4 matches found
openSUSE Security Update : openstack-nova (openSUSE-SU-2013:1087-1)
This update of openstack-nova fixes a security vulnerability. - Add CVE-2013-2030.patch: fix insecure keystone middleware tmpdir by default CVE-2013-2030, bnc819349. - Use explicit keystone-signing dir to workaround lp1181157. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive...
CVE-2013-2030
CVE-2013-2030 affects OpenStack Nova (keystone/middleware/auth_token.py) in Folsom, Grizzly, and Havana. It uses an insecure temporary directory to store signing certificates, enabling local users to spoof servers by pre-creating the directory (e.g., /tmp/keystone-signing-nova on Fedora). Several...
Fedora Update for openstack-keystone FEDORA-2013-10713
The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 18 : openstack-keystone-2012.2.4-3.fc18 (2013-8048)
Revoke tokens on user delete CVE-2013-2059 - authtoken: Securely create signingdir CVE-2013-2030 - avoid potential disclosure in log files and restrict /var/log/keystone/ CVE-2013-2006 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora...