OracleLinuxELSA-2019-0597cloud-init security update
5.1 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1.9 Low
CVSS2
Access Vector
LOCAL
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:L/AC:M/Au:N/C:N/I:P/A:N
0.001 Low
EPSS
Percentile
21.4%
[18.2-1.0.1]
- add modified version of enable-ec2_utils-to-stop-retrying-to-get-ec2-metadata.patch for 18.2:
- Enable ec2_utils.py having a way to stop retrying to get ec2 metadata
- Apply stop retrying to get ec2 metadata to helper/openstack.py MetadataReader
Resolves: Oracle-Bug:41660 (Bugzilla)
[18.2-1.el7_6.2]
- ci-azure-Filter-list-of-ssh-keys-pulled-from-fabric.patch [bz#1684038]
- Resolves: bz#1684038
(EMBARGOED cloud-init: wrong list of ssh keys added to authorized_keys [rhel-7.6.z])
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| oracle linux | 7 | src | cloud-init | < 18.2-1.0.1.el7_6.2 | cloud-init-18.2-1.0.1.el7_6.2.src.rpm |
| oracle linux | 7 | aarch64 | cloud-init | < 18.2-1.0.1.el7_6.2 | cloud-init-18.2-1.0.1.el7_6.2.aarch64.rpm |
| oracle linux | 7 | src | cloud-init | < 18.2-1.0.1.el7_6.2 | cloud-init-18.2-1.0.1.el7_6.2.src.rpm |
| oracle linux | 7 | x86_64 | cloud-init | < 18.2-1.0.1.el7_6.2 | cloud-init-18.2-1.0.1.el7_6.2.x86_64.rpm |
Related
5.1 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1.9 Low
CVSS2
Access Vector
LOCAL
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:L/AC:M/Au:N/C:N/I:P/A:N
0.001 Low
EPSS
Percentile
21.4%