Not a user yet?
Log in Register for free Suggest a product
Update

USN-7857-1: OpenStack Keystone vulnerability

Ubuntu ServerUbuntu Server
Canonical

USN-7857-1: OpenStack Keystone vulnerability

Publication date: 4 November 2025
Overview: OpenStack Keystone could allow unintended access to network services.

Packages
keystone - OpenStack identity service

Details
Kay discovered that OpenStack Keystone incorrectly handled the ec2tokens
and s3tokens APIs. A remote attacker could possibly use this issue to
obtain unauthorized access and escalate privileges.

Update instructions
The problem can be corrected by updating your system to the following package versions:

25.10 questing

  • keystone – 2:28.0.0-0ubuntu1.1
  • python3-keystone – 2:28.0.0-0ubuntu1.1

25.04 plucky

  • keystone – 2:27.0.0-0ubuntu1.1
  • python3-keystone – 2:27.0.0-0ubuntu1.1

24.04 LTS noble

  • keystone – 2:25.0.0-0ubuntu1.1
  • python3-keystone – 2:25.0.0-0ubuntu1.1
More updatesTo the product
The manufacturer Canonical has not yet set up its devicebase profile. Content such as updates, compatibilities and support may only be maintained with a delay.
Receive Important Update Messages Stay tuned for upcoming Canonical updates

More from the Operating Systems section

Was the content helpful to you?

Advertisement Advertise here?
Udemy IT certification ad