CVE-2013-4155
Published: 7 August 2013
OpenStack Swift before 1.9.1 in Folsom, Grizzly, and Havana allows authenticated users to cause a denial of service ("superfluous" tombstone consumption and Swift cluster slowdown) via a DELETE request with a timestamp that is older than expected.
Priority
Status
Package | Release | Status |
---|---|---|
swift Launchpad, Ubuntu, Debian |
lucid |
Does not exist
|
precise |
Released
(1.4.8-0ubuntu2.3)
|
|
quantal |
Released
(1.7.4-0ubuntu2.3)
|
|
raring |
Released
(1.8.0-0ubuntu1.3)
|
|
saucy |
Not vulnerable
(1.9.1-0ubuntu1)
|
|
upstream |
Released
(1.9.1)
|
|
Patches: upstream: https://review.openstack.org/#/c/40646/ upstream: https://review.openstack.org/#/c/40645/ |