Security update for python-keystoneclient

Announcement ID:	SUSE-SU-2015:1208-1
Rating:	moderate
References:	bsc#928205
Cross-References:	CVE-2015-1852
CVSS scores:
Affected Products:	SUSE Cloud for SLE 12 Compute Nodes 5 SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Server for SAP Applications 12

An update that solves one vulnerability can now be installed.

Description:

The python-keystoneclient was updated to fix one security issues.

The following vulnerability was fixed: - bsc#928205: S3Token TLS cert verification option not honored (CVE-2015-1852)

Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

• SUSE Cloud for SLE 12 Compute Nodes 5
  zypper in -t patch SUSE-SLE12-CLOUD-5-2015-303=1

Package List:

• SUSE Cloud for SLE 12 Compute Nodes 5 (noarch)
  • python-keystoneclient-1.0.0-16.1
  • python-keystoneclient-doc-1.0.0-16.1

References:

• https://www.suse.com/security/cve/CVE-2015-1852.html
• https://bugzilla.suse.com/show_bug.cgi?id=928205