diff options
Diffstat (limited to 'releasenotes/notes/bug-1688137-e4203c9a728690a7.yaml')
-rw-r--r-- | releasenotes/notes/bug-1688137-e4203c9a728690a7.yaml | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/releasenotes/notes/bug-1688137-e4203c9a728690a7.yaml b/releasenotes/notes/bug-1688137-e4203c9a728690a7.yaml new file mode 100644 index 000000000..bd7a06069 --- /dev/null +++ b/releasenotes/notes/bug-1688137-e4203c9a728690a7.yaml @@ -0,0 +1,8 @@ +--- +fixes: + - | + [`bug 1688137 <https://bugs.launchpad.net/keystone/+bug/1688137>`_] + Fixed the AccountLocked exception being shown to the end user since + it provides some information that could be exploited by a + malicious user. The end user will now see Unauthorized instead of + AccountLocked, preventing user info oracle exploitation. |