Ubuntu
python-keystonemiddleware package

python-keystonemiddleware 10.6.0-0ubuntu1.1 source package in Ubuntu

Changelog

python-keystonemiddleware (10.6.0-0ubuntu1.1) noble-security; urgency=medium

  * SECURITY UPDATE: Privilege Escalation via Identity Headers in External
    OAuth2 Tokens
    - debian/patches/CVE-2026-22797.patch: sanitize incoming authentication
      headers in keystonemiddleware/external_oauth2_token.py,
      keystonemiddleware/tests/unit/test_external_oauth2_token_middleware.py.
    - CVE-2026-22797

 -- Marc Deslauriers <email address hidden>  Tue, 20 Jan 2026 14:16:52 -0500

Upload details

Uploaded by:
Marc Deslauriers
Uploaded to:
Noble
Original maintainer:
Ubuntu Developers
Architectures:
all
Section:
python
Urgency:
Medium Urgency

See full publishing history Publishing

Series Pocket Published Component Section
Noble updates main misc
Noble security main misc

Builds

Noble: [FULLYBUILT] amd64

Downloads

File Size SHA-256 Checksum
python-keystonemiddleware_10.6.0.orig.tar.gz 207.3 KiB 8b2389b08b333c98072cfe0c8683feadf417a38fba279197d77d101b2d8fa0e5
python-keystonemiddleware_10.6.0-0ubuntu1.1.debian.tar.xz 8.4 KiB 28f20942abfa3aa2805f46ca8316fc2498dc45a2e4035410c9cf4191f4ddd0f9
python-keystonemiddleware_10.6.0-0ubuntu1.1.dsc 3.6 KiB 2315dd6b592c9589460702a386fe56c53a5deff11ab54fd982b8a29b4d0c6484

View changes file

Binary packages built by this source

python-keystonemiddleware-doc: Middleware for OpenStack Identity (Keystone) - doc

 This package contains middleware modules designed to provide authentication
 and authorization features to web services other than Keystone. The most
 prominent module is keystonemiddleware.auth_token. This package does not
 expose any CLI or Python API features.
 .
 This package contains the documentation.

python3-keystonemiddleware: Middleware for OpenStack Identity (Keystone) - Python 3.x

 This package contains middleware modules designed to provide authentication
 and authorization features to web services other than Keystone. The most
 prominent module is keystonemiddleware.auth_token. This package does not
 expose any CLI or Python API features.
 .
 This package contains the Python 3.x module.