Package "keystone"

Name:	keystone
Description:	OpenStack identity service - Daemons
Latest version:	2:21.0.1-0ubuntu2.1
Release:	jammy (22.04)
Level:	security
Repository:	main
Homepage:	https://opendev.org/openstack/keystone

Links

Raw Package Information

All versions of this package

Bug fixes

List of files in package

Repository home page

Download "keystone"

All arch deb package

APT INSTALL

Other versions of "keystone" in Jammy

Repository	Area	Version
base	main	2:21.0.0-0ubuntu1
updates	main	2:21.0.1-0ubuntu2.1

Packages in group

Deleted packages are displayed in grey.

Changelog

Version: 2:21.0.1-0ubuntu2.1 2025-12-11 21:08:03 UTC

keystone (2:21.0.1-0ubuntu2.1) jammy-security; urgency=medium * SECURITY UPDATE: Unauthenticated access to EC2/S3 token endpoints can grant Keystone authorization (LP: 2119646) - d/p/lp2119646.patch: Add a policy to enforce authentication with a user in the service group. - d/p/Consistent-and-Secure-RBAC-Phase-1.patch: Update system-scoped policies to also accept project-admin tokens. - d/p/Fix-policies-for-groups.patch: Fix policies for groups. - d/p/Allow-admin-to-access-tokens-and-credentials.patch: Allos users with the "admin" role to access /v3/auth/tokens and /v3/credentials. - d/p/Dont-enforce-when-HTTP-GET-on-s3tokens-and-ec2tokens.patch: Don't enforce when HTTP GET on s3tokens and ec2tokens. - CVE-2025-65073 -- Felipe Reyes <email address hidden> Fri, 07 Nov 2025 16:50:55 +0100

CVE-2025-65073

OpenStack Keystone before 26.0.1, 27.0.0, and 28.0.0 allows a /v3/ec2tokens or /v3/s3tokens request with a valid AWS Signature to provide Keystone au

About - Send Feedback to @ubuntu_updates

Package "keystone"

Links

Download "keystone"

Other versions of "keystone" in Jammy

Packages in group

Changelog

Share this page

Bookmarks

Latest updates

proposed

updates

PPA updates