Folsom Security Advisories
Product
|
Date
|
Openstack Security Advisory
|
CVE Number
|
Title
|
Impact
|
Fixed in 2012.2.2
See ReleaseNotes/2012.2.2
Product
|
Date
|
Openstack Security Advisory
|
CVE Number
|
Title
|
Impact
|
Nova
|
December 11, 2012
|
2012-020
|
2012-5625
|
create_lvm_image allocates dirty blocks
|
|
Fixed in 2012.2.1
See ReleaseNotes/2012.2.1
Product
|
Date
|
Openstack Security Advisory
|
CVE Number
|
Title
|
Impact
|
Keystone
|
November 28, 2012
|
2012-019
|
2012-5563
|
Extension of token validity through token chaining
|
|
Keystone
|
November 28, 2012
|
2012-018
|
2012-5571
|
EC2-style credentials invalidation issue
|
|
Glance
|
November 7, 2012
|
2012-017
|
2012-4573
|
Authentication bypass for image deletion
|
High
|
November 9, 2012
|
2012-017.1
|
2012-5482
|
Fixed in 2012.2
See ReleaseNotes/Folsom
Product
|
Date
|
Openstack Security Advisory
|
CVE Number
|
Title
|
Impact
|
Keystone
|
September 28, 2012
|
2012-05
|
2012-4456
|
Some actions in Keystone admin API do not validate token
|
High
|
2012-4456
|