Glance Exploit Fixed in Ubuntu 12.10 and Ubuntu 12.04

view story

http://news.softpedia.com – On November 8, Canonical published in a security notice details about a Glance vulnerability for its Ubuntu 12.10 (Quantal Quetzal) and Ubuntu 12.04 LTS (Precise Pangolin) operating systems. According to Canonical, Glance could have been made to delete arbitrary images. It was discovered that Glance had not always properly enforced access controls when deleting images. An authenticated user could have deleted arbitrary images by using the v1 API, under certain circums... (read more) (General)