drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Denial of Service in Nova
| Name: |
Denial of Service in Nova |
|
| ID: |
USN-1501-1 |
|
| Distribution: |
Ubuntu |
|
| Plattformen: |
Ubuntu 12.04 LTS |
|
| Datum: |
Mi, 11. Juli 2012, 23:13 |
|
| Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3371 |
|
| Applikationen: |
Nova |
|
Originalnachricht |
--===============4155570622185792533==
Content-Type: multipart/signed; micalg=pgp-sha512;
protocol="application/pgp-signature";
boundary="uQr8t48UFsdbeI+V"
Content-Disposition: inline
--uQr8t48UFsdbeI+V
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
==========================================================================
Ubuntu Security Notice USN-1501-1
July 11, 2012
nova vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 12.04 LTS
Summary:
Nova could be made to not respond if passed specially crafted input.
Software Description:
- nova: OpenStack Compute cloud infrastructure
Details:
Dan Prince discovered that the Nova scheduler, when using
DifferentHostFilter or SameHostFilter, would make repeated database
instance lookup calls based on passed scheduler hints. An authenticated
attacker could use this to cause a denial of service.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 12.04 LTS:
python-nova 2012.1+stable~20120612-3ee026e-0ubuntu1.2
In general, a standard system update will make all the necessary changes.
References:
http://www.ubuntu.com/usn/usn-1501-1
CVE-2012-3371
Package Information:
https://launchpad.net/ubuntu/+source/nova/2012.1+stable~20120612-3ee026e-0ubuntu1.2
--uQr8t48UFsdbeI+V
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: Digital signature
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
iQIcBAEBCgAGBQJP/bysAAoJEC8Jno0AXoH0wpoP/i5Wwe2X63MxSHeL0FGY3xaL
xwyqz5z9pYSY2XvOhpqWDUUWnmCNV81soeioWfW0Yg7q5UM2gS2iVPaFBwXdNDuu
xguYQOVRqBC3Q+n8aJIrnRbOVCvt7hV2OWwYdMl2lxQq9w9Z5Ubou0ILTJWZ5e4W
9Tq1NMrENJl5Oiw8UDuIclUNFlA6pqSI8adok2b24Sr6tkYjQ89sj6augoxpxdl3
UoDVbM9rCbQkrrxvB73JVuKfGYpO+I0/TXANGM+5+YBr34uBN4y1cPHi1lcTiloR
epty69oy4FK+dtHPllHyy7i9KYnNLBatmpccZ3Zx+upxCAlu5Nc0XS5SKz7ThRCQ
NfZ0LsErHRTZJOVn4dtoBp44QI5YdD7rzTKVzjAtxe4elUvYpYqojnvl5b9H+5Ih
HULKBHjoZ0u1wC3PUv3CfgrXK9qKdGnJTIrDwBtPV2a0nGTEuSYqx5zS3sicFLTJ
a7E7anlri9ko00bND1qvTKyNNA9vW4Beu+Y7gKFjHbEaK1p0UOYHd8ENJVArv3I/
BaIkkWz6nd7lvEf3/ie+8Q8zPMO4bI1Cjkkqgh2b9hKq48TR7H0w56fx7CFhsGKj
Q+FPI2ChdX5CMNFAiKU3ujNBssWRT8sLwBP74UE6IS2ECggzs14mlL6uEu3CneGG
0TD80SfIan2R90DY3W+j
=HRkl
-----END PGP SIGNATURE-----
--uQr8t48UFsdbeI+V--
--===============4155570622185792533==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
--
ubuntu-security-announce mailing list
ubuntu-security-announce@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce
--===============4155570622185792533==--
|
|
|
|
