A DoS vulnerability in openstack-swift was reported. By repeatedly requesting and interrupting connections to a Large Object (Dynamic or Static) URL, a remote attacker may exhausts Swift proxy-server resources, potentially resulting in a denial of service. Affects versions: >=2.2.1 <= 2.3.0, >= 2.4.0 <= 2.5.0 There are two similar bugs, CVE-2016-0738 is for proxy to server connection.
Created attachment 1115108 [details] Master/mitaka patch
Created attachment 1115109 [details] Stable/kilo patch
Created attachment 1115112 [details] Stable/liberty patch
Created openstack-swift tracking bugs for this issue: Affects: fedora-all [bug 1300613]
This issue is now public.
openstack-swift-2.3.0-3.fc23 has been pushed to the Fedora 23 stable repository. If problems still persist, please make note of it in this bug report.
This issue has been addressed in the following products: OpenStack 6 for RHEL 7 Via RHSA-2016:0128 https://rhn.redhat.com/errata/RHSA-2016-0128.html
This issue has been addressed in the following products: OpenStack 5 for RHEL 7 Via RHSA-2016:0127 https://rhn.redhat.com/errata/RHSA-2016-0127.html
This issue has been addressed in the following products: OpenStack 5 for RHEL 6 Via RHSA-2016:0126 https://rhn.redhat.com/errata/RHSA-2016-0126.html
This issue has been addressed in the following products: OpenStack 7 For RHEL 7 Via RHSA-2016:0155 https://rhn.redhat.com/errata/RHSA-2016-0155.html
This issue has been addressed in the following products: Red Hat Gluster Storage 3.1 for RHEL 6 Via RHSA-2016:0329 https://rhn.redhat.com/errata/RHSA-2016-0329.html
This issue has been addressed in the following products: Red Hat Gluster Storage 3.1 for RHEL 7 Via RHSA-2016:0328 https://rhn.redhat.com/errata/RHSA-2016-0328.html