Update Keystone core to Mitaka.

Change-Id: Ia10d6add16f4a9d25d1f42d420661c46332e69db
author: DUVAL Thomas <thomas.duval@orange.com> 2016-06-09 09:11:50 +0200
committer: DUVAL Thomas <thomas.duval@orange.com> 2016-06-09 09:11:50 +0200
commit: 2e7b4f2027a1147ca28301e4f88adf8274b39a1f (patch)
tree: 8b8d94001ebe6cc34106cf813b538911a8d66d9a /keystone-moon/releasenotes/notes/bug-1490804-de58a9606edb31eb.yaml
parent: a33bdcb627102a01244630a54cb4b5066b385a6a (diff)
1 files changed, 13 insertions, 0 deletions
diff --git a/keystone-moon/releasenotes/notes/bug-1490804-de58a9606edb31eb.yaml b/keystone-moon/releasenotes/notes/bug-1490804-de58a9606edb31eb.yaml
new file mode 100644
index 00000000..0d5c2034
--- /dev/null
+++ b/keystone-moon/releasenotes/notes/bug-1490804-de58a9606edb31eb.yaml
@@ -0,0 +1,13 @@
+---
+features:
+  - >
+    [`bug 1490804 <https://bugs.launchpad.net/keystone/+bug/1490804>`_]
+    Audit IDs are included in the token revocation list.
+security:
+  - >
+    [`bug 1490804 <https://bugs.launchpad.net/keystone/+bug/1490804>`_]
+    [`CVE-2015-7546 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7546>`_]
+    A bug is fixed where an attacker could avoid token revocation when the PKI
+    or PKIZ token provider is used. The complete remediation for this
+    vulnerability requires the corresponding fix in the keystonemiddleware
+    project.
author	DUVAL Thomas <thomas.duval@orange.com>	2016-06-09 09:11:50 +0200
committer	DUVAL Thomas <thomas.duval@orange.com>	2016-06-09 09:11:50 +0200
commit	2e7b4f2027a1147ca28301e4f88adf8274b39a1f (patch)
tree	8b8d94001ebe6cc34106cf813b538911a8d66d9a /keystone-moon/releasenotes/notes/bug-1490804-de58a9606edb31eb.yaml
parent	a33bdcb627102a01244630a54cb4b5066b385a6a (diff)