Grizzly Security Advisories
Fixed in 2013.1.4
See ReleaseNotes/2013.1.4
| Product
|
Date
|
Openstack Security Advisory
|
CVE Number
|
Title
|
Impact
|
| Keystone
|
September 11, 2013
|
2013-025
|
2013-4294
|
PKI tokens are never revoked using memcache token backend
|
|
| Nova
|
September 12, 2013
|
2013-026
|
2013-4261
|
Some sequence of characters in console-log can DoS nova-compute
|
|
| Nova
|
August 28, 2013
|
2013-024
|
2013-4278
|
Resource limit circumvention in Nova private flavors
|
|
| Glance
|
October 04, 2013
|
OSSA Pending
|
2013-4428
|
'image_download' role in v2 causes traceback
|
|
Fixed in 2013.1.2
See ReleaseNotes/2013.1.2
| Product
|
Date
|
Openstack Security Advisory
|
CVE Number
|
Title
|
Impact
|
| Nova
|
May 16, 2013
|
2013-012
|
CVE 2013-2096
|
Nova fails to verify image virtual size
|
|
Fixed in 2013.1.1
See ReleaseNotes/2013.1.1
| Product
|
Date
|
Openstack Security Advisory
|
CVE Number
|
Title
|
Impact
|
| Keystone
|
May 9, 2013
|
2013-011
|
2013-2059
|
Keystone tokens not immediately invalidated when user is deleted
|
|
| Nova
|
May 9, 2013
|
2013-010
|
2013-2030
|
Nova uses insecure keystone middleware tmpdir by default
|
|
