========================================================================== Ubuntu Security Notice USN-5852-1 February 09, 2023 swift vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 22.10 - Ubuntu 22.04 LTS - Ubuntu 20.04 LTS Summary: OpenStack Swift could be made to expose sensitive information over the network. Software Description: - swift: OpenStack distributed virtual object store Details: It was discovered that OpenStack Swift incorrectly handled certain XML files. A remote authenticated user could possibly use this issue to obtain arbitrary file contents containing sensitive information from the server. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 22.10: python3-swift 2.30.1-0ubuntu1 swift 2.30.1-0ubuntu1 Ubuntu 22.04 LTS: python3-swift 2.29.2-0ubuntu1 swift 2.29.2-0ubuntu1 Ubuntu 20.04 LTS: python3-swift 2.25.2-0ubuntu1.1 swift 2.25.2-0ubuntu1.1 This update uses a new upstream release, which includes additional bug fixes. In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-5852-1 CVE-2022-47950 Package Information: https://launchpad.net/ubuntu/+source/swift/2.30.1-0ubuntu1 https://launchpad.net/ubuntu/+source/swift/2.29.2-0ubuntu1 https://launchpad.net/ubuntu/+source/swift/2.25.2-0ubuntu1.1
Ubuntu 5852-1: OpenStack Swift vulnerability
February 9, 2023
OpenStack Swift could be made to expose sensitive information over the network.
Summary
A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 22.10 - Ubuntu 22.04 LTS - Ubuntu 20.04 LTS Summary: OpenStack Swift could be made to expose sensitive information over the network. Software Description: - swift: OpenStack distributed virtual object store Details: It was discovered that OpenStack Swift incorrectly handled certain XML files. A remote authenticated user could possibly use this issue to obtain arbitrary file contents containing sensitive information from the server.
Update Instructions
The problem can be corrected by updating your system to the following package versions: Ubuntu 22.10: python3-swift 2.30.1-0ubuntu1 swift 2.30.1-0ubuntu1 Ubuntu 22.04 LTS: python3-swift 2.29.2-0ubuntu1 swift 2.29.2-0ubuntu1 Ubuntu 20.04 LTS: python3-swift 2.25.2-0ubuntu1.1 swift 2.25.2-0ubuntu1.1 This update uses a new upstream release, which includes additional bug fixes. In general, a standard system update will make all the necessary changes.
References
https://ubuntu.com/security/notices/USN-5852-1
CVE-2022-47950
Severity
Ubuntu Security Notice USN-5852-1
Package Information
https://launchpad.net/ubuntu/+source/swift/2.30.1-0ubuntu1 https://launchpad.net/ubuntu/+source/swift/2.29.2-0ubuntu1 https://launchpad.net/ubuntu/+source/swift/2.25.2-0ubuntu1.1
News
HOWTOs
Features
Best Linux Backup Solutions to Prevent Data Loss in A Ransomware Attack
ManageEngine Vulnerability Manager Plus: How To Protect Your Enterprise from Security Vulnerabilities
High-Impact DoS, Arbitrary Code Execution, Spoofing Bugs Fixed in Thunderbird 102.9.0
A Guide to Business Cybersecurity: Common Digital Attacks and Precautions
New Linux IceFire Ransomware Variant Discovered: What You Need to Know to Secure Your Systems
About Us
Powered By
