[Bug 2130629] Re: Nov 2025 Keystone security issue
Marc Deslauriers
2130629 at bugs.launchpad.net
Tue Nov 4 16:47:59 UTC 2025
Announcement: https://www.openwall.com/lists/oss-security/2025/11/04/2
** Information type changed from Private Security to Public Security
** Summary changed:
- Nov 2025 Keystone security issue
+ OSSA-2025-002: Unauthenticated access to EC2/S3 token endpoints can grant Keystone authorization
--
You received this bug notification because you are a member of Ubuntu
OpenStack, which is subscribed to keystone in Ubuntu.
https://bugs.launchpad.net/bugs/2130629
Title:
OSSA-2025-002: Unauthenticated access to EC2/S3 token endpoints can
grant Keystone authorization
Status in keystone package in Ubuntu:
New
Bug description:
This is a placeholder bug for the Nov 2025 Keystone security issue as
there is no CVE assigned to it yet.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/keystone/+bug/2130629/+subscriptions
More information about the Ubuntu-openstack-bugs
mailing list