1. Forum
  2. Usenet
  3. LINUX.DEBIAN.ANNOUNCE.SEC

  • [SECURITY] [DSA 4679-1] keystone security update

    From Moritz Muehlenhoff@1:229/2 to All on Wed May 6 23:10:02 2020
    From: [email protected]

    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA512

    - ------------------------------------------------------------------------- Debian Security Advisory DSA-4679-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff
    May 06, 2020 https://www.debian.org/security/faq
    - -------------------------------------------------------------------------

    Package : keystone
    CVE ID : not yet available
    Debian Bug : 959900

    A vulnerability was found in the EC2 credentials API of Keystone, the
    OpenStack identity service: Any user authenticated within a limited
    scope (trust/oauth/application credential) could create an EC2 credential
    with an escalated permission, such as obtaining "admin" while
    the user is on a limited "viewer" role.

    For the stable distribution (buster), this problem has been fixed in
    version 2:14.2.0-0+deb10u1.

    We recommend that you upgrade your keystone packages.

    For the detailed security status of keystone please refer to
    its security tracker page at: https://security-tracker.debian.org/tracker/keystone

    Further information about Debian Security Advisories, how to apply
    these updates to your system and frequently asked questions can be
    found at: https://www.debian.org/security/

    Mailing list: [email protected]
    -----BEGIN PGP SIGNATURE-----

    iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAl6zIwkACgkQEMKTtsN8 Tjb8fRAAi5rEWlp7Y4LzE7q/lI8R/622m/8nGve65O8FfnRJdp1jjkORvTSOuX7j l5QH6x6juRwU9j6HhYtotcCi7HMIl3R9Xw75AHIZPor/evL+P2Ry8lVnXqui2qVj BUMgjo7xJE8LBTrtXqI1dBfHi+4KHfwKYMG0MGvuBo4mWFCdwD5BioYjklcmdanS 2MxmCHxooQn+3ZYQE/fb0JIMUctp/qf/EUMyn/8IkvBk41Rac4yI2efLLl8TJGst im+X8f/pZsnmP3uzYcNz3hsEDQUvM5dp6We9VJjSLG33hOBs0rj87fTyfPJbK1Az i/uLpVu2oJ6/9U5bZrgelD3z5OzY/t6O2JEPq/GUUcQbc7In3ih7U9y0qnC96c9O xHUgC5wXFdInVSU+fFLzmJNWViOCCyOfWszI7GJUQzOkbSgXBf8Q+nN6N1YgUDwO KfSs1URlfWxl51a+6+JEtje0WFuSnjcgFNt9WGIU7MX7gby7G30Ob9RYfMtYIZqs 51PjA/OlWZz7sQOX4TMqyDtEVMl08/uO/ftHfS60xG7APAx/v+JFxWe9ErsFZjvp /rzH6Hzzz4WvOSK7zXCkqr35gp/CSqdQi57miQQ8ele4ySeeLH9tKssd40xJKMKN FEkBHgmKV+5FbuuXcNnfxYXRQcmt/0GkzGCDhNqx2H2TFj3rqw4=
    =go1k
    -----END PGP SIGNATURE-----

    --- SoupGate-Win32 v1.05
    * Origin: you cannot sedate... all the things you hate (1:229/2)