blazar-dashboard (=1.2.0), freezer-web-ui (=7.0.0.0b1) +3 more potentially affected by CVE-2020-29565 via horizon (=17.1.0)

horizon PYPI version =17.1.0 is affected by a known vulnerability. The following packages have a transitive dependency on horizon and may be impacted: - blazar-dashboard =1.2.0 - freezer-web-ui =7.0.0.0b1 - monasca-ui =1.13.0 - sahara-dashboard =9.0.0.0b3, =2.4.0, =3.0.1 Source cves: CVE-2020-295...

SUSE-SU-2022:0133-1 Security update for openstack-monasca-agent, spark, spark-kit, zookeeper

This update for openstack-monasca-agent, spark, spark-kit, zookeeper fixes the following issues: - CVE-2021-4104: Remove JMSAppender from log4j jars bsc1193662...

SUSE-SU-2022:0126-1 Security update for openstack-monasca-agent, spark, spark-kit, zookeeper

This update for openstack-monasca-agent, spark, spark-kit, zookeeper fixes the following issues: - CVE-2021-4104: Remove JMSAppender from log4j jars bsc1193662...

SUSE-SU-2021:3728-1 Security update for ardana-ansible, ardana-monasca, documentation-suse-openstack-cloud, openstack-ec2-api, openstack-heat-templates, python-Django, python-monasca-common, rubygem-redcarpet, rubygem-puma

This update for ardana-ansible, ardana-monasca, documentation-suse-openstack-cloud, openstack-ec2-api, openstack-heat-templates, python-Django, python-monasca-common, rubygem-redcarpet, rubygem-puma contains the following fixes: Security fixes included in this update: rubygem-redcarpet:...

blazar-dashboard (=1.2.0), freezer-web-ui (=7.0.0.0b1) +3 more potentially affected by CVE-2020-29565 via horizon (=17.1.0)

horizon PYPI version =17.1.0 is affected by a known vulnerability. The following packages have a transitive dependency on horizon and may be impacted: - blazar-dashboard =1.2.0 - freezer-web-ui =7.0.0.0b1 - monasca-ui =1.13.0 - sahara-dashboard =9.0.0.0b3, =2.4.0, =3.0.1 Source cves: CVE-2020-295...

SUSE-SU-2020:0640-1 Security update for ardana-cinder, ardana-cobbler, ardana-designate, ardana-extensions-example, ardana-extensions-nsx, ardana-glance, ardana-heat, ardana-input-model, ardana-ironic, ardana-keystone, ardana-logging, ardana-monasca, ardana-monasca-transform, ardana-mq, ardana-neutron, ardana-nova, ardana-octavia, ardana-osconfig, ardana-tempest, crowbar-core, crowbar-ha, crowbar-openstack, crowbar-ui, keepalived, mariadb, openstack-cinder, openstack-dashboard, openstack-dashboard-theme-SUSE, openstack-heat, openstack-heat-templates, openstack-horizon-plugin-designate-ui, openstack-horizon-plugin-neutron-lbaas-ui, openstack-ironic, openstack-keystone, openstack-monasca-agent, openstack-neutron, openstack-neutron-gbp, openstack-neutron-vsphere, openstack-nova, openstack-octavia, openstack-octavia-amphora-image, openstack-resource-agents, openstack-sahara, openstack-trove, python-cinderlm, python-congressclient, python-designateclient, python-ironic-lib, python-networking-cisco, python-osc-lib, python-oslo.context, python-oslo.rootwrap, python-oslo.serialization, python-oslo.service, python-stevedore, python-taskflow, rubygem-crowbar-client, rubygem-pumavenv-openstack-swift

This update for ardana-cinder, ardana-cobbler, ardana-designate, ardana-extensions-example, ardana-extensions-nsx, ardana-glance, ardana-heat, ardana-input-model, ardana-ironic, ardana-keystone, ardana-logging, ardana-monasca, ardana-monasca-transform, ardana-mq, ardana-neutron, ardana-nova,...

SUSE-SU-2020:0081-1 Security update for crowbar-core, crowbar-openstack, openstack-horizon-plugin-monasca-ui, openstack-monasca-api, openstack-monasca-log-api, openstack-neutron, rubygem-puma, rubygem-rest-client

This update for crowbar-core, crowbar-openstack, openstack-horizon-plugin-monasca-ui, openstack-monasca-api, openstack-monasca-log-api, openstack-neutron, rubygem-puma, rubygem-rest-client contains the following fixes: Security issue fixed for rubygem-puma: - CVE-2019-16770: Fixed a potential...

monasca-agent (>=1.0.32 <=2.1.0), mysite-3 (=0.8.0) +2 more potentially affected by CVE-2019-12105 via supervisor (>=3.1.4 <=4.0.0)

supervisor PYPI version =3.1.4, =1.0.32, =0.6.0, =0.15.0 Source cves: CVE-2019-12105 Source advisory: OSV:PYSEC-2019-126...

