Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2018-1000115 (GCVE-0-2018-1000115)
Vulnerability from cvelistv5 – Published: 2018-03-05 14:00 – Updated: 2024-08-05 12:33
VLAI?
EPSS
Summary
Memcached version 1.5.5 contains an Insufficient Control of Network Message Volume (Network Amplification, CWE-406) vulnerability in the UDP support of the memcached server that can result in denial of service via network flood (traffic amplification of 1:50,000 has been reported by reliable sources). This attack appear to be exploitable via network connectivity to port 11211 UDP. This vulnerability appears to have been fixed in 1.5.6 due to the disabling of the UDP protocol by default.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T12:33:49.333Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHBA-2018:2140",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHBA-2018:2140"
},
{
"name": "RHSA-2018:1593",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1593"
},
{
"name": "USN-3588-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3588-1/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/memcached/memcached/wiki/ReleaseNotes156"
},
{
"name": "44264",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/44264/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://twitter.com/dormando/status/968579781729009664"
},
{
"name": "44265",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/44265/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/memcached/memcached/commit/dbb7a8af90054bf4ef51f5814ef7ceb17d83d974"
},
{
"name": "RHSA-2018:2857",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2857"
},
{
"name": "RHSA-2018:1627",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1627"
},
{
"name": "RHSA-2018:2331",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2331"
},
{
"name": "DSA-4218",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2018/dsa-4218"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://blogs.akamai.com/2018/03/memcached-fueled-13-tbps-attacks.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/memcached/memcached/issues/348"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.synology.com/support/security/Synology_SA_18_07"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"dateAssigned": "2018-03-02T00:00:00",
"datePublic": "2018-03-02T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Memcached version 1.5.5 contains an Insufficient Control of Network Message Volume (Network Amplification, CWE-406) vulnerability in the UDP support of the memcached server that can result in denial of service via network flood (traffic amplification of 1:50,000 has been reported by reliable sources). This attack appear to be exploitable via network connectivity to port 11211 UDP. This vulnerability appears to have been fixed in 1.5.6 due to the disabling of the UDP protocol by default."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-03T09:57:02",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "RHBA-2018:2140",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHBA-2018:2140"
},
{
"name": "RHSA-2018:1593",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1593"
},
{
"name": "USN-3588-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3588-1/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/memcached/memcached/wiki/ReleaseNotes156"
},
{
"name": "44264",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/44264/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://twitter.com/dormando/status/968579781729009664"
},
{
"name": "44265",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/44265/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/memcached/memcached/commit/dbb7a8af90054bf4ef51f5814ef7ceb17d83d974"
},
{
"name": "RHSA-2018:2857",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2857"
},
{
"name": "RHSA-2018:1627",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1627"
},
{
"name": "RHSA-2018:2331",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2331"
},
{
"name": "DSA-4218",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2018/dsa-4218"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://blogs.akamai.com/2018/03/memcached-fueled-13-tbps-attacks.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/memcached/memcached/issues/348"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.synology.com/support/security/Synology_SA_18_07"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"DATE_ASSIGNED": "3/2/2018 21:30:48",
"ID": "CVE-2018-1000115",
"REQUESTER": "kurt@seifried.org",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Memcached version 1.5.5 contains an Insufficient Control of Network Message Volume (Network Amplification, CWE-406) vulnerability in the UDP support of the memcached server that can result in denial of service via network flood (traffic amplification of 1:50,000 has been reported by reliable sources). This attack appear to be exploitable via network connectivity to port 11211 UDP. This vulnerability appears to have been fixed in 1.5.6 due to the disabling of the UDP protocol by default."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHBA-2018:2140",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHBA-2018:2140"
},
{
"name": "RHSA-2018:1593",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1593"
},
{
"name": "USN-3588-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3588-1/"
},
{
"name": "https://github.com/memcached/memcached/wiki/ReleaseNotes156",
"refsource": "MISC",
"url": "https://github.com/memcached/memcached/wiki/ReleaseNotes156"
},
{
"name": "44264",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/44264/"
},
{
"name": "https://twitter.com/dormando/status/968579781729009664",
"refsource": "MISC",
"url": "https://twitter.com/dormando/status/968579781729009664"
},
{
"name": "44265",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/44265/"
},
{
"name": "https://github.com/memcached/memcached/commit/dbb7a8af90054bf4ef51f5814ef7ceb17d83d974",
"refsource": "MISC",
"url": "https://github.com/memcached/memcached/commit/dbb7a8af90054bf4ef51f5814ef7ceb17d83d974"
},
{
"name": "RHSA-2018:2857",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:2857"
},
{
"name": "RHSA-2018:1627",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1627"
},
{
"name": "RHSA-2018:2331",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:2331"
},
{
"name": "DSA-4218",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2018/dsa-4218"
},
{
"name": "https://blogs.akamai.com/2018/03/memcached-fueled-13-tbps-attacks.html",
"refsource": "MISC",
"url": "https://blogs.akamai.com/2018/03/memcached-fueled-13-tbps-attacks.html"
},
{
"name": "https://github.com/memcached/memcached/issues/348",
"refsource": "MISC",
"url": "https://github.com/memcached/memcached/issues/348"
},
{
"name": "https://www.synology.com/support/security/Synology_SA_18_07",
"refsource": "CONFIRM",
"url": "https://www.synology.com/support/security/Synology_SA_18_07"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-1000115",
"datePublished": "2018-03-05T14:00:00",
"dateReserved": "2018-03-05T00:00:00",
"dateUpdated": "2024-08-05T12:33:49.333Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"fkie_nvd": {
"configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:memcached:memcached:1.5.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"81CD27E0-30C4-484D-A846-6121C88C49EA\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*\", \"matchCriteriaId\": \"B5A6F2F3-4894-4392-8296-3B8DD2679084\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*\", \"matchCriteriaId\": \"F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9070C9D8-A14A-467F-8253-33B966C16886\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DEECE5FC-CACF-4496-A3E7-164736409252\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:redhat:openstack:8:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E8B8C725-34CF-4340-BE7B-37E58CF706D6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:redhat:openstack:9:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F40C26BE-56CB-4022-A1D8-3CA0A8F87F4B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:redhat:openstack:10:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E722FEF7-58A6-47AD-B1D0-DB0B71B0C7AA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:redhat:openstack:11:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4E9AF77C-5D49-4842-9817-AD710A919073\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:redhat:openstack:12:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4D4AC996-B340-4A14-86F7-FF83B4D5EC8F\"}]}]}]",
"descriptions": "[{\"lang\": \"en\", \"value\": \"Memcached version 1.5.5 contains an Insufficient Control of Network Message Volume (Network Amplification, CWE-406) vulnerability in the UDP support of the memcached server that can result in denial of service via network flood (traffic amplification of 1:50,000 has been reported by reliable sources). This attack appear to be exploitable via network connectivity to port 11211 UDP. This vulnerability appears to have been fixed in 1.5.6 due to the disabling of the UDP protocol by default.\"}, {\"lang\": \"es\", \"value\": \"Memcached 1.5.5 contiene una vulnerabilidad de control insuficiente de volumen de mensaje de red (amplificaci\\u00f3n de red, CWE-406) en el soporte UDP del servidor memcached que puede resultar en una denegaci\\u00f3n de servicio (DoS) mediante una inundaci\\u00f3n de red (fuentes fiables reportan una amplificaci\\u00f3n de tr\\u00e1fico de 1:50.000). Este ataque parece ser explotable mediante conectividad de red en el puerto UDP 11211. Parece ser que esta vulnerabilidad se ha solucionado en la versi\\u00f3n 1.5.6 debido a que se deshabilita por defecto el protocolo UDP.\"}]",
"id": "CVE-2018-1000115",
"lastModified": "2024-11-21T03:39:40.657",
"metrics": "{\"cvssMetricV30\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.0\", \"vectorString\": \"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\", \"baseScore\": 7.5, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 3.6}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:N/I:N/A:P\", \"baseScore\": 5.0, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 10.0, \"impactScore\": 2.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
"published": "2018-03-05T14:29:00.203",
"references": "[{\"url\": \"https://access.redhat.com/errata/RHBA-2018:2140\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2018:1593\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2018:1627\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2018:2331\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2018:2857\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://blogs.akamai.com/2018/03/memcached-fueled-13-tbps-attacks.html\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://github.com/memcached/memcached/commit/dbb7a8af90054bf4ef51f5814ef7ceb17d83d974\", \"source\": \"cve@mitre.org\", \"tags\": [\"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://github.com/memcached/memcached/issues/348\", \"source\": \"cve@mitre.org\", \"tags\": [\"Issue Tracking\", \"Third Party Advisory\"]}, {\"url\": \"https://github.com/memcached/memcached/wiki/ReleaseNotes156\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://twitter.com/dormando/status/968579781729009664\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://usn.ubuntu.com/3588-1/\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://www.debian.org/security/2018/dsa-4218\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://www.exploit-db.com/exploits/44264/\", \"source\": \"cve@mitre.org\", \"tags\": [\"Exploit\", \"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://www.exploit-db.com/exploits/44265/\", \"source\": \"cve@mitre.org\", \"tags\": [\"Exploit\", \"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://www.synology.com/support/security/Synology_SA_18_07\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHBA-2018:2140\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2018:1593\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2018:1627\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2018:2331\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2018:2857\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://blogs.akamai.com/2018/03/memcached-fueled-13-tbps-attacks.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://github.com/memcached/memcached/commit/dbb7a8af90054bf4ef51f5814ef7ceb17d83d974\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://github.com/memcached/memcached/issues/348\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Issue Tracking\", \"Third Party Advisory\"]}, {\"url\": \"https://github.com/memcached/memcached/wiki/ReleaseNotes156\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://twitter.com/dormando/status/968579781729009664\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://usn.ubuntu.com/3588-1/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://www.debian.org/security/2018/dsa-4218\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://www.exploit-db.com/exploits/44264/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\", \"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://www.exploit-db.com/exploits/44265/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\", \"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://www.synology.com/support/security/Synology_SA_18_07\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}]",
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-400\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2018-1000115\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2018-03-05T14:29:00.203\",\"lastModified\":\"2024-11-21T03:39:40.657\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Memcached version 1.5.5 contains an Insufficient Control of Network Message Volume (Network Amplification, CWE-406) vulnerability in the UDP support of the memcached server that can result in denial of service via network flood (traffic amplification of 1:50,000 has been reported by reliable sources). This attack appear to be exploitable via network connectivity to port 11211 UDP. This vulnerability appears to have been fixed in 1.5.6 due to the disabling of the UDP protocol by default.\"},{\"lang\":\"es\",\"value\":\"Memcached 1.5.5 contiene una vulnerabilidad de control insuficiente de volumen de mensaje de red (amplificaci\u00f3n de red, CWE-406) en el soporte UDP del servidor memcached que puede resultar en una denegaci\u00f3n de servicio (DoS) mediante una inundaci\u00f3n de red (fuentes fiables reportan una amplificaci\u00f3n de tr\u00e1fico de 1:50.000). Este ataque parece ser explotable mediante conectividad de red en el puerto UDP 11211. Parece ser que esta vulnerabilidad se ha solucionado en la versi\u00f3n 1.5.6 debido a que se deshabilita por defecto el protocolo UDP.\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:N/I:N/A:P\",\"baseScore\":5.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-400\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:memcached:memcached:1.5.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"81CD27E0-30C4-484D-A846-6121C88C49EA\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*\",\"matchCriteriaId\":\"B5A6F2F3-4894-4392-8296-3B8DD2679084\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*\",\"matchCriteriaId\":\"F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9070C9D8-A14A-467F-8253-33B966C16886\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DEECE5FC-CACF-4496-A3E7-164736409252\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:openstack:8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E8B8C725-34CF-4340-BE7B-37E58CF706D6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:openstack:9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F40C26BE-56CB-4022-A1D8-3CA0A8F87F4B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:openstack:10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E722FEF7-58A6-47AD-B1D0-DB0B71B0C7AA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:openstack:11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4E9AF77C-5D49-4842-9817-AD710A919073\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:openstack:12:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4D4AC996-B340-4A14-86F7-FF83B4D5EC8F\"}]}]}],\"references\":[{\"url\":\"https://access.redhat.com/errata/RHBA-2018:2140\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:1593\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:1627\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:2331\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:2857\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://blogs.akamai.com/2018/03/memcached-fueled-13-tbps-attacks.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://github.com/memcached/memcached/commit/dbb7a8af90054bf4ef51f5814ef7ceb17d83d974\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/memcached/memcached/issues/348\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/memcached/memcached/wiki/ReleaseNotes156\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://twitter.com/dormando/status/968579781729009664\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://usn.ubuntu.com/3588-1/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.debian.org/security/2018/dsa-4218\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.exploit-db.com/exploits/44264/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://www.exploit-db.com/exploits/44265/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://www.synology.com/support/security/Synology_SA_18_07\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHBA-2018:2140\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:1593\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:1627\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:2331\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:2857\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://blogs.akamai.com/2018/03/memcached-fueled-13-tbps-attacks.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://github.com/memcached/memcached/commit/dbb7a8af90054bf4ef51f5814ef7ceb17d83d974\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/memcached/memcached/issues/348\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/memcached/memcached/wiki/ReleaseNotes156\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://twitter.com/dormando/status/968579781729009664\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://usn.ubuntu.com/3588-1/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.debian.org/security/2018/dsa-4218\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.exploit-db.com/exploits/44264/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://www.exploit-db.com/exploits/44265/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://www.synology.com/support/security/Synology_SA_18_07\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]}]}}"
}
}
RHSA-2018_2331
Vulnerability from csaf_redhat - Published: 2018-08-20 12:56 - Updated: 2024-11-14 23:44Summary
Red Hat Security Advisory: Red Hat OpenStack Platform 12.0 director security and bug fix update
Notes
Topic
An update for memcached is now available for Red Hat OpenStack Platform 12.0 (Pike).
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
memcached is a high-performance, distributed memory object caching system, generic in nature, but intended for use in speeding up dynamic web applications by alleviating database load.
Security fix(es):
* memcached: UDP server support allows spoofed traffic amplification DoS (CVE-2018-1000115)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
For more information about the bug fixes and enhancements included with
this update, see the "Technical Notes" section of the Release Notes
linked in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for memcached is now available for Red Hat OpenStack Platform 12.0 (Pike).\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "memcached is a high-performance, distributed memory object caching system, generic in nature, but intended for use in speeding up dynamic web applications by alleviating database load.\n\nSecurity fix(es):\n\n* memcached: UDP server support allows spoofed traffic amplification DoS (CVE-2018-1000115)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.\n\nFor more information about the bug fixes and enhancements included with\nthis update, see the \"Technical Notes\" section of the Release Notes \nlinked in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2018:2331",
"url": "https://access.redhat.com/errata/RHSA-2018:2331"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_openstack_platform/12/html/release_notes/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_openstack_platform/12/html/release_notes/"
},
{
"category": "external",
"summary": "1470033",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1470033"
},
{
"category": "external",
"summary": "1477663",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1477663"
},
{
"category": "external",
"summary": "1488058",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1488058"
},
{
"category": "external",
"summary": "1502860",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1502860"
},
{
"category": "external",
"summary": "1504052",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1504052"
},
{
"category": "external",
"summary": "1506038",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1506038"
},
{
"category": "external",
"summary": "1508867",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1508867"
},
{
"category": "external",
"summary": "1511988",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1511988"
},
{
"category": "external",
"summary": "1513497",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1513497"
},
{
"category": "external",
"summary": "1513502",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1513502"
},
{
"category": "external",
"summary": "1518605",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1518605"
},
{
"category": "external",
"summary": "1518662",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1518662"
},
{
"category": "external",
"summary": "1520453",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1520453"
},
{
"category": "external",
"summary": "1527205",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1527205"
},
{
"category": "external",
"summary": "1528632",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1528632"
},
{
"category": "external",
"summary": "1533204",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1533204"
},
{
"category": "external",
"summary": "1533271",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1533271"
},
{
"category": "external",
"summary": "1533511",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1533511"
},
{
"category": "external",
"summary": "1534442",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534442"
},
{
"category": "external",
"summary": "1537606",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1537606"
},
{
"category": "external",
"summary": "1539961",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1539961"
},
{
"category": "external",
"summary": "1547146",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1547146"
},
{
"category": "external",
"summary": "1547539",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1547539"
},
{
"category": "external",
"summary": "1549139",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1549139"
},
{
"category": "external",
"summary": "1550934",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1550934"
},
{
"category": "external",
"summary": "1551182",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1551182"
},
{
"category": "external",
"summary": "1552759",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1552759"
},
{
"category": "external",
"summary": "1556720",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1556720"
},
{
"category": "external",
"summary": "1557328",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1557328"
},
{
"category": "external",
"summary": "1558679",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1558679"
},
{
"category": "external",
"summary": "1559151",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1559151"
},
{
"category": "external",
"summary": "1559920",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1559920"
},
{
"category": "external",
"summary": "1560937",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1560937"
},
{
"category": "external",
"summary": "1562148",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1562148"
},
{
"category": "external",
"summary": "1570147",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1570147"
},
{
"category": "external",
"summary": "1571435",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1571435"
},
{
"category": "external",
"summary": "1571646",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1571646"
},
{
"category": "external",
"summary": "1571744",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1571744"
},
{
"category": "external",
"summary": "1572353",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1572353"
},
{
"category": "external",
"summary": "1572667",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1572667"
},
{
"category": "external",
"summary": "1573583",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1573583"
},
{
"category": "external",
"summary": "1573791",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1573791"
},
{
"category": "external",
"summary": "1573808",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1573808"
},
{
"category": "external",
"summary": "1576751",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576751"
},
{
"category": "external",
"summary": "1579023",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1579023"
},
{
"category": "external",
"summary": "1582597",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1582597"
},
{
"category": "external",
"summary": "1582645",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1582645"
},
{
"category": "external",
"summary": "1583792",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1583792"
},
{
"category": "external",
"summary": "1583858",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1583858"
},
{
"category": "external",
"summary": "1584279",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1584279"
},
{
"category": "external",
"summary": "1584374",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1584374"
},
{
"category": "external",
"summary": "1584396",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1584396"
},
{
"category": "external",
"summary": "1584403",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1584403"
},
{
"category": "external",
"summary": "1584404",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1584404"
},
{
"category": "external",
"summary": "1584411",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1584411"
},
{
"category": "external",
"summary": "1584416",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1584416"
},
{
"category": "external",
"summary": "1584417",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1584417"
},
{
"category": "external",
"summary": "1584754",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1584754"
},
{
"category": "external",
"summary": "1585189",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1585189"
},
{
"category": "external",
"summary": "1585362",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1585362"
},
{
"category": "external",
"summary": "1586155",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1586155"
},
{
"category": "external",
"summary": "1589951",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1589951"
},
{
"category": "external",
"summary": "1590030",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1590030"
},
{
"category": "external",
"summary": "1590031",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1590031"
},
{
"category": "external",
"summary": "1590033",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1590033"
},
{
"category": "external",
"summary": "1590368",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1590368"
},
{
"category": "external",
"summary": "1590586",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1590586"
},
{
"category": "external",
"summary": "1590607",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1590607"
},
{
"category": "external",
"summary": "1590612",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1590612"
},
{
"category": "external",
"summary": "1590613",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1590613"
},
{
"category": "external",
"summary": "1590953",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1590953"
},
{
"category": "external",
"summary": "1591782",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1591782"
},
{
"category": "external",
"summary": "1592418",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1592418"
},
{
"category": "external",
"summary": "1592963",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1592963"
},
{
"category": "external",
"summary": "1592967",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1592967"
},
{
"category": "external",
"summary": "1596760",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1596760"
},
{
"category": "external",
"summary": "1597313",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1597313"
},
{
"category": "external",
"summary": "1597972",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1597972"
},
{
"category": "external",
"summary": "1599410",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1599410"
},
{
"category": "external",
"summary": "1599883",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1599883"
},
{
"category": "external",
"summary": "1600038",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1600038"
},
{
"category": "external",
"summary": "1601348",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601348"
},
{
"category": "external",
"summary": "1607143",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1607143"
},
{
"category": "external",
"summary": "1608450",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1608450"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2018/rhsa-2018_2331.json"
}
],
"title": "Red Hat Security Advisory: Red Hat OpenStack Platform 12.0 director security and bug fix update",
"tracking": {
"current_release_date": "2024-11-14T23:44:22+00:00",
"generator": {
"date": "2024-11-14T23:44:22+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHSA-2018:2331",
"initial_release_date": "2018-08-20T12:56:25+00:00",
"revision_history": [
{
"date": "2018-08-20T12:56:25+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2018-08-20T12:56:25+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-14T23:44:22+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat OpenStack Platform 12.0",
"product": {
"name": "Red Hat OpenStack Platform 12.0",
"product_id": "7Server-RH7-RHOS-12.0",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openstack:12::el7"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenStack Platform"
},
{
"branches": [
{
"category": "product_version",
"name": "python-os-brick-0:1.15.5-2.el7ost.src",
"product": {
"name": "python-os-brick-0:1.15.5-2.el7ost.src",
"product_id": "python-os-brick-0:1.15.5-2.el7ost.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-os-brick@1.15.5-2.el7ost?arch=src"
}
}
},
{
"category": "product_version",
"name": "puppet-neutron-0:11.5.0-2.el7ost.src",
"product": {
"name": "puppet-neutron-0:11.5.0-2.el7ost.src",
"product_id": "puppet-neutron-0:11.5.0-2.el7ost.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/puppet-neutron@11.5.0-2.el7ost?arch=src"
}
}
},
{
"category": "product_version",
"name": "os-net-config-0:7.3.6-1.el7ost.src",
"product": {
"name": "os-net-config-0:7.3.6-1.el7ost.src",
"product_id": "os-net-config-0:7.3.6-1.el7ost.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/os-net-config@7.3.6-1.el7ost?arch=src"
}
}
},
{
"category": "product_version",
"name": "instack-undercloud-0:7.4.12-1.el7ost.src",
"product": {
"name": "instack-undercloud-0:7.4.12-1.el7ost.src",
"product_id": "instack-undercloud-0:7.4.12-1.el7ost.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/instack-undercloud@7.4.12-1.el7ost?arch=src"
}
}
},
{
"category": "product_version",
"name": "openstack-tripleo-image-elements-0:7.0.5-1.el7ost.src",
"product": {
"name": "openstack-tripleo-image-elements-0:7.0.5-1.el7ost.src",
"product_id": "openstack-tripleo-image-elements-0:7.0.5-1.el7ost.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-tripleo-image-elements@7.0.5-1.el7ost?arch=src"
}
}
},
{
"category": "product_version",
"name": "puppet-manila-0:11.4.0-4.el7ost.src",
"product": {
"name": "puppet-manila-0:11.4.0-4.el7ost.src",
"product_id": "puppet-manila-0:11.4.0-4.el7ost.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/puppet-manila@11.4.0-4.el7ost?arch=src"
}
}
},
{
"category": "product_version",
"name": "puppet-trove-0:11.4.0-2.el7ost.src",
"product": {
"name": "puppet-trove-0:11.4.0-2.el7ost.src",
"product_id": "puppet-trove-0:11.4.0-2.el7ost.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/puppet-trove@11.4.0-2.el7ost?arch=src"
}
}
},
{
"category": "product_version",
"name": "puppet-mistral-0:11.4.0-2.el7ost.src",
"product": {
"name": "puppet-mistral-0:11.4.0-2.el7ost.src",
"product_id": "puppet-mistral-0:11.4.0-2.el7ost.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/puppet-mistral@11.4.0-2.el7ost?arch=src"
}
}
},
{
"category": "product_version",
"name": "puppet-heat-0:11.5.0-2.el7ost.src",
"product": {
"name": "puppet-heat-0:11.5.0-2.el7ost.src",
"product_id": "puppet-heat-0:11.5.0-2.el7ost.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/puppet-heat@11.5.0-2.el7ost?arch=src"
}
}
},
{
"category": "product_version",
"name": "openstack-tripleo-puppet-elements-0:7.0.7-1.el7ost.src",
"product": {
"name": "openstack-tripleo-puppet-elements-0:7.0.7-1.el7ost.src",
"product_id": "openstack-tripleo-puppet-elements-0:7.0.7-1.el7ost.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-tripleo-puppet-elements@7.0.7-1.el7ost?arch=src"
}
}
},
{
"category": "product_version",
"name": "puppet-ceilometer-0:11.5.0-2.el7ost.src",
"product": {
"name": "puppet-ceilometer-0:11.5.0-2.el7ost.src",
"product_id": "puppet-ceilometer-0:11.5.0-2.el7ost.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/puppet-ceilometer@11.5.0-2.el7ost?arch=src"
}
}
},
{
"category": "product_version",
"name": "puppet-aodh-0:11.4.0-2.el7ost.src",
"product": {
"name": "puppet-aodh-0:11.4.0-2.el7ost.src",
"product_id": "puppet-aodh-0:11.4.0-2.el7ost.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/puppet-aodh@11.4.0-2.el7ost?arch=src"
}
}
},
{
"category": "product_version",
"name": "puppet-glance-0:11.5.0-2.el7ost.src",
"product": {
"name": "puppet-glance-0:11.5.0-2.el7ost.src",
"product_id": "puppet-glance-0:11.5.0-2.el7ost.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/puppet-glance@11.5.0-2.el7ost?arch=src"
}
}
},
{
"category": "product_version",
"name": "puppet-keystone-0:11.4.0-2.el7ost.src",
"product": {
"name": "puppet-keystone-0:11.4.0-2.el7ost.src",
"product_id": "puppet-keystone-0:11.4.0-2.el7ost.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/puppet-keystone@11.4.0-2.el7ost?arch=src"
}
}
},
{
"category": "product_version",
"name": "puppet-ceph-0:2.4.2-2.el7ost.src",
"product": {
"name": "puppet-ceph-0:2.4.2-2.el7ost.src",
"product_id": "puppet-ceph-0:2.4.2-2.el7ost.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/puppet-ceph@2.4.2-2.el7ost?arch=src"
}
}
},
{
"category": "product_version",
"name": "puppet-panko-0:11.5.0-2.el7ost.src",
"product": {
"name": "puppet-panko-0:11.5.0-2.el7ost.src",
"product_id": "puppet-panko-0:11.5.0-2.el7ost.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/puppet-panko@11.5.0-2.el7ost?arch=src"
}
}
},
{
"category": "product_version",
"name": "puppet-cinder-0:11.5.0-4.el7ost.src",
"product": {
"name": "puppet-cinder-0:11.5.0-4.el7ost.src",
"product_id": "puppet-cinder-0:11.5.0-4.el7ost.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/puppet-cinder@11.5.0-4.el7ost?arch=src"
}
}
},
{
"category": "product_version",
"name": "puppet-ironic-0:11.5.0-2.el7ost.src",
"product": {
"name": "puppet-ironic-0:11.5.0-2.el7ost.src",
"product_id": "puppet-ironic-0:11.5.0-2.el7ost.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/puppet-ironic@11.5.0-2.el7ost?arch=src"
}
}
},
{
"category": "product_version",
"name": "python-novajoin-0:1.0.17-3.el7ost.src",
"product": {
"name": "python-novajoin-0:1.0.17-3.el7ost.src",
"product_id": "python-novajoin-0:1.0.17-3.el7ost.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-novajoin@1.0.17-3.el7ost?arch=src"
}
}
},
{
"category": "product_version",
"name": "python-tripleoclient-0:7.3.10-3.el7ost.src",
"product": {
"name": "python-tripleoclient-0:7.3.10-3.el7ost.src",
"product_id": "python-tripleoclient-0:7.3.10-3.el7ost.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-tripleoclient@7.3.10-3.el7ost?arch=src"
}
}
},
{
"category": "product_version",
"name": "puppet-nova-0:11.5.0-4.el7ost.src",
"product": {
"name": "puppet-nova-0:11.5.0-4.el7ost.src",
"product_id": "puppet-nova-0:11.5.0-4.el7ost.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/puppet-nova@11.5.0-4.el7ost?arch=src"
}
}
},
{
"category": "product_version",
"name": "openstack-tripleo-common-0:7.6.13-3.el7ost.src",
"product": {
"name": "openstack-tripleo-common-0:7.6.13-3.el7ost.src",
"product_id": "openstack-tripleo-common-0:7.6.13-3.el7ost.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-tripleo-common@7.6.13-3.el7ost?arch=src"
}
}
},
{
"category": "product_version",
"name": "openstack-tripleo-heat-templates-0:7.0.12-8.el7ost.src",
"product": {
"name": "openstack-tripleo-heat-templates-0:7.0.12-8.el7ost.src",
"product_id": "openstack-tripleo-heat-templates-0:7.0.12-8.el7ost.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-tripleo-heat-templates@7.0.12-8.el7ost?arch=src"
}
}
},
{
"category": "product_version",
"name": "puppet-tripleo-0:7.4.12-8.el7ost.src",
"product": {
"name": "puppet-tripleo-0:7.4.12-8.el7ost.src",
"product_id": "puppet-tripleo-0:7.4.12-8.el7ost.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/puppet-tripleo@7.4.12-8.el7ost?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "python-os-brick-0:1.15.5-2.el7ost.noarch",
"product": {
"name": "python-os-brick-0:1.15.5-2.el7ost.noarch",
"product_id": "python-os-brick-0:1.15.5-2.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-os-brick@1.15.5-2.el7ost?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "puppet-neutron-0:11.5.0-2.el7ost.noarch",
"product": {
"name": "puppet-neutron-0:11.5.0-2.el7ost.noarch",
"product_id": "puppet-neutron-0:11.5.0-2.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/puppet-neutron@11.5.0-2.el7ost?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "os-net-config-0:7.3.6-1.el7ost.noarch",
"product": {
"name": "os-net-config-0:7.3.6-1.el7ost.noarch",
"product_id": "os-net-config-0:7.3.6-1.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/os-net-config@7.3.6-1.el7ost?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "instack-undercloud-0:7.4.12-1.el7ost.noarch",
"product": {
"name": "instack-undercloud-0:7.4.12-1.el7ost.noarch",
"product_id": "instack-undercloud-0:7.4.12-1.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/instack-undercloud@7.4.12-1.el7ost?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "openstack-tripleo-image-elements-0:7.0.5-1.el7ost.noarch",
"product": {
"name": "openstack-tripleo-image-elements-0:7.0.5-1.el7ost.noarch",
"product_id": "openstack-tripleo-image-elements-0:7.0.5-1.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-tripleo-image-elements@7.0.5-1.el7ost?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "puppet-manila-0:11.4.0-4.el7ost.noarch",
"product": {
"name": "puppet-manila-0:11.4.0-4.el7ost.noarch",
"product_id": "puppet-manila-0:11.4.0-4.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/puppet-manila@11.4.0-4.el7ost?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "puppet-trove-0:11.4.0-2.el7ost.noarch",
"product": {
"name": "puppet-trove-0:11.4.0-2.el7ost.noarch",
"product_id": "puppet-trove-0:11.4.0-2.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/puppet-trove@11.4.0-2.el7ost?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "puppet-mistral-0:11.4.0-2.el7ost.noarch",
"product": {
"name": "puppet-mistral-0:11.4.0-2.el7ost.noarch",
"product_id": "puppet-mistral-0:11.4.0-2.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/puppet-mistral@11.4.0-2.el7ost?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "puppet-heat-0:11.5.0-2.el7ost.noarch",
"product": {
"name": "puppet-heat-0:11.5.0-2.el7ost.noarch",
"product_id": "puppet-heat-0:11.5.0-2.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/puppet-heat@11.5.0-2.el7ost?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "openstack-tripleo-puppet-elements-0:7.0.7-1.el7ost.noarch",
"product": {
"name": "openstack-tripleo-puppet-elements-0:7.0.7-1.el7ost.noarch",
"product_id": "openstack-tripleo-puppet-elements-0:7.0.7-1.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-tripleo-puppet-elements@7.0.7-1.el7ost?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "puppet-ceilometer-0:11.5.0-2.el7ost.noarch",
"product": {
"name": "puppet-ceilometer-0:11.5.0-2.el7ost.noarch",
"product_id": "puppet-ceilometer-0:11.5.0-2.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/puppet-ceilometer@11.5.0-2.el7ost?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "puppet-aodh-0:11.4.0-2.el7ost.noarch",
"product": {
"name": "puppet-aodh-0:11.4.0-2.el7ost.noarch",
"product_id": "puppet-aodh-0:11.4.0-2.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/puppet-aodh@11.4.0-2.el7ost?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "puppet-glance-0:11.5.0-2.el7ost.noarch",
"product": {
"name": "puppet-glance-0:11.5.0-2.el7ost.noarch",
"product_id": "puppet-glance-0:11.5.0-2.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/puppet-glance@11.5.0-2.el7ost?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "puppet-keystone-0:11.4.0-2.el7ost.noarch",
"product": {
"name": "puppet-keystone-0:11.4.0-2.el7ost.noarch",
"product_id": "puppet-keystone-0:11.4.0-2.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/puppet-keystone@11.4.0-2.el7ost?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "puppet-ceph-0:2.4.2-2.el7ost.noarch",
"product": {
"name": "puppet-ceph-0:2.4.2-2.el7ost.noarch",
"product_id": "puppet-ceph-0:2.4.2-2.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/puppet-ceph@2.4.2-2.el7ost?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "puppet-panko-0:11.5.0-2.el7ost.noarch",
"product": {
"name": "puppet-panko-0:11.5.0-2.el7ost.noarch",
"product_id": "puppet-panko-0:11.5.0-2.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/puppet-panko@11.5.0-2.el7ost?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "puppet-cinder-0:11.5.0-4.el7ost.noarch",
"product": {
"name": "puppet-cinder-0:11.5.0-4.el7ost.noarch",
"product_id": "puppet-cinder-0:11.5.0-4.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/puppet-cinder@11.5.0-4.el7ost?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "puppet-ironic-0:11.5.0-2.el7ost.noarch",
"product": {
"name": "puppet-ironic-0:11.5.0-2.el7ost.noarch",
"product_id": "puppet-ironic-0:11.5.0-2.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/puppet-ironic@11.5.0-2.el7ost?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python-novajoin-0:1.0.17-3.el7ost.noarch",
"product": {
"name": "python-novajoin-0:1.0.17-3.el7ost.noarch",
"product_id": "python-novajoin-0:1.0.17-3.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-novajoin@1.0.17-3.el7ost?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python-tripleoclient-0:7.3.10-3.el7ost.noarch",
"product": {
"name": "python-tripleoclient-0:7.3.10-3.el7ost.noarch",
"product_id": "python-tripleoclient-0:7.3.10-3.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-tripleoclient@7.3.10-3.el7ost?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "puppet-nova-0:11.5.0-4.el7ost.noarch",
"product": {
"name": "puppet-nova-0:11.5.0-4.el7ost.noarch",
"product_id": "puppet-nova-0:11.5.0-4.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/puppet-nova@11.5.0-4.el7ost?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "openstack-tripleo-common-devtools-0:7.6.13-3.el7ost.noarch",
"product": {
"name": "openstack-tripleo-common-devtools-0:7.6.13-3.el7ost.noarch",
"product_id": "openstack-tripleo-common-devtools-0:7.6.13-3.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-tripleo-common-devtools@7.6.13-3.el7ost?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "openstack-tripleo-common-0:7.6.13-3.el7ost.noarch",
"product": {
"name": "openstack-tripleo-common-0:7.6.13-3.el7ost.noarch",
"product_id": "openstack-tripleo-common-0:7.6.13-3.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-tripleo-common@7.6.13-3.el7ost?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "openstack-tripleo-common-containers-0:7.6.13-3.el7ost.noarch",
"product": {
"name": "openstack-tripleo-common-containers-0:7.6.13-3.el7ost.noarch",
"product_id": "openstack-tripleo-common-containers-0:7.6.13-3.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-tripleo-common-containers@7.6.13-3.el7ost?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "openstack-tripleo-common-container-base-0:7.6.13-3.el7ost.noarch",
"product": {
"name": "openstack-tripleo-common-container-base-0:7.6.13-3.el7ost.noarch",
"product_id": "openstack-tripleo-common-container-base-0:7.6.13-3.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-tripleo-common-container-base@7.6.13-3.el7ost?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "openstack-tripleo-heat-templates-0:7.0.12-8.el7ost.noarch",
"product": {
"name": "openstack-tripleo-heat-templates-0:7.0.12-8.el7ost.noarch",
"product_id": "openstack-tripleo-heat-templates-0:7.0.12-8.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-tripleo-heat-templates@7.0.12-8.el7ost?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "puppet-tripleo-0:7.4.12-8.el7ost.noarch",
"product": {
"name": "puppet-tripleo-0:7.4.12-8.el7ost.noarch",
