|
|
Line 1: |
Line 1: |
− | __NOTOC__
| + | |
| = Folsom Security Advisories = | | = Folsom Security Advisories = |
| | | |
Revision as of 23:30, 17 February 2013
Folsom Security Advisories
Product
|
Date
|
Openstack Security Advisory
|
CVE Number
|
Title
|
Impact
|
Fixed in 2012.2.3
See ReleaseNotes/2012.2.3
Product
|
Date
|
Openstack Security Advisory
|
CVE Number
|
Title
|
Impact
|
Nova
|
January 29, 2013
|
2013-001
|
2013-0208
|
Boot from volume allows access to random volumes
|
|
Glance
|
January 29, 2013
|
2013-002
|
2013-0212
|
Backend password leak in Glance error message
|
|
Fixed in 2012.2.2
See ReleaseNotes/2012.2.2
Product
|
Date
|
Openstack Security Advisory
|
CVE Number
|
Title
|
Impact
|
Nova
|
December 11, 2012
|
2012-020
|
2012-5625
|
create_lvm_image allocates dirty blocks
|
|
Fixed in 2012.2.1
See ReleaseNotes/2012.2.1
Product
|
Date
|
Openstack Security Advisory
|
CVE Number
|
Title
|
Impact
|
Keystone
|
November 28, 2012
|
2012-019
|
2012-5563
|
Extension of token validity through token chaining
|
|
Keystone
|
November 28, 2012
|
2012-018
|
2012-5571
|
EC2-style credentials invalidation issue
|
|
Glance
|
November 7, 2012
|
2012-017
|
2012-4573
|
Authentication bypass for image deletion
|
High
|
November 9, 2012
|
2012-017.1
|
2012-5482
|
Fixed in 2012.2
See ReleaseNotes/Folsom
Product
|
Date
|
Openstack Security Advisory
|
CVE Number
|
Title
|
Impact
|
Keystone
|
September 28, 2012
|
2012-05
|
2012-4456
|
Some actions in Keystone admin API do not validate token
|
High
|
2012-4456
|