569 matches found
Moderate: Red Hat Security Advisory: openstack-puppet-modules security update
An update for openstack-puppet-modules is now available for Red Hat OpenStack Platform 8.0 Liberty. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available f...
puppet-swift: installs config file with world readable permissions
An information-disclosure flaw was discovered in Red Hat OpenStack Platform director's installation of Object Storage swift. During installation, the Puppet script responsible for deploying the service incorrectly removes and recreates the proxy-server.conf file with world-readable permissions...
Moderate: Red Hat Security Advisory: puppet-swift security update
An update for puppet-swift is now available for Red Hat OpenStack Platform 10.0 Newton. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
Name of Backups Entry Does Not Match Job Name
Challenge The name of the backup job has been changed, causing entries found under the Backups node to no longer match their associated job. In the example screenshot above, the job was first run with the name "Backup Job 1," and after the initial run, the job was renamed to "DC Backup." The...
ceph: RGW permits bucket listing when authenticated_users=read
A flaw was found in Ceph RGW code which allows an anonymous user to list contents of RGW bucket by bypassing ACL which should only allow authenticated users to list contents of bucket...
[SECURITY] Fedora 25 Update: mongodb-3.2.8-2.fc25
Mongo from "humongous" is a high-performance, open source, schema-free document-oriented database. MongoDB is written in C++ and offers the follow ing features: Collection oriented storage: easy storage of object/JSON-style data Dynamic queries Full index support, including on inner objects and...
Vulnerability of PHP software, which allows a malicious actor to compromise the confidentiality, integrity, and accessibility of protected information
The vulnerability exists in the PHP SPL component due to an incorrect definition of what happens after data structures are deallocated. This allows malicious actors who operate remotely to execute arbitrary code using a specially crafted string, thereby triggering the use of hash tables’...
Debian Security Advisory DSA 3583-1 (swift-plugin-s3 - security update)
It was discovered that the swift3 S3 compatibility middleware plugin for Swift performed insufficient validation of date headers which might result in replay attacks. OpenVAS Vulnerability Test $Id: deb3583.nasl 6608 2017-07-07 12:05:05Z cfischer $ Auto-generated from advisory DSA 3583-1 using...
Information disclosure
The TripleO Heat templates tripleo-heat-templates do not properly order the Identity Service keystone before the OpenStack Object Storage Swift staticweb middleware in the swiftproxy pipeline when the staticweb middleware is enabled, which might allow remote attackers to obtain sensitive...
CVE-2015-5271
The TripleO Heat templates tripleo-heat-templates do not properly order the Identity Service keystone before the OpenStack Object Storage Swift staticweb middleware in the swiftproxy pipeline when the staticweb middleware is enabled, which might allow remote attackers to obtain sensitive...
CVE-2015-5271
The TripleO Heat templates tripleo-heat-templates do not properly order the Identity Service keystone before the OpenStack Object Storage Swift staticweb middleware in the swiftproxy pipeline when the staticweb middleware is enabled, which might allow remote attackers to obtain sensitive...
PYSEC-2016-34
The TripleO Heat templates tripleo-heat-templates do not properly order the Identity Service keystone before the OpenStack Object Storage Swift staticweb middleware in the swiftproxy pipeline when the staticweb middleware is enabled, which might allow remote attackers to obtain sensitive...
CVE-2015-5271
The TripleO Heat templates tripleo-heat-templates do not properly order the Identity Service keystone before the OpenStack Object Storage Swift staticweb middleware in the swiftproxy pipeline when the staticweb middleware is enabled, which might allow remote attackers to obtain sensitive...
RHEL 7 : Storage Server (RHSA-2016:0328)
Updated openstack-swift packages that fix two security issues are now available for Red Hat Gluster Storage 3.1 update 2 in Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which gi...
RHEL 6 : Storage Server (RHSA-2016:0329)
Updated openstack-swift packages that fix two security issues are now available for Red Hat Gluster Storage 3.1 update 2 in Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which gi...
Moderate: Red Hat Security Advisory: openstack-swift security update
Updated openstack-swift packages that fix two security issues are now available for Red Hat Gluster Storage 3.1 update 2 in Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which gi...
Moderate: Red Hat Security Advisory: openstack-swift security update
Updated openstack-swift packages that fix two security issues are now available for Red Hat Gluster Storage 3.1 update 2 in Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which gi...
openstack-swift: Proxy to server DoS through Large Objects
A memory-leak issue was found in OpenStack Object Storage swift, in the proxy-to-server connection. An OpenStack-authenticated attacker could remotely trigger this flaw to cause denial of service through excess memory consumption...
Moderate: Red Hat Security Advisory: openstack-swift security update
Updated openstack-swift packages that fix two security issues are now available for Red Hat Enterprise Linux OpenStack Platform 7.0. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...
Moderate: Red Hat Security Advisory: openstack-swift security update
Updated openstack-swift packages that fix two security issues are now available for Red Hat Enterprise Linux OpenStack Platform 5.0 for RHEL 6. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a...