Reviewed: https://review.opendev.org/c/openstack/keystone/+/966871 Committed: https://opendev.org/openstack/keystone/commit/4f51cdcc5c1f4f082a5fffd470d1f65b6fa65ecd Submitter: "Zuul (22348)" Branch: unmaintained/2024.1
commit 4f51cdcc5c1f4f082a5fffd470d1f65b6fa65ecd Author: Grzegorz Grasza <[email protected]> Date: Fri Sep 19 14:02:18 2025 +0200 Add service user authentication to ec2 and s3 endpoints Add a policy to enforce authentication with a user in the service group. This maintains AWS compatibility with the added security layer. Conflicts: keystone/tests/unit/test_contrib_ec2_core.py keystone/tests/unit/test_contrib_s3_core.py keystone/tests/unit/test_v3_credential.py Closes-Bug: 2119646 Change-Id: Ic84b84247e05f29874e2c5636a033aaedd4de83c Signed-off-by: Grzegorz Grasza <[email protected]> Signed-off-by: Jeremy Stanley <[email protected]> Signed-off-by: Artem Goncharov <[email protected]> Signed-off-by: Brian Haley <[email protected]> (cherry picked from commit 68c1817e1cf1ed284d8420a6e1261749648bccd8) (cherry picked from commit aea59e3117db10a3463dfcbac2caa7faa29dfccf) -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2119646 Title: [OSSA-2025-002] Unauthenticated access to EC2/S3 token endpoints can grant Keystone authorization (CVE-2025-65073) To manage notifications about this bug go to: https://bugs.launchpad.net/keystone/+bug/2119646/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
