========================================================================== Ubuntu Security Notice USN-8008-1 February 03, 2026
python-keystonemiddleware vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 25.10 - Ubuntu 24.04 LTS Summary: Keystone Middleware could allow unintended access to network services. Software Description: - python-keystonemiddleware: Middleware for OpenStack Identity (Keystone) Details: Grzegorz Grasza discovered that the Keystone Middleware incorrectly sanitized authentication headers before processing OAuth 2.0 tokens. An attacker could possibly use this issue to escalate privileges or impersonate other users. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 25.10 python3-keystonemiddleware 10.12.0-0ubuntu1.1 Ubuntu 24.04 LTS python3-keystonemiddleware 10.6.0-0ubuntu1.1 After a standard system update you need to restart Keystone to make all the necessary changes. References: https://ubuntu.com/security/notices/USN-8008-1 CVE-2026-22797 Package Information: https://launchpad.net/ubuntu/+source/python-keystonemiddleware/10.12.0-0ubuntu1.1 https://launchpad.net/ubuntu/+source/python-keystonemiddleware/10.6.0-0ubuntu1.1
signature.asc
Description: OpenPGP digital signature