"product_id": "puppet-tripleo-0:7.4.12-8.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/puppet-tripleo@7.4.12-8.el7ost?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "instack-undercloud-0:7.4.12-1.el7ost.noarch as a component of Red Hat OpenStack Platform 12.0",
"product_id": "7Server-RH7-RHOS-12.0:instack-undercloud-0:7.4.12-1.el7ost.noarch"
},
"product_reference": "instack-undercloud-0:7.4.12-1.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-12.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "instack-undercloud-0:7.4.12-1.el7ost.src as a component of Red Hat OpenStack Platform 12.0",
"product_id": "7Server-RH7-RHOS-12.0:instack-undercloud-0:7.4.12-1.el7ost.src"
},
"product_reference": "instack-undercloud-0:7.4.12-1.el7ost.src",
"relates_to_product_reference": "7Server-RH7-RHOS-12.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-tripleo-common-0:7.6.13-3.el7ost.noarch as a component of Red Hat OpenStack Platform 12.0",
"product_id": "7Server-RH7-RHOS-12.0:openstack-tripleo-common-0:7.6.13-3.el7ost.noarch"
},
"product_reference": "openstack-tripleo-common-0:7.6.13-3.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-12.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-tripleo-common-0:7.6.13-3.el7ost.src as a component of Red Hat OpenStack Platform 12.0",
"product_id": "7Server-RH7-RHOS-12.0:openstack-tripleo-common-0:7.6.13-3.el7ost.src"
},
"product_reference": "openstack-tripleo-common-0:7.6.13-3.el7ost.src",
"relates_to_product_reference": "7Server-RH7-RHOS-12.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-tripleo-common-container-base-0:7.6.13-3.el7ost.noarch as a component of Red Hat OpenStack Platform 12.0",
"product_id": "7Server-RH7-RHOS-12.0:openstack-tripleo-common-container-base-0:7.6.13-3.el7ost.noarch"
},
"product_reference": "openstack-tripleo-common-container-base-0:7.6.13-3.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-12.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-tripleo-common-containers-0:7.6.13-3.el7ost.noarch as a component of Red Hat OpenStack Platform 12.0",
"product_id": "7Server-RH7-RHOS-12.0:openstack-tripleo-common-containers-0:7.6.13-3.el7ost.noarch"
},
"product_reference": "openstack-tripleo-common-containers-0:7.6.13-3.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-12.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-tripleo-common-devtools-0:7.6.13-3.el7ost.noarch as a component of Red Hat OpenStack Platform 12.0",
"product_id": "7Server-RH7-RHOS-12.0:openstack-tripleo-common-devtools-0:7.6.13-3.el7ost.noarch"
},
"product_reference": "openstack-tripleo-common-devtools-0:7.6.13-3.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-12.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-tripleo-heat-templates-0:7.0.12-8.el7ost.noarch as a component of Red Hat OpenStack Platform 12.0",
"product_id": "7Server-RH7-RHOS-12.0:openstack-tripleo-heat-templates-0:7.0.12-8.el7ost.noarch"
},
"product_reference": "openstack-tripleo-heat-templates-0:7.0.12-8.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-12.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-tripleo-heat-templates-0:7.0.12-8.el7ost.src as a component of Red Hat OpenStack Platform 12.0",
"product_id": "7Server-RH7-RHOS-12.0:openstack-tripleo-heat-templates-0:7.0.12-8.el7ost.src"
},
"product_reference": "openstack-tripleo-heat-templates-0:7.0.12-8.el7ost.src",
"relates_to_product_reference": "7Server-RH7-RHOS-12.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-tripleo-image-elements-0:7.0.5-1.el7ost.noarch as a component of Red Hat OpenStack Platform 12.0",
"product_id": "7Server-RH7-RHOS-12.0:openstack-tripleo-image-elements-0:7.0.5-1.el7ost.noarch"
},
"product_reference": "openstack-tripleo-image-elements-0:7.0.5-1.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-12.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-tripleo-image-elements-0:7.0.5-1.el7ost.src as a component of Red Hat OpenStack Platform 12.0",
"product_id": "7Server-RH7-RHOS-12.0:openstack-tripleo-image-elements-0:7.0.5-1.el7ost.src"
},
"product_reference": "openstack-tripleo-image-elements-0:7.0.5-1.el7ost.src",
"relates_to_product_reference": "7Server-RH7-RHOS-12.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-tripleo-puppet-elements-0:7.0.7-1.el7ost.noarch as a component of Red Hat OpenStack Platform 12.0",
"product_id": "7Server-RH7-RHOS-12.0:openstack-tripleo-puppet-elements-0:7.0.7-1.el7ost.noarch"
},
"product_reference": "openstack-tripleo-puppet-elements-0:7.0.7-1.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-12.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-tripleo-puppet-elements-0:7.0.7-1.el7ost.src as a component of Red Hat OpenStack Platform 12.0",
"product_id": "7Server-RH7-RHOS-12.0:openstack-tripleo-puppet-elements-0:7.0.7-1.el7ost.src"
},
"product_reference": "openstack-tripleo-puppet-elements-0:7.0.7-1.el7ost.src",
"relates_to_product_reference": "7Server-RH7-RHOS-12.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "os-net-config-0:7.3.6-1.el7ost.noarch as a component of Red Hat OpenStack Platform 12.0",
"product_id": "7Server-RH7-RHOS-12.0:os-net-config-0:7.3.6-1.el7ost.noarch"
},
"product_reference": "os-net-config-0:7.3.6-1.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-12.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "os-net-config-0:7.3.6-1.el7ost.src as a component of Red Hat OpenStack Platform 12.0",
"product_id": "7Server-RH7-RHOS-12.0:os-net-config-0:7.3.6-1.el7ost.src"
},
"product_reference": "os-net-config-0:7.3.6-1.el7ost.src",
"relates_to_product_reference": "7Server-RH7-RHOS-12.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "puppet-aodh-0:11.4.0-2.el7ost.noarch as a component of Red Hat OpenStack Platform 12.0",
"product_id": "7Server-RH7-RHOS-12.0:puppet-aodh-0:11.4.0-2.el7ost.noarch"
},
"product_reference": "puppet-aodh-0:11.4.0-2.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-12.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "puppet-aodh-0:11.4.0-2.el7ost.src as a component of Red Hat OpenStack Platform 12.0",
"product_id": "7Server-RH7-RHOS-12.0:puppet-aodh-0:11.4.0-2.el7ost.src"
},
"product_reference": "puppet-aodh-0:11.4.0-2.el7ost.src",
"relates_to_product_reference": "7Server-RH7-RHOS-12.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "puppet-ceilometer-0:11.5.0-2.el7ost.noarch as a component of Red Hat OpenStack Platform 12.0",
"product_id": "7Server-RH7-RHOS-12.0:puppet-ceilometer-0:11.5.0-2.el7ost.noarch"
},
"product_reference": "puppet-ceilometer-0:11.5.0-2.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-12.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "puppet-ceilometer-0:11.5.0-2.el7ost.src as a component of Red Hat OpenStack Platform 12.0",
"product_id": "7Server-RH7-RHOS-12.0:puppet-ceilometer-0:11.5.0-2.el7ost.src"
},
"product_reference": "puppet-ceilometer-0:11.5.0-2.el7ost.src",
"relates_to_product_reference": "7Server-RH7-RHOS-12.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "puppet-ceph-0:2.4.2-2.el7ost.noarch as a component of Red Hat OpenStack Platform 12.0",
"product_id": "7Server-RH7-RHOS-12.0:puppet-ceph-0:2.4.2-2.el7ost.noarch"
},
"product_reference": "puppet-ceph-0:2.4.2-2.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-12.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "puppet-ceph-0:2.4.2-2.el7ost.src as a component of Red Hat OpenStack Platform 12.0",
"product_id": "7Server-RH7-RHOS-12.0:puppet-ceph-0:2.4.2-2.el7ost.src"
},
"product_reference": "puppet-ceph-0:2.4.2-2.el7ost.src",
"relates_to_product_reference": "7Server-RH7-RHOS-12.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "puppet-cinder-0:11.5.0-4.el7ost.noarch as a component of Red Hat OpenStack Platform 12.0",
"product_id": "7Server-RH7-RHOS-12.0:puppet-cinder-0:11.5.0-4.el7ost.noarch"
},
"product_reference": "puppet-cinder-0:11.5.0-4.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-12.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "puppet-cinder-0:11.5.0-4.el7ost.src as a component of Red Hat OpenStack Platform 12.0",
"product_id": "7Server-RH7-RHOS-12.0:puppet-cinder-0:11.5.0-4.el7ost.src"
},
"product_reference": "puppet-cinder-0:11.5.0-4.el7ost.src",
"relates_to_product_reference": "7Server-RH7-RHOS-12.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "puppet-glance-0:11.5.0-2.el7ost.noarch as a component of Red Hat OpenStack Platform 12.0",
"product_id": "7Server-RH7-RHOS-12.0:puppet-glance-0:11.5.0-2.el7ost.noarch"
},
"product_reference": "puppet-glance-0:11.5.0-2.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-12.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "puppet-glance-0:11.5.0-2.el7ost.src as a component of Red Hat OpenStack Platform 12.0",
"product_id": "7Server-RH7-RHOS-12.0:puppet-glance-0:11.5.0-2.el7ost.src"
},
"product_reference": "puppet-glance-0:11.5.0-2.el7ost.src",
"relates_to_product_reference": "7Server-RH7-RHOS-12.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "puppet-heat-0:11.5.0-2.el7ost.noarch as a component of Red Hat OpenStack Platform 12.0",
"product_id": "7Server-RH7-RHOS-12.0:puppet-heat-0:11.5.0-2.el7ost.noarch"
},
"product_reference": "puppet-heat-0:11.5.0-2.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-12.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "puppet-heat-0:11.5.0-2.el7ost.src as a component of Red Hat OpenStack Platform 12.0",
"product_id": "7Server-RH7-RHOS-12.0:puppet-heat-0:11.5.0-2.el7ost.src"
},
"product_reference": "puppet-heat-0:11.5.0-2.el7ost.src",
"relates_to_product_reference": "7Server-RH7-RHOS-12.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "puppet-ironic-0:11.5.0-2.el7ost.noarch as a component of Red Hat OpenStack Platform 12.0",
"product_id": "7Server-RH7-RHOS-12.0:puppet-ironic-0:11.5.0-2.el7ost.noarch"
},
"product_reference": "puppet-ironic-0:11.5.0-2.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-12.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "puppet-ironic-0:11.5.0-2.el7ost.src as a component of Red Hat OpenStack Platform 12.0",
"product_id": "7Server-RH7-RHOS-12.0:puppet-ironic-0:11.5.0-2.el7ost.src"
},
"product_reference": "puppet-ironic-0:11.5.0-2.el7ost.src",
"relates_to_product_reference": "7Server-RH7-RHOS-12.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "puppet-keystone-0:11.4.0-2.el7ost.noarch as a component of Red Hat OpenStack Platform 12.0",
"product_id": "7Server-RH7-RHOS-12.0:puppet-keystone-0:11.4.0-2.el7ost.noarch"
},
"product_reference": "puppet-keystone-0:11.4.0-2.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-12.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "puppet-keystone-0:11.4.0-2.el7ost.src as a component of Red Hat OpenStack Platform 12.0",
"product_id": "7Server-RH7-RHOS-12.0:puppet-keystone-0:11.4.0-2.el7ost.src"
},
"product_reference": "puppet-keystone-0:11.4.0-2.el7ost.src",
"relates_to_product_reference": "7Server-RH7-RHOS-12.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "puppet-manila-0:11.4.0-4.el7ost.noarch as a component of Red Hat OpenStack Platform 12.0",
"product_id": "7Server-RH7-RHOS-12.0:puppet-manila-0:11.4.0-4.el7ost.noarch"
},
"product_reference": "puppet-manila-0:11.4.0-4.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-12.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "puppet-manila-0:11.4.0-4.el7ost.src as a component of Red Hat OpenStack Platform 12.0",
"product_id": "7Server-RH7-RHOS-12.0:puppet-manila-0:11.4.0-4.el7ost.src"
},
"product_reference": "puppet-manila-0:11.4.0-4.el7ost.src",
"relates_to_product_reference": "7Server-RH7-RHOS-12.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "puppet-mistral-0:11.4.0-2.el7ost.noarch as a component of Red Hat OpenStack Platform 12.0",
"product_id": "7Server-RH7-RHOS-12.0:puppet-mistral-0:11.4.0-2.el7ost.noarch"
},
"product_reference": "puppet-mistral-0:11.4.0-2.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-12.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "puppet-mistral-0:11.4.0-2.el7ost.src as a component of Red Hat OpenStack Platform 12.0",
"product_id": "7Server-RH7-RHOS-12.0:puppet-mistral-0:11.4.0-2.el7ost.src"
},
"product_reference": "puppet-mistral-0:11.4.0-2.el7ost.src",
"relates_to_product_reference": "7Server-RH7-RHOS-12.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "puppet-neutron-0:11.5.0-2.el7ost.noarch as a component of Red Hat OpenStack Platform 12.0",
"product_id": "7Server-RH7-RHOS-12.0:puppet-neutron-0:11.5.0-2.el7ost.noarch"
},
"product_reference": "puppet-neutron-0:11.5.0-2.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-12.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "puppet-neutron-0:11.5.0-2.el7ost.src as a component of Red Hat OpenStack Platform 12.0",
"product_id": "7Server-RH7-RHOS-12.0:puppet-neutron-0:11.5.0-2.el7ost.src"
},
"product_reference": "puppet-neutron-0:11.5.0-2.el7ost.src",
"relates_to_product_reference": "7Server-RH7-RHOS-12.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "puppet-nova-0:11.5.0-4.el7ost.noarch as a component of Red Hat OpenStack Platform 12.0",
"product_id": "7Server-RH7-RHOS-12.0:puppet-nova-0:11.5.0-4.el7ost.noarch"
},
"product_reference": "puppet-nova-0:11.5.0-4.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-12.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "puppet-nova-0:11.5.0-4.el7ost.src as a component of Red Hat OpenStack Platform 12.0",
"product_id": "7Server-RH7-RHOS-12.0:puppet-nova-0:11.5.0-4.el7ost.src"
},
"product_reference": "puppet-nova-0:11.5.0-4.el7ost.src",
"relates_to_product_reference": "7Server-RH7-RHOS-12.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "puppet-panko-0:11.5.0-2.el7ost.noarch as a component of Red Hat OpenStack Platform 12.0",
"product_id": "7Server-RH7-RHOS-12.0:puppet-panko-0:11.5.0-2.el7ost.noarch"
},
"product_reference": "puppet-panko-0:11.5.0-2.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-12.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "puppet-panko-0:11.5.0-2.el7ost.src as a component of Red Hat OpenStack Platform 12.0",
"product_id": "7Server-RH7-RHOS-12.0:puppet-panko-0:11.5.0-2.el7ost.src"
},
"product_reference": "puppet-panko-0:11.5.0-2.el7ost.src",
"relates_to_product_reference": "7Server-RH7-RHOS-12.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "puppet-tripleo-0:7.4.12-8.el7ost.noarch as a component of Red Hat OpenStack Platform 12.0",
"product_id": "7Server-RH7-RHOS-12.0:puppet-tripleo-0:7.4.12-8.el7ost.noarch"
},
"product_reference": "puppet-tripleo-0:7.4.12-8.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-12.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "puppet-tripleo-0:7.4.12-8.el7ost.src as a component of Red Hat OpenStack Platform 12.0",
"product_id": "7Server-RH7-RHOS-12.0:puppet-tripleo-0:7.4.12-8.el7ost.src"
},
"product_reference": "puppet-tripleo-0:7.4.12-8.el7ost.src",
"relates_to_product_reference": "7Server-RH7-RHOS-12.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "puppet-trove-0:11.4.0-2.el7ost.noarch as a component of Red Hat OpenStack Platform 12.0",
"product_id": "7Server-RH7-RHOS-12.0:puppet-trove-0:11.4.0-2.el7ost.noarch"
},
"product_reference": "puppet-trove-0:11.4.0-2.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-12.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "puppet-trove-0:11.4.0-2.el7ost.src as a component of Red Hat OpenStack Platform 12.0",
"product_id": "7Server-RH7-RHOS-12.0:puppet-trove-0:11.4.0-2.el7ost.src"
},
"product_reference": "puppet-trove-0:11.4.0-2.el7ost.src",
"relates_to_product_reference": "7Server-RH7-RHOS-12.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-novajoin-0:1.0.17-3.el7ost.noarch as a component of Red Hat OpenStack Platform 12.0",
"product_id": "7Server-RH7-RHOS-12.0:python-novajoin-0:1.0.17-3.el7ost.noarch"
},
"product_reference": "python-novajoin-0:1.0.17-3.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-12.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-novajoin-0:1.0.17-3.el7ost.src as a component of Red Hat OpenStack Platform 12.0",
"product_id": "7Server-RH7-RHOS-12.0:python-novajoin-0:1.0.17-3.el7ost.src"
},
"product_reference": "python-novajoin-0:1.0.17-3.el7ost.src",
"relates_to_product_reference": "7Server-RH7-RHOS-12.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-os-brick-0:1.15.5-2.el7ost.noarch as a component of Red Hat OpenStack Platform 12.0",
"product_id": "7Server-RH7-RHOS-12.0:python-os-brick-0:1.15.5-2.el7ost.noarch"
},
"product_reference": "python-os-brick-0:1.15.5-2.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-12.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-os-brick-0:1.15.5-2.el7ost.src as a component of Red Hat OpenStack Platform 12.0",
"product_id": "7Server-RH7-RHOS-12.0:python-os-brick-0:1.15.5-2.el7ost.src"
},
"product_reference": "python-os-brick-0:1.15.5-2.el7ost.src",
"relates_to_product_reference": "7Server-RH7-RHOS-12.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-tripleoclient-0:7.3.10-3.el7ost.noarch as a component of Red Hat OpenStack Platform 12.0",
"product_id": "7Server-RH7-RHOS-12.0:python-tripleoclient-0:7.3.10-3.el7ost.noarch"
},
"product_reference": "python-tripleoclient-0:7.3.10-3.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-12.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-tripleoclient-0:7.3.10-3.el7ost.src as a component of Red Hat OpenStack Platform 12.0",
"product_id": "7Server-RH7-RHOS-12.0:python-tripleoclient-0:7.3.10-3.el7ost.src"
},
"product_reference": "python-tripleoclient-0:7.3.10-3.el7ost.src",
"relates_to_product_reference": "7Server-RH7-RHOS-12.0"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2018-1000115",
"discovery_date": "2018-03-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1551182"
}
],
"notes": [
{
"category": "description",
"text": "It was discovered that the memcached connections using UDP transport protocol can be abused for efficient traffic amplification distributed denial of service (DDoS) attacks. A remote attacker could send a malicious UDP request using a spoofed source IP address of a target system to memcached, causing it to send a significantly larger response to the target.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "memcached: UDP server support allows spoofed traffic amplification DoS",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat is aware of traffic amplification distributed denial of service (DDoS) attacks that take advantage of the insecurely configured memcached servers reachable from the public Internet. The default configuration of memcached as shipped in Red Hat products makes it possible to abuse them for these DDoS attacks if memcached is exposed to connections from the public Internet. Refer to the Red Hat Knowledgebase article 3369081 for instructions on how to properly secure memcached installations to prevent them from being used in the attack.\n\nhttps://access.redhat.com/solutions/3369081",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RH7-RHOS-12.0:instack-undercloud-0:7.4.12-1.el7ost.noarch",
"7Server-RH7-RHOS-12.0:instack-undercloud-0:7.4.12-1.el7ost.src",
"7Server-RH7-RHOS-12.0:openstack-tripleo-common-0:7.6.13-3.el7ost.noarch",
"7Server-RH7-RHOS-12.0:openstack-tripleo-common-0:7.6.13-3.el7ost.src",
"7Server-RH7-RHOS-12.0:openstack-tripleo-common-container-base-0:7.6.13-3.el7ost.noarch",
"7Server-RH7-RHOS-12.0:openstack-tripleo-common-containers-0:7.6.13-3.el7ost.noarch",
"7Server-RH7-RHOS-12.0:openstack-tripleo-common-devtools-0:7.6.13-3.el7ost.noarch",
"7Server-RH7-RHOS-12.0:openstack-tripleo-heat-templates-0:7.0.12-8.el7ost.noarch",
"7Server-RH7-RHOS-12.0:openstack-tripleo-heat-templates-0:7.0.12-8.el7ost.src",
"7Server-RH7-RHOS-12.0:openstack-tripleo-image-elements-0:7.0.5-1.el7ost.noarch",
"7Server-RH7-RHOS-12.0:openstack-tripleo-image-elements-0:7.0.5-1.el7ost.src",
"7Server-RH7-RHOS-12.0:openstack-tripleo-puppet-elements-0:7.0.7-1.el7ost.noarch",
"7Server-RH7-RHOS-12.0:openstack-tripleo-puppet-elements-0:7.0.7-1.el7ost.src",
"7Server-RH7-RHOS-12.0:os-net-config-0:7.3.6-1.el7ost.noarch",
"7Server-RH7-RHOS-12.0:os-net-config-0:7.3.6-1.el7ost.src",
"7Server-RH7-RHOS-12.0:puppet-aodh-0:11.4.0-2.el7ost.noarch",
"7Server-RH7-RHOS-12.0:puppet-aodh-0:11.4.0-2.el7ost.src",
"7Server-RH7-RHOS-12.0:puppet-ceilometer-0:11.5.0-2.el7ost.noarch",
"7Server-RH7-RHOS-12.0:puppet-ceilometer-0:11.5.0-2.el7ost.src",
"7Server-RH7-RHOS-12.0:puppet-ceph-0:2.4.2-2.el7ost.noarch",
"7Server-RH7-RHOS-12.0:puppet-ceph-0:2.4.2-2.el7ost.src",
"7Server-RH7-RHOS-12.0:puppet-cinder-0:11.5.0-4.el7ost.noarch",
"7Server-RH7-RHOS-12.0:puppet-cinder-0:11.5.0-4.el7ost.src",
"7Server-RH7-RHOS-12.0:puppet-glance-0:11.5.0-2.el7ost.noarch",
"7Server-RH7-RHOS-12.0:puppet-glance-0:11.5.0-2.el7ost.src",
"7Server-RH7-RHOS-12.0:puppet-heat-0:11.5.0-2.el7ost.noarch",
"7Server-RH7-RHOS-12.0:puppet-heat-0:11.5.0-2.el7ost.src",
"7Server-RH7-RHOS-12.0:puppet-ironic-0:11.5.0-2.el7ost.noarch",
"7Server-RH7-RHOS-12.0:puppet-ironic-0:11.5.0-2.el7ost.src",
"7Server-RH7-RHOS-12.0:puppet-keystone-0:11.4.0-2.el7ost.noarch",
"7Server-RH7-RHOS-12.0:puppet-keystone-0:11.4.0-2.el7ost.src",
"7Server-RH7-RHOS-12.0:puppet-manila-0:11.4.0-4.el7ost.noarch",
"7Server-RH7-RHOS-12.0:puppet-manila-0:11.4.0-4.el7ost.src",
"7Server-RH7-RHOS-12.0:puppet-mistral-0:11.4.0-2.el7ost.noarch",
"7Server-RH7-RHOS-12.0:puppet-mistral-0:11.4.0-2.el7ost.src",
"7Server-RH7-RHOS-12.0:puppet-neutron-0:11.5.0-2.el7ost.noarch",
"7Server-RH7-RHOS-12.0:puppet-neutron-0:11.5.0-2.el7ost.src",
"7Server-RH7-RHOS-12.0:puppet-nova-0:11.5.0-4.el7ost.noarch",
"7Server-RH7-RHOS-12.0:puppet-nova-0:11.5.0-4.el7ost.src",
"7Server-RH7-RHOS-12.0:puppet-panko-0:11.5.0-2.el7ost.noarch",
"7Server-RH7-RHOS-12.0:puppet-panko-0:11.5.0-2.el7ost.src",
"7Server-RH7-RHOS-12.0:puppet-tripleo-0:7.4.12-8.el7ost.noarch",
"7Server-RH7-RHOS-12.0:puppet-tripleo-0:7.4.12-8.el7ost.src",
"7Server-RH7-RHOS-12.0:puppet-trove-0:11.4.0-2.el7ost.noarch",
"7Server-RH7-RHOS-12.0:puppet-trove-0:11.4.0-2.el7ost.src",
"7Server-RH7-RHOS-12.0:python-novajoin-0:1.0.17-3.el7ost.noarch",
"7Server-RH7-RHOS-12.0:python-novajoin-0:1.0.17-3.el7ost.src",
"7Server-RH7-RHOS-12.0:python-os-brick-0:1.15.5-2.el7ost.noarch",
"7Server-RH7-RHOS-12.0:python-os-brick-0:1.15.5-2.el7ost.src",
"7Server-RH7-RHOS-12.0:python-tripleoclient-0:7.3.10-3.el7ost.noarch",
"7Server-RH7-RHOS-12.0:python-tripleoclient-0:7.3.10-3.el7ost.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-1000115"
},
{
"category": "external",
"summary": "RHBZ#1551182",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1551182"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-1000115",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000115"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-1000115",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1000115"
}
],
"release_date": "2018-03-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-08-20T12:56:25+00:00",
"details": "For details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-RH7-RHOS-12.0:instack-undercloud-0:7.4.12-1.el7ost.noarch",
"7Server-RH7-RHOS-12.0:instack-undercloud-0:7.4.12-1.el7ost.src",
"7Server-RH7-RHOS-12.0:openstack-tripleo-common-0:7.6.13-3.el7ost.noarch",
"7Server-RH7-RHOS-12.0:openstack-tripleo-common-0:7.6.13-3.el7ost.src",
"7Server-RH7-RHOS-12.0:openstack-tripleo-common-container-base-0:7.6.13-3.el7ost.noarch",
"7Server-RH7-RHOS-12.0:openstack-tripleo-common-containers-0:7.6.13-3.el7ost.noarch",
"7Server-RH7-RHOS-12.0:openstack-tripleo-common-devtools-0:7.6.13-3.el7ost.noarch",
"7Server-RH7-RHOS-12.0:openstack-tripleo-heat-templates-0:7.0.12-8.el7ost.noarch",
"7Server-RH7-RHOS-12.0:openstack-tripleo-heat-templates-0:7.0.12-8.el7ost.src",
"7Server-RH7-RHOS-12.0:openstack-tripleo-image-elements-0:7.0.5-1.el7ost.noarch",
"7Server-RH7-RHOS-12.0:openstack-tripleo-image-elements-0:7.0.5-1.el7ost.src",
"7Server-RH7-RHOS-12.0:openstack-tripleo-puppet-elements-0:7.0.7-1.el7ost.noarch",
"7Server-RH7-RHOS-12.0:openstack-tripleo-puppet-elements-0:7.0.7-1.el7ost.src",
"7Server-RH7-RHOS-12.0:os-net-config-0:7.3.6-1.el7ost.noarch",
"7Server-RH7-RHOS-12.0:os-net-config-0:7.3.6-1.el7ost.src",
"7Server-RH7-RHOS-12.0:puppet-aodh-0:11.4.0-2.el7ost.noarch",
"7Server-RH7-RHOS-12.0:puppet-aodh-0:11.4.0-2.el7ost.src",
"7Server-RH7-RHOS-12.0:puppet-ceilometer-0:11.5.0-2.el7ost.noarch",
"7Server-RH7-RHOS-12.0:puppet-ceilometer-0:11.5.0-2.el7ost.src",
"7Server-RH7-RHOS-12.0:puppet-ceph-0:2.4.2-2.el7ost.noarch",
"7Server-RH7-RHOS-12.0:puppet-ceph-0:2.4.2-2.el7ost.src",
"7Server-RH7-RHOS-12.0:puppet-cinder-0:11.5.0-4.el7ost.noarch",
"7Server-RH7-RHOS-12.0:puppet-cinder-0:11.5.0-4.el7ost.src",
"7Server-RH7-RHOS-12.0:puppet-glance-0:11.5.0-2.el7ost.noarch",
"7Server-RH7-RHOS-12.0:puppet-glance-0:11.5.0-2.el7ost.src",
"7Server-RH7-RHOS-12.0:puppet-heat-0:11.5.0-2.el7ost.noarch",
"7Server-RH7-RHOS-12.0:puppet-heat-0:11.5.0-2.el7ost.src",
"7Server-RH7-RHOS-12.0:puppet-ironic-0:11.5.0-2.el7ost.noarch",
"7Server-RH7-RHOS-12.0:puppet-ironic-0:11.5.0-2.el7ost.src",
"7Server-RH7-RHOS-12.0:puppet-keystone-0:11.4.0-2.el7ost.noarch",
"7Server-RH7-RHOS-12.0:puppet-keystone-0:11.4.0-2.el7ost.src",
"7Server-RH7-RHOS-12.0:puppet-manila-0:11.4.0-4.el7ost.noarch",
"7Server-RH7-RHOS-12.0:puppet-manila-0:11.4.0-4.el7ost.src",
"7Server-RH7-RHOS-12.0:puppet-mistral-0:11.4.0-2.el7ost.noarch",
"7Server-RH7-RHOS-12.0:puppet-mistral-0:11.4.0-2.el7ost.src",
"7Server-RH7-RHOS-12.0:puppet-neutron-0:11.5.0-2.el7ost.noarch",
"7Server-RH7-RHOS-12.0:puppet-neutron-0:11.5.0-2.el7ost.src",
"7Server-RH7-RHOS-12.0:puppet-nova-0:11.5.0-4.el7ost.noarch",
"7Server-RH7-RHOS-12.0:puppet-nova-0:11.5.0-4.el7ost.src",
"7Server-RH7-RHOS-12.0:puppet-panko-0:11.5.0-2.el7ost.noarch",
"7Server-RH7-RHOS-12.0:puppet-panko-0:11.5.0-2.el7ost.src",
"7Server-RH7-RHOS-12.0:puppet-tripleo-0:7.4.12-8.el7ost.noarch",
"7Server-RH7-RHOS-12.0:puppet-tripleo-0:7.4.12-8.el7ost.src",
"7Server-RH7-RHOS-12.0:puppet-trove-0:11.4.0-2.el7ost.noarch",
"7Server-RH7-RHOS-12.0:puppet-trove-0:11.4.0-2.el7ost.src",
"7Server-RH7-RHOS-12.0:python-novajoin-0:1.0.17-3.el7ost.noarch",
"7Server-RH7-RHOS-12.0:python-novajoin-0:1.0.17-3.el7ost.src",
"7Server-RH7-RHOS-12.0:python-os-brick-0:1.15.5-2.el7ost.noarch",
"7Server-RH7-RHOS-12.0:python-os-brick-0:1.15.5-2.el7ost.src",
"7Server-RH7-RHOS-12.0:python-tripleoclient-0:7.3.10-3.el7ost.noarch",
"7Server-RH7-RHOS-12.0:python-tripleoclient-0:7.3.10-3.el7ost.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:2331"
},
{
"category": "workaround",
"details": "Please refer to the Red Hat Knowledgebase article 3369081 for instructions on how to properly secure memcached installations to prevent them from being used in an attack.\n\nhttps://access.redhat.com/solutions/3369081",
"product_ids": [
"7Server-RH7-RHOS-12.0:instack-undercloud-0:7.4.12-1.el7ost.noarch",
"7Server-RH7-RHOS-12.0:instack-undercloud-0:7.4.12-1.el7ost.src",
"7Server-RH7-RHOS-12.0:openstack-tripleo-common-0:7.6.13-3.el7ost.noarch",
"7Server-RH7-RHOS-12.0:openstack-tripleo-common-0:7.6.13-3.el7ost.src",
"7Server-RH7-RHOS-12.0:openstack-tripleo-common-container-base-0:7.6.13-3.el7ost.noarch",
"7Server-RH7-RHOS-12.0:openstack-tripleo-common-containers-0:7.6.13-3.el7ost.noarch",
"7Server-RH7-RHOS-12.0:openstack-tripleo-common-devtools-0:7.6.13-3.el7ost.noarch",
"7Server-RH7-RHOS-12.0:openstack-tripleo-heat-templates-0:7.0.12-8.el7ost.noarch",
"7Server-RH7-RHOS-12.0:openstack-tripleo-heat-templates-0:7.0.12-8.el7ost.src",
"7Server-RH7-RHOS-12.0:openstack-tripleo-image-elements-0:7.0.5-1.el7ost.noarch",
"7Server-RH7-RHOS-12.0:openstack-tripleo-image-elements-0:7.0.5-1.el7ost.src",
"7Server-RH7-RHOS-12.0:openstack-tripleo-puppet-elements-0:7.0.7-1.el7ost.noarch",
"7Server-RH7-RHOS-12.0:openstack-tripleo-puppet-elements-0:7.0.7-1.el7ost.src",
"7Server-RH7-RHOS-12.0:os-net-config-0:7.3.6-1.el7ost.noarch",
"7Server-RH7-RHOS-12.0:os-net-config-0:7.3.6-1.el7ost.src",
"7Server-RH7-RHOS-12.0:puppet-aodh-0:11.4.0-2.el7ost.noarch",
"7Server-RH7-RHOS-12.0:puppet-aodh-0:11.4.0-2.el7ost.src",
"7Server-RH7-RHOS-12.0:puppet-ceilometer-0:11.5.0-2.el7ost.noarch",
"7Server-RH7-RHOS-12.0:puppet-ceilometer-0:11.5.0-2.el7ost.src",
"7Server-RH7-RHOS-12.0:puppet-ceph-0:2.4.2-2.el7ost.noarch",
"7Server-RH7-RHOS-12.0:puppet-ceph-0:2.4.2-2.el7ost.src",
"7Server-RH7-RHOS-12.0:puppet-cinder-0:11.5.0-4.el7ost.noarch",
"7Server-RH7-RHOS-12.0:puppet-cinder-0:11.5.0-4.el7ost.src",
"7Server-RH7-RHOS-12.0:puppet-glance-0:11.5.0-2.el7ost.noarch",
"7Server-RH7-RHOS-12.0:puppet-glance-0:11.5.0-2.el7ost.src",
"7Server-RH7-RHOS-12.0:puppet-heat-0:11.5.0-2.el7ost.noarch",
"7Server-RH7-RHOS-12.0:puppet-heat-0:11.5.0-2.el7ost.src",
"7Server-RH7-RHOS-12.0:puppet-ironic-0:11.5.0-2.el7ost.noarch",
"7Server-RH7-RHOS-12.0:puppet-ironic-0:11.5.0-2.el7ost.src",
"7Server-RH7-RHOS-12.0:puppet-keystone-0:11.4.0-2.el7ost.noarch",
"7Server-RH7-RHOS-12.0:puppet-keystone-0:11.4.0-2.el7ost.src",
"7Server-RH7-RHOS-12.0:puppet-manila-0:11.4.0-4.el7ost.noarch",
"7Server-RH7-RHOS-12.0:puppet-manila-0:11.4.0-4.el7ost.src",
"7Server-RH7-RHOS-12.0:puppet-mistral-0:11.4.0-2.el7ost.noarch",
"7Server-RH7-RHOS-12.0:puppet-mistral-0:11.4.0-2.el7ost.src",
"7Server-RH7-RHOS-12.0:puppet-neutron-0:11.5.0-2.el7ost.noarch",
"7Server-RH7-RHOS-12.0:puppet-neutron-0:11.5.0-2.el7ost.src",
"7Server-RH7-RHOS-12.0:puppet-nova-0:11.5.0-4.el7ost.noarch",
"7Server-RH7-RHOS-12.0:puppet-nova-0:11.5.0-4.el7ost.src",
"7Server-RH7-RHOS-12.0:puppet-panko-0:11.5.0-2.el7ost.noarch",
"7Server-RH7-RHOS-12.0:puppet-panko-0:11.5.0-2.el7ost.src",
"7Server-RH7-RHOS-12.0:puppet-tripleo-0:7.4.12-8.el7ost.noarch",
"7Server-RH7-RHOS-12.0:puppet-tripleo-0:7.4.12-8.el7ost.src",
"7Server-RH7-RHOS-12.0:puppet-trove-0:11.4.0-2.el7ost.noarch",
"7Server-RH7-RHOS-12.0:puppet-trove-0:11.4.0-2.el7ost.src",
"7Server-RH7-RHOS-12.0:python-novajoin-0:1.0.17-3.el7ost.noarch",
"7Server-RH7-RHOS-12.0:python-novajoin-0:1.0.17-3.el7ost.src",
"7Server-RH7-RHOS-12.0:python-os-brick-0:1.15.5-2.el7ost.noarch",
"7Server-RH7-RHOS-12.0:python-os-brick-0:1.15.5-2.el7ost.src",
"7Server-RH7-RHOS-12.0:python-tripleoclient-0:7.3.10-3.el7ost.noarch",
"7Server-RH7-RHOS-12.0:python-tripleoclient-0:7.3.10-3.el7ost.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"7Server-RH7-RHOS-12.0:instack-undercloud-0:7.4.12-1.el7ost.noarch",
"7Server-RH7-RHOS-12.0:instack-undercloud-0:7.4.12-1.el7ost.src",
"7Server-RH7-RHOS-12.0:openstack-tripleo-common-0:7.6.13-3.el7ost.noarch",
"7Server-RH7-RHOS-12.0:openstack-tripleo-common-0:7.6.13-3.el7ost.src",
"7Server-RH7-RHOS-12.0:openstack-tripleo-common-container-base-0:7.6.13-3.el7ost.noarch",
"7Server-RH7-RHOS-12.0:openstack-tripleo-common-containers-0:7.6.13-3.el7ost.noarch",
"7Server-RH7-RHOS-12.0:openstack-tripleo-common-devtools-0:7.6.13-3.el7ost.noarch",
"7Server-RH7-RHOS-12.0:openstack-tripleo-heat-templates-0:7.0.12-8.el7ost.noarch",
"7Server-RH7-RHOS-12.0:openstack-tripleo-heat-templates-0:7.0.12-8.el7ost.src",
"7Server-RH7-RHOS-12.0:openstack-tripleo-image-elements-0:7.0.5-1.el7ost.noarch",
"7Server-RH7-RHOS-12.0:openstack-tripleo-image-elements-0:7.0.5-1.el7ost.src",
"7Server-RH7-RHOS-12.0:openstack-tripleo-puppet-elements-0:7.0.7-1.el7ost.noarch",
"7Server-RH7-RHOS-12.0:openstack-tripleo-puppet-elements-0:7.0.7-1.el7ost.src",
"7Server-RH7-RHOS-12.0:os-net-config-0:7.3.6-1.el7ost.noarch",
"7Server-RH7-RHOS-12.0:os-net-config-0:7.3.6-1.el7ost.src",
"7Server-RH7-RHOS-12.0:puppet-aodh-0:11.4.0-2.el7ost.noarch",
"7Server-RH7-RHOS-12.0:puppet-aodh-0:11.4.0-2.el7ost.src",
"7Server-RH7-RHOS-12.0:puppet-ceilometer-0:11.5.0-2.el7ost.noarch",
"7Server-RH7-RHOS-12.0:puppet-ceilometer-0:11.5.0-2.el7ost.src",
"7Server-RH7-RHOS-12.0:puppet-ceph-0:2.4.2-2.el7ost.noarch",
"7Server-RH7-RHOS-12.0:puppet-ceph-0:2.4.2-2.el7ost.src",
"7Server-RH7-RHOS-12.0:puppet-cinder-0:11.5.0-4.el7ost.noarch",
"7Server-RH7-RHOS-12.0:puppet-cinder-0:11.5.0-4.el7ost.src",
"7Server-RH7-RHOS-12.0:puppet-glance-0:11.5.0-2.el7ost.noarch",
"7Server-RH7-RHOS-12.0:puppet-glance-0:11.5.0-2.el7ost.src",
"7Server-RH7-RHOS-12.0:puppet-heat-0:11.5.0-2.el7ost.noarch",
"7Server-RH7-RHOS-12.0:puppet-heat-0:11.5.0-2.el7ost.src",
"7Server-RH7-RHOS-12.0:puppet-ironic-0:11.5.0-2.el7ost.noarch",
"7Server-RH7-RHOS-12.0:puppet-ironic-0:11.5.0-2.el7ost.src",
"7Server-RH7-RHOS-12.0:puppet-keystone-0:11.4.0-2.el7ost.noarch",
"7Server-RH7-RHOS-12.0:puppet-keystone-0:11.4.0-2.el7ost.src",
"7Server-RH7-RHOS-12.0:puppet-manila-0:11.4.0-4.el7ost.noarch",
"7Server-RH7-RHOS-12.0:puppet-manila-0:11.4.0-4.el7ost.src",
"7Server-RH7-RHOS-12.0:puppet-mistral-0:11.4.0-2.el7ost.noarch",
"7Server-RH7-RHOS-12.0:puppet-mistral-0:11.4.0-2.el7ost.src",
"7Server-RH7-RHOS-12.0:puppet-neutron-0:11.5.0-2.el7ost.noarch",
"7Server-RH7-RHOS-12.0:puppet-neutron-0:11.5.0-2.el7ost.src",
"7Server-RH7-RHOS-12.0:puppet-nova-0:11.5.0-4.el7ost.noarch",
"7Server-RH7-RHOS-12.0:puppet-nova-0:11.5.0-4.el7ost.src",
"7Server-RH7-RHOS-12.0:puppet-panko-0:11.5.0-2.el7ost.noarch",
"7Server-RH7-RHOS-12.0:puppet-panko-0:11.5.0-2.el7ost.src",
"7Server-RH7-RHOS-12.0:puppet-tripleo-0:7.4.12-8.el7ost.noarch",
"7Server-RH7-RHOS-12.0:puppet-tripleo-0:7.4.12-8.el7ost.src",
"7Server-RH7-RHOS-12.0:puppet-trove-0:11.4.0-2.el7ost.noarch",
"7Server-RH7-RHOS-12.0:puppet-trove-0:11.4.0-2.el7ost.src",
"7Server-RH7-RHOS-12.0:python-novajoin-0:1.0.17-3.el7ost.noarch",
"7Server-RH7-RHOS-12.0:python-novajoin-0:1.0.17-3.el7ost.src",
"7Server-RH7-RHOS-12.0:python-os-brick-0:1.15.5-2.el7ost.noarch",
"7Server-RH7-RHOS-12.0:python-os-brick-0:1.15.5-2.el7ost.src",
"7Server-RH7-RHOS-12.0:python-tripleoclient-0:7.3.10-3.el7ost.noarch",
"7Server-RH7-RHOS-12.0:python-tripleoclient-0:7.3.10-3.el7ost.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "memcached: UDP server support allows spoofed traffic amplification DoS"
}
]
}
RHBA-2018_2140
Vulnerability from csaf_redhat - Published: 2018-07-05 12:26 - Updated: 2024-11-14 23:32Summary
Red Hat Bug Fix Advisory: Red Hat OpenStack Platform 9 director Bug Fix Advisory
Notes
Topic
Updated packages that resolve various issues are now available for Red Hat
OpenStack Platform 9.0 director for RHEL 7.
Details
Red Hat OpenStack Platform director provides the facilities for deploying
and monitoring a private or public infrastructure-as-a-service (IaaS) cloud
based on Red Hat OpenStack Platform.
Changes to the openstack-tripleo-heat-templates component:
* The operator can override any SNMP configuration with a new parameter, SnmpdConfigOverride. With this parameter, the operator must include all of the SNMP configuration requirements, including usernames and passwords. Red Hat OpenStack director does not place any restrictions on the content of SnmpdConfigOverride. (BZ#1556958)
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated packages that resolve various issues are now available for Red Hat\nOpenStack Platform 9.0 director for RHEL 7.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat OpenStack Platform director provides the facilities for deploying\nand monitoring a private or public infrastructure-as-a-service (IaaS) cloud\nbased on Red Hat OpenStack Platform.\n\nChanges to the openstack-tripleo-heat-templates component:\n\n* The operator can override any SNMP configuration with a new parameter, SnmpdConfigOverride. With this parameter, the operator must include all of the SNMP configuration requirements, including usernames and passwords. Red Hat OpenStack director does not place any restrictions on the content of SnmpdConfigOverride. (BZ#1556958)",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHBA-2018:2140",
"url": "https://access.redhat.com/errata/RHBA-2018:2140"
},
{
"category": "external",
"summary": "1467649",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1467649"
},
{
"category": "external",
"summary": "1512489",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1512489"
},
{
"category": "external",
"summary": "1517268",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1517268"
},
{
"category": "external",
"summary": "1532610",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1532610"
},
{
"category": "external",
"summary": "1533948",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1533948"
},
{
"category": "external",
"summary": "1556958",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1556958"
},
{
"category": "external",
"summary": "1562405",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1562405"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2018/rhba-2018_2140.json"
}
],
"title": "Red Hat Bug Fix Advisory: Red Hat OpenStack Platform 9 director Bug Fix Advisory",
"tracking": {
"current_release_date": "2024-11-14T23:32:51+00:00",
"generator": {
"date": "2024-11-14T23:32:51+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHBA-2018:2140",
"initial_release_date": "2018-07-05T12:26:48+00:00",
"revision_history": [
{
"date": "2018-07-05T12:26:48+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2018-07-05T12:26:48+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-14T23:32:51+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "OpenStack 9.0 Director for RHEL 7",
"product": {
"name": "OpenStack 9.0 Director for RHEL 7",
"product_id": "7Server-RH7-RHOS-9.0-Director",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openstack-director:9::el7"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenStack Platform"
},
{
"branches": [
{
"category": "product_version",
"name": "instack-undercloud-0:4.0.0-18.el7ost.src",
"product": {
"name": "instack-undercloud-0:4.0.0-18.el7ost.src",
"product_id": "instack-undercloud-0:4.0.0-18.el7ost.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/instack-undercloud@4.0.0-18.el7ost?arch=src"
}
}
},
{
"category": "product_version",
"name": "openstack-tripleo-heat-templates-0:2.0.0-65.el7ost.src",
"product": {
"name": "openstack-tripleo-heat-templates-0:2.0.0-65.el7ost.src",
"product_id": "openstack-tripleo-heat-templates-0:2.0.0-65.el7ost.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-tripleo-heat-templates@2.0.0-65.el7ost?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "instack-undercloud-0:4.0.0-18.el7ost.noarch",
"product": {
"name": "instack-undercloud-0:4.0.0-18.el7ost.noarch",
"product_id": "instack-undercloud-0:4.0.0-18.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/instack-undercloud@4.0.0-18.el7ost?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "openstack-tripleo-heat-templates-0:2.0.0-65.el7ost.noarch",
"product": {
"name": "openstack-tripleo-heat-templates-0:2.0.0-65.el7ost.noarch",
"product_id": "openstack-tripleo-heat-templates-0:2.0.0-65.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-tripleo-heat-templates@2.0.0-65.el7ost?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "openstack-tripleo-heat-templates-liberty-0:2.0.0-65.el7ost.noarch",
"product": {
"name": "openstack-tripleo-heat-templates-liberty-0:2.0.0-65.el7ost.noarch",
"product_id": "openstack-tripleo-heat-templates-liberty-0:2.0.0-65.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-tripleo-heat-templates-liberty@2.0.0-65.el7ost?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "instack-undercloud-0:4.0.0-18.el7ost.noarch as a component of OpenStack 9.0 Director for RHEL 7",
"product_id": "7Server-RH7-RHOS-9.0-Director:instack-undercloud-0:4.0.0-18.el7ost.noarch"
},
"product_reference": "instack-undercloud-0:4.0.0-18.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-9.0-Director"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "instack-undercloud-0:4.0.0-18.el7ost.src as a component of OpenStack 9.0 Director for RHEL 7",
"product_id": "7Server-RH7-RHOS-9.0-Director:instack-undercloud-0:4.0.0-18.el7ost.src"
},
"product_reference": "instack-undercloud-0:4.0.0-18.el7ost.src",
"relates_to_product_reference": "7Server-RH7-RHOS-9.0-Director"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-tripleo-heat-templates-0:2.0.0-65.el7ost.noarch as a component of OpenStack 9.0 Director for RHEL 7",
"product_id": "7Server-RH7-RHOS-9.0-Director:openstack-tripleo-heat-templates-0:2.0.0-65.el7ost.noarch"
},
"product_reference": "openstack-tripleo-heat-templates-0:2.0.0-65.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-9.0-Director"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-tripleo-heat-templates-0:2.0.0-65.el7ost.src as a component of OpenStack 9.0 Director for RHEL 7",
"product_id": "7Server-RH7-RHOS-9.0-Director:openstack-tripleo-heat-templates-0:2.0.0-65.el7ost.src"
},
"product_reference": "openstack-tripleo-heat-templates-0:2.0.0-65.el7ost.src",
"relates_to_product_reference": "7Server-RH7-RHOS-9.0-Director"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-tripleo-heat-templates-liberty-0:2.0.0-65.el7ost.noarch as a component of OpenStack 9.0 Director for RHEL 7",
"product_id": "7Server-RH7-RHOS-9.0-Director:openstack-tripleo-heat-templates-liberty-0:2.0.0-65.el7ost.noarch"
},
"product_reference": "openstack-tripleo-heat-templates-liberty-0:2.0.0-65.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-9.0-Director"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2018-1000115",
"discovery_date": "2018-03-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1551182"
}
],
"notes": [
{
"category": "description",
"text": "It was discovered that the memcached connections using UDP transport protocol can be abused for efficient traffic amplification distributed denial of service (DDoS) attacks. A remote attacker could send a malicious UDP request using a spoofed source IP address of a target system to memcached, causing it to send a significantly larger response to the target.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "memcached: UDP server support allows spoofed traffic amplification DoS",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat is aware of traffic amplification distributed denial of service (DDoS) attacks that take advantage of the insecurely configured memcached servers reachable from the public Internet. The default configuration of memcached as shipped in Red Hat products makes it possible to abuse them for these DDoS attacks if memcached is exposed to connections from the public Internet. Refer to the Red Hat Knowledgebase article 3369081 for instructions on how to properly secure memcached installations to prevent them from being used in the attack.\n\nhttps://access.redhat.com/solutions/3369081",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RH7-RHOS-9.0-Director:instack-undercloud-0:4.0.0-18.el7ost.noarch",
"7Server-RH7-RHOS-9.0-Director:instack-undercloud-0:4.0.0-18.el7ost.src",
"7Server-RH7-RHOS-9.0-Director:openstack-tripleo-heat-templates-0:2.0.0-65.el7ost.noarch",
"7Server-RH7-RHOS-9.0-Director:openstack-tripleo-heat-templates-0:2.0.0-65.el7ost.src",
"7Server-RH7-RHOS-9.0-Director:openstack-tripleo-heat-templates-liberty-0:2.0.0-65.el7ost.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-1000115"
},
{
"category": "external",
"summary": "RHBZ#1551182",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1551182"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-1000115",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000115"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-1000115",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1000115"
}
],
"release_date": "2018-03-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-07-05T12:26:48+00:00",
"details": "Before applying this update, ensure all previously released errata relevant\nto your system have been applied.\n\nRed Hat OpenStack Platform 9 runs on Red Hat Enterprise Linux 7.4.\n\nThe Red Hat OpenStack Platform 9 Release Notes contain the following:\n* An explanation of the way in which the provided components interact to\nform a working cloud computing environment.\n* Technology Previews, Recommended Practices, and Known Issues.\n* The channels required for Red Hat OpenStack Platform 9, including which\nchannels need to be enabled and disabled.\n\nThe Release Notes are available at:\nhttps://access.redhat.com/documentation/en/red-hat-openstack-platform/9/paged/release-notes\n\nThis update is available through \u0027yum update\u0027 on systems registered through\nRed Hat Subscription Manager. For more information about Red Hat\nSubscription Manager, see:\n\nhttps://access.redhat.com/documentation/en-US/Red_Hat_Subscription_Management/1/html/RHSM/index.html",
"product_ids": [
"7Server-RH7-RHOS-9.0-Director:instack-undercloud-0:4.0.0-18.el7ost.noarch",
"7Server-RH7-RHOS-9.0-Director:instack-undercloud-0:4.0.0-18.el7ost.src",
"7Server-RH7-RHOS-9.0-Director:openstack-tripleo-heat-templates-0:2.0.0-65.el7ost.noarch",
"7Server-RH7-RHOS-9.0-Director:openstack-tripleo-heat-templates-0:2.0.0-65.el7ost.src",
"7Server-RH7-RHOS-9.0-Director:openstack-tripleo-heat-templates-liberty-0:2.0.0-65.el7ost.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHBA-2018:2140"
},
{
"category": "workaround",
"details": "Please refer to the Red Hat Knowledgebase article 3369081 for instructions on how to properly secure memcached installations to prevent them from being used in an attack.\n\nhttps://access.redhat.com/solutions/3369081",
"product_ids": [
"7Server-RH7-RHOS-9.0-Director:instack-undercloud-0:4.0.0-18.el7ost.noarch",
"7Server-RH7-RHOS-9.0-Director:instack-undercloud-0:4.0.0-18.el7ost.src",
"7Server-RH7-RHOS-9.0-Director:openstack-tripleo-heat-templates-0:2.0.0-65.el7ost.noarch",
"7Server-RH7-RHOS-9.0-Director:openstack-tripleo-heat-templates-0:2.0.0-65.el7ost.src",
"7Server-RH7-RHOS-9.0-Director:openstack-tripleo-heat-templates-liberty-0:2.0.0-65.el7ost.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"7Server-RH7-RHOS-9.0-Director:instack-undercloud-0:4.0.0-18.el7ost.noarch",
"7Server-RH7-RHOS-9.0-Director:instack-undercloud-0:4.0.0-18.el7ost.src",
"7Server-RH7-RHOS-9.0-Director:openstack-tripleo-heat-templates-0:2.0.0-65.el7ost.noarch",
"7Server-RH7-RHOS-9.0-Director:openstack-tripleo-heat-templates-0:2.0.0-65.el7ost.src",
"7Server-RH7-RHOS-9.0-Director:openstack-tripleo-heat-templates-liberty-0:2.0.0-65.el7ost.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "memcached: UDP server support allows spoofed traffic amplification DoS"
}
]
}
RHSA-2018:2331
Vulnerability from csaf_redhat - Published: 2018-08-20 12:56 - Updated: 2025-11-21 18:05Summary
Red Hat Security Advisory: Red Hat OpenStack Platform 12.0 director security and bug fix update
Notes
Topic
An update for memcached is now available for Red Hat OpenStack Platform 12.0 (Pike).
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
memcached is a high-performance, distributed memory object caching system, generic in nature, but intended for use in speeding up dynamic web applications by alleviating database load.
