[ubuntu/questing-security] python-keystonemiddleware 10.12.0-0ubuntu1.1 (Accepted)
Marc Deslauriers
marc.deslauriers at canonical.com
Tue Feb 3 12:58:15 UTC 2026
python-keystonemiddleware (10.12.0-0ubuntu1.1) questing-security; urgency=medium
* SECURITY UPDATE: Privilege Escalation via Identity Headers in External
OAuth2 Tokens
- debian/patches/CVE-2026-22797.patch: sanitize incoming authentication
headers in keystonemiddleware/external_oauth2_token.py,
keystonemiddleware/tests/unit/test_external_oauth2_token_middleware.py.
- CVE-2026-22797
Date: 2026-01-20 19:45:10.832900+00:00
Changed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
https://launchpad.net/ubuntu/+source/python-keystonemiddleware/10.12.0-0ubuntu1.1
-------------- next part --------------
Sorry, changesfile not available.
More information about the Questing-changes
mailing list