drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Preisgabe von Informationen in OpenStack
| Name: |
Preisgabe von Informationen in OpenStack |
|
| ID: |
SUSE-SU-2018:2576-1 |
|
| Distribution: |
SUSE |
|
| Plattformen: |
SUSE OpenStack Cloud 7 |
|
| Datum: |
Sa, 1. September 2018, 08:26 |
|
| Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14432 |
|
| Applikationen: |
OpenStack |
|
Originalnachricht |
SUSE Security Update: Security update for OpenStack
______________________________________________________________________________
Announcement ID: SUSE-SU-2018:2576-1
Rating: moderate
References: #1084724 #1095482 #1099902 #1100751 #1102151
Cross-References: CVE-2018-14432
Affected Products:
SUSE OpenStack Cloud 7
______________________________________________________________________________
An update that solves one vulnerability and has four fixes
is now available.
Description:
This update for OpenStack fixes the following issues:
The following security issue with openstack-keystone has been fixed:
- CVE-2018-14432: Reduce duplication in federated authentication APIs.
(bsc#1102151)
Additionally, the following non-security issues have been fixed:
openstack-dashboard:
- Fetch and show Cinder availability zones list during volume creation and
volume creation from image. (bsc#1100751)
openstack-heat:
- Add Trunk resource support.
openstack-horizon-plugin-designate-ui:
- Install all designate panels that are available.
openstack-nova:
- Stop _undefine_domain erroring if domain not found. (bsc#1099902)
- Fix Nova to allow using cinder v3 endpoint. (bsc#1095482)
python-os-vif:
- Check if interface belongs to a Linux Bridge before removing.
(bsc#1084724)
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation
methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- SUSE OpenStack Cloud 7:
zypper in -t patch SUSE-OpenStack-Cloud-7-2018-1808=1
Package List:
- SUSE OpenStack Cloud 7 (noarch):
openstack-dashboard-10.0.6~dev4-4.15.1
openstack-heat-7.0.7~dev10-5.12.1
openstack-heat-api-7.0.7~dev10-5.12.1
openstack-heat-api-cfn-7.0.7~dev10-5.12.1
openstack-heat-api-cloudwatch-7.0.7~dev10-5.12.1
openstack-heat-doc-7.0.7~dev10-5.12.1
openstack-heat-engine-7.0.7~dev10-5.12.1
openstack-heat-plugin-heat_docker-7.0.7~dev10-5.12.1
openstack-heat-test-7.0.7~dev10-5.12.1
openstack-horizon-plugin-designate-ui-3.0.2~dev1-3.6.1
openstack-keystone-10.0.3~dev9-7.12.1
openstack-keystone-doc-10.0.3~dev9-7.12.1
openstack-nova-14.0.11~dev13-4.25.1
openstack-nova-api-14.0.11~dev13-4.25.1
openstack-nova-cells-14.0.11~dev13-4.25.1
openstack-nova-cert-14.0.11~dev13-4.25.1
openstack-nova-compute-14.0.11~dev13-4.25.1
openstack-nova-conductor-14.0.11~dev13-4.25.1
openstack-nova-console-14.0.11~dev13-4.25.1
openstack-nova-consoleauth-14.0.11~dev13-4.25.1
openstack-nova-doc-14.0.11~dev13-4.25.1
openstack-nova-novncproxy-14.0.11~dev13-4.25.1
openstack-nova-placement-api-14.0.11~dev13-4.25.1
openstack-nova-scheduler-14.0.11~dev13-4.25.1
openstack-nova-serialproxy-14.0.11~dev13-4.25.1
openstack-nova-vncproxy-14.0.11~dev13-4.25.1
python-heat-7.0.7~dev10-5.12.1
python-horizon-10.0.6~dev4-4.15.1
python-horizon-plugin-designate-ui-3.0.2~dev1-3.6.1
python-keystone-10.0.3~dev9-7.12.1
python-nova-14.0.11~dev13-4.25.1
python-os-vif-1.2.1-3.3.1
References:
https://www.suse.com/security/cve/CVE-2018-14432.html
https://bugzilla.suse.com/1084724
https://bugzilla.suse.com/1095482
https://bugzilla.suse.com/1099902
https://bugzilla.suse.com/1100751
https://bugzilla.suse.com/1102151
_______________________________________________
sle-security-updates mailing list
sle-security-updates@lists.suse.com
http://lists.suse.com/mailman/listinfo/sle-security-updates
|
|
|
|
