Zum Inhalt springen.
Sympa Menü

it-securitynotifies - [IT-SecNots] [SECURITY] [DSA 5755-1] glance security update

it-securitynotifies AT lists.piratenpartei.de

Betreff: Sicherheitsankündigungen

Listenarchiv

[IT-SecNots] [SECURITY] [DSA 5755-1] glance security update


Chronologisch Thread  
    < Chronologisch >       < Thread >
  • From: Moritz Muehlenhoff <jmm AT debian.org>
  • To: debian-security-announce AT lists.debian.org
  • Subject: [IT-SecNots] [SECURITY] [DSA 5755-1] glance security update
  • Date: Wed, 21 Aug 2024 11:08:20 +0000
  • List-archive: https://lists.debian.org/msgid-search/ZsXKpGUXngDVHU2Q AT seger.debian.org
  • List-id: <debian-security-announce.lists.debian.org>
  • List-url: <http://lists.debian.org/debian-security-announce/>
  • Old-dkim-signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=debian.org; s=smtpauto.seger; h=Content-Type:MIME-Version:Message-ID:Subject:To:From:Date :Reply-To:Cc:Content-Transfer-Encoding:Content-ID:Content-Description: In-Reply-To:References; bh=rrjQA+iAWIL1hpzx4X0zDPJJNcMvG/i/dONAj1fAtVI=; b=lS BYl1/MIo7HL7Dy8SU6C4bB7PXbYeb9eys1ulwjFU6apF0rvKcV4e+VGQnZAhkVDefFTKVFEizpLGd erTmhX59p2srr5eZMBsEdTmraW8w/y98emxme3DWyfl0AQ+kWQrqULTrHt/kssz+bC0dR2PHdQMC/ Es4XwGxhfrWTeyDUBshwGcu2WUKpD896WQRwRGNl6bXw7rtgHkSqwDcT4lZWJMwt30gysMGfigcLE 0dQe+HOlAz7kW9fFAchkVFyKJCQF0bFd6ST5G46Al/5VPwU6yR9Ml/yMOE32dMxuVAfpnA8ljok6r 1QVsH4E+Qkrh+fLzlhWdA9u5c9C/H6FQ==;
  • Old-return-path: <jmm AT seger.debian.org>
  • Priority: urgent
  • Resent-date: Wed, 21 Aug 2024 11:09:06 +0000 (UTC)
  • Resent-from: debian-security-announce AT lists.debian.org
  • Resent-message-id: <rNJ_Ciwf2PC.A.mZjN.RrcxmB@bendel>
  • Resent-sender: debian-security-announce-request AT lists.debian.org
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-5755-1 security AT debian.org
https://www.debian.org/security/ Moritz Muehlenhoff
August 21, 2024 https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package : glance
CVE ID : CVE-2024-32498

Martin Kaesberger discovered a vulnerability which affects multiple
OpenStack components (Nova, Glance and Cinder): Malformed QCOW2 disk
images may result in the disclosure of arbitrary files.

For the stable distribution (bookworm), this problem has been fixed in
version 2:25.1.0-2+deb12u1.

We recommend that you upgrade your glance packages.

For the detailed security status of glance please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/glance

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce AT lists.debian.org
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmbFyK8ACgkQEMKTtsN8
Tjbtpg/+KwvaFrxrDWSY/I7oLjnaTvwZogk4GSJHtmtsyG5e6vcWMYoj88gDZfv7
1uzhyl8kGqyDfraD3AlyfqPbERNz1JwnS3EEHJd613Zw+4cwPbottJtvYHGhaJNd
pkv1YZ6M4iJKzD33x8vTWftLXKOqMApj8se7Ip6Gr0ElroN7PXQr2T5dqZMTV4K6
IdgSCZ588CmmzGzANjMUbBtcQlqAuL2ZWhkDIUY5qapuyU2M/MrzoCYV9mAN4cme
79bDhkrDC5/zRV+MjdrTwiuKhR96o5jjLbYQi3jlHWG1HmLdnu3M+dcqAPbQitlw
XF2DMyBDqgk6B1h+w0oV2qDApCtGxG3Vjh4AvBTQXPLJOq6NSXccwKGIGntWnlZa
UPu6zwAlsBjxectHvu4t9Zy21TcXjEA/FHNZaZpSzd7b7ORXcT5+E1h+qgbmKT2R
sJTKwuqe0ag8FQGC1ZhEOoaczBCzMxjUoNympLmNc5pDOLA+Ih9ZUSB2k7I+S5aM
QekyIZplbIYXERJWbbjcyFra62V5LZetEUN3D6DDiUfqR5JdpqysF2n0bp9qnKmY
zU8KKgaTpCZS6B2vmuespx8a23YNKk2X/UQ6xkqB6BVKFMmn1RJYgQZHZbsg2JqA
uhgMliFibXBtSKm7UQOvbZVKn4fAZZL72grJtUNYdhRjuASBy+M=
=26RN
-----END PGP SIGNATURE-----


  • [IT-SecNots] [SECURITY] [DSA 5755-1] glance security update, Moritz Muehlenhoff, 21.08.2024

Archiv bereitgestellt durch MHonArc 2.6.19+.

Seitenanfang