Xena Series Release Notes


Bug Fixes

  • [bug 1926483] Keystone will only log warnings about token length for Fernet tokens when the token length exceeds the value of keystone.conf [DEFAULT] max_token_size.


Upgrade Notes

  • [bug 1929066] Increase the length of the local_id column in the id_mapping table to accommodate LDAP group names that result in names greater than 64 characters.

Bug Fixes

  • [bug 1688137] Fixed the AccountLocked exception being shown to the end user since it provides some information that could be exploited by a malicious user. The end user will now see Unauthorized instead of AccountLocked, preventing user info oracle exploitation.

  • [bug 1885753] Keystone’s SQL identity backend now retries update user requests to safely handle stale data when two clients update a user at the same time.