[release-announce] keystone 23.0.1 (antelope)
no-reply at openstack.org
no-reply at openstack.org
Mon Oct 9 06:34:25 UTC 2023
We are pleased to announce the release of:
keystone 23.0.1: OpenStack Identity
This release is part of the antelope release series.
The source is available from:
https://opendev.org/openstack/keystone
Download the package from:
https://tarballs.openstack.org/keystone/
Please report issues through:
https://bugs.launchpad.net/keystone/+bugs
For more details, please see below.
23.0.1
^^^^^^
Bug Fixes
* Passwords that are hashed using bcrypt are now truncated properly
to the maximum allowed length by the algorythm. This solves
regression, when passwords longer then 54 symbols are getting
invalidated after the Keystone upgrade.
Changes in keystone 23.0.0..23.0.1
----------------------------------
50495ae26 Respect cached tokens issued before upgrade
df54af90d Properly trimm bcrypt hashed passwords
db16a3f8c fix(federation): allow using numerical group names
b34d4d780 Remove Dependency on Cryptography >=36.0.0
040e6d09b Update TOX_CONSTRAINTS_FILE for stable/2023.1
a37df61b8 Update .gitreview for stable/2023.1
Diffstat (except docs and test files)
-------------------------------------
.gitreview | 1 +
keystone/common/password_hashing.py | 15 +++++----
keystone/common/render_token.py | 6 +++-
keystone/common/utils.py | 10 +++---
keystone/conf/identity.py | 2 +-
keystone/federation/utils.py | 38 +++++++++++++---------
.../bcrypt_truncation_fix-674dc5d7f1e776f2.yaml | 7 ++++
tox.ini | 8 ++---
11 files changed, 83 insertions(+), 36 deletions(-)
More information about the Release-announce
mailing list