drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Preisgabe von Informationen in Oslo
Name: |
Preisgabe von Informationen in Oslo |
|
ID: |
USN-3666-1 |
|
Distribution: |
Ubuntu |
|
Plattformen: |
Ubuntu 16.04 LTS |
|
Datum: |
Fr, 1. Juni 2018, 07:16 |
|
Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2592 |
|
Applikationen: |
Oslo |
|
Originalnachricht |
--===============5877917463750685308== Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="69pVuxX8awAiJ7fD" Content-Disposition: inline
--69pVuxX8awAiJ7fD Content-Type: text/plain; charset=us-ascii Content-Disposition: inline
========================================================================== Ubuntu Security Notice USN-3666-1 May 31, 2018
python-oslo.middleware vulnerability ==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 16.04 LTS
Summary:
Applications using Oslo middleware could be made to expose sensitive information.
Software Description: - python-oslo.middleware: WSGI middleware components for OpenStack
Details:
Divya K Konoor discovered Oslo middleware was vulnerable to an information disclosure. A local attacker could exploit this flaw to obtain sensitive information from OpenStack component error logs.
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 16.04 LTS: python-oslo.middleware 3.8.0-2ubuntu1 python-oslo.middleware-doc 3.8.0-2ubuntu1
After a standard system update you need to restart OpenStack services to make all the necessary changes.
References: https://usn.ubuntu.com/usn/usn-3666-1 CVE-2017-2592, https://launchpad.net/bugs/1628031
Package Information: https://launchpad.net/ubuntu/+source/python-oslo.middleware/3.8.0-2ubuntu1
--69pVuxX8awAiJ7fD Content-Type: application/pgp-signature; name="signature.asc"
-----BEGIN PGP SIGNATURE-----
iQEzBAABCgAdFiEEQVAQ8bojyMcg37H18yFyWZ2NLpcFAlsQoUcACgkQ8yFyWZ2N LpcwkQf9GAJeNmXaV9iHKnIZL3lAW1W3KGnZpkY9t1fholdaug7OI5M+9IdrNtXE aOIeOsrQBW8Vs4OX4xHc62vVcaXz9+uk8XLaC83BYct89YPWdCcotMI4SqGOyzeg dAKeAkZydcOSCDitndJ4VPYJEVMJCMVnZLJ2Vdv5QZdOMPLBvg5UgzAUFLQgpyff axKmOwt/Avo2lfiFnP3HU4U3a8FO9zC+x21K0gruo9nswjroyHfNtEouflgztk1f igizLDVbJ7solqJV+1QlOunY3AjnAo/dzKH8Ay1DLJKBvB6vkzHmvR8KbsCe1ftF LNaEfjFkGCHr6jJTdXsy6jmU1qVqLw== =BFnA -----END PGP SIGNATURE-----
--69pVuxX8awAiJ7fD--
--===============5877917463750685308== Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: base64 Content-Disposition: inline
-- ubuntu-security-announce mailing list ubuntu-security-announce@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce
|
|
|
|