USN-6630-1: Glance_store vulnerability
12 February 2024
Glance_store could be made to expose sensitive information.
Releases
Packages
- python-glance-store - OpenStack Image Service store library
Details
It was discovered that Glance_store incorrectly handled logging when the
DEBUG log level is enabled. A local attacker could use this issue to obtain
access_key values.
Update instructions
The problem can be corrected by updating your system to the following package versions:
Ubuntu 23.10
Ubuntu 22.04
Ubuntu 20.04
In general, a standard system update will make all the necessary changes.