keystone (2012.2.4-0ubuntu3.3~cloud0) precise-folsom; urgency=low

  * New update for the Ubuntu Cloud Archive.

 -- Adam Gandelman <adamg@ubuntu.com>  Mon, 25 Nov 2013 13:24:00 -0800

keystone (2012.2.4-0ubuntu3.3) quantal-security; urgency=low

  * SECURITY UPDATE: don't add role when attempting to remove a non-existent
    role
    - debian/patches/CVE-2013-4477.patch: raise RoleNotFound with exception
      ldap.NO_SUCH_OBJECT
    - CVE-2013-4477
    - LP: #1242855

 -- Jamie Strandboge <jamie@ubuntu.com>  Tue, 05 Nov 2013 09:43:11 -0600

keystone (2012.2.4-0ubuntu3.2) quantal-security; urgency=low

  * SECURITY UPDATE: revoke user tokens when disabling/delete a project
    - debian/patches/CVE-2013-4222.patch: add _delete_tokens_for_project() to
      common/controller.py and use it in identity/controllers.py
      (LP: #1179955)
    - CVE-2013-4222
  * SECURITY UPDATE: fix and test token revocation list API
    - debian/patches/CVE-2013-4294.patch: fix token matching for memcache
      backend token revocation (LP: #1202952)
    - CVE-2013-4294

 -- Jamie Strandboge <jamie@ubuntu.com>  Tue, 22 Oct 2013 10:09:33 -0500

keystone (2012.2.4-0ubuntu3.1) quantal-security; urgency=low

  * SECURITY UPDATE: fix auth_token middleware neglects to check expiry of
    signed token when using PKI
    - debian/patches/CVE-2013-2104.patch: explicitly check the expiry on the
      tokens, and reject tokens that have expired. Also update test data
    - CVE-2013-2104
    - LP: #1179615
  * debian/patches/fix-testsuite-for-2038-problem.patch: Adjust json example
    cert data to use 2037 instead of 2112 and regenerate the certs. Also
    adjust token expiry data to use 2037 instead of 2999.
  * SECURITY UPDATE: fix authentication bypass when using LDAP backend
    - debian/patches/CVE-2013-2157.patch: identity/backends/ldap/core.py is
      adjusted to raise an assertion for invalid password when using LDAP and
      an empty password is submitted
    - CVE-2013-2157
    - LP: #1187305

 -- Jamie Strandboge <jamie@ubuntu.com>  Thu, 13 Jun 2013 13:42:44 -0500

keystone (2012.2.4-0ubuntu3) quantal-proposed; urgency=low

  * debian/patches/update_certs.patch: Fix FTBFS.  Original SSL certs
    for test suite expired May 18 2013. Cherry-picked regenerated certs
    from stable/folsom commit c14f2789.

 -- James Page <james.page@ubuntu.com>  Wed, 29 May 2013 20:59:34 +0100

keystone (2012.2.4-0ubuntu2) quantal-proposed; urgency=low

  * Rebase on latest security fixes.
  * SECURITY UPDATE: delete user token immediately upon delete when using v2
    API
    - CVE-2013-2059.patch: adjust keystone/identity/core.py to call
      token_api.delete_token() during delete. Also update test suite.
    - CVE-2013-2059
    - LP: #1166670

 -- James Page <james.page@ubuntu.com>  Fri, 17 May 2013 11:26:24 +0100

keystone (2012.2.4-0ubuntu1) quantal-proposed; urgency=low

  * Dropped patches, applied upstream:
    - debian/patches/CVE-2013-1865.patch: [255b1d4]
    - debian/patches/CVE-2013-0282.patch: [f0b4d30]
    - debian/patches/CVE-2013-1664+1665.patch: [8a22745]
  * Resynchronize with stable/folsom (09f28020) (LP: #1179707):
    - [5ea4fcf] V2 API reported at Beta LP: 1135230
    - [1889299] PKI-signed token hash saved as token ID for SQL backend only
      LP: 1073272
    - [40660f0] Key PKI tokens on hash in memcached for auth_token middleware
      LP: 1073343
    - [b3ce6a7] Use the right subprocess based on os monkeypatch
    - [bb1ded0] keystone-all --config-dir is being ignored LP: 1101129
    - [9e0a97d] Temporary network outage results in connection refused and
      invalid token LP: 1150299
    - [255b1d4] Validation of PKI tokens bypasses revocation check LP: 1129713
    - [8690166] PKI tokens are broken after 24 hours LP: 1074172
    - [790c87e] PKI tokens are broken after 24 hours LP: 1074172
    - [f0b4d30] EC2 authentication does not ensure user or tenant is enabled
      LP: 1121494
    - [8a22745] DoS through XML entity expansion (CVE-2013-1664) LP: 1100282

 -- Adam Gandelman <adamg@ubuntu.com>  Thu, 25 Apr 2013 17:51:09 -0400

keystone (2012.2.3+stable-20130206-82c87e56-0ubuntu2.1) quantal-security; urgency=low

  * SECURITY UPDATE: delete user token immediately upon delete when using v2
    API
    - CVE-2013-2059.patch: adjust keystone/identity/core.py to call
      token_api.delete_token() during delete. Also update test suite.
    - CVE-2013-2059
    - LP: #1166670

 -- Jamie Strandboge <jamie@ubuntu.com>  Tue, 07 May 2013 14:05:48 -0500

keystone (2012.2.3+stable-20130206-82c87e56-0ubuntu2) quantal-proposed; urgency=low

  * Resync with latest security updates.
  * SECURITY UPDATE: fix PKI revocation bypass
    - debian/patches/CVE-2013-1865.patch: validate tokens from the backend
    - CVE-2013-1865
  * SECURITY UPDATE: fix EC2-style authentication for disabled users
    - debian/patches/CVE-2013-0282.patch: adjust keystone/contrib/ec2/core.py
      to ensure user and tenant are enabled in EC2
    - CVE-2013-0282
  * SECURITY UPDATE: fix denial of service
    - debian/patches/CVE-2013-1664+1665.patch: disable XML entity parsing
    - CVE-2013-1664
    - CVE-2013-1665

 -- James Page <james.page@ubuntu.com>  Fri, 22 Mar 2013 12:02:56 +0000

keystone (2012.2.3+stable-20130206-82c87e56-0ubuntu1) quantal-proposed; urgency=low

  [ Adam Gandelman ]
  * Dropped patches, applied upstream:
    - debian/patches/CVE-2013-0247.patch: [bb2226f]
  * Resynchronize with stable/folsom (82c87e56) (LP: #1116671):
    - [bb2226f] Add size validations for /tokens.
    - [ec7b94d] Non-API specific 404 exposes traceback LP: 1089987
    - [70e55f9] SQL backend fails if not all URL are defined in an endpoint
      LP: 1061736
    - [6c95b73] Unparseable endpoint URL's should raise a user friendly error
      LP: 1058494
    - [9e300b7] Test 0.2.0 keystoneclient to avoid new deps
    - [ec06625] serviceCatalog is dict in the case of no endpoints LP: 1087405

  [ Chuck Short ]
  * debian/patches/fix-ubuntu-tests.patch: Refreshed.

 -- Adam Gandelman <adamg@ubuntu.com>  Wed, 06 Feb 2013 11:13:12 -0400

keystone (2012.2.1-0ubuntu1.3) quantal-security; urgency=low

  * SECURITY UPDATE: fix PKI revocation bypass
    - debian/patches/CVE-2013-1865.patch: validate tokens from the backend
    - CVE-2013-1865
    - LP: #1129713

 -- Jamie Strandboge <jamie@ubuntu.com>  Wed, 20 Mar 2013 08:45:09 -0500

keystone (2012.2.1-0ubuntu1.2) quantal-security; urgency=low

  * SECURITY UPDATE: fix EC2-style authentication for disabled users
    - debian/patches/CVE-2013-0282.patch: adjust keystone/contrib/ec2/core.py
      to ensure user and tenant are enabled in EC2
    - CVE-2013-0282
    - LP: #1121494
  * SECURITY UPDATE: fix denial of service
    - debian/patches/CVE-2013-1664+1665.patch: disable XML entity parsing
    - CVE-2013-1664
    - CVE-2013-1665
    - LP: #1100279
    - LP: #1100282

