PublicDateAtUSN: 2013-06-13
Candidate: CVE-2013-2161
PublicDate: 2013-08-20 22:55:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2161
 https://ubuntu.com/security/notices/USN-1887-1
Description:
 XML injection vulnerability in account/utils.py in OpenStack Swift Folsom,
 Grizzly, and Havana allows attackers to trigger invalid or spoofed Swift
 responses via an account name.
Ubuntu-Description:
Notes:
Bugs:
 https://bugs.launchpad.net/swift/+bug/1183884
Priority: low
Discovered-by: Alex Gaynor
Assigned-to: jdstrand
CVSS: 


Patches_swift:
 upstream: https://review.openstack.org/#/c/32911/ (folsom)
 upstream: https://review.openstack.org/#/c/32909/ (grizzly)
 upstream: https://review.openstack.org/#/c/32905/ (havana)
upstream_swift: pending (1.9.0)
lucid_swift: DNE
precise_swift: released (1.4.8-0ubuntu2.2)
quantal_swift: released (1.7.4-0ubuntu2.2)
raring_swift: released (1.8.0-0ubuntu1.2)
devel_swift: not-affected (1.9.1-0ubuntu1)