You are here
Home > Preporuke > Sigurnosni propust programskog paketa cinder

Sigurnosni propust programskog paketa cinder

==========================================================================
Ubuntu Security Notice USN-2703-1
August 06, 2015

cinder vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

– Ubuntu 15.04

Summary:

Cinder could be made to access unintended files over the network by an
authenticated user.

Software Description:
– cinder: OpenStack storage service

Details:

Bastian Blank discovered that Cinder guessed image formats based on
untrusted data. An attacker could use this to read arbitrary files from
the Cinder host.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 15.04:
python-cinder 1:2015.1.0-0ubuntu1.1

After a standard system update you need to restart cinder to make all the
necessary changes.

References:
http://www.ubuntu.com/usn/usn-2703-1
CVE-2015-1851

Package Information:
https://launchpad.net/ubuntu/+source/cinder/1:2015.1.0-0ubuntu1.1

—–BEGIN PGP SIGNATURE—–
Version: GnuPG v1

iQEcBAEBAgAGBQJVwsuCAAoJEPMhclmdjS6X3iwH/0hXbu8wmTjigRvKWSuDE3an
9/d18nTHE/p8MEyj9VJ4ySuaKC3ZSSG4cOjPgITdkGeIPD+Et2ga9ST7p0n/1pFj
i0AXmdn2ZVUO7eypHLYlNUMz9vliI3xMxdX9Z1F0TCd0vM/jwJmv7SssomM+9Apr
bbFUMlmc/GbP0NdVZcTyCBBL1SOJi8SnSs3l1KhWMcjRPq2utNgVHntuF7ETI03U
6dpo2ZDIwyM+DTsZfMiJJ5Bb9jNNAIqSf3Pvb23YDpn0D8lSNhDultOQGlqu3aHe
YrMBRW0/755iPltRFgU3+t06rDjnVOQNZMGg/pOmj25e0zpyBy8cNtIaiVH7+Ps=
=KIic
—–END PGP SIGNATURE—–

Top
More in Preporuke
Višestruke ranjivosti programskog paketa oxide-qt

Otkrivene su višestruke ranjivosti u u programskoj biblioteci mehanizma web preglednika, oxide-qt, za Ubuntu 14.04 LTS i 15.04. Ranjivosti zahvaćaju...

Close