drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Denial of Service in OpenStack
Name: |
Denial of Service in OpenStack |
|
ID: |
USN-4036-1 |
|
Distribution: |
Ubuntu |
|
Plattformen: |
Ubuntu 16.04 LTS, Ubuntu 18.10 |
|
Datum: |
Di, 25. Juni 2019, 23:12 |
|
Referenzen: |
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9735 |
|
Applikationen: |
OpenStack |
|
Originalnachricht |
This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --===============2854368586024869923== Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="qQuQJC4E82XmPV64ZcfbTErVJwgvYwPqI"
This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --qQuQJC4E82XmPV64ZcfbTErVJwgvYwPqI Content-Type: multipart/mixed; boundary="Z8EtGOPIKoD3xOEHYYZs7cVg5jTNMmkra"; protected-headers="v1" From: Marc Deslauriers <marc.deslauriers@canonical.com> Reply-To: Ubuntu Security <security@ubuntu.com> To: ubuntu-security-announce@lists.ubuntu.com Message-ID: <88730a36-199c-ccbc-ceee-e7b809f6fbee@canonical.com> Subject: [USN-4036-1] OpenStack Neutron vulnerability
--Z8EtGOPIKoD3xOEHYYZs7cVg5jTNMmkra Content-Type: text/plain; charset=utf-8 Content-Language: en-C Content-Transfer-Encoding: quoted-printable
========================================================================== Ubuntu Security Notice USN-4036-1 June 25, 2019
neutron vulnerability ==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 18.10 - Ubuntu 16.04 LTS
Summary:
A system hardening measure could be bypassed.
Software Description: - neutron: OpenStack Virtual Network Service
Details:
Erik Olof Gunnar Andersson discovered that OpenStack Neutron incorrectly handled certain security group rules in the iptables firewall module. An authenticated attacker could possibly use this issue to block further application of security group rules for other instances.
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 18.10: python-neutron 2:13.0.2-0ubuntu3.4 python3-neutron 2:13.0.2-0ubuntu3.4
Ubuntu 16.04 LTS: python-neutron 2:8.4.0-0ubuntu7.4
In general, a standard system update will make all the necessary changes.
References: https://usn.ubuntu.com/4036-1 CVE-2019-9735
Package Information: https://launchpad.net/ubuntu/+source/neutron/2:13.0.2-0ubuntu3.4 https://launchpad.net/ubuntu/+source/neutron/2:8.4.0-0ubuntu7.4
--Z8EtGOPIKoD3xOEHYYZs7cVg5jTNMmkra--
--qQuQJC4E82XmPV64ZcfbTErVJwgvYwPqI Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc"
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEUMSg3c8x5FLOsZtRZWnYVadEvpMFAl0SJLIACgkQZWnYVadE vpPezA//fpQ8neIwx7H5Fy9ULTZ9TgkX+FY0fukMQweu0FoMptDbW9JyHGZYBlfi 6xHzqOhGjPFS+GtWOTpIWpJaDZc6iTjJzAgfWlkn/lZlCVxMBGYN1fBxMW5heF5m ENQ2sKbiOoxCasXn6pTxj0C9JmNpk54LEGjLMzYn3HXS3g4ZU9pjgOrW47kTUfnX 0m9pK9iiKgZ7XAj1Pwd8hTlzTze0SRgFGecbmJy7Izq82X6VVyOBPJoiTn1ZOKXX Rh3w/wODIttoM8p1GlZIgI2CQ2gbdNTDB8Jzy/iphQ/q01Kg89COFZoc5noYEeP4 Pbyymjd++7/ukbu8fJW7trq3ivK3NREId8HHoIkJQj6vPE5lG7kYYtWGYGBM9Y7N ub4dQyVkj3a7MM1bXPIFiz8vy8jdb8r7Jeg53fKFmMKpdlqKyUH4zr4w3bWMKmlL qjlS16CsT6wiUWo6OAUCa9844km4bIDp3197WgxizVLSJ2b7Kjk9wEkKEWOtFJAF HPSQzPuAmW+9OurIT7qGAv/FU7exGOoXc1XsdGGDoFx6HvzHqANBAFmFPp+TKlt7 ruozG6K7iwGgvK5AXkoP7PGb2g+Eh8kvDy7qxS3+AuMiX4cHqGTrGY/jPO5a+mlE 79nqnL3MhRF0ndOaCGswnX9vXoMcN4/JjuC2+ICezJwCwcPP6qs= =fuFL -----END PGP SIGNATURE-----
--qQuQJC4E82XmPV64ZcfbTErVJwgvYwPqI--
--===============2854368586024869923== Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: base64 Content-Disposition: inline
LS0gCnVidW50dS1zZWN1cml0eS1hbm5vdW5jZSBtYWlsaW5nIGxpc3QKdWJ1bnR1LXNlY3VyaXR5 LWFubm91bmNlQGxpc3RzLnVidW50dS5jb20KTW9kaWZ5IHNldHRpbmdzIG9yIHVuc3Vic2NyaWJl IGF0OiBodHRwczovL2xpc3RzLnVidW50dS5jb20vbWFpbG1hbi9saXN0aW5mby91YnVudHUtc2Vj dXJpdHktYW5ub3VuY2UK
--===============2854368586024869923==--
|
|
|
|