Ubuntu Security Notice 4480-1 - It was discovered that OpenStack Keystone incorrectly handled EC2 credentials. An authenticated attacker with a limited scope could possibly create EC2 credentials with escalated permissions. It was discovered that OpenStack Keystone incorrectly handled the list of roles provided with OAuth1 access tokens. An authenticated user could possibly end up with more role assignments than intended. Various other issues were also addressed.
3c08db6e10cf95d2fc1612319b52e834023d3ffc4661cd1510fa0ef8a2b277f3