Ubuntu: Security Advisory (USN-2193-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu 12.10 / 13.04 : glance vulnerability (USN-2003-1)

Stuart McLaren discovered that Glance did not properly enforce the 'downloadimage' policy for cached images. An authenticated user could exploit this to obtain sensitive information in an image protected by this setting. Note that Tenable Network Security has extracted the preceding description...

Ubuntu 12.04 LTS / 12.10 : glance vulnerability (USN-1764-1)

Stuart McLaren discovered an issue with Glance v1 API requests. An authenticated attacker could exploit this to expose the Glance operator's Swift and/or S3 credentials via the response headers when requesting a cached image. Note that Tenable Network Security has extracted the preceding...

Ubuntu 11.10 / 12.04 LTS / 12.10 : glance vulnerability (USN-1710-1)

Dan Prince discovered an issue in Glance error reporting. An authenticated attacker could exploit this to expose the Glance operator's Swift credentials for a misconfigured or otherwise unusable Swift endpoint. Note that Tenable Network Security has extracted the preceding description block...

Ubuntu 12.04 LTS / 12.10 : glance vulnerability (USN-1626-1)

Gabe Westmaas discovered that Glance did not always properly enforce access controls when deleting images. An authenticated user could delete arbitrary images by using the v1 API under certain circumstances. Note that Tenable Network Security has extracted the preceding description block directly...