Moderate: Red Hat Security Advisory: RHSA: Submariner 0.14 - bug fix and security updates

Submariner 0.14 packages that fix various bugs and add various enhancements that are now available for Red Hat Advanced Cluster Management for Kubernetes version 2.7 Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS...

Debian: Security Advisory (DSA-5337-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian: Security Advisory (DSA-5336-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian: Security Advisory (DSA-5338-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian DSA-5337-1 : nova - security update

The remote Debian 11 host has packages installed that are affected by a vulnerability as referenced in the dsa-5337 advisory. Guillaume Espanel, Pierre Libeau, Arnaud Morin and Damien Rannou discovered that missing input sanitising in the handling of VMDK images in OpenStack Compute codenamed Nov...

Debian DSA-5338-1 : cinder - security update

The remote Debian 11 host has packages installed that are affected by a vulnerability as referenced in the dsa-5338 advisory. Guillaume Espanel, Pierre Libeau, Arnaud Morin and Damien Rannou discovered that missing input sanitising in the handling of VMDK images in Cinder, the OpenStack block...

Debian DSA-5336-1 : glance - security update

The remote Debian 11 host has packages installed that are affected by a vulnerability as referenced in the dsa-5336 advisory. - An issue was discovered in OpenStack Cinder before 19.1.2, 20.x before 20.0.2, and 21.0.0; Glance before 23.0.1, 24.x before 24.1.1, and 25.0.0; and Nova before 24.1.2,...

[SECURITY] [DSA 5338-1] cinder security update

------------------------------------------------------------------------- Debian Security Advisory DSA-5338-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff February 01, 2023 https://www.debian.org/security/faq -...

[SECURITY] [DSA 5337-1] nova security update

------------------------------------------------------------------------- Debian Security Advisory DSA-5337-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff February 01, 2023 https://www.debian.org/security/faq -...

Ubuntu: Security Advisory (USN-5835-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-5835-1: Cinder vulnerability

Guillaume Espanel, Pierre Libeau, Arnaud Morin, and Damien Rannou discovered that Cinder incorrectly handled VMDK image processing. An authenticated attacker could possibly supply a specially crafted VMDK flat image and obtain arbitrary files from the server containing sensitive information...

USN-5835-2: OpenStack Glance vulnerability

Guillaume Espanel, Pierre Libeau, Arnaud Morin, and Damien Rannou discovered that OpenStack Glance incorrectly handled VMDK image processing. An authenticated attacker could possibly supply a specially crafted VMDK flat image and obtain arbitrary files from the server containing sensitive...

USN-5835-2 glance vulnerability

Guillaume Espanel, Pierre Libeau, Arnaud Morin, and Damien Rannou discovered that OpenStack Glance incorrectly handled VMDK image processing. An authenticated attacker could possibly supply a specially crafted VMDK flat image and obtain arbitrary files from the server containing sensitive...

Debian: Security Advisory (DLA-3300-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu 20.04 LTS / 22.04 LTS : Cinder vulnerability (USN-5835-1)

The remote Ubuntu 20.04 LTS / 22.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-5835-1 advisory. Guillaume Espanel, Pierre Libeau, Arnaud Morin, and Damien Rannou discovered that Cinder incorrectly handled VMDK image processing. An authenticated...

Debian dla-3301 : cinder-api - security update

The remote Debian 10 host has packages installed that are affected by a vulnerability as referenced in the dla-3301 advisory. - ----------------------------------------------------------------------- Debian LTS Advisory DLA-3301-1 [email protected] https://www.debian.org/lts/security/...

Debian dla-3302 : nova-api - security update

The remote Debian 10 host has packages installed that are affected by a vulnerability as referenced in the dla-3302 advisory. - ----------------------------------------------------------------------- Debian LTS Advisory DLA-3302-1 [email protected] https://www.debian.org/lts/security/...

Ubuntu 20.04 LTS / 22.04 LTS : OpenStack Glance vulnerability (USN-5835-2)

The remote Ubuntu 20.04 LTS / 22.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-5835-2 advisory. Guillaume Espanel, Pierre Libeau, Arnaud Morin, and Damien Rannou discovered that OpenStack Glance incorrectly handled VMDK image processing. An...

[SECURITY] [DLA 3301-1] cinder security update

----------------------------------------------------------------------- Debian LTS Advisory DLA-3301-1 [email protected] https://www.debian.org/lts/security/ Utkarsh Gupta January 31, 2023 https://wiki.debian.org/LTS -...

SUSE: Security Advisory (SUSE-SU-2023:0200-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...