14 DAY TRIAL // Canonical published details about OpenStack Keystone vulnerabilities in a security notice for its Ubuntu 12.04 LTS, Ubuntu 12.10, and Ubuntu 13.04 operating systems.
According to Canonical, Keystone would allow unintended access over the network.
It was discovered that Keystone would not immediately invalidate tokens when deleting users via the v2 API. A deleted user would be able to continue to use resources until the token lifetime expired.
For a more detailed description of the security problems, you can visit Canonical's security notification.
The security flaws can be fixed if you upgrade your system(s) to the latest python-keystone package, specific to each distribution. To apply the update, run the Update Manager application.
In general, a standard system update will make all the necessary changes. A system restart will not be necessary to implement them.