OpenStack Keystone Vulnerability Closed for Ubuntu 12.10 and Ubuntu 12.04
In order to repair the problem, users will have to upgrade the operating system
On February 5, Canonical published in a security notice details about a QXL graphics driver vulnerability for its Ubuntu 12.10 and Ubuntu 12.04 operating systems.According to Canonical, Guests using the QXL graphics driver could be caused to hang or crash.
It was discovered that Keystone did not properly perform input validation when handling certain error conditions. An unauthenticated user could exploit this to cause a denial of service in Keystone API servers via disk space exhaustion.
The security flaws can be fixed if you upgrade your system(s) to the latest python-keystone package, specific to each distribution. To apply the update, run the Update Manager application.
In general, a standard system update will make all the necessary changes. A system restart will not be necessary to implement the changes.
To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.
HOT RIGHT NOW