 -- Jamie Strandboge <jamie@ubuntu.com>  Tue, 19 Feb 2013 11:48:27 -0600

keystone (2012.2.1-0ubuntu1.1) quantal-security; urgency=low

  * SECURITY UPDATE: fix token creation error handling 
    - debian/patches/CVE-2013-0247.patch: validate size of user_id, username,
      password, tenant_name, tenant_id and old_token size to help guard
      against a denial of service via large log files filling the disk
    - CVE-2013-0247

 -- Jamie Strandboge <jamie@ubuntu.com>  Thu, 31 Jan 2013 12:14:43 -0600

keystone (2012.2.1-0ubuntu1) quantal-proposed; urgency=low

  * Ubuntu updates:
    - debian/control: Ensure keystoneclient is upgraded with keystone,
      require python-keystoneclient >= 1:0.1.3. (LP: #1073273)
    - Dropped patches, applied upsteram:
      - debian/patches/CVE-2012-5563.patch
      - debian/patches/CVE-2012-5571.patch
      - debian/patches/fix-ssl-tests-lp1068851.patch
  * Resynchronize with stable/folsom (7869c3ec) (LP: #1085255):
    - [f9d4766] token expires time incorrect for auth by one token
      (LP: #1079216)
    - [80d63c8] keystone throws error when removing user from tenant.
      (LP: #1078497)
    - [37308dd] Removing user from a tenant isn't invalidating user access to
      tenant (LP: #1064914)
    - [bec9b68] Redo part of bp/sql-identiy-pam undone by bug 968519
      (LP: #1068674)
    - [ee645e6] Jenkins jobs fail because of incompatibility between sqlalchemy-
      migrate and the newest sqlalchemy-0.8.0b1 (LP: #1073569)
    - [094c494] Non PKI Tokens longer than 32 characters can never be valid
      (LP: #1060389)
    - [3cd343b] Openssl tests rely on expired certificate (LP: #1068851)
    - [2f9807e] Set defaultbranch in .gitreview to stable/folsom

 -- Adam Gandelman <adamg@ubuntu.com>  Tue, 04 Dec 2012 09:19:41 -0800

keystone (2012.2-0ubuntu1.2) quantal-security; urgency=low

  * SECURITY UPDATE: fix for EC2-style credentials invalidation
    - debian/patches/CVE-2012-5571.patch: adjust contrib/ec2/core.py to verify
      that the user is in at least one valid role for the tenant
    - CVE-2012-5571
    - LP: #1064914
  * debian/patches/fix-ssl-tests-lp1068851.patch: update certificates for
    SSL tests
  * SECURITY UPDATE: fix for token expiration
    - debian/patches/CVE-2012-5563.patch: ensure token expiration is
      maintained
    - CVE-2012-5563
    - LP: #1079216

 -- Jamie Strandboge <jamie@ubuntu.com>  Wed, 28 Nov 2012 11:29:47 -0600

keystone (2012.2-0ubuntu1) quantal; urgency=low

  * New upstream release.

 -- Chuck Short <zulcss@ubuntu.com>  Thu, 27 Sep 2012 12:22:07 -0500

keystone (2012.2~rc2-0ubuntu1) quantal; urgency=low

  * New upstream release.

 -- Chuck Short <zulcss@ubuntu.com>  Wed, 26 Sep 2012 13:15:29 -0500

keystone (2012.2~rc1-0ubuntu1) quantal; urgency=low

  * New upstream version.
  * debian/keystone.logrotate: Compress log file when rotated. (LP: #1049309) 

 -- Chuck Short <zulcss@ubuntu.com>  Mon, 17 Sep 2012 09:15:51 -0500

keystone (2012.2~rc1~20120906.2517-0ubuntu2) quantal; urgency=low

  [ Adam Gandelman ]
  * Refreshed patches.

  [ Soren Hansen ]
  * Update debian/watch to account for symbolically named tarballs and
    use newer URL.
  * Fix Launchpad URLs in debian/watch.

  [ Logan Rosen ]
  * Fix control file to suggest python-memcache instead of python-memcached
    (LP: #998991).

  [ Chuck Short ]
  * New upstream version.
  * Dont FTBFS if the testsuite fails.

