drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Denial of Service in Openstack Nova
Name: |
Denial of Service in Openstack Nova |
|
ID: |
USN-1438-1 |
|
Distribution: |
Ubuntu |
|
Plattformen: |
Ubuntu 11.10, Ubuntu 12.04 LTS |
|
Datum: |
Fr, 4. Mai 2012, 06:45 |
|
Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2101 |
|
Applikationen: |
OpenStack |
|
Originalnachricht |
--===============7923456940062197529== Content-Type: multipart/signed; micalg="pgp-sha512"; protocol="application/pgp-signature"; boundary="=-wEALWAR5qjhaurs/2Kp0"
--=-wEALWAR5qjhaurs/2Kp0 Content-Type: text/plain; charset="UTF-8 Content-Transfer-Encoding: quoted-printable
========================================================================== Ubuntu Security Notice USN-1438-1 May 03, 2012
nova vulnerability ==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 12.04 LTS - Ubuntu 11.10
Summary:
Nova could be made to crash the system under certain conditions.
Software Description: - nova: OpenStack Compute cloud infrastructure
Details:
Dan Prince discovered that Nova did not enforce quotas for security groups and rules added to security groups. An authenticated user could exploit this to cause a denial of service.
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 12.04 LTS: python-nova 2012.1-0ubuntu2.1
Ubuntu 11.10: python-nova 2011.3-0ubuntu6.6
In general, a standard system update will make all the necessary changes.
References: http://www.ubuntu.com/usn/usn-1438-1 CVE-2012-2101
Package Information: https://launchpad.net/ubuntu/+source/nova/2012.1-0ubuntu2.1 https://launchpad.net/ubuntu/+source/nova/2011.3-0ubuntu6.6
--ÐEALWAR5qjhaurs/2Kp0 Content-Type: application/pgp-signature; name="signature.asc" Content-Description: This is a digitally signed message part Content-Transfer-Encoding: 7bit
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux)
iQIcBAABCgAGBQJPoxDiAAoJEFHb3FjMVZVz5EoP/0bjzflh2I4KOkmGZ6XMOsRu EoK6QBS2GLhP+Ht3sur7On+ZOWbRuQXNah7ThFvZDaG1gm6XEIHg2PJ33TzmHhdX ggD3mCJrAnhV8Ti1ELe3+M7IeHxKaydOpjOYIV7kCj17GjuP318rzkK/Zgc5ytTs u9aKzPiZhiewD8wR/YphK6g8vRvAl6IxYbJVZOsQS5Pl9mMm1M5Yrgo5RMef46JI rMODszIUW3bJqXQupzBUKmImfvpDdWvq3fmy7UR8Uv+oqI8QCcyO7r3uVEHBFrUN eX3mvZLpTrGKN3S2LksM5xUuGl5iAWZfR8C5fEsplvbdIrzygAgIzr0Pw53PE8k/ sQROvgbkIOO2vJneAChVVRNbbXQjpQti3P3Ycw+u5pVX7DX1G+dsr+dD8d3zFEtJ osYT6t0g/4kAO+mTFdrJTzXsSil59gL2iF4uwW7yPItq6PGgb8/32K8WBycguOID UI6mq+TuAm4TPXyfd6i11tOmghiUUVp5zKOoQewP1e1T49VU4WzK9lRtDd38cEIp mbnvo+JQMYDx7CJiGun7Im3yZLWoMxTeL76pT0fwdQi8aX1NL7ZGi81c2qHeYK48 tGXMzUKbg+2DOQ0UIq+Crjguw6gcyNiFk0qC4PqY6uTI/evbuJU+L7+pHO0Yh4i+ nAQeDPqnFVNYXvGty2VL =sj9r -----END PGP SIGNATURE-----
--=-wEALWAR5qjhaurs/2Kp0--
--===============7923456940062197529== Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline
-- ubuntu-security-announce mailing list ubuntu-security-announce@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce
--===============7923456940062197529==--
|
|
|
|