Ubuntu Update For Swift USN-2207-1 Network Vulnerability

Solution

Please Install the Updated Packages.

Insight

Samuel Merritt discovered a timing attack vulnerability in OpenStack Swift. If Swift was configured to use the TempURL middleware, an attacker could exploit this to guess valid secret URLs and obtain unintended access to objects publicly shared with specific recipients.

Affected

swift on Ubuntu 13.10 , Ubuntu 12.10 , Ubuntu 12.04 LTS

References

https://lists.ubuntu.com/archives/ubuntu-security-announce/2014-May/002506.html

Updated on 2015-03-25

Severity

Classification

CVE CVE-2014-0006

CVSS	Base Score: 4.3 AV:N/AC:M/Au:N/C:P/I:N/A:N

Related Vulnerabilities

Ubuntu Update for ceilometer USN-2311-2
Ubuntu Update for bzip2 vulnerability USN-590-1
Ubuntu Update for cups USN-1207-1
Ubuntu Update for clamav USN-1482-2
Ubuntu Update for apt-xapian-index USN-1955-1

Ubuntu Update for swift USN-2207-1

Take action and discover your vulnerabilities