A required header: date or alternate header: x-amz-date is never validated in the case where neither is specified This leads to a potential replay attack as the value should be within a 5 minute window from the server time.
Created openstack-swift-plugin-swift3 tracking bugs for this issue: Affects: fedora-all [bug 1290665]
openstack-swift-plugin-swift3-1.9-1.fc23 has been pushed to the Fedora 23 stable repository. If problems still persist, please make note of it in this bug report.
confirmed no longer affected pre-release