SUSE: Security Advisory (SUSE-SU-2023:2477-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Important: Red Hat Security Advisory: Red Hat OpenStack Platform 17.0 (etcd) security update

An update for etcd is now available for Red Hat OpenStack Platform 17.0 Wallaby. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

Important: Red Hat Security Advisory: Red Hat OpenStack Platform 16.2 (etcd) security update

An update for etcd is now available for Red Hat OpenStack Platform 16.2 Train. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerabilit...

Important: Red Hat Security Advisory: Red Hat OpenStack Platform 16.1 (etcd) security update

An update for etcd is now available for Red Hat OpenStack Platform 16.1 Train. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerabilit...

Important: Red Hat Security Advisory: Red Hat OpenStack Platform 17.0 (python-flask) security update

An update for python-flask is now available for Red Hat OpenStack Platform 17.0 Wallaby. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

Important: Red Hat Security Advisory: Red Hat OpenStack Platform 16.1 (python-flask) security update

An update for python-flask is now available for Red Hat OpenStack Platform 16.1 Train. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

Important: Red Hat Security Advisory: Red Hat OpenStack Platform 16.2 (python-flask) security update

An update for python-flask is now available for Red Hat OpenStack Platform 16.2 Train. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

SUSE-SU-2023:2379-1 Security update for openstack-heat, python-Werkzeug

This update for openstack-heat, python-Werkzeug contains the following fixes: Security fixes included on this update: openstack-heat: - CVE-2023-1625: Fixed an issue where parameter values marked as 'hidden' would be shown in the stack's environment. bsc1209774 python-Werkzeug: - CVE-2023-25577:...

SUSE-SU-2023:2378-1 Security update for openstack-heat, openstack-swift, python-Werkzeug

This update for openstack-heat, openstack-swift, python-Werkzeug contains the following fixes: Security fixes included in this update: openstack-heat: - CVE-2023-1625: Fixed an issue where parameter values marked as 'hidden' would be shown in the stack's environment bsc1209774. openstack-swift: -...

SUSE: Security Advisory (SUSE-SU-2023:2360-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2023:2346-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2023:2328-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

The vulnerability of the OpenStack cloud service platform, related to the lack of protection for operational data, allows attackers to disclose the protected information.

The vulnerability of the cloud computing platform OpenStack is related to the lack of protection for operational data. Exploiting this vulnerability can allow a malicious actor, operating remotely, to disclose the protected information...

USN-6073-9: os-brick regression

USN-6073-4 fixed a vulnerability in os-brick. Unfortunately the update introduced a regression with detaching volumes. The security fix has been removed pending further investigation. We apologize for the inconvenience. Original advisory details: Jan Wasilewski and Gorka Eguileor discovered that...

USN-6073-8: Nova regression

USN-6073-3 fixed a vulnerability in Nova. Unfortunately the update introduced a regression with detaching volumes. The security fix has been removed pending further investigation. We apologize for the inconvenience. Original advisory details: Jan Wasilewski and Gorka Eguileor discovered that Nova...

USN-6073-8 nova regression

USN-6073-3 fixed a vulnerability in Nova. Unfortunately the update introduced a regression with detaching volumes. The security fix has been removed pending further investigation. We apologize for the inconvenience. Original advisory details: Jan Wasilewski and Gorka Eguileor discovered that Nova...

USN-6073-7: Glance_store regression

USN-6073-2 fixed a vulnerability in Glancestore. Unfortunately the update introduced a regression with detaching volumes. The security fix has been removed pending further investigation. We apologize for the inconvenience. Original advisory details: Jan Wasilewski and Gorka Eguileor discovered th...

USN-6073-6: Cinder regression

USN-6073-1 fixed a vulnerability in Cinder. Unfortunately the update introduced a regression with detaching volumes. The security fix has been removed pending further investigation. We apologize for the inconvenience. Original advisory details: Jan Wasilewski and Gorka Eguileor discovered that...

SUSE: Security Advisory (SUSE-SU-2023:2238-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openstack-cinder: silently access other user's volumes

A flaw was found in OpenStack due to an inconsistency between Cinder and Nova. This issue can be triggered intentionally or by accident. A remote, authenticated attacker could exploit this vulnerability by detaching one of their volumes from Cinder. The highest impact is to confidentiality...