[SECURITY] [DLA 3678-1] horizon security update - CORRECTED ANNOUNCEMENT

Debian LTS Advisory DLA-3678-1 [email protected] https://www.debian.org/lts/security/ Guilhem Moulin December 30, 2023 https://wiki.debian.org/LTS Package : horizon Version : 3:14.0.2-3+deb10u3 CVE ID : CVE-2022-45582 NB: The original message sent included the wrong DLA reference ID. Th...

The vulnerability of the python-eventlet library used by the OpenStack Platform for building cloud solutions allows a attacker to cause service failures.

The vulnerability of the python-eventlet library used by the OpenStack Platform for building cloud solutions is related to improper cleaning or release of resources. Exploiting this vulnerability can allow a malicious actor to cause service failures...

Virtuozzo Hybrid Infrastructure 6.0 (6.0.0-243)

In this release, Virtuozzo Hybrid Infrastructure provides an upgrade of the Linux distribution, kernel, and toolset packages. This release also contains a range of new features that cover storage performance, object storage, as well as monitoring and alerts. Additionally, this release delivers...

Important: Red Hat Security Advisory: Red Hat OpenStack Platform 17.1.1 (python-gevent) security update

An update for python-gevent is now available for Red Hat OpenStack Platform 17.1.1. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

The vulnerability of the Oslo.privsep component in the cloud computing platform Openstack, related to insecure management of privileges, allows a perpetrator to escalate their privileges.

The vulnerability of the Oslo.privsep component in the OpenStack cloud service platform is related to insecure management of privileges. Exploiting this vulnerability could allow a malicious actor to increase their privileges remotely...

PT-2023-8846

Name of the Vulnerable Software and Affected Versions OpenStack Designate affected versions not specified Description An access-control flaw was found in the OpenStack Designate component where private configuration information, including access keys to BIND, were improperly made world readable. ...

Moderate: Red Hat Security Advisory: Red Hat OpenStack Platform 16.2 (openstack-barbican) security update

An update for openstack-barbican is now available for Red Hat OpenStack Platform 16.2 Train. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

openstack-barbican: Insecure Barbican configuration file leaking credential

A credentials leak flaw was found in OpenStack Barbican. This flaw allows a local authenticated attacker to read the configuration file, gaining access to sensitive credentials...

Debian dla-3629 : ceph - security update

The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3629 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3629-1 [email protected]...

Important: Red Hat Security Advisory: Red Hat OpenStack Platform 17.1.1 (director-operator) security update

An update for osp-director-agent-container, osp-director-downloader-container, osp-director-operator-bundle-container, and osp-director-operator-container is now available for Red Hat OpenStack Platform 17.1.1. Red Hat Product Security has rated this update as having a security impact of Importan...

Important: Red Hat Security Advisory: Red Hat OpenStack Platform 16.2.5 (collectd-libpod-stats) security update

An update for collectd-libpod-stats is now available for Red Hat OpenStack Platform 16.2.5 Train. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available fo...

Important: Red Hat Security Advisory: Red Hat OpenStack Platform 16.2.5 (collectd-libpod-stats, etcd) security update

An update for collectd-libpod-stats and etcd is now available for Red Hat OpenStack Platform 16.2.5 Train. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

Important: Red Hat Security Advisory: Red Hat OpenStack Platform 16.1.9 (collectd-libpod-stats, etcd) security update

An update for collectd-libpod-stats and etcd is now available for Red Hat OpenStack Platform 16.1.9 Train. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

Important: Red Hat Security Advisory: Red Hat OpenStack Platform 17.1.1 (collectd-libpod-stats) security update

An update for collectd-libpod-stats is now available for Red Hat OpenStack Platform 17.1.1. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

Important: Red Hat Security Advisory: Red Hat OpenStack Platform 17.1.1 security update

An update for collectd-libpod-stats, etcd, and python-octavia-tests-tempest is now available for Red Hat OpenStack Platform 17.1.1. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detaile...

Important: Red Hat Security Advisory: Red Hat OpenStack Platform 16.2.5 security update

An update for osp-director-agent-container, osp-director-downloader-container, osp-director-operator-bundle-container, and osp-director-operator-container is now available for Red Hat OpenStack Platform 16.2.5. Red Hat Product Security has rated this update as having a security impact of Importan...

GHSA-5836-GRCC-8J89 OpenStack Heat information leak vulnerability

An information leak was discovered in OpenStack heat. This issue could allow a remote, authenticated attacker to use the 'stack show' command to reveal parameters which are supposed to remain hidden. This has a low impact to the confidentiality, integrity, and availability of the system...

OpenStack Barbican information disclosure vulnerability

A vulnerability was found in OpenStack Barbican containers. This vulnerability is only applicable to deployments that utilize an all-in-one configuration. Barbican containers share the same CGROUP, USER, and NET namespace with the host system and other OpenStack services. If any service is...

OpenStack Heat information leak vulnerability

An information leak was discovered in OpenStack heat. This issue could allow a remote, authenticated attacker to use the 'stack show' command to reveal parameters which are supposed to remain hidden. This has a low impact to the confidentiality, integrity, and availability of the system...

OpenStack Barbican credential leak flaw

A credentials leak flaw was found in OpenStack Barbican. This flaw allows a local authenticated attacker to read the configuration file, gaining access to sensitive credentials...