from quotas reserve method
                call
    - [5579928] Updated from global requirements
    - [08d1153] Don't expect meta attributes in object_compat that aren't in the
                db obj
    - [5c6f01f] VMware: pass network info to config drive.
    - [17b5052] Allow to use autodetection of volume device path
    - [5642b17] Delete orphaned instance files from compute nodes
    - [8110cdc] Updated from global requirements
    - [1f5b385] Hyper-V: Fixes serial port issue on Windows Threshold
    - [24251df] Handle FC LUN IDs greater 255 correctly on s390x architectures
    - [dcde7e7] Update obj_reset_changes signatures to match
    - [e16fcfa] Unshelving volume backed instance fails
    - [8fccffd] Make pagination tolerate a deleted marker
    - [587092c] Fix live-migrations usage of the wrong connector information
    - [8794b93] Don't check flavor disk size when booting from volume
    - [c1ad497] Updated from global requirements
    - [0b37312] Hyper-V: Removes old instance dirs after live migration
    - [2d571b1] Hyper-V: Fixes live migration configdrive copy operation
    - [07506f5] Hyper-V: Fix SMBFS volume attach race condition
    - [60356bf] Hyper-V: Fix missing WMI namespace issue on Windows 2008 R2
    - [83fb8cc] Hyper-V: Fix virtual hard disk detach
    - [6c857c2] Updated from global requirements
    - [0313351] Compute: replace incorrect instance object with dict
    - [9724d50] Don't pass the service catalog when making glance requests
    - [b5020a0] libvirt: Kill rsync/scp processes before deleting instance
    - [3f337f8] Support host type specific block volume attachment
    - [cb2a8fb] Fix serializer supported version reporting in object_backport
    - [701c889] Execute _poll_shelved_instances only if shelved_offload_time is
                > 0
    - [eb3b1c8] Fix rebuild of an instance with a volume attached
    - [e459add] Handle unexpected clear events call
    - [8280575] Support ssh-keygen of OpenSSH 6.8
    - [9a51140] Kilo-Removing extension "OS-EXT-VIF-NET" from v2.1 ext list
    - [b3f7b77] Fix wrong check when use image in local
    - [b13726b] Fix race between resource audit and cpu pinning
   * debian/patches/not-check-disk-size.patch: Dropped no longer needed.

