We are chuffed to announce the release of: barbican 16.0.1: OpenStack Secure Key Management This release is part of the antelope release series. The source is available from: https://opendev.org/openstack/barbican Download the package from: https://tarballs.openstack.org/barbican/ Please report issues through: https://bugs.launchpad.net/barbican/+bugs For more details, please see below. 16.0.1 ^^^^^^ Security Issues * System scope has been removed from the RBAC policies as specified in the Consistent and Secure Default RBAC community goal. See: https://governance.openstack.org/tc/goals/selected/consistent-and- secure-rbac.html APIs that required system scoped tokens can now be accessed by using a project scoped token with the "admin" role. Changes in barbican 16.0.0..16.0.1 ---------------------------------- 9c8fb8c3 Update secret:delete policy to allow admin to delete secret 2f3df026 Remove System scope from policy b38b2139 Fix functional tests e2bd3b95 Stable-only: Remove TripleO job b5c2f838 Update TOX_CONSTRAINTS_FILE for stable/2023.1 441f7d47 Update .gitreview for stable/2023.1 Diffstat (except docs and test files) ------------------------------------- .gitreview | 1 + .zuul.yaml | 10 ++------ barbican/common/policies/base.py | 7 ------ barbican/common/policies/consumers.py | 28 +++++++++++----------- barbican/common/policies/quotas.py | 12 +++++----- barbican/common/policies/secrets.py | 6 +++-- barbican/common/policies/secretstores.py | 8 +++---- barbican/common/policies/transportkeys.py | 12 +++++----- ...-system-scope-from-policy-f2f68c42c0742812.yaml | 8 +++++++ tox.ini | 12 ++++++---- 10 files changed, 53 insertions(+), 51 deletions(-)