Security fix(es):
* memcached: UDP server support allows spoofed traffic amplification DoS (CVE-2018-1000115)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
For more information about the bug fixes and enhancements included with
this update, see the "Technical Notes" section of the Release Notes
linked in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for memcached is now available for Red Hat OpenStack Platform 12.0 (Pike).\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "memcached is a high-performance, distributed memory object caching system, generic in nature, but intended for use in speeding up dynamic web applications by alleviating database load.\n\nSecurity fix(es):\n\n* memcached: UDP server support allows spoofed traffic amplification DoS (CVE-2018-1000115)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.\n\nFor more information about the bug fixes and enhancements included with\nthis update, see the \"Technical Notes\" section of the Release Notes \nlinked in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2018:2331",
"url": "https://access.redhat.com/errata/RHSA-2018:2331"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_openstack_platform/12/html/release_notes/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_openstack_platform/12/html/release_notes/"
},
{
"category": "external",
"summary": "1470033",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1470033"
},
{
"category": "external",
"summary": "1477663",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1477663"
},
{
"category": "external",
"summary": "1488058",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1488058"
},
{
"category": "external",
"summary": "1502860",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1502860"
},
{
"category": "external",
"summary": "1504052",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1504052"
},
{
"category": "external",
"summary": "1506038",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1506038"
},
{
"category": "external",
"summary": "1508867",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1508867"
},
{
"category": "external",
"summary": "1511988",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1511988"
},
{
"category": "external",
"summary": "1513497",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1513497"
},
{
"category": "external",
"summary": "1513502",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1513502"
},
{
"category": "external",
"summary": "1518605",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1518605"
},
{
"category": "external",
"summary": "1518662",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1518662"
},
{
"category": "external",
"summary": "1520453",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1520453"
},
{
"category": "external",
"summary": "1527205",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1527205"
},
{
"category": "external",
"summary": "1528632",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1528632"
},
{
"category": "external",
"summary": "1533204",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1533204"
},
{
"category": "external",
"summary": "1533271",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1533271"
},
{
"category": "external",
"summary": "1533511",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1533511"
},
{
"category": "external",
"summary": "1534442",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534442"
},
{
"category": "external",
"summary": "1537606",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1537606"
},
{
"category": "external",
"summary": "1539961",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1539961"
},
{
"category": "external",
"summary": "1547146",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1547146"
},
{
"category": "external",
"summary": "1547539",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1547539"
},
{
"category": "external",
"summary": "1549139",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1549139"
},
{
"category": "external",
"summary": "1550934",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1550934"
},
{
"category": "external",
"summary": "1551182",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1551182"
},
{
"category": "external",
"summary": "1552759",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1552759"
},
{
"category": "external",
"summary": "1556720",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1556720"
},
{
"category": "external",
"summary": "1557328",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1557328"
},
{
"category": "external",
"summary": "1558679",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1558679"
},
{
"category": "external",
"summary": "1559151",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1559151"
},
{
"category": "external",
"summary": "1559920",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1559920"
},
{
"category": "external",
"summary": "1560937",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1560937"
},
{
"category": "external",
"summary": "1562148",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1562148"
},
{
"category": "external",
"summary": "1570147",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1570147"
},
{
"category": "external",
"summary": "1571435",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1571435"
},
{
"category": "external",
"summary": "1571646",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1571646"
},
{
"category": "external",
"summary": "1571744",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1571744"
},
{
"category": "external",
"summary": "1572353",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1572353"
},
{
"category": "external",
"summary": "1572667",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1572667"
},
{
"category": "external",
"summary": "1573583",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1573583"
},
{
"category": "external",
"summary": "1573791",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1573791"
},
{
"category": "external",
"summary": "1573808",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1573808"
},
{
"category": "external",
"summary": "1576751",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576751"
},
{
"category": "external",
"summary": "1579023",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1579023"
},
{
"category": "external",
"summary": "1582597",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1582597"
},
{
"category": "external",
"summary": "1582645",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1582645"
},
{
"category": "external",
"summary": "1583792",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1583792"
},
{
"category": "external",
"summary": "1583858",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1583858"
},
{
"category": "external",
"summary": "1584279",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1584279"
},
{
"category": "external",
"summary": "1584374",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1584374"
},
{
"category": "external",
"summary": "1584396",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1584396"
},
{
"category": "external",
"summary": "1584403",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1584403"
},
{
"category": "external",
"summary": "1584404",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1584404"
},
{
"category": "external",
"summary": "1584411",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1584411"
},
{
"category": "external",
"summary": "1584416",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1584416"
},
{
"category": "external",
"summary": "1584417",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1584417"
},
{
"category": "external",
"summary": "1584754",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1584754"
},
{
"category": "external",
"summary": "1585189",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1585189"
},
{
"category": "external",
"summary": "1585362",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1585362"
},
{
"category": "external",
"summary": "1586155",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1586155"
},
{
"category": "external",
"summary": "1589951",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1589951"
},
{
"category": "external",
"summary": "1590030",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1590030"
},
{
"category": "external",
"summary": "1590031",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1590031"
},
{
"category": "external",
"summary": "1590033",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1590033"
},
{
"category": "external",
"summary": "1590368",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1590368"
},
{
"category": "external",
"summary": "1590586",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1590586"
},
{
"category": "external",
"summary": "1590607",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1590607"
},
{
"category": "external",
"summary": "1590612",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1590612"
},
{
"category": "external",
"summary": "1590613",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1590613"
},
{
"category": "external",
"summary": "1590953",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1590953"
},
{
"category": "external",
"summary": "1591782",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1591782"
},
{
"category": "external",
"summary": "1592418",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1592418"
},
{
"category": "external",
"summary": "1592963",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1592963"
},
{
"category": "external",
"summary": "1592967",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1592967"
},
{
"category": "external",
"summary": "1596760",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1596760"
},
{
"category": "external",
"summary": "1597313",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1597313"
},
{
"category": "external",
"summary": "1597972",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1597972"
},
{
"category": "external",
"summary": "1599410",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1599410"
},
{
"category": "external",
"summary": "1599883",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1599883"
},
{
"category": "external",
"summary": "1600038",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1600038"
},
{
"category": "external",
"summary": "1601348",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601348"
},
{
"category": "external",
"summary": "1607143",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1607143"
},
{
"category": "external",
"summary": "1608450",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1608450"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2018/rhsa-2018_2331.json"
}
],
"title": "Red Hat Security Advisory: Red Hat OpenStack Platform 12.0 director security and bug fix update",
"tracking": {
"current_release_date": "2025-11-21T18:05:41+00:00",
"generator": {
"date": "2025-11-21T18:05:41+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.12"
}
},
"id": "RHSA-2018:2331",
"initial_release_date": "2018-08-20T12:56:25+00:00",
"revision_history": [
{
"date": "2018-08-20T12:56:25+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2018-08-20T12:56:25+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-11-21T18:05:41+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat OpenStack Platform 12.0",
"product": {
"name": "Red Hat OpenStack Platform 12.0",
"product_id": "7Server-RH7-RHOS-12.0",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openstack:12::el7"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenStack Platform"
},
{
"branches": [
{
"category": "product_version",
"name": "python-os-brick-0:1.15.5-2.el7ost.src",
"product": {
"name": "python-os-brick-0:1.15.5-2.el7ost.src",
"product_id": "python-os-brick-0:1.15.5-2.el7ost.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-os-brick@1.15.5-2.el7ost?arch=src"
}
}
},
{
"category": "product_version",
"name": "puppet-neutron-0:11.5.0-2.el7ost.src",
"product": {
"name": "puppet-neutron-0:11.5.0-2.el7ost.src",
"product_id": "puppet-neutron-0:11.5.0-2.el7ost.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/puppet-neutron@11.5.0-2.el7ost?arch=src"
}
}
},
{
"category": "product_version",
"name": "os-net-config-0:7.3.6-1.el7ost.src",
"product": {
"name": "os-net-config-0:7.3.6-1.el7ost.src",
"product_id": "os-net-config-0:7.3.6-1.el7ost.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/os-net-config@7.3.6-1.el7ost?arch=src"
}
}
},
{
"category": "product_version",
"name": "instack-undercloud-0:7.4.12-1.el7ost.src",
"product": {
"name": "instack-undercloud-0:7.4.12-1.el7ost.src",
"product_id": "instack-undercloud-0:7.4.12-1.el7ost.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/instack-undercloud@7.4.12-1.el7ost?arch=src"
}
}
},
{
"category": "product_version",
"name": "openstack-tripleo-image-elements-0:7.0.5-1.el7ost.src",
"product": {
"name": "openstack-tripleo-image-elements-0:7.0.5-1.el7ost.src",
"product_id": "openstack-tripleo-image-elements-0:7.0.5-1.el7ost.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-tripleo-image-elements@7.0.5-1.el7ost?arch=src"
}
}
},
{
"category": "product_version",
"name": "puppet-manila-0:11.4.0-4.el7ost.src",
"product": {
"name": "puppet-manila-0:11.4.0-4.el7ost.src",
"product_id": "puppet-manila-0:11.4.0-4.el7ost.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/puppet-manila@11.4.0-4.el7ost?arch=src"
}
}
},
{
"category": "product_version",
"name": "puppet-trove-0:11.4.0-2.el7ost.src",
"product": {
"name": "puppet-trove-0:11.4.0-2.el7ost.src",
"product_id": "puppet-trove-0:11.4.0-2.el7ost.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/puppet-trove@11.4.0-2.el7ost?arch=src"
}
}
},
{
"category": "product_version",
"name": "puppet-mistral-0:11.4.0-2.el7ost.src",
"product": {
"name": "puppet-mistral-0:11.4.0-2.el7ost.src",
"product_id": "puppet-mistral-0:11.4.0-2.el7ost.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/puppet-mistral@11.4.0-2.el7ost?arch=src"
}
}
},
{
"category": "product_version",
"name": "puppet-heat-0:11.5.0-2.el7ost.src",
"product": {
"name": "puppet-heat-0:11.5.0-2.el7ost.src",
"product_id": "puppet-heat-0:11.5.0-2.el7ost.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/puppet-heat@11.5.0-2.el7ost?arch=src"
}
}
},
{
"category": "product_version",
"name": "openstack-tripleo-puppet-elements-0:7.0.7-1.el7ost.src",
"product": {
"name": "openstack-tripleo-puppet-elements-0:7.0.7-1.el7ost.src",
"product_id": "openstack-tripleo-puppet-elements-0:7.0.7-1.el7ost.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-tripleo-puppet-elements@7.0.7-1.el7ost?arch=src"
}
}
},
{
"category": "product_version",
"name": "puppet-ceilometer-0:11.5.0-2.el7ost.src",
"product": {
"name": "puppet-ceilometer-0:11.5.0-2.el7ost.src",
"product_id": "puppet-ceilometer-0:11.5.0-2.el7ost.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/puppet-ceilometer@11.5.0-2.el7ost?arch=src"
}
}
},
{
"category": "product_version",
"name": "puppet-aodh-0:11.4.0-2.el7ost.src",
"product": {
"name": "puppet-aodh-0:11.4.0-2.el7ost.src",
"product_id": "puppet-aodh-0:11.4.0-2.el7ost.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/puppet-aodh@11.4.0-2.el7ost?arch=src"
}
}
},
{
"category": "product_version",
"name": "puppet-glance-0:11.5.0-2.el7ost.src",
"product": {
"name": "puppet-glance-0:11.5.0-2.el7ost.src",
"product_id": "puppet-glance-0:11.5.0-2.el7ost.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/puppet-glance@11.5.0-2.el7ost?arch=src"
}
}
},
{
"category": "product_version",
"name": "puppet-keystone-0:11.4.0-2.el7ost.src",
"product": {
"name": "puppet-keystone-0:11.4.0-2.el7ost.src",
"product_id": "puppet-keystone-0:11.4.0-2.el7ost.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/puppet-keystone@11.4.0-2.el7ost?arch=src"
}
}
},
{
"category": "product_version",
"name": "puppet-ceph-0:2.4.2-2.el7ost.src",
"product": {
"name": "puppet-ceph-0:2.4.2-2.el7ost.src",
"product_id": "puppet-ceph-0:2.4.2-2.el7ost.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/puppet-ceph@2.4.2-2.el7ost?arch=src"
}
}
},
{
"category": "product_version",
"name": "puppet-panko-0:11.5.0-2.el7ost.src",
"product": {
"name": "puppet-panko-0:11.5.0-2.el7ost.src",
"product_id": "puppet-panko-0:11.5.0-2.el7ost.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/puppet-panko@11.5.0-2.el7ost?arch=src"
}
}
},
{
"category": "product_version",
"name": "puppet-cinder-0:11.5.0-4.el7ost.src",
"product": {
"name": "puppet-cinder-0:11.5.0-4.el7ost.src",
"product_id": "puppet-cinder-0:11.5.0-4.el7ost.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/puppet-cinder@11.5.0-4.el7ost?arch=src"
}
}
},
{
"category": "product_version",
"name": "puppet-ironic-0:11.5.0-2.el7ost.src",
"product": {
"name": "puppet-ironic-0:11.5.0-2.el7ost.src",
"product_id": "puppet-ironic-0:11.5.0-2.el7ost.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/puppet-ironic@11.5.0-2.el7ost?arch=src"
}
}
},
{
"category": "product_version",
"name": "python-novajoin-0:1.0.17-3.el7ost.src",
"product": {
"name": "python-novajoin-0:1.0.17-3.el7ost.src",
"product_id": "python-novajoin-0:1.0.17-3.el7ost.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-novajoin@1.0.17-3.el7ost?arch=src"
}
}
},
{
"category": "product_version",
"name": "python-tripleoclient-0:7.3.10-3.el7ost.src",
"product": {
"name": "python-tripleoclient-0:7.3.10-3.el7ost.src",
"product_id": "python-tripleoclient-0:7.3.10-3.el7ost.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-tripleoclient@7.3.10-3.el7ost?arch=src"
}
}
},
{
"category": "product_version",
"name": "puppet-nova-0:11.5.0-4.el7ost.src",
"product": {
"name": "puppet-nova-0:11.5.0-4.el7ost.src",
"product_id": "puppet-nova-0:11.5.0-4.el7ost.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/puppet-nova@11.5.0-4.el7ost?arch=src"
}
}
},
{
"category": "product_version",
"name": "openstack-tripleo-common-0:7.6.13-3.el7ost.src",
"product": {
"name": "openstack-tripleo-common-0:7.6.13-3.el7ost.src",
"product_id": "openstack-tripleo-common-0:7.6.13-3.el7ost.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-tripleo-common@7.6.13-3.el7ost?arch=src"
}
}
},
{
"category": "product_version",
"name": "openstack-tripleo-heat-templates-0:7.0.12-8.el7ost.src",
"product": {
"name": "openstack-tripleo-heat-templates-0:7.0.12-8.el7ost.src",
"product_id": "openstack-tripleo-heat-templates-0:7.0.12-8.el7ost.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-tripleo-heat-templates@7.0.12-8.el7ost?arch=src"
}
}
},
{
"category": "product_version",
"name": "puppet-tripleo-0:7.4.12-8.el7ost.src",
"product": {
"name": "puppet-tripleo-0:7.4.12-8.el7ost.src",
"product_id": "puppet-tripleo-0:7.4.12-8.el7ost.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/puppet-tripleo@7.4.12-8.el7ost?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "python-os-brick-0:1.15.5-2.el7ost.noarch",
"product": {
"name": "python-os-brick-0:1.15.5-2.el7ost.noarch",
"product_id": "python-os-brick-0:1.15.5-2.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-os-brick@1.15.5-2.el7ost?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "puppet-neutron-0:11.5.0-2.el7ost.noarch",
"product": {
"name": "puppet-neutron-0:11.5.0-2.el7ost.noarch",
"product_id": "puppet-neutron-0:11.5.0-2.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/puppet-neutron@11.5.0-2.el7ost?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "os-net-config-0:7.3.6-1.el7ost.noarch",
"product": {
"name": "os-net-config-0:7.3.6-1.el7ost.noarch",
"product_id": "os-net-config-0:7.3.6-1.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/os-net-config@7.3.6-1.el7ost?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "instack-undercloud-0:7.4.12-1.el7ost.noarch",
"product": {
"name": "instack-undercloud-0:7.4.12-1.el7ost.noarch",
"product_id": "instack-undercloud-0:7.4.12-1.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/instack-undercloud@7.4.12-1.el7ost?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "openstack-tripleo-image-elements-0:7.0.5-1.el7ost.noarch",
"product": {
"name": "openstack-tripleo-image-elements-0:7.0.5-1.el7ost.noarch",
"product_id": "openstack-tripleo-image-elements-0:7.0.5-1.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-tripleo-image-elements@7.0.5-1.el7ost?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "puppet-manila-0:11.4.0-4.el7ost.noarch",
"product": {
"name": "puppet-manila-0:11.4.0-4.el7ost.noarch",
"product_id": "puppet-manila-0:11.4.0-4.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/puppet-manila@11.4.0-4.el7ost?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "puppet-trove-0:11.4.0-2.el7ost.noarch",
"product": {
"name": "puppet-trove-0:11.4.0-2.el7ost.noarch",
"product_id": "puppet-trove-0:11.4.0-2.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/puppet-trove@11.4.0-2.el7ost?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "puppet-mistral-0:11.4.0-2.el7ost.noarch",
"product": {
"name": "puppet-mistral-0:11.4.0-2.el7ost.noarch",
"product_id": "puppet-mistral-0:11.4.0-2.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/puppet-mistral@11.4.0-2.el7ost?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "puppet-heat-0:11.5.0-2.el7ost.noarch",
"product": {
"name": "puppet-heat-0:11.5.0-2.el7ost.noarch",
"product_id": "puppet-heat-0:11.5.0-2.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/puppet-heat@11.5.0-2.el7ost?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "openstack-tripleo-puppet-elements-0:7.0.7-1.el7ost.noarch",
"product": {
"name": "openstack-tripleo-puppet-elements-0:7.0.7-1.el7ost.noarch",
"product_id": "openstack-tripleo-puppet-elements-0:7.0.7-1.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-tripleo-puppet-elements@7.0.7-1.el7ost?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "puppet-ceilometer-0:11.5.0-2.el7ost.noarch",
"product": {
"name": "puppet-ceilometer-0:11.5.0-2.el7ost.noarch",
"product_id": "puppet-ceilometer-0:11.5.0-2.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/puppet-ceilometer@11.5.0-2.el7ost?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "puppet-aodh-0:11.4.0-2.el7ost.noarch",
"product": {
"name": "puppet-aodh-0:11.4.0-2.el7ost.noarch",
"product_id": "puppet-aodh-0:11.4.0-2.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/puppet-aodh@11.4.0-2.el7ost?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "puppet-glance-0:11.5.0-2.el7ost.noarch",
"product": {
"name": "puppet-glance-0:11.5.0-2.el7ost.noarch",
"product_id": "puppet-glance-0:11.5.0-2.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/puppet-glance@11.5.0-2.el7ost?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "puppet-keystone-0:11.4.0-2.el7ost.noarch",
"product": {
"name": "puppet-keystone-0:11.4.0-2.el7ost.noarch",
"product_id": "puppet-keystone-0:11.4.0-2.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/puppet-keystone@11.4.0-2.el7ost?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "puppet-ceph-0:2.4.2-2.el7ost.noarch",
"product": {
"name": "puppet-ceph-0:2.4.2-2.el7ost.noarch",
"product_id": "puppet-ceph-0:2.4.2-2.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/puppet-ceph@2.4.2-2.el7ost?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "puppet-panko-0:11.5.0-2.el7ost.noarch",
"product": {
"name": "puppet-panko-0:11.5.0-2.el7ost.noarch",
"product_id": "puppet-panko-0:11.5.0-2.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/puppet-panko@11.5.0-2.el7ost?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "puppet-cinder-0:11.5.0-4.el7ost.noarch",
"product": {
"name": "puppet-cinder-0:11.5.0-4.el7ost.noarch",
"product_id": "puppet-cinder-0:11.5.0-4.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/puppet-cinder@11.5.0-4.el7ost?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "puppet-ironic-0:11.5.0-2.el7ost.noarch",
"product": {
"name": "puppet-ironic-0:11.5.0-2.el7ost.noarch",
"product_id": "puppet-ironic-0:11.5.0-2.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/puppet-ironic@11.5.0-2.el7ost?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python-novajoin-0:1.0.17-3.el7ost.noarch",
"product": {
"name": "python-novajoin-0:1.0.17-3.el7ost.noarch",
"product_id": "python-novajoin-0:1.0.17-3.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-novajoin@1.0.17-3.el7ost?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python-tripleoclient-0:7.3.10-3.el7ost.noarch",
"product": {
"name": "python-tripleoclient-0:7.3.10-3.el7ost.noarch",
"product_id": "python-tripleoclient-0:7.3.10-3.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-tripleoclient@7.3.10-3.el7ost?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "puppet-nova-0:11.5.0-4.el7ost.noarch",
"product": {
"name": "puppet-nova-0:11.5.0-4.el7ost.noarch",
"product_id": "puppet-nova-0:11.5.0-4.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/puppet-nova@11.5.0-4.el7ost?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "openstack-tripleo-common-devtools-0:7.6.13-3.el7ost.noarch",
"product": {
"name": "openstack-tripleo-common-devtools-0:7.6.13-3.el7ost.noarch",
"product_id": "openstack-tripleo-common-devtools-0:7.6.13-3.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-tripleo-common-devtools@7.6.13-3.el7ost?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "openstack-tripleo-common-0:7.6.13-3.el7ost.noarch",
"product": {
"name": "openstack-tripleo-common-0:7.6.13-3.el7ost.noarch",
"product_id": "openstack-tripleo-common-0:7.6.13-3.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-tripleo-common@7.6.13-3.el7ost?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "openstack-tripleo-common-containers-0:7.6.13-3.el7ost.noarch",
"product": {
"name": "openstack-tripleo-common-containers-0:7.6.13-3.el7ost.noarch",
"product_id": "openstack-tripleo-common-containers-0:7.6.13-3.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-tripleo-common-containers@7.6.13-3.el7ost?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "openstack-tripleo-common-container-base-0:7.6.13-3.el7ost.noarch",
"product": {
"name": "openstack-tripleo-common-container-base-0:7.6.13-3.el7ost.noarch",
"product_id": "openstack-tripleo-common-container-base-0:7.6.13-3.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-tripleo-common-container-base@7.6.13-3.el7ost?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "openstack-tripleo-heat-templates-0:7.0.12-8.el7ost.noarch",
"product": {
"name": "openstack-tripleo-heat-templates-0:7.0.12-8.el7ost.noarch",
"product_id": "openstack-tripleo-heat-templates-0:7.0.12-8.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-tripleo-heat-templates@7.0.12-8.el7ost?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "puppet-tripleo-0:7.4.12-8.el7ost.noarch",
"product": {
"name": "puppet-tripleo-0:7.4.12-8.el7ost.noarch",
"product_id": "puppet-tripleo-0:7.4.12-8.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/puppet-tripleo@7.4.12-8.el7ost?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "instack-undercloud-0:7.4.12-1.el7ost.noarch as a component of Red Hat OpenStack Platform 12.0",
"product_id": "7Server-RH7-RHOS-12.0:instack-undercloud-0:7.4.12-1.el7ost.noarch"
},
"product_reference": "instack-undercloud-0:7.4.12-1.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-12.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "instack-undercloud-0:7.4.12-1.el7ost.src as a component of Red Hat OpenStack Platform 12.0",
"product_id": "7Server-RH7-RHOS-12.0:instack-undercloud-0:7.4.12-1.el7ost.src"
},
"product_reference": "instack-undercloud-0:7.4.12-1.el7ost.src",
"relates_to_product_reference": "7Server-RH7-RHOS-12.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-tripleo-common-0:7.6.13-3.el7ost.noarch as a component of Red Hat OpenStack Platform 12.0",
"product_id": "7Server-RH7-RHOS-12.0:openstack-tripleo-common-0:7.6.13-3.el7ost.noarch"
},
"product_reference": "openstack-tripleo-common-0:7.6.13-3.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-12.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-tripleo-common-0:7.6.13-3.el7ost.src as a component of Red Hat OpenStack Platform 12.0",
"product_id": "7Server-RH7-RHOS-12.0:openstack-tripleo-common-0:7.6.13-3.el7ost.src"
},
"product_reference": "openstack-tripleo-common-0:7.6.13-3.el7ost.src",
"relates_to_product_reference": "7Server-RH7-RHOS-12.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-tripleo-common-container-base-0:7.6.13-3.el7ost.noarch as a component of Red Hat OpenStack Platform 12.0",
"product_id": "7Server-RH7-RHOS-12.0:openstack-tripleo-common-container-base-0:7.6.13-3.el7ost.noarch"
},
"product_reference": "openstack-tripleo-common-container-base-0:7.6.13-3.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-12.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-tripleo-common-containers-0:7.6.13-3.el7ost.noarch as a component of Red Hat OpenStack Platform 12.0",
"product_id": "7Server-RH7-RHOS-12.0:openstack-tripleo-common-containers-0:7.6.13-3.el7ost.noarch"
},
"product_reference": "openstack-tripleo-common-containers-0:7.6.13-3.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-12.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-tripleo-common-devtools-0:7.6.13-3.el7ost.noarch as a component of Red Hat OpenStack Platform 12.0",
"product_id": "7Server-RH7-RHOS-12.0:openstack-tripleo-common-devtools-0:7.6.13-3.el7ost.noarch"
},
"product_reference": "openstack-tripleo-common-devtools-0:7.6.13-3.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-12.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-tripleo-heat-templates-0:7.0.12-8.el7ost.noarch as a component of Red Hat OpenStack Platform 12.0",
"product_id": "7Server-RH7-RHOS-12.0:openstack-tripleo-heat-templates-0:7.0.12-8.el7ost.noarch"
},
"product_reference": "openstack-tripleo-heat-templates-0:7.0.12-8.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-12.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-tripleo-heat-templates-0:7.0.12-8.el7ost.src as a component of Red Hat OpenStack Platform 12.0",
"product_id": "7Server-RH7-RHOS-12.0:openstack-tripleo-heat-templates-0:7.0.12-8.el7ost.src"
},
"product_reference": "openstack-tripleo-heat-templates-0:7.0.12-8.el7ost.src",
"relates_to_product_reference": "7Server-RH7-RHOS-12.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-tripleo-image-elements-0:7.0.5-1.el7ost.noarch as a component of Red Hat OpenStack Platform 12.0",
"product_id": "7Server-RH7-RHOS-12.0:openstack-tripleo-image-elements-0:7.0.5-1.el7ost.noarch"
},
"product_reference": "openstack-tripleo-image-elements-0:7.0.5-1.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-12.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-tripleo-image-elements-0:7.0.5-1.el7ost.src as a component of Red Hat OpenStack Platform 12.0",
"product_id": "7Server-RH7-RHOS-12.0:openstack-tripleo-image-elements-0:7.0.5-1.el7ost.src"
},
"product_reference": "openstack-tripleo-image-elements-0:7.0.5-1.el7ost.src",
"relates_to_product_reference": "7Server-RH7-RHOS-12.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-tripleo-puppet-elements-0:7.0.7-1.el7ost.noarch as a component of Red Hat OpenStack Platform 12.0",
"product_id": "7Server-RH7-RHOS-12.0:openstack-tripleo-puppet-elements-0:7.0.7-1.el7ost.noarch"
},
"product_reference": "openstack-tripleo-puppet-elements-0:7.0.7-1.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-12.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-tripleo-puppet-elements-0:7.0.7-1.el7ost.src as a component of Red Hat OpenStack Platform 12.0",
"product_id": "7Server-RH7-RHOS-12.0:openstack-tripleo-puppet-elements-0:7.0.7-1.el7ost.src"
},
"product_reference": "openstack-tripleo-puppet-elements-0:7.0.7-1.el7ost.src",
"relates_to_product_reference": "7Server-RH7-RHOS-12.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "os-net-config-0:7.3.6-1.el7ost.noarch as a component of Red Hat OpenStack Platform 12.0",
"product_id": "7Server-RH7-RHOS-12.0:os-net-config-0:7.3.6-1.el7ost.noarch"
},
"product_reference": "os-net-config-0:7.3.6-1.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-12.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "os-net-config-0:7.3.6-1.el7ost.src as a component of Red Hat OpenStack Platform 12.0",
"product_id": "7Server-RH7-RHOS-12.0:os-net-config-0:7.3.6-1.el7ost.src"
},
"product_reference": "os-net-config-0:7.3.6-1.el7ost.src",
"relates_to_product_reference": "7Server-RH7-RHOS-12.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "puppet-aodh-0:11.4.0-2.el7ost.noarch as a component of Red Hat OpenStack Platform 12.0",
"product_id": "7Server-RH7-RHOS-12.0:puppet-aodh-0:11.4.0-2.el7ost.noarch"
},
"product_reference": "puppet-aodh-0:11.4.0-2.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-12.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "puppet-aodh-0:11.4.0-2.el7ost.src as a component of Red Hat OpenStack Platform 12.0",
"product_id": "7Server-RH7-RHOS-12.0:puppet-aodh-0:11.4.0-2.el7ost.src"
},
"product_reference": "puppet-aodh-0:11.4.0-2.el7ost.src",
"relates_to_product_reference": "7Server-RH7-RHOS-12.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "puppet-ceilometer-0:11.5.0-2.el7ost.noarch as a component of Red Hat OpenStack Platform 12.0",
"product_id": "7Server-RH7-RHOS-12.0:puppet-ceilometer-0:11.5.0-2.el7ost.noarch"
},
"product_reference": "puppet-ceilometer-0:11.5.0-2.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-12.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "puppet-ceilometer-0:11.5.0-2.el7ost.src as a component of Red Hat OpenStack Platform 12.0",
"product_id": "7Server-RH7-RHOS-12.0:puppet-ceilometer-0:11.5.0-2.el7ost.src"
},
"product_reference": "puppet-ceilometer-0:11.5.0-2.el7ost.src",
"relates_to_product_reference": "7Server-RH7-RHOS-12.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "puppet-ceph-0:2.4.2-2.el7ost.noarch as a component of Red Hat OpenStack Platform 12.0",
"product_id": "7Server-RH7-RHOS-12.0:puppet-ceph-0:2.4.2-2.el7ost.noarch"
},
"product_reference": "puppet-ceph-0:2.4.2-2.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-12.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "puppet-ceph-0:2.4.2-2.el7ost.src as a component of Red Hat OpenStack Platform 12.0",
"product_id": "7Server-RH7-RHOS-12.0:puppet-ceph-0:2.4.2-2.el7ost.src"
},
"product_reference": "puppet-ceph-0:2.4.2-2.el7ost.src",
"relates_to_product_reference": "7Server-RH7-RHOS-12.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "puppet-cinder-0:11.5.0-4.el7ost.noarch as a component of Red Hat OpenStack Platform 12.0",
"product_id": "7Server-RH7-RHOS-12.0:puppet-cinder-0:11.5.0-4.el7ost.noarch"
},
"product_reference": "puppet-cinder-0:11.5.0-4.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-12.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "puppet-cinder-0:11.5.0-4.el7ost.src as a component of Red Hat OpenStack Platform 12.0",
"product_id": "7Server-RH7-RHOS-12.0:puppet-cinder-0:11.5.0-4.el7ost.src"
},
"product_reference": "puppet-cinder-0:11.5.0-4.el7ost.src",
"relates_to_product_reference": "7Server-RH7-RHOS-12.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "puppet-glance-0:11.5.0-2.el7ost.noarch as a component of Red Hat OpenStack Platform 12.0",
"product_id": "7Server-RH7-RHOS-12.0:puppet-glance-0:11.5.0-2.el7ost.noarch"
},
"product_reference": "puppet-glance-0:11.5.0-2.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-12.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "puppet-glance-0:11.5.0-2.el7ost.src as a component of Red Hat OpenStack Platform 12.0",
"product_id": "7Server-RH7-RHOS-12.0:puppet-glance-0:11.5.0-2.el7ost.src"
},
"product_reference": "puppet-glance-0:11.5.0-2.el7ost.src",
"relates_to_product_reference": "7Server-RH7-RHOS-12.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "puppet-heat-0:11.5.0-2.el7ost.noarch as a component of Red Hat OpenStack Platform 12.0",
"product_id": "7Server-RH7-RHOS-12.0:puppet-heat-0:11.5.0-2.el7ost.noarch"
},
"product_reference": "puppet-heat-0:11.5.0-2.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-12.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "puppet-heat-0:11.5.0-2.el7ost.src as a component of Red Hat OpenStack Platform 12.0",
"product_id": "7Server-RH7-RHOS-12.0:puppet-heat-0:11.5.0-2.el7ost.src"
},
"product_reference": "puppet-heat-0:11.5.0-2.el7ost.src",
"relates_to_product_reference": "7Server-RH7-RHOS-12.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "puppet-ironic-0:11.5.0-2.el7ost.noarch as a component of Red Hat OpenStack Platform 12.0",
"product_id": "7Server-RH7-RHOS-12.0:puppet-ironic-0:11.5.0-2.el7ost.noarch"
},
"product_reference": "puppet-ironic-0:11.5.0-2.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-12.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "puppet-ironic-0:11.5.0-2.el7ost.src as a component of Red Hat OpenStack Platform 12.0",
"product_id": "7Server-RH7-RHOS-12.0:puppet-ironic-0:11.5.0-2.el7ost.src"
},
"product_reference": "puppet-ironic-0:11.5.0-2.el7ost.src",
"relates_to_product_reference": "7Server-RH7-RHOS-12.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "puppet-keystone-0:11.4.0-2.el7ost.noarch as a component of Red Hat OpenStack Platform 12.0",
"product_id": "7Server-RH7-RHOS-12.0:puppet-keystone-0:11.4.0-2.el7ost.noarch"
},
"product_reference": "puppet-keystone-0:11.4.0-2.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-12.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "puppet-keystone-0:11.4.0-2.el7ost.src as a component of Red Hat OpenStack Platform 12.0",
"product_id": "7Server-RH7-RHOS-12.0:puppet-keystone-0:11.4.0-2.el7ost.src"
},
"product_reference": "puppet-keystone-0:11.4.0-2.el7ost.src",
"relates_to_product_reference": "7Server-RH7-RHOS-12.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "puppet-manila-0:11.4.0-4.el7ost.noarch as a component of Red Hat OpenStack Platform 12.0",
"product_id": "7Server-RH7-RHOS-12.0:puppet-manila-0:11.4.0-4.el7ost.noarch"
},
"product_reference": "puppet-manila-0:11.4.0-4.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-12.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "puppet-manila-0:11.4.0-4.el7ost.src as a component of Red Hat OpenStack Platform 12.0",
"product_id": "7Server-RH7-RHOS-12.0:puppet-manila-0:11.4.0-4.el7ost.src"
},
"product_reference": "puppet-manila-0:11.4.0-4.el7ost.src",
"relates_to_product_reference": "7Server-RH7-RHOS-12.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "puppet-mistral-0:11.4.0-2.el7ost.noarch as a component of Red Hat OpenStack Platform 12.0",
"product_id": "7Server-RH7-RHOS-12.0:puppet-mistral-0:11.4.0-2.el7ost.noarch"
},
"product_reference": "puppet-mistral-0:11.4.0-2.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-12.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "puppet-mistral-0:11.4.0-2.el7ost.src as a component of Red Hat OpenStack Platform 12.0",
"product_id": "7Server-RH7-RHOS-12.0:puppet-mistral-0:11.4.0-2.el7ost.src"
},
"product_reference": "puppet-mistral-0:11.4.0-2.el7ost.src",
"relates_to_product_reference": "7Server-RH7-RHOS-12.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "puppet-neutron-0:11.5.0-2.el7ost.noarch as a component of Red Hat OpenStack Platform 12.0",
"product_id": "7Server-RH7-RHOS-12.0:puppet-neutron-0:11.5.0-2.el7ost.noarch"
},
"product_reference": "puppet-neutron-0:11.5.0-2.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-12.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "puppet-neutron-0:11.5.0-2.el7ost.src as a component of Red Hat OpenStack Platform 12.0",
"product_id": "7Server-RH7-RHOS-12.0:puppet-neutron-0:11.5.0-2.el7ost.src"
},
"product_reference": "puppet-neutron-0:11.5.0-2.el7ost.src",
"relates_to_product_reference": "7Server-RH7-RHOS-12.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "puppet-nova-0:11.5.0-4.el7ost.noarch as a component of Red Hat OpenStack Platform 12.0",
"product_id": "7Server-RH7-RHOS-12.0:puppet-nova-0:11.5.0-4.el7ost.noarch"
},
"product_reference": "puppet-nova-0:11.5.0-4.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-12.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "puppet-nova-0:11.5.0-4.el7ost.src as a component of Red Hat OpenStack Platform 12.0",
"product_id": "7Server-RH7-RHOS-12.0:puppet-nova-0:11.5.0-4.el7ost.src"
},
"product_reference": "puppet-nova-0:11.5.0-4.el7ost.src",
"relates_to_product_reference": "7Server-RH7-RHOS-12.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "puppet-panko-0:11.5.0-2.el7ost.noarch as a component of Red Hat OpenStack Platform 12.0",
"product_id": "7Server-RH7-RHOS-12.0:puppet-panko-0:11.5.0-2.el7ost.noarch"
},
"product_reference": "puppet-panko-0:11.5.0-2.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-12.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "puppet-panko-0:11.5.0-2.el7ost.src as a component of Red Hat OpenStack Platform 12.0",
"product_id": "7Server-RH7-RHOS-12.0:puppet-panko-0:11.5.0-2.el7ost.src"
},
"product_reference": "puppet-panko-0:11.5.0-2.el7ost.src",
"relates_to_product_reference": "7Server-RH7-RHOS-12.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "puppet-tripleo-0:7.4.12-8.el7ost.noarch as a component of Red Hat OpenStack Platform 12.0",
"product_id": "7Server-RH7-RHOS-12.0:puppet-tripleo-0:7.4.12-8.el7ost.noarch"
},
"product_reference": "puppet-tripleo-0:7.4.12-8.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-12.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "puppet-tripleo-0:7.4.12-8.el7ost.src as a component of Red Hat OpenStack Platform 12.0",
"product_id": "7Server-RH7-RHOS-12.0:puppet-tripleo-0:7.4.12-8.el7ost.src"
},
"product_reference": "puppet-tripleo-0:7.4.12-8.el7ost.src",
"relates_to_product_reference": "7Server-RH7-RHOS-12.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "puppet-trove-0:11.4.0-2.el7ost.noarch as a component of Red Hat OpenStack Platform 12.0",
"product_id": "7Server-RH7-RHOS-12.0:puppet-trove-0:11.4.0-2.el7ost.noarch"
},
"product_reference": "puppet-trove-0:11.4.0-2.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-12.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "puppet-trove-0:11.4.0-2.el7ost.src as a component of Red Hat OpenStack Platform 12.0",
"product_id": "7Server-RH7-RHOS-12.0:puppet-trove-0:11.4.0-2.el7ost.src"
},
"product_reference": "puppet-trove-0:11.4.0-2.el7ost.src",
"relates_to_product_reference": "7Server-RH7-RHOS-12.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-novajoin-0:1.0.17-3.el7ost.noarch as a component of Red Hat OpenStack Platform 12.0",
"product_id": "7Server-RH7-RHOS-12.0:python-novajoin-0:1.0.17-3.el7ost.noarch"
},
"product_reference": "python-novajoin-0:1.0.17-3.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-12.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-novajoin-0:1.0.17-3.el7ost.src as a component of Red Hat OpenStack Platform 12.0",
"product_id": "7Server-RH7-RHOS-12.0:python-novajoin-0:1.0.17-3.el7ost.src"
},
"product_reference": "python-novajoin-0:1.0.17-3.el7ost.src",
"relates_to_product_reference": "7Server-RH7-RHOS-12.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-os-brick-0:1.15.5-2.el7ost.noarch as a component of Red Hat OpenStack Platform 12.0",
"product_id": "7Server-RH7-RHOS-12.0:python-os-brick-0:1.15.5-2.el7ost.noarch"
},
"product_reference": "python-os-brick-0:1.15.5-2.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-12.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-os-brick-0:1.15.5-2.el7ost.src as a component of Red Hat OpenStack Platform 12.0",
"product_id": "7Server-RH7-RHOS-12.0:python-os-brick-0:1.15.5-2.el7ost.src"
},
"product_reference": "python-os-brick-0:1.15.5-2.el7ost.src",
"relates_to_product_reference": "7Server-RH7-RHOS-12.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-tripleoclient-0:7.3.10-3.el7ost.noarch as a component of Red Hat OpenStack Platform 12.0",
"product_id": "7Server-RH7-RHOS-12.0:python-tripleoclient-0:7.3.10-3.el7ost.noarch"
},
"product_reference": "python-tripleoclient-0:7.3.10-3.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-12.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-tripleoclient-0:7.3.10-3.el7ost.src as a component of Red Hat OpenStack Platform 12.0",
"product_id": "7Server-RH7-RHOS-12.0:python-tripleoclient-0:7.3.10-3.el7ost.src"
},
"product_reference": "python-tripleoclient-0:7.3.10-3.el7ost.src",
"relates_to_product_reference": "7Server-RH7-RHOS-12.0"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2018-1000115",
"discovery_date": "2018-03-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1551182"
}
],
"notes": [
{
"category": "description",
"text": "It was discovered that the memcached connections using UDP transport protocol can be abused for efficient traffic amplification distributed denial of service (DDoS) attacks. A remote attacker could send a malicious UDP request using a spoofed source IP address of a target system to memcached, causing it to send a significantly larger response to the target.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "memcached: UDP server support allows spoofed traffic amplification DoS",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat is aware of traffic amplification distributed denial of service (DDoS) attacks that take advantage of the insecurely configured memcached servers reachable from the public Internet. The default configuration of memcached as shipped in Red Hat products makes it possible to abuse them for these DDoS attacks if memcached is exposed to connections from the public Internet. Refer to the Red Hat Knowledgebase article 3369081 for instructions on how to properly secure memcached installations to prevent them from being used in the attack.\n\nhttps://access.redhat.com/solutions/3369081",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RH7-RHOS-12.0:instack-undercloud-0:7.4.12-1.el7ost.noarch",
"7Server-RH7-RHOS-12.0:instack-undercloud-0:7.4.12-1.el7ost.src",
"7Server-RH7-RHOS-12.0:openstack-tripleo-common-0:7.6.13-3.el7ost.noarch",
"7Server-RH7-RHOS-12.0:openstack-tripleo-common-0:7.6.13-3.el7ost.src",
"7Server-RH7-RHOS-12.0:openstack-tripleo-common-container-base-0:7.6.13-3.el7ost.noarch",
"7Server-RH7-RHOS-12.0:openstack-tripleo-common-containers-0:7.6.13-3.el7ost.noarch",
"7Server-RH7-RHOS-12.0:openstack-tripleo-common-devtools-0:7.6.13-3.el7ost.noarch",
"7Server-RH7-RHOS-12.0:openstack-tripleo-heat-templates-0:7.0.12-8.el7ost.noarch",
"7Server-RH7-RHOS-12.0:openstack-tripleo-heat-templates-0:7.0.12-8.el7ost.src",
"7Server-RH7-RHOS-12.0:openstack-tripleo-image-elements-0:7.0.5-1.el7ost.noarch",
"7Server-RH7-RHOS-12.0:openstack-tripleo-image-elements-0:7.0.5-1.el7ost.src",
"7Server-RH7-RHOS-12.0:openstack-tripleo-puppet-elements-0:7.0.7-1.el7ost.noarch",
"7Server-RH7-RHOS-12.0:openstack-tripleo-puppet-elements-0:7.0.7-1.el7ost.src",
"7Server-RH7-RHOS-12.0:os-net-config-0:7.3.6-1.el7ost.noarch",
"7Server-RH7-RHOS-12.0:os-net-config-0:7.3.6-1.el7ost.src",
"7Server-RH7-RHOS-12.0:puppet-aodh-0:11.4.0-2.el7ost.noarch",
"7Server-RH7-RHOS-12.0:puppet-aodh-0:11.4.0-2.el7ost.src",
"7Server-RH7-RHOS-12.0:puppet-ceilometer-0:11.5.0-2.el7ost.noarch",
"7Server-RH7-RHOS-12.0:puppet-ceilometer-0:11.5.0-2.el7ost.src",
"7Server-RH7-RHOS-12.0:puppet-ceph-0:2.4.2-2.el7ost.noarch",
"7Server-RH7-RHOS-12.0:puppet-ceph-0:2.4.2-2.el7ost.src",
"7Server-RH7-RHOS-12.0:puppet-cinder-0:11.5.0-4.el7ost.noarch",
"7Server-RH7-RHOS-12.0:puppet-cinder-0:11.5.0-4.el7ost.src",
"7Server-RH7-RHOS-12.0:puppet-glance-0:11.5.0-2.el7ost.noarch",
"7Server-RH7-RHOS-12.0:puppet-glance-0:11.5.0-2.el7ost.src",
"7Server-RH7-RHOS-12.0:puppet-heat-0:11.5.0-2.el7ost.noarch",
"7Server-RH7-RHOS-12.0:puppet-heat-0:11.5.0-2.el7ost.src",
"7Server-RH7-RHOS-12.0:puppet-ironic-0:11.5.0-2.el7ost.noarch",
"7Server-RH7-RHOS-12.0:puppet-ironic-0:11.5.0-2.el7ost.src",
"7Server-RH7-RHOS-12.0:puppet-keystone-0:11.4.0-2.el7ost.noarch",
"7Server-RH7-RHOS-12.0:puppet-keystone-0:11.4.0-2.el7ost.src",
"7Server-RH7-RHOS-12.0:puppet-manila-0:11.4.0-4.el7ost.noarch",
"7Server-RH7-RHOS-12.0:puppet-manila-0:11.4.0-4.el7ost.src",
"7Server-RH7-RHOS-12.0:puppet-mistral-0:11.4.0-2.el7ost.noarch",
"7Server-RH7-RHOS-12.0:puppet-mistral-0:11.4.0-2.el7ost.src",
"7Server-RH7-RHOS-12.0:puppet-neutron-0:11.5.0-2.el7ost.noarch",
"7Server-RH7-RHOS-12.0:puppet-neutron-0:11.5.0-2.el7ost.src",
"7Server-RH7-RHOS-12.0:puppet-nova-0:11.5.0-4.el7ost.noarch",
"7Server-RH7-RHOS-12.0:puppet-nova-0:11.5.0-4.el7ost.src",
"7Server-RH7-RHOS-12.0:puppet-panko-0:11.5.0-2.el7ost.noarch",
"7Server-RH7-RHOS-12.0:puppet-panko-0:11.5.0-2.el7ost.src",
"7Server-RH7-RHOS-12.0:puppet-tripleo-0:7.4.12-8.el7ost.noarch",
"7Server-RH7-RHOS-12.0:puppet-tripleo-0:7.4.12-8.el7ost.src",
"7Server-RH7-RHOS-12.0:puppet-trove-0:11.4.0-2.el7ost.noarch",
"7Server-RH7-RHOS-12.0:puppet-trove-0:11.4.0-2.el7ost.src",
"7Server-RH7-RHOS-12.0:python-novajoin-0:1.0.17-3.el7ost.noarch",
"7Server-RH7-RHOS-12.0:python-novajoin-0:1.0.17-3.el7ost.src",
"7Server-RH7-RHOS-12.0:python-os-brick-0:1.15.5-2.el7ost.noarch",
"7Server-RH7-RHOS-12.0:python-os-brick-0:1.15.5-2.el7ost.src",
"7Server-RH7-RHOS-12.0:python-tripleoclient-0:7.3.10-3.el7ost.noarch",
"7Server-RH7-RHOS-12.0:python-tripleoclient-0:7.3.10-3.el7ost.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-1000115"
},
{
"category": "external",
"summary": "RHBZ#1551182",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1551182"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-1000115",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000115"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-1000115",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1000115"
}
],
"release_date": "2018-03-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-08-20T12:56:25+00:00",
"details": "For details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-RH7-RHOS-12.0:instack-undercloud-0:7.4.12-1.el7ost.noarch",
"7Server-RH7-RHOS-12.0:instack-undercloud-0:7.4.12-1.el7ost.src",
"7Server-RH7-RHOS-12.0:openstack-tripleo-common-0:7.6.13-3.el7ost.noarch",
"7Server-RH7-RHOS-12.0:openstack-tripleo-common-0:7.6.13-3.el7ost.src",
"7Server-RH7-RHOS-12.0:openstack-tripleo-common-container-base-0:7.6.13-3.el7ost.noarch",
"7Server-RH7-RHOS-12.0:openstack-tripleo-common-containers-0:7.6.13-3.el7ost.noarch",
"7Server-RH7-RHOS-12.0:openstack-tripleo-common-devtools-0:7.6.13-3.el7ost.noarch",
"7Server-RH7-RHOS-12.0:openstack-tripleo-heat-templates-0:7.0.12-8.el7ost.noarch",
"7Server-RH7-RHOS-12.0:openstack-tripleo-heat-templates-0:7.0.12-8.el7ost.src",
"7Server-RH7-RHOS-12.0:openstack-tripleo-image-elements-0:7.0.5-1.el7ost.noarch",
"7Server-RH7-RHOS-12.0:openstack-tripleo-image-elements-0:7.0.5-1.el7ost.src",
"7Server-RH7-RHOS-12.0:openstack-tripleo-puppet-elements-0:7.0.7-1.el7ost.noarch",
"7Server-RH7-RHOS-12.0:openstack-tripleo-puppet-elements-0:7.0.7-1.el7ost.src",
"7Server-RH7-RHOS-12.0:os-net-config-0:7.3.6-1.el7ost.noarch",
"7Server-RH7-RHOS-12.0:os-net-config-0:7.3.6-1.el7ost.src",
"7Server-RH7-RHOS-12.0:puppet-aodh-0:11.4.0-2.el7ost.noarch",
"7Server-RH7-RHOS-12.0:puppet-aodh-0:11.4.0-2.el7ost.src",
"7Server-RH7-RHOS-12.0:puppet-ceilometer-0:11.5.0-2.el7ost.noarch",
"7Server-RH7-RHOS-12.0:puppet-ceilometer-0:11.5.0-2.el7ost.src",
"7Server-RH7-RHOS-12.0:puppet-ceph-0:2.4.2-2.el7ost.noarch",
"7Server-RH7-RHOS-12.0:puppet-ceph-0:2.4.2-2.el7ost.src",
"7Server-RH7-RHOS-12.0:puppet-cinder-0:11.5.0-4.el7ost.noarch",
"7Server-RH7-RHOS-12.0:puppet-cinder-0:11.5.0-4.el7ost.src",
"7Server-RH7-RHOS-12.0:puppet-glance-0:11.5.0-2.el7ost.noarch",
"7Server-RH7-RHOS-12.0:puppet-glance-0:11.5.0-2.el7ost.src",
"7Server-RH7-RHOS-12.0:puppet-heat-0:11.5.0-2.el7ost.noarch",
"7Server-RH7-RHOS-12.0:puppet-heat-0:11.5.0-2.el7ost.src",
"7Server-RH7-RHOS-12.0:puppet-ironic-0:11.5.0-2.el7ost.noarch",
"7Server-RH7-RHOS-12.0:puppet-ironic-0:11.5.0-2.el7ost.src",
"7Server-RH7-RHOS-12.0:puppet-keystone-0:11.4.0-2.el7ost.noarch",
"7Server-RH7-RHOS-12.0:puppet-keystone-0:11.4.0-2.el7ost.src",
"7Server-RH7-RHOS-12.0:puppet-manila-0:11.4.0-4.el7ost.noarch",
"7Server-RH7-RHOS-12.0:puppet-manila-0:11.4.0-4.el7ost.src",
"7Server-RH7-RHOS-12.0:puppet-mistral-0:11.4.0-2.el7ost.noarch",
"7Server-RH7-RHOS-12.0:puppet-mistral-0:11.4.0-2.el7ost.src",
"7Server-RH7-RHOS-12.0:puppet-neutron-0:11.5.0-2.el7ost.noarch",
"7Server-RH7-RHOS-12.0:puppet-neutron-0:11.5.0-2.el7ost.src",
"7Server-RH7-RHOS-12.0:puppet-nova-0:11.5.0-4.el7ost.noarch",
"7Server-RH7-RHOS-12.0:puppet-nova-0:11.5.0-4.el7ost.src",
"7Server-RH7-RHOS-12.0:puppet-panko-0:11.5.0-2.el7ost.noarch",
"7Server-RH7-RHOS-12.0:puppet-panko-0:11.5.0-2.el7ost.src",
"7Server-RH7-RHOS-12.0:puppet-tripleo-0:7.4.12-8.el7ost.noarch",
"7Server-RH7-RHOS-12.0:puppet-tripleo-0:7.4.12-8.el7ost.src",
"7Server-RH7-RHOS-12.0:puppet-trove-0:11.4.0-2.el7ost.noarch",
"7Server-RH7-RHOS-12.0:puppet-trove-0:11.4.0-2.el7ost.src",
"7Server-RH7-RHOS-12.0:python-novajoin-0:1.0.17-3.el7ost.noarch",
"7Server-RH7-RHOS-12.0:python-novajoin-0:1.0.17-3.el7ost.src",
"7Server-RH7-RHOS-12.0:python-os-brick-0:1.15.5-2.el7ost.noarch",
"7Server-RH7-RHOS-12.0:python-os-brick-0:1.15.5-2.el7ost.src",
"7Server-RH7-RHOS-12.0:python-tripleoclient-0:7.3.10-3.el7ost.noarch",
"7Server-RH7-RHOS-12.0:python-tripleoclient-0:7.3.10-3.el7ost.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:2331"
},
{
"category": "workaround",
"details": "Please refer to the Red Hat Knowledgebase article 3369081 for instructions on how to properly secure memcached installations to prevent them from being used in an attack.\n\nhttps://access.redhat.com/solutions/3369081",
"product_ids": [
"7Server-RH7-RHOS-12.0:instack-undercloud-0:7.4.12-1.el7ost.noarch",
"7Server-RH7-RHOS-12.0:instack-undercloud-0:7.4.12-1.el7ost.src",
"7Server-RH7-RHOS-12.0:openstack-tripleo-common-0:7.6.13-3.el7ost.noarch",
"7Server-RH7-RHOS-12.0:openstack-tripleo-common-0:7.6.13-3.el7ost.src",
"7Server-RH7-RHOS-12.0:openstack-tripleo-common-container-base-0:7.6.13-3.el7ost.noarch",
"7Server-RH7-RHOS-12.0:openstack-tripleo-common-containers-0:7.6.13-3.el7ost.noarch",
"7Server-RH7-RHOS-12.0:openstack-tripleo-common-devtools-0:7.6.13-3.el7ost.noarch",
"7Server-RH7-RHOS-12.0:openstack-tripleo-heat-templates-0:7.0.12-8.el7ost.noarch",
"7Server-RH7-RHOS-12.0:openstack-tripleo-heat-templates-0:7.0.12-8.el7ost.src",
"7Server-RH7-RHOS-12.0:openstack-tripleo-image-elements-0:7.0.5-1.el7ost.noarch",
"7Server-RH7-RHOS-12.0:openstack-tripleo-image-elements-0:7.0.5-1.el7ost.src",
"7Server-RH7-RHOS-12.0:openstack-tripleo-puppet-elements-0:7.0.7-1.el7ost.noarch",
"7Server-RH7-RHOS-12.0:openstack-tripleo-puppet-elements-0:7.0.7-1.el7ost.src",
"7Server-RH7-RHOS-12.0:os-net-config-0:7.3.6-1.el7ost.noarch",
"7Server-RH7-RHOS-12.0:os-net-config-0:7.3.6-1.el7ost.src",
"7Server-RH7-RHOS-12.0:puppet-aodh-0:11.4.0-2.el7ost.noarch",
"7Server-RH7-RHOS-12.0:puppet-aodh-0:11.4.0-2.el7ost.src",
"7Server-RH7-RHOS-12.0:puppet-ceilometer-0:11.5.0-2.el7ost.noarch",
"7Server-RH7-RHOS-12.0:puppet-ceilometer-0:11.5.0-2.el7ost.src",
"7Server-RH7-RHOS-12.0:puppet-ceph-0:2.4.2-2.el7ost.noarch",
"7Server-RH7-RHOS-12.0:puppet-ceph-0:2.4.2-2.el7ost.src",
"7Server-RH7-RHOS-12.0:puppet-cinder-0:11.5.0-4.el7ost.noarch",
"7Server-RH7-RHOS-12.0:puppet-cinder-0:11.5.0-4.el7ost.src",
"7Server-RH7-RHOS-12.0:puppet-glance-0:11.5.0-2.el7ost.noarch",
"7Server-RH7-RHOS-12.0:puppet-glance-0:11.5.0-2.el7ost.src",
"7Server-RH7-RHOS-12.0:puppet-heat-0:11.5.0-2.el7ost.noarch",
"7Server-RH7-RHOS-12.0:puppet-heat-0:11.5.0-2.el7ost.src",
"7Server-RH7-RHOS-12.0:puppet-ironic-0:11.5.0-2.el7ost.noarch",
"7Server-RH7-RHOS-12.0:puppet-ironic-0:11.5.0-2.el7ost.src",
"7Server-RH7-RHOS-12.0:puppet-keystone-0:11.4.0-2.el7ost.noarch",
"7Server-RH7-RHOS-12.0:puppet-keystone-0:11.4.0-2.el7ost.src",
"7Server-RH7-RHOS-12.0:puppet-manila-0:11.4.0-4.el7ost.noarch",
"7Server-RH7-RHOS-12.0:puppet-manila-0:11.4.0-4.el7ost.src",
"7Server-RH7-RHOS-12.0:puppet-mistral-0:11.4.0-2.el7ost.noarch",
"7Server-RH7-RHOS-12.0:puppet-mistral-0:11.4.0-2.el7ost.src",
"7Server-RH7-RHOS-12.0:puppet-neutron-0:11.5.0-2.el7ost.noarch",
"7Server-RH7-RHOS-12.0:puppet-neutron-0:11.5.0-2.el7ost.src",
"7Server-RH7-RHOS-12.0:puppet-nova-0:11.5.0-4.el7ost.noarch",
"7Server-RH7-RHOS-12.0:puppet-nova-0:11.5.0-4.el7ost.src",
"7Server-RH7-RHOS-12.0:puppet-panko-0:11.5.0-2.el7ost.noarch",
"7Server-RH7-RHOS-12.0:puppet-panko-0:11.5.0-2.el7ost.src",
"7Server-RH7-RHOS-12.0:puppet-tripleo-0:7.4.12-8.el7ost.noarch",
"7Server-RH7-RHOS-12.0:puppet-tripleo-0:7.4.12-8.el7ost.src",
"7Server-RH7-RHOS-12.0:puppet-trove-0:11.4.0-2.el7ost.noarch",
"7Server-RH7-RHOS-12.0:puppet-trove-0:11.4.0-2.el7ost.src",
"7Server-RH7-RHOS-12.0:python-novajoin-0:1.0.17-3.el7ost.noarch",
"7Server-RH7-RHOS-12.0:python-novajoin-0:1.0.17-3.el7ost.src",
"7Server-RH7-RHOS-12.0:python-os-brick-0:1.15.5-2.el7ost.noarch",
"7Server-RH7-RHOS-12.0:python-os-brick-0:1.15.5-2.el7ost.src",
"7Server-RH7-RHOS-12.0:python-tripleoclient-0:7.3.10-3.el7ost.noarch",
"7Server-RH7-RHOS-12.0:python-tripleoclient-0:7.3.10-3.el7ost.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"7Server-RH7-RHOS-12.0:instack-undercloud-0:7.4.12-1.el7ost.noarch",
"7Server-RH7-RHOS-12.0:instack-undercloud-0:7.4.12-1.el7ost.src",
"7Server-RH7-RHOS-12.0:openstack-tripleo-common-0:7.6.13-3.el7ost.noarch",
"7Server-RH7-RHOS-12.0:openstack-tripleo-common-0:7.6.13-3.el7ost.src",
"7Server-RH7-RHOS-12.0:openstack-tripleo-common-container-base-0:7.6.13-3.el7ost.noarch",
"7Server-RH7-RHOS-12.0:openstack-tripleo-common-containers-0:7.6.13-3.el7ost.noarch",
"7Server-RH7-RHOS-12.0:openstack-tripleo-common-devtools-0:7.6.13-3.el7ost.noarch",
"7Server-RH7-RHOS-12.0:openstack-tripleo-heat-templates-0:7.0.12-8.el7ost.noarch",
"7Server-RH7-RHOS-12.0:openstack-tripleo-heat-templates-0:7.0.12-8.el7ost.src",
"7Server-RH7-RHOS-12.0:openstack-tripleo-image-elements-0:7.0.5-1.el7ost.noarch",
"7Server-RH7-RHOS-12.0:openstack-tripleo-image-elements-0:7.0.5-1.el7ost.src",
"7Server-RH7-RHOS-12.0:openstack-tripleo-puppet-elements-0:7.0.7-1.el7ost.noarch",
"7Server-RH7-RHOS-12.0:openstack-tripleo-puppet-elements-0:7.0.7-1.el7ost.src",
"7Server-RH7-RHOS-12.0:os-net-config-0:7.3.6-1.el7ost.noarch",
"7Server-RH7-RHOS-12.0:os-net-config-0:7.3.6-1.el7ost.src",
"7Server-RH7-RHOS-12.0:puppet-aodh-0:11.4.0-2.el7ost.noarch",
"7Server-RH7-RHOS-12.0:puppet-aodh-0:11.4.0-2.el7ost.src",
"7Server-RH7-RHOS-12.0:puppet-ceilometer-0:11.5.0-2.el7ost.noarch",
"7Server-RH7-RHOS-12.0:puppet-ceilometer-0:11.5.0-2.el7ost.src",
"7Server-RH7-RHOS-12.0:puppet-ceph-0:2.4.2-2.el7ost.noarch",
"7Server-RH7-RHOS-12.0:puppet-ceph-0:2.4.2-2.el7ost.src",
"7Server-RH7-RHOS-12.0:puppet-cinder-0:11.5.0-4.el7ost.noarch",
"7Server-RH7-RHOS-12.0:puppet-cinder-0:11.5.0-4.el7ost.src",
"7Server-RH7-RHOS-12.0:puppet-glance-0:11.5.0-2.el7ost.noarch",
"7Server-RH7-RHOS-12.0:puppet-glance-0:11.5.0-2.el7ost.src",
"7Server-RH7-RHOS-12.0:puppet-heat-0:11.5.0-2.el7ost.noarch",
"7Server-RH7-RHOS-12.0:puppet-heat-0:11.5.0-2.el7ost.src",
"7Server-RH7-RHOS-12.0:puppet-ironic-0:11.5.0-2.el7ost.noarch",
"7Server-RH7-RHOS-12.0:puppet-ironic-0:11.5.0-2.el7ost.src",
"7Server-RH7-RHOS-12.0:puppet-keystone-0:11.4.0-2.el7ost.noarch",
"7Server-RH7-RHOS-12.0:puppet-keystone-0:11.4.0-2.el7ost.src",
"7Server-RH7-RHOS-12.0:puppet-manila-0:11.4.0-4.el7ost.noarch",
"7Server-RH7-RHOS-12.0:puppet-manila-0:11.4.0-4.el7ost.src",
"7Server-RH7-RHOS-12.0:puppet-mistral-0:11.4.0-2.el7ost.noarch",
"7Server-RH7-RHOS-12.0:puppet-mistral-0:11.4.0-2.el7ost.src",
"7Server-RH7-RHOS-12.0:puppet-neutron-0:11.5.0-2.el7ost.noarch",
"7Server-RH7-RHOS-12.0:puppet-neutron-0:11.5.0-2.el7ost.src",
"7Server-RH7-RHOS-12.0:puppet-nova-0:11.5.0-4.el7ost.noarch",
"7Server-RH7-RHOS-12.0:puppet-nova-0:11.5.0-4.el7ost.src",
"7Server-RH7-RHOS-12.0:puppet-panko-0:11.5.0-2.el7ost.noarch",
"7Server-RH7-RHOS-12.0:puppet-panko-0:11.5.0-2.el7ost.src",
"7Server-RH7-RHOS-12.0:puppet-tripleo-0:7.4.12-8.el7ost.noarch",
"7Server-RH7-RHOS-12.0:puppet-tripleo-0:7.4.12-8.el7ost.src",
"7Server-RH7-RHOS-12.0:puppet-trove-0:11.4.0-2.el7ost.noarch",
"7Server-RH7-RHOS-12.0:puppet-trove-0:11.4.0-2.el7ost.src",
"7Server-RH7-RHOS-12.0:python-novajoin-0:1.0.17-3.el7ost.noarch",
"7Server-RH7-RHOS-12.0:python-novajoin-0:1.0.17-3.el7ost.src",
"7Server-RH7-RHOS-12.0:python-os-brick-0:1.15.5-2.el7ost.noarch",
"7Server-RH7-RHOS-12.0:python-os-brick-0:1.15.5-2.el7ost.src",
"7Server-RH7-RHOS-12.0:python-tripleoclient-0:7.3.10-3.el7ost.noarch",
"7Server-RH7-RHOS-12.0:python-tripleoclient-0:7.3.10-3.el7ost.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "memcached: UDP server support allows spoofed traffic amplification DoS"
}
]
}
RHSA-2018:1627
Vulnerability from csaf_redhat - Published: 2018-05-18 17:03 - Updated: 2025-11-21 18:04Summary
Red Hat Security Advisory: Red Hat OpenStack Platform director security update
Notes
Topic
An update is now available for Red Hat OpenStack Platform 11.0 (Ocata).
