drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Denial of Service in Openstack Nova
| Name: |
Denial of Service in Openstack Nova |
|
| ID: |
USN-1438-1 |
|
| Distribution: |
Ubuntu |
|
| Plattformen: |
Ubuntu 11.10, Ubuntu 12.04 LTS |
|
| Datum: |
Fr, 4. Mai 2012, 06:45 |
|
| Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2101 |
|
| Applikationen: |
OpenStack |
|
Originalnachricht |
--===============7923456940062197529==
Content-Type: multipart/signed; micalg="pgp-sha512";
protocol="application/pgp-signature";
boundary="=-wEALWAR5qjhaurs/2Kp0"
--=-wEALWAR5qjhaurs/2Kp0
Content-Type: text/plain; charset="UTF-8
Content-Transfer-Encoding: quoted-printable
==========================================================================
Ubuntu Security Notice USN-1438-1
May 03, 2012
nova vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 12.04 LTS
- Ubuntu 11.10
Summary:
Nova could be made to crash the system under certain conditions.
Software Description:
- nova: OpenStack Compute cloud infrastructure
Details:
Dan Prince discovered that Nova did not enforce quotas for security groups
and rules added to security groups. An authenticated user could exploit
this to cause a denial of service.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 12.04 LTS:
python-nova 2012.1-0ubuntu2.1
Ubuntu 11.10:
python-nova 2011.3-0ubuntu6.6
In general, a standard system update will make all the necessary changes.
References:
http://www.ubuntu.com/usn/usn-1438-1
CVE-2012-2101
Package Information:
https://launchpad.net/ubuntu/+source/nova/2012.1-0ubuntu2.1
https://launchpad.net/ubuntu/+source/nova/2011.3-0ubuntu6.6
--ÐEALWAR5qjhaurs/2Kp0
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: This is a digitally signed message part
Content-Transfer-Encoding: 7bit
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
iQIcBAABCgAGBQJPoxDiAAoJEFHb3FjMVZVz5EoP/0bjzflh2I4KOkmGZ6XMOsRu
EoK6QBS2GLhP+Ht3sur7On+ZOWbRuQXNah7ThFvZDaG1gm6XEIHg2PJ33TzmHhdX
ggD3mCJrAnhV8Ti1ELe3+M7IeHxKaydOpjOYIV7kCj17GjuP318rzkK/Zgc5ytTs
u9aKzPiZhiewD8wR/YphK6g8vRvAl6IxYbJVZOsQS5Pl9mMm1M5Yrgo5RMef46JI
rMODszIUW3bJqXQupzBUKmImfvpDdWvq3fmy7UR8Uv+oqI8QCcyO7r3uVEHBFrUN
eX3mvZLpTrGKN3S2LksM5xUuGl5iAWZfR8C5fEsplvbdIrzygAgIzr0Pw53PE8k/
sQROvgbkIOO2vJneAChVVRNbbXQjpQti3P3Ycw+u5pVX7DX1G+dsr+dD8d3zFEtJ
osYT6t0g/4kAO+mTFdrJTzXsSil59gL2iF4uwW7yPItq6PGgb8/32K8WBycguOID
UI6mq+TuAm4TPXyfd6i11tOmghiUUVp5zKOoQewP1e1T49VU4WzK9lRtDd38cEIp
mbnvo+JQMYDx7CJiGun7Im3yZLWoMxTeL76pT0fwdQi8aX1NL7ZGi81c2qHeYK48
tGXMzUKbg+2DOQ0UIq+Crjguw6gcyNiFk0qC4PqY6uTI/evbuJU+L7+pHO0Yh4i+
nAQeDPqnFVNYXvGty2VL
=sj9r
-----END PGP SIGNATURE-----
--=-wEALWAR5qjhaurs/2Kp0--
--===============7923456940062197529==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
--
ubuntu-security-announce mailing list
ubuntu-security-announce@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce
--===============7923456940062197529==--
|
|
|
|
