Ubuntu 14.04 LTS : OpenStack Swift vulnerabilities (USN-3451-1)

The remote Ubuntu 14.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3451-1 advisory. It was discovered that OpenStack Swift incorrectly handled tempurls. A remote authenticated user in possession of a tempurl key authorized for PUT could...

USN-3451-1: OpenStack Swift vulnerabilities

It was discovered that OpenStack Swift incorrectly handled tempurls. A remote authenticated user in possession of a tempurl key authorized for PUT could retrieve other objects in the same Swift account. CVE-2015-5223 Romain Le Disez and Örjan Persson discovered that OpenStack Swift incorrectly...

Moderate: Red Hat Security Advisory: openstack-swift security update

Updated openstack-swift packages that fix one security issue are now available for Red Hat Enterprise Linux OpenStack Platform 5.0, 6.0, and 7.0. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a...

openstack-swift: Information leak via Swift tempurls

A flaw was discovered in the OpenStack Object Storage service swift TempURLs. An attacker in possession of a TempURL key with PUT permissions could gain read access to other objects in the same project tenant...