SUSE-RU-2019:1161-1 Recommended update for ardana-ansible, ardana-cobbler, ardana-db, ardana-heat, ardana-manila, ardana-neutron, ardana-nova, ardana-octavia, ardana-osconfig, ardana-service, ardana-ses, ardana-swift, ardana-tempest, crowbar, crowbar-core, crowbar-ha, crowbar-openstack, documentation-suse-openstack-cloud, galera-python-clustercheck, openstack-dashboard, openstack-ec2-api, openstack-heat, openstack-heat-templates, openstack-horizon-plugin-ironic-ui, openstack-horizon-plugin-magnum-ui, openstack-horizon-plugin-sahara-ui, openstack-ironic, openstack-keystone, openstack-magnum, openstack-manila, openstack-monasca-api, openstack-monasca-notification, openstack-monasca-persister, openstack-murano, openstack-neutron, openstack-neutron-fwaas, openstack-nova, openstack-octavia, openstack-sahara, openstack-swift, openstack-tempest, python-cinderclient, python-cryptography, python-monasca-common, python-networking-hyperv, python-os-brick, python-venvjail, venv-openstack-aodh, venv-openstack-barbican, venv-openstack-ceilometer, venv-openstack-cinder, venv-openstack-designate, venv-openstack-freezer, venv-openstack-glance, venv-openstack-heat, venv-openstack-horizon, venv-openstack-ironic, venv-openstack-keystone, venv-openstack-magnum, venv-openstack-manila, venv-openstack-monasca, venv-openstack-monasca-ceilometer, venv-openstack-murano, venv-openstack-nova, venv-openstack-octavia, venv-openstack-sahara, venv-openstack-swift, venv-openstack-trove

This update for ardana-ansible, ardana-cobbler, ardana-db, ardana-heat, ardana-manila, ardana-neutron, ardana-nova, ardana-octavia, ardana-osconfig, ardana-service, ardana-ses, ardana-swift, ardana-tempest, crowbar, crowbar-core, crowbar-ha, crowbar-openstack, documentation-suse-openstack-cloud,...

SUSE-SU-2018:3563-1 Security update for ardana-monasca, ardana-spark, kafka, kafka-kit, openstack-monasca-api

This update for ardana-monasca, ardana-spark, kafka, kafka-kit, openstack-monasca-api fixes the following issues: This update for ardana-monasca to version 8.0+git.1535031421.9262a47 fixes these issues: - Requests Apache to reload on change bsc1102662 - Avoids managing non-Monasca users bsc110266...

SUSE-SU-2018:2536-1 Security update for grafana, kafka, logstash and monasca-installer

This update for grafana, kafka, logstash and monasca-installer fixes the following issues: The following security issues have been fixed: grafana: - CVE-2018-12099: Fix Cross-Site-Scripting XSS vulnerabilities in dashboard links. bsc1096985 kafka: - CVE-2018-1288: Authenticated Kafka users may...

monasca-agent (>=1.3.0 <=1.4.0) potentially affected by CVE-2017-2592 via oslo-middleware (=3.20.0)

oslo-middleware PYPI version =3.20.0 is affected by a known vulnerability. The following packages have a transitive dependency on oslo-middleware and may be impacted: - monasca-agent =1.3.0, =1.4.0 Source cves: CVE-2017-2592 Source advisory: OSV:GHSA-XCP8-HH74-F6MC...

gnocchi (>=3.0.21 <=4.2.4), monasca-agent (>=1.1.20 <=1.4.0) +1 more potentially affected by CVE-2017-2592 via oslo-middleware (>=2.8.0 <=3.37.1)

oslo-middleware PYPI version =2.8.0, =3.0.21, =1.1.20, =1.0.25, =1.0.27 Source cves: CVE-2017-2592 Source advisory: OSV:GHSA-XCP8-HH74-F6MC...

monasca-agent (>=1.3.0 <=1.4.0) potentially affected by CVE-2017-2592 via oslo-middleware (=3.20.0)

oslo-middleware PYPI version =3.20.0 is affected by a known vulnerability. The following packages have a transitive dependency on oslo-middleware and may be impacted: - monasca-agent =1.3.0, =1.4.0 Source cves: CVE-2017-2592 Source advisory: OSV:PYSEC-2018-104...

gnocchi (>=3.0.21 <=4.2.4), monasca-agent (>=1.1.20 <=1.4.0) +1 more potentially affected by CVE-2017-2592 via oslo-middleware (>=2.8.0 <=3.37.1)

oslo-middleware PYPI version =2.8.0, =3.0.21, =1.1.20, =1.0.25, =1.0.27 Source cves: CVE-2017-2592 Source advisory: OSV:PYSEC-2018-104...

SUSE-SU-2017:3029-1 Security update for ansible and monasca-installer

This update for ansible provides version 2.2.3.0 and fixes the following security issues: - CVE-2017-7481: Data for lookup plugins used as variables was not being marked as 'unsafe' and could lead to unintentional disclosure of information. bsc1038785 - CVE-2016-9587: Prevent compromised host to...

blazar-dashboard (=1.2.0), freezer-web-ui (=7.0.0.0b1) +3 more potentially affected by CVE-2012-3540 via horizon (=17.1.0)

horizon PYPI version =17.1.0 is affected by a known vulnerability. The following packages have a transitive dependency on horizon and may be impacted: - blazar-dashboard =1.2.0 - freezer-web-ui =7.0.0.0b1 - monasca-ui =1.13.0 - sahara-dashboard =9.0.0.0b3, =2.4.0, =3.0.1 Source cves: CVE-2012-354...