EulerOS 2.0 SP8 : cloud-init (EulerOS-SA-2020-1286)

According to the versions of the cloud-init package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - cloud-init through 19.4 relies on Mersenne Twister for a random password, which makes it easier for attackers to predict passwords, because...

EulerOS 2.0 SP5 : cloud-init (EulerOS-SA-2020-1304)

According to the versions of the cloud-init package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - In cloud-init through 19.4, randuserpassword in cloudinit/config/ccsetpasswords.py has a small default pwlen value, which makes it easier for...

SUSE SLED15 / SLES15 Security Update : cloud-init (SUSE-SU-2020:0585-1)

This update for cloud-init fixes the following security issues : CVE-2020-8631: Replaced the theoretically predictable deterministic RNG with the system RNG bsc1162937. CVE-2020-8632: Increased the default random password length from 9 to 20 bsc1162936. Note that Tenable Network Security has...

SUSE-SU-2020:0585-1 Security update for cloud-init

This update for cloud-init fixes the following security issues: - CVE-2020-8631: Replaced the theoretically predictable deterministic RNG with the system RNG bsc1162937. - CVE-2020-8632: Increased the default random password length from 9 to 20 bsc1162936...

Moderate Photon OS Security Update - PHSA-2020-0065

Updates of 'cloud-init', 'linux-esx', 'linux', 'linux-secure', 'linux-aws' packages of Photon OS have been released...

Moderate Photon OS Security Update - PHSA-2020-3.0-0065

Updates of 'linux-esx', 'linux', 'cloud-init', 'linux-aws', 'linux-secure' packages of Photon OS have been released...

openSUSE Security Update : python-azure-agent (openSUSE-2020-261)

This update for python-azure-agent fixes the following issues : python-azure-agent was updated to version 2.2.45 jscECO-80 + Add support for Gen2 VM resource disks + Use alternate systemd detection + Fix /proc/net/route requirement that causes errors on FreeBSD + Add cloud-init auto-detect to...

openSUSE: Security Advisory for python-azure-agent (openSUSE-SU-2020:0261-1)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

OPENSUSE-SU-2020:0261-1 Security update for python-azure-agent

This update for python-azure-agent fixes the following issues: python-azure-agent was updated to version 2.2.45 jscECO-80 + Add support for Gen2 VM resource disks + Use alternate systemd detection + Fix /proc/net/route requirement that causes errors on FreeBSD + Add cloud-init auto-detect to...

Security update for python-azure-agent (moderate)

openSUSE Security Update: Security update for python-azure-agent Announcement ID: openSUSE-SU-2020:0261-1 Rating: moderate References: 1127838 Cross-References: CVE-2019-0804 Affected Products: openSUSE Leap 15.1 An update that fixes one vulnerability is now available. Description: This update fo...

Debian DLA-2113-1 : cloud-init security update

CVE-2020-8631 In cloud-init, relies on Mersenne Twister for a random password, which makes it easier for attackers to predict passwords, because randstr in cloudinit/util.py calls the random.choice function. CVE-2020-8632 In cloud-init, randuserpassword in cloudinit/config/ccsetpasswords.py has a...

Debian: Security Advisory (DLA-2113-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] [DLA 2113-1] cloud-init security update

Package : cloud-init Version : 0.7.6bzr976-2+deb8u1 CVE ID : CVE-2020-8631 CVE-2020-8632 Debian Bug : 951362 951363 CVE-2020-8631 In cloud-init, relies on Mersenne Twister for a random password, which makes it easier for attackers to predict passwords, because randstr in cloudinit/util.py calls t...

DLA-2113-1 cloud-init - security update

Bulletin has no description...

Cloud-init Security Feature Issue Vulnerability

Cloud-init is a virtual machine initialization tool for cloud platforms. A security vulnerability exists in cloud-init version 19.4 and earlier, which stems from a call to the 'random.choice' function by randstr in the cloudinit/util.py file. An attacker could use this vulnerability to guess a...

Moderate Photon OS Security Update - PHSA-2020-0058

Updates of 'cloud-init', 'ansible' packages of Photon OS have been released...

Moderate Photon OS Security Update - PHSA-2020-3.0-0058

Updates of 'ansible', 'cloud-init' packages of Photon OS have been released...

Important Photon OS Security Update - PHSA-2020-0214

Updates of 'linux-aws', 'linux-secure', 'cloud-init', 'linux-esx', 'libvirt', 'linux' packages of Photon OS have been released...

CVE-2020-8631

A flaw was found in cloud-init, where it uses the random.choice function when creating sensitive random strings used for generating a random password in new instances. Depending on the instance configuration, a remote or local attacker may abuse this vulnerability to guess the password of the...

CVE-2020-8632

A flaw was found in cloud-init, where it uses short passwords when generating a random password in new instances. Depending on the instance configuration, a remote or local attacker may abuse this vulnerability to guess the password of the victim user...