[openstack-keystone] fix /etc/keystone directory permission
Alan Pevec
apevec at fedoraproject.org
Fri Nov 16 20:25:50 UTC 2012
commit 249ed7d5d6a41ab07237dc20801ac2e79198d833
Author: Alan Pevec <apevec at redhat.com>
Date: Fri Nov 16 21:24:55 2012 +0100
fix /etc/keystone directory permission
CVE-2012-5483
rhbz#873447
openstack-keystone.spec | 7 +++++--
1 files changed, 5 insertions(+), 2 deletions(-)
---
diff --git a/openstack-keystone.spec b/openstack-keystone.spec
index 602ab72..0abd389 100644
--- a/openstack-keystone.spec
+++ b/openstack-keystone.spec
@@ -12,7 +12,7 @@
Name: openstack-keystone
Version: 2012.2
-Release: 4%{?dist}
+Release: 5%{?dist}
#Release: 0.1.%{release_letter}%{milestone}%{?dist}
Summary: OpenStack Identity Service
@@ -201,7 +201,7 @@ fi
%{_bindir}/openstack-keystone-sample-data
%{_datadir}/%{name}
%{_unitdir}/openstack-keystone.service
-%dir %{_sysconfdir}/keystone
+%dir %attr(0750, root, keystone) %{_sysconfdir}/keystone
%config(noreplace) %attr(-, root, keystone) %{_sysconfdir}/keystone/keystone.conf
%config(noreplace) %attr(-, root, keystone) %{_sysconfdir}/keystone/logging.conf
%config(noreplace) %attr(-, root, keystone) %{_sysconfdir}/keystone/default_catalog.templates
@@ -222,6 +222,9 @@ fi
%endif
%changelog
+* Fri Nov 16 2012 Alan Pevec <apevec at redhat.com> 2012.2-5
+- fix /etc/keystone directory permission CVE-2012-5483 (rhbz#873447)
+
* Mon Nov 12 2012 Alan Pevec <apevec at redhat.com> 2012.2-4
- readd iso8601 dependency (from openstack-common timeutils)
More information about the scm-commits
mailing list