Moderate: Red Hat Security Advisory: openstack-swift security update

Updated openstack-swift packages that fix one security issue are now available for Red Hat Enterprise Linux OpenStack Platform 5.0 Icehouse for Red Hat Enterprise Linux 7. The Red Hat Security Response Team has rated this update as having Moderate security impact. A Common Vulnerability Scoring...

openstack-swift: XSS in Swift requests through WWW-Authenticate header

It was found that Swift did not escape all HTTP header values, allowing data to be injected into the responses sent from the Swift server. This could lead to cross-site scripting attacks and possibly other impacts if a user were tricked into clicking on a malicious URL...

DEBIAN-CVE-2014-3555

OpenStack Neutron before 2013.2.4, 2014.x before 2014.1.2, and Juno before Juno-2 allows remote authenticated users to cause a denial of service crash or long firewall rule updates by creating a large number of allowed address pairs...

CVE-2014-3555

OpenStack Neutron before 2013.2.4, 2014.x before 2014.1.2, and Juno before Juno-2 allows remote authenticated users to cause a denial of service crash or long firewall rule updates by creating a large number of allowed address pairs...

CVE-2014-3555

OpenStack Neutron before 2013.2.4, 2014.x before 2014.1.2, and Juno before Juno-2 allows remote authenticated users to cause a denial of service crash or long firewall rule updates by creating a large number of allowed address pairs...

Code injection

OpenStack Neutron before 2013.2.4, 2014.x before 2014.1.2, and Juno before Juno-2 allows remote authenticated users to cause a denial of service crash or long firewall rule updates by creating a large number of allowed address pairs...

CVE-2014-3555

OpenStack Neutron before 2013.2.4, 2014.x before 2014.1.2, and Juno before Juno-2 allows remote authenticated users to cause a denial of service crash or long firewall rule updates by creating a large number of allowed address pairs...

CVE-2014-3555

CVE-2014-3555 affects OpenStack Neutron. Vulnerable versions: Neutron before 2013.2.4, 2014.x before 2014.1.2, and Juno before Juno-2. A remote authenticated user can cause a denial of service (crash or extended firewall rule updates) by creating a large number of allowed address pairs. Remediati...

CVE-2014-3555

OpenStack Neutron before 2013.2.4, 2014.x before 2014.1.2, and Juno before Juno-2 allows remote authenticated users to cause a denial of service crash or long firewall rule updates by creating a large number of allowed address pairs...

PT-2014-5393 · Openstack +1 · Openstack Neutron +1

Name of the Vulnerable Software and Affected Versions: OpenStack Neutron versions before 2013.2.4 OpenStack Neutron versions 2014.x before 2014.1.2 OpenStack Neutron Juno before Juno-2 Description: The issue allows remote authenticated users to cause a denial of service by creating a large number...

UBUNTU-CVE-2014-3555

OpenStack Neutron before 2013.2.4, 2014.x before 2014.1.2, and Juno before Juno-2 allows remote authenticated users to cause a denial of service crash or long firewall rule updates by creating a large number of allowed address pairs...

CVE-2014-3555

OpenStack Neutron before 2013.2.4, 2014.x before 2014.1.2, and Juno before Juno-2 allows remote authenticated users to cause a denial of service crash or long firewall rule updates by creating a large number of allowed address pairs...

Moderate: Red Hat Security Advisory: openstack-neutron security, bug fix, and enhancement update

Updated openstack-neutron packages that fix two security issues, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux OpenStack Platform 4.0. The Red Hat Security Response Team has rated this update as having Moderate security impact. A Common Vulnerability...

openstack-neutron: L3-agent denial of service through IPv6 subnet

The L3-agent in OpenStack Neutron before 2013.2.4, 2014.x before 2014.1.2, and Juno before Juno-2 allows remote authenticated users to cause a denial of service IPv4 address attachment outage by attaching an IPv6 private subnet to a L3 router...

openstack-neutron: security groups bypass through invalid CIDR

The openvswitch-agent process in OpenStack Neutron 2013.1 before 2013.2.4 and 2014.1 before 2014.1.1 allows remote authenticated users to bypass security group restrictions via an invalid CIDR in a security group rule, which prevents further rules from being applied...

Fedora Update for openstack-ceilometer FEDORA-2014-7799

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora Update for openstack-nova FEDORA-2014-7954

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 20 Update: docker-io-1.0.0-6.fc20

Docker is an open-source engine that automates the deployment of any application as a lightweight, portable, self-sufficient container that will run virtually anywhere. Docker containers can encapsulate any payload, and will run consistently on and between virtually any server. The same container...

Fedora 20 : openstack-nova-2013.2.3-2.fc20 (2014-7954)

Add RBAC policy for ec2 API security groups calls - CVE-2014-0167 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing...

[SECURITY] Fedora 20 Update: openstack-nova-2013.2.3-2.fc20

OpenStack Compute codename Nova is open source software designed to provision and manage large networks of virtual machines, creating a redundant and scalable cloud computing platform. It gives you the software, control panels, and APIs required to orchestrate a cloud, including running instances...