CVE descriptions talk about the vulnerability, not the patch. Proposed final wording:
----------------------------------
Title: Swift Denial of Service using superfluous object tombstones
Reporter: Peter Portante (Red Hat)
Products: Swift
Affects: All versions
Description:
Peter Portante from Red Hat reported a vulnerability in Swift. By issuing requests with an old X-Timestamp value, an authenticated attacker can fill an object server with superfluous object tombstones, which may significantly slow down subsequent requests to that object server, facilitating a Denial of Service attack against Swift clusters.
----------------------------------
I'll request the CVE once we get nearer to an acceptable patch.
CVE descriptions talk about the vulnerability, not the patch. Proposed final wording:
------- ------- ------- ------- ------
Title: Swift Denial of Service using superfluous object tombstones
Reporter: Peter Portante (Red Hat)
Products: Swift
Affects: All versions
Description: ------- ------- ------- ------
Peter Portante from Red Hat reported a vulnerability in Swift. By issuing requests with an old X-Timestamp value, an authenticated attacker can fill an object server with superfluous object tombstones, which may significantly slow down subsequent requests to that object server, facilitating a Denial of Service attack against Swift clusters.
-------
I'll request the CVE once we get nearer to an acceptable patch.