[Bug 2130629] Re: OSSA-2025-002: Unauthenticated access to EC2/S3 token endpoints can grant Keystone authorization
Edward Hope-Morley
2130629 at bugs.launchpad.net
Mon Nov 10 15:39:10 UTC 2025
** Also affects: cloud-archive
Importance: Undecided
Status: New
** Also affects: cloud-archive/caracal
Importance: Undecided
Status: New
** Also affects: cloud-archive/flamingo
Importance: Undecided
Status: New
** Also affects: cloud-archive/yoga
Importance: Undecided
Status: New
** Also affects: cloud-archive/epoxy
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Ubuntu
OpenStack, which is subscribed to keystone in Ubuntu.
https://bugs.launchpad.net/bugs/2130629
Title:
OSSA-2025-002: Unauthenticated access to EC2/S3 token endpoints can
grant Keystone authorization
Status in Ubuntu Cloud Archive:
New
Status in Ubuntu Cloud Archive caracal series:
New
Status in Ubuntu Cloud Archive epoxy series:
New
Status in Ubuntu Cloud Archive flamingo series:
New
Status in Ubuntu Cloud Archive yoga series:
New
Status in keystone package in Ubuntu:
Fix Released
Bug description:
This is a placeholder bug for the Nov 2025 Keystone security issue as
there is no CVE assigned to it yet.
To manage notifications about this bug go to:
https://bugs.launchpad.net/cloud-archive/+bug/2130629/+subscriptions
More information about the Ubuntu-openstack-bugs
mailing list