[Git][security-tracker-team/security-tracker][master] Add temporary item for keystone issue
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Tue Nov 4 18:03:11 GMT 2025
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
e1f28e3d by Salvatore Bonaccorso at 2025-11-04T18:55:16+01:00
Add temporary item for keystone issue
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,9 @@
+CVE-2025-XXXX [OSSA-2025-002: Unauthenticated access to EC2/S3 token endpoints can grant Keystone authorization]
+ - keystone <unfixed> (bug #1120053)
+ NOTE: https://www.openwall.com/lists/oss-security/2025/11/04/2
+ NOTE: https://bugs.launchpad.net/keystone/+bug/2119646
+ NOTE: src:swift (Bug #1120057) and src:heat (Bug #1120059) require updates along for
+ NOTE: compatibility with the OSSA-2025-002/keystone update.
CVE-2025-11563
- curl <unfixed>
[trixie] - curl <no-dsa> (Minor issue)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e1f28e3d9035c26c18d98a58b2fc9e06f1e15656
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e1f28e3d9035c26c18d98a58b2fc9e06f1e15656
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20251104/71a914e6/attachment.htm>
More information about the debian-security-tracker-commits
mailing list