USN-2001-1: Swift vulnerability
Ubuntu Security Notice USN-2001-1
23rd October, 2013
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 13.04
- Ubuntu 12.10
- Ubuntu 12.04 LTS
Swift could cause the system to crash if it received specially crafted requests over the network.
- swift - OpenStack distributed virtual object store
Peter Portante discovered that Swift did not properly handle requests with
old X-Timestamp values. An authenticated attacker could exploit this to
cause a denial of service via disk consumption.
The problem can be corrected by updating your system to the following package version:
- Ubuntu 13.04:
- python-swift 1.8.0-0ubuntu1.3
- Ubuntu 12.10:
- python-swift 1.7.4-0ubuntu2.3
- Ubuntu 12.04 LTS:
- python-swift 1.4.8-0ubuntu2.3
To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.
In general, a standard system update will make all the necessary changes.