Explore top 10 tips to secure your open-source projects now. Read More
×
Several security issues were fixed in Swift.
Software Description:
- swift: OpenStack distributed virtual object store
Details:
Rajaneesh Singh discovered Swift does not properly enforce metadata
limits. An attacker could abuse this issue to store more metadata than
allowed by policy. (CVE-2014-7960)
Clay Gerrard discovered Swift allowed users to delete the latest version
of object regardless of object permissions when allow_version is
configured. An attacker could use this issue to delete objects.
(CVE-2015-1856)
The problem can be corrected by updating your system to the following package versions: Ubuntu 15.04: swift 2.2.2-0ubuntu1.3 Ubuntu 14.04 LTS: swift 1.13.1-0ubuntu1.2 Ubuntu 12.04 LTS: swift 1.4.8-0ubuntu2.5 After a standard system update you need to restart swift to make all the necessary changes.
https://ubuntu.com/security/notices/USN-2704-1
CVE-2014-7960, CVE-2015-1856
Get the latest Linux and open source security news straight to your inbox.