drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Preisgabe von Informationen in OpenStack
| Name: |
Preisgabe von Informationen in OpenStack |
|
| ID: |
USN-2703-1 |
|
| Distribution: |
Ubuntu |
|
| Plattformen: |
Ubuntu 15.04 |
|
| Datum: |
Do, 6. August 2015, 07:49 |
|
| Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1851 |
|
| Applikationen: |
OpenStack |
|
Originalnachricht |
--===============3314378412366019004==
Content-Type: multipart/signed; micalg=pgp-sha1;
protocol="application/pgp-signature";
boundary="dDRMvlgZJXvWKvBx"
Content-Disposition: inline
--dDRMvlgZJXvWKvBx
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
==========================================================================
Ubuntu Security Notice USN-2703-1
August 06, 2015
cinder vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 15.04
Summary:
Cinder could be made to access unintended files over the network by an
authenticated user.
Software Description:
- cinder: OpenStack storage service
Details:
Bastian Blank discovered that Cinder guessed image formats based on
untrusted data. An attacker could use this to read arbitrary files from
the Cinder host.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 15.04:
python-cinder 1:2015.1.0-0ubuntu1.1
After a standard system update you need to restart cinder to make all the
necessary changes.
References:
http://www.ubuntu.com/usn/usn-2703-1
CVE-2015-1851
Package Information:
https://launchpad.net/ubuntu/+source/cinder/1:2015.1.0-0ubuntu1.1
--dDRMvlgZJXvWKvBx
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: Digital signature
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQEcBAEBAgAGBQJVwsuCAAoJEPMhclmdjS6X3iwH/0hXbu8wmTjigRvKWSuDE3an
9/d18nTHE/p8MEyj9VJ4ySuaKC3ZSSG4cOjPgITdkGeIPD+Et2ga9ST7p0n/1pFj
i0AXmdn2ZVUO7eypHLYlNUMz9vliI3xMxdX9Z1F0TCd0vM/jwJmv7SssomM+9Apr
bbFUMlmc/GbP0NdVZcTyCBBL1SOJi8SnSs3l1KhWMcjRPq2utNgVHntuF7ETI03U
6dpo2ZDIwyM+DTsZfMiJJ5Bb9jNNAIqSf3Pvb23YDpn0D8lSNhDultOQGlqu3aHe
YrMBRW0/755iPltRFgU3+t06rDjnVOQNZMGg/pOmj25e0zpyBy8cNtIaiVH7+Ps=
=KIic
-----END PGP SIGNATURE-----
--dDRMvlgZJXvWKvBx--
--===============3314378412366019004==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
--
ubuntu-security-announce mailing list
ubuntu-security-announce@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce
--===============3314378412366019004==--
|
|
|
|