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat OpenStack Platform director provides the facilities for deploying
and monitoring a private or public infrastructure-as-a-service (IaaS) cloud
based on Red Hat OpenStack Platform.
Security Fix(es):
* A resource-permission flaw was found in the python-tripleo and openstack-tripleo-heat-templates packages where ceph.client.openstack.keyring is created as world-readable. A local attacker with access to the key could read or modify data on Ceph cluster pools for OpenStack as though the attacker were the OpenStack service, thus potentially reading or modifying data in an OpenStack Block Storage volume.
To exploit this flaw, the attacker must have local access to an overcloud node. However by default, access to overcloud nodes is restricted and accessible only from the management undercloud server on an internal network. (CVE-2017-12155)
This issue was discovered by Katuya Kawakami (NEC).
* It was discovered that the memcached connections using UDP transport protocol can be abused for efficient traffic amplification distributed denial of service (DDoS) attacks. A remote attacker could send a malicious UDP request using a spoofed source IP address of a target system to memcached, causing it to send a significantly larger response to the target. (CVE-2018-1000115)
This update also includes the following bug fixes and enhancements:
* Prior to this update, when removing the ceph-osd RPM from overcloud nodes that do not require the package, the corresponding Ceph OSD product key was not removed. Consequently, the subscription-manager would incorrectly report that the Ceph OSD product was still installed.
With this update, the script that handles removal of the ceph-osd RPM now also removes the Ceph OSD product key. Note: The script that removes the RPM and product key executes only during the overcloud update procedure; the product key is removed only when the overcloud node is updated.
As a result, after removing the ceph-osd RPM, the subscription-manager no longer reports the Ceph OSD product is installed. (BZ#1571436)
* Previously, there were errors in the director Heat template that configures the VMAX Cinder backend driver. Consequently, the VMAX driver would not function correctly. With this update, the errors have been corrected, and the VMAX driver functions correctly. (BZ#1546799)
* This enhancement adds director support for deploying the Dell EMC VMAX cinder backend. (BZ#1546793)
* In this enhancement, if a minor update is blocked by an existing yum process that prevents the package update, the process should exit with an appropriate error message. This was added because the minor update may appear to freeze, due to yum waiting for the existing yum.pid to exit; when it eventually fails it is not immediately clear why. As a result, if there is an existing yum process preventing the package update, then the minor update fails with a clear message to indicate this: "ERROR existing yum.pid detected - can't continue! Please ensure there is no other package update process for the duration of the minor update worfklow. Exiting". (BZ#1471721)
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat OpenStack Platform 11.0 (Ocata).\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat OpenStack Platform director provides the facilities for deploying\nand monitoring a private or public infrastructure-as-a-service (IaaS) cloud\nbased on Red Hat OpenStack Platform.\n\nSecurity Fix(es):\n\n* A resource-permission flaw was found in the python-tripleo and openstack-tripleo-heat-templates packages where ceph.client.openstack.keyring is created as world-readable. A local attacker with access to the key could read or modify data on Ceph cluster pools for OpenStack as though the attacker were the OpenStack service, thus potentially reading or modifying data in an OpenStack Block Storage volume. \n\nTo exploit this flaw, the attacker must have local access to an overcloud node. However by default, access to overcloud nodes is restricted and accessible only from the management undercloud server on an internal network. (CVE-2017-12155)\n\nThis issue was discovered by Katuya Kawakami (NEC).\n\n* It was discovered that the memcached connections using UDP transport protocol can be abused for efficient traffic amplification distributed denial of service (DDoS) attacks. A remote attacker could send a malicious UDP request using a spoofed source IP address of a target system to memcached, causing it to send a significantly larger response to the target. (CVE-2018-1000115)\n\nThis update also includes the following bug fixes and enhancements:\n\n* Prior to this update, when removing the ceph-osd RPM from overcloud nodes that do not require the package, the corresponding Ceph OSD product key was not removed. Consequently, the subscription-manager would incorrectly report that the Ceph OSD product was still installed.\nWith this update, the script that handles removal of the ceph-osd RPM now also removes the Ceph OSD product key. Note: The script that removes the RPM and product key executes only during the overcloud update procedure; the product key is removed only when the overcloud node is updated.\nAs a result, after removing the ceph-osd RPM, the subscription-manager no longer reports the Ceph OSD product is installed. (BZ#1571436)\n\n* Previously, there were errors in the director Heat template that configures the VMAX Cinder backend driver. Consequently, the VMAX driver would not function correctly. With this update, the errors have been corrected, and the VMAX driver functions correctly. (BZ#1546799)\n\n* This enhancement adds director support for deploying the Dell EMC VMAX cinder backend. (BZ#1546793)\n\n* In this enhancement, if a minor update is blocked by an existing yum process that prevents the package update, the process should exit with an appropriate error message. This was added because the minor update may appear to freeze, due to yum waiting for the existing yum.pid to exit; when it eventually fails it is not immediately clear why. As a result, if there is an existing yum process preventing the package update, then the minor update fails with a clear message to indicate this: \"ERROR existing yum.pid detected - can\u0027t continue! Please ensure there is no other package update process for the duration of the minor update worfklow. Exiting\". (BZ#1471721)",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2018:1627",
"url": "https://access.redhat.com/errata/RHSA-2018:1627"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "1445766",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1445766"
},
{
"category": "external",
"summary": "1471721",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1471721"
},
{
"category": "external",
"summary": "1478274",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1478274"
},
{
"category": "external",
"summary": "1489360",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1489360"
},
{
"category": "external",
"summary": "1518009",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1518009"
},
{
"category": "external",
"summary": "1524422",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1524422"
},
{
"category": "external",
"summary": "1546799",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1546799"
},
{
"category": "external",
"summary": "1547089",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1547089"
},
{
"category": "external",
"summary": "1547956",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1547956"
},
{
"category": "external",
"summary": "1548345",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1548345"
},
{
"category": "external",
"summary": "1550167",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1550167"
},
{
"category": "external",
"summary": "1551182",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1551182"
},
{
"category": "external",
"summary": "1552245",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1552245"
},
{
"category": "external",
"summary": "1567349",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1567349"
},
{
"category": "external",
"summary": "1567365",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1567365"
},
{
"category": "external",
"summary": "1571436",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1571436"
},
{
"category": "external",
"summary": "1577957",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1577957"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2018/rhsa-2018_1627.json"
}
],
"title": "Red Hat Security Advisory: Red Hat OpenStack Platform director security update",
"tracking": {
"current_release_date": "2025-11-21T18:04:49+00:00",
"generator": {
"date": "2025-11-21T18:04:49+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.12"
}
},
"id": "RHSA-2018:1627",
"initial_release_date": "2018-05-18T17:03:23+00:00",
"revision_history": [
{
"date": "2018-05-18T17:03:23+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2018-05-18T17:03:23+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-11-21T18:04:49+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat OpenStack Platform 11.0",
"product": {
"name": "Red Hat OpenStack Platform 11.0",
"product_id": "7Server-RH7-RHOS-11.0",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openstack:11::el7"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenStack Platform"
},
{
"branches": [
{
"category": "product_version",
"name": "openstack-tripleo-heat-templates-0:6.2.12-2.el7ost.src",
"product": {
"name": "openstack-tripleo-heat-templates-0:6.2.12-2.el7ost.src",
"product_id": "openstack-tripleo-heat-templates-0:6.2.12-2.el7ost.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-tripleo-heat-templates@6.2.12-2.el7ost?arch=src"
}
}
},
{
"category": "product_version",
"name": "puppet-tripleo-0:6.5.10-3.el7ost.src",
"product": {
"name": "puppet-tripleo-0:6.5.10-3.el7ost.src",
"product_id": "puppet-tripleo-0:6.5.10-3.el7ost.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/puppet-tripleo@6.5.10-3.el7ost?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "openstack-tripleo-heat-templates-0:6.2.12-2.el7ost.noarch",
"product": {
"name": "openstack-tripleo-heat-templates-0:6.2.12-2.el7ost.noarch",
"product_id": "openstack-tripleo-heat-templates-0:6.2.12-2.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-tripleo-heat-templates@6.2.12-2.el7ost?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "puppet-tripleo-0:6.5.10-3.el7ost.noarch",
"product": {
"name": "puppet-tripleo-0:6.5.10-3.el7ost.noarch",
"product_id": "puppet-tripleo-0:6.5.10-3.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/puppet-tripleo@6.5.10-3.el7ost?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-tripleo-heat-templates-0:6.2.12-2.el7ost.noarch as a component of Red Hat OpenStack Platform 11.0",
"product_id": "7Server-RH7-RHOS-11.0:openstack-tripleo-heat-templates-0:6.2.12-2.el7ost.noarch"
},
"product_reference": "openstack-tripleo-heat-templates-0:6.2.12-2.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-11.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-tripleo-heat-templates-0:6.2.12-2.el7ost.src as a component of Red Hat OpenStack Platform 11.0",
"product_id": "7Server-RH7-RHOS-11.0:openstack-tripleo-heat-templates-0:6.2.12-2.el7ost.src"
},
"product_reference": "openstack-tripleo-heat-templates-0:6.2.12-2.el7ost.src",
"relates_to_product_reference": "7Server-RH7-RHOS-11.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "puppet-tripleo-0:6.5.10-3.el7ost.noarch as a component of Red Hat OpenStack Platform 11.0",
"product_id": "7Server-RH7-RHOS-11.0:puppet-tripleo-0:6.5.10-3.el7ost.noarch"
},
"product_reference": "puppet-tripleo-0:6.5.10-3.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-11.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "puppet-tripleo-0:6.5.10-3.el7ost.src as a component of Red Hat OpenStack Platform 11.0",
"product_id": "7Server-RH7-RHOS-11.0:puppet-tripleo-0:6.5.10-3.el7ost.src"
},
"product_reference": "puppet-tripleo-0:6.5.10-3.el7ost.src",
"relates_to_product_reference": "7Server-RH7-RHOS-11.0"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"Katuya Kawakami"
],
"organization": "NEC"
}
],
"cve": "CVE-2017-12155",
"cwe": {
"id": "CWE-732",
"name": "Incorrect Permission Assignment for Critical Resource"
},
"discovery_date": "2017-06-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1489360"
}
],
"notes": [
{
"category": "description",
"text": "A resource-permission flaw was found in the openstack-tripleo-heat-templates package where ceph.client.openstack.keyring is created as world-readable. A local attacker with access to the key could read or modify data on Ceph cluster pools for OpenStack as though the attacker were the OpenStack service, thus potentially reading or modifying data in an OpenStack Block Storage volume. \r\nTo exploit this flaw, the attacker must have local access to an overcloud node. However by default, access to overcloud nodes is restricted and accessible only from the management undercloud server on an internal network. Follow good security principles in your networking environment to ensure that network access is properly controlled.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openstack-tripleo-heat-templates: Ceph client keyring is world-readable when deployed by director",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RH7-RHOS-11.0:openstack-tripleo-heat-templates-0:6.2.12-2.el7ost.noarch",
"7Server-RH7-RHOS-11.0:openstack-tripleo-heat-templates-0:6.2.12-2.el7ost.src",
"7Server-RH7-RHOS-11.0:puppet-tripleo-0:6.5.10-3.el7ost.noarch",
"7Server-RH7-RHOS-11.0:puppet-tripleo-0:6.5.10-3.el7ost.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-12155"
},
{
"category": "external",
"summary": "RHBZ#1489360",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1489360"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-12155",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12155"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-12155",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12155"
}
],
"release_date": "2017-09-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-05-18T17:03:23+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-RH7-RHOS-11.0:openstack-tripleo-heat-templates-0:6.2.12-2.el7ost.noarch",
"7Server-RH7-RHOS-11.0:openstack-tripleo-heat-templates-0:6.2.12-2.el7ost.src",
"7Server-RH7-RHOS-11.0:puppet-tripleo-0:6.5.10-3.el7ost.noarch",
"7Server-RH7-RHOS-11.0:puppet-tripleo-0:6.5.10-3.el7ost.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:1627"
},
{
"category": "workaround",
"details": "To mitigate the flaw, use an overcloud post-deploy script[1] to do the following on all overcloud nodes:\n\nkey=/etc/ceph/ceph.client.openstack.keyring\nchown root:root $key\nchmod 600 $key\nsetfacl -m u:glance:r $key \nsetfacl -m u:cinder:r $key\nsetfacl -m u:nova:r $key\nsetfacl -m u: gnocchi:r $key\n\nIf not using Red Hat OpenStack Platform director, then run the commands above manually on each overcloud node, \nWarning: Only running \u0027chmod 600 $key\u0027 alone (without an ACL) will prevent OpenStack from reading the key.\n\n[1] https://access.redhat.com/documentation/en-us/red_hat_openstack_platform/11/html-single/advanced_overcloud_customization/#sect-Customizing_Overcloud_PostConfiguration_All",
"product_ids": [
"7Server-RH7-RHOS-11.0:openstack-tripleo-heat-templates-0:6.2.12-2.el7ost.noarch",
"7Server-RH7-RHOS-11.0:openstack-tripleo-heat-templates-0:6.2.12-2.el7ost.src",
"7Server-RH7-RHOS-11.0:puppet-tripleo-0:6.5.10-3.el7ost.noarch",
"7Server-RH7-RHOS-11.0:puppet-tripleo-0:6.5.10-3.el7ost.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 8.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N",
"version": "3.0"
},
"products": [
"7Server-RH7-RHOS-11.0:openstack-tripleo-heat-templates-0:6.2.12-2.el7ost.noarch",
"7Server-RH7-RHOS-11.0:openstack-tripleo-heat-templates-0:6.2.12-2.el7ost.src",
"7Server-RH7-RHOS-11.0:puppet-tripleo-0:6.5.10-3.el7ost.noarch",
"7Server-RH7-RHOS-11.0:puppet-tripleo-0:6.5.10-3.el7ost.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "openstack-tripleo-heat-templates: Ceph client keyring is world-readable when deployed by director"
},
{
"cve": "CVE-2018-1000115",
"discovery_date": "2018-03-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1551182"
}
],
"notes": [
{
"category": "description",
"text": "It was discovered that the memcached connections using UDP transport protocol can be abused for efficient traffic amplification distributed denial of service (DDoS) attacks. A remote attacker could send a malicious UDP request using a spoofed source IP address of a target system to memcached, causing it to send a significantly larger response to the target.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "memcached: UDP server support allows spoofed traffic amplification DoS",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat is aware of traffic amplification distributed denial of service (DDoS) attacks that take advantage of the insecurely configured memcached servers reachable from the public Internet. The default configuration of memcached as shipped in Red Hat products makes it possible to abuse them for these DDoS attacks if memcached is exposed to connections from the public Internet. Refer to the Red Hat Knowledgebase article 3369081 for instructions on how to properly secure memcached installations to prevent them from being used in the attack.\n\nhttps://access.redhat.com/solutions/3369081",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RH7-RHOS-11.0:openstack-tripleo-heat-templates-0:6.2.12-2.el7ost.noarch",
"7Server-RH7-RHOS-11.0:openstack-tripleo-heat-templates-0:6.2.12-2.el7ost.src",
"7Server-RH7-RHOS-11.0:puppet-tripleo-0:6.5.10-3.el7ost.noarch",
"7Server-RH7-RHOS-11.0:puppet-tripleo-0:6.5.10-3.el7ost.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-1000115"
},
{
"category": "external",
"summary": "RHBZ#1551182",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1551182"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-1000115",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000115"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-1000115",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1000115"
}
],
"release_date": "2018-03-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-05-18T17:03:23+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-RH7-RHOS-11.0:openstack-tripleo-heat-templates-0:6.2.12-2.el7ost.noarch",
"7Server-RH7-RHOS-11.0:openstack-tripleo-heat-templates-0:6.2.12-2.el7ost.src",
"7Server-RH7-RHOS-11.0:puppet-tripleo-0:6.5.10-3.el7ost.noarch",
"7Server-RH7-RHOS-11.0:puppet-tripleo-0:6.5.10-3.el7ost.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:1627"
},
{
"category": "workaround",
"details": "Please refer to the Red Hat Knowledgebase article 3369081 for instructions on how to properly secure memcached installations to prevent them from being used in an attack.\n\nhttps://access.redhat.com/solutions/3369081",
"product_ids": [
"7Server-RH7-RHOS-11.0:openstack-tripleo-heat-templates-0:6.2.12-2.el7ost.noarch",
"7Server-RH7-RHOS-11.0:openstack-tripleo-heat-templates-0:6.2.12-2.el7ost.src",
"7Server-RH7-RHOS-11.0:puppet-tripleo-0:6.5.10-3.el7ost.noarch",
"7Server-RH7-RHOS-11.0:puppet-tripleo-0:6.5.10-3.el7ost.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"7Server-RH7-RHOS-11.0:openstack-tripleo-heat-templates-0:6.2.12-2.el7ost.noarch",
"7Server-RH7-RHOS-11.0:openstack-tripleo-heat-templates-0:6.2.12-2.el7ost.src",
"7Server-RH7-RHOS-11.0:puppet-tripleo-0:6.5.10-3.el7ost.noarch",
"7Server-RH7-RHOS-11.0:puppet-tripleo-0:6.5.10-3.el7ost.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "memcached: UDP server support allows spoofed traffic amplification DoS"
}
]
}
RHSA-2018:1593
Vulnerability from csaf_redhat - Published: 2018-05-17 15:40 - Updated: 2025-11-21 18:04Summary
Red Hat Security Advisory: Red Hat OpenStack Platform director security update
Notes
Topic
An update is now available for Red Hat OpenStack Platform 10.0 (Newton).
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat OpenStack Platform director provides the facilities for deploying and monitoring a private or public infrastructure-as-a-service (IaaS) cloud based on Red Hat OpenStack Platform.
Security Fix(es):
* A resource-permission flaw was found in the python-tripleo and openstack-tripleo-heat-templates packages where ceph.client.openstack.keyring is created as world-readable. A local attacker with access to the key could read or modify data on Ceph cluster pools for OpenStack as though the attacker were the OpenStack service, thus potentially reading or modifying data in an OpenStack Block Storage volume.
To exploit this flaw, the attacker must have local access to an overcloud node. However by default, access to overcloud nodes is restricted and accessible only from the management undercloud server on an internal network. (CVE-2017-12155)
This issue was discovered by Katuya Kawakami (NEC).
* It was discovered that the memcached connections using UDP transport protocol can be abused for efficient traffic amplification distributed denial of service (DDoS) attacks. A remote attacker could send a malicious UDP request using a spoofed source IP address of a target system to memcached, causing it to send a significantly larger response to the target. (CVE-2018-1000115)
This advisory also addresses the following issues:
* This release adds support for deploying Dell EMC VMAX Block Storage backend using the Red Hat OpenStack Platform director. (BZ#1503896)
* Using composable roles for deploying Dell SC and PS Block Storage backend caused errors. The backends could only be deploying using 'cinder::config::cinder_config' hiera data.
With this update, the composable role support for deploying the Dell SC and PS Block Storage backends is updated. As a result, they can be now deployed using composable roles. (BZ#1552980)
* Previously, the iptables rules were managed by the Red Hat OpenStack Platform director and the OpenStack Networking service, which resulted in the rules created by the OpenStack Networking service to persist on to the disk. As a result, the rules that should not be loaded after an iptables restart or a system reboot would be loaded causing traffic issues.
With this update, the Red Hat OpenStack Platform director has been updated to exclude the OpenStack Networking rules from '/etc/sysconfig/iptables' when the director saves the firewall rules. As a result, iptables restart or a system reboot should work without causing traffic problems.
Note: It might be necessary to perform a rolling restart of the controller nodes to ensure that any orphaned managed neutron rules are no longer reloaded. (BZ#1541528)
* OS::TripleO::SwiftStorage::Ports* resources have been renamed to OS::TripleO::ObjectStorage::Port* to ensure standalone Object Storage nodes using the 'ObjectStorage' roles can be deployed correctly. Operators need to modify their custom templates that previously used OS::TripleO::SwiftStorage::Ports* settings. (BZ#1544802)
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat OpenStack Platform 10.0 (Newton).\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat OpenStack Platform director provides the facilities for deploying and monitoring a private or public infrastructure-as-a-service (IaaS) cloud based on Red Hat OpenStack Platform.\n\nSecurity Fix(es):\n\n* A resource-permission flaw was found in the python-tripleo and openstack-tripleo-heat-templates packages where ceph.client.openstack.keyring is created as world-readable. A local attacker with access to the key could read or modify data on Ceph cluster pools for OpenStack as though the attacker were the OpenStack service, thus potentially reading or modifying data in an OpenStack Block Storage volume. \n\nTo exploit this flaw, the attacker must have local access to an overcloud node. However by default, access to overcloud nodes is restricted and accessible only from the management undercloud server on an internal network. (CVE-2017-12155)\n\nThis issue was discovered by Katuya Kawakami (NEC).\n\n* It was discovered that the memcached connections using UDP transport protocol can be abused for efficient traffic amplification distributed denial of service (DDoS) attacks. A remote attacker could send a malicious UDP request using a spoofed source IP address of a target system to memcached, causing it to send a significantly larger response to the target. (CVE-2018-1000115)\n\nThis advisory also addresses the following issues:\n\n* This release adds support for deploying Dell EMC VMAX Block Storage backend using the Red Hat OpenStack Platform director. (BZ#1503896)\n\n* Using composable roles for deploying Dell SC and PS Block Storage backend caused errors. The backends could only be deploying using \u0027cinder::config::cinder_config\u0027 hiera data.\nWith this update, the composable role support for deploying the Dell SC and PS Block Storage backends is updated. As a result, they can be now deployed using composable roles. (BZ#1552980)\n\n* Previously, the iptables rules were managed by the Red Hat OpenStack Platform director and the OpenStack Networking service, which resulted in the rules created by the OpenStack Networking service to persist on to the disk. As a result, the rules that should not be loaded after an iptables restart or a system reboot would be loaded causing traffic issues. \nWith this update, the Red Hat OpenStack Platform director has been updated to exclude the OpenStack Networking rules from \u0027/etc/sysconfig/iptables\u0027 when the director saves the firewall rules. As a result, iptables restart or a system reboot should work without causing traffic problems. \nNote: It might be necessary to perform a rolling restart of the controller nodes to ensure that any orphaned managed neutron rules are no longer reloaded. (BZ#1541528)\n\n* OS::TripleO::SwiftStorage::Ports* resources have been renamed to OS::TripleO::ObjectStorage::Port* to ensure standalone Object Storage nodes using the \u0027ObjectStorage\u0027 roles can be deployed correctly. Operators need to modify their custom templates that previously used OS::TripleO::SwiftStorage::Ports* settings. (BZ#1544802)",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2018:1593",
"url": "https://access.redhat.com/errata/RHSA-2018:1593"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "1414549",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1414549"
},
{
"category": "external",
"summary": "1489360",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1489360"
},
{
"category": "external",
"summary": "1503896",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1503896"
},
{
"category": "external",
"summary": "1514532",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1514532"
},
{
"category": "external",
"summary": "1514842",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1514842"
},
{
"category": "external",
"summary": "1517302",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1517302"
},
{
"category": "external",
"summary": "1533602",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1533602"
},
{
"category": "external",
"summary": "1534540",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534540"
},
{
"category": "external",
"summary": "1538753",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1538753"
},
{
"category": "external",
"summary": "1541528",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1541528"
},
{
"category": "external",
"summary": "1543883",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1543883"
},
{
"category": "external",
"summary": "1544211",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1544211"
},
{
"category": "external",
"summary": "1544802",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1544802"
},
{
"category": "external",
"summary": "1545666",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1545666"
},
{
"category": "external",
"summary": "1547091",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1547091"
},
{
"category": "external",
"summary": "1547957",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1547957"
},
{
"category": "external",
"summary": "1551182",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1551182"
},
{
"category": "external",
"summary": "1552980",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1552980"
},
{
"category": "external",
"summary": "1559093",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1559093"
},
{
"category": "external",
"summary": "1568596",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1568596"
},
{
"category": "external",
"summary": "1568601",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1568601"
},
{
"category": "external",
"summary": "1571840",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1571840"
},
{
"category": "external",
"summary": "1576577",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576577"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2018/rhsa-2018_1593.json"
}
],
"title": "Red Hat Security Advisory: Red Hat OpenStack Platform director security update",
"tracking": {
"current_release_date": "2025-11-21T18:04:48+00:00",
"generator": {
"date": "2025-11-21T18:04:48+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.12"
}
},
"id": "RHSA-2018:1593",
"initial_release_date": "2018-05-17T15:40:55+00:00",
"revision_history": [
{
"date": "2018-05-17T15:40:55+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2018-05-17T15:40:55+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-11-21T18:04:48+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat OpenStack Platform 10.0",
"product": {
"name": "Red Hat OpenStack Platform 10.0",
"product_id": "7Server-RH7-RHOS-10.0",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openstack:10::el7"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenStack Platform"
},
{
"branches": [
{
"category": "product_version",
"name": "openstack-tripleo-heat-templates-0:5.3.10-1.el7ost.src",
"product": {
"name": "openstack-tripleo-heat-templates-0:5.3.10-1.el7ost.src",
"product_id": "openstack-tripleo-heat-templates-0:5.3.10-1.el7ost.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-tripleo-heat-templates@5.3.10-1.el7ost?arch=src"
}
}
},
{
"category": "product_version",
"name": "puppet-tripleo-0:5.6.8-6.el7ost.src",
"product": {
"name": "puppet-tripleo-0:5.6.8-6.el7ost.src",
"product_id": "puppet-tripleo-0:5.6.8-6.el7ost.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/puppet-tripleo@5.6.8-6.el7ost?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "openstack-tripleo-heat-templates-0:5.3.10-1.el7ost.noarch",
"product": {
"name": "openstack-tripleo-heat-templates-0:5.3.10-1.el7ost.noarch",
"product_id": "openstack-tripleo-heat-templates-0:5.3.10-1.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-tripleo-heat-templates@5.3.10-1.el7ost?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "puppet-tripleo-0:5.6.8-6.el7ost.noarch",
"product": {
"name": "puppet-tripleo-0:5.6.8-6.el7ost.noarch",
"product_id": "puppet-tripleo-0:5.6.8-6.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/puppet-tripleo@5.6.8-6.el7ost?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-tripleo-heat-templates-0:5.3.10-1.el7ost.noarch as a component of Red Hat OpenStack Platform 10.0",
"product_id": "7Server-RH7-RHOS-10.0:openstack-tripleo-heat-templates-0:5.3.10-1.el7ost.noarch"
},
"product_reference": "openstack-tripleo-heat-templates-0:5.3.10-1.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-10.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-tripleo-heat-templates-0:5.3.10-1.el7ost.src as a component of Red Hat OpenStack Platform 10.0",
"product_id": "7Server-RH7-RHOS-10.0:openstack-tripleo-heat-templates-0:5.3.10-1.el7ost.src"
},
"product_reference": "openstack-tripleo-heat-templates-0:5.3.10-1.el7ost.src",
"relates_to_product_reference": "7Server-RH7-RHOS-10.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "puppet-tripleo-0:5.6.8-6.el7ost.noarch as a component of Red Hat OpenStack Platform 10.0",
"product_id": "7Server-RH7-RHOS-10.0:puppet-tripleo-0:5.6.8-6.el7ost.noarch"
},
"product_reference": "puppet-tripleo-0:5.6.8-6.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-10.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "puppet-tripleo-0:5.6.8-6.el7ost.src as a component of Red Hat OpenStack Platform 10.0",
"product_id": "7Server-RH7-RHOS-10.0:puppet-tripleo-0:5.6.8-6.el7ost.src"
},
"product_reference": "puppet-tripleo-0:5.6.8-6.el7ost.src",
"relates_to_product_reference": "7Server-RH7-RHOS-10.0"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"Katuya Kawakami"
],
"organization": "NEC"
}
],
"cve": "CVE-2017-12155",
"cwe": {
"id": "CWE-732",
"name": "Incorrect Permission Assignment for Critical Resource"
},
"discovery_date": "2017-06-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1489360"
}
],
"notes": [
{
"category": "description",
"text": "A resource-permission flaw was found in the openstack-tripleo-heat-templates package where ceph.client.openstack.keyring is created as world-readable. A local attacker with access to the key could read or modify data on Ceph cluster pools for OpenStack as though the attacker were the OpenStack service, thus potentially reading or modifying data in an OpenStack Block Storage volume. \r\nTo exploit this flaw, the attacker must have local access to an overcloud node. However by default, access to overcloud nodes is restricted and accessible only from the management undercloud server on an internal network. Follow good security principles in your networking environment to ensure that network access is properly controlled.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openstack-tripleo-heat-templates: Ceph client keyring is world-readable when deployed by director",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RH7-RHOS-10.0:openstack-tripleo-heat-templates-0:5.3.10-1.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-tripleo-heat-templates-0:5.3.10-1.el7ost.src",
"7Server-RH7-RHOS-10.0:puppet-tripleo-0:5.6.8-6.el7ost.noarch",
"7Server-RH7-RHOS-10.0:puppet-tripleo-0:5.6.8-6.el7ost.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-12155"
},
{
"category": "external",
"summary": "RHBZ#1489360",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1489360"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-12155",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12155"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-12155",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12155"
}
],
"release_date": "2017-09-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-05-17T15:40:55+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-RH7-RHOS-10.0:openstack-tripleo-heat-templates-0:5.3.10-1.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-tripleo-heat-templates-0:5.3.10-1.el7ost.src",
"7Server-RH7-RHOS-10.0:puppet-tripleo-0:5.6.8-6.el7ost.noarch",
"7Server-RH7-RHOS-10.0:puppet-tripleo-0:5.6.8-6.el7ost.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:1593"
},
{
"category": "workaround",
"details": "To mitigate the flaw, use an overcloud post-deploy script[1] to do the following on all overcloud nodes:\n\nkey=/etc/ceph/ceph.client.openstack.keyring\nchown root:root $key\nchmod 600 $key\nsetfacl -m u:glance:r $key \nsetfacl -m u:cinder:r $key\nsetfacl -m u:nova:r $key\nsetfacl -m u: gnocchi:r $key\n\nIf not using Red Hat OpenStack Platform director, then run the commands above manually on each overcloud node, \nWarning: Only running \u0027chmod 600 $key\u0027 alone (without an ACL) will prevent OpenStack from reading the key.\n\n[1] https://access.redhat.com/documentation/en-us/red_hat_openstack_platform/11/html-single/advanced_overcloud_customization/#sect-Customizing_Overcloud_PostConfiguration_All",
"product_ids": [
"7Server-RH7-RHOS-10.0:openstack-tripleo-heat-templates-0:5.3.10-1.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-tripleo-heat-templates-0:5.3.10-1.el7ost.src",
"7Server-RH7-RHOS-10.0:puppet-tripleo-0:5.6.8-6.el7ost.noarch",
"7Server-RH7-RHOS-10.0:puppet-tripleo-0:5.6.8-6.el7ost.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 8.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N",
"version": "3.0"
},
"products": [
"7Server-RH7-RHOS-10.0:openstack-tripleo-heat-templates-0:5.3.10-1.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-tripleo-heat-templates-0:5.3.10-1.el7ost.src",
"7Server-RH7-RHOS-10.0:puppet-tripleo-0:5.6.8-6.el7ost.noarch",
"7Server-RH7-RHOS-10.0:puppet-tripleo-0:5.6.8-6.el7ost.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "openstack-tripleo-heat-templates: Ceph client keyring is world-readable when deployed by director"
},
{
"cve": "CVE-2018-1000115",
"discovery_date": "2018-03-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1551182"
}
],
"notes": [
{
"category": "description",
"text": "It was discovered that the memcached connections using UDP transport protocol can be abused for efficient traffic amplification distributed denial of service (DDoS) attacks. A remote attacker could send a malicious UDP request using a spoofed source IP address of a target system to memcached, causing it to send a significantly larger response to the target.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "memcached: UDP server support allows spoofed traffic amplification DoS",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat is aware of traffic amplification distributed denial of service (DDoS) attacks that take advantage of the insecurely configured memcached servers reachable from the public Internet. The default configuration of memcached as shipped in Red Hat products makes it possible to abuse them for these DDoS attacks if memcached is exposed to connections from the public Internet. Refer to the Red Hat Knowledgebase article 3369081 for instructions on how to properly secure memcached installations to prevent them from being used in the attack.\n\nhttps://access.redhat.com/solutions/3369081",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RH7-RHOS-10.0:openstack-tripleo-heat-templates-0:5.3.10-1.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-tripleo-heat-templates-0:5.3.10-1.el7ost.src",
"7Server-RH7-RHOS-10.0:puppet-tripleo-0:5.6.8-6.el7ost.noarch",
"7Server-RH7-RHOS-10.0:puppet-tripleo-0:5.6.8-6.el7ost.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-1000115"
},
{
"category": "external",
"summary": "RHBZ#1551182",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1551182"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-1000115",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000115"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-1000115",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1000115"
}
],
"release_date": "2018-03-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-05-17T15:40:55+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-RH7-RHOS-10.0:openstack-tripleo-heat-templates-0:5.3.10-1.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-tripleo-heat-templates-0:5.3.10-1.el7ost.src",
"7Server-RH7-RHOS-10.0:puppet-tripleo-0:5.6.8-6.el7ost.noarch",
"7Server-RH7-RHOS-10.0:puppet-tripleo-0:5.6.8-6.el7ost.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:1593"
},
{
"category": "workaround",
"details": "Please refer to the Red Hat Knowledgebase article 3369081 for instructions on how to properly secure memcached installations to prevent them from being used in an attack.\n\nhttps://access.redhat.com/solutions/3369081",
"product_ids": [
"7Server-RH7-RHOS-10.0:openstack-tripleo-heat-templates-0:5.3.10-1.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-tripleo-heat-templates-0:5.3.10-1.el7ost.src",
"7Server-RH7-RHOS-10.0:puppet-tripleo-0:5.6.8-6.el7ost.noarch",
"7Server-RH7-RHOS-10.0:puppet-tripleo-0:5.6.8-6.el7ost.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"7Server-RH7-RHOS-10.0:openstack-tripleo-heat-templates-0:5.3.10-1.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-tripleo-heat-templates-0:5.3.10-1.el7ost.src",
"7Server-RH7-RHOS-10.0:puppet-tripleo-0:5.6.8-6.el7ost.noarch",
"7Server-RH7-RHOS-10.0:puppet-tripleo-0:5.6.8-6.el7ost.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "memcached: UDP server support allows spoofed traffic amplification DoS"
}
]
}
RHSA-2018_2857
Vulnerability from csaf_redhat - Published: 2018-10-02 19:01 - Updated: 2024-11-14 23:45Summary
Red Hat Security Advisory: Red Hat OpenStack Platform 8 director security and bug fix update
Notes
Topic
An update for instack-undercloud and openstack-tripleo-heat-templates is now available for Red Hat OpenStack Platform 8.0 (Liberty) director.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
memcached is a high-performance, distributed memory object caching system, generic in nature, but intended for use in speeding up dynamic web applications by alleviating database load.
instack-undercloud provides a collection of scripts and elements that can be used to install an OpenStack undercloud (using python-instack).
openstack-tripleo-heat-templates is a collection of OpenStack Orchestration templates and tools (codename heat), which can be used to help deploy OpenStack.
Security Fix(es):
* memcached: UDP server support allows spoofed traffic amplification DoS (CVE-2018-1000115)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
Bug Fix(es):
* This update fixes a race condition that could cause pacemaker-managed glance-fs deployments to fail.
Now the glance-fs resource is created from a single node of the overcloud in a way that eliminates the race condition and the resultant deployment failures. (BZ#1418617)
* Prior to this update, the source IP address for cold migration and resize was determined by the default gateway configured on the source compute node.
Now the my_ip option is explicitly set to the internal_api network IP in nova.conf, ensuring the correct network is used for this traffic. (BZ#1552855)
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for instack-undercloud and openstack-tripleo-heat-templates is now available for Red Hat OpenStack Platform 8.0 (Liberty) director.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "memcached is a high-performance, distributed memory object caching system, generic in nature, but intended for use in speeding up dynamic web applications by alleviating database load.\n\ninstack-undercloud provides a collection of scripts and elements that can be used to install an OpenStack undercloud (using python-instack).\n\nopenstack-tripleo-heat-templates is a collection of OpenStack Orchestration templates and tools (codename heat), which can be used to help deploy OpenStack.\n\nSecurity Fix(es):\n\n* memcached: UDP server support allows spoofed traffic amplification DoS (CVE-2018-1000115)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.\n\nBug Fix(es):\n\n* This update fixes a race condition that could cause pacemaker-managed glance-fs deployments to fail.\n\nNow the glance-fs resource is created from a single node of the overcloud in a way that eliminates the race condition and the resultant deployment failures. (BZ#1418617)\n\n* Prior to this update, the source IP address for cold migration and resize was determined by the default gateway configured on the source compute node. \n\nNow the my_ip option is explicitly set to the internal_api network IP in nova.conf, ensuring the correct network is used for this traffic. (BZ#1552855)",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2018:2857",
"url": "https://access.redhat.com/errata/RHSA-2018:2857"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "1418617",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1418617"
},
{
"category": "external",
"summary": "1517269",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1517269"
},
{
"category": "external",
"summary": "1551182",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1551182"
},
{
"category": "external",
"summary": "1552855",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1552855"
},
{
"category": "external",
"summary": "1568469",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1568469"
},
{
"category": "external",
"summary": "1590376",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1590376"
},
{
"category": "external",
"summary": "1598927",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1598927"
},
{
"category": "external",
"summary": "1630968",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1630968"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2018/rhsa-2018_2857.json"
}
],
"title": "Red Hat Security Advisory: Red Hat OpenStack Platform 8 director security and bug fix update",
"tracking": {
"current_release_date": "2024-11-14T23:45:36+00:00",
"generator": {
"date": "2024-11-14T23:45:36+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHSA-2018:2857",
"initial_release_date": "2018-10-02T19:01:42+00:00",
"revision_history": [
{
"date": "2018-10-02T19:01:42+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2018-10-02T19:01:42+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-14T23:45:36+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "OpenStack 8.0 Director for RHEL 7",
"product": {
"name": "OpenStack 8.0 Director for RHEL 7",
"product_id": "7Server-RH7-RHOS-8.0-Director",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openstack-director:8::el7"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenStack Platform"
},
{
"branches": [
{
"category": "product_version",
"name": "openstack-tripleo-heat-templates-0:0.8.14-42.el7ost.src",
"product": {
"name": "openstack-tripleo-heat-templates-0:0.8.14-42.el7ost.src",
"product_id": "openstack-tripleo-heat-templates-0:0.8.14-42.el7ost.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-tripleo-heat-templates@0.8.14-42.el7ost?arch=src"
}
}
},
{
"category": "product_version",
"name": "instack-undercloud-0:2.2.7-13.el7ost.src",
"product": {
"name": "instack-undercloud-0:2.2.7-13.el7ost.src",
"product_id": "instack-undercloud-0:2.2.7-13.el7ost.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/instack-undercloud@2.2.7-13.el7ost?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "openstack-tripleo-heat-templates-0:0.8.14-42.el7ost.noarch",
"product": {
"name": "openstack-tripleo-heat-templates-0:0.8.14-42.el7ost.noarch",
"product_id": "openstack-tripleo-heat-templates-0:0.8.14-42.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-tripleo-heat-templates@0.8.14-42.el7ost?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "openstack-tripleo-heat-templates-kilo-0:0.8.14-42.el7ost.noarch",
"product": {
"name": "openstack-tripleo-heat-templates-kilo-0:0.8.14-42.el7ost.noarch",
"product_id": "openstack-tripleo-heat-templates-kilo-0:0.8.14-42.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-tripleo-heat-templates-kilo@0.8.14-42.el7ost?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "instack-undercloud-0:2.2.7-13.el7ost.noarch",
"product": {
"name": "instack-undercloud-0:2.2.7-13.el7ost.noarch",
"product_id": "instack-undercloud-0:2.2.7-13.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/instack-undercloud@2.2.7-13.el7ost?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "instack-undercloud-0:2.2.7-13.el7ost.noarch as a component of OpenStack 8.0 Director for RHEL 7",
"product_id": "7Server-RH7-RHOS-8.0-Director:instack-undercloud-0:2.2.7-13.el7ost.noarch"
},
"product_reference": "instack-undercloud-0:2.2.7-13.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-8.0-Director"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "instack-undercloud-0:2.2.7-13.el7ost.src as a component of OpenStack 8.0 Director for RHEL 7",
"product_id": "7Server-RH7-RHOS-8.0-Director:instack-undercloud-0:2.2.7-13.el7ost.src"
},
"product_reference": "instack-undercloud-0:2.2.7-13.el7ost.src",
"relates_to_product_reference": "7Server-RH7-RHOS-8.0-Director"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-tripleo-heat-templates-0:0.8.14-42.el7ost.noarch as a component of OpenStack 8.0 Director for RHEL 7",
"product_id": "7Server-RH7-RHOS-8.0-Director:openstack-tripleo-heat-templates-0:0.8.14-42.el7ost.noarch"
},
"product_reference": "openstack-tripleo-heat-templates-0:0.8.14-42.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-8.0-Director"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-tripleo-heat-templates-0:0.8.14-42.el7ost.src as a component of OpenStack 8.0 Director for RHEL 7",
"product_id": "7Server-RH7-RHOS-8.0-Director:openstack-tripleo-heat-templates-0:0.8.14-42.el7ost.src"
},
"product_reference": "openstack-tripleo-heat-templates-0:0.8.14-42.el7ost.src",
"relates_to_product_reference": "7Server-RH7-RHOS-8.0-Director"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-tripleo-heat-templates-kilo-0:0.8.14-42.el7ost.noarch as a component of OpenStack 8.0 Director for RHEL 7",
"product_id": "7Server-RH7-RHOS-8.0-Director:openstack-tripleo-heat-templates-kilo-0:0.8.14-42.el7ost.noarch"
},
"product_reference": "openstack-tripleo-heat-templates-kilo-0:0.8.14-42.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-8.0-Director"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2018-1000115",
"discovery_date": "2018-03-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1551182"
}
],
"notes": [
{
"category": "description",
"text": "It was discovered that the memcached connections using UDP transport protocol can be abused for efficient traffic amplification distributed denial of service (DDoS) attacks. A remote attacker could send a malicious UDP request using a spoofed source IP address of a target system to memcached, causing it to send a significantly larger response to the target.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "memcached: UDP server support allows spoofed traffic amplification DoS",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat is aware of traffic amplification distributed denial of service (DDoS) attacks that take advantage of the insecurely configured memcached servers reachable from the public Internet. The default configuration of memcached as shipped in Red Hat products makes it possible to abuse them for these DDoS attacks if memcached is exposed to connections from the public Internet. Refer to the Red Hat Knowledgebase article 3369081 for instructions on how to properly secure memcached installations to prevent them from being used in the attack.\n\nhttps://access.redhat.com/solutions/3369081",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RH7-RHOS-8.0-Director:instack-undercloud-0:2.2.7-13.el7ost.noarch",
"7Server-RH7-RHOS-8.0-Director:instack-undercloud-0:2.2.7-13.el7ost.src",
"7Server-RH7-RHOS-8.0-Director:openstack-tripleo-heat-templates-0:0.8.14-42.el7ost.noarch",
"7Server-RH7-RHOS-8.0-Director:openstack-tripleo-heat-templates-0:0.8.14-42.el7ost.src",
"7Server-RH7-RHOS-8.0-Director:openstack-tripleo-heat-templates-kilo-0:0.8.14-42.el7ost.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-1000115"
},
{
"category": "external",
"summary": "RHBZ#1551182",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1551182"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-1000115",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000115"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-1000115",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1000115"
}
],
"release_date": "2018-03-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-10-02T19:01:42+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-RH7-RHOS-8.0-Director:instack-undercloud-0:2.2.7-13.el7ost.noarch",
"7Server-RH7-RHOS-8.0-Director:instack-undercloud-0:2.2.7-13.el7ost.src",
"7Server-RH7-RHOS-8.0-Director:openstack-tripleo-heat-templates-0:0.8.14-42.el7ost.noarch",
"7Server-RH7-RHOS-8.0-Director:openstack-tripleo-heat-templates-0:0.8.14-42.el7ost.src",
"7Server-RH7-RHOS-8.0-Director:openstack-tripleo-heat-templates-kilo-0:0.8.14-42.el7ost.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:2857"
},
{
"category": "workaround",
"details": "Please refer to the Red Hat Knowledgebase article 3369081 for instructions on how to properly secure memcached installations to prevent them from being used in an attack.\n\nhttps://access.redhat.com/solutions/3369081",
"product_ids": [
"7Server-RH7-RHOS-8.0-Director:instack-undercloud-0:2.2.7-13.el7ost.noarch",
"7Server-RH7-RHOS-8.0-Director:instack-undercloud-0:2.2.7-13.el7ost.src",
"7Server-RH7-RHOS-8.0-Director:openstack-tripleo-heat-templates-0:0.8.14-42.el7ost.noarch",
"7Server-RH7-RHOS-8.0-Director:openstack-tripleo-heat-templates-0:0.8.14-42.el7ost.src",
"7Server-RH7-RHOS-8.0-Director:openstack-tripleo-heat-templates-kilo-0:0.8.14-42.el7ost.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"7Server-RH7-RHOS-8.0-Director:instack-undercloud-0:2.2.7-13.el7ost.noarch",
"7Server-RH7-RHOS-8.0-Director:instack-undercloud-0:2.2.7-13.el7ost.src",
"7Server-RH7-RHOS-8.0-Director:openstack-tripleo-heat-templates-0:0.8.14-42.el7ost.noarch",
"7Server-RH7-RHOS-8.0-Director:openstack-tripleo-heat-templates-0:0.8.14-42.el7ost.src",
"7Server-RH7-RHOS-8.0-Director:openstack-tripleo-heat-templates-kilo-0:0.8.14-42.el7ost.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "memcached: UDP server support allows spoofed traffic amplification DoS"
}
]
}
RHSA-2018:2857
Vulnerability from csaf_redhat - Published: 2018-10-02 19:01 - Updated: 2025-11-21 18:06Summary
Red Hat Security Advisory: Red Hat OpenStack Platform 8 director security and bug fix update
Notes
Topic
An update for instack-undercloud and openstack-tripleo-heat-templates is now available for Red Hat OpenStack Platform 8.0 (Liberty) director.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
memcached is a high-performance, distributed memory object caching system, generic in nature, but intended for use in speeding up dynamic web applications by alleviating database load.
instack-undercloud provides a collection of scripts and elements that can be used to install an OpenStack undercloud (using python-instack).
openstack-tripleo-heat-templates is a collection of OpenStack Orchestration templates and tools (codename heat), which can be used to help deploy OpenStack.
