Login
Newsletter
Werbung

Sicherheit: Preisgabe von Informationen in Nova
Aktuelle Meldungen Distributionen
Name: Preisgabe von Informationen in Nova
ID: USN-1247-1
Distribution: Ubuntu
Plattformen: Ubuntu 11.10
Datum: Mi, 26. Oktober 2011, 14:32
Referenzen: http://www.ubuntu.com/usn/usn-1247-1
Applikationen: Nova

Originalnachricht


--===============1239354307589148054==
Content-Type: multipart/signed; micalg="pgp-sha512";
protocol="application/pgp-signature";
boundary="=-rv28rP1luvCYoJg4eKCP"


--=-rv28rP1luvCYoJg4eKCP
Content-Type: text/plain; charset="UTF-8
Content-Transfer-Encoding: quoted-printable

==========================================================================
Ubuntu Security Notice USN-1247-1
October 25, 2011

nova vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 11.10

Summary:

Nova could be made to expose sensitive information.

Software Description:
- nova: OpenStack Compute cloud infrastructure

Details:

An information leak was discovered in Nova. An attacker with access to a
valid EC2_ACCESS_KEY could obtain the corresponding EC2_SECRET_KEY for that
user.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 11.10:
python-nova 2011.3-0ubuntu6.2

In general, a standard system update will make all the necessary changes.

References:
http://www.ubuntu.com/usn/usn-1247-1
https://launchpad.net/bugs/868360

Package Information:
https://launchpad.net/ubuntu/+source/nova/2011.3-0ubuntu6.2



--Ûv28rP1luvCYoJg4eKCP
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: This is a digitally signed message part
Content-Transfer-Encoding: 7bit

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)

iQIcBAABCgAGBQJOpvSnAAoJEFHb3FjMVZVzJecP/2IofmaB6P+sobC8BM8MiSWA
TnuShy2BhkzueY5CUZEdnKnzGSX6EeVNJApaafy64O39NkHH0rx6KSY165qVUfVJ
q8C+icLPFQjvDIfhoMK6eFSPmXJJ65KzL5NvHh+Dc1XU/VawvE97QZULOZJjQCdd
l8dRs4m2D/jfrzQe0xWdbX6iuvLO+Aj00U6zWmtqh/pvow1BS2I0V2sgKFdcAkq2
9YSW4ZAESN+ZeoIrHchqMvL0FiJzY33Vlf0gK+Vxb/W+yJUDKxWYWEGKq0J9rq2p
5ugUH6lNwj346v6zKahim3aav3C9CxeBVRVbZgMmBeFLH3DY/Igp6HLBuuPXAabj
+t7szemiFzHraqmOl45s2aVAftnOjHhiGM5WOMIXJBHOnRIvyILNOSKbQC4Fbde2
YkW8ipmg49sDP0Go9sA880NQi49aMxXiNAmxiADSlk6zO9hebSQKCHONrLafyspi
SbRGAVVy9ycho3RvI6a53e52ZSmyAZUCVg39GTMgJ5SGlVGt5Q2WT5xa3/po62T4
TeBSGuzvySr70gb4vt9/jMqmNSzXhzqYcSPG00SMehsyRy/h3gHQRKGc3UICqutD
85CTbJ8l70Y2BHssrDWPHIRtD552V9cP2yQKPo9j08fDckgwYhKYfajnmqNt6dZb
HI1WXi+pRgtKwxB5c4Nf
=9JJY
-----END PGP SIGNATURE-----

--=-rv28rP1luvCYoJg4eKCP--



--===============1239354307589148054==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

--
ubuntu-security-announce mailing list
ubuntu-security-announce@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce

--===============1239354307589148054==--
Pro-Linux
Pro-Linux @Twitter
Neue Nachrichten
Werbung