RHEL 9 : Red Hat OpenStack Platform 17.1 (openstack-tripleo-common) (RHSA-2024:0216)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:0216 advisory. This update affects a Python library for code used by TripleO projects. Security Fixes: sudo privilege escalation vulnerability CVE-2022-38060 For mo...

RHEL 9 : Red Hat OpenStack Platform 17.1 (rabbitmq-server) (RHSA-2024:0217)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2024:0217 advisory. RabbitMQ is an implementation of AMQP, the emerging standard for high performance enterprise messaging. The RabbitMQ server is a robust and scalable...

RHEL 9 : Red Hat OpenStack Platform 17.1 (python-eventlet) (RHSA-2024:0213)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2024:0213 advisory. Eventlet is a networking library written in Python. It achieves high scalability by using non-blocking io while at the same time retaining high...

RHEL 9 : Red Hat OpenStack Platform 17.1 (GitPython) (RHSA-2024:0215)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2024:0215 advisory. GitPython is a python library used to interact with Git repositories. Security Fixes: Blind local file inclusion CVE-2023-41040 For more details abou...

Incorrect Authorization

openstack-keystone is vulnerable to Incorrect Authorization. The vulnerability is caused due to a flaw where only the first 72 characters of an application secret are verified. This allows attackers to bypass some password complexity which administrators may be counting on leading to compromising...

[SECURITY] [DLA 3678-1] horizon security update - CORRECTED ANNOUNCEMENT

Debian LTS Advisory DLA-3678-1 [email protected] https://www.debian.org/lts/security/ Guilhem Moulin December 30, 2023 https://wiki.debian.org/LTS Package : horizon Version : 3:14.0.2-3+deb10u3 CVE ID : CVE-2022-45582 NB: The original message sent included the wrong DLA reference ID. Th...

The vulnerability of the python-eventlet library used by the OpenStack Platform for building cloud solutions allows a attacker to cause service failures.

The vulnerability of the python-eventlet library used by the OpenStack Platform for building cloud solutions is related to improper cleaning or release of resources. Exploiting this vulnerability can allow a malicious actor to cause service failures...

Virtuozzo Hybrid Infrastructure 6.0 (6.0.0-243)

In this release, Virtuozzo Hybrid Infrastructure provides an upgrade of the Linux distribution, kernel, and toolset packages. This release also contains a range of new features that cover storage performance, object storage, as well as monitoring and alerts. Additionally, this release delivers...

Important: Red Hat Security Advisory: Red Hat OpenStack Platform 17.1.1 (python-gevent) security update

An update for python-gevent is now available for Red Hat OpenStack Platform 17.1.1. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

The vulnerability of the Oslo.privsep component in the cloud computing platform Openstack, related to insecure management of privileges, allows a perpetrator to escalate their privileges.

The vulnerability of the Oslo.privsep component in the OpenStack cloud service platform is related to insecure management of privileges. Exploiting this vulnerability could allow a malicious actor to increase their privileges remotely...

PT-2023-8846

Name of the Vulnerable Software and Affected Versions OpenStack Designate affected versions not specified Description An access-control flaw was found in the OpenStack Designate component where private configuration information, including access keys to BIND, were improperly made world readable. ...

Moderate: Red Hat Security Advisory: Red Hat OpenStack Platform 16.2 (openstack-barbican) security update

An update for openstack-barbican is now available for Red Hat OpenStack Platform 16.2 Train. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

openstack-barbican: Insecure Barbican configuration file leaking credential

A credentials leak flaw was found in OpenStack Barbican. This flaw allows a local authenticated attacker to read the configuration file, gaining access to sensitive credentials...

Debian dla-3629 : ceph - security update

The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3629 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3629-1 [email protected]...

Important: Red Hat Security Advisory: Red Hat OpenStack Platform 17.1.1 (director-operator) security update

An update for osp-director-agent-container, osp-director-downloader-container, osp-director-operator-bundle-container, and osp-director-operator-container is now available for Red Hat OpenStack Platform 17.1.1. Red Hat Product Security has rated this update as having a security impact of Importan...

Important: Red Hat Security Advisory: Red Hat OpenStack Platform 16.2.5 (collectd-libpod-stats) security update

An update for collectd-libpod-stats is now available for Red Hat OpenStack Platform 16.2.5 Train. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available fo...

Important: Red Hat Security Advisory: Red Hat OpenStack Platform 16.2.5 (collectd-libpod-stats, etcd) security update

An update for collectd-libpod-stats and etcd is now available for Red Hat OpenStack Platform 16.2.5 Train. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

Important: Red Hat Security Advisory: Red Hat OpenStack Platform 16.1.9 (collectd-libpod-stats, etcd) security update

An update for collectd-libpod-stats and etcd is now available for Red Hat OpenStack Platform 16.1.9 Train. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

Important: Red Hat Security Advisory: Red Hat OpenStack Platform 17.1.1 (collectd-libpod-stats) security update

An update for collectd-libpod-stats is now available for Red Hat OpenStack Platform 17.1.1. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

Important: Red Hat Security Advisory: Red Hat OpenStack Platform 17.1.1 security update

An update for collectd-libpod-stats, etcd, and python-octavia-tests-tempest is now available for Red Hat OpenStack Platform 17.1.1. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detaile...