622 matches found
Updated cloud-init packages fix security vulnerability
cloud-init has the ability to generate and set a randomized password for system users. This functionality is enabled at runtime by passing cloud-config data such as: 'chpasswd: list: | user1:RANDOM' When instructing cloud-init to set a random password for a new user account, versions before 21.1....
NewStart CGSL CORE 5.05 / MAIN 5.05 : cloud-init Multiple Vulnerabilities (NS-SA-2021-0151)
The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has cloud-init packages installed that are affected by multiple vulnerabilities: - The default cloud-init configuration, in cloud-init 0.6.2 and newer, included sshdeletekeys: 0, disabling cloud-init's deletion of ssh host keys...
OESA-2021-1372 cloud-init security update
Cloud-init is the defacto multi-distribution package that handles early initialization of a cloud instance. Security Fixes: CVE-2021-3429...
RHEL 8 : cloud-init (RHSA-2021:3371)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2021:3371 advisory. The cloud-init packages provide a set of init scripts for cloud instances. Cloud instances need special scripts to run during initialization to...
cloud-init: randomly generated passwords logged in clear-text to world-readable file
A flaw was found in cloud-init. When a system is configured through cloud-init and the "Set Passwords" module is used with "chpasswd" directive and "RANDOM", the randomly generated password for the relative user is written in clear-text in a file readable by any existing user of the system. The...
Moderate: Red Hat Security Advisory: cloud-init security update
An update for cloud-init is now available for Red Hat Enterprise Linux 8.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available f...
Moderate: Red Hat Security Advisory: cloud-init security update
An update for cloud-init is now available for Red Hat Enterprise Linux 8.1 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available f...
cloud-init: randomly generated passwords logged in clear-text to world-readable file
A flaw was found in cloud-init. When a system is configured through cloud-init and the "Set Passwords" module is used with "chpasswd" directive and "RANDOM", the randomly generated password for the relative user is written in clear-text in a file readable by any existing user of the system. The...
RHEL 8 : cloud-init (RHSA-2021:3177)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2021:3177 advisory. The cloud-init packages provide a set of init scripts for cloud instances. Cloud instances need special scripts to run during initialization to...
CentOS 8 : cloud-init (CESA-2021:3081)
The remote CentOS Linux 8 host has a package installed that is affected by a vulnerability as referenced in the CESA-2021:3081 advisory. - cloud-init: randomly generated passwords logged in clear-text to world-readable file CVE-2021-3429 Note that Nessus has not tested for this issue but has...
cloud-init security update
20.3-10.0.1 - Added missing services in rhel/systemd/cloud-init.service Orabug: 32183938 - Added missing services in cloud-init.service.tmpl for sshd Orabug: 32183938 - Forward port applicable cloud-init 18.4-2.0.3 changes to cloud-init-18-5 Orabug: 30435672 - limit permissions Orabug: 31352433 -...
Oracle Linux 8 : cloud-init (ELSA-2021-3081)
The remote Oracle Linux 8 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2021-3081 advisory. - Resolves: bz1979252 CVE-2021-3429 cloud-init: randomly generated passwords logged in clear-text to world-readable file rhel-8 rhel-8.4.0.z Tenable has extract...
RHEL 8 : cloud-init (RHSA-2021:3081)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2021:3081 advisory. The cloud-init packages provide a set of init scripts for cloud instances. Cloud instances need special scripts to run during initialization to...
Moderate: Red Hat Security Advisory: cloud-init security update
An update for cloud-init is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...
cloud-init: randomly generated passwords logged in clear-text to world-readable file
A flaw was found in cloud-init. When a system is configured through cloud-init and the "Set Passwords" module is used with "chpasswd" directive and "RANDOM", the randomly generated password for the relative user is written in clear-text in a file readable by any existing user of the system. The...
Moderate: cloud-init security update
The cloud-init packages provide a set of init scripts for cloud instances. Cloud instances need special scripts to run during initialization to retrieve and install SSH keys, and to let the user run various scripts. Security Fixes: cloud-init: randomly generated passwords logged in clear-text to...
RLSA-2021:3081 Moderate: cloud-init security update
The cloud-init packages provide a set of init scripts for cloud instances. Cloud instances need special scripts to run during initialization to retrieve and install SSH keys, and to let the user run various scripts. Security Fixes: cloud-init: randomly generated passwords logged in clear-text to...
cloud-init security update
An update is available for cloud-init. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The cloud-init packages provide a set of init scripts for cloud instances...
cloud-init bug fix and enhancement update
The cloud-init packages provide a set of init scripts for cloud instances. Cloud instances need special scripts to run during initialization to retrieve and install SSH keys, and to let the user run various scripts. Bug Fixes and Enhancements: Intermittent failure to start cloud-init due to failu...
cloud-init bug fix and enhancement update
An update is available for cloud-init. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The cloud-init packages provide a set of init scripts for cloud instances...