Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 634
Alerts This Week
Warning Icon 1 634

Ubuntu 22.04 LTS: USN-5697-1 High: Barbican Data Exposure Risk

ubuntu
Calendar Grey October 25, 2022
Dist Ubuntu Esm H88
A recent flaw in Barbican could lead to unauthorized access to confidential information. To safeguard your systems, ensure your Ubuntu installations are up to date.
Barbican could be made to expose sensitive information over the network.

Summary

Barbican could be made to expose sensitive information over the

network.

Software Description:

- barbican: OpenStack Key Management Service - API Server

Details:

Douglas Mendizabal discovered that Barbican incorrectly handled certain

query strings. A remote attacker could possibly use this issue to bypass

the access policy.

Update Instructions

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 22.04 LTS:
   python3-barbican                2:14.0.0-0ubuntu1.1

Ubuntu 20.04 LTS:
   python3-barbican                1:10.1.0-0ubuntu2.2

Ubuntu 18.04 LTS:
   python-barbican                 1:6.0.1-0ubuntu1.2

In general, a standard system update will make all the necessary changes.

References

CVE-2022-3100

October 25, 2022

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.