-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-6104-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff January 20, 2026 https://www.debian.org/security/faq - -------------------------------------------------------------------------
Package : python-keystonemiddleware CVE ID : CVE-2026-22797 Grzegorz Grasza discovered a vulnerability in the Openstack middleware to provide authentication and authorization features to web services other than Keystone: If an external OAuth provider is configured, authentication headers are insufficiently sanitised, which could result in privilege escalation or user impersonation. The oldstable distribution (bookworm) is not affected. For the stable distribution (trixie), this problem has been fixed in version 10.9.0-2+deb13u1. We recommend that you upgrade your python-keystonemiddleware packages. For the detailed security status of python-keystonemiddleware please refer to its security tracker page at: https://security-tracker.debian.org/tracker/python-keystonemiddleware Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: [email protected] -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmlv9V4ACgkQEMKTtsN8 TjZZ7xAAk6VFSlGpFcrwq0VtWUJBH4IucQtGItFX5IA6R6QFubUCR5ksqQT6t5Ya XZ9Bh9WZ6e+ozVxtS+UTFzXz2G/2F/089+S9Quv5m+V6e/kEg9KHhDls+BPRMt1H MGvYBmom4tqVGKaVYCMPjJrXdRd56ogmlT7DrOLFd/0sv2d5YZ8DKsIYoVTDY2ec /TfKrUk3LwNJZMavyJmIL4zM7WrJWhGnDjTWQIXuVsk4bvYHf5aehsjxJWOJETxH GEBIMp0hAnQbsnNL+NhbCPknmTlUD67yJcrXups/J0ImKEN3jNClI47XNv2rOWNu 2KjFjDqYpn/HbpDbDbuHiF7+TXASDk6YEkTlQYfBwO8MiDYO/Vs7MgSV2ZFHdKXy jPmlOZC2nYZYZvNca5qR5BEXKEUZRb4k+Kca9OIVHqZoCRbiE9syz49Ri8HSSO5E HNB9n/ylurFjJ5u5KoK43inBETd4rt5A5wwjqd0bvfpOrYIRcKyrzqjK3CI+X0Ga iQSgDDnPY+xxflZYCi9UP/BksoTW9/ARjbANJXy4fCMhx5W7TXDp1ulqjvgcJwFH TVBQfk2qMJLWZo5OKN2r0teBfedVOLLS4OBX/myWXI7TiOvrJsmqqynqClTPzRsm ZHn9eRXcKnKwiFENl/da7VFzmF4wHYaCIjY27d5F8dcCapX8tr8= =UfgB -----END PGP SIGNATURE-----
