A backport for the first bug is now in review: https://bugs.launchpad.net/ossa/+bug/1348820 master https://review.openstack.org/#/c/109747/ (merged) stable/icehouse https://review.openstack.org/#/c/111772/ But at the moment, we're actually still working to land complete fixes for the second two in master. https://bugs.launchpad.net/ossa/+bug/1349597 master https://review.openstack.org/#/c/109820/ (gating at this moment; this also should have been Closes-Bug) https://bugs.launchpad.net/ossa/+bug/1347961 master https://review.openstack.org/#/c/111106/ (gating at this moment) On Mon, Aug 4, 2014 at 9:57 AM, Thierry Carrez <thierry@openstack.org> wrote:
Hi,
This is me with my Vulnerability Management team hat on.
We have a number of security issues in keystone where the patch landed on master and just needs an icehouse backport:
https://bugs.launchpad.net/ossa/+bug/1348820 https://bugs.launchpad.net/ossa/+bug/1349597 https://bugs.launchpad.net/ossa/+bug/1347961
It might be worth including those security fixes in 2014.1.2 (rather than land them a few days after)...
We are working on getting backports proposed for those.
Cheers,
-- Thierry Carrez (ttx)
_______________________________________________ Openstack-stable-maint mailing list Openstack-stable-maint@lists.openstack.org http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-stable-maint