Stay Secure with the Latest Linux Advisories

security advisorymoderateupdate instructions

Ubuntu 15.04 Swift: USN-2704-1 Moderate: Metadata Issue and Deletion Threat

Several security issues were fixed in Swift.. =========================================================================Ubuntu Security Notice USN-2704-1 August 06, 2015 swift vulnerabilities ========================================================================= A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 15.04 - Ubuntu 14.04 LTS - Ubuntu 12.04 LTS Summary: Several security issues were fixed in Swift. Software Description: - swift: OpenStack distributed virtual object store Details: Rajaneesh Singh discovered Swift does not properly enforce metadata limits. An attacker could abuse this issue to store more metadata than allowed by policy. (CVE-2014-7960) Clay Gerrard discovered Swift allowed users to delete the latest version of object regardless of object permissions when allow_version is configured. An attacker could use this issue to delete objects. (CVE-2015-1856) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 15.04: swift 2.2.2-0ubuntu1.3 Ubuntu 14.04 LTS: swift 1.13.1-0ubuntu1.2 Ubuntu 12.04 LTS: swift 1.4.8-0ubuntu2.5 After a standard system update you need to restart swift to make all the necessary changes. References: https://ubuntu.com/security/notices/USN-2704-1 CVE-2014-7960, CVE-2015-1856 Package Information: https://launchpad.net/ubuntu/+source/swift/2.2.2-0ubuntu1.3 https://launchpad.net/ubuntu/+source/swift/1.13.1-0ubuntu1.2 https://launchpad.net/ubuntu/+source/swift/1.4.8-0ubuntu2.5 . Multiple vulnerabilities addressed in Swift applications affect Ubuntu versions 12.04, 14.04, and 15.04, necessitating urgent patches.. Ubuntu Swift Security, Object Store Vulnerabilities, Update Instructions. . LinuxSecurity.com Team

Aug 06, 2015 Ubuntu