Ubuntu
python-keystonemiddleware package

python-keystonemiddleware 10.12.0-0ubuntu1.1 source package in Ubuntu

Changelog

python-keystonemiddleware (10.12.0-0ubuntu1.1) questing-security; urgency=medium

  * SECURITY UPDATE: Privilege Escalation via Identity Headers in External
    OAuth2 Tokens
    - debian/patches/CVE-2026-22797.patch: sanitize incoming authentication
      headers in keystonemiddleware/external_oauth2_token.py,
      keystonemiddleware/tests/unit/test_external_oauth2_token_middleware.py.
    - CVE-2026-22797

 -- Marc Deslauriers <email address hidden>  Tue, 20 Jan 2026 14:14:11 -0500

Upload details

Uploaded by:
Marc Deslauriers
Uploaded to:
Questing
Original maintainer:
Ubuntu Developers
Architectures:
all
Section:
python
Urgency:
Medium Urgency

See full publishing history Publishing

Series Pocket Published Component Section
Questing updates main misc
Questing security main misc

Builds

Questing: [FULLYBUILT] amd64

Downloads

File Size SHA-256 Checksum
python-keystonemiddleware_10.12.0.orig.tar.gz 210.5 KiB 0da92b4af5178410e15a1b99f56d9cdeb2546eed088c69bc39e666fe09f869bf
python-keystonemiddleware_10.12.0.orig.tar.gz.asc 228 bytes c7c4b75dd338b276fb20ecd733c70e796dc2bd3b73bee2ea11c9840ea65141d1
python-keystonemiddleware_10.12.0-0ubuntu1.1.debian.tar.xz 9.9 KiB b7524de74eaaba614643a952f3a4d59e8d8648a6193738e3695a057950f3b960
python-keystonemiddleware_10.12.0-0ubuntu1.1.dsc 3.7 KiB 77f22ad6adbd2002ffb87eb59b6235f7018c599a8c428f784506adb9c8bbb0c0

View changes file

Binary packages built by this source

python-keystonemiddleware-doc: Middleware for OpenStack Identity (Keystone) - doc

 This package contains middleware modules designed to provide authentication
 and authorization features to web services other than Keystone. The most
 prominent module is keystonemiddleware.auth_token. This package does not
 expose any CLI or Python API features.
 .
 This package contains the documentation.

python3-keystonemiddleware: Middleware for OpenStack Identity (Keystone) - Python 3.x

 This package contains middleware modules designed to provide authentication
 and authorization features to web services other than Keystone. The most
 prominent module is keystonemiddleware.auth_token. This package does not
 expose any CLI or Python API features.
 .
 This package contains the Python 3.x module.