drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Preisgabe von Informationen in Oslo
| Name: |
Preisgabe von Informationen in Oslo |
|
| ID: |
USN-3666-1 |
|
| Distribution: |
Ubuntu |
|
| Plattformen: |
Ubuntu 16.04 LTS |
|
| Datum: |
Fr, 1. Juni 2018, 07:16 |
|
| Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2592 |
|
| Applikationen: |
Oslo |
|
Originalnachricht |
--===============5877917463750685308==
Content-Type: multipart/signed; micalg=pgp-sha512;
protocol="application/pgp-signature";
boundary="69pVuxX8awAiJ7fD"
Content-Disposition: inline
--69pVuxX8awAiJ7fD
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
==========================================================================
Ubuntu Security Notice USN-3666-1
May 31, 2018
python-oslo.middleware vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 16.04 LTS
Summary:
Applications using Oslo middleware could be made to expose sensitive
information.
Software Description:
- python-oslo.middleware: WSGI middleware components for OpenStack
Details:
Divya K Konoor discovered Oslo middleware was vulnerable to an information
disclosure. A local attacker could exploit this flaw to obtain sensitive
information from OpenStack component error logs.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 16.04 LTS:
python-oslo.middleware 3.8.0-2ubuntu1
python-oslo.middleware-doc 3.8.0-2ubuntu1
After a standard system update you need to restart OpenStack services to
make all the necessary changes.
References:
https://usn.ubuntu.com/usn/usn-3666-1
CVE-2017-2592, https://launchpad.net/bugs/1628031
Package Information:
https://launchpad.net/ubuntu/+source/python-oslo.middleware/3.8.0-2ubuntu1
--69pVuxX8awAiJ7fD
Content-Type: application/pgp-signature; name="signature.asc"
-----BEGIN PGP SIGNATURE-----
iQEzBAABCgAdFiEEQVAQ8bojyMcg37H18yFyWZ2NLpcFAlsQoUcACgkQ8yFyWZ2N
LpcwkQf9GAJeNmXaV9iHKnIZL3lAW1W3KGnZpkY9t1fholdaug7OI5M+9IdrNtXE
aOIeOsrQBW8Vs4OX4xHc62vVcaXz9+uk8XLaC83BYct89YPWdCcotMI4SqGOyzeg
dAKeAkZydcOSCDitndJ4VPYJEVMJCMVnZLJ2Vdv5QZdOMPLBvg5UgzAUFLQgpyff
axKmOwt/Avo2lfiFnP3HU4U3a8FO9zC+x21K0gruo9nswjroyHfNtEouflgztk1f
igizLDVbJ7solqJV+1QlOunY3AjnAo/dzKH8Ay1DLJKBvB6vkzHmvR8KbsCe1ftF
LNaEfjFkGCHr6jJTdXsy6jmU1qVqLw==
=BFnA
-----END PGP SIGNATURE-----
--69pVuxX8awAiJ7fD--
--===============5877917463750685308==
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: base64
Content-Disposition: inline
--
ubuntu-security-announce mailing list
ubuntu-security-announce@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce
|
|
|
|