Security Fix(es):
* memcached: UDP server support allows spoofed traffic amplification DoS (CVE-2018-1000115)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
Bug Fix(es):
* This update fixes a race condition that could cause pacemaker-managed glance-fs deployments to fail.
Now the glance-fs resource is created from a single node of the overcloud in a way that eliminates the race condition and the resultant deployment failures. (BZ#1418617)
* Prior to this update, the source IP address for cold migration and resize was determined by the default gateway configured on the source compute node.
Now the my_ip option is explicitly set to the internal_api network IP in nova.conf, ensuring the correct network is used for this traffic. (BZ#1552855)
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for instack-undercloud and openstack-tripleo-heat-templates is now available for Red Hat OpenStack Platform 8.0 (Liberty) director.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "memcached is a high-performance, distributed memory object caching system, generic in nature, but intended for use in speeding up dynamic web applications by alleviating database load.\n\ninstack-undercloud provides a collection of scripts and elements that can be used to install an OpenStack undercloud (using python-instack).\n\nopenstack-tripleo-heat-templates is a collection of OpenStack Orchestration templates and tools (codename heat), which can be used to help deploy OpenStack.\n\nSecurity Fix(es):\n\n* memcached: UDP server support allows spoofed traffic amplification DoS (CVE-2018-1000115)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.\n\nBug Fix(es):\n\n* This update fixes a race condition that could cause pacemaker-managed glance-fs deployments to fail.\n\nNow the glance-fs resource is created from a single node of the overcloud in a way that eliminates the race condition and the resultant deployment failures. (BZ#1418617)\n\n* Prior to this update, the source IP address for cold migration and resize was determined by the default gateway configured on the source compute node. \n\nNow the my_ip option is explicitly set to the internal_api network IP in nova.conf, ensuring the correct network is used for this traffic. (BZ#1552855)",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2018:2857",
"url": "https://access.redhat.com/errata/RHSA-2018:2857"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "1418617",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1418617"
},
{
"category": "external",
"summary": "1517269",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1517269"
},
{
"category": "external",
"summary": "1551182",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1551182"
},
{
"category": "external",
"summary": "1552855",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1552855"
},
{
"category": "external",
"summary": "1568469",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1568469"
},
{
"category": "external",
"summary": "1590376",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1590376"
},
{
"category": "external",
"summary": "1598927",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1598927"
},
{
"category": "external",
"summary": "1630968",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1630968"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2018/rhsa-2018_2857.json"
}
],
"title": "Red Hat Security Advisory: Red Hat OpenStack Platform 8 director security and bug fix update",
"tracking": {
"current_release_date": "2025-11-21T18:06:15+00:00",
"generator": {
"date": "2025-11-21T18:06:15+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.12"
}
},
"id": "RHSA-2018:2857",
"initial_release_date": "2018-10-02T19:01:42+00:00",
"revision_history": [
{
"date": "2018-10-02T19:01:42+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2018-10-02T19:01:42+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-11-21T18:06:15+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "OpenStack 8.0 Director for RHEL 7",
"product": {
"name": "OpenStack 8.0 Director for RHEL 7",
"product_id": "7Server-RH7-RHOS-8.0-Director",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openstack-director:8::el7"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenStack Platform"
},
{
"branches": [
{
"category": "product_version",
"name": "openstack-tripleo-heat-templates-0:0.8.14-42.el7ost.src",
"product": {
"name": "openstack-tripleo-heat-templates-0:0.8.14-42.el7ost.src",
"product_id": "openstack-tripleo-heat-templates-0:0.8.14-42.el7ost.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-tripleo-heat-templates@0.8.14-42.el7ost?arch=src"
}
}
},
{
"category": "product_version",
"name": "instack-undercloud-0:2.2.7-13.el7ost.src",
"product": {
"name": "instack-undercloud-0:2.2.7-13.el7ost.src",
"product_id": "instack-undercloud-0:2.2.7-13.el7ost.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/instack-undercloud@2.2.7-13.el7ost?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "openstack-tripleo-heat-templates-0:0.8.14-42.el7ost.noarch",
"product": {
"name": "openstack-tripleo-heat-templates-0:0.8.14-42.el7ost.noarch",
"product_id": "openstack-tripleo-heat-templates-0:0.8.14-42.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-tripleo-heat-templates@0.8.14-42.el7ost?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "openstack-tripleo-heat-templates-kilo-0:0.8.14-42.el7ost.noarch",
"product": {
"name": "openstack-tripleo-heat-templates-kilo-0:0.8.14-42.el7ost.noarch",
"product_id": "openstack-tripleo-heat-templates-kilo-0:0.8.14-42.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-tripleo-heat-templates-kilo@0.8.14-42.el7ost?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "instack-undercloud-0:2.2.7-13.el7ost.noarch",
"product": {
"name": "instack-undercloud-0:2.2.7-13.el7ost.noarch",
"product_id": "instack-undercloud-0:2.2.7-13.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/instack-undercloud@2.2.7-13.el7ost?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "instack-undercloud-0:2.2.7-13.el7ost.noarch as a component of OpenStack 8.0 Director for RHEL 7",
"product_id": "7Server-RH7-RHOS-8.0-Director:instack-undercloud-0:2.2.7-13.el7ost.noarch"
},
"product_reference": "instack-undercloud-0:2.2.7-13.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-8.0-Director"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "instack-undercloud-0:2.2.7-13.el7ost.src as a component of OpenStack 8.0 Director for RHEL 7",
"product_id": "7Server-RH7-RHOS-8.0-Director:instack-undercloud-0:2.2.7-13.el7ost.src"
},
"product_reference": "instack-undercloud-0:2.2.7-13.el7ost.src",
"relates_to_product_reference": "7Server-RH7-RHOS-8.0-Director"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-tripleo-heat-templates-0:0.8.14-42.el7ost.noarch as a component of OpenStack 8.0 Director for RHEL 7",
"product_id": "7Server-RH7-RHOS-8.0-Director:openstack-tripleo-heat-templates-0:0.8.14-42.el7ost.noarch"
},
"product_reference": "openstack-tripleo-heat-templates-0:0.8.14-42.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-8.0-Director"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-tripleo-heat-templates-0:0.8.14-42.el7ost.src as a component of OpenStack 8.0 Director for RHEL 7",
"product_id": "7Server-RH7-RHOS-8.0-Director:openstack-tripleo-heat-templates-0:0.8.14-42.el7ost.src"
},
"product_reference": "openstack-tripleo-heat-templates-0:0.8.14-42.el7ost.src",
"relates_to_product_reference": "7Server-RH7-RHOS-8.0-Director"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-tripleo-heat-templates-kilo-0:0.8.14-42.el7ost.noarch as a component of OpenStack 8.0 Director for RHEL 7",
"product_id": "7Server-RH7-RHOS-8.0-Director:openstack-tripleo-heat-templates-kilo-0:0.8.14-42.el7ost.noarch"
},
"product_reference": "openstack-tripleo-heat-templates-kilo-0:0.8.14-42.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-8.0-Director"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2018-1000115",
"discovery_date": "2018-03-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1551182"
}
],
"notes": [
{
"category": "description",
"text": "It was discovered that the memcached connections using UDP transport protocol can be abused for efficient traffic amplification distributed denial of service (DDoS) attacks. A remote attacker could send a malicious UDP request using a spoofed source IP address of a target system to memcached, causing it to send a significantly larger response to the target.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "memcached: UDP server support allows spoofed traffic amplification DoS",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat is aware of traffic amplification distributed denial of service (DDoS) attacks that take advantage of the insecurely configured memcached servers reachable from the public Internet. The default configuration of memcached as shipped in Red Hat products makes it possible to abuse them for these DDoS attacks if memcached is exposed to connections from the public Internet. Refer to the Red Hat Knowledgebase article 3369081 for instructions on how to properly secure memcached installations to prevent them from being used in the attack.\n\nhttps://access.redhat.com/solutions/3369081",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RH7-RHOS-8.0-Director:instack-undercloud-0:2.2.7-13.el7ost.noarch",
"7Server-RH7-RHOS-8.0-Director:instack-undercloud-0:2.2.7-13.el7ost.src",
"7Server-RH7-RHOS-8.0-Director:openstack-tripleo-heat-templates-0:0.8.14-42.el7ost.noarch",
"7Server-RH7-RHOS-8.0-Director:openstack-tripleo-heat-templates-0:0.8.14-42.el7ost.src",
"7Server-RH7-RHOS-8.0-Director:openstack-tripleo-heat-templates-kilo-0:0.8.14-42.el7ost.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-1000115"
},
{
"category": "external",
"summary": "RHBZ#1551182",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1551182"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-1000115",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000115"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-1000115",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1000115"
}
],
"release_date": "2018-03-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-10-02T19:01:42+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-RH7-RHOS-8.0-Director:instack-undercloud-0:2.2.7-13.el7ost.noarch",
"7Server-RH7-RHOS-8.0-Director:instack-undercloud-0:2.2.7-13.el7ost.src",
"7Server-RH7-RHOS-8.0-Director:openstack-tripleo-heat-templates-0:0.8.14-42.el7ost.noarch",
"7Server-RH7-RHOS-8.0-Director:openstack-tripleo-heat-templates-0:0.8.14-42.el7ost.src",
"7Server-RH7-RHOS-8.0-Director:openstack-tripleo-heat-templates-kilo-0:0.8.14-42.el7ost.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:2857"
},
{
"category": "workaround",
"details": "Please refer to the Red Hat Knowledgebase article 3369081 for instructions on how to properly secure memcached installations to prevent them from being used in an attack.\n\nhttps://access.redhat.com/solutions/3369081",
"product_ids": [
"7Server-RH7-RHOS-8.0-Director:instack-undercloud-0:2.2.7-13.el7ost.noarch",
"7Server-RH7-RHOS-8.0-Director:instack-undercloud-0:2.2.7-13.el7ost.src",
"7Server-RH7-RHOS-8.0-Director:openstack-tripleo-heat-templates-0:0.8.14-42.el7ost.noarch",
"7Server-RH7-RHOS-8.0-Director:openstack-tripleo-heat-templates-0:0.8.14-42.el7ost.src",
"7Server-RH7-RHOS-8.0-Director:openstack-tripleo-heat-templates-kilo-0:0.8.14-42.el7ost.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"7Server-RH7-RHOS-8.0-Director:instack-undercloud-0:2.2.7-13.el7ost.noarch",
"7Server-RH7-RHOS-8.0-Director:instack-undercloud-0:2.2.7-13.el7ost.src",
"7Server-RH7-RHOS-8.0-Director:openstack-tripleo-heat-templates-0:0.8.14-42.el7ost.noarch",
"7Server-RH7-RHOS-8.0-Director:openstack-tripleo-heat-templates-0:0.8.14-42.el7ost.src",
"7Server-RH7-RHOS-8.0-Director:openstack-tripleo-heat-templates-kilo-0:0.8.14-42.el7ost.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "memcached: UDP server support allows spoofed traffic amplification DoS"
}
]
}
RHSA-2018_1593
Vulnerability from csaf_redhat - Published: 2018-05-17 15:40 - Updated: 2024-11-14 23:42Summary
Red Hat Security Advisory: Red Hat OpenStack Platform director security update
Notes
Topic
An update is now available for Red Hat OpenStack Platform 10.0 (Newton).
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat OpenStack Platform director provides the facilities for deploying and monitoring a private or public infrastructure-as-a-service (IaaS) cloud based on Red Hat OpenStack Platform.
Security Fix(es):
* A resource-permission flaw was found in the python-tripleo and openstack-tripleo-heat-templates packages where ceph.client.openstack.keyring is created as world-readable. A local attacker with access to the key could read or modify data on Ceph cluster pools for OpenStack as though the attacker were the OpenStack service, thus potentially reading or modifying data in an OpenStack Block Storage volume.
To exploit this flaw, the attacker must have local access to an overcloud node. However by default, access to overcloud nodes is restricted and accessible only from the management undercloud server on an internal network. (CVE-2017-12155)
This issue was discovered by Katuya Kawakami (NEC).
* It was discovered that the memcached connections using UDP transport protocol can be abused for efficient traffic amplification distributed denial of service (DDoS) attacks. A remote attacker could send a malicious UDP request using a spoofed source IP address of a target system to memcached, causing it to send a significantly larger response to the target. (CVE-2018-1000115)
This advisory also addresses the following issues:
* This release adds support for deploying Dell EMC VMAX Block Storage backend using the Red Hat OpenStack Platform director. (BZ#1503896)
* Using composable roles for deploying Dell SC and PS Block Storage backend caused errors. The backends could only be deploying using 'cinder::config::cinder_config' hiera data.
With this update, the composable role support for deploying the Dell SC and PS Block Storage backends is updated. As a result, they can be now deployed using composable roles. (BZ#1552980)
* Previously, the iptables rules were managed by the Red Hat OpenStack Platform director and the OpenStack Networking service, which resulted in the rules created by the OpenStack Networking service to persist on to the disk. As a result, the rules that should not be loaded after an iptables restart or a system reboot would be loaded causing traffic issues.
With this update, the Red Hat OpenStack Platform director has been updated to exclude the OpenStack Networking rules from '/etc/sysconfig/iptables' when the director saves the firewall rules. As a result, iptables restart or a system reboot should work without causing traffic problems.
Note: It might be necessary to perform a rolling restart of the controller nodes to ensure that any orphaned managed neutron rules are no longer reloaded. (BZ#1541528)
* OS::TripleO::SwiftStorage::Ports* resources have been renamed to OS::TripleO::ObjectStorage::Port* to ensure standalone Object Storage nodes using the 'ObjectStorage' roles can be deployed correctly. Operators need to modify their custom templates that previously used OS::TripleO::SwiftStorage::Ports* settings. (BZ#1544802)
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat OpenStack Platform 10.0 (Newton).\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat OpenStack Platform director provides the facilities for deploying and monitoring a private or public infrastructure-as-a-service (IaaS) cloud based on Red Hat OpenStack Platform.\n\nSecurity Fix(es):\n\n* A resource-permission flaw was found in the python-tripleo and openstack-tripleo-heat-templates packages where ceph.client.openstack.keyring is created as world-readable. A local attacker with access to the key could read or modify data on Ceph cluster pools for OpenStack as though the attacker were the OpenStack service, thus potentially reading or modifying data in an OpenStack Block Storage volume. \n\nTo exploit this flaw, the attacker must have local access to an overcloud node. However by default, access to overcloud nodes is restricted and accessible only from the management undercloud server on an internal network. (CVE-2017-12155)\n\nThis issue was discovered by Katuya Kawakami (NEC).\n\n* It was discovered that the memcached connections using UDP transport protocol can be abused for efficient traffic amplification distributed denial of service (DDoS) attacks. A remote attacker could send a malicious UDP request using a spoofed source IP address of a target system to memcached, causing it to send a significantly larger response to the target. (CVE-2018-1000115)\n\nThis advisory also addresses the following issues:\n\n* This release adds support for deploying Dell EMC VMAX Block Storage backend using the Red Hat OpenStack Platform director. (BZ#1503896)\n\n* Using composable roles for deploying Dell SC and PS Block Storage backend caused errors. The backends could only be deploying using \u0027cinder::config::cinder_config\u0027 hiera data.\nWith this update, the composable role support for deploying the Dell SC and PS Block Storage backends is updated. As a result, they can be now deployed using composable roles. (BZ#1552980)\n\n* Previously, the iptables rules were managed by the Red Hat OpenStack Platform director and the OpenStack Networking service, which resulted in the rules created by the OpenStack Networking service to persist on to the disk. As a result, the rules that should not be loaded after an iptables restart or a system reboot would be loaded causing traffic issues. \nWith this update, the Red Hat OpenStack Platform director has been updated to exclude the OpenStack Networking rules from \u0027/etc/sysconfig/iptables\u0027 when the director saves the firewall rules. As a result, iptables restart or a system reboot should work without causing traffic problems. \nNote: It might be necessary to perform a rolling restart of the controller nodes to ensure that any orphaned managed neutron rules are no longer reloaded. (BZ#1541528)\n\n* OS::TripleO::SwiftStorage::Ports* resources have been renamed to OS::TripleO::ObjectStorage::Port* to ensure standalone Object Storage nodes using the \u0027ObjectStorage\u0027 roles can be deployed correctly. Operators need to modify their custom templates that previously used OS::TripleO::SwiftStorage::Ports* settings. (BZ#1544802)",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2018:1593",
"url": "https://access.redhat.com/errata/RHSA-2018:1593"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "1414549",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1414549"
},
{
"category": "external",
"summary": "1489360",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1489360"
},
{
"category": "external",
"summary": "1503896",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1503896"
},
{
"category": "external",
"summary": "1514532",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1514532"
},
{
"category": "external",
"summary": "1514842",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1514842"
},
{
"category": "external",
"summary": "1517302",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1517302"
},
{
"category": "external",
"summary": "1533602",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1533602"
},
{
"category": "external",
"summary": "1534540",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534540"
},
{
"category": "external",
"summary": "1538753",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1538753"
},
{
"category": "external",
"summary": "1541528",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1541528"
},
{
"category": "external",
"summary": "1543883",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1543883"
},
{
"category": "external",
"summary": "1544211",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1544211"
},
{
"category": "external",
"summary": "1544802",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1544802"
},
{
"category": "external",
"summary": "1545666",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1545666"
},
{
"category": "external",
"summary": "1547091",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1547091"
},
{
"category": "external",
"summary": "1547957",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1547957"
},
{
"category": "external",
"summary": "1551182",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1551182"
},
{
"category": "external",
"summary": "1552980",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1552980"
},
{
"category": "external",
"summary": "1559093",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1559093"
},
{
"category": "external",
"summary": "1568596",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1568596"
},
{
"category": "external",
"summary": "1568601",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1568601"
},
{
"category": "external",
"summary": "1571840",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1571840"
},
{
"category": "external",
"summary": "1576577",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576577"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2018/rhsa-2018_1593.json"
}
],
"title": "Red Hat Security Advisory: Red Hat OpenStack Platform director security update",
"tracking": {
"current_release_date": "2024-11-14T23:42:51+00:00",
"generator": {
"date": "2024-11-14T23:42:51+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHSA-2018:1593",
"initial_release_date": "2018-05-17T15:40:55+00:00",
"revision_history": [
{
"date": "2018-05-17T15:40:55+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2018-05-17T15:40:55+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-14T23:42:51+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat OpenStack Platform 10.0",
"product": {
"name": "Red Hat OpenStack Platform 10.0",
"product_id": "7Server-RH7-RHOS-10.0",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openstack:10::el7"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenStack Platform"
},
{
"branches": [
{
"category": "product_version",
"name": "openstack-tripleo-heat-templates-0:5.3.10-1.el7ost.src",
"product": {
"name": "openstack-tripleo-heat-templates-0:5.3.10-1.el7ost.src",
"product_id": "openstack-tripleo-heat-templates-0:5.3.10-1.el7ost.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-tripleo-heat-templates@5.3.10-1.el7ost?arch=src"
}
}
},
{
"category": "product_version",
"name": "puppet-tripleo-0:5.6.8-6.el7ost.src",
"product": {
"name": "puppet-tripleo-0:5.6.8-6.el7ost.src",
"product_id": "puppet-tripleo-0:5.6.8-6.el7ost.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/puppet-tripleo@5.6.8-6.el7ost?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "openstack-tripleo-heat-templates-0:5.3.10-1.el7ost.noarch",
"product": {
"name": "openstack-tripleo-heat-templates-0:5.3.10-1.el7ost.noarch",
"product_id": "openstack-tripleo-heat-templates-0:5.3.10-1.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-tripleo-heat-templates@5.3.10-1.el7ost?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "puppet-tripleo-0:5.6.8-6.el7ost.noarch",
"product": {
"name": "puppet-tripleo-0:5.6.8-6.el7ost.noarch",
"product_id": "puppet-tripleo-0:5.6.8-6.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/puppet-tripleo@5.6.8-6.el7ost?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-tripleo-heat-templates-0:5.3.10-1.el7ost.noarch as a component of Red Hat OpenStack Platform 10.0",
"product_id": "7Server-RH7-RHOS-10.0:openstack-tripleo-heat-templates-0:5.3.10-1.el7ost.noarch"
},
"product_reference": "openstack-tripleo-heat-templates-0:5.3.10-1.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-10.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-tripleo-heat-templates-0:5.3.10-1.el7ost.src as a component of Red Hat OpenStack Platform 10.0",
"product_id": "7Server-RH7-RHOS-10.0:openstack-tripleo-heat-templates-0:5.3.10-1.el7ost.src"
},
"product_reference": "openstack-tripleo-heat-templates-0:5.3.10-1.el7ost.src",
"relates_to_product_reference": "7Server-RH7-RHOS-10.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "puppet-tripleo-0:5.6.8-6.el7ost.noarch as a component of Red Hat OpenStack Platform 10.0",
"product_id": "7Server-RH7-RHOS-10.0:puppet-tripleo-0:5.6.8-6.el7ost.noarch"
},
"product_reference": "puppet-tripleo-0:5.6.8-6.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-10.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "puppet-tripleo-0:5.6.8-6.el7ost.src as a component of Red Hat OpenStack Platform 10.0",
"product_id": "7Server-RH7-RHOS-10.0:puppet-tripleo-0:5.6.8-6.el7ost.src"
},
"product_reference": "puppet-tripleo-0:5.6.8-6.el7ost.src",
"relates_to_product_reference": "7Server-RH7-RHOS-10.0"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"Katuya Kawakami"
],
"organization": "NEC"
}
],
"cve": "CVE-2017-12155",
"cwe": {
"id": "CWE-732",
"name": "Incorrect Permission Assignment for Critical Resource"
},
"discovery_date": "2017-06-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1489360"
}
],
"notes": [
{
"category": "description",
"text": "A resource-permission flaw was found in the openstack-tripleo-heat-templates package where ceph.client.openstack.keyring is created as world-readable. A local attacker with access to the key could read or modify data on Ceph cluster pools for OpenStack as though the attacker were the OpenStack service, thus potentially reading or modifying data in an OpenStack Block Storage volume. \r\nTo exploit this flaw, the attacker must have local access to an overcloud node. However by default, access to overcloud nodes is restricted and accessible only from the management undercloud server on an internal network. Follow good security principles in your networking environment to ensure that network access is properly controlled.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openstack-tripleo-heat-templates: Ceph client keyring is world-readable when deployed by director",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RH7-RHOS-10.0:openstack-tripleo-heat-templates-0:5.3.10-1.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-tripleo-heat-templates-0:5.3.10-1.el7ost.src",
"7Server-RH7-RHOS-10.0:puppet-tripleo-0:5.6.8-6.el7ost.noarch",
"7Server-RH7-RHOS-10.0:puppet-tripleo-0:5.6.8-6.el7ost.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-12155"
},
{
"category": "external",
"summary": "RHBZ#1489360",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1489360"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-12155",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12155"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-12155",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12155"
}
],
"release_date": "2017-09-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-05-17T15:40:55+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-RH7-RHOS-10.0:openstack-tripleo-heat-templates-0:5.3.10-1.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-tripleo-heat-templates-0:5.3.10-1.el7ost.src",
"7Server-RH7-RHOS-10.0:puppet-tripleo-0:5.6.8-6.el7ost.noarch",
"7Server-RH7-RHOS-10.0:puppet-tripleo-0:5.6.8-6.el7ost.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:1593"
},
{
"category": "workaround",
"details": "To mitigate the flaw, use an overcloud post-deploy script[1] to do the following on all overcloud nodes:\n\nkey=/etc/ceph/ceph.client.openstack.keyring\nchown root:root $key\nchmod 600 $key\nsetfacl -m u:glance:r $key \nsetfacl -m u:cinder:r $key\nsetfacl -m u:nova:r $key\nsetfacl -m u: gnocchi:r $key\n\nIf not using Red Hat OpenStack Platform director, then run the commands above manually on each overcloud node, \nWarning: Only running \u0027chmod 600 $key\u0027 alone (without an ACL) will prevent OpenStack from reading the key.\n\n[1] https://access.redhat.com/documentation/en-us/red_hat_openstack_platform/11/html-single/advanced_overcloud_customization/#sect-Customizing_Overcloud_PostConfiguration_All",
"product_ids": [
"7Server-RH7-RHOS-10.0:openstack-tripleo-heat-templates-0:5.3.10-1.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-tripleo-heat-templates-0:5.3.10-1.el7ost.src",
"7Server-RH7-RHOS-10.0:puppet-tripleo-0:5.6.8-6.el7ost.noarch",
"7Server-RH7-RHOS-10.0:puppet-tripleo-0:5.6.8-6.el7ost.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 8.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N",
"version": "3.0"
},
"products": [
"7Server-RH7-RHOS-10.0:openstack-tripleo-heat-templates-0:5.3.10-1.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-tripleo-heat-templates-0:5.3.10-1.el7ost.src",
"7Server-RH7-RHOS-10.0:puppet-tripleo-0:5.6.8-6.el7ost.noarch",
"7Server-RH7-RHOS-10.0:puppet-tripleo-0:5.6.8-6.el7ost.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "openstack-tripleo-heat-templates: Ceph client keyring is world-readable when deployed by director"
},
{
"cve": "CVE-2018-1000115",
"discovery_date": "2018-03-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1551182"
}
],
"notes": [
{
"category": "description",
"text": "It was discovered that the memcached connections using UDP transport protocol can be abused for efficient traffic amplification distributed denial of service (DDoS) attacks. A remote attacker could send a malicious UDP request using a spoofed source IP address of a target system to memcached, causing it to send a significantly larger response to the target.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "memcached: UDP server support allows spoofed traffic amplification DoS",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat is aware of traffic amplification distributed denial of service (DDoS) attacks that take advantage of the insecurely configured memcached servers reachable from the public Internet. The default configuration of memcached as shipped in Red Hat products makes it possible to abuse them for these DDoS attacks if memcached is exposed to connections from the public Internet. Refer to the Red Hat Knowledgebase article 3369081 for instructions on how to properly secure memcached installations to prevent them from being used in the attack.\n\nhttps://access.redhat.com/solutions/3369081",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RH7-RHOS-10.0:openstack-tripleo-heat-templates-0:5.3.10-1.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-tripleo-heat-templates-0:5.3.10-1.el7ost.src",
"7Server-RH7-RHOS-10.0:puppet-tripleo-0:5.6.8-6.el7ost.noarch",
"7Server-RH7-RHOS-10.0:puppet-tripleo-0:5.6.8-6.el7ost.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-1000115"
},
{
"category": "external",
"summary": "RHBZ#1551182",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1551182"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-1000115",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000115"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-1000115",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1000115"
}
],
"release_date": "2018-03-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-05-17T15:40:55+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-RH7-RHOS-10.0:openstack-tripleo-heat-templates-0:5.3.10-1.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-tripleo-heat-templates-0:5.3.10-1.el7ost.src",
"7Server-RH7-RHOS-10.0:puppet-tripleo-0:5.6.8-6.el7ost.noarch",
"7Server-RH7-RHOS-10.0:puppet-tripleo-0:5.6.8-6.el7ost.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:1593"
},
{
"category": "workaround",
"details": "Please refer to the Red Hat Knowledgebase article 3369081 for instructions on how to properly secure memcached installations to prevent them from being used in an attack.\n\nhttps://access.redhat.com/solutions/3369081",
"product_ids": [
"7Server-RH7-RHOS-10.0:openstack-tripleo-heat-templates-0:5.3.10-1.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-tripleo-heat-templates-0:5.3.10-1.el7ost.src",
"7Server-RH7-RHOS-10.0:puppet-tripleo-0:5.6.8-6.el7ost.noarch",
"7Server-RH7-RHOS-10.0:puppet-tripleo-0:5.6.8-6.el7ost.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"7Server-RH7-RHOS-10.0:openstack-tripleo-heat-templates-0:5.3.10-1.el7ost.noarch",
"7Server-RH7-RHOS-10.0:openstack-tripleo-heat-templates-0:5.3.10-1.el7ost.src",
"7Server-RH7-RHOS-10.0:puppet-tripleo-0:5.6.8-6.el7ost.noarch",
"7Server-RH7-RHOS-10.0:puppet-tripleo-0:5.6.8-6.el7ost.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "memcached: UDP server support allows spoofed traffic amplification DoS"
}
]
}
RHBA-2018:2140
Vulnerability from csaf_redhat - Published: 2018-07-05 12:26 - Updated: 2025-11-21 17:21Summary
Red Hat Bug Fix Advisory: Red Hat OpenStack Platform 9 director Bug Fix Advisory
Notes
Topic
Updated packages that resolve various issues are now available for Red Hat
OpenStack Platform 9.0 director for RHEL 7.
Details
Red Hat OpenStack Platform director provides the facilities for deploying
and monitoring a private or public infrastructure-as-a-service (IaaS) cloud
based on Red Hat OpenStack Platform.
Changes to the openstack-tripleo-heat-templates component:
* The operator can override any SNMP configuration with a new parameter, SnmpdConfigOverride. With this parameter, the operator must include all of the SNMP configuration requirements, including usernames and passwords. Red Hat OpenStack director does not place any restrictions on the content of SnmpdConfigOverride. (BZ#1556958)
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated packages that resolve various issues are now available for Red Hat\nOpenStack Platform 9.0 director for RHEL 7.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat OpenStack Platform director provides the facilities for deploying\nand monitoring a private or public infrastructure-as-a-service (IaaS) cloud\nbased on Red Hat OpenStack Platform.\n\nChanges to the openstack-tripleo-heat-templates component:\n\n* The operator can override any SNMP configuration with a new parameter, SnmpdConfigOverride. With this parameter, the operator must include all of the SNMP configuration requirements, including usernames and passwords. Red Hat OpenStack director does not place any restrictions on the content of SnmpdConfigOverride. (BZ#1556958)",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHBA-2018:2140",
"url": "https://access.redhat.com/errata/RHBA-2018:2140"
},
{
"category": "external",
"summary": "1467649",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1467649"
},
{
"category": "external",
"summary": "1512489",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1512489"
},
{
"category": "external",
"summary": "1517268",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1517268"
},
{
"category": "external",
"summary": "1532610",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1532610"
},
{
"category": "external",
"summary": "1533948",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1533948"
},
{
"category": "external",
"summary": "1556958",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1556958"
},
{
"category": "external",
"summary": "1562405",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1562405"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2018/rhba-2018_2140.json"
}
],
"title": "Red Hat Bug Fix Advisory: Red Hat OpenStack Platform 9 director Bug Fix Advisory",
"tracking": {
"current_release_date": "2025-11-21T17:21:42+00:00",
"generator": {
"date": "2025-11-21T17:21:42+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.12"
}
},
"id": "RHBA-2018:2140",
"initial_release_date": "2018-07-05T12:26:48+00:00",
"revision_history": [
{
"date": "2018-07-05T12:26:48+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2018-07-05T12:26:48+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-11-21T17:21:42+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "OpenStack 9.0 Director for RHEL 7",
"product": {
"name": "OpenStack 9.0 Director for RHEL 7",
"product_id": "7Server-RH7-RHOS-9.0-Director",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openstack-director:9::el7"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenStack Platform"
},
{
"branches": [
{
"category": "product_version",
"name": "instack-undercloud-0:4.0.0-18.el7ost.src",
"product": {
"name": "instack-undercloud-0:4.0.0-18.el7ost.src",
"product_id": "instack-undercloud-0:4.0.0-18.el7ost.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/instack-undercloud@4.0.0-18.el7ost?arch=src"
}
}
},
{
"category": "product_version",
"name": "openstack-tripleo-heat-templates-0:2.0.0-65.el7ost.src",
"product": {
"name": "openstack-tripleo-heat-templates-0:2.0.0-65.el7ost.src",
"product_id": "openstack-tripleo-heat-templates-0:2.0.0-65.el7ost.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-tripleo-heat-templates@2.0.0-65.el7ost?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "instack-undercloud-0:4.0.0-18.el7ost.noarch",
"product": {
"name": "instack-undercloud-0:4.0.0-18.el7ost.noarch",
"product_id": "instack-undercloud-0:4.0.0-18.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/instack-undercloud@4.0.0-18.el7ost?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "openstack-tripleo-heat-templates-0:2.0.0-65.el7ost.noarch",
"product": {
"name": "openstack-tripleo-heat-templates-0:2.0.0-65.el7ost.noarch",
"product_id": "openstack-tripleo-heat-templates-0:2.0.0-65.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-tripleo-heat-templates@2.0.0-65.el7ost?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "openstack-tripleo-heat-templates-liberty-0:2.0.0-65.el7ost.noarch",
"product": {
"name": "openstack-tripleo-heat-templates-liberty-0:2.0.0-65.el7ost.noarch",
"product_id": "openstack-tripleo-heat-templates-liberty-0:2.0.0-65.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-tripleo-heat-templates-liberty@2.0.0-65.el7ost?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "instack-undercloud-0:4.0.0-18.el7ost.noarch as a component of OpenStack 9.0 Director for RHEL 7",
"product_id": "7Server-RH7-RHOS-9.0-Director:instack-undercloud-0:4.0.0-18.el7ost.noarch"
},
"product_reference": "instack-undercloud-0:4.0.0-18.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-9.0-Director"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "instack-undercloud-0:4.0.0-18.el7ost.src as a component of OpenStack 9.0 Director for RHEL 7",
"product_id": "7Server-RH7-RHOS-9.0-Director:instack-undercloud-0:4.0.0-18.el7ost.src"
},
"product_reference": "instack-undercloud-0:4.0.0-18.el7ost.src",
"relates_to_product_reference": "7Server-RH7-RHOS-9.0-Director"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-tripleo-heat-templates-0:2.0.0-65.el7ost.noarch as a component of OpenStack 9.0 Director for RHEL 7",
"product_id": "7Server-RH7-RHOS-9.0-Director:openstack-tripleo-heat-templates-0:2.0.0-65.el7ost.noarch"
},
"product_reference": "openstack-tripleo-heat-templates-0:2.0.0-65.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-9.0-Director"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-tripleo-heat-templates-0:2.0.0-65.el7ost.src as a component of OpenStack 9.0 Director for RHEL 7",
"product_id": "7Server-RH7-RHOS-9.0-Director:openstack-tripleo-heat-templates-0:2.0.0-65.el7ost.src"
},
"product_reference": "openstack-tripleo-heat-templates-0:2.0.0-65.el7ost.src",
"relates_to_product_reference": "7Server-RH7-RHOS-9.0-Director"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-tripleo-heat-templates-liberty-0:2.0.0-65.el7ost.noarch as a component of OpenStack 9.0 Director for RHEL 7",
"product_id": "7Server-RH7-RHOS-9.0-Director:openstack-tripleo-heat-templates-liberty-0:2.0.0-65.el7ost.noarch"
},
"product_reference": "openstack-tripleo-heat-templates-liberty-0:2.0.0-65.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-9.0-Director"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2018-1000115",
"discovery_date": "2018-03-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1551182"
}
],
"notes": [
{
"category": "description",
"text": "It was discovered that the memcached connections using UDP transport protocol can be abused for efficient traffic amplification distributed denial of service (DDoS) attacks. A remote attacker could send a malicious UDP request using a spoofed source IP address of a target system to memcached, causing it to send a significantly larger response to the target.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "memcached: UDP server support allows spoofed traffic amplification DoS",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat is aware of traffic amplification distributed denial of service (DDoS) attacks that take advantage of the insecurely configured memcached servers reachable from the public Internet. The default configuration of memcached as shipped in Red Hat products makes it possible to abuse them for these DDoS attacks if memcached is exposed to connections from the public Internet. Refer to the Red Hat Knowledgebase article 3369081 for instructions on how to properly secure memcached installations to prevent them from being used in the attack.\n\nhttps://access.redhat.com/solutions/3369081",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RH7-RHOS-9.0-Director:instack-undercloud-0:4.0.0-18.el7ost.noarch",
"7Server-RH7-RHOS-9.0-Director:instack-undercloud-0:4.0.0-18.el7ost.src",
"7Server-RH7-RHOS-9.0-Director:openstack-tripleo-heat-templates-0:2.0.0-65.el7ost.noarch",
"7Server-RH7-RHOS-9.0-Director:openstack-tripleo-heat-templates-0:2.0.0-65.el7ost.src",
"7Server-RH7-RHOS-9.0-Director:openstack-tripleo-heat-templates-liberty-0:2.0.0-65.el7ost.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-1000115"
},
{
"category": "external",
"summary": "RHBZ#1551182",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1551182"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-1000115",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000115"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-1000115",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1000115"
}
],
"release_date": "2018-03-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-07-05T12:26:48+00:00",
"details": "Before applying this update, ensure all previously released errata relevant\nto your system have been applied.\n\nRed Hat OpenStack Platform 9 runs on Red Hat Enterprise Linux 7.4.\n\nThe Red Hat OpenStack Platform 9 Release Notes contain the following:\n* An explanation of the way in which the provided components interact to\nform a working cloud computing environment.\n* Technology Previews, Recommended Practices, and Known Issues.\n* The channels required for Red Hat OpenStack Platform 9, including which\nchannels need to be enabled and disabled.\n\nThe Release Notes are available at:\nhttps://access.redhat.com/documentation/en/red-hat-openstack-platform/9/paged/release-notes\n\nThis update is available through \u0027yum update\u0027 on systems registered through\nRed Hat Subscription Manager. For more information about Red Hat\nSubscription Manager, see:\n\nhttps://access.redhat.com/documentation/en-US/Red_Hat_Subscription_Management/1/html/RHSM/index.html",
"product_ids": [
"7Server-RH7-RHOS-9.0-Director:instack-undercloud-0:4.0.0-18.el7ost.noarch",
"7Server-RH7-RHOS-9.0-Director:instack-undercloud-0:4.0.0-18.el7ost.src",
"7Server-RH7-RHOS-9.0-Director:openstack-tripleo-heat-templates-0:2.0.0-65.el7ost.noarch",
"7Server-RH7-RHOS-9.0-Director:openstack-tripleo-heat-templates-0:2.0.0-65.el7ost.src",
"7Server-RH7-RHOS-9.0-Director:openstack-tripleo-heat-templates-liberty-0:2.0.0-65.el7ost.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHBA-2018:2140"
},
{
"category": "workaround",
"details": "Please refer to the Red Hat Knowledgebase article 3369081 for instructions on how to properly secure memcached installations to prevent them from being used in an attack.\n\nhttps://access.redhat.com/solutions/3369081",
"product_ids": [
"7Server-RH7-RHOS-9.0-Director:instack-undercloud-0:4.0.0-18.el7ost.noarch",
"7Server-RH7-RHOS-9.0-Director:instack-undercloud-0:4.0.0-18.el7ost.src",
"7Server-RH7-RHOS-9.0-Director:openstack-tripleo-heat-templates-0:2.0.0-65.el7ost.noarch",
"7Server-RH7-RHOS-9.0-Director:openstack-tripleo-heat-templates-0:2.0.0-65.el7ost.src",
"7Server-RH7-RHOS-9.0-Director:openstack-tripleo-heat-templates-liberty-0:2.0.0-65.el7ost.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"7Server-RH7-RHOS-9.0-Director:instack-undercloud-0:4.0.0-18.el7ost.noarch",
"7Server-RH7-RHOS-9.0-Director:instack-undercloud-0:4.0.0-18.el7ost.src",
"7Server-RH7-RHOS-9.0-Director:openstack-tripleo-heat-templates-0:2.0.0-65.el7ost.noarch",
"7Server-RH7-RHOS-9.0-Director:openstack-tripleo-heat-templates-0:2.0.0-65.el7ost.src",
"7Server-RH7-RHOS-9.0-Director:openstack-tripleo-heat-templates-liberty-0:2.0.0-65.el7ost.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "memcached: UDP server support allows spoofed traffic amplification DoS"
}
]
}
RHSA-2018_1627
Vulnerability from csaf_redhat - Published: 2018-05-18 17:03 - Updated: 2024-11-14 23:42Summary
Red Hat Security Advisory: Red Hat OpenStack Platform director security update
Notes
Topic
An update is now available for Red Hat OpenStack Platform 11.0 (Ocata).
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat OpenStack Platform director provides the facilities for deploying
and monitoring a private or public infrastructure-as-a-service (IaaS) cloud
based on Red Hat OpenStack Platform.
Security Fix(es):
* A resource-permission flaw was found in the python-tripleo and openstack-tripleo-heat-templates packages where ceph.client.openstack.keyring is created as world-readable. A local attacker with access to the key could read or modify data on Ceph cluster pools for OpenStack as though the attacker were the OpenStack service, thus potentially reading or modifying data in an OpenStack Block Storage volume.
To exploit this flaw, the attacker must have local access to an overcloud node. However by default, access to overcloud nodes is restricted and accessible only from the management undercloud server on an internal network. (CVE-2017-12155)
This issue was discovered by Katuya Kawakami (NEC).
* It was discovered that the memcached connections using UDP transport protocol can be abused for efficient traffic amplification distributed denial of service (DDoS) attacks. A remote attacker could send a malicious UDP request using a spoofed source IP address of a target system to memcached, causing it to send a significantly larger response to the target. (CVE-2018-1000115)
This update also includes the following bug fixes and enhancements:
* Prior to this update, when removing the ceph-osd RPM from overcloud nodes that do not require the package, the corresponding Ceph OSD product key was not removed. Consequently, the subscription-manager would incorrectly report that the Ceph OSD product was still installed.
With this update, the script that handles removal of the ceph-osd RPM now also removes the Ceph OSD product key. Note: The script that removes the RPM and product key executes only during the overcloud update procedure; the product key is removed only when the overcloud node is updated.