 -- Chuck Short <zulcss@ubuntu.com>  Fri, 07 Sep 2012 13:04:01 -0500

keystone (2012.2~f3-0ubuntu1) quantal; urgency=low

  [ Adam Gandelman ]
  * debian/{keystone.conf, rules, keytone.install}: Install patched
    keystone.conf.sample configured for SQL backends to /etc/keystone,
    no longer maintain our own version in packaging. (LP: #1031012)
  * debian/patches/sql_connection.patch: Refreshed against current
    keystone.conf.sample.
  * debian/rules:  Use debian/tests as HOME to avoid test suite FTFBS.

  [ Sam Morrison ]
  * debian/keystone.logrotate: Sent output of keystone restart in logrotate
    to /dev/null. (LP: #1029766)

  [Chuck Short]
  * New upstream version.

 -- Chuck Short <zulcss@ubuntu.com>  Thu, 16 Aug 2012 13:59:29 -0500

keystone (2012.2~f2-0ubuntu1) quantal; urgency=low

  * New upstream version.

 -- Chuck Short <zulcss@ubuntu.com>  Fri, 06 Jul 2012 10:37:01 -0400

keystone (2012.2~f2~20120622.2353-0ubuntu1) quantal; urgency=low

  * New upstream release. 

 -- Chuck Short <zulcss@ubuntu.com>  Fri, 22 Jun 2012 12:27:50 -0400

keystone (2012.2~f2~20120529.2315-0ubuntu2) quantal; urgency=low

  * debian/keystone.conf: Add a functional default server config.
  * debian/keystone.install: Fix installation locations, install
    our default config alongside sample. 

 -- Adam Gandelman <adamg@canonical.com>  Wed, 06 Jun 2012 10:00:14 -0700

keystone (2012.2~f2~20120529.2315-0ubuntu1) quantal; urgency=low

  * New usptream release. 
  * debian/patches/sql_connection.patch: Refreshed

 -- Chuck Short <zulcss@ubuntu.com>  Fri, 01 Jun 2012 11:01:01 -0400

keystone (2012.2~f1-0ubuntu1) quantal; urgency=low

  * New ustpream release.
  * Prepare for quantal:
    - debian/patches/fix-ubuntu-tests.patch: Refreshed.
    - debian/patches/sql_connection.patch: Refreshed.
  * debian/keystone.install: Install the right configuration files.

 -- Chuck Short <zulcss@ubuntu.com>  Thu, 24 May 2012 14:04:20 -0400

keystone (2012.1-0ubuntu1) precise; urgency=low

  * New upstream version.
  * debian/man/keystone.8: Mention that there is a lack of ssl support.

 -- Chuck Short <zulcss@ubuntu.com>  Thu, 05 Apr 2012 10:42:24 -0400

keystone (2012.1~rc2-0ubuntu1) precise; urgency=low

  [Chuck Short]
  * New upstream version.
  * debian/keystone.install: install tools/{convert_to_sqlite.sh,
    sample_data.sh}

  [Adam Gandelman]
  * debian/patches/fix-ubuntu-tests.patch: Also skip keystoneclient
    essex 3 tests, add patch description
  * debian/keystone.logrotate: Add logrotate config (LP: #962426)

 -- Chuck Short <zulcss@ubuntu.com>  Wed, 04 Apr 2012 07:49:15 -0400

keystone (2012.1~rc1-0ubuntu1) precise; urgency=low

  [Chuck Short]
  * New usptream version.
  * debian/control: Add python-iso8601 as a depends.
  * debian/patches/fix-ubuntu-tests.patch: Disable git checkout on some
    of the tests.
  * dropped swift as a depends.

  [Adam Gandelman]
  * debian/patches/sql_connection.patch: Refresh
  * debian/logging.conf: Update and enable file logging (LP: #959610)
  * debian/keystone.prerm: Only attempt to cleanup database if it was
    configured during installation. (LP: #948719)
  * debian/rules: Fix doc builds + clean (LP: #956019)
  * debian/control: Add python-{nova, swift} as Build-Depends, required
    for doc building
  * debian/rules, debian/tests/test_overrides.conf: Setup a proper environment
    for unit testing

 -- Chuck Short <zulcss@ubuntu.com>  Mon, 26 Mar 2012 13:41:45 -0400

keystone (2012.1~rc1~20120316.2145-0ubuntu1) precise; urgency=low

  * New upstream release. 

