drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Überschreiben von Dateien in Nova
| Name: |
Überschreiben von Dateien in Nova |
|
| ID: |
USN-1545-1 |
|
| Distribution: |
Ubuntu |
|
| Plattformen: |
Ubuntu 11.10, Ubuntu 12.04 LTS |
|
| Datum: |
Do, 23. August 2012, 10:51 |
|
| Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3361
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3447 |
|
| Applikationen: |
Nova |
|
Originalnachricht |
--===============7623149717221058172==
Content-Type: multipart/signed; micalg="pgp-sha512";
protocol="application/pgp-signature";
boundary="=-otIrjrKyqnpPLDAKTjwq"
--=-otIrjrKyqnpPLDAKTjwq
Content-Type: text/plain; charset="UTF-8
Content-Transfer-Encoding: quoted-printable
==========================================================================
Ubuntu Security Notice USN-1545-1
August 22, 2012
nova vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 12.04 LTS
- Ubuntu 11.10
Summary:
Nova could be made to overwrite or corrupt arbitrary files in the compute
host file system.
Software Description:
- nova: OpenStack Compute cloud infrastructure
Details:
Padraig Brady discovered that the fix for CVE-2012-3361 was incomplete and
an authenticated user could still corrupt arbitrary files on the host
running Nova. A remote attacker could use this to cause a denial of service
or possibly gain privileges.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 12.04 LTS:
python-nova 2012.1+stable~20120612-3ee026e-0ubuntu1.3
Ubuntu 11.10:
python-nova 2011.3-0ubuntu6.10
In general, a standard system update will make all the necessary changes.
References:
http://www.ubuntu.com/usn/usn-1545-1
CVE-2012-3447
Package Information:
https://launchpad.net/ubuntu/+source/nova/2012.1+stable~20120612-3ee026e-0ubuntu1.3
https://launchpad.net/ubuntu/+source/nova/2011.3-0ubuntu6.10
--ØtIrjrKyqnpPLDAKTjwq
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: This is a digitally signed message part
Content-Transfer-Encoding: 7bit
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
iQIcBAABCgAGBQJQNTEHAAoJEFHb3FjMVZVztSwQALTe4PffSKPHajnzseft6r0u
FCYsW/CnB4yyf5lY6AtzfAlYN9PDAgFyKQcIBKv1EI4dM4lZDCVDdAzohf0skhZb
67tPBnPeI5c4ih0/9/r0X9UzEgp8g5hargSb7IaSkfa84mwx1DjBMsOPfIyfvcVM
IYAVbBiCS/Wto/FC10n/x++Ow2znSl/MU4Iq98qAeuJgPZ0VjRa1VxqtYpBJ1xLh
DHbOvUNywym1I3DHXngMhTETxPSei0VaWxRiIZY0dBZMoEv3YonagWjJodhv5ovk
/1BbXppxNmDPO7FENnOEQcSp60w6+lIqI/urf+p7ee+WDcwRxb6yYR0cSdoklM0o
1oRIhMTxuA1FXdoekPaJKISMq/26RrkQC8FewtYmogS2svekRtoIVBZh8C04QLUh
7MQRqg4n/gcOGFjFvODJqVqsFqeDY6dk+uwbQXkYDYMbYnhGeVMu2oLmiKzydOj2
CODIFkCfxT4r8N9rImhUqgkelww1jwcFITuD+2mQQDzh/V1ez9tpxKKFlYkYTHNn
7l7jhC0MwewkgMrSyz4JZfsDMCFdFPZVnOPEcDPe+YxSguNwOa8YoGOLpQD3P4fu
5u84AerophaRQry7vpbiWj2EUSdwhiR+p+/9Sa7tz4G198KpdYUjExJPG/dX/Vb6
ThvssZG//jYzL8Lh9rTB
=d69+
-----END PGP SIGNATURE-----
--=-otIrjrKyqnpPLDAKTjwq--
--===============7623149717221058172==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
--
ubuntu-security-announce mailing list
ubuntu-security-announce@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce
--===============7623149717221058172==--
|
|
|
|
