Moderate: Red Hat Security Advisory: openstack-heat bug fix and security advisory

Updated OpenStack Orchestration packages that fix one security issue and two bugs are now available for Red Hat Enterprise Linux OpenStack Platform 5.0 Icehouse for RHEL 7. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS...

openstack-heat: Vulnerability in Heat template validation leading to DoS

A vulnerability was discovered in the OpenStack Orchestration service heat, where a specially formatted template could be used to trick the heat-engine service into opening a local file. Although the file contents are never disclosed to the end user, an OpenStack-authenticated attacker could use...

openstack-heat: Vulnerability in Heat template validation leading to DoS

A vulnerability was discovered in the OpenStack Orchestration service heat, where a specially formatted template could be used to trick the heat-engine service into opening a local file. Although the file contents are never disclosed to the end user, an OpenStack-authenticated attacker could use...

Moderate: Red Hat Security Advisory: openstack-heat security advisory

Updated OpenStack Orchestration packages that fix one security issue are now available for Red Hat Enterprise Linux OpenStack Platform 6.0 Juno for RHEL 7. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, whic...

OpenStack Compute Information Disclosure Vulnerability

OpenStack is a cloud platform management program developed by the National Aeronautics and Space Administration NASA in collaboration with Rackspace, Inc. in the U.S. OpenStack Compute Nova is one of the cloud computing construct controllers written in the Python language. The OpenStack Compute...

Important: Red Hat Security Advisory: openstack-nova security update

Updated openstack-nova packages that fix one security issue are now available for Red Hat Enterprise Linux OpenStack Platform 7.0 Kilo for RHEL 7. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, which give...

openstack-nova: Host data leak through resize/migration

An information-exposure flaw was found in the OpenStack Compute nova resize and migrate functionality. An authenticated user could write a malicious qcow header to an ephemeral or root disk, referencing a block device as a backing file. With a subsequent resize or migration, file system content o...

Important: Red Hat Security Advisory: openstack-nova security update

Updated openstack-nova packages that fix one security issue are now available for Red Hat Enterprise Linux OpenStack Platform 6.0 Juno for RHEL 7. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, which give...

openstack-nova: Host data leak through resize/migration

An information-exposure flaw was found in the OpenStack Compute nova resize and migrate functionality. An authenticated user could write a malicious qcow header to an ephemeral or root disk, referencing a block device as a backing file. With a subsequent resize or migration, file system content o...

Important: Red Hat Security Advisory: openstack-nova security update

Updated openstack-nova packages that fix one security issue are now available for Red Hat Enterprise Linux OpenStack Platform 5.0 Icehouse for RHEL 7. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, which gi...

openstack-nova: Host data leak through resize/migration

An information-exposure flaw was found in the OpenStack Compute nova resize and migrate functionality. An authenticated user could write a malicious qcow header to an ephemeral or root disk, referencing a block device as a backing file. With a subsequent resize or migration, file system content o...

openstack-nova: Host data leak through resize/migration

An information-exposure flaw was found in the OpenStack Compute nova resize and migrate functionality. An authenticated user could write a malicious qcow header to an ephemeral or root disk, referencing a block device as a backing file. With a subsequent resize or migration, file system content o...

Important: Red Hat Security Advisory: openstack-nova security update

Updated openstack-nova packages that fix one security issue are now available for Red Hat Enterprise Linux OpenStack Platform 5.0 Icehouse for RHEL 6. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, which gi...

openstack-glance: Glance image status manipulation through locations

An authorization vulnerability in OpenStack Image service was discovered, which allowed image-status manipulation using locations. By removing the last location of an image, an authenticated user could change the status from 'active' to 'queue'. A malicious tenant could exploit this flaw to...

Low: Red Hat Security Advisory: openstack-glance security update

Updated openstack-glance packages that fix one security issue are now available for Red Hat Enterprise Linux OpenStack Platform 5.0 Icehouse for RHEL 6. Red Hat Product Security has rated this update as having a Low security impact. Common Vulnerability Scoring System CVSS base scores, which give...

Fedora 23 : openstack-swift-plugin-swift3-1.9-1.fc23 (2015-1ca595f821)

Update to upstream 1.9 includes security fix for CVE-2015-8466 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional...

Fedora 23 : openstack-swift-2.3.0-3.fc23 (2016-2256c80a94)

Security fix for CVE-2016-0738 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300 C...

Fedora 23 : openstack-ironic-discoverd-1.1.1-1.fc23 (2015-16ecacb90b)

Release 1.1.1, security fix for CVE-2015-5306 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues...

Fedora 22 : openstack-ironic-discoverd-1.1.1-1.fc22 (2015-5062ef3dbe)

Release 1.1.1, security fix for CVE-2015-5306 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues...

Fedora 23 : openstack-glance-2015.1.2-1.fc23 (2015-66439aa9e2)

Update to upstream 2015.1.2 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300 C...