[Openstack-stable-maint] [keystone] Freeze exception
Ihar Hrachyshka
ihrachys at redhat.com
Tue Aug 5 07:23:19 UTC 2014
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
On 04/08/14 16:57, Thierry Carrez wrote:
> Hi,
>
> This is me with my Vulnerability Management team hat on.
>
> We have a number of security issues in keystone where the patch
> landed on master and just needs an icehouse backport:
>
> https://bugs.launchpad.net/ossa/+bug/1348820
> https://bugs.launchpad.net/ossa/+bug/1349597
> https://bugs.launchpad.net/ossa/+bug/1347961
>
> It might be worth including those security fixes in 2014.1.2
> (rather than land them a few days after)...
I think we should consider all known security fixes as critical. From
Red Hat perspective, we backport all security fixes to our packaging.
I expect other distributions to do the same. So by merging the fixes
in upstream, we avoid additional multiplied burden downstream.
Other thoughts?
>
> We are working on getting backports proposed for those.
Please post the links to all the backport requests once they are
available.
/Ihar
-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.22 (Darwin)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
iQEcBAEBCgAGBQJT4IZnAAoJEC5aWaUY1u57EtMIAOLxzcpVrvNQR7scnNoNIBMb
q/xwEuLBF7jN90hsCZzJmRy3OiegUzAYN5VF94vHjigzdsndGEVeYxelM7phBdET
3fQzX7e/9ZDaMlQAccNZTgARN+G/cv2wrVCmpV8gvC13jdi52iNeI6Jqh9Rl8Onz
D8Dp+dJmHV/On8klBSeZJ7FkYlmcS+A9naALwEakQ7xmSe5PKTOJgqGmxmJulgpF
eNVXtNViWg9JtbdRcml4HWXAqTwtHpj8kotOe0ZxTb/nE6JA9DfjUHCkwJ4Tbi8m
UGHf7g/+G7EqSflhBGyWQhIWgdAbpR/h17ccyUKVgS/Iq9eswKz4J7afBqmmF8M=
=dN5s
-----END PGP SIGNATURE-----
More information about the Openstack-stable-maint
mailing list