 -- Chuck Short <email address hidden> Wed, 14 Oct 2015 09:12:32 -0400

This bug was fixed in the package neutron - 1:2015.1.2-0ubuntu1

---------------
neutron (1:2015.1.2-0ubuntu1) vivid; urgency=medium

  [ Chuck Short ]
  * Resynchronize with stable/kilo (7dbaa12) (LP: #1506058):
    - [7dbaa12] Changed filter field to router_id
    - [6c55f58] Do not log an error when deleting a linuxbridge does not exist
    - [118a76f] metadata: don't crash proxy on non-unicode user data
    - [eec8c50] Only get host data for floating ips on DVR routers
    - [9950ce2] Update dhcp host portbinding on failover
    - [1c87d72] func: Don't use private method of AsyncProcess
    - [834279c] Allow setting Agents description to None
    - [2f85b22] Process user iptables rules before INVALID
    - [f232475] Execute ipset command using check_exit_code
    - [d78899d] Don't write DHCP opts for SLAAC entries
    - [cb0554f] Check idl.run() return value before blocking
    - [2224851] Stop sending gratuitous arp when ip version is 6
    - [96276d5] Fix _ensure_default_security_group logic
    - [66a5116] Remove hack for sending gratuitous arp from fip ns
    - [2394418] populate port security default into network
    - [fc1c812] Remove early yields in _iter_hosts in dhcp agent
    - [2ead51a] Enable servicing lbaasV2 vip by DVR
    - [9498ea2] Descheduling DVR routers when ports are unbound from VM
    - [c74b05e] Bug-Fix for unexpected DHCP agent redundant
    - [e6a0e7d] Switch to dictionary for iptables find
    - [c377330] Add configurable options for HA networks
    - [114949b] Fix ipset can't be destroyed when last rule is deleted
    - [aba5e82] Updated NSXv plugin parameter descriptions
    - [d1a48f7] ovs: don't use ARP responder for IPv6 addresses
    - [4d15b6f] Configure gw_iface for RAs only in Master HA Router
    - [6975b2b] Register extraroute extension
    - [19d5ba4] Broadcast service port's arp in DVR
    - [767cea2] Stop device_owner from being set to 'network:*'
    - [2a6b34e] Fix a wrong condition for the _purge_metering_info function
    - [bf28c72] Add ARP spoofing protection for LinuxBridge agent
    - [635d5cf] Correct neutron-ns-metadata-proxy command when watch_log is
                False
    - [cc791b0] Fix usage of netaddr '.broadcast'
    - [f57a90a] Switch to using os-testr's copy of subunit2html
    - [c1201a2] Add optional file permission argument to replace_file()
    - [533900c] Adding loadbalanacerv2 device owner constant to neutron
                constants
    - [2a00016] Don't fatal error during initialization for missing service
                providers
    - [7c2727c] Update port bindings for master router
    - [6298a90] Setup reference service providers for API test runs
    - [6167d44] Move away nested transaction from _ensure_default_security_group
    - [c129bfa] Reject router-interface-add with a port which doesn't have any
                addresses
    - [770a105] SR-IOV: Fix SR-IOV agent to run ip link commands as root
    - [a0632d7] Catch ObjectDeletedError and skip port or subnet removal
    - [c4c8686] Cleanup stale metadata processes on l3 agent sync
    - [0c22d15] Bump stable/kilo next version to 2015.1.2
    - [4f9409d] lb-agent: ensure tap mtu is the same as physical devic...

This bug was fixed in the package neutron-vpnaas - 1:2015.1.2-0ubuntu1

---------------
neutron-vpnaas (1:2015.1.2-0ubuntu1) vivid; urgency=medium

  [ Chuck Short ]
  * Resynchronize with stable/kilo (fbda90f) (LP: #1506058):
  - [fbda90f] Make chown rootwrap filter ipsec.secrets file specific
  - [45be2dc] Set owner to root for ipsec.secrets for LibreSwan
  - [5996aab] Manage cleanup of .ctl/.pid files for LibreSwan
  - [9c32f33] Switch to using os-testr's copy of subunit2html
  - [9e3dee4] Explictly set file mode on IPSec pre-shared key files

  [ Corey Byrant ]
  * d/rules: Prevent dh_python2 from guessing dependencies.

 -- Chuck Short <email address hidden> Fri, 16 Oct 2015 08:55:51 -0400

This bug was fixed in the package neutron-lbaas - 1:2015.1.2-0ubuntu1

---------------
neutron-lbaas (1:2015.1.2-0ubuntu1) vivid; urgency=medium

  [ Chuck Short ]
  * Resynchronize with stable/kilo (efdbefc) (LP: #1506058):
    - [efdbefc] Add device_id when a loadbalancer is created instead of at
                listener create
    - [8156548] Adding code to prevent vip port deletion from port api
    - [ade6d88] Fixing Radware LBaaS v2 driver LB deletion

  [ Corey Bryant ]
  * d/rules: Prevent dh_python2 from guessing dependencies.
  * d/control: Add python-barbicanclient and python-pyasn1(-modules) to
    python-neutron-lbaas Depends.

 -- Chuck Short <email address hidden> Fri, 16 Oct 2015 09:24:00 -0400

This bug was fixed in the package neutron-fwaas - 2015.1.2-0ubuntu2

---------------
neutron-fwaas (2015.1.2-0ubuntu2) vivid; urgency=medium

  [ Corey Bryant ]
  * d/rules: Prevent dh_python2 from guessing dependencies.

