Your submission was sent successfully! Close

USN-5387-1: Barbican vulnerabilities

25 April 2022

Several security issues were fixed in barbican.

Releases

Packages

  • barbican - OpenStack Key Management Service - API Server

Details

Douglas Mendizábal discovered that Barbican incorrectly handled access
restrictions. An authenticated attacker could possibly use this issue to
consume protected resources and possibly cause a denial of service.
(CVE-2022-23451, CVE-2022-23452)

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 21.10
Ubuntu 20.04
Ubuntu 18.04

In general, a standard system update will make all the necessary changes.