Hello, everyone! python-keystoneclient 0.7.0 and 0.7.1 were both released in the past 24 hours. v0.7.0 [1] contains a pair of critical fixes, one of which is security related. The highlights include: - Fixed a critical security vulnerability (OSSA 2014-007 [2]) as detailed in bug 1282865 [3] and patched in bug 1289074 [4]. Deploying keystoneclient.middleware.auth_token with memcached as the caching backend in an environment using an unpatched thread module (i.e. failing to call `eventlet.patcher.monkey_patch(thread=True)`) no longer results in authentication contexts being "confused" between simultaneous requests. - Fixed a race condition in keystoneclient.middleware.auth_token for PKI deployments resulting in spurious 401 Unauthorized responses being returned to end users (bug 1285833 [5]). - Fixed an issue that resulted in leaving hanging connections to keystone (bug 1282089) v0.7.1 [6] includes a workaround to allow the v3 Python library to work with deployments configured to advertise a v2.0-versioned identity endpoint in their service catalogs. Upgrading to the latest client is *strongly* recommended. As always, the latest client is available on PyPi [7]. Thanks! [1] https://launchpad.net/python-keystoneclient/+milestone/0.7.0 [2] http://lists.openstack.org/pipermail/openstack/2014-March/006237.html [2] https://bugs.launchpad.net/bugs/1282865 [3] https://bugs.launchpad.net/bugs/1289074 [4] https://bugs.launchpad.net/bugs/1285833 [5] https://launchpad.net/python-keystoneclient/+milestone/0.7.1 [6] https://pypi.python.org/pypi/python-keystoneclient/ -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.openstack.org/pipermail/openstack/attachments/20140327/5a666d67/attachment.html>