drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Denial of Service in Nova
Name: |
Denial of Service in Nova |
|
ID: |
USN-1501-1 |
|
Distribution: |
Ubuntu |
|
Plattformen: |
Ubuntu 12.04 LTS |
|
Datum: |
Mi, 11. Juli 2012, 23:13 |
|
Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3371 |
|
Applikationen: |
Nova |
|
Originalnachricht |
--===============4155570622185792533== Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="uQr8t48UFsdbeI+V" Content-Disposition: inline
--uQr8t48UFsdbeI+V Content-Type: text/plain; charset=us-ascii Content-Disposition: inline
========================================================================== Ubuntu Security Notice USN-1501-1 July 11, 2012
nova vulnerability ==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 12.04 LTS
Summary:
Nova could be made to not respond if passed specially crafted input.
Software Description: - nova: OpenStack Compute cloud infrastructure
Details:
Dan Prince discovered that the Nova scheduler, when using DifferentHostFilter or SameHostFilter, would make repeated database instance lookup calls based on passed scheduler hints. An authenticated attacker could use this to cause a denial of service.
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 12.04 LTS: python-nova 2012.1+stable~20120612-3ee026e-0ubuntu1.2
In general, a standard system update will make all the necessary changes.
References: http://www.ubuntu.com/usn/usn-1501-1 CVE-2012-3371
Package Information: https://launchpad.net/ubuntu/+source/nova/2012.1+stable~20120612-3ee026e-0ubuntu1.2
--uQr8t48UFsdbeI+V Content-Type: application/pgp-signature; name="signature.asc" Content-Description: Digital signature
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux)
iQIcBAEBCgAGBQJP/bysAAoJEC8Jno0AXoH0wpoP/i5Wwe2X63MxSHeL0FGY3xaL xwyqz5z9pYSY2XvOhpqWDUUWnmCNV81soeioWfW0Yg7q5UM2gS2iVPaFBwXdNDuu xguYQOVRqBC3Q+n8aJIrnRbOVCvt7hV2OWwYdMl2lxQq9w9Z5Ubou0ILTJWZ5e4W 9Tq1NMrENJl5Oiw8UDuIclUNFlA6pqSI8adok2b24Sr6tkYjQ89sj6augoxpxdl3 UoDVbM9rCbQkrrxvB73JVuKfGYpO+I0/TXANGM+5+YBr34uBN4y1cPHi1lcTiloR epty69oy4FK+dtHPllHyy7i9KYnNLBatmpccZ3Zx+upxCAlu5Nc0XS5SKz7ThRCQ NfZ0LsErHRTZJOVn4dtoBp44QI5YdD7rzTKVzjAtxe4elUvYpYqojnvl5b9H+5Ih HULKBHjoZ0u1wC3PUv3CfgrXK9qKdGnJTIrDwBtPV2a0nGTEuSYqx5zS3sicFLTJ a7E7anlri9ko00bND1qvTKyNNA9vW4Beu+Y7gKFjHbEaK1p0UOYHd8ENJVArv3I/ BaIkkWz6nd7lvEf3/ie+8Q8zPMO4bI1Cjkkqgh2b9hKq48TR7H0w56fx7CFhsGKj Q+FPI2ChdX5CMNFAiKU3ujNBssWRT8sLwBP74UE6IS2ECggzs14mlL6uEu3CneGG 0TD80SfIan2R90DY3W+j =HRkl -----END PGP SIGNATURE-----
--uQr8t48UFsdbeI+V--
--===============4155570622185792533== Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline
-- ubuntu-security-announce mailing list ubuntu-security-announce@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce
--===============4155570622185792533==--
|
|
|
|