USN-5697-1: Barbican vulnerability
25 October 2022
Barbican could be made to expose sensitive information over the network.
- barbican - OpenStack Key Management Service - API Server
Douglas Mendizabal discovered that Barbican incorrectly handled certain
query strings. A remote attacker could possibly use this issue to bypass
the access policy.
The problem can be corrected by updating your system to the following package versions:
In general, a standard system update will make all the necessary changes.