Grzegorz Grasza discovered that the Keystone Middleware incorrectly sanitized authentication headers before processing OAuth 2.0 tokens. An attacker could possibly use this issue to escalate privileges or impersonate other users.
10.6.0-0ubuntu1.110.12.0-0ubuntu1.1