drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Preisgabe von Informationen in OpenStack
Name: |
Preisgabe von Informationen in OpenStack |
|
ID: |
USN-2703-1 |
|
Distribution: |
Ubuntu |
|
Plattformen: |
Ubuntu 15.04 |
|
Datum: |
Do, 6. August 2015, 07:49 |
|
Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1851 |
|
Applikationen: |
OpenStack |
|
Originalnachricht |
--===============3314378412366019004== Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="dDRMvlgZJXvWKvBx" Content-Disposition: inline
--dDRMvlgZJXvWKvBx Content-Type: text/plain; charset=us-ascii Content-Disposition: inline
========================================================================== Ubuntu Security Notice USN-2703-1 August 06, 2015
cinder vulnerability ==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 15.04
Summary:
Cinder could be made to access unintended files over the network by an authenticated user.
Software Description: - cinder: OpenStack storage service
Details:
Bastian Blank discovered that Cinder guessed image formats based on untrusted data. An attacker could use this to read arbitrary files from the Cinder host.
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 15.04: python-cinder 1:2015.1.0-0ubuntu1.1
After a standard system update you need to restart cinder to make all the necessary changes.
References: http://www.ubuntu.com/usn/usn-2703-1 CVE-2015-1851
Package Information: https://launchpad.net/ubuntu/+source/cinder/1:2015.1.0-0ubuntu1.1
--dDRMvlgZJXvWKvBx Content-Type: application/pgp-signature; name="signature.asc" Content-Description: Digital signature
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iQEcBAEBAgAGBQJVwsuCAAoJEPMhclmdjS6X3iwH/0hXbu8wmTjigRvKWSuDE3an 9/d18nTHE/p8MEyj9VJ4ySuaKC3ZSSG4cOjPgITdkGeIPD+Et2ga9ST7p0n/1pFj i0AXmdn2ZVUO7eypHLYlNUMz9vliI3xMxdX9Z1F0TCd0vM/jwJmv7SssomM+9Apr bbFUMlmc/GbP0NdVZcTyCBBL1SOJi8SnSs3l1KhWMcjRPq2utNgVHntuF7ETI03U 6dpo2ZDIwyM+DTsZfMiJJ5Bb9jNNAIqSf3Pvb23YDpn0D8lSNhDultOQGlqu3aHe YrMBRW0/755iPltRFgU3+t06rDjnVOQNZMGg/pOmj25e0zpyBy8cNtIaiVH7+Ps= =KIic -----END PGP SIGNATURE-----
--dDRMvlgZJXvWKvBx--
--===============3314378412366019004== Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline
-- ubuntu-security-announce mailing list ubuntu-security-announce@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce
--===============3314378412366019004==--
|
|
|
|