drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Überschreiben von Dateien in Nova
Name: |
Überschreiben von Dateien in Nova |
|
ID: |
USN-1545-1 |
|
Distribution: |
Ubuntu |
|
Plattformen: |
Ubuntu 11.10, Ubuntu 12.04 LTS |
|
Datum: |
Do, 23. August 2012, 10:51 |
|
Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3361
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3447 |
|
Applikationen: |
Nova |
|
Originalnachricht |
--===============7623149717221058172== Content-Type: multipart/signed; micalg="pgp-sha512"; protocol="application/pgp-signature"; boundary="=-otIrjrKyqnpPLDAKTjwq"
--=-otIrjrKyqnpPLDAKTjwq Content-Type: text/plain; charset="UTF-8 Content-Transfer-Encoding: quoted-printable
========================================================================== Ubuntu Security Notice USN-1545-1 August 22, 2012
nova vulnerability ==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 12.04 LTS - Ubuntu 11.10
Summary:
Nova could be made to overwrite or corrupt arbitrary files in the compute host file system.
Software Description: - nova: OpenStack Compute cloud infrastructure
Details:
Padraig Brady discovered that the fix for CVE-2012-3361 was incomplete and an authenticated user could still corrupt arbitrary files on the host running Nova. A remote attacker could use this to cause a denial of service or possibly gain privileges.
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 12.04 LTS: python-nova 2012.1+stable~20120612-3ee026e-0ubuntu1.3
Ubuntu 11.10: python-nova 2011.3-0ubuntu6.10
In general, a standard system update will make all the necessary changes.
References: http://www.ubuntu.com/usn/usn-1545-1 CVE-2012-3447
Package Information: https://launchpad.net/ubuntu/+source/nova/2012.1+stable~20120612-3ee026e-0ubuntu1.3 https://launchpad.net/ubuntu/+source/nova/2011.3-0ubuntu6.10
--ØtIrjrKyqnpPLDAKTjwq Content-Type: application/pgp-signature; name="signature.asc" Content-Description: This is a digitally signed message part Content-Transfer-Encoding: 7bit
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux)
iQIcBAABCgAGBQJQNTEHAAoJEFHb3FjMVZVztSwQALTe4PffSKPHajnzseft6r0u FCYsW/CnB4yyf5lY6AtzfAlYN9PDAgFyKQcIBKv1EI4dM4lZDCVDdAzohf0skhZb 67tPBnPeI5c4ih0/9/r0X9UzEgp8g5hargSb7IaSkfa84mwx1DjBMsOPfIyfvcVM IYAVbBiCS/Wto/FC10n/x++Ow2znSl/MU4Iq98qAeuJgPZ0VjRa1VxqtYpBJ1xLh DHbOvUNywym1I3DHXngMhTETxPSei0VaWxRiIZY0dBZMoEv3YonagWjJodhv5ovk /1BbXppxNmDPO7FENnOEQcSp60w6+lIqI/urf+p7ee+WDcwRxb6yYR0cSdoklM0o 1oRIhMTxuA1FXdoekPaJKISMq/26RrkQC8FewtYmogS2svekRtoIVBZh8C04QLUh 7MQRqg4n/gcOGFjFvODJqVqsFqeDY6dk+uwbQXkYDYMbYnhGeVMu2oLmiKzydOj2 CODIFkCfxT4r8N9rImhUqgkelww1jwcFITuD+2mQQDzh/V1ez9tpxKKFlYkYTHNn 7l7jhC0MwewkgMrSyz4JZfsDMCFdFPZVnOPEcDPe+YxSguNwOa8YoGOLpQD3P4fu 5u84AerophaRQry7vpbiWj2EUSdwhiR+p+/9Sa7tz4G198KpdYUjExJPG/dX/Vb6 ThvssZG//jYzL8Lh9rTB =d69+ -----END PGP SIGNATURE-----
--=-otIrjrKyqnpPLDAKTjwq--
--===============7623149717221058172== Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline
-- ubuntu-security-announce mailing list ubuntu-security-announce@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce
--===============7623149717221058172==--
|
|
|
|