RedHatRHSA-2015:2685(RHSA-2015:2685) Important: openstack-ironic-discoverd security update
EPSS
Percentile
79.5%
OpenStack Bare Metal (ironic) is a tool used to provision bare metal
(as opposed to virtual) machines. It leverages common technologies such
as PXE boot and IPMI to cover a wide range of hardware. It also supports
pluggable drivers to allow added, vendor-specific functionality.
It was discovered that enabling debug mode in openstack-ironic-discoverd
also enabled debug mode in the underlying Flask framework. If errors were
encountered while Flask was in debug mode, a user experiencing an error
might be able to access the debug console (effectively, a command shell).
(CVE-2015-5306)
Please note that this package is a Technology Preview and should not be
used in production.
All openstack-ironic-discoverd users are advised to upgrade to these
updated packages, which correct this issue.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| RedHat | 7 | noarch | openstack-ironic-discoverd | < 0.2.5-2.el7ost | openstack-ironic-discoverd-0.2.5-2.el7ost.noarch.rpm |
| RedHat | 7 | src | openstack-ironic-discoverd | < 0.2.5-2.el7ost | openstack-ironic-discoverd-0.2.5-2.el7ost.src.rpm |
Related
