Fedora 17 : openstack-nova-2012.1.3-3.fc17 (2013-1816)

disallow boot from arbitrary volumes CVE-2013-0208 - Disable image cache cleanup to avoid issues with shared storage Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format...

Fedora Update for openstack-nova FEDORA-2013-1816

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

[USN-1715-1] OpenStack Keystone vulnerability

========================================================================== Ubuntu Security Notice USN-1715-1 February 05, 2013 keystone vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...

Fedora Update for openstack-nova FEDORA-2013-1816

Check for the Version of openstack-nova OpenVAS Vulnerability Test Fedora Update for openstack-nova FEDORA-2013-1816 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify i...

[SECURITY] Fedora 17 Update: openstack-nova-2012.1.3-3.fc17

OpenStack Compute codename Nova is open source software designed to provision and manage large networks of virtual machines, creating a redundant and scalable cloud computing platform. It gives you the software, control panels, and APIs required to orchestrate a cloud, including running instances...

USN-1715-1: OpenStack Keystone vulnerability

Dan Prince discovered that Keystone did not properly perform input validation when handling certain error conditions. An unauthenticated user could exploit this to cause a denial of service in Keystone API servers via disk space exhaustion...

CVE-2013-0247

OpenStack Keystone Essex 2012.1.3 and earlier, Folsom 2012.2.3 and earlier, and Grizzly grizzly-2 and earlier allows remote attackers to cause a denial of service disk consumption via many invalid token requests that trigger excessive generation of log entries...

[USN-1709-1] OpenStack Nova vulnerability

========================================================================== Ubuntu Security Notice USN-1709-1 January 29, 2013 nova vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubun...

[USN-1710-1] OpenStack Glance vulnerability

========================================================================== Ubuntu Security Notice USN-1710-1 January 29, 2013 glance vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...

Important: Red Hat Security Advisory: openstack-glance security update

Updated openstack-glance packages that fix one security issue are now available for Red Hat OpenStack Folsom. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating...

openstack-glance: Backend password leak in Glance error message

store/swift.py in OpenStack Glance Essex 2012.1, Folsom 2012.2 before 2012.2.3, and Grizzly, when in Swift single tenant mode, logs the Swift endpoint's user name and password in cleartext when the endpoint is misconfigured or unusable, allows remote authenticated users to obtain sensitive...

Important: Red Hat Security Advisory: openstack-nova security and bug fix update

Updated openstack-nova packages that fix two security issues and multiple bugs are now available for Red Hat OpenStack Folsom. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed...

openstack-nova: Boot from volume allows access to random volumes

The boot-from-volume feature in OpenStack Compute Nova Folsom and Essex, when using nova-volumes, allows remote authenticated users to boot from other users' volumes via a volume id in the blockdevicemapping parameter...

USN-1710-1: OpenStack Glance vulnerability

Dan Prince discovered an issue in Glance error reporting. An authenticated attacker could exploit this to expose the Glance operator's Swift credentials for a misconfigured or otherwise unusable Swift endpoint...

USN-1709-1: OpenStack Nova vulnerability

Phil Day discovered that nova-volume did not validate access to volumes. An authenticated attacker could exploit this to bypass intended access controls and boot from arbitrary volumes...

CVE-2013-0208

The boot-from-volume feature in OpenStack Compute Nova Folsom and Essex, when using nova-volumes, allows remote authenticated users to boot from other users' volumes via a volume id in the blockdevicemapping parameter...

CVE-2013-0212

store/swift.py in OpenStack Glance Essex 2012.1, Folsom 2012.2 before 2012.2.3, and Grizzly, when in Swift single tenant mode, logs the Swift endpoint's user name and password in cleartext when the endpoint is misconfigured or unusable, allows remote authenticated users to obtain sensitive...

SuSE 11.1 Security Update : libpython2_6-1_0, libpython2_6-1_0-32bit, libpython2_6-1_0-x86, python, etc (SAT Patch Number 6310)

This update to python 2.6.8 fixes the following bugs, among others : - XMLRPC Server DoS. CVE-2012-0845, bnc747125 - hash randomization issues. CVE-2012-1150, bnc751718 - insecure creation of .pypirc. CVE-2011-4944, bnc754447 - SimpleHTTPServer XSS. CVE-2011-1015, bnc752375 - functions can accept...

SuSE 11.1 Security Update : libpython2_6-1_0, libpython2_6-1_0-32bit, libpython2_6-1_0-x86, python, etc (SAT Patch Number 6310)

This update to python 2.6.8 fixes the following bugs, among others : - XMLRPC Server DoS. CVE-2012-0845, bnc747125 - hash randomization issues. CVE-2012-1150, bnc751718 - insecure creation of .pypirc. CVE-2011-4944, bnc754447 - SimpleHTTPServer XSS. CVE-2011-1015, bnc752375 - functions can accept...

[SECURITY] Fedora 18 Update: openstack-nova-2012.2.2-1.fc18

OpenStack Compute codename Nova is open source software designed to provision and manage large networks of virtual machines, creating a redundant and scalable cloud computing platform. It gives you the software, control panels, and APIs required to orchestrate a cloud, including running instances...