Lucene search

RedHatRHSA-2020:3406

HistoryAug 11, 2020 - 12:58 p.m.

(RHSA-2020:3406) Important: python-paunch and openstack-tripleo-heat-templates security update

2020-08-1112:58:05

access.redhat.com

python-paunch

openstack-tripleo-heat-templates

container management

openstack orchestration

security update

CVSS2

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:P/A:P

CVSS3

9.9

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

EPSS

0.001

Percentile

37.0%

JSON

Library and utility to launch and manage containers using YAML based configuration data.

openstack-tripleo-heat-templates is a collection of OpenStack Orchestration templates and tools (codename heat), which can be used to help deploy OpenStack.

Security Fix(es):

EMBARGOED CVE-2020-10731 openstack-tripleo-heat-templates: No sVirt protection for OSP16 VMs due to disabled SELinux (CVE-2020-10731)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page listed in the References section.

OSVersionArchitecturePackageVersionFilename
RedHat8noarchpython3-paunch< 5.3.2-0.20200320172310.ebc49c4.el8ostpython3-paunch-5.3.2-0.20200320172310.ebc49c4.el8ost.noarch.rpm
RedHat8noarchpaunch-services< 5.3.2-0.20200320172310.ebc49c4.el8ostpaunch-services-5.3.2-0.20200320172310.ebc49c4.el8ost.noarch.rpm
RedHat8noarchopenstack-tripleo-heat-templates< 11.3.2-0.20200405044628.ec9970c.el8ostopenstack-tripleo-heat-templates-11.3.2-0.20200405044628.ec9970c.el8ost.noarch.rpm

OS	Version	Architecture	Package	Version	Filename
RedHat	8	noarch	python3-paunch	< 5.3.2-0.20200320172310.ebc49c4.el8ost	python3-paunch-5.3.2-0.20200320172310.ebc49c4.el8ost.noarch.rpm
RedHat	8	noarch	paunch-services	< 5.3.2-0.20200320172310.ebc49c4.el8ost	paunch-services-5.3.2-0.20200320172310.ebc49c4.el8ost.noarch.rpm
RedHat	8	noarch	openstack-tripleo-heat-templates	< 11.3.2-0.20200405044628.ec9970c.el8ost	openstack-tripleo-heat-templates-11.3.2-0.20200405044628.ec9970c.el8ost.noarch.rpm

CVSS2

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:P/A:P

CVSS3

9.9

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

EPSS

0.001

Percentile

37.0%

JSON

Related for RHSA-2020:3406