As a result, after removing the ceph-osd RPM, the subscription-manager no longer reports the Ceph OSD product is installed. (BZ#1571436)
* Previously, there were errors in the director Heat template that configures the VMAX Cinder backend driver. Consequently, the VMAX driver would not function correctly. With this update, the errors have been corrected, and the VMAX driver functions correctly. (BZ#1546799)
* This enhancement adds director support for deploying the Dell EMC VMAX cinder backend. (BZ#1546793)
* In this enhancement, if a minor update is blocked by an existing yum process that prevents the package update, the process should exit with an appropriate error message. This was added because the minor update may appear to freeze, due to yum waiting for the existing yum.pid to exit; when it eventually fails it is not immediately clear why. As a result, if there is an existing yum process preventing the package update, then the minor update fails with a clear message to indicate this: "ERROR existing yum.pid detected - can't continue! Please ensure there is no other package update process for the duration of the minor update worfklow. Exiting". (BZ#1471721)
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat OpenStack Platform 11.0 (Ocata).\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat OpenStack Platform director provides the facilities for deploying\nand monitoring a private or public infrastructure-as-a-service (IaaS) cloud\nbased on Red Hat OpenStack Platform.\n\nSecurity Fix(es):\n\n* A resource-permission flaw was found in the python-tripleo and openstack-tripleo-heat-templates packages where ceph.client.openstack.keyring is created as world-readable. A local attacker with access to the key could read or modify data on Ceph cluster pools for OpenStack as though the attacker were the OpenStack service, thus potentially reading or modifying data in an OpenStack Block Storage volume. \n\nTo exploit this flaw, the attacker must have local access to an overcloud node. However by default, access to overcloud nodes is restricted and accessible only from the management undercloud server on an internal network. (CVE-2017-12155)\n\nThis issue was discovered by Katuya Kawakami (NEC).\n\n* It was discovered that the memcached connections using UDP transport protocol can be abused for efficient traffic amplification distributed denial of service (DDoS) attacks. A remote attacker could send a malicious UDP request using a spoofed source IP address of a target system to memcached, causing it to send a significantly larger response to the target. (CVE-2018-1000115)\n\nThis update also includes the following bug fixes and enhancements:\n\n* Prior to this update, when removing the ceph-osd RPM from overcloud nodes that do not require the package, the corresponding Ceph OSD product key was not removed. Consequently, the subscription-manager would incorrectly report that the Ceph OSD product was still installed.\nWith this update, the script that handles removal of the ceph-osd RPM now also removes the Ceph OSD product key. Note: The script that removes the RPM and product key executes only during the overcloud update procedure; the product key is removed only when the overcloud node is updated.\nAs a result, after removing the ceph-osd RPM, the subscription-manager no longer reports the Ceph OSD product is installed. (BZ#1571436)\n\n* Previously, there were errors in the director Heat template that configures the VMAX Cinder backend driver. Consequently, the VMAX driver would not function correctly. With this update, the errors have been corrected, and the VMAX driver functions correctly. (BZ#1546799)\n\n* This enhancement adds director support for deploying the Dell EMC VMAX cinder backend. (BZ#1546793)\n\n* In this enhancement, if a minor update is blocked by an existing yum process that prevents the package update, the process should exit with an appropriate error message. This was added because the minor update may appear to freeze, due to yum waiting for the existing yum.pid to exit; when it eventually fails it is not immediately clear why. As a result, if there is an existing yum process preventing the package update, then the minor update fails with a clear message to indicate this: \"ERROR existing yum.pid detected - can\u0027t continue! Please ensure there is no other package update process for the duration of the minor update worfklow. Exiting\". (BZ#1471721)",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2018:1627",
"url": "https://access.redhat.com/errata/RHSA-2018:1627"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "1445766",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1445766"
},
{
"category": "external",
"summary": "1471721",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1471721"
},
{
"category": "external",
"summary": "1478274",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1478274"
},
{
"category": "external",
"summary": "1489360",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1489360"
},
{
"category": "external",
"summary": "1518009",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1518009"
},
{
"category": "external",
"summary": "1524422",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1524422"
},
{
"category": "external",
"summary": "1546799",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1546799"
},
{
"category": "external",
"summary": "1547089",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1547089"
},
{
"category": "external",
"summary": "1547956",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1547956"
},
{
"category": "external",
"summary": "1548345",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1548345"
},
{
"category": "external",
"summary": "1550167",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1550167"
},
{
"category": "external",
"summary": "1551182",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1551182"
},
{
"category": "external",
"summary": "1552245",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1552245"
},
{
"category": "external",
"summary": "1567349",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1567349"
},
{
"category": "external",
"summary": "1567365",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1567365"
},
{
"category": "external",
"summary": "1571436",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1571436"
},
{
"category": "external",
"summary": "1577957",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1577957"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2018/rhsa-2018_1627.json"
}
],
"title": "Red Hat Security Advisory: Red Hat OpenStack Platform director security update",
"tracking": {
"current_release_date": "2024-11-14T23:42:56+00:00",
"generator": {
"date": "2024-11-14T23:42:56+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHSA-2018:1627",
"initial_release_date": "2018-05-18T17:03:23+00:00",
"revision_history": [
{
"date": "2018-05-18T17:03:23+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2018-05-18T17:03:23+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-14T23:42:56+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat OpenStack Platform 11.0",
"product": {
"name": "Red Hat OpenStack Platform 11.0",
"product_id": "7Server-RH7-RHOS-11.0",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openstack:11::el7"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenStack Platform"
},
{
"branches": [
{
"category": "product_version",
"name": "openstack-tripleo-heat-templates-0:6.2.12-2.el7ost.src",
"product": {
"name": "openstack-tripleo-heat-templates-0:6.2.12-2.el7ost.src",
"product_id": "openstack-tripleo-heat-templates-0:6.2.12-2.el7ost.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-tripleo-heat-templates@6.2.12-2.el7ost?arch=src"
}
}
},
{
"category": "product_version",
"name": "puppet-tripleo-0:6.5.10-3.el7ost.src",
"product": {
"name": "puppet-tripleo-0:6.5.10-3.el7ost.src",
"product_id": "puppet-tripleo-0:6.5.10-3.el7ost.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/puppet-tripleo@6.5.10-3.el7ost?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "openstack-tripleo-heat-templates-0:6.2.12-2.el7ost.noarch",
"product": {
"name": "openstack-tripleo-heat-templates-0:6.2.12-2.el7ost.noarch",
"product_id": "openstack-tripleo-heat-templates-0:6.2.12-2.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openstack-tripleo-heat-templates@6.2.12-2.el7ost?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "puppet-tripleo-0:6.5.10-3.el7ost.noarch",
"product": {
"name": "puppet-tripleo-0:6.5.10-3.el7ost.noarch",
"product_id": "puppet-tripleo-0:6.5.10-3.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/puppet-tripleo@6.5.10-3.el7ost?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-tripleo-heat-templates-0:6.2.12-2.el7ost.noarch as a component of Red Hat OpenStack Platform 11.0",
"product_id": "7Server-RH7-RHOS-11.0:openstack-tripleo-heat-templates-0:6.2.12-2.el7ost.noarch"
},
"product_reference": "openstack-tripleo-heat-templates-0:6.2.12-2.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-11.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-tripleo-heat-templates-0:6.2.12-2.el7ost.src as a component of Red Hat OpenStack Platform 11.0",
"product_id": "7Server-RH7-RHOS-11.0:openstack-tripleo-heat-templates-0:6.2.12-2.el7ost.src"
},
"product_reference": "openstack-tripleo-heat-templates-0:6.2.12-2.el7ost.src",
"relates_to_product_reference": "7Server-RH7-RHOS-11.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "puppet-tripleo-0:6.5.10-3.el7ost.noarch as a component of Red Hat OpenStack Platform 11.0",
"product_id": "7Server-RH7-RHOS-11.0:puppet-tripleo-0:6.5.10-3.el7ost.noarch"
},
"product_reference": "puppet-tripleo-0:6.5.10-3.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-11.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "puppet-tripleo-0:6.5.10-3.el7ost.src as a component of Red Hat OpenStack Platform 11.0",
"product_id": "7Server-RH7-RHOS-11.0:puppet-tripleo-0:6.5.10-3.el7ost.src"
},
"product_reference": "puppet-tripleo-0:6.5.10-3.el7ost.src",
"relates_to_product_reference": "7Server-RH7-RHOS-11.0"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"Katuya Kawakami"
],
"organization": "NEC"
}
],
"cve": "CVE-2017-12155",
"cwe": {
"id": "CWE-732",
"name": "Incorrect Permission Assignment for Critical Resource"
},
"discovery_date": "2017-06-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1489360"
}
],
"notes": [
{
"category": "description",
"text": "A resource-permission flaw was found in the openstack-tripleo-heat-templates package where ceph.client.openstack.keyring is created as world-readable. A local attacker with access to the key could read or modify data on Ceph cluster pools for OpenStack as though the attacker were the OpenStack service, thus potentially reading or modifying data in an OpenStack Block Storage volume. \r\nTo exploit this flaw, the attacker must have local access to an overcloud node. However by default, access to overcloud nodes is restricted and accessible only from the management undercloud server on an internal network. Follow good security principles in your networking environment to ensure that network access is properly controlled.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openstack-tripleo-heat-templates: Ceph client keyring is world-readable when deployed by director",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RH7-RHOS-11.0:openstack-tripleo-heat-templates-0:6.2.12-2.el7ost.noarch",
"7Server-RH7-RHOS-11.0:openstack-tripleo-heat-templates-0:6.2.12-2.el7ost.src",
"7Server-RH7-RHOS-11.0:puppet-tripleo-0:6.5.10-3.el7ost.noarch",
"7Server-RH7-RHOS-11.0:puppet-tripleo-0:6.5.10-3.el7ost.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-12155"
},
{
"category": "external",
"summary": "RHBZ#1489360",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1489360"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-12155",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12155"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-12155",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12155"
}
],
"release_date": "2017-09-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-05-18T17:03:23+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-RH7-RHOS-11.0:openstack-tripleo-heat-templates-0:6.2.12-2.el7ost.noarch",
"7Server-RH7-RHOS-11.0:openstack-tripleo-heat-templates-0:6.2.12-2.el7ost.src",
"7Server-RH7-RHOS-11.0:puppet-tripleo-0:6.5.10-3.el7ost.noarch",
"7Server-RH7-RHOS-11.0:puppet-tripleo-0:6.5.10-3.el7ost.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:1627"
},
{
"category": "workaround",
"details": "To mitigate the flaw, use an overcloud post-deploy script[1] to do the following on all overcloud nodes:\n\nkey=/etc/ceph/ceph.client.openstack.keyring\nchown root:root $key\nchmod 600 $key\nsetfacl -m u:glance:r $key \nsetfacl -m u:cinder:r $key\nsetfacl -m u:nova:r $key\nsetfacl -m u: gnocchi:r $key\n\nIf not using Red Hat OpenStack Platform director, then run the commands above manually on each overcloud node, \nWarning: Only running \u0027chmod 600 $key\u0027 alone (without an ACL) will prevent OpenStack from reading the key.\n\n[1] https://access.redhat.com/documentation/en-us/red_hat_openstack_platform/11/html-single/advanced_overcloud_customization/#sect-Customizing_Overcloud_PostConfiguration_All",
"product_ids": [
"7Server-RH7-RHOS-11.0:openstack-tripleo-heat-templates-0:6.2.12-2.el7ost.noarch",
"7Server-RH7-RHOS-11.0:openstack-tripleo-heat-templates-0:6.2.12-2.el7ost.src",
"7Server-RH7-RHOS-11.0:puppet-tripleo-0:6.5.10-3.el7ost.noarch",
"7Server-RH7-RHOS-11.0:puppet-tripleo-0:6.5.10-3.el7ost.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 8.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N",
"version": "3.0"
},
"products": [
"7Server-RH7-RHOS-11.0:openstack-tripleo-heat-templates-0:6.2.12-2.el7ost.noarch",
"7Server-RH7-RHOS-11.0:openstack-tripleo-heat-templates-0:6.2.12-2.el7ost.src",
"7Server-RH7-RHOS-11.0:puppet-tripleo-0:6.5.10-3.el7ost.noarch",
"7Server-RH7-RHOS-11.0:puppet-tripleo-0:6.5.10-3.el7ost.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "openstack-tripleo-heat-templates: Ceph client keyring is world-readable when deployed by director"
},
{
"cve": "CVE-2018-1000115",
"discovery_date": "2018-03-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1551182"
}
],
"notes": [
{
"category": "description",
"text": "It was discovered that the memcached connections using UDP transport protocol can be abused for efficient traffic amplification distributed denial of service (DDoS) attacks. A remote attacker could send a malicious UDP request using a spoofed source IP address of a target system to memcached, causing it to send a significantly larger response to the target.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "memcached: UDP server support allows spoofed traffic amplification DoS",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat is aware of traffic amplification distributed denial of service (DDoS) attacks that take advantage of the insecurely configured memcached servers reachable from the public Internet. The default configuration of memcached as shipped in Red Hat products makes it possible to abuse them for these DDoS attacks if memcached is exposed to connections from the public Internet. Refer to the Red Hat Knowledgebase article 3369081 for instructions on how to properly secure memcached installations to prevent them from being used in the attack.\n\nhttps://access.redhat.com/solutions/3369081",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RH7-RHOS-11.0:openstack-tripleo-heat-templates-0:6.2.12-2.el7ost.noarch",
"7Server-RH7-RHOS-11.0:openstack-tripleo-heat-templates-0:6.2.12-2.el7ost.src",
"7Server-RH7-RHOS-11.0:puppet-tripleo-0:6.5.10-3.el7ost.noarch",
"7Server-RH7-RHOS-11.0:puppet-tripleo-0:6.5.10-3.el7ost.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-1000115"
},
{
"category": "external",
"summary": "RHBZ#1551182",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1551182"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-1000115",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000115"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-1000115",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1000115"
}
],
"release_date": "2018-03-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-05-18T17:03:23+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-RH7-RHOS-11.0:openstack-tripleo-heat-templates-0:6.2.12-2.el7ost.noarch",
"7Server-RH7-RHOS-11.0:openstack-tripleo-heat-templates-0:6.2.12-2.el7ost.src",
"7Server-RH7-RHOS-11.0:puppet-tripleo-0:6.5.10-3.el7ost.noarch",
"7Server-RH7-RHOS-11.0:puppet-tripleo-0:6.5.10-3.el7ost.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:1627"
},
{
"category": "workaround",
"details": "Please refer to the Red Hat Knowledgebase article 3369081 for instructions on how to properly secure memcached installations to prevent them from being used in an attack.\n\nhttps://access.redhat.com/solutions/3369081",
"product_ids": [
"7Server-RH7-RHOS-11.0:openstack-tripleo-heat-templates-0:6.2.12-2.el7ost.noarch",
"7Server-RH7-RHOS-11.0:openstack-tripleo-heat-templates-0:6.2.12-2.el7ost.src",
"7Server-RH7-RHOS-11.0:puppet-tripleo-0:6.5.10-3.el7ost.noarch",
"7Server-RH7-RHOS-11.0:puppet-tripleo-0:6.5.10-3.el7ost.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"7Server-RH7-RHOS-11.0:openstack-tripleo-heat-templates-0:6.2.12-2.el7ost.noarch",
"7Server-RH7-RHOS-11.0:openstack-tripleo-heat-templates-0:6.2.12-2.el7ost.src",
"7Server-RH7-RHOS-11.0:puppet-tripleo-0:6.5.10-3.el7ost.noarch",
"7Server-RH7-RHOS-11.0:puppet-tripleo-0:6.5.10-3.el7ost.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "memcached: UDP server support allows spoofed traffic amplification DoS"
}
]
}
SUSE-RU-2020:2072-1
Vulnerability from csaf_suse - Published: 2020-07-29 14:31 - Updated: 2020-07-29 14:31Summary
Security update for ansible, crowbar-core, crowbar-ha, crowbar-openstack, etcd, flannel, grafana, keepalived, kibana, memcached, monasca-installer, openstack-dashboard-theme-SUSE, openstack-manila, openstack-neutron-fwaas, openstack-nova, openstack-tempest, python-Django, python-Pillow, python-psql2mysql, python-psutil, python-py, python-pysaml2, python-waitress, rabbitmq-server, release-notes-suse-openstack-cloud, zookeeper
Notes
Title of the patch
Security update for ansible, crowbar-core, crowbar-ha, crowbar-openstack, etcd, flannel, grafana, keepalived, kibana, memcached, monasca-installer, openstack-dashboard-theme-SUSE, openstack-manila, openstack-neutron-fwaas, openstack-nova, openstack-tempest, python-Django, python-Pillow, python-psql2mysql, python-psutil, python-py, python-pysaml2, python-waitress, rabbitmq-server, release-notes-suse-openstack-cloud, zookeeper
Description of the patch
This update for ansible, crowbar-core, crowbar-ha, crowbar-openstack, etcd, flannel, grafana, keepalived, kibana, memcached, monasca-installer, openstack-dashboard-theme-SUSE, openstack-manila, openstack-neutron-fwaas, openstack-nova, openstack-tempest, python-Django, python-Pillow, python-psql2mysql, python-psutil, python-py, python-pysaml2, python-waitress, rabbitmq-server, release-notes-suse-openstack-cloud, zookeeper fixes the following issues:
Security fixes included ins this update:
ansible
- CVE-2019-3828: Fixed a path traversal in the fetch module (bsc#1126503).
grafana
- CVE-2020-13379: Fixed an incorrect access control issue which could
lead to information leaks or denial of service (bsc#1172409).
- CVE-2020-12052: Fixed an cross site scripting vulnerability related to
the annotation popup (bsc#1170657).
kibana
- CVE-2020-10743: Fixed a clickjacking vulnerability (bsc#1171909).
memcached (to version 1.5.17)
- CVE-2019-15026: Fixed a stack-based buffer over-read
in conn_to_str()n (bsc#1149110).
- CVE-2019-11596: Fixed a denial of service in the 'lru' command
(bsc#1133817)
- CVE-2018-1000115: Disabled UDP by default to reduce DDoS amplification
attacks (bsc#1083903).
python-Django
- CVE-2020-13254: Fixed a data leakage via malformed memcached keys
(bsc#1172167).
- CVE-2020-13596: Fixed a cross site scripting vulnerability related to
the admin parameters of the ForeignKeyRawIdWidget (bsc#1172166).
- Fixed a regression with the fix for CVE-2019-3498 (bsc#1161349).
python-Pillow
- CVE-2019-16865: Fixed a denial of service with specially crafted
image files (bsc#1153191).
- CVE-2020-5312: Fixed a buffer overflow in the PCX P mode (bsc#1160152).
- CVE-2020-5313: Fixed a buffer overflow related to FLI (bsc#1160153).
- CVE-2019-19911: Fixed a denial of service in FpxImagePlugin.py
(bsc#1160192).
python-pysaml2
- CVE-2020-5390: Fixed an issue with the verification of signatures in
SAML documents (bsc#1160851)
- CVE-2017-1000246: Fixed an issue with weak encryption data, caused by
initialization vector reuse(bsc#1068612).
python-waitress (to version 1.4.3)
- CVE-2019-16785: Fixed HTTP request smuggling through LF vs CRLF
handling (bsc#1161088).
- CVE-2019-16786: Fixed HTTP request smuggling through invalid
Transfer-Encoding (bsc#1161089).
- CVE-2019-16789: Fixed HTTP Request Smuggling through invalid
whitespace characters (bsc#1160790).
- CVE-2019-16792: Fixed HTTP Request Smuggling through Content-Length
header handling (bsc#1161670).
rubygem-activeresource
- CVE-2020-8151: Fixed information disclosure issue through specially
crafted requests (bsc#1171560)
rubygem-json-1_7
- CVE-2020-10663: Fixed Unsafe Object Creation Vulnerability in JSON
(bsc#1167244)
rubygem-puma
- CVE-2020-11077: Fixed HTTP Request Smuggling through proxy (bsc#1172175)
- CVE-2020-11076: Fixed HTTP Request smuggling through invalid
Transfer-Encoding header.
- CVE-2020-5247: Fixed HTTP Response Splitting through newline characters
handling (bsc#1165402)
zookeeper:
- CVE-2019-0201: Fixed an information disclosure related to
getACL() (bsc#1135773).
Non security fixes included in this update:
Changes in ansible:
- Add 0001-Disallow-use-of-remote-home-directories-containing-..patch
(bsc#1126503, CVE-2019-3828)
Changes in crowbar-core:
- Update to version 4.0+git.1580209654.1d112d31f:
* network: start OVS before wickedd (SOC-11067)
Changes in crowbar-ha:
- Update to version 4.0+git.1585316203.d6ad2c8:
* [4.0] add ssl termination on haproxy (bsc#1149535)
Changes in crowbar-openstack:
- Update to version 4.0+git.1589804581.9972163f0:
* [4.0] magnum: fix check for image/flavor (SOC-11251)
- Update to version 4.0+git.1589647351.ccfd9481f:
* [4.0] trove: fix rabbitmq connection URL (SOC-11286)
- Update to version 4.0+git.1589458214.9f765aa08:
* [4.0] Fix create magnum k8s image and flavor (SOC-11251)
- Update to version 4.0+git.1588271860.131fc8cc1:
* run keystone_register on cluster founder only when HA (SOC-11248)
* nova: run keystone_register on cluster founder only (SOC-11243)
- Update to version 4.0+git.1588096523.679da5c50:
* tempest: retry openstack commands (SOC-11238)
- Update to version 4.0+git.1587129016.c009e43c9:
* Disable magnum.tests.functional.api.v1.test_cluster (SOC-11224)
- Update to version 4.0+git.1587035427.abb6e9b4e:
* Fix barbican SSL support (SOC-9298)
- Update to version 4.0+git.1586421486.5601320b7:
* Fix magnum tempest tests (SOC-9298)
- Update to version 4.0+git.1585331022.609482166:
* tempest: update blacklisted tempest test cases (SOC-9801,SOC-11174,SOC-11187)
- Update to version 4.0+git.1585136604.988f3a1da:
* Disabling failing tempest tests on SOC7
* [4.0] ec2-api: run keystone_register on cluster founder only (SOC-11079)
- Update to version 4.0+git.1582582068.c8c2448c0:
* neutron: Place space between CLI arguments
- Update to version 4.0+git.1580894959.1fe5fd282:
* Revert '[4.0] rabbitmq: sync startup definitions.json with recipe' (SOC-11082)
- Update to version 4.0+git.1580469474.967ab8baf:
* rabbitmq: sync startup definitions.json with recipe (SOC-11077)
Changes in etcd:
- Build against go 1.6
- Fix etcd build. We are generating 2 binaries, etcd and etcdctl.
They need to be built separately
- Ensure /var/lib/etcd is controlled by etcd:etcd
- exclude i586. We don't expect this package to be built on i586.
- remove sysconfig.etcd: this file is not being used
- Update to version 3.1.0:
* raft: add node should reset the pendingConf state
* v3rpc: don't close watcher if client closes send
* e2e: add test for v3 watch over grpc gateway
* mvcc: remove unused restore method
* integration: don't expect recv to stop on CloseSend in waitResponse
* Documentation: add grpc gateway watch example
* version: bump up v3.1.0-rc.1+git
* discovery: warn on scheme mismatch
* grpcproxy: fix deadlock on watch broadcasts stop
* etcdmain: add '/metrics' HTTP/1 path to grpc-proxy
* etcd-tester: do not resolve localhost
* raftexample: confState should be saved after apply
* raft: test case to check the duplicate add node propose
* raft: fix test case, should wait config propose applied
* raft: fix test case for data race
* raft: use the channel instead of sleep to make test case reliable
* raft: fix TestNodeProposeAddDuplicateNode
* etcdmain: handle TLS in grpc-proxy listener
* etcd-tester:limit max retry backoff delay
* functional-tester: add withBlock() to grpc dial
* op-guide: add notes about Prometheus data source in Grafana
* clientv3: return copy of endpoints, not pointer
* auth: add a timeout mechanism to simple token
* client: update README about health monitoring
* grpcproxy: fix race between watch ranges delete() and broadcasts empty()
* lease: Use monotonic time in lease
* integration: use Range to wait for reboot in quota tests
* grpcproxy: fix race between coalesce and bcast on nextrev
* etcd-tester: refactor lease checker
* store: check sorted order in TestStoreGetSorted
* vendor: bump go-systemd to v14 to avoid build error
* integration: cancel Watch when TestV3WatchWithPrevKV exits
* grpcproxy: add richer metrics for watch
* grpcproxy: add cache related metrics
* raft: Fix election 'logs converge' test
* raft: Export Progress.IsPaused
* benchmark: add rate limit
* etcdctl: remove GetUser check before mutable commands
* grpcproxy: lock store when getting size
* Documentation: link added to libraries-and-tools.md with a new v2 Scala Client
* grpcproxy: fix deadlock in watchbroadcast
* etcdserver: time out when readStateC is blocking
* store: fix store_test.go comments
* vendor: update ugorji/go
* client: update generated ugorji codec
* doc: initial faq
* clientv3/integration: test lease keepalive works following quorum loss
* integration: use RequireLeader for TestV3LeaseFailover
* v3rpc, etcdserver, leasehttp: ctxize Renew with request timeout
* Documentation: add blox and chain as users
* etcdserver: do not send v2 sync if ttl keys do not exist
* ROADMAP: update for 3.2
* Documentation: add more FAQ questions
* grpcproxy: fix minor typo
* vendor: use versions when possible in glide.yaml
* scripts: use glide update if repo exists in glide.lock
* github: make bug reporting link non-relative
* github: make contribution link non-relative
* Documentation: update get examples to be clearer about ranges
* etcdserver, embed, v2http: move pprof setup to embed
* doc: add faq about apply warning logging
* test: exclude '_home' for gosimple, unused
* auth: fix gosimple errors
* integration: simplify boolean comparison in resp.Created
* raft: simplify boolean comparison, remove unused
* tools: simplify boolean comparison, remove unused
* e2e: remove unused 'ctlV3GetFailPerm'
* v3rpc: remove unused 'splitMethodName' function
* grpcproxy: remove unused field 'wbs *watchBroadcasts'
* doc: add faq about missing heartbeat
* etcdctl: 'fields' output formats
* build: remove dir use -r flag
* etcd-tester: add 'enable-pprof' option
* etcd-tester: cancel lease stream; fix OOM panic
* doc: add hardware section
* auth: improve 'removeSubsetRangePerms' to O(n)
* Documentation: use port 2379 in local cluster guide The port in endpoints should be 2379, instead of 12379.
* op-guide/clustering: fix typo
* embed: deep copy user handlers
* Documentation: add more FAQs (follower, leader, sys-require)
* clientv3: close Lease on client Close
* netutil: ctx-ize URLStringsEqual
* etcdserver: retry for 30s on advertise url check
* membership: retry for 30s on advertise url check
* clientv3: return error from KeepAlive if corresponding loop exits
* clientv3: add test for keep alive loop exit case
* auth, etcdserver: protect membership change operations with auth
* e2e: test cases of protecting membership change with auth
* clientv3: better error message for keep alive loop halt
* Documentation: FAQ entry for cluster ID mismatches
* dev-guide: add limit.md
* Documentation: minor fix nodes -> node
* etcdctl: warn when backend takes too long to open on migrate
* docs: explicitly set ETCDCTL_API=3 in recovery.md
* v3api, rpctypes: add ErrTimeoutDueToConnectionLost
* clientv3/integration: test lease grant/keepalive with/without failures
* clientv3: don't reset keepalive stream on grant failure
* etcdctl: tighten up output, reorganize README.md
* Documentation: add FAQs on membership operation
* Documentation: add 'why.md'
* embed: only override default advertised client URL if the client listen URL is 0.0.0.0
* raft: make memory storage set method thread safe
* raft: resume paused followers on receipt of MsgHeartbeatResp
* etcd-tester: fix typo, add endpoint in logs
* lease: force leader to apply its pending committed index for lease operations
* leasehttp: buffer error channel to prevent goroutine leak
* raft: fix pre-vote tests
* etcdserver: rework update committed index logic
* etcd-tester: remove unused err var from maxRev
* e2e: check etcdctl endpoint health is healthy if denied permission to key
* benchmark: a new option for configuring dial timeout
* ctlv3: consider permission denied error to be healthy for endpoints
* etcdmain: add --metrics flag for exposing histogram metrics
* e2e: test cluster-health
* v2http: submit QGET in health endpoint if no progress
* test: bump grpcproxy pass timeout to 15m
* lease: use atomics for accessing lease expiry
* e2e: poll '/version' in release upgrade tests
* e2e: unset ETCDCTL_API env var before running u2e tests
* etcdserver: consistent naming in raftReadyHandler
* coverage: rework code coverage for unit and integration tests
* testutil: whitelist thread created by go cover
* rafthttp: bump up timeout in pipeline test
* grpcproxy, etcdmain, integration: return done channel with WatchServer
* integration: defer clus.Terminate in watch tests
* raftexample: load snapshot when opening WAL
* etcd-runner: make command compliant
* raft: use status to test node stop
* etcdserver: expose ErrNotEnoughStartedMembers
* etcdserver: resume compactor only if leader
* benchmark: enable grpc error logging on stderr
* etcd-runner:add flags in watcher for hardcoded values
* docs: fix recovery example in recovery.md
* auth: use quorum get for GetUser/GetRole for mutable operations
* grpcproxy: tear down watch when client context is done
* integration: use only digits in unix ports
* e2e: dump stack on ctlTest timeout
* expect: EXPECT_DEBUG environment variable
* why: add origin of the term etcd
* testutil: increase size of buffer for stack dump
* raft: fix test case for #7042
* vendor: update ugorji/go
* integration: add grpc auth testing
* auth: reject empty user name when checking op permissions
* etcdctl: create root role on auth enable if it does not yet exist
* raft: add RawNode test case for #6866
* pkg/report: support 99.9-percentile, change column name
* documentation: display docs.md in github browser
* benchmark: option to rate limit range benchmark
* etcdserver, clientv3: handle a case of expired auth token
* tools: Add etcd 3.0 load test tool refernece
* transport: warn on user-provided CA
* NEWS: add v3.1.0, v3.0.16 + minor fixes
* clienv3: fix balancer test logic
* clientv3: don't reset stream on keepaliveonce or revoke failure
* grpcproxy: use ccache for key cache
* vendor: remove groupcache, add ccache
* pkg/report: add 'Stats' to expose report raw data
* travis: use Go 1.7.4, drop old env var
* ctlv3: print cluster info after adding new member
* Documentation: document upgrading to v3.1
* pkg/report: add nil checking for getTimeSeries
* etcdserver: use ReqTimeout for linearized read
* grpcproxy, etcdmain, integration: add close channel to kv proxy
* glide: update 'golang.org/x/net'
* vendor: update 'golang.org/x/net'
* Documentation: update experimental_apis for v3.1 release
* NEWS: fix date for v3.1 release
* Documentation: fix typo s/endpoint-health/endpoint health/
* clientv3/concurrency: fix rev comparison on concurrent key deletion
* integration: test STM apply on concurrent deletion
* pkg/flags: fixed prefix checking of the env variables
* etcdctlv3: snapshot restore works with lease key
* test: passed the test script arguments as the test function parameters
* documentation: update build documentation
* version: bump to v3.1.0
- Update to version 3.1.0rc.1:
* grpcproxy: watch next revision should be start revision when not 0
* grpcproxy: copy range request before storing in cache
* raft: return empty status if node is stopped
* mvcc: store.restore taking too long triggering snapshot cycle fix
* mvcc: TestStoreRestore fix
* mvcc : Added benchmark for store.resotre
* pkg/netutil: get default interface for tc commands
* version: bump up v3.1.0-rc.1
Changes in grafana:
- Add CVE-2020-13379.patch
* Security: fix unauthorized avatar proxying (bsc#1172409, CVE-2020-13379)
- Refresh systemd-notification.patch
- Fix declaration for LICENSE
- Add 0002-CVE-2020-12052-bsc1170657-XSS-annotation-popup-vulnerability.patch
* Security: Fix annotation popup XSS vulnerability
(bsc#1170657)
- Add CVE-2019-15043.patch (SOC-10357, CVE-2019-15043, bsc#1148383)
Changes in keepalived:
- update to 2.0.19
- new BR pkgconfig(libnftnl) to fix nftables support
- add nftables to the BR
- added patch
* linux-4.15.patch
- add buildrequires for file-devel
- used in the checker to verify scripts
- enable json stats and config dump support
new BR: pkgconfig(json-c)
- enable http regexp support: new BR pcre2-devel
- disable dbus instance creation support as it is marked as
dangerous
- Add BFD build option to keepalived.spec rpm file
Issue #1114 identified that the keepalived.spec file was not being
generated to build BFD support even if keepalived had been
configured to support it.
- full changelog
https://keepalived.org/changelog.html
- update to 1.4.5:
* Update snapcraft.yaml for 1.4.x+git
* Fix generation of git-commit.h with git commit number.
* Set virtual server address family correctly.
* Set virtual server address family correctly when using tunnelled
real servers.
* Fix handling of virtual servers with no real servers at config time.
* Add warning if virtual and real servers are different address families.
Although normally the virtual server and real servers must have the
same address family, if a real server is tunnelled, the address families
can be different. However, the kernel didn't support that until 3.18,
so add a check that the address families are the same if different
address families are not supported by the kernel.
* Send correct status in Dbus VrrpStatusChange notification.
When an instance transitioned from BACKUP to FAULT, the Dbus
status change message reported the old status (BACKUP) rather than
the new status (FAULT). This commit attempts to resolved that.
* doc: ipvs schedulers update
* Fix a couple of typos in configure.ac.
* Fix namespace collision with musl if_ether.h.
* Check if return value from read_value_block() is null before using.
* Fix reporting real server stats via SNMP.
* Make checker process handle RTM_NEWLINK messages with -a option
Even though the checker process doesn't subscribe to RTNLGRP_LINK
messages, it appears that older kernels (certainly 2.6.32) can
send RTM_NEWLINK (but not RTM_DELLINK) messages. This occurs
when the link is set to up state.
Only the VRRP process is interested in link messages, and so the
checker process doesn't do the necessary initialisation to be able
to handle RTM_NEWLINK messages.
This commit makes the checker process simply discard RTM_NEWLINK
and RTM_DELLINK messages, rather than assuming that if it receives
an RTM_NEWLINK message it must be the VRRP process.
This problem was reported in issue #848 since the checker process
was segfaulting when a new interface was added when the -a command
line option was specified.
* Fix handling RTM_NEWLINK when building without VRRP code.
* Fix building on Fedora 28.
net-snmp-config output can include compiler and linker flags that
refer to spec files that were used to build net-snmp but may not
exist on the system building keepalived. That would cause the build
done by configure to test for net-snmp support to fail; in particular
on a Fedora 28 system that doesn't have the redhat-rpm-config package
installed.
This commit checks that any spec files in the compiler and linker
flags returned by net-snmp-config exist on the system building
keepalived, and if not it removes the reference(s) to the spec file(s).
* keepalived-1.4.3 released.
* vrrp: setting '0' as default value for ifa_flags to make gcc happy.
* Add additional libraries when testing for presence of SSL_CTX_new().
It appears that some systems need -lcrypto when linking with -lssl.
* Sanitise checking of libnl3 in configure.ac.
* Report and handle missing '}'s in config files.
* Add missing '\n' in keepalived.data output.
* Stop backup taking over as master while master reloads.
If a reload was initiated just before an advert, and since it took
one advert interval after a reload before an advert was sent, if the
reload itself took more than one advert interval, the backup could
time out and take over as master.
This commit makes keepalived send adverts for all instances that are
master immediately before a reload, and also sends adverts immediately
after a reload, thereby trippling the time available for the reload
to complete.
* Add route option fastopen_no_cookie and rule option l3mdev.
* Fix errors in KEEPALIVED-MIB.txt.
* Simplify setting on IN6_ADDR_GEN_MODE.
* Cosmetic changes to keepalived(8) man page.
* Don't set ipvs sync daemon to master state before becoming master
If a vrrp instance which was the one specified for the ipvs sync
daemon was configured with initial state master, the sync daemon
was being set to master mode before the vrrp instance transitioned
to master mode. This caused an error message when the vrrp instance
transitioned to master and attempted to make the sync daemon go from
backup to master mode.
This commit stops setting the sync daemon to master mode at initialisation
time, and it is set to master mode when the vrrp instance transitions
to master.
* Fix freeing vector which has not had any entries allocated.
* Add additional mem-check disgnostics
vector_alloc, vectot_alloc_slot, vector_free and alloc_strvec all
call MALLOC/FREE but the functions written in the mem_check log
are vector_alloc etc, not the functions that call them.
This commit adds logging of the originating calling function.
* Fix memory leak in parser.c.
* Improve alignment of new mem-check logging.
* Disable all checkers on a virtual server when ha_suspend set.
Only the first checker was being disabled; this commit now disables
all of them.
Also, make the decision to disable a checker when starting/reloading
when scheduling the checker, so that the existance of the required
address can be checked.
* Stop genhash segfaulting when built with --enable-mem-check.
* Fix memory allocation problems in genhash.
* Properly fix memory allocation problems in genhash.
* Fix persistence_granularity IPv4 netmask validation.
The logic test from inet_aton() appears to be inverted.
* Fix segfault when checker configuration is missing expected parameter
Issue #806 mentioned as an aside that 'nb_get_retry' without a parameter
was sigfaulting. Commit be7ae80 - 'Stop segfaulting when configuration
keyword is missing its parameter' missed the 'hidden' uses of vector_slot()
(i.e. those used via definitions in header files).
This commit now updates those uses of vector_slot() to use strvec_slot()
instead.
* Fix compiling on Linux 2.x kernels.
There were missing checks for HAVE_DECL_CLONE_NEWNET causing
references to an undeclared variable if CLONE_NEWNET wasn't defined.
* Improve parsing of kernel release.
The kernel EXTRAVERSION can start with any character (although
starting with a digit would be daft), so relax the check for it
starting with a '-'. Kernels using both '+' and '.' being the
first character of EXTRAVERSION have been reported.
* Improve grammer.
* add support for SNI in SSL_GET check.
this adds a `enable_sni` parameter to SSL_GET, making sure the check
passes the virtualhost in the SNI extension during SSL handshake.
* Optimise setting host name for SSL_GET requests with SNI.
* Allow SNI to be used with SSL_GET with OpenSSL v1.0.0 and LibreSSL.
* Use configure to check for SSL_set_tlsext_host_name()
Rather than checking for a specific version of the OpenSSL library
(and it would also need checking the version of the LibreSSL library)
let configure check for the presence of SSL_set_tlsext_host_name().
Also omit all code related to SNI of SSL_set_tlsext_host_name() is
not available.
* Use configure to determine available OpenSSL functionality
Rather than using version numbers of the OpenSSL library to determine
what functions are available, let configure determine whether the
functions are supported.
The also means that the same tests work for LibreSSL.
* Add support for gratuitous ARPs for IP over Infiniband.
* Use system header definition instead of local definition IF_HWADDR_MAX
linux/netdevice.h has definition MAX_ADDR_LEN, which is 32, whereas
IF_HWADDR_MAX was locally defined to be 20.
Unfortunately we end up with more system header file juggling to ensure
we don't have duplicate definitions.
* Fix vrrp_script and check_misc scripts of type </dev/tcp/127.0.0.1/80.
* Add the first pre-defined config definition (${_PWD})
${_PWD} in a configuration file will be replaced with the full
path name of the directory that keepalived is reading the current
configuration file from.
* Open and run the notify fifo and script if no other fifo
Due to the way the code was structured the notify_fifo for both
checker and vrrp messages wasn't run if neither the vrrp or checker
fifo wasn't configured.
Also, if all three fifos were configured, the general fifo script
was executed by both the vrrp and checker process, causing problems.
* Add support for Infiniband interfaces when dumping configuration.
* Tidy up layout in vrrp_arp.c.
* Add configure check for support of position independant executables (PIE).
* Add check for -pie support, and fix writing to keepalived.data.
* keepalived-1.4.2 released.
* Make genhash exit with exit code 1 on error.
Issue #766 identified that genhash always exits with exit code 1
even if an error has occurred.
* Rationalise printing of http header in genhash.
* Use http header Content-Length field in HTTP_CHECK/SSL_CHECK.
If a Content-Length is supplied in the http header, use that as a
limit to the data length (as wget does). If the length of data
received does not match the Content-Length log a warning.
* Optimise parameter passing to fprintf in genhash.
* Don't declare mark variable if don't have MARK socket option.
* Fix sync groups with only one member.
Commit c88744a0 allowed sync groups with only 1 member again, but
didn't stop removing the sync group if there was only 1 member.
This commit now doesn't remove sync groups with only one member.
* Make track scripts work with --enable-debug config option.
* Add warning if --enable-debug configure option is used.
* Allow more flexibility of layout of { and } in config files.
keepalived was a bit fussy about where '{'s and '}'s (braces) could
be placed in terms of after the keyword, or on a line on their own.
It certainly was not possible to have multiple braces on one line.
This commit now provides complete flexibility of where braces are, so
long as they occur in the correct order.
* Make alloc_value_block() report block type if there is an error.
* Simplify alloc_value_block() by using libc string functions.
* Add dumping of garp delay config when using -d option.
* Fix fractions of seconds for garp group garp_interval.
* Make read_value_block() use alloc_value_block().
This removes quite a bit of duplication of functionality, and
ensures the configuration parsing will be more consistent.
* Fix build with Linux kernel headers v4.15.
Linux kernel version 4.15 changed the libc/kernel headers suppression
logic in a way that introduces collisions.
* Add missing command line options to keepalived(8) man page.
* Fix --dont-release-vrrp.
On github, ushuz reported that commit 62e8455 - 'Don't delete vmac
interfaces before dropping multicast membership' broke --dont-release-vrrp.
This commit restores the correct functionality.
* Define _GNU_SOURCE for all compilation units.
Rather than defining _GNU_SOURCE when needed, let configure add
it to the flags passed to the C compiler, so that it is defined
for all compilation units. This ensures consistence.
* Fix new warnings procuded by gcc 8.
* Fix dumping empty lists.
Add a check in dump_list() for an empty list, and don't attempt
to dump it if it is empty.
* Resolve conversion-check compiler warnings.
* Add missing content to installing_keepalived.rst documentation.
Issue #778 identified that there was text missing at the end of
the document, and that is now added.
* Fix systemd service to start after network-online.target.
This fix was merged downstream by RedHat in response to
RHBZ #1413320.
* Update INSTALL file to describe packages needed for building
documentation.
* INSTALL: note linux distro package that provides 'sphinx_rtd_theme'
* Clear /proc/sys/net/ipv6/conf/IF/disable_ipv6 when create VMACs.
An issue was identified where keepalived was reporting permission
denied when attempting to add an IPv6 address to a VMAC interface.
It turned out that this was because
/proc/sys/net/ipv6/conf/default/disable_ipv6
was set to 1, causing IPv6 to be disables on all interfaces that
keepalived created.
This commit clears disable_ipv6 on any VMAC interfaces that
keepalived creates if the vrrp instance is using IPv6.
- remove linux-4.15.patch: does not apply anymore and not needed
(the distros using 4.15 have moved on to keepalived 2.x)
- Only Require insserv on distributions without systemd.
- Fix systemd related requires/buildRequires
- Do not run scriptlets that use insserv when using systemd
- add linux-4.15.patch
Changes in kibana:
- Add 0001-Configurable-custom-response-headers-for-server.patch
(bsc#1171909, CVE-2020-10743)
Changes in memcached:
- version update to 1.5.17
* bugfixes
fix strncpy call in stats conns to avoid ASAN violation (bsc#1149110, CVE-2019-15026)
extstore: fix indentation
add error handling when calling dup function
add unlock when item_cachedump malloc failed
extstore: emulate pread(v) for macOS
fix off-by-one in logger to allow CAS commands to be logged.
use strdup for explicitly configured slab sizes
move mem_requested from slabs.c to items.c (internal cleanup)
* new features
add server address to the 'stats conns' output
log client connection id with fetchers and mutations
Add a handler for seccomp crashes
- version update to 1.5.16
* bugfixes
When nsuffix is 0 space for flags hasn't been allocated so don't memcpy them.
- version update to 1.5.15
* bugfixes
Speed up incr/decr by replacing snprintf.
Use correct buffer size for internal URI encoding.
change some links from http to https
Fix small memory leak in testapp.c.
free window_global in slab_automove_extstore.c
remove inline_ascii_response option
-Y [filename] for ascii authentication mode
fix: idle-timeout wasn't compatible with binprot
* features
-Y [authfile] enables an authentication mode for ASCII protocol.
- modified patches
% memcached-autofoo.patch (refreshed)
- version update to 1.5.14
* update -h output for -I (max item size)
* fix segfault in 'lru' command (bsc#1133817, CVE-2019-11596)
* fix compile error on centos7
* extstore: error adjusting page_size after ext_path
* extstore: fix segfault if page_count is too high.
* close delete + incr item survival race bug
* memcached-tool dump fix loss of exp value
* Fix 'qw' in 'MemcachedTest.pm' so wait_ext_flush is exported properly
* Experimental TLS support.
* Basic implementation of TLS for memcached.
* Improve Get And Touch documentation
* fix INCR/DECR refcount leak for invalid items
- modified patches
% memcached-autofoo.patch (refreshed)
- Version bump to 1.5.11:
* extstore: balance IO thread queues
- Drop memcached-fix_test.patch that is present now upstream
- Add patch to fix aarch64, ppc64* and s390x tests:
* memcached-fix_test.patch
- Fix linter errors regarding COPYING
- update to 1.5.10:
* disruptive change in extstore: -o ext_page_count= is deprecated
and no longer works. To specify size: -o ext_path=/d/m/e:500G
extstore figures out the page count based on your desired page
size. M|G|T|P supported.
* extstore: Add basic JBOD support: ext_path can be specified
multiple times for striping onto simimar devices
* fix alignment issues on some ARM platforms for chunked items
- Update to 1.5.9:
* Bugfix release.
* Important note: if using --enable-seccomp, privilege dropping
is no longer on by default. The feature is experimental and many
users are reporting hard to diagnose problems on varied platforms.
* Seccomp is now marked EXPERIMENTAL, and must be explicitly
enabled by adding -o drop_privileges. Once we're more confident
with the usability of the feature, it will be enabled in -o modern,
like any other new change. You should only use it if you are
willing to carefully test it, especially if you're a vendor or
distribution.
* Also important is a crash fix in extstore when using the ASCII
protocol, large items, and running low on memory.
- update to 1.5.8:
* Bugfixes for seccomp and extstore
* Extstore platform portability has been greatly improved for ARM
and 32bit systems
- includes changes from 1.5.7:
* Fix alignment issues for 64bit ARM processors
* Fix seccomp portability
* Fix refcount leak with extstore while using binary touch commands
- turn on the testsuite again, it seems to pass server side,
too
- Home directory shouldn't be world readable bsc#1077718
- Mention that this stream isn't affected by bsc#1085209,
CVE-2018-1000127 to make the checker bots happy.
- update to 1.5.6 (bsc#1083903, CVE-2018-1000115):
* This update disables UDP by default to reduce DDoS amplification
attacks
* see https://github.com/memcached/memcached/wiki/ReleaseNotes156
* see https://github.com/memcached/memcached/wiki/ReleaseNotes155
* see https://github.com/memcached/memcached/wiki/ReleaseNotes154
* see https://github.com/memcached/memcached/wiki/ReleaseNotes153
* see https://github.com/memcached/memcached/wiki/ReleaseNotes152
* see https://github.com/memcached/memcached/wiki/ReleaseNotes151
* see https://github.com/memcached/memcached/wiki/ReleaseNotes150
- Replace references to /var/adm/fillup-templates with new
%_fillupdir macro (boo#1069468)
Changes in monasca-installer:
- Add 0001-kibana:-set-x-frame-options-header.patch (bsc#1171909,
CVE-2020-10743)
Changes in openstack-dashboard-theme-SUSE:
- Switch github URL from git@ to git:// to bypass authentication
Changes in openstack-manila:
- Add 0001-Fix-exportfs-u-usage-in-generic-driver.patch
Backported from upstream patch https://review.opendev.org/#/c/411631/
Related Bug (SOC-9801)
Changes in openstack-neutron-fwaas:
- Add 0050-Remove-tempest-shared-physical-network.patch (SOC-9801)
This tempest configuration option is not present in tempest, as
it was only added after the SOC7 release cut.
Changes in openstack-nova:
- Add 0001-live-mig-keep-disk-device-address-same.patch (bsc#1164316)
- Fix for https://bugs.launchpad.net/nova/+bug/1715569
Changes in openstack-tempest:
- Add 0001-Use-available-scheduler-filters.patch
Backported from upstream patch https://review.opendev.org/#/c/570207/
Related Bugs: SOC-9801,SOC-11174
- Add 0001-Remove-volume_feature_enabled.volume_services.patch
Backported from upstream patch https://review.opendev.org/#/c/438220/
Related Bug (SOC-9801)
Changes in python-cffi:
- Do not build python3 subpackages as C:OS:Newton does not support
it
- provide also python-cffi = 1.10.0 and 1.5.2 to avoid breaking the
cloud 7 and 8 requirements (bsc#948198)
- Update in SLE-12 (bsc#1138748, jsc#ECO-1256, jsc#PM-1598)
- Add dont-corrupt-memory.patch to fix boo#1111657 (originally
from https://bitbucket.org/cffi/cffi/commits/7a76a3815340)
- build python3 subpackage (FATE#324435, FATE#323875)
- Add patch cffi-loader.patch to fix bsc#1070737
- Sort out with spec-cleaner
- update to version 1.11.2:
* Fix Windows issue with managing the thread-state on CPython 3.0 to
3.5
- Update pytest in spec to add c directory tests in addition to
testing directory.
- Omit test_init_once_multithread tests as they rely on multiple
threads finishing in a given time. Returns sporadic pass/fail
within build.
- Update to 1.11.1:
* Fix tests, remove deprecated C API usage
* Fix (hack) for 3.6.0/3.6.1/3.6.2 giving incompatible binary
extensions (cpython issue #29943)
* Fix for 3.7.0a1+
- Update to 1.11.0:
* Support the modern standard types char16_t and char32_t. These
work like wchar_t: they represent one unicode character, or when
used as charN_t * or charN_t[] they represent a unicode string.
The difference with wchar_t is that they have a known, fixed
size. They should work at all places that used to work with
wchar_t (please report an issue if I missed something). Note
that with set_source(), you need to make sure that these types
are actually defined by the C source you provide (if used in
cdef()).
* Support the C99 types float _Complex and double _Complex. Note
that libffi doesn’t support them, which means that in the ABI
mode you still cannot call C functions that take complex
numbers directly as arguments or return type.
* Fixed a rare race condition when creating multiple FFI instances
from multiple threads. (Note that you aren’t meant to create
many FFI instances: in inline mode, you should write
ffi = cffi.FFI() at module level just after import cffi; and in
out-of-line mode you don’t instantiate FFI explicitly at all.)
* Windows: using callbacks can be messy because the CFFI internal
error messages show up to stderr—but stderr goes nowhere in many
applications. This makes it particularly hard to get started
with the embedding mode. (Once you get started, you can at least
use @ffi.def_extern(onerror=...) and send the error logs where
it makes sense for your application, or record them in log
files, and so on.) So what is new in CFFI is that now, on
Windows CFFI will try to open a non-modal MessageBox (in addition
to sending raw messages to stderr). The MessageBox is only
visible if the process stays alive: typically, console
applications that crash close immediately, but that is also the
situation where stderr should be visible anyway.
* Progress on support for callbacks in NetBSD.
* Functions returning booleans would in some case still return 0
or 1 instead of False or True. Fixed.
* ffi.gc() now takes an optional third parameter, which gives an
estimate of the size (in bytes) of the object. So far, this is
only used by PyPy, to make the next GC occur more quickly
(issue #320). In the future, this might have an effect on
CPython too (provided the CPython issue 31105 is addressed).
* Add a note to the documentation: the ABI mode gives function
objects that are slower to call than the API mode does. For
some reason it is often thought to be faster. It is not!
- Update to 1.10.1:
* Fixed the line numbers reported in case of cdef() errors. Also,
I just noticed, but pycparser always supported the preprocessor
directive # 42 'foo.h' to mean “from the next line, we’re in
file foo.h starting from line 42”, which it puts in the error
messages.
- update to 1.10.0:
* Issue #295: use calloc() directly instead of PyObject_Malloc()+memset()
to handle ffi.new() with a default allocator. Speeds up ffi.new(large-array)
where most of the time you never touch most of the array.
* Some OS/X build fixes (“only with Xcode but without CLT”).
* Improve a couple of error messages: when getting mismatched versions of
cffi and its backend; and when calling functions which cannot be called with
libffi because an argument is a struct that is “too complicated” (and not
a struct pointer, which always works).
* Add support for some unusual compilers (non-msvc, non-gcc, non-icc, non-clang)
* Implemented the remaining cases for ffi.from_buffer. Now all
buffer/memoryview objects can be passed. The one remaining check is against
passing unicode strings in Python 2. (They support the buffer interface, but
that gives the raw bytes behind the UTF16/UCS4 storage, which is most of the
times not what you expect. In Python 3 this has been fixed and the unicode
strings don’t support the memoryview interface any more.)