 -- Adam Gandelman <adamg@canonical.com>  Fri, 16 Mar 2012 11:19:40 -0700

keystone (2012.1~rc1~20120308.2103-0ubuntu1) precise; urgency=low

  [ Adam Gandleman ]
  * debian/patches/keystone-auth.patch: Drop, applied upstream at commit
    29337e66.
  * debian/patches/sql_connection.patch: Refresh

  [ Chuck Short ]
  * New upstream release.
  * debian/patches/sql_connection.patch: Refreshed.

 -- Chuck Short <zulcss@ubuntu.com>  Fri, 09 Mar 2012 12:26:12 -0500

keystone (2012.1~e4-0ubuntu2) precise; urgency=low

  * debian/keystone.preinst: Create group before creating user (LP: #945299) 

 -- Adam Gandelman <adamg@canonical.com>  Fri, 02 Mar 2012 17:38:00 -0800

keystone (2012.1~e4-0ubuntu1) precise; urgency=low

  [ Chuck Short ]
  * New upstream release. 
  * debian/keystone.upstart: Update for ksl.
  * debian/control: Add python-keystoneclient as dependency.
  * debian/control: Fix typo.
  * debian/keystone.postinst: Update due to redux branch change.
  * debian/keystone.templates, debian/keystone.preinst, debian/kestone.postinst,
    debian/keystone.config, debian/README.Debian: Make keystone installation 
    less interactive. (LP: #931236)
  * debian/keystone.postinst: Don't create users or run a database sync
    since its not working correctly.
  * debian/control: Dropped python-coverage and python-nosexcover.
  * debian/changelog: Fixed changelog.
  * debian/keystone.templates: Set it to false.
  * debian/control: Fix lintian warnings.
  * debian/patches/keystone-auth.patch: Backport auth token improvements,
    this can be dropped in the next snapshot.
  * debian/control: Add python-memcache as a build dependency.
  * debian/keystone-doc.docs: Fix keystone doc builds.
  * debian/rules: Temporarily disable doc install.
  * debian/control: Add python-ldap and python-lxml.
  
  [ Joseph Heck ]
  * debian/control: Dropped python-cli.

  [ Adam Gandelman ]
  * debian/control: Alphabetize python depends 
  * debian/control: Add python-{eventlet, greenlet, passlib} to keystone
    depends
  * debian/control: Add python-lxml to python-keystone Depends
  * Drop 0001-Fix-keystone-all-failure-to-start.patch
  * debian/logging.conf: Temporarily use old logging.conf until upstream
    ships something usable
  * debain/patches/sql_connection.patch: Switch backends to use SQL backends
  * debian/keystone.preinst: Create directories
  * debian/keystone.postinst: Remove create_users stuff, add call to 'db_sync'
    on install

  [ Dave Walker ]
  * debian/patches/sql_connection.patch: Refreshed and reintroduced DEP-3
    headers.
  * debian/control: Added Vcs-Bzr field.

  [ Andrew Glen-Young ]
  * debian/keystone.preinst: Set the primary group to keystone. (LP: #941905)

 -- Chuck Short <zulcss@ubuntu.com>  Fri, 02 Mar 2012 09:55:24 -0500

keystone (2012.1~e4~20120203.1574-0ubuntu2) precise; urgency=low

  [Chuck Short]
  * debian/control: Moved python-prettytable and added 
    python-dateutil as a build dependency.

  [Julien Danjou]
  * Add dbconfig support. (LP: #930139)
  * Update db sync to sync_database in postinst. (LP: #930444)

 -- Chuck Short <zulcss@ubuntu.com>  Mon, 13 Feb 2012 09:14:12 -0500

keystone (2012.1~e4~20120203.1574-0ubuntu1) precise; urgency=low

  * New upstream release. 

 -- Chuck Short <zulcss@ubuntu.com>  Fri, 03 Feb 2012 16:35:51 -0500

keystone (2012.1~e3-0ubuntu1) UNRELEASED; urgency=low

  * Fix bad manpage formatting causing missing spaces (LP: #907206)
  * Adding python-prettytable to dependency.  (LP: #922954) 

 -- Daniel Polehn <dpolehn@gmail.com>  Sat, 28 Jan 2012 20:17:33 -0800

keystone (2012.1~e3-0ubuntu1) precise; urgency=low

  * New upstream release.
  * Dropped debian/patches/temp_fix_keystone_manage.patch: No longer needed.

