Download
| Alert*
oval:org.secpod.oval:def:603203
George Shuklin from servers.com discovered that Nova, a cloud computing fabric controller, did not correctly enforce its image- or hosts-filters. This allowed an authenticated user to bypass those filters by simply rebuilding an instance. oval:org.secpod.oval:def:701154 nova: OpenStack Compute cloud infrastructure Nova volume could be made to expose volumes from other users. oval:org.secpod.oval:def:701755 nova-volume is installed oval:org.secpod.oval:def:610368 Guillaume Espanel, Pierre Libeau, Arnaud Morin and Damien Rannou discovered that missing input sanitising in the handling of VMDK images in OpenStack Compute may result in information disclosure. oval:org.secpod.oval:def:89442 nova: OpenStack Compute cloud infrastructure Nova could be made to expose sensitive information. oval:org.secpod.oval:def:89338 Guillaume Espanel, Pierre Libeau, Arnaud Morin and Damien Rannou discovered that missing input sanitising in the handling of VMDK images in OpenStack Compute may result in information disclosure. oval:org.secpod.oval:def:89384 nova: OpenStack Compute cloud infrastructure Several security issues were fixed in Nova. oval:org.secpod.oval:def:89399 nova: OpenStack Compute cloud infrastructure Several security issues were fixed in Nova. oval:org.secpod.oval:def:708144 nova: OpenStack Compute cloud infrastructure Details: USN-6073-3 fixed a vulnerability in Nova. The update introduced a regression causing Nova to be unable to detach volumes from instances. This update fixes the problem. We apologize for the inconvenience. Original advisory USN-6073-3 introduced a ... oval:org.secpod.oval:def:708316 cinder: OpenStack storage service - ironic: Openstack bare metal provisioning service - nova: OpenStack Compute cloud infrastructure - python-glance-store: OpenStack Image Service store library - python-os-brick: Library for managing local volume attaches OpenStack could be made to expose sensitive ... oval:org.secpod.oval:def:708140 nova: OpenStack Compute cloud infrastructure Nova could be made to expose sensitive information. oval:org.secpod.oval:def:94980 nova: OpenStack Compute cloud infrastructure Details: USN-6073-3 fixed a vulnerability in Nova. The update introduced a regression causing Nova to be unable to detach volumes from instances. This update fixes the problem. We apologize for the inconvenience. Original advisory USN-6073-3 introduced a ... |