* The C type _Bool or bool now converts to a Python boolean when reading,
instead of the content of the byte as an integer. The potential
incompatibility here is what occurs if the byte contains a value different
from 0 and 1. Previously, it would just return it; with this change, CFFI
raises an exception in this case. But this case means “undefined behavior”
in C; if you really have to interface with a library relying on this,
don’t use bool in the CFFI side. Also, it is still valid to use a byte
string as initializer for a bool[], but now it must only contain \x00 or
\x01. As an aside, ffi.string() no longer works on bool[] (but it never made
much sense, as this function stops at the first zero).
* ffi.buffer is now the name of cffi’s buffer type, and ffi.buffer() works
like before but is the constructor of that type.
* ffi.addressof(lib, 'name') now works also in in-line mode, not only in
out-of-line mode. This is useful for taking the address of global variables.
* Issue #255: cdata objects of a primitive type (integers, floats, char) are
now compared and ordered by value. For example, <cdata 'int' 42> compares
equal to 42 and <cdata 'char' b'A'> compares equal to b'A'. Unlike C,
<cdata 'int' -1> does not compare equal to ffi.cast('unsigned int', -1): it
compares smaller, because -1 < 4294967295.
* PyPy: ffi.new() and ffi.new_allocator()() did not record “memory pressure”,
causing the GC to run too infrequently if you call ffi.new() very often
and/or with large arrays. Fixed in PyPy 5.7.
* Support in ffi.cdef() for numeric expressions with + or -. Assumes that
there is no overflow; it should be fixed first before we add more general
support for arbitrary arithmetic on constants.
- do not generate HTML documentation for packages that are indirect
dependencies of Sphinx
(see docs at https://cffi.readthedocs.org/ )
- update to 1.9.1
- Structs with variable-sized arrays as their last field: now we track the
length of the array after ffi.new() is called, just like we always tracked
the length of ffi.new('int[]', 42). This lets us detect out-of-range
accesses to array items. This also lets us display a better repr(), and
have the total size returned by ffi.sizeof() and ffi.buffer(). Previously
both functions would return a result based on the size of the declared
structure type, with an assumed empty array. (Thanks andrew for starting
this refactoring.)
- Add support in cdef()/set_source() for unspecified-length arrays in
typedefs: typedef int foo_t[...];. It was already supported for global
variables or structure fields.
- I turned in v1.8 a warning from cffi/model.py into an error: 'enum xxx' has
no values explicitly defined: refusing to guess which integer type it is
meant to be (unsigned/signed, int/long). Now I’m turning it back to a
warning again; it seems that guessing that the enum has size int is a
99%-safe bet. (But not 100%, so it stays as a warning.)
- Fix leaks in the code handling FILE * arguments. In CPython 3 there is a
remaining issue that is hard to fix: if you pass a Python file object to a
FILE * argument, then os.dup() is used and the new file descriptor is only
closed when the GC reclaims the Python file object—and not at the earlier
time when you call close(), which only closes the original file descriptor.
If this is an issue, you should avoid this automatic convertion of Python
file objects: instead, explicitly manipulate file descriptors and call
fdopen() from C (...via cffi).
- When passing a void * argument to a function with a different pointer type,
or vice-versa, the cast occurs automatically, like in C. The same occurs
for initialization with ffi.new() and a few other places. However, I
thought that char * had the same property—but I was mistaken. In C you get
the usual warning if you try to give a char * to a char ** argument, for
example. Sorry about the confusion. This has been fixed in CFFI by giving
for now a warning, too. It will turn into an error in a future version.
- Issue #283: fixed ffi.new() on structures/unions with nested anonymous
structures/unions, when there is at least one union in the mix. When
initialized with a list or a dict, it should now behave more closely like
the { } syntax does in GCC.
- CPython 3.x: experimental: the generated C extension modules now use the
“limited API”, which means that, as a compiled .so/.dll, it should work
directly on any version of CPython >= 3.2. The name produced by distutils
is still version-specific. To get the version-independent name, you can
rename it manually to NAME.abi3.so, or use the very recent setuptools 26.
- Added ffi.compile(debug=...), similar to python setup.py build --debug but
defaulting to True if we are running a debugging version of Python itself.
- Removed the restriction that ffi.from_buffer() cannot be used on byte
strings. Now you can get a char * out of a byte string, which is valid as
long as the string object is kept alive. (But don’t use it to modify the
string object! If you need this, use bytearray or other official
techniques.)
- PyPy 5.4 can now pass a byte string directly to a char * argument (in older
versions, a copy would be made). This used to be a CPython-only
optimization.
- ffi.gc(p, None) removes the destructor on an object previously created by
another call to ffi.gc()
- bool(ffi.cast('primitive type', x)) now returns False if the value is zero
(including -0.0), and True otherwise. Previously this would only return
False for cdata objects of a pointer type when the pointer is NULL.
- bytearrays: ffi.from_buffer(bytearray-object) is now supported. (The reason
it was not supported was that it was hard to do in PyPy, but it works since
PyPy 5.3.) To call a C function with a char * argument from a buffer
object—now including bytearrays—you write lib.foo(ffi.from_buffer(x)).
Additionally, this is now supported: p[0:length] = bytearray-object. The
problem with this was that a iterating over bytearrays gives numbers
instead of characters. (Now it is implemented with just a memcpy, of
course, not actually iterating over the characters.)
- C++: compiling the generated C code with C++ was supposed to work, but
failed if you make use the bool type (because that is rendered as the C
_Bool type, which doesn’t exist in C++).
- help(lib) and help(lib.myfunc) now give useful information, as well as
dir(p) where p is a struct or pointer-to-struct.
- drop upstreamed python-cffi-avoid-bitshifting-negative-int.patch
- update for multipython build
- Add python-cffi-avoid-bitshifting-negative-int.patch to actually
fix the 'negative left shift' warning by replacing bitshifting
in appropriate places by bitwise and comparison to self; patch
taken from upstream git. Drop cffi-1.5.2-wnoerror.patch: no
longer required.
- disable 'negative left shift' warning in test suite to prevent
failures with gcc6, until upstream fixes the undefined code
in question (boo#981848, cffi-1.5.2-wnoerror.patch)
- Update to version 1.6.0:
* ffi.list_types()
* ffi.unpack()
* extern “Python+C”
* in API mode, lib.foo.__doc__ contains the C signature now.
* Yet another attempt at robustness of ffi.def_extern() against
CPython’s interpreter shutdown logic.
Changes in python-pylons-sphinx-themes:
- moved LICENSE.txt to docs to match old structure
- specfile:
* update copyright year
- update to version 1.0.11:
* Fix the width of linenos table column when used in code-blocks.
- Replace %fdupes -s with plain %fdupes; hardlinks are better.
- Update to version 1.0.10 (2018-09-25)
+ Add Read the Docs to the recipients of ad revenue.
- Update to version 1.0.9 (2018-09-23)
+ Remove hyphenation because it sometimes hyphenates
inappropriately, such as in code.
- Update to version 1.0.8 (2018-09-21)
+ Fix support for Ethical Ads.
- Update to version 1.0.7 (2018-09-21)
+ Added support for Ethical Ads for Read The Docs.
See https://github.com/Pylons/pylons-sphinx-themes/pull/12
- Remove superfluous devel dependency for noarch package
- Update to version 1.0.6
* Update zest.releaser in order to release to PyPI.
- Update to version 1.0.5
* Clean up licensing
https://github.com/Pylons/pylons-sphinx-themes/issues/8
- Provide/obsolete old pylons_sphinx_theme
- Update to version 1.0.4
* Specify line spacing for list items for only within the
.body class.
version 1.0.3
* Add line spacing for list items. Closes #4.
version 1.0.2:
* Remove HTTPS protocol to allow either HTTPS or HTTP.
version 1.0.1:
* Use HTTPS for protocol of stylesheets.
version 1.0:
* Use zest.releaser for releasing.
* Improve documentation.
- Converted to single-spec
- version 0.3.1: initial build
Changes in python-Django:
- Fix merge artifact in CVE-2020-13596.patch
- Add CVE-2019-19844.patch (bsc#1159447, CVE-2019-19844)
* Fix Potential account hijack via password reset form
- Security fixes (bsc#1172167, bsc#1172166, CVE-2020-13254, CVE-2020-13596)
* Added patch CVE-2020-13254.patch
* Added patch CVE-2020-13596.patch
- Set _defaultlicensedir
- Fix for SG#56542, bsc#1161349:
* Fixed CVE-2019-3498-Fixed-content-spoof.patch
- Fix for SG#56542, bsc#1161349:
* Fixed CVE-2019-3498-Fixed-content-spoof.patch
(There was a bug in this .patch file; some code had been
accidentally included in the backport, and this stopped the 404
page from loading. See commit message and bug report for more
information)
Changes in python-Pillow:
- Remove decompression_bomb.gif and relevant test case to avoid
ClamAV scan alerts during build
- Add 0008-Corrected-negative-seeks.patch
* From upstream, backported
* Fixes part of CVE-2019-16865, bsc#1153191
- Add 0009-Make-Image.crop-an-immediate-operation.patch
* From upstream, backported
* Fixes https://github.com/python-pillow/Pillow/issues/1077
* Used by 0012-Added-decompression-bomb-checks.patch
- Add 0010-Crop-decompression.patch
* From upstream, backported
* Fixes https://github.com/python-pillow/Pillow/issues/2402
* Used by 0012-Added-decompression-bomb-checks.patch
- Add 0011-Added-DecompressionBombError.patch
* From upstream, backported
* Adds DecompressionBombError class
* Used by 0012-Added-decompression-bomb-checks.patch
- Add 0012-Added-decompression-bomb-checks.patch
* From upstream, backported
* Fixes part of CVE-2019-16865, bsc#1153191
- Add 0013-Raise-error-if-dimension-is-a-string.patch
* From upstream, backported
* Fixes part of CVE-2019-16865, bsc#1153191
- Add 0014-Catch-buffer-overruns.patch
* From upstream, backported
* Fixes part of CVE-2019-16865, bsc#1153191
- Add 0015-Catch-PCX-P-mode-buffer-overrun.patch
* From upstream, backported
* Fixes CVE-2020-5312, bsc#1160152
- Add 0016-Ensure-previous-FLI-frame-is-loaded.patch
* From upstream, backported
* Fixes https://github.com/python-pillow/Pillow/issues/2649
* Uncovers CVE-2020-5313, bsc#1160153
- Add 0017-Catch-FLI-buffer-overrun.patch
* From upstream, backported
* Fixes CVE-2020-5313, bsc#1160153
- Add 018-Invalid-number-of-bands-in-FPX-image.patch
* From upstream, backported
* Fixes CVE-2019-19911, bsc#1160192
Changes in python-psql2mysql:
- Update to version 0.5.0+git.1589351878.4ef877c:
* Do not fail on instance_info length, it is expected to be LONGTEXT
- Update to version 0.5.0+git.1582192453.98e9561:
* Neutron drivers use own naming for alembic migrations, e.g. cisco_alembic_version, aci_alembic_version, etc depending on driver.
Changes in python-psutil:
- Add bsc1156525-CVE-2019-18874.patch (bsc#1156525, CVE-2019-18874)
Changes in python-py:
- update to version 1.5.2
-----------------------------------------------------------------
- update to version 1.4.33
Changes in python-py:
- update to version 1.5.2:
* fix #169, #170: error importing py.log on Windows: no module named
'syslog'.
- changes from version 1.5.1:
* fix #167 - prevent pip from installing py in unsupported Python
versions.
- changes from version 1.5.0:
* python 2.6 and 3.3 are no longer supported
* deprecate py.std and remove all internal uses
* fix #73 turn py.error into an actual module
* path join to / no longer produces leading double slashes
* fix #82 - remove unsupportable aliases
* fix python37 compatibility of path.sysfind on windows by correctly
replacing vars
* turn iniconfig and apipkg into vendored packages and ease
de-vendoring for distributions
* fix #68 remove invalid py.test.ensuretemp references
* fix #25 - deprecate path.listdir(sort=callable)
* add TerminalWriter.chars_on_current_line read-only property that
tracks how many characters have been written to the current line.
- changes from version 1.4.34
* fix issue119 / pytest issue708 where tmpdir may fail to make
numbered directories when the filesystem is case-insensitive.
- update to version 1.4.33:
* avoid imports in calls to py.path.local().fnmatch(). Thanks
Andreas Pelme for the PR.
* fix issue106: Naive unicode encoding when calling fspath() in
python2. Thanks Tiago Nobrega for the PR.
* fix issue110: unittest.TestCase.assertWarns fails with py
imported.
- changes from version 1.4.32
* fix issue70: aded ability to copy all stat info in
py.path.local.copy.
* make TerminalWriter.fullwidth a property. This results in the
correct value when the terminal gets resized.
* update supported html tags to include recent additions.
Thanks Denis Afonso for the PR.
* Remove internal code in ``Source.compile`` meant to support
earlier Python 3 versions that produced the side effect
of leaving ``None`` in ``sys.modules`` when called (see
pytest-dev/pytest#2103). Thanks Bruno Oliveira for the PR.
Changes in python-pysaml2:
- Add 0001-Always-generate-a-random-IV-for-AES-operations.patch
(CVE-2017-1000246, bsc#1068612)
- Add 0001-Fix-XML-Signature-Wrapping-XSW-vulnerabilities.patch
(CVE-2020-5390, bsc#1160851)
Changes in python-waitress:
- update to 1.4.3 to include fixes for:
* CVE-2019-16785 / bsc#1161088
* CVE-2019-16786 / bsc#1161089
* CVE-2019-16789 / bsc#1160790
* CVE-2019-16792 / bsc#1161670
- moved LICENSE.txt to docs to match old structure
- make sure UTF8 locale is used when runnning tests
* Sometimes functional tests executed in python3 failed if stdout was not
set to UTF-8. The error message was:
ValueError: underlying buffer has been detached
- %python3_only -> %python_alternative
- update to 1.4.3
* Waitress did not properly validate that the HTTP headers it received
were properly formed, thereby potentially allowing a front-end server
to treat a request different from Waitress. This could lead to HTTP
request smuggling/splitting.
- drop patch local-intersphinx-inventories.patch
* it was commented out, anyway
- update to 1.4.0:
- Waitress used to slam the door shut on HTTP pipelined requests without
setting the ``Connection: close`` header as appropriate in the response. This
is of course not very friendly. Waitress now explicitly sets the header when
responding with an internally generated error such as 400 Bad Request or 500
Internal Server Error to notify the remote client that it will be closing the
connection after the response is sent.
- Waitress no longer allows any spaces to exist between the header field-name
and the colon. While waitress did not strip the space and thereby was not
vulnerable to any potential header field-name confusion, it should have sent
back a 400 Bad Request. See https://github.com/Pylons/waitress/issues/273
- CRLR handling Security fixes
- update to 1.3.1
* Waitress won’t accidentally throw away part of the path if it
starts with a double slash
- version update to 1.3.0
Deprecations
~~~~~~~~~~~~
- The ``send_bytes`` adjustment now defaults to ``1`` and is deprecated
pending removal in a future release.
and https://github.com/Pylons/waitress/pull/246
Features
~~~~~~~~
- Add a new ``outbuf_high_watermark`` adjustment which is used to apply
backpressure on the ``app_iter`` to avoid letting it spin faster than data
can be written to the socket. This stabilizes responses that iterate quickly
with a lot of data.
See https://github.com/Pylons/waitress/pull/242
- Stop early and close the ``app_iter`` when attempting to write to a closed
socket due to a client disconnect. This should notify a long-lived streaming
response when a client hangs up.
See https://github.com/Pylons/waitress/pull/238
and https://github.com/Pylons/waitress/pull/240
and https://github.com/Pylons/waitress/pull/241
- Adjust the flush to output ``SO_SNDBUF`` bytes instead of whatever was
set in the ``send_bytes`` adjustment. ``send_bytes`` now only controls how
much waitress will buffer internally before flushing to the kernel, whereas
previously it used to also throttle how much data was sent to the kernel.
This change enables a streaming ``app_iter`` containing small chunks to
still be flushed efficiently.
See https://github.com/Pylons/waitress/pull/246
Bugfixes
~~~~~~~~
- Upon receiving a request that does not include HTTP/1.0 or HTTP/1.1 we will
no longer set the version to the string value 'None'. See
https://github.com/Pylons/waitress/pull/252 and
https://github.com/Pylons/waitress/issues/110
- When a client closes a socket unexpectedly there was potential for memory
leaks in which data was written to the buffers after they were closed,
causing them to reopen.
See https://github.com/Pylons/waitress/pull/239
- Fix the queue depth warnings to only show when all threads are busy.
See https://github.com/Pylons/waitress/pull/243
and https://github.com/Pylons/waitress/pull/247
- Trigger the ``app_iter`` to close as part of shutdown. This will only be
noticeable for users of the internal server api. In more typical operations
the server will die before benefiting from these changes.
See https://github.com/Pylons/waitress/pull/245
- Fix a bug in which a streaming ``app_iter`` may never cleanup data that has
already been sent. This would cause buffers in waitress to grow without
bounds. These buffers now properly rotate and release their data.
See https://github.com/Pylons/waitress/pull/242
- Fix a bug in which non-seekable subclasses of ``io.IOBase`` would trigger
an exception when passed to the ``wsgi.file_wrapper`` callback.
See https://github.com/Pylons/waitress/pull/249
- Trim marketing wording and other platform mentions.
- Add fetch-intersphinx-inventories.sh to sources
- Add local-intersphinx-inventories.patch for generating the docs
correctly
- update to version 1.2.1:
too many changes to list here, see:
https://github.com/Pylons/waitress/blob/master/CHANGES.txt
or even:
https://github.com/Pylons/waitress/commits/master
- Remove superfluous devel dependency for noarch package
- update to version 1.1.0:
* Features
+ Waitress now has a __main__ and thus may be called with 'python
-mwaitress'
* Bugfixes
+ Waitress no longer allows lowercase HTTP verbs. This change was
made to fall in line with most HTTP servers. See
https://github.com/Pylons/waitress/pull/170
+ When receiving non-ascii bytes in the request URL, waitress will
no longer abruptly close the connection, instead returning a 400
Bad Request. See https://github.com/Pylons/waitress/pull/162 and
https://github.com/Pylons/waitress/issues/64
- Update to 1.0.2
* Python 3.6 is now officially supported in Waitress
* Add a work-around for libc issue on Linux not following the
documented standards. If getnameinfo() fails because of DNS not
being available it should return the IP address instead of the
reverse DNS entry, however instead getnameinfo() raises. We
catch this, and ask getnameinfo() for the same information
again, explicitly asking for IP address instead of reverse
DNS hostname.
- Implement single-spec version.
- Fix source URL.
- update to 1.0.1:
- IPv6 support on Windows was broken due to missing constants in the socket
module. This has been resolved by setting the constants on Windows if they
are missing. See https://github.com/Pylons/waitress/issues/138
- A ValueError was raised on Windows when passing a string for the port, on
Windows in Python 2 using service names instead of port numbers doesn't work
with `getaddrinfo`. This has been resolved by attempting to convert the port
number to an integer, if that fails a ValueError will be raised. See
https://github.com/Pylons/waitress/issues/139
- Removed `AI_ADDRCONFIG` from the call to `getaddrinfo`, this resolves an
issue whereby `getaddrinfo` wouldn't return any addresses to `bind` to on
hosts where there is no internet connection but localhost is requested to be
bound to. See https://github.com/Pylons/waitress/issues/131 for more
information.
- disable tests. need network access.
Changes in rabbitmq-server:
- Apply patches to resolve CVE-2017-4967,CVE-2017-4965 (bsc#1037777)
0001-Escape-HTML-tags-in-policy-definition-fields.patch
0002-Don-t-echo-provided-encoding-value-back.patch
0003-Strip-off-pids-and-format-consumer-details-for-2-end.patch
0004-Format-Web-contexts.patch
Changes in release-notes-suse-openstack-cloud:
- Switch github URL from git@ to https:// to bypass authentication
Changes in rubygem-activeresource:
- Add bsc#1171560-CVE-2020-8151-encode-id-param.patch
Prevent possible information disclosure issue that could allow
an attacker to create specially crafted requests to access data
in an unexpected way (bsc#1171560 CVE-2020-8151))
Changes in rubygem-crowbar-client:
- Update to 3.9.2
- Enable SES commands in Cloud8 (SOC-11122)
Changes in rubygem-json-1_7:
- Add CVE-2020-10663.patch (CVE-2020-10663, bsc#1167244)
Changes in rubygem-puma:
- Fix indentation in gem2rpm.yml
- Add CVE-2020-11077.patch (bsc#1172175, CVE-2020-11077)
- Add chunked-request-handling.patch (needed for CVE-2020-11076.patch)
- Add CVE-2020-11076.patch (bsc#1172176, CVE-2020-11076)
- Add all patches to gem2rpm.yml
- Add CVE-2020-5247.patch (bsc#1165402)
'Fixes a problem where we were not splitting newlines in headers
according to Rack spec'
The patch is reduced compared to the upstream version, which was
patching also the parts that are not implemented in our old Puma
version. This applies to unit test as well.
Changes in zookeeper:
- Apply 0002-Apply-patch-to-resolve-CVE-2019-0201.patch
This applies the patch for ZOOKEEPER-1392 to resolve CVE-2019-0201
Should not allow to read ACL when not authorized to read node
(bsc#1135773)
- Various cleanups in spec file
Patchnames
SUSE-2020-2072,SUSE-OpenStack-Cloud-7-2020-2072
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "low"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for ansible, crowbar-core, crowbar-ha, crowbar-openstack, etcd, flannel, grafana, keepalived, kibana, memcached, monasca-installer, openstack-dashboard-theme-SUSE, openstack-manila, openstack-neutron-fwaas, openstack-nova, openstack-tempest, python-Django, python-Pillow, python-psql2mysql, python-psutil, python-py, python-pysaml2, python-waitress, rabbitmq-server, release-notes-suse-openstack-cloud, zookeeper",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for ansible, crowbar-core, crowbar-ha, crowbar-openstack, etcd, flannel, grafana, keepalived, kibana, memcached, monasca-installer, openstack-dashboard-theme-SUSE, openstack-manila, openstack-neutron-fwaas, openstack-nova, openstack-tempest, python-Django, python-Pillow, python-psql2mysql, python-psutil, python-py, python-pysaml2, python-waitress, rabbitmq-server, release-notes-suse-openstack-cloud, zookeeper fixes the following issues:\n\nSecurity fixes included ins this update:\n\nansible\n- CVE-2019-3828: Fixed a path traversal in the fetch module (bsc#1126503).\n\ngrafana\n- CVE-2020-13379: Fixed an incorrect access control issue which could\nlead to information leaks or denial of service (bsc#1172409).\n- CVE-2020-12052: Fixed an cross site scripting vulnerability related to\nthe annotation popup (bsc#1170657).\n\nkibana\n- CVE-2020-10743: Fixed a clickjacking vulnerability (bsc#1171909).\n\nmemcached (to version 1.5.17)\n- CVE-2019-15026: Fixed a stack-based buffer over-read\nin conn_to_str()n (bsc#1149110).\n- CVE-2019-11596: Fixed a denial of service in the \u0027lru\u0027 command\n(bsc#1133817)\n- CVE-2018-1000115: Disabled UDP by default to reduce DDoS amplification\nattacks (bsc#1083903).\n\npython-Django\n- CVE-2020-13254: Fixed a data leakage via malformed memcached keys\n(bsc#1172167).\n- CVE-2020-13596: Fixed a cross site scripting vulnerability related to\nthe admin parameters of the ForeignKeyRawIdWidget (bsc#1172166).\n- Fixed a regression with the fix for CVE-2019-3498 (bsc#1161349).\n\npython-Pillow\n- CVE-2019-16865: Fixed a denial of service with specially crafted\nimage files (bsc#1153191).\n- CVE-2020-5312: Fixed a buffer overflow in the PCX P mode (bsc#1160152).\n- CVE-2020-5313: Fixed a buffer overflow related to FLI (bsc#1160153).\n- CVE-2019-19911: Fixed a denial of service in FpxImagePlugin.py\n(bsc#1160192).\n\npython-pysaml2\n- CVE-2020-5390: Fixed an issue with the verification of signatures in\nSAML documents (bsc#1160851)\n- CVE-2017-1000246: Fixed an issue with weak encryption data, caused by\ninitialization vector reuse(bsc#1068612).\n\npython-waitress (to version 1.4.3)\n- CVE-2019-16785: Fixed HTTP request smuggling through LF vs CRLF\nhandling (bsc#1161088).\n- CVE-2019-16786: Fixed HTTP request smuggling through invalid\nTransfer-Encoding (bsc#1161089).\n- CVE-2019-16789: Fixed HTTP Request Smuggling through invalid\nwhitespace characters (bsc#1160790).\n- CVE-2019-16792: Fixed HTTP Request Smuggling through Content-Length\nheader handling (bsc#1161670).\n\nrubygem-activeresource\n- CVE-2020-8151: Fixed information disclosure issue through specially\ncrafted requests (bsc#1171560)\n\nrubygem-json-1_7\n- CVE-2020-10663: Fixed Unsafe Object Creation Vulnerability in JSON\n(bsc#1167244)\n\nrubygem-puma\n- CVE-2020-11077: Fixed HTTP Request Smuggling through proxy (bsc#1172175)\n- CVE-2020-11076: Fixed HTTP Request smuggling through invalid\nTransfer-Encoding header.\n- CVE-2020-5247: Fixed HTTP Response Splitting through newline characters\nhandling (bsc#1165402)\n\nzookeeper:\n- CVE-2019-0201: Fixed an information disclosure related to\ngetACL() (bsc#1135773).\n\nNon security fixes included in this update:\n\nChanges in ansible:\n- Add 0001-Disallow-use-of-remote-home-directories-containing-..patch\n (bsc#1126503, CVE-2019-3828)\n\nChanges in crowbar-core:\n- Update to version 4.0+git.1580209654.1d112d31f:\n * network: start OVS before wickedd (SOC-11067)\n\nChanges in crowbar-ha:\n- Update to version 4.0+git.1585316203.d6ad2c8:\n * [4.0] add ssl termination on haproxy (bsc#1149535)\n\nChanges in crowbar-openstack:\n- Update to version 4.0+git.1589804581.9972163f0:\n * [4.0] magnum: fix check for image/flavor (SOC-11251)\n\n- Update to version 4.0+git.1589647351.ccfd9481f:\n * [4.0] trove: fix rabbitmq connection URL (SOC-11286)\n\n- Update to version 4.0+git.1589458214.9f765aa08:\n * [4.0] Fix create magnum k8s image and flavor (SOC-11251)\n\n- Update to version 4.0+git.1588271860.131fc8cc1:\n * run keystone_register on cluster founder only when HA (SOC-11248)\n * nova: run keystone_register on cluster founder only (SOC-11243)\n\n- Update to version 4.0+git.1588096523.679da5c50:\n * tempest: retry openstack commands (SOC-11238)\n\n- Update to version 4.0+git.1587129016.c009e43c9:\n * Disable magnum.tests.functional.api.v1.test_cluster (SOC-11224)\n\n- Update to version 4.0+git.1587035427.abb6e9b4e:\n * Fix barbican SSL support (SOC-9298)\n\n- Update to version 4.0+git.1586421486.5601320b7:\n * Fix magnum tempest tests (SOC-9298)\n\n- Update to version 4.0+git.1585331022.609482166:\n * tempest: update blacklisted tempest test cases (SOC-9801,SOC-11174,SOC-11187)\n\n- Update to version 4.0+git.1585136604.988f3a1da:\n * Disabling failing tempest tests on SOC7\n * [4.0] ec2-api: run keystone_register on cluster founder only (SOC-11079)\n\n- Update to version 4.0+git.1582582068.c8c2448c0:\n * neutron: Place space between CLI arguments\n\n- Update to version 4.0+git.1580894959.1fe5fd282:\n * Revert \u0027[4.0] rabbitmq: sync startup definitions.json with recipe\u0027 (SOC-11082)\n\n- Update to version 4.0+git.1580469474.967ab8baf:\n * rabbitmq: sync startup definitions.json with recipe (SOC-11077)\n\nChanges in etcd:\n- Build against go 1.6\n\n- Fix etcd build. We are generating 2 binaries, etcd and etcdctl.\n They need to be built separately \n\n- Ensure /var/lib/etcd is controlled by etcd:etcd\n\n- exclude i586. We don\u0027t expect this package to be built on i586. \n\n- remove sysconfig.etcd: this file is not being used \n\n- Update to version 3.1.0:\n * raft: add node should reset the pendingConf state\n * v3rpc: don\u0027t close watcher if client closes send\n * e2e: add test for v3 watch over grpc gateway\n * mvcc: remove unused restore method\n * integration: don\u0027t expect recv to stop on CloseSend in waitResponse\n * Documentation: add grpc gateway watch example\n * version: bump up v3.1.0-rc.1+git\n * discovery: warn on scheme mismatch\n * grpcproxy: fix deadlock on watch broadcasts stop\n * etcdmain: add \u0027/metrics\u0027 HTTP/1 path to grpc-proxy\n * etcd-tester: do not resolve localhost\n * raftexample: confState should be saved after apply\n * raft: test case to check the duplicate add node propose\n * raft: fix test case, should wait config propose applied\n * raft: fix test case for data race\n * raft: use the channel instead of sleep to make test case reliable\n * raft: fix TestNodeProposeAddDuplicateNode\n * etcdmain: handle TLS in grpc-proxy listener\n * etcd-tester:limit max retry backoff delay\n * functional-tester: add withBlock() to grpc dial\n * op-guide: add notes about Prometheus data source in Grafana\n * clientv3: return copy of endpoints, not pointer\n * auth: add a timeout mechanism to simple token\n * client: update README about health monitoring\n * grpcproxy: fix race between watch ranges delete() and broadcasts empty()\n * lease: Use monotonic time in lease\n * integration: use Range to wait for reboot in quota tests\n * grpcproxy: fix race between coalesce and bcast on nextrev\n * etcd-tester: refactor lease checker\n * store: check sorted order in TestStoreGetSorted\n * vendor: bump go-systemd to v14 to avoid build error\n * integration: cancel Watch when TestV3WatchWithPrevKV exits\n * grpcproxy: add richer metrics for watch\n * grpcproxy: add cache related metrics\n * raft: Fix election \u0027logs converge\u0027 test\n * raft: Export Progress.IsPaused\n * benchmark: add rate limit\n * etcdctl: remove GetUser check before mutable commands\n * grpcproxy: lock store when getting size\n * Documentation: link added to libraries-and-tools.md with a new v2 Scala Client\n * grpcproxy: fix deadlock in watchbroadcast\n * etcdserver: time out when readStateC is blocking\n * store: fix store_test.go comments\n * vendor: update ugorji/go\n * client: update generated ugorji codec\n * doc: initial faq\n * clientv3/integration: test lease keepalive works following quorum loss\n * integration: use RequireLeader for TestV3LeaseFailover\n * v3rpc, etcdserver, leasehttp: ctxize Renew with request timeout\n * Documentation: add blox and chain as users\n * etcdserver: do not send v2 sync if ttl keys do not exist\n * ROADMAP: update for 3.2\n * Documentation: add more FAQ questions\n * grpcproxy: fix minor typo\n * vendor: use versions when possible in glide.yaml\n * scripts: use glide update if repo exists in glide.lock\n * github: make bug reporting link non-relative\n * github: make contribution link non-relative\n * Documentation: update get examples to be clearer about ranges\n * etcdserver, embed, v2http: move pprof setup to embed\n * doc: add faq about apply warning logging\n * test: exclude \u0027_home\u0027 for gosimple, unused\n * auth: fix gosimple errors\n * integration: simplify boolean comparison in resp.Created\n * raft: simplify boolean comparison, remove unused\n * tools: simplify boolean comparison, remove unused\n * e2e: remove unused \u0027ctlV3GetFailPerm\u0027\n * v3rpc: remove unused \u0027splitMethodName\u0027 function\n * grpcproxy: remove unused field \u0027wbs *watchBroadcasts\u0027\n * doc: add faq about missing heartbeat\n * etcdctl: \u0027fields\u0027 output formats\n * build: remove dir use -r flag\n * etcd-tester: add \u0027enable-pprof\u0027 option\n * etcd-tester: cancel lease stream; fix OOM panic\n * doc: add hardware section\n * auth: improve \u0027removeSubsetRangePerms\u0027 to O(n)\n * Documentation: use port 2379 in local cluster guide The port in endpoints should be 2379, instead of 12379.\n * op-guide/clustering: fix typo\n * embed: deep copy user handlers\n * Documentation: add more FAQs (follower, leader, sys-require)\n * clientv3: close Lease on client Close\n * netutil: ctx-ize URLStringsEqual\n * etcdserver: retry for 30s on advertise url check\n * membership: retry for 30s on advertise url check\n * clientv3: return error from KeepAlive if corresponding loop exits\n * clientv3: add test for keep alive loop exit case\n * auth, etcdserver: protect membership change operations with auth\n * e2e: test cases of protecting membership change with auth\n * clientv3: better error message for keep alive loop halt\n * Documentation: FAQ entry for cluster ID mismatches\n * dev-guide: add limit.md\n * Documentation: minor fix nodes -\u003e node\n * etcdctl: warn when backend takes too long to open on migrate\n * docs: explicitly set ETCDCTL_API=3 in recovery.md\n * v3api, rpctypes: add ErrTimeoutDueToConnectionLost\n * clientv3/integration: test lease grant/keepalive with/without failures\n * clientv3: don\u0027t reset keepalive stream on grant failure\n * etcdctl: tighten up output, reorganize README.md\n * Documentation: add FAQs on membership operation\n * Documentation: add \u0027why.md\u0027\n * embed: only override default advertised client URL if the client listen URL is 0.0.0.0\n * raft: make memory storage set method thread safe\n * raft: resume paused followers on receipt of MsgHeartbeatResp\n * etcd-tester: fix typo, add endpoint in logs\n * lease: force leader to apply its pending committed index for lease operations\n * leasehttp: buffer error channel to prevent goroutine leak\n * raft: fix pre-vote tests\n * etcdserver: rework update committed index logic\n * etcd-tester: remove unused err var from maxRev\n * e2e: check etcdctl endpoint health is healthy if denied permission to key\n * benchmark: a new option for configuring dial timeout\n * ctlv3: consider permission denied error to be healthy for endpoints\n * etcdmain: add --metrics flag for exposing histogram metrics\n * e2e: test cluster-health\n * v2http: submit QGET in health endpoint if no progress\n * test: bump grpcproxy pass timeout to 15m\n * lease: use atomics for accessing lease expiry\n * e2e: poll \u0027/version\u0027 in release upgrade tests\n * e2e: unset ETCDCTL_API env var before running u2e tests\n * etcdserver: consistent naming in raftReadyHandler\n * coverage: rework code coverage for unit and integration tests\n * testutil: whitelist thread created by go cover\n * rafthttp: bump up timeout in pipeline test\n * grpcproxy, etcdmain, integration: return done channel with WatchServer\n * integration: defer clus.Terminate in watch tests\n * raftexample: load snapshot when opening WAL\n * etcd-runner: make command compliant\n * raft: use status to test node stop\n * etcdserver: expose ErrNotEnoughStartedMembers\n * etcdserver: resume compactor only if leader\n * benchmark: enable grpc error logging on stderr\n * etcd-runner:add flags in watcher for hardcoded values\n * docs: fix recovery example in recovery.md\n * auth: use quorum get for GetUser/GetRole for mutable operations\n * grpcproxy: tear down watch when client context is done\n * integration: use only digits in unix ports\n * e2e: dump stack on ctlTest timeout\n * expect: EXPECT_DEBUG environment variable\n * why: add origin of the term etcd\n * testutil: increase size of buffer for stack dump\n * raft: fix test case for #7042\n * vendor: update ugorji/go\n * integration: add grpc auth testing\n * auth: reject empty user name when checking op permissions\n * etcdctl: create root role on auth enable if it does not yet exist\n * raft: add RawNode test case for #6866\n * pkg/report: support 99.9-percentile, change column name\n * documentation: display docs.md in github browser\n * benchmark: option to rate limit range benchmark\n * etcdserver, clientv3: handle a case of expired auth token\n * tools: Add etcd 3.0 load test tool refernece\n * transport: warn on user-provided CA\n * NEWS: add v3.1.0, v3.0.16 + minor fixes\n * clienv3: fix balancer test logic\n * clientv3: don\u0027t reset stream on keepaliveonce or revoke failure\n * grpcproxy: use ccache for key cache\n * vendor: remove groupcache, add ccache\n * pkg/report: add \u0027Stats\u0027 to expose report raw data\n * travis: use Go 1.7.4, drop old env var\n * ctlv3: print cluster info after adding new member\n * Documentation: document upgrading to v3.1\n * pkg/report: add nil checking for getTimeSeries\n * etcdserver: use ReqTimeout for linearized read\n * grpcproxy, etcdmain, integration: add close channel to kv proxy\n * glide: update \u0027golang.org/x/net\u0027\n * vendor: update \u0027golang.org/x/net\u0027\n * Documentation: update experimental_apis for v3.1 release\n * NEWS: fix date for v3.1 release\n * Documentation: fix typo s/endpoint-health/endpoint health/\n * clientv3/concurrency: fix rev comparison on concurrent key deletion\n * integration: test STM apply on concurrent deletion\n * pkg/flags: fixed prefix checking of the env variables\n * etcdctlv3: snapshot restore works with lease key\n * test: passed the test script arguments as the test function parameters\n * documentation: update build documentation\n * version: bump to v3.1.0\n\n- Update to version 3.1.0rc.1:\n * grpcproxy: watch next revision should be start revision when not 0\n * grpcproxy: copy range request before storing in cache\n * raft: return empty status if node is stopped\n * mvcc: store.restore taking too long triggering snapshot cycle fix\n * mvcc: TestStoreRestore fix\n * mvcc : Added benchmark for store.resotre\n * pkg/netutil: get default interface for tc commands\n * version: bump up v3.1.0-rc.1\n\nChanges in grafana:\n- Add CVE-2020-13379.patch\n * Security: fix unauthorized avatar proxying (bsc#1172409, CVE-2020-13379)\n- Refresh systemd-notification.patch\n- Fix declaration for LICENSE\n\n- Add 0002-CVE-2020-12052-bsc1170657-XSS-annotation-popup-vulnerability.patch \n * Security: Fix annotation popup XSS vulnerability \n (bsc#1170657) \n\n- Add CVE-2019-15043.patch (SOC-10357, CVE-2019-15043, bsc#1148383)\nChanges in keepalived:\n- update to 2.0.19\n- new BR pkgconfig(libnftnl) to fix nftables support\n- add nftables to the BR\n- added patch\n * linux-4.15.patch\n- add buildrequires for file-devel\n - used in the checker to verify scripts\n- enable json stats and config dump support\n new BR: pkgconfig(json-c)\n- enable http regexp support: new BR pcre2-devel\n- disable dbus instance creation support as it is marked as\n dangerous\n- Add BFD build option to keepalived.spec rpm file\n Issue #1114 identified that the keepalived.spec file was not being\n generated to build BFD support even if keepalived had been\n configured to support it.\n- full changelog\n https://keepalived.org/changelog.html\n\n- update to 1.4.5:\n * Update snapcraft.yaml for 1.4.x+git\n * Fix generation of git-commit.h with git commit number.\n * Set virtual server address family correctly.\n * Set virtual server address family correctly when using tunnelled\n real servers.\n * Fix handling of virtual servers with no real servers at config time.\n * Add warning if virtual and real servers are different address families.\n Although normally the virtual server and real servers must have the\n same address family, if a real server is tunnelled, the address families\n can be different. However, the kernel didn\u0027t support that until 3.18,\n so add a check that the address families are the same if different\n address families are not supported by the kernel.\n * Send correct status in Dbus VrrpStatusChange notification.\n When an instance transitioned from BACKUP to FAULT, the Dbus\n status change message reported the old status (BACKUP) rather than\n the new status (FAULT). This commit attempts to resolved that.\n * doc: ipvs schedulers update\n * Fix a couple of typos in configure.ac.\n * Fix namespace collision with musl if_ether.h.\n * Check if return value from read_value_block() is null before using.\n * Fix reporting real server stats via SNMP.\n * Make checker process handle RTM_NEWLINK messages with -a option\n Even though the checker process doesn\u0027t subscribe to RTNLGRP_LINK\n messages, it appears that older kernels (certainly 2.6.32) can\n send RTM_NEWLINK (but not RTM_DELLINK) messages. This occurs\n when the link is set to up state.\n Only the VRRP process is interested in link messages, and so the\n checker process doesn\u0027t do the necessary initialisation to be able\n to handle RTM_NEWLINK messages.\n This commit makes the checker process simply discard RTM_NEWLINK\n and RTM_DELLINK messages, rather than assuming that if it receives\n an RTM_NEWLINK message it must be the VRRP process.\n This problem was reported in issue #848 since the checker process\n was segfaulting when a new interface was added when the -a command\n line option was specified.\n * Fix handling RTM_NEWLINK when building without VRRP code.\n * Fix building on Fedora 28.\n net-snmp-config output can include compiler and linker flags that\n refer to spec files that were used to build net-snmp but may not\n exist on the system building keepalived. That would cause the build\n done by configure to test for net-snmp support to fail; in particular\n on a Fedora 28 system that doesn\u0027t have the redhat-rpm-config package\n installed.\n This commit checks that any spec files in the compiler and linker\n flags returned by net-snmp-config exist on the system building\n keepalived, and if not it removes the reference(s) to the spec file(s).\n * keepalived-1.4.3 released.\n * vrrp: setting \u00270\u0027 as default value for ifa_flags to make gcc happy.\n * Add additional libraries when testing for presence of SSL_CTX_new().\n It appears that some systems need -lcrypto when linking with -lssl.\n * Sanitise checking of libnl3 in configure.ac.\n * Report and handle missing \u0027}\u0027s in config files.\n * Add missing \u0027\\n\u0027 in keepalived.data output.\n * Stop backup taking over as master while master reloads.\n If a reload was initiated just before an advert, and since it took\n one advert interval after a reload before an advert was sent, if the\n reload itself took more than one advert interval, the backup could\n time out and take over as master.\n This commit makes keepalived send adverts for all instances that are\n master immediately before a reload, and also sends adverts immediately\n after a reload, thereby trippling the time available for the reload\n to complete.\n * Add route option fastopen_no_cookie and rule option l3mdev.\n * Fix errors in KEEPALIVED-MIB.txt.\n * Simplify setting on IN6_ADDR_GEN_MODE.\n * Cosmetic changes to keepalived(8) man page.\n * Don\u0027t set ipvs sync daemon to master state before becoming master\n If a vrrp instance which was the one specified for the ipvs sync\n daemon was configured with initial state master, the sync daemon\n was being set to master mode before the vrrp instance transitioned\n to master mode. This caused an error message when the vrrp instance\n transitioned to master and attempted to make the sync daemon go from\n backup to master mode.\n This commit stops setting the sync daemon to master mode at initialisation\n time, and it is set to master mode when the vrrp instance transitions\n to master.\n * Fix freeing vector which has not had any entries allocated.\n * Add additional mem-check disgnostics\n vector_alloc, vectot_alloc_slot, vector_free and alloc_strvec all\n call MALLOC/FREE but the functions written in the mem_check log\n are vector_alloc etc, not the functions that call them.\n This commit adds logging of the originating calling function.\n * Fix memory leak in parser.c.\n * Improve alignment of new mem-check logging.\n * Disable all checkers on a virtual server when ha_suspend set.\n Only the first checker was being disabled; this commit now disables\n all of them.\n Also, make the decision to disable a checker when starting/reloading\n when scheduling the checker, so that the existance of the required\n address can be checked.\n * Stop genhash segfaulting when built with --enable-mem-check.\n * Fix memory allocation problems in genhash.\n * Properly fix memory allocation problems in genhash.\n * Fix persistence_granularity IPv4 netmask validation.\n The logic test from inet_aton() appears to be inverted.\n * Fix segfault when checker configuration is missing expected parameter\n Issue #806 mentioned as an aside that \u0027nb_get_retry\u0027 without a parameter\n was sigfaulting. Commit be7ae80 - \u0027Stop segfaulting when configuration\n keyword is missing its parameter\u0027 missed the \u0027hidden\u0027 uses of vector_slot()\n (i.e. those used via definitions in header files).\n This commit now updates those uses of vector_slot() to use strvec_slot()\n instead.\n * Fix compiling on Linux 2.x kernels.\n There were missing checks for HAVE_DECL_CLONE_NEWNET causing\n references to an undeclared variable if CLONE_NEWNET wasn\u0027t defined.\n * Improve parsing of kernel release.\n The kernel EXTRAVERSION can start with any character (although\n starting with a digit would be daft), so relax the check for it\n starting with a \u0027-\u0027. Kernels using both \u0027+\u0027 and \u0027.\u0027 being the\n first character of EXTRAVERSION have been reported.\n * Improve grammer.\n * add support for SNI in SSL_GET check.\n this adds a `enable_sni` parameter to SSL_GET, making sure the check\n passes the virtualhost in the SNI extension during SSL handshake.\n * Optimise setting host name for SSL_GET requests with SNI.\n * Allow SNI to be used with SSL_GET with OpenSSL v1.0.0 and LibreSSL.\n * Use configure to check for SSL_set_tlsext_host_name()\n Rather than checking for a specific version of the OpenSSL library\n (and it would also need checking the version of the LibreSSL library)\n let configure check for the presence of SSL_set_tlsext_host_name().\n Also omit all code related to SNI of SSL_set_tlsext_host_name() is\n not available.\n * Use configure to determine available OpenSSL functionality\n Rather than using version numbers of the OpenSSL library to determine\n what functions are available, let configure determine whether the\n functions are supported.\n The also means that the same tests work for LibreSSL.\n * Add support for gratuitous ARPs for IP over Infiniband.\n * Use system header definition instead of local definition IF_HWADDR_MAX\n linux/netdevice.h has definition MAX_ADDR_LEN, which is 32, whereas\n IF_HWADDR_MAX was locally defined to be 20.\n Unfortunately we end up with more system header file juggling to ensure\n we don\u0027t have duplicate definitions.\n * Fix vrrp_script and check_misc scripts of type \u003c/dev/tcp/127.0.0.1/80.\n * Add the first pre-defined config definition (${_PWD})\n ${_PWD} in a configuration file will be replaced with the full\n path name of the directory that keepalived is reading the current\n configuration file from.\n * Open and run the notify fifo and script if no other fifo\n Due to the way the code was structured the notify_fifo for both\n checker and vrrp messages wasn\u0027t run if neither the vrrp or checker\n fifo wasn\u0027t configured.\n Also, if all three fifos were configured, the general fifo script\n was executed by both the vrrp and checker process, causing problems.\n * Add support for Infiniband interfaces when dumping configuration.\n * Tidy up layout in vrrp_arp.c.\n * Add configure check for support of position independant executables (PIE).\n * Add check for -pie support, and fix writing to keepalived.data.\n * keepalived-1.4.2 released.\n * Make genhash exit with exit code 1 on error.\n Issue #766 identified that genhash always exits with exit code 1\n even if an error has occurred.\n * Rationalise printing of http header in genhash.\n * Use http header Content-Length field in HTTP_CHECK/SSL_CHECK.\n If a Content-Length is supplied in the http header, use that as a\n limit to the data length (as wget does). If the length of data\n received does not match the Content-Length log a warning.\n * Optimise parameter passing to fprintf in genhash.\n * Don\u0027t declare mark variable if don\u0027t have MARK socket option.\n * Fix sync groups with only one member.\n Commit c88744a0 allowed sync groups with only 1 member again, but\n didn\u0027t stop removing the sync group if there was only 1 member.\n This commit now doesn\u0027t remove sync groups with only one member.\n * Make track scripts work with --enable-debug config option.\n * Add warning if --enable-debug configure option is used.\n * Allow more flexibility of layout of { and } in config files.\n keepalived was a bit fussy about where \u0027{\u0027s and \u0027}\u0027s (braces) could\n be placed in terms of after the keyword, or on a line on their own.\n It certainly was not possible to have multiple braces on one line.\n This commit now provides complete flexibility of where braces are, so\n long as they occur in the correct order.\n * Make alloc_value_block() report block type if there is an error.\n * Simplify alloc_value_block() by using libc string functions.\n * Add dumping of garp delay config when using -d option.\n * Fix fractions of seconds for garp group garp_interval.\n * Make read_value_block() use alloc_value_block().\n This removes quite a bit of duplication of functionality, and\n ensures the configuration parsing will be more consistent.\n * Fix build with Linux kernel headers v4.15.\n Linux kernel version 4.15 changed the libc/kernel headers suppression\n logic in a way that introduces collisions.\n * Add missing command line options to keepalived(8) man page.\n * Fix --dont-release-vrrp.\n On github, ushuz reported that commit 62e8455 - \u0027Don\u0027t delete vmac\n interfaces before dropping multicast membership\u0027 broke --dont-release-vrrp.\n This commit restores the correct functionality.\n * Define _GNU_SOURCE for all compilation units.