 -- Chuck Short <zulcss@ubuntu.com>  Thu, 26 Jan 2012 10:53:46 -0500

keystone (2012.1~e3~20120113.1511-0ubuntu1) precise; urgency=low

  [Chuck Short]
  * New upstream version.
  * debian/control: Add python-migrate as a build depenedency. 
    (LP: #909941)
  * debian/keystone.dirs: Add cache directory for PTYHON_EGGS
  * debian/control: Add ssl-cert for ssl certificates.
  * debian/patches/keystone-ssl.patch: Point ssl config to the 
    snakeoil certificates.
  * debian/control: Add python-nose as a build dependency.

  [Adam Gandleman]
  * debian/python-keystone.postinst: Also install *.egg-info (LP: #907518) 
  * debian/patches/temp_fix_keyston_manage.patch: Allow keystone to work 
    with current snapshot.

 -- Chuck Short <zulcss@ubuntu.com>  Fri, 13 Jan 2012 10:09:46 +0100

keystone (2012.1~e2-0ubuntu1) precise; urgency=low

  * New upstream version.
  * debian/control: Clean up dependencies. 
  * debian/pydist-overrides: Dont install python-coverage.
  * debian/python-keystone.install: Don't ship examples in python
    packaging. (Debian Bug: #649907)
  * debian/man/*: Add manpages.

 -- Chuck Short <zulcss@ubuntu.com>  Fri, 16 Dec 2011 15:38:05 -0500

keystone (2012.1~e2~20111209.1405-0ubuntu1) precise; urgency=low

  * New upstream release.

 -- Chuck Short <zulcss@ubuntu.com>  Fri, 09 Dec 2011 16:27:35 -0500

keystone (2012.1~e2~20111202.1379-0ubuntu1) precise; urgency=low

  * New upstream release.
  * debian/control:
    + Fix dependencies. 
  * keystone.postinst:
    + Fix bashism.
    + Remove keystone-manage db sync.

 -- Chuck Short <zulcss@ubuntu.com>  Fri, 02 Dec 2011 09:40:35 -0500

keystone (2012.1~e2~20111125.1340-0ubuntu1) precise; urgency=low

  * New upstream release. 
  * debian/control: Dropped dependency on python-pysqlite.
  * debian/rules: Dont fail when building docs.
  * debian/rules: Fix doc build.

 -- Chuck Short <zulcss@ubuntu.com>  Fri, 25 Nov 2011 11:19:34 -0500

keystone (2012.1~e2~20111110.1301-0ubuntu2) precise; urgency=low

  * debian/patches/ftbfs_guard_main_call.patch:
    - Fix FTBFS by guarding a main() call to only run when the module is
      run as __main__, not when imported during documentation generation.

 -- Michael Terry <mterry@ubuntu.com>  Mon, 21 Nov 2011 16:43:45 -0500

keystone (2012.1~e2~20111118.1330-0ubuntu1) precise; urgency=low

  * New upstream release.

 -- Chuck Short <zulcss@ubuntu.com>  Fri, 18 Nov 2011 13:50:20 -0500

keystone (2012.1~e2~20111110.1301-0ubuntu1) precise; urgency=low

  * New upstream release.
  * debian/control: 
    + Added pep8 for tests.
    + Updated run time dependencies.
  * debian/keystone.postinst:
    + Add keystone group.
    + Setup permissions a bit better.
    + Setup keystone db.

 -- Chuck Short <zulcss@ubuntu.com>  Fri, 11 Nov 2011 11:51:27 -0500

keystone (1.0~d4~20111020.1244-0ubuntu1) precise; urgency=low

  * New upstream release.
  * Dropped:
    + add-missing-extension-files.patch
    + foreign_key.patch
  * dh_python2 transition.
  * Update dependencies.
  * Dont fail if tests fail.

