Zum Inhalt springen.
Sympa Menü

it-securitynotifies - [IT-SecNots] [SECURITY] [DSA 5754-1] cinder security update

it-securitynotifies AT lists.piratenpartei.de

Betreff: Sicherheitsankündigungen

Listenarchiv

[IT-SecNots] [SECURITY] [DSA 5754-1] cinder security update


Chronologisch Thread  
    < Chronologisch >       < Thread >
  • From: Moritz Muehlenhoff <jmm AT debian.org>
  • To: debian-security-announce AT lists.debian.org
  • Subject: [IT-SecNots] [SECURITY] [DSA 5754-1] cinder security update
  • Date: Wed, 21 Aug 2024 11:04:51 +0000
  • List-archive: https://lists.debian.org/msgid-search/ZsXJ0657Juz0RKhd AT seger.debian.org
  • List-id: <debian-security-announce.lists.debian.org>
  • List-url: <http://lists.debian.org/debian-security-announce/>
  • Old-dkim-signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=debian.org; s=smtpauto.seger; h=Content-Type:MIME-Version:Message-ID:Subject:To:From:Date :Reply-To:Cc:Content-Transfer-Encoding:Content-ID:Content-Description: In-Reply-To:References; bh=HhKWljIF1G1GUB/4i+43PPUvwUJWzsbo2fxur2aPZ4o=; b=P8 qqQcJjzANR+wFO/+UZVsVn6fmAfgeOW6sLkwLmxrUOyKTPyvcWpPpGHr1Tf6sCBurOYrExSoyVHUq ZFi8qml6fo9GfVW7JjmsZRQYJen7c0GSXF8dlNEi657KIaXWPWn8V28eahJwAktuFSpC81d6SnkD6 cILg/0goyu9nRDZlwioB0b/uasyVO7Jubs85YCAi2pO0aEqKcozL5S2dwPnGLJJ1Dtdx2B3UvMXnl cMs5P1mk621q9y0209Gevzkhr/5qMXDOD0nUnQywoE9NO9k1vy7vW7TfF2OsnV8wIHTitQNBEZVSu TdHFwBcdjupcc7A4eDiKNsJs9ij7/k7Q==;
  • Old-return-path: <jmm AT seger.debian.org>
  • Priority: urgent
  • Resent-date: Wed, 21 Aug 2024 11:05:10 +0000 (UTC)
  • Resent-from: debian-security-announce AT lists.debian.org
  • Resent-message-id: <6s0XPHPL2aD.A.5wiN.mncxmB@bendel>
  • Resent-sender: debian-security-announce-request AT lists.debian.org
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-5754-1 security AT debian.org
https://www.debian.org/security/ Moritz Muehlenhoff
August 21, 2024 https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package : cinder
CVE ID : CVE-2024-32498

Martin Kaesberger discovered a vulnerability which affects multiple
OpenStack components (Nova, Glance and Cinder): Malformed QCOW2 disk
images may result in the disclosure of arbitrary files.

For the stable distribution (bookworm), this problem has been fixed in
version 2:21.3.1-1~deb12u1.

We recommend that you upgrade your cinder packages.

For the detailed security status of cinder please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/cinder

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce AT lists.debian.org
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmbFyK0ACgkQEMKTtsN8
TjbX4Q//UEnptocLmd2xjQFiWwKRjzs/63sPfG9jhSMZtEMrhUpXMbBOvAWgYu9b
/Cpu6UQufNuJ5u9zPTyb8GQXP5Uy8EHTGSjpVtv2MivuUQ/Hb5JmvWBwJ6Yb2hx7
wWB1eb2y9VBGCtHE481dQpgcZoRVxdSi/QsKvaKIOh9bpaEL7kVpRE5BbewKwO/Y
X1xQ1HgkjF/IOdegcXnLJW3co2930vHUyYRyOE2/HeYFeHbKZLKZQOcruLZy8tXq
TrZZb6qP5BFWeQH0pTqyQGUJJ2Qe1LbB8DW9DNRPTsCYocr//gRi40bhgBRv7FQf
cWh0AGj6Ka0ItiVB7pBrV6BTtC+uAEqHjzt+ATmb4HlEWnyydwjuMmsso7Qo+yuw
2SEiOlqEqO7EkOxrXdTFeaU1mHqoli4JX5+jrIYth9m7LHwi+VoAfKIBIlH8GFs1
bPompF1hzdL9Quntvjg2LAI269PbG4taKUi7bH0TTVnDswhkyag0CJPW8T4Rxr3m
cLLl1zL4xX+mbFjnp/I2mqGNEcq6z1d/Xn+y9m24k1ZNwVzjeUvbcKdDGZTDEngC
dnToAYO9seTXoZ3SUvbys3aLsPhPE69UfWDaOJ1ngbsW9JepALIebRbJ39feAdDY
a+JUwdiG44byISprQFwTYWVGi1AlD3kvAT3gnFzm+TMrhxC2KxA=
=kX3T
-----END PGP SIGNATURE-----


  • [IT-SecNots] [SECURITY] [DSA 5754-1] cinder security update, Moritz Muehlenhoff, 21.08.2024

Archiv bereitgestellt durch MHonArc 2.6.19+.

Seitenanfang