32 lines
1.7 KiB
YAML
32 lines
1.7 KiB
YAML
---
|
|
critical:
|
|
- |
|
|
[`bug 1872735 <https://bugs.launchpad.net/keystone/+bug/1872735>`_]
|
|
Fixed a security issue in which a trustee or an application credential user
|
|
could create an EC2 credential or an application credential that would
|
|
permit them to get a token that elevated their role assignments beyond the
|
|
subset delegated to them in the trust or application credential. A new
|
|
attribute ``app_cred_id`` is now automatically added to the access blob of
|
|
an EC2 credential and the role list in the trust or application credential
|
|
is respected.
|
|
security:
|
|
- |
|
|
[`bug 1872735 <https://bugs.launchpad.net/keystone/+bug/1872735>`_]
|
|
Fixed a security issue in which a trustee or an application credential user
|
|
could create an EC2 credential or an application credential that would
|
|
permit them to get a token that elevated their role assignments beyond the
|
|
subset delegated to them in the trust or application credential. A new
|
|
attribute ``app_cred_id`` is now automatically added to the access blob of
|
|
an EC2 credential and the role list in the trust or application credential
|
|
is respected.
|
|
fixes:
|
|
- |
|
|
[`bug 1872735 <https://bugs.launchpad.net/keystone/+bug/1872735>`_]
|
|
Fixed a security issue in which a trustee or an application credential user
|
|
could create an EC2 credential or an application credential that would
|
|
permit them to get a token that elevated their role assignments beyond the
|
|
subset delegated to them in the trust or application credential. A new
|
|
attribute ``app_cred_id`` is now automatically added to the access blob of
|
|
an EC2 credential and the role list in the trust or application credential
|
|
is respected.
|