You are here
Home > Preporuke > Sigurnosni nedostatak programskog paketa nova

Sigurnosni nedostatak programskog paketa nova

by - 0
  • Detalji os-a: WN7
  • Važnost: IMP
  • Operativni sustavi: L
  • Kategorije: LUB

==========================================================================
Ubuntu Security Notice USN-4104-1
August 19, 2019

nova vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

– Ubuntu 19.04
– Ubuntu 18.04 LTS
– Ubuntu 16.04 LTS

Summary:

Nova could be made to expose sensitive information.

Software Description:
– nova: OpenStack Compute cloud infrastructure

Details:

Donny Davis discovered that the Nova Compute service could return
configuration or other information in response to a failed API
request in some situations. A remote attacker could use this to expose
sensitive information.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 19.04:
nova-compute 2:19.0.1-0ubuntu2.1
python3-nova 2:19.0.1-0ubuntu2.1

Ubuntu 18.04 LTS:
nova-compute 2:17.0.10-0ubuntu2.1
python-nova 2:17.0.10-0ubuntu2.1

Ubuntu 16.04 LTS:
nova-compute 2:13.1.4-0ubuntu4.5
python-nova 2:13.1.4-0ubuntu4.5

In general, a standard system update will make all the necessary changes.

References:
https://usn.ubuntu.com/4104-1
CVE-2019-14433

Package Information:
https://launchpad.net/ubuntu/+source/nova/2:19.0.1-0ubuntu2.1
https://launchpad.net/ubuntu/+source/nova/2:17.0.10-0ubuntu2.1
https://launchpad.net/ubuntu/+source/nova/2:13.1.4-0ubuntu4.5

—–BEGIN PGP SIGNATURE—–

iQIzBAABCgAdFiEEpgY7tWAjCaQ8jrvULwmejQBegfQFAl1bLr4ACgkQLwmejQBe
gfR6sw//Tt92Zgp2Am9xAK2miu0fdD9+n+3SH0w0a41kcmEGyy8IzAAVi7L9JCXl
kqQkP98QTwgMdIpYAyAt3agCm3Rzeagp+HfI7EQ4R1GhT4BNlWBEXpzDyBU3VNT0
5HIkll3BDGrkgDXGnD3os/sE/tgrYEx+lUcZjGMTsqYx9pbMlQVCxmMaA4BIpCaR
o/7p5FTRlUtyQClygOZL7XXHaJjxWA+q89My9t1/bC2CUVckOSwBs3cEXasMM6PL
FzEKsVF3jsBooqDw0l0onehm3rXI6VljQqzMHhNfsqH6OebON1ei+6UYDgABALgM
oPQhIt7vJn+qXKc4PYQ/xNAIbisWjnFPBR0SkBi93k3bEQRgRRs6QgAo0/M89weV
/iIB9T8NzH6JatYsEljFe5QUNnqiAC0ZVF1nspsw/bpXpdjeNCXbRaKiK7UALcFE
Lw7goUpWSD0klsGRjgpX9+K7Y8nhm7M9WjHZQNxfcXoJ8KdjVfZH1gKgT/VgJ+ZX
C9g3u9xM6iQlo+wwT0M2WzSMsqyc3lmA9pNnzt954uSZRr3pNB3UO73ygNnYWdxp
X7YmfumW45r6lpHHqq1gmCOKX0cBPsTOEW6IzEhvzHqjhMQT+TOcRS7g+PZfrswH
W9Z1epwK0WGm3oF1adEJA77a2jM+gyDStWizWhU0IV/DODSo7WE=
=C4gJ
—–END PGP SIGNATURE—–

AutorToni Vugdelija
Cert idNCERT-REF-2019-08-0001-ADV
CveCERT-CVE-DUMMY
ID izvornikaCERT-ORIGID-DUMMY
ProizvodCERT-DUMMY-PRODUCT
IzvorAdobe
Top
More in Preporuke
Sigurnosni nedostaci programskog paketa cups

Otkriveni su sigurnosni nedostaci u programskom paketu cups za operacijski sustav Ubuntu. Otkriveni nedostaci potencijalnim napadačima omogućuju izvršavanje proizvoljnog programskog...

Close