 -- Chuck Short <zulcss@ubuntu.com>  Thu, 27 Oct 2011 11:06:53 -0400

keystone (1.0~d4~20110909.1108-0ubuntu4) precise; urgency=low

  * debian/patches/sql_connection.patch: Correct keystone.db path, 
    as identified by Atul Jha. (LP: #878282) 

 -- Dave Walker (Daviey) <DaveWalker@ubuntu.com>  Fri, 21 Oct 2011 13:17:51 +0100

keystone (1.0~d4~20110909.1108-0ubuntu3) oneiric; urgency=low

  [Dustin Kirkland]
  * debian/copyright:
    - fix copyright file, replace s/glance/keystone/

  [Juan Negron]
  * Added debian/patches/foreign_key.patch:  Fixed bug which attempted to to
    obtain a service_id by passing an Integer rather than a String to the
    Column function in models.py. (LP: #861682)

  [Brian Thomason]
  * Removed "|| true" from test execution in debian/rules as it was masking a
    failure.  After investigating the failure further, it was found that two
    files were missing from the contrib/extensions/service/raxkey dir that were
    a part of trunk at the time. (LP: #861813)
    - added keystone/contrib/extensions/service/raxkey/extension.xml
    - added keystone/contrib/extensions/service/raxkey/extension.json

 -- Brian Thomason <brian.thomason@canonical.com>  Wed, 28 Sep 2011 15:30:19 -0400

keystone (1.0~d4~20110909.1108-0ubuntu2) oneiric; urgency=low

  [Chuck Short]
  * Install configuration files. 
  * debian/patches/sql_connection.patch: 
    Specify a path for the sqlite database.
  * debian/rules: Add get-origs-source.

  [Juan L. Negron]
  * debian/control, debian/keystone.install:
    + Update dependencies for python-keystone.
    + Reanamed logging config file to match upstream.
      (LP: #860778)

  [Monty Taylor]
  * Added a conditional on dh_python2 so that the package works on lucid.

 -- Chuck Short <zulcss@ubuntu.com>  Tue, 27 Sep 2011 15:36:35 -0400

keystone (1.0~d4~20110909.1108-0ubuntu1) UNRELEASED; urgency=low

  * debian/rules:
    + Add get-orig-source. 
  * debian/keystone.install:
    + Ship configuration files.
  + debian/copyright:
    + Change glance to keystone.

 -- Chuck Short <zulcss@ubuntu.com>  Thu, 27 Oct 2011 10:02:39 -0400

keystone (1.0~d4~20110909.1108-0ubuntu2) oneiric; urgency=low

  * Added a conditional on dh_python2 so that the package works on lucid.
  * Added python-passlib build-depend. (LP: #862576)

 -- Monty Taylor <mordred@inaugust.com>  Thu, 29 Sep 2011 11:56:36 -0700

keystone (1.0~d4~20110909.1108-0ubuntu1) oneiric; urgency=low

  [Chuck Short]
  * New upstream release.
  * debian/control:
    + Bump standards to 3.9.2.
    + Fix lintian warnings.
    + Update maintainer.
  * debian/rules: Dont fail to build if tests fail.
  
  [Dan Prince]
  * Fix debian/rules file so it works with nodoc.

 -- Chuck Short <zulcss@ubuntu.com>  Fri, 09 Sep 2011 16:25:30 -0400

keystone (1.0~d4~20110823.1078-0ubuntu0) UNRELEASED; urgency=low

  * Add python-mox as a build depend.

 -- Monty Taylor <mordred@inaugust.com>  Fri, 09 Sep 2011 11:00:27 -0700

keystone (1.0~d4~20110819.1045-0ubuntu1) UNRELEASED; urgency=low

  * New upstream release.
  * Removed fix_tests patch (don't need it any more)
  * Fixed debian/watch file.
  * Use root level run_tests now.
  * We need a special version of webob.
  * Added adduser depend.
  * Added python-sphinx build depend.

 -- Monty Taylor <mordred@inaugust.com>  Wed, 24 Aug 2011 09:05:05 -0700

keystone (1.0~20110713.1-0ubuntu1~ppa1) UNRELEASED; urgency=low

  * Add keystone-docs package.

 -- Soren Hansen <soren@ubuntu.com>  Thu, 14 Jul 2011 10:47:13 +0200

keystone (1.0~20110711.1-0ubuntu1~ppa1) oneiric; urgency=low

  * Initial upload.

 -- Soren Hansen <soren@ubuntu.com>  Wed, 25 May 2011 15:57:15 +0200

