------------------------------------------------------------------------- Debian LTS Advisory DLA-4366-1 debian-lts@lists.debian.org https://www.debian.org/lts/security/ Carlos Henrique Lima Melara November 07, 2025 https://wiki.debian.org/LTS ------------------------------------------------------------------------- Package : swift Version : 2.26.0-10+deb11u2 CVE ID : Debian Bug : 1120057 Swift, an object storage service, requires an update to work with keystone 2:18.1.0-1+deb11u2 which fixes a vulnerability in ec2tokens and s3tokens APIs. This version is backward-compatible with older keystone versions, but older versions of swift package will not work with the updated version of keystone. Therefore one is advised to first update swift and then proceed with the keystone update. For Debian 11 bullseye, this problem has been fixed in version 2.26.0-10+deb11u2. We recommend that you upgrade your swift packages. For the detailed security status of swift please refer to its security tracker page at: https://security-tracker.debian.org/tracker/swift Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS
Attachment:
signature.asc
Description: PGP signature