\n Rather than defining _GNU_SOURCE when needed, let configure add\n it to the flags passed to the C compiler, so that it is defined\n for all compilation units. This ensures consistence.\n * Fix new warnings procuded by gcc 8.\n * Fix dumping empty lists.\n Add a check in dump_list() for an empty list, and don\u0027t attempt\n to dump it if it is empty.\n * Resolve conversion-check compiler warnings.\n * Add missing content to installing_keepalived.rst documentation.\n Issue #778 identified that there was text missing at the end of\n the document, and that is now added.\n * Fix systemd service to start after network-online.target.\n This fix was merged downstream by RedHat in response to\n RHBZ #1413320.\n * Update INSTALL file to describe packages needed for building\n documentation.\n * INSTALL: note linux distro package that provides \u0027sphinx_rtd_theme\u0027\n * Clear /proc/sys/net/ipv6/conf/IF/disable_ipv6 when create VMACs.\n An issue was identified where keepalived was reporting permission\n denied when attempting to add an IPv6 address to a VMAC interface.\n It turned out that this was because\n /proc/sys/net/ipv6/conf/default/disable_ipv6\n was set to 1, causing IPv6 to be disables on all interfaces that\n keepalived created.\n This commit clears disable_ipv6 on any VMAC interfaces that\n keepalived creates if the vrrp instance is using IPv6.\n- remove linux-4.15.patch: does not apply anymore and not needed\n (the distros using 4.15 have moved on to keepalived 2.x)\n\n- Only Require insserv on distributions without systemd.\n- Fix systemd related requires/buildRequires\n- Do not run scriptlets that use insserv when using systemd\n\n- add linux-4.15.patch\n\nChanges in kibana:\n- Add 0001-Configurable-custom-response-headers-for-server.patch\n (bsc#1171909, CVE-2020-10743)\n\nChanges in memcached:\n- version update to 1.5.17\n * bugfixes\n fix strncpy call in stats conns to avoid ASAN violation (bsc#1149110, CVE-2019-15026)\n extstore: fix indentation\n add error handling when calling dup function\n add unlock when item_cachedump malloc failed\n extstore: emulate pread(v) for macOS\n fix off-by-one in logger to allow CAS commands to be logged.\n use strdup for explicitly configured slab sizes\n move mem_requested from slabs.c to items.c (internal cleanup)\n * new features\n add server address to the \u0027stats conns\u0027 output\n log client connection id with fetchers and mutations\n Add a handler for seccomp crashes\n- version update to 1.5.16\n * bugfixes\n When nsuffix is 0 space for flags hasn\u0027t been allocated so don\u0027t memcpy them.\n- version update to 1.5.15\n * bugfixes\n Speed up incr/decr by replacing snprintf.\n Use correct buffer size for internal URI encoding.\n change some links from http to https\n Fix small memory leak in testapp.c.\n free window_global in slab_automove_extstore.c\n remove inline_ascii_response option\n -Y [filename] for ascii authentication mode\n fix: idle-timeout wasn\u0027t compatible with binprot\n * features\n -Y [authfile] enables an authentication mode for ASCII protocol.\n- modified patches\n % memcached-autofoo.patch (refreshed)\n\n- version update to 1.5.14\n * update -h output for -I (max item size)\n * fix segfault in \u0027lru\u0027 command (bsc#1133817, CVE-2019-11596)\n * fix compile error on centos7\n * extstore: error adjusting page_size after ext_path\n * extstore: fix segfault if page_count is too high.\n * close delete + incr item survival race bug\n * memcached-tool dump fix loss of exp value\n * Fix \u0027qw\u0027 in \u0027MemcachedTest.pm\u0027 so wait_ext_flush is exported properly\n * Experimental TLS support.\n * Basic implementation of TLS for memcached.\n * Improve Get And Touch documentation\n * fix INCR/DECR refcount leak for invalid items\n- modified patches\n % memcached-autofoo.patch (refreshed)\n\n- Version bump to 1.5.11:\n * extstore: balance IO thread queues\n- Drop memcached-fix_test.patch that is present now upstream\n\n- Add patch to fix aarch64, ppc64* and s390x tests:\n * memcached-fix_test.patch\n\n- Fix linter errors regarding COPYING\n\n- update to 1.5.10:\n * disruptive change in extstore: -o ext_page_count= is deprecated\n and no longer works. To specify size: -o ext_path=/d/m/e:500G\n extstore figures out the page count based on your desired page\n size. M|G|T|P supported.\n * extstore: Add basic JBOD support: ext_path can be specified\n multiple times for striping onto simimar devices\n * fix alignment issues on some ARM platforms for chunked items\n\n- Update to 1.5.9:\n * Bugfix release.\n * Important note: if using --enable-seccomp, privilege dropping\n is no longer on by default. The feature is experimental and many\n users are reporting hard to diagnose problems on varied platforms.\n * Seccomp is now marked EXPERIMENTAL, and must be explicitly\n enabled by adding -o drop_privileges. Once we\u0027re more confident\n with the usability of the feature, it will be enabled in -o modern,\n like any other new change. You should only use it if you are\n willing to carefully test it, especially if you\u0027re a vendor or\n distribution.\n * Also important is a crash fix in extstore when using the ASCII\n protocol, large items, and running low on memory.\n\n- update to 1.5.8:\n * Bugfixes for seccomp and extstore\n * Extstore platform portability has been greatly improved for ARM\n and 32bit systems\n- includes changes from 1.5.7:\n * Fix alignment issues for 64bit ARM processors\n * Fix seccomp portability\n * Fix refcount leak with extstore while using binary touch commands\n\n- turn on the testsuite again, it seems to pass server side,\n too\n\n- Home directory shouldn\u0027t be world readable bsc#1077718\n- Mention that this stream isn\u0027t affected by bsc#1085209, \n CVE-2018-1000127 to make the checker bots happy.\n\n- update to 1.5.6 (bsc#1083903, CVE-2018-1000115):\n * This update disables UDP by default to reduce DDoS amplification\n attacks\n * see https://github.com/memcached/memcached/wiki/ReleaseNotes156\n * see https://github.com/memcached/memcached/wiki/ReleaseNotes155\n * see https://github.com/memcached/memcached/wiki/ReleaseNotes154\n * see https://github.com/memcached/memcached/wiki/ReleaseNotes153\n * see https://github.com/memcached/memcached/wiki/ReleaseNotes152\n * see https://github.com/memcached/memcached/wiki/ReleaseNotes151\n * see https://github.com/memcached/memcached/wiki/ReleaseNotes150\n\n- Replace references to /var/adm/fillup-templates with new \n %_fillupdir macro (boo#1069468)\n\nChanges in monasca-installer:\n- Add 0001-kibana:-set-x-frame-options-header.patch (bsc#1171909,\n CVE-2020-10743)\n\nChanges in openstack-dashboard-theme-SUSE:\n- Switch github URL from git@ to git:// to bypass authentication\n\nChanges in openstack-manila:\n- Add 0001-Fix-exportfs-u-usage-in-generic-driver.patch\n Backported from upstream patch https://review.opendev.org/#/c/411631/\n Related Bug (SOC-9801)\n\nChanges in openstack-neutron-fwaas:\n- Add 0050-Remove-tempest-shared-physical-network.patch (SOC-9801)\n This tempest configuration option is not present in tempest, as\n it was only added after the SOC7 release cut.\n\nChanges in openstack-nova:\n- Add 0001-live-mig-keep-disk-device-address-same.patch (bsc#1164316)\n - Fix for https://bugs.launchpad.net/nova/+bug/1715569\n\nChanges in openstack-tempest:\n\n- Add 0001-Use-available-scheduler-filters.patch\n Backported from upstream patch https://review.opendev.org/#/c/570207/\n Related Bugs: SOC-9801,SOC-11174\n\n- Add 0001-Remove-volume_feature_enabled.volume_services.patch\n Backported from upstream patch https://review.opendev.org/#/c/438220/\n Related Bug (SOC-9801)\n\n\nChanges in python-cffi:\n- Do not build python3 subpackages as C:OS:Newton does not support\n it\n\n- provide also python-cffi = 1.10.0 and 1.5.2 to avoid breaking the\n cloud 7 and 8 requirements (bsc#948198)\n\n- Update in SLE-12 (bsc#1138748, jsc#ECO-1256, jsc#PM-1598)\n\n- Add dont-corrupt-memory.patch to fix boo#1111657 (originally\n from https://bitbucket.org/cffi/cffi/commits/7a76a3815340)\n\n- build python3 subpackage (FATE#324435, FATE#323875)\n\n- Add patch cffi-loader.patch to fix bsc#1070737\n- Sort out with spec-cleaner\n\n- update to version 1.11.2:\n * Fix Windows issue with managing the thread-state on CPython 3.0 to\n 3.5\n\n- Update pytest in spec to add c directory tests in addition to \n testing directory.\n- Omit test_init_once_multithread tests as they rely on multiple\n threads finishing in a given time. Returns sporadic pass/fail\n within build.\n- Update to 1.11.1:\n * Fix tests, remove deprecated C API usage\n * Fix (hack) for 3.6.0/3.6.1/3.6.2 giving incompatible binary\n extensions (cpython issue #29943)\n * Fix for 3.7.0a1+\n\n- Update to 1.11.0:\n * Support the modern standard types char16_t and char32_t. These\n work like wchar_t: they represent one unicode character, or when\n used as charN_t * or charN_t[] they represent a unicode string.\n The difference with wchar_t is that they have a known, fixed\n size. They should work at all places that used to work with\n wchar_t (please report an issue if I missed something). Note\n that with set_source(), you need to make sure that these types\n are actually defined by the C source you provide (if used in\n cdef()).\n * Support the C99 types float _Complex and double _Complex. Note\n that libffi doesn\u2019t support them, which means that in the ABI\n mode you still cannot call C functions that take complex\n numbers directly as arguments or return type.\n * Fixed a rare race condition when creating multiple FFI instances\n from multiple threads. (Note that you aren\u2019t meant to create\n many FFI instances: in inline mode, you should write\n ffi = cffi.FFI() at module level just after import cffi; and in\n out-of-line mode you don\u2019t instantiate FFI explicitly at all.)\n * Windows: using callbacks can be messy because the CFFI internal\n error messages show up to stderr\u2014but stderr goes nowhere in many\n applications. This makes it particularly hard to get started\n with the embedding mode. (Once you get started, you can at least\n use @ffi.def_extern(onerror=...) and send the error logs where\n it makes sense for your application, or record them in log\n files, and so on.) So what is new in CFFI is that now, on\n Windows CFFI will try to open a non-modal MessageBox (in addition\n to sending raw messages to stderr). The MessageBox is only\n visible if the process stays alive: typically, console\n applications that crash close immediately, but that is also the\n situation where stderr should be visible anyway.\n * Progress on support for callbacks in NetBSD.\n * Functions returning booleans would in some case still return 0\n or 1 instead of False or True. Fixed.\n * ffi.gc() now takes an optional third parameter, which gives an\n estimate of the size (in bytes) of the object. So far, this is\n only used by PyPy, to make the next GC occur more quickly\n (issue #320). In the future, this might have an effect on\n CPython too (provided the CPython issue 31105 is addressed).\n * Add a note to the documentation: the ABI mode gives function\n objects that are slower to call than the API mode does. For\n some reason it is often thought to be faster. It is not!\n- Update to 1.10.1:\n * Fixed the line numbers reported in case of cdef() errors. Also,\n I just noticed, but pycparser always supported the preprocessor\n directive # 42 \u0027foo.h\u0027 to mean \u201cfrom the next line, we\u2019re in\n file foo.h starting from line 42\u201d, which it puts in the error\n messages. \n\n- update to 1.10.0:\n * Issue #295: use calloc() directly instead of PyObject_Malloc()+memset()\n to handle ffi.new() with a default allocator. Speeds up ffi.new(large-array)\n where most of the time you never touch most of the array.\n * Some OS/X build fixes (\u201conly with Xcode but without CLT\u201d).\n * Improve a couple of error messages: when getting mismatched versions of\n cffi and its backend; and when calling functions which cannot be called with\n libffi because an argument is a struct that is \u201ctoo complicated\u201d (and not\n a struct pointer, which always works).\n * Add support for some unusual compilers (non-msvc, non-gcc, non-icc, non-clang)\n * Implemented the remaining cases for ffi.from_buffer. Now all\n buffer/memoryview objects can be passed. The one remaining check is against\n passing unicode strings in Python 2. (They support the buffer interface, but\n that gives the raw bytes behind the UTF16/UCS4 storage, which is most of the\n times not what you expect. In Python 3 this has been fixed and the unicode\n strings don\u2019t support the memoryview interface any more.)\n * The C type _Bool or bool now converts to a Python boolean when reading,\n instead of the content of the byte as an integer. The potential\n incompatibility here is what occurs if the byte contains a value different\n from 0 and 1. Previously, it would just return it; with this change, CFFI\n raises an exception in this case. But this case means \u201cundefined behavior\u201d\n in C; if you really have to interface with a library relying on this,\n don\u2019t use bool in the CFFI side. Also, it is still valid to use a byte\n string as initializer for a bool[], but now it must only contain \\x00 or\n \\x01. As an aside, ffi.string() no longer works on bool[] (but it never made\n much sense, as this function stops at the first zero).\n * ffi.buffer is now the name of cffi\u2019s buffer type, and ffi.buffer() works\n like before but is the constructor of that type.\n * ffi.addressof(lib, \u0027name\u0027) now works also in in-line mode, not only in\n out-of-line mode. This is useful for taking the address of global variables.\n * Issue #255: cdata objects of a primitive type (integers, floats, char) are\n now compared and ordered by value. For example, \u003ccdata \u0027int\u0027 42\u003e compares\n equal to 42 and \u003ccdata \u0027char\u0027 b\u0027A\u0027\u003e compares equal to b\u0027A\u0027. Unlike C,\n \u003ccdata \u0027int\u0027 -1\u003e does not compare equal to ffi.cast(\u0027unsigned int\u0027, -1): it\n compares smaller, because -1 \u003c 4294967295.\n * PyPy: ffi.new() and ffi.new_allocator()() did not record \u201cmemory pressure\u201d,\n causing the GC to run too infrequently if you call ffi.new() very often\n and/or with large arrays. Fixed in PyPy 5.7.\n * Support in ffi.cdef() for numeric expressions with + or -. Assumes that\n there is no overflow; it should be fixed first before we add more general\n support for arbitrary arithmetic on constants.\n\n- do not generate HTML documentation for packages that are indirect\n dependencies of Sphinx\n (see docs at https://cffi.readthedocs.org/ )\n\n- update to 1.9.1\n - Structs with variable-sized arrays as their last field: now we track the\n length of the array after ffi.new() is called, just like we always tracked\n the length of ffi.new(\u0027int[]\u0027, 42). This lets us detect out-of-range\n accesses to array items. This also lets us display a better repr(), and\n have the total size returned by ffi.sizeof() and ffi.buffer(). Previously\n both functions would return a result based on the size of the declared\n structure type, with an assumed empty array. (Thanks andrew for starting\n this refactoring.)\n - Add support in cdef()/set_source() for unspecified-length arrays in\n typedefs: typedef int foo_t[...];. It was already supported for global\n variables or structure fields.\n - I turned in v1.8 a warning from cffi/model.py into an error: \u0027enum xxx\u0027 has\n no values explicitly defined: refusing to guess which integer type it is\n meant to be (unsigned/signed, int/long). Now I\u2019m turning it back to a\n warning again; it seems that guessing that the enum has size int is a\n 99%-safe bet. (But not 100%, so it stays as a warning.)\n - Fix leaks in the code handling FILE * arguments. In CPython 3 there is a\n remaining issue that is hard to fix: if you pass a Python file object to a\n FILE * argument, then os.dup() is used and the new file descriptor is only\n closed when the GC reclaims the Python file object\u2014and not at the earlier\n time when you call close(), which only closes the original file descriptor.\n If this is an issue, you should avoid this automatic convertion of Python\n file objects: instead, explicitly manipulate file descriptors and call\n fdopen() from C (...via cffi).\n - When passing a void * argument to a function with a different pointer type,\n or vice-versa, the cast occurs automatically, like in C. The same occurs\n for initialization with ffi.new() and a few other places. However, I\n thought that char * had the same property\u2014but I was mistaken. In C you get\n the usual warning if you try to give a char * to a char ** argument, for\n example. Sorry about the confusion. This has been fixed in CFFI by giving\n for now a warning, too. It will turn into an error in a future version.\n - Issue #283: fixed ffi.new() on structures/unions with nested anonymous\n structures/unions, when there is at least one union in the mix. When\n initialized with a list or a dict, it should now behave more closely like\n the { } syntax does in GCC.\n - CPython 3.x: experimental: the generated C extension modules now use the\n \u201climited API\u201d, which means that, as a compiled .so/.dll, it should work\n directly on any version of CPython \u003e= 3.2. The name produced by distutils\n is still version-specific. To get the version-independent name, you can\n rename it manually to NAME.abi3.so, or use the very recent setuptools 26.\n - Added ffi.compile(debug=...), similar to python setup.py build --debug but\n defaulting to True if we are running a debugging version of Python itself.\n - Removed the restriction that ffi.from_buffer() cannot be used on byte\n strings. Now you can get a char * out of a byte string, which is valid as\n long as the string object is kept alive. (But don\u2019t use it to modify the\n string object! If you need this, use bytearray or other official\n techniques.)\n - PyPy 5.4 can now pass a byte string directly to a char * argument (in older\n versions, a copy would be made). This used to be a CPython-only\n optimization.\n - ffi.gc(p, None) removes the destructor on an object previously created by\n another call to ffi.gc()\n - bool(ffi.cast(\u0027primitive type\u0027, x)) now returns False if the value is zero\n (including -0.0), and True otherwise. Previously this would only return\n False for cdata objects of a pointer type when the pointer is NULL.\n - bytearrays: ffi.from_buffer(bytearray-object) is now supported. (The reason\n it was not supported was that it was hard to do in PyPy, but it works since\n PyPy 5.3.) To call a C function with a char * argument from a buffer\n object\u2014now including bytearrays\u2014you write lib.foo(ffi.from_buffer(x)).\n Additionally, this is now supported: p[0:length] = bytearray-object. The\n problem with this was that a iterating over bytearrays gives numbers\n instead of characters. (Now it is implemented with just a memcpy, of\n course, not actually iterating over the characters.)\n - C++: compiling the generated C code with C++ was supposed to work, but\n failed if you make use the bool type (because that is rendered as the C\n _Bool type, which doesn\u2019t exist in C++).\n - help(lib) and help(lib.myfunc) now give useful information, as well as\n dir(p) where p is a struct or pointer-to-struct.\n- drop upstreamed python-cffi-avoid-bitshifting-negative-int.patch\n\n- update for multipython build\n\n- Add python-cffi-avoid-bitshifting-negative-int.patch to actually\n fix the \u0027negative left shift\u0027 warning by replacing bitshifting\n in appropriate places by bitwise and comparison to self; patch\n taken from upstream git. Drop cffi-1.5.2-wnoerror.patch: no\n longer required.\n\n- disable \u0027negative left shift\u0027 warning in test suite to prevent\n failures with gcc6, until upstream fixes the undefined code\n in question (boo#981848, cffi-1.5.2-wnoerror.patch)\n\n- Update to version 1.6.0:\n * ffi.list_types()\n * ffi.unpack()\n * extern \u201cPython+C\u201d\n * in API mode, lib.foo.__doc__ contains the C signature now.\n * Yet another attempt at robustness of ffi.def_extern() against\n CPython\u2019s interpreter shutdown logic.\n\nChanges in python-pylons-sphinx-themes:\n\n- moved LICENSE.txt to docs to match old structure\n\n- specfile:\n * update copyright year\n- update to version 1.0.11:\n * Fix the width of linenos table column when used in code-blocks.\n\n- Replace %fdupes -s with plain %fdupes; hardlinks are better.\n\n- Update to version 1.0.10 (2018-09-25)\n + Add Read the Docs to the recipients of ad revenue.\n- Update to version 1.0.9 (2018-09-23)\n + Remove hyphenation because it sometimes hyphenates\n inappropriately, such as in code.\n- Update to version 1.0.8 (2018-09-21)\n + Fix support for Ethical Ads.\n- Update to version 1.0.7 (2018-09-21)\n + Added support for Ethical Ads for Read The Docs.\n See https://github.com/Pylons/pylons-sphinx-themes/pull/12\n\n- Remove superfluous devel dependency for noarch package\n\n- Update to version 1.0.6\n * Update zest.releaser in order to release to PyPI.\n- Update to version 1.0.5\n * Clean up licensing\n https://github.com/Pylons/pylons-sphinx-themes/issues/8\n\n- Provide/obsolete old pylons_sphinx_theme\n\n- Update to version 1.0.4\n * Specify line spacing for list items for only within the\n .body class.\n version 1.0.3\n * Add line spacing for list items. Closes #4.\n version 1.0.2:\n * Remove HTTPS protocol to allow either HTTPS or HTTP.\n version 1.0.1:\n * Use HTTPS for protocol of stylesheets.\n version 1.0:\n * Use zest.releaser for releasing.\n * Improve documentation.\n- Converted to single-spec\n\n- version 0.3.1: initial build\n\nChanges in python-Django:\n- Fix merge artifact in CVE-2020-13596.patch\n\n- Add CVE-2019-19844.patch (bsc#1159447, CVE-2019-19844)\n * Fix Potential account hijack via password reset form\n\n- Security fixes (bsc#1172167, bsc#1172166, CVE-2020-13254, CVE-2020-13596)\n * Added patch CVE-2020-13254.patch\n * Added patch CVE-2020-13596.patch\n\n- Set _defaultlicensedir \n\n- Fix for SG#56542, bsc#1161349:\n * Fixed CVE-2019-3498-Fixed-content-spoof.patch\n\n- Fix for SG#56542, bsc#1161349:\n * Fixed CVE-2019-3498-Fixed-content-spoof.patch\n (There was a bug in this .patch file; some code had been\n accidentally included in the backport, and this stopped the 404\n page from loading. See commit message and bug report for more\n information)\n\nChanges in python-Pillow:\n- Remove decompression_bomb.gif and relevant test case to avoid\n ClamAV scan alerts during build\n\n- Add 0008-Corrected-negative-seeks.patch\n * From upstream, backported\n * Fixes part of CVE-2019-16865, bsc#1153191\n- Add 0009-Make-Image.crop-an-immediate-operation.patch\n * From upstream, backported\n * Fixes https://github.com/python-pillow/Pillow/issues/1077\n * Used by 0012-Added-decompression-bomb-checks.patch\n- Add 0010-Crop-decompression.patch\n * From upstream, backported\n * Fixes https://github.com/python-pillow/Pillow/issues/2402\n * Used by 0012-Added-decompression-bomb-checks.patch\n- Add 0011-Added-DecompressionBombError.patch\n * From upstream, backported\n * Adds DecompressionBombError class\n * Used by 0012-Added-decompression-bomb-checks.patch\n- Add 0012-Added-decompression-bomb-checks.patch\n * From upstream, backported\n * Fixes part of CVE-2019-16865, bsc#1153191\n- Add 0013-Raise-error-if-dimension-is-a-string.patch\n * From upstream, backported\n * Fixes part of CVE-2019-16865, bsc#1153191\n- Add 0014-Catch-buffer-overruns.patch\n * From upstream, backported\n * Fixes part of CVE-2019-16865, bsc#1153191\n- Add 0015-Catch-PCX-P-mode-buffer-overrun.patch\n * From upstream, backported\n * Fixes CVE-2020-5312, bsc#1160152\n- Add 0016-Ensure-previous-FLI-frame-is-loaded.patch\n * From upstream, backported\n * Fixes https://github.com/python-pillow/Pillow/issues/2649\n * Uncovers CVE-2020-5313, bsc#1160153\n- Add 0017-Catch-FLI-buffer-overrun.patch\n * From upstream, backported\n * Fixes CVE-2020-5313, bsc#1160153\n- Add 018-Invalid-number-of-bands-in-FPX-image.patch\n * From upstream, backported\n * Fixes CVE-2019-19911, bsc#1160192\n\nChanges in python-psql2mysql:\n- Update to version 0.5.0+git.1589351878.4ef877c:\n * Do not fail on instance_info length, it is expected to be LONGTEXT\n\n- Update to version 0.5.0+git.1582192453.98e9561:\n * Neutron drivers use own naming for alembic migrations, e.g. cisco_alembic_version, aci_alembic_version, etc depending on driver.\n\nChanges in python-psutil:\n- Add bsc1156525-CVE-2019-18874.patch (bsc#1156525, CVE-2019-18874)\n\nChanges in python-py:\n- update to version 1.5.2\n-----------------------------------------------------------------\n- update to version 1.4.33\n\nChanges in python-py:\n- update to version 1.5.2:\n * fix #169, #170: error importing py.log on Windows: no module named\n \u0027syslog\u0027.\n- changes from version 1.5.1:\n * fix #167 - prevent pip from installing py in unsupported Python\n versions.\n- changes from version 1.5.0:\n * python 2.6 and 3.3 are no longer supported\n * deprecate py.std and remove all internal uses\n * fix #73 turn py.error into an actual module\n * path join to / no longer produces leading double slashes\n * fix #82 - remove unsupportable aliases\n * fix python37 compatibility of path.sysfind on windows by correctly\n replacing vars\n * turn iniconfig and apipkg into vendored packages and ease\n de-vendoring for distributions\n * fix #68 remove invalid py.test.ensuretemp references\n * fix #25 - deprecate path.listdir(sort=callable)\n * add TerminalWriter.chars_on_current_line read-only property that\n tracks how many characters have been written to the current line.\n- changes from version 1.4.34\n * fix issue119 / pytest issue708 where tmpdir may fail to make\n numbered directories when the filesystem is case-insensitive.\n\n- update to version 1.4.33:\n * avoid imports in calls to py.path.local().fnmatch(). Thanks\n Andreas Pelme for the PR.\n * fix issue106: Naive unicode encoding when calling fspath() in\n python2. Thanks Tiago Nobrega for the PR.\n * fix issue110: unittest.TestCase.assertWarns fails with py\n imported.\n- changes from version 1.4.32\n * fix issue70: aded ability to copy all stat info in\n py.path.local.copy.\n * make TerminalWriter.fullwidth a property. This results in the\n correct value when the terminal gets resized.\n * update supported html tags to include recent additions.\n Thanks Denis Afonso for the PR.\n * Remove internal code in ``Source.compile`` meant to support\n earlier Python 3 versions that produced the side effect\n of leaving ``None`` in ``sys.modules`` when called (see\n pytest-dev/pytest#2103). Thanks Bruno Oliveira for the PR.\n\nChanges in python-pysaml2:\n- Add 0001-Always-generate-a-random-IV-for-AES-operations.patch\n (CVE-2017-1000246, bsc#1068612)\n\n- Add 0001-Fix-XML-Signature-Wrapping-XSW-vulnerabilities.patch\n (CVE-2020-5390, bsc#1160851)\n\nChanges in python-waitress:\n- update to 1.4.3 to include fixes for:\n * CVE-2019-16785 / bsc#1161088\n * CVE-2019-16786 / bsc#1161089\n * CVE-2019-16789 / bsc#1160790\n * CVE-2019-16792 / bsc#1161670\n\n- moved LICENSE.txt to docs to match old structure \n\n- make sure UTF8 locale is used when runnning tests\n * Sometimes functional tests executed in python3 failed if stdout was not\n set to UTF-8. The error message was:\n ValueError: underlying buffer has been detached\n\n- %python3_only -\u003e %python_alternative\n\n- update to 1.4.3\n * Waitress did not properly validate that the HTTP headers it received \n were properly formed, thereby potentially allowing a front-end server \n to treat a request different from Waitress. This could lead to HTTP \n request smuggling/splitting.\n- drop patch local-intersphinx-inventories.patch\n * it was commented out, anyway\n\n- update to 1.4.0:\n - Waitress used to slam the door shut on HTTP pipelined requests without\n setting the ``Connection: close`` header as appropriate in the response. This\n is of course not very friendly. Waitress now explicitly sets the header when\n responding with an internally generated error such as 400 Bad Request or 500\n Internal Server Error to notify the remote client that it will be closing the\n connection after the response is sent.\n - Waitress no longer allows any spaces to exist between the header field-name\n and the colon. While waitress did not strip the space and thereby was not\n vulnerable to any potential header field-name confusion, it should have sent\n back a 400 Bad Request. See https://github.com/Pylons/waitress/issues/273\n - CRLR handling Security fixes\n\n- update to 1.3.1\n * Waitress won\u2019t accidentally throw away part of the path if it \n starts with a double slash\n\n- version update to 1.3.0\n Deprecations\n ~~~~~~~~~~~~\n - The ``send_bytes`` adjustment now defaults to ``1`` and is deprecated\n pending removal in a future release.\n and https://github.com/Pylons/waitress/pull/246\n Features\n ~~~~~~~~\n - Add a new ``outbuf_high_watermark`` adjustment which is used to apply\n backpressure on the ``app_iter`` to avoid letting it spin faster than data\n can be written to the socket. This stabilizes responses that iterate quickly\n with a lot of data.\n See https://github.com/Pylons/waitress/pull/242\n - Stop early and close the ``app_iter`` when attempting to write to a closed\n socket due to a client disconnect. This should notify a long-lived streaming\n response when a client hangs up.\n See https://github.com/Pylons/waitress/pull/238\n and https://github.com/Pylons/waitress/pull/240\n and https://github.com/Pylons/waitress/pull/241\n - Adjust the flush to output ``SO_SNDBUF`` bytes instead of whatever was\n set in the ``send_bytes`` adjustment. ``send_bytes`` now only controls how\n much waitress will buffer internally before flushing to the kernel, whereas\n previously it used to also throttle how much data was sent to the kernel.\n This change enables a streaming ``app_iter`` containing small chunks to\n still be flushed efficiently.\n See https://github.com/Pylons/waitress/pull/246\n Bugfixes\n ~~~~~~~~\n - Upon receiving a request that does not include HTTP/1.0 or HTTP/1.1 we will\n no longer set the version to the string value \u0027None\u0027. See\n https://github.com/Pylons/waitress/pull/252 and\n https://github.com/Pylons/waitress/issues/110\n - When a client closes a socket unexpectedly there was potential for memory\n leaks in which data was written to the buffers after they were closed,\n causing them to reopen.\n See https://github.com/Pylons/waitress/pull/239\n - Fix the queue depth warnings to only show when all threads are busy.\n See https://github.com/Pylons/waitress/pull/243\n and https://github.com/Pylons/waitress/pull/247\n - Trigger the ``app_iter`` to close as part of shutdown. This will only be\n noticeable for users of the internal server api. In more typical operations\n the server will die before benefiting from these changes.\n See https://github.com/Pylons/waitress/pull/245\n - Fix a bug in which a streaming ``app_iter`` may never cleanup data that has\n already been sent. This would cause buffers in waitress to grow without\n bounds. These buffers now properly rotate and release their data.\n See https://github.com/Pylons/waitress/pull/242\n - Fix a bug in which non-seekable subclasses of ``io.IOBase`` would trigger\n an exception when passed to the ``wsgi.file_wrapper`` callback.\n See https://github.com/Pylons/waitress/pull/249\n\n- Trim marketing wording and other platform mentions.\n\n- Add fetch-intersphinx-inventories.sh to sources\n- Add local-intersphinx-inventories.patch for generating the docs\n correctly\n\n- update to version 1.2.1:\n too many changes to list here, see:\n https://github.com/Pylons/waitress/blob/master/CHANGES.txt\n or even:\n https://github.com/Pylons/waitress/commits/master\n\n- Remove superfluous devel dependency for noarch package\n\n- update to version 1.1.0:\n * Features\n + Waitress now has a __main__ and thus may be called with \u0027python\n -mwaitress\u0027\n * Bugfixes\n + Waitress no longer allows lowercase HTTP verbs. This change was\n made to fall in line with most HTTP servers. See\n https://github.com/Pylons/waitress/pull/170\n + When receiving non-ascii bytes in the request URL, waitress will\n no longer abruptly close the connection, instead returning a 400\n Bad Request. See https://github.com/Pylons/waitress/pull/162 and\n https://github.com/Pylons/waitress/issues/64\n\n- Update to 1.0.2\n * Python 3.6 is now officially supported in Waitress\n * Add a work-around for libc issue on Linux not following the\n documented standards. If getnameinfo() fails because of DNS not\n being available it should return the IP address instead of the\n reverse DNS entry, however instead getnameinfo() raises. We\n catch this, and ask getnameinfo() for the same information\n again, explicitly asking for IP address instead of reverse\n DNS hostname.\n- Implement single-spec version.\n- Fix source URL.\n\n- update to 1.0.1:\n - IPv6 support on Windows was broken due to missing constants in the socket\n module. This has been resolved by setting the constants on Windows if they\n are missing. See https://github.com/Pylons/waitress/issues/138\n - A ValueError was raised on Windows when passing a string for the port, on\n Windows in Python 2 using service names instead of port numbers doesn\u0027t work\n with `getaddrinfo`. This has been resolved by attempting to convert the port\n number to an integer, if that fails a ValueError will be raised. See\n https://github.com/Pylons/waitress/issues/139\n - Removed `AI_ADDRCONFIG` from the call to `getaddrinfo`, this resolves an\n issue whereby `getaddrinfo` wouldn\u0027t return any addresses to `bind` to on\n hosts where there is no internet connection but localhost is requested to be\n bound to. See https://github.com/Pylons/waitress/issues/131 for more\n information.\n- disable tests. need network access.\n\nChanges in rabbitmq-server:\n- Apply patches to resolve CVE-2017-4967,CVE-2017-4965 (bsc#1037777)\n 0001-Escape-HTML-tags-in-policy-definition-fields.patch\n 0002-Don-t-echo-provided-encoding-value-back.patch\n 0003-Strip-off-pids-and-format-consumer-details-for-2-end.patch\n 0004-Format-Web-contexts.patch\n\nChanges in release-notes-suse-openstack-cloud:\n- Switch github URL from git@ to https:// to bypass authentication \n\nChanges in rubygem-activeresource:\n- Add bsc#1171560-CVE-2020-8151-encode-id-param.patch\n Prevent possible information disclosure issue that could allow\n an attacker to create specially crafted requests to access data\n in an unexpected way (bsc#1171560 CVE-2020-8151)) \n\nChanges in rubygem-crowbar-client:\n- Update to 3.9.2\n - Enable SES commands in Cloud8 (SOC-11122)\n\nChanges in rubygem-json-1_7:\n- Add CVE-2020-10663.patch (CVE-2020-10663, bsc#1167244)\n\nChanges in rubygem-puma:\n- Fix indentation in gem2rpm.yml \n\n- Add CVE-2020-11077.patch (bsc#1172175, CVE-2020-11077)\n- Add chunked-request-handling.patch (needed for CVE-2020-11076.patch)\n- Add CVE-2020-11076.patch (bsc#1172176, CVE-2020-11076)\n- Add all patches to gem2rpm.yml\n\n- Add CVE-2020-5247.patch (bsc#1165402)\n \u0027Fixes a problem where we were not splitting newlines in headers\n according to Rack spec\u0027\n The patch is reduced compared to the upstream version, which was\n patching also the parts that are not implemented in our old Puma\n version. This applies to unit test as well.\n\nChanges in zookeeper:\n- Apply 0002-Apply-patch-to-resolve-CVE-2019-0201.patch\n This applies the patch for ZOOKEEPER-1392 to resolve CVE-2019-0201\n Should not allow to read ACL when not authorized to read node \n (bsc#1135773)\n\n- Various cleanups in spec file\n\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2020-2072,SUSE-OpenStack-Cloud-7-2020-2072",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-ru-2020_2072-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-RU-2020:2072-1",
"url": "https://www.suse.com/support/update/announcement//suse-ru-20202072-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-RU-2020:2072-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2020-July/015563.html"
},
{
"category": "self",
"summary": "SUSE Bug 1037777",
"url": "https://bugzilla.suse.com/1037777"
},
{
"category": "self",
"summary": "SUSE Bug 1068612",
"url": "https://bugzilla.suse.com/1068612"
},
{
"category": "self",
"summary": "SUSE Bug 1069468",
"url": "https://bugzilla.suse.com/1069468"
},
{
"category": "self",
"summary": "SUSE Bug 1070737",
"url": "https://bugzilla.suse.com/1070737"
},
{
"category": "self",
"summary": "SUSE Bug 1077718",
"url": "https://bugzilla.suse.com/1077718"
},
{
"category": "self",
"summary": "SUSE Bug 1083903",
"url": "https://bugzilla.suse.com/1083903"
},
{
"category": "self",
"summary": "SUSE Bug 1111657",
"url": "https://bugzilla.suse.com/1111657"
},
{
"category": "self",
"summary": "SUSE Bug 1126503",
"url": "https://bugzilla.suse.com/1126503"
},
{
"category": "self",
"summary": "SUSE Bug 1133817",
"url": "https://bugzilla.suse.com/1133817"
},
{
"category": "self",
"summary": "SUSE Bug 1135773",
"url": "https://bugzilla.suse.com/1135773"
},
{
"category": "self",
"summary": "SUSE Bug 1138748",
"url": "https://bugzilla.suse.com/1138748"
},
{
"category": "self",
"summary": "SUSE Bug 1148383",
"url": "https://bugzilla.suse.com/1148383"
},
{
"category": "self",
"summary": "SUSE Bug 1149110",
"url": "https://bugzilla.suse.com/1149110"
},
{
"category": "self",
"summary": "SUSE Bug 1149535",
"url": "https://bugzilla.suse.com/1149535"
},
{
"category": "self",
"summary": "SUSE Bug 1153191",
"url": "https://bugzilla.suse.com/1153191"
},
{
"category": "self",
"summary": "SUSE Bug 1156525",
"url": "https://bugzilla.suse.com/1156525"
},
{
"category": "self",
"summary": "SUSE Bug 1159447",
"url": "https://bugzilla.suse.com/1159447"
},
{
"category": "self",
"summary": "SUSE Bug 1160152",
"url": "https://bugzilla.suse.com/1160152"
},
{
"category": "self",
"summary": "SUSE Bug 1160153",
"url": "https://bugzilla.suse.com/1160153"
},
{
"category": "self",
"summary": "SUSE Bug 1160192",
"url": "https://bugzilla.suse.com/1160192"
},
{
"category": "self",
"summary": "SUSE Bug 1160790",
"url": "https://bugzilla.suse.com/1160790"
},
{
"category": "self",
"summary": "SUSE Bug 1160851",
"url": "https://bugzilla.suse.com/1160851"
},
{
"category": "self",
"summary": "SUSE Bug 1161088",
"url": "https://bugzilla.suse.com/1161088"
},
{
"category": "self",
"summary": "SUSE Bug 1161089",
"url": "https://bugzilla.suse.com/1161089"
},
{
"category": "self",
"summary": "SUSE Bug 1161349",
"url": "https://bugzilla.suse.com/1161349"
},
{
"category": "self",
"summary": "SUSE Bug 1161670",
"url": "https://bugzilla.suse.com/1161670"
},
{
"category": "self",
"summary": "SUSE Bug 1164316",
"url": "https://bugzilla.suse.com/1164316"
},
{
"category": "self",
"summary": "SUSE Bug 1165402",
"url": "https://bugzilla.suse.com/1165402"
},
{
"category": "self",
"summary": "SUSE Bug 1167244",
"url": "https://bugzilla.suse.com/1167244"
},
{
"category": "self",
"summary": "SUSE Bug 1170657",
"url": "https://bugzilla.suse.com/1170657"
},
{
"category": "self",
"summary": "SUSE Bug 1171560",
"url": "https://bugzilla.suse.com/1171560"
},
{
"category": "self",
"summary": "SUSE Bug 1171909",
"url": "https://bugzilla.suse.com/1171909"
},
{
"category": "self",
"summary": "SUSE Bug 1172166",
"url": "https://bugzilla.suse.com/1172166"
},
{
"category": "self",
"summary": "SUSE Bug 1172167",
"url": "https://bugzilla.suse.com/1172167"
},
{
"category": "self",
"summary": "SUSE Bug 1172175",
"url": "https://bugzilla.suse.com/1172175"
},
{
"category": "self",
"summary": "SUSE Bug 1172176",
"url": "https://bugzilla.suse.com/1172176"
},
{
"category": "self",
"summary": "SUSE Bug 1172409",
"url": "https://bugzilla.suse.com/1172409"
},
{
"category": "self",
"summary": "SUSE Bug 948198",
"url": "https://bugzilla.suse.com/948198"
},
{
"category": "self",
"summary": "SUSE Bug 981848",
"url": "https://bugzilla.suse.com/981848"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-1000246 page",
"url": "https://www.suse.com/security/cve/CVE-2017-1000246/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-4965 page",
"url": "https://www.suse.com/security/cve/CVE-2017-4965/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-4967 page",
"url": "https://www.suse.com/security/cve/CVE-2017-4967/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-1000115 page",
"url": "https://www.suse.com/security/cve/CVE-2018-1000115/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-0201 page",
"url": "https://www.suse.com/security/cve/CVE-2019-0201/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-11596 page",
"url": "https://www.suse.com/security/cve/CVE-2019-11596/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-15026 page",
"url": "https://www.suse.com/security/cve/CVE-2019-15026/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-15043 page",
"url": "https://www.suse.com/security/cve/CVE-2019-15043/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-16785 page",
"url": "https://www.suse.com/security/cve/CVE-2019-16785/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-16786 page",
"url": "https://www.suse.com/security/cve/CVE-2019-16786/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-16789 page",
"url": "https://www.suse.com/security/cve/CVE-2019-16789/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-16792 page",
"url": "https://www.suse.com/security/cve/CVE-2019-16792/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-16865 page",
"url": "https://www.suse.com/security/cve/CVE-2019-16865/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-18874 page",
"url": "https://www.suse.com/security/cve/CVE-2019-18874/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-19844 page",
"url": "https://www.suse.com/security/cve/CVE-2019-19844/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-19911 page",
"url": "https://www.suse.com/security/cve/CVE-2019-19911/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-3498 page",
"url": "https://www.suse.com/security/cve/CVE-2019-3498/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-3828 page",
"url": "https://www.suse.com/security/cve/CVE-2019-3828/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-10663 page",
"url": "https://www.suse.com/security/cve/CVE-2020-10663/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-10743 page",
"url": "https://www.suse.com/security/cve/CVE-2020-10743/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-11076 page",
"url": "https://www.suse.com/security/cve/CVE-2020-11076/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-11077 page",
"url": "https://www.suse.com/security/cve/CVE-2020-11077/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-12052 page",
"url": "https://www.suse.com/security/cve/CVE-2020-12052/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-13254 page",
"url": "https://www.suse.com/security/cve/CVE-2020-13254/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-13379 page",
"url": "https://www.suse.com/security/cve/CVE-2020-13379/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-13596 page",
"url": "https://www.suse.com/security/cve/CVE-2020-13596/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-5247 page",
"url": "https://www.suse.com/security/cve/CVE-2020-5247/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-5312 page",
"url": "https://www.suse.com/security/cve/CVE-2020-5312/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-5313 page",
"url": "https://www.suse.com/security/cve/CVE-2020-5313/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-5390 page",
"url": "https://www.suse.com/security/cve/CVE-2020-5390/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-8151 page",
"url": "https://www.suse.com/security/cve/CVE-2020-8151/"
}
],
"title": "Security update for ansible, crowbar-core, crowbar-ha, crowbar-openstack, etcd, flannel, grafana, keepalived, kibana, memcached, monasca-installer, openstack-dashboard-theme-SUSE, openstack-manila, openstack-neutron-fwaas, openstack-nova, openstack-tempest, python-Django, python-Pillow, python-psql2mysql, python-psutil, python-py, python-pysaml2, python-waitress, rabbitmq-server, release-notes-suse-openstack-cloud, zookeeper",
"tracking": {
"current_release_date": "2020-07-29T14:31:35Z",
"generator": {
"date": "2020-07-29T14:31:35Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-RU-2020:2072-1",
"initial_release_date": "2020-07-29T14:31:35Z",
"revision_history": [
{
"date": "2020-07-29T14:31:35Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.aarch64",
"product": {
"name": "crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.aarch64",
"product_id": "crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.aarch64"
}
},
{
"category": "product_version",
"name": "crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.aarch64",
"product": {
"name": "crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.aarch64",
"product_id": "crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.aarch64"
}
},
{
"category": "product_version",
"name": "crowbar-core-devel-4.0+git.1580209654.1d112d31f-9.66.5.aarch64",
"product": {
"name": "crowbar-core-devel-4.0+git.1580209654.1d112d31f-9.66.5.aarch64",
"product_id": "crowbar-core-devel-4.0+git.1580209654.1d112d31f-9.66.5.aarch64"
}
},
{
"category": "product_version",
"name": "erlang-rabbitmq-client-3.4.4-3.16.1.aarch64",
"product": {
"name": "erlang-rabbitmq-client-3.4.4-3.16.1.aarch64",
"product_id": "erlang-rabbitmq-client-3.4.4-3.16.1.aarch64"
}
},
{
"category": "product_version",
"name": "grafana-4.6.5-1.14.1.aarch64",
"product": {
"name": "grafana-4.6.5-1.14.1.aarch64",
"product_id": "grafana-4.6.5-1.14.1.aarch64"
}
},
{
"category": "product_version",
"name": "keepalived-2.0.19-1.8.1.aarch64",
"product": {
"name": "keepalived-2.0.19-1.8.1.aarch64",
"product_id": "keepalived-2.0.19-1.8.1.aarch64"
}
},
{
"category": "product_version",
"name": "kibana-4.6.3-5.1.aarch64",
"product": {
"name": "kibana-4.6.3-5.1.aarch64",
"product_id": "kibana-4.6.3-5.1.aarch64"
}
},
{
"category": "product_version",
"name": "libzookeeper2-3.4.10-6.1.aarch64",
"product": {
"name": "libzookeeper2-3.4.10-6.1.aarch64",
"product_id": "libzookeeper2-3.4.10-6.1.aarch64"
}
},
{
"category": "product_version",
"name": "libzookeeper2-devel-3.4.10-6.1.aarch64",
"product": {
"name": "libzookeeper2-devel-3.4.10-6.1.aarch64",
"product_id": "libzookeeper2-devel-3.4.10-6.1.aarch64"
}
},
{
"category": "product_version",
"name": "memcached-1.5.17-3.6.1.aarch64",
"product": {
"name": "memcached-1.5.17-3.6.1.aarch64",
"product_id": "memcached-1.5.17-3.6.1.aarch64"
}
},
{
"category": "product_version",
"name": "memcached-devel-1.5.17-3.6.1.aarch64",
"product": {
"name": "memcached-devel-1.5.17-3.6.1.aarch64",
"product_id": "memcached-devel-1.5.17-3.6.1.aarch64"
}
},
{
"category": "product_version",
"name": "python-Pillow-2.8.1-4.12.1.aarch64",
"product": {
"name": "python-Pillow-2.8.1-4.12.1.aarch64",
"product_id": "python-Pillow-2.8.1-4.12.1.aarch64"
}
},
{
"category": "product_version",
"name": "python-Pillow-tk-2.8.1-4.12.1.aarch64",
"product": {
"name": "python-Pillow-tk-2.8.1-4.12.1.aarch64",
"product_id": "python-Pillow-tk-2.8.1-4.12.1.aarch64"
}
},
{
"category": "product_version",
"name": "python-psutil-1.2.1-21.1.aarch64",
"product": {
"name": "python-psutil-1.2.1-21.1.aarch64",
"product_id": "python-psutil-1.2.1-21.1.aarch64"
}
},
{
"category": "product_version",
"name": "python3-psutil-1.2.1-21.1.aarch64",
"product": {
"name": "python3-psutil-1.2.1-21.1.aarch64",
"product_id": "python3-psutil-1.2.1-21.1.aarch64"
}
},
{
"category": "product_version",
"name": "rabbitmq-server-3.4.4-3.16.1.aarch64",
"product": {
"name": "rabbitmq-server-3.4.4-3.16.1.aarch64",
"product_id": "rabbitmq-server-3.4.4-3.16.1.aarch64"
}
},
{
"category": "product_version",
"name": "rabbitmq-server-plugins-3.4.4-3.16.1.aarch64",
"product": {
"name": "rabbitmq-server-plugins-3.4.4-3.16.1.aarch64",
"product_id": "rabbitmq-server-plugins-3.4.4-3.16.1.aarch64"
}
},
{
"category": "product_version",
"name": "ruby2.1-rubygem-activeresource-4.0.0-3.3.1.aarch64",
"product": {
"name": "ruby2.1-rubygem-activeresource-4.0.0-3.3.1.aarch64",
"product_id": "ruby2.1-rubygem-activeresource-4.0.0-3.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "ruby2.1-rubygem-activeresource-doc-4.0.0-3.3.1.aarch64",
"product": {
"name": "ruby2.1-rubygem-activeresource-doc-4.0.0-3.3.1.aarch64",
"product_id": "ruby2.1-rubygem-activeresource-doc-4.0.0-3.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.aarch64",
"product": {
"name": "ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.aarch64",
"product_id": "ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.aarch64"
}
},
{
"category": "product_version",
"name": "ruby2.1-rubygem-crowbar-client-doc-3.9.2-7.20.1.aarch64",
"product": {
"name": "ruby2.1-rubygem-crowbar-client-doc-3.9.2-7.20.1.aarch64",
"product_id": "ruby2.1-rubygem-crowbar-client-doc-3.9.2-7.20.1.aarch64"
}
},
{
"category": "product_version",
"name": "ruby2.1-rubygem-crowbar-client-testsuite-3.9.2-7.20.1.aarch64",
"product": {
"name": "ruby2.1-rubygem-crowbar-client-testsuite-3.9.2-7.20.1.aarch64",
"product_id": "ruby2.1-rubygem-crowbar-client-testsuite-3.9.2-7.20.1.aarch64"
}
},
{
"category": "product_version",
"name": "ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.aarch64",
"product": {
"name": "ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.aarch64",
"product_id": "ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "ruby2.1-rubygem-puma-2.16.0-4.6.1.aarch64",
"product": {
"name": "ruby2.1-rubygem-puma-2.16.0-4.6.1.aarch64",
"product_id": "ruby2.1-rubygem-puma-2.16.0-4.6.1.aarch64"
}
},
{
"category": "product_version",
"name": "ruby2.1-rubygem-puma-doc-2.16.0-4.6.1.aarch64",
"product": {
"name": "ruby2.1-rubygem-puma-doc-2.16.0-4.6.1.aarch64",
"product_id": "ruby2.1-rubygem