[release-announce] keystone 19.0.1 (wallaby)

no-reply at openstack.org no-reply at openstack.org
Thu Aug 18 09:50:08 UTC 2022 

We exuberantly announce the release of:

keystone 19.0.1: OpenStack Identity

This release is part of the wallaby stable release series.

The source is available from:

    https://opendev.org/openstack/keystone

Download the package from:

    https://tarballs.openstack.org/keystone/

Please report issues through:

    https://bugs.launchpad.net/keystone/+bugs

For more details, please see below.

19.0.1
^^^^^^


Upgrade Notes
*************

* [bug 1929066 (https://bugs.launchpad.net/keystone/+bug/1929066)]
  Increase the length of the *local_id* column in the *id_mapping*
  table to accommodate LDAP group names that result in names greater
  than 64 characters.


Bug Fixes
*********

* [bug 1688137 (https://bugs.launchpad.net/keystone/+bug/1688137)]
  Fixed the AccountLocked exception being shown to the end user since
  it provides some information that could be exploited by a malicious
  user. The end user will now see Unauthorized instead of
  AccountLocked, preventing user info oracle exploitation.

Changes in keystone 19.0.0..19.0.1
----------------------------------

373a5ecdb Wallaby-only: Fix wrong python job template used
ce46e4789 Remove the note of training-labs
b0c528cec Fix issue with LDAP backend returning bytes instead of string
a5925541c Add FIPS check job
14d2f5944 Fix typos in application credential policies
a57ae85c9 Fix typos in ec2 credential policies
bdd8f82f6 Fix typo in identity provider policies
2700adaad Update local_id limit to 255 characters
f510c806d Hide AccountLocked exception from end users
ecfbf7c8b Update TOX_CONSTRAINTS_FILE for stable/wallaby
f5dff739f Update .gitreview for stable/wallaby


Diffstat (except docs and test files)
-------------------------------------

.gitreview                                         |  1 +
.zuul.yaml                                         | 13 +++++++++++-
keystone/common/policies/application_credential.py |  4 ++--
keystone/common/policies/ec2_credential.py         | 12 +++++------
keystone/common/policies/identity_provider.py      |  8 ++++----
.../versions/079_contract_update_local_id_limit.py | 18 ++++++++++++++++
.../versions/079_migrate_update_local_id_limit.py  | 18 ++++++++++++++++
.../versions/079_expand_update_local_id_limit.py   | 24 ++++++++++++++++++++++
keystone/identity/backends/ldap/common.py          | 19 +++++++++++++++--
keystone/identity/mapping_backends/sql.py          |  2 +-
keystone/notifications.py                          |  2 ++
playbooks/enable-fips.yaml                         |  4 ++++
.../notes/bug-1688137-e4203c9a728690a7.yaml        |  8 ++++++++
.../notes/bug-1929066-6e741c9182620a37.yaml        |  7 +++++++
tox.ini                                            |  6 +++---
24 files changed, 185 insertions(+), 51 deletions(-)

More information about the Release-announce mailing list