  [ Chuck Short ]
  * Resynchronize with stable/kilo (3565c65) (LP: #1506058):
    - [3565c65] Fix wrong argument name in _rpc_update_firewall

 -- Chuck Short <email address hidden> Fri, 16 Oct 2015 09:10:40 -0400

This bug was fixed in the package horizon - 1:2015.1.2-0ubuntu1

---------------
horizon (1:2015.1.2-0ubuntu1) vivid; urgency=medium

  [ Chuck Short ]
  * Resynchronize with stable/kilo (5b9bdca) (LP: #1506058):
    - [5b9bdca] Use security group id not name in the create instance dialog
    - [74d885f] Fix not opening region selector on first click
    - [b8e1ce8] Neutron Quota Settings Flag Disables Neutron GUI
    - [853f0ec] Fix inability to switch region via Switch Region dropdown
    - [0b3c92d] Updated from global requirements
    - [d6be306] Fix a unit test for create instance
    - [8ed7624] Compatibility fix for pyscss 1.3.4
    - [7c8fc8f] Skip test_routerrule_detail blocking the gate
    - [fea681e] Remove 'shared' from Neutron Firewall table
    - [1d20ea0] Fix static file paths in heat topology view
    - [8da65b6] Don't get descript if attribute doesn't exist.
    - [905e92b] Fix attribute error with old glance backend
    - [c079705] Added correct URL to edit QoS spec
    - [900ca63] Updated from global requirements
    - [3becb61] Port cleanup on failed VM instance launch
    - [b84218d] N1Kv: Fix failing network and port creates
    - [0f9d94e] Add OPENSTACK_NOVA_EXTENSIONS_BLACK

  [ Corey Byrant ]
  * d/rules: Prevent dh_python2 from guessing dependencies.
  * d/openstack-dashboard-ubuntu-theme.postrm: Ensure that purge and
    reload of static assets is only done on purge/remove, resolving
    problems when upgrading to new versions (LP: #1506826).

 -- Chuck Short <email address hidden> Tue, 20 Oct 2015 10:41:52 -0400

This bug was fixed in the package keystone - 1:2015.1.2-0ubuntu2

---------------
keystone (1:2015.1.2-0ubuntu2) vivid; urgency=medium

  [ Chuck Short ]
  * Resynchronize with stable/kilo (8a2da01) (LP: #1506058):
    - [8a2da01] Reject rule if assertion type unset
    - [9dfad21] Validate domain ownership for v2 tokens
    - [8bd9b22] Maintain the expiry of v2 fernet tokens
    - [aa3354e] Fernet 'expires' value loses 'ms' after validation
    - [0ed33e3] Test to ensure fernet key rotation results in new key sets
    - [2f580e4] Reduce number of Fernet log messages
    - [6c106e9] Handle non-numeric files in key_repository
    - [fb7f4a7] Replace 401 to 404 when token is invalid
    - [a1e20fb] Additional Fernet test coverage
    - [cfbc0f1] Tests for correct key removed
    - [c6ec36b] Add unit test for fernet provider
    - [17b7dbc] Add unit test to exercise key rotation
    - [7498154] Fix Fernet key rotation
    - [1608f72] Refactor: move PKI-specific tests into the appropriate class
    - [a9726d2] Don't assume project IDs are UUID format
    - [f8afb29] Don't assume group IDs are UUID format
    - [b255b8f] Don't fail on converting user ids to bytes
    - [0fde127] Properly stub out the V2 and V3 XML middlewares
    - [666be4d] Fix for LDAP filter on group search by name
    - [bc96d9f] Make sure LDAP filter is constructed correctly
    - [0fe2b70] Do not remove expired revocation events on "get"
    - [20fd5af] Fix WSGI request logging
    - [e9aa267] Add openstack_user_domain to assertion

  [ Corey Byrant ]
  * d/rules: Prevent dh_python2 from guessing dependencies.
  * d/control: Move python-pysaml2 to Depends.

 -- Chuck Short <email address hidden> Thu, 15 Oct 2015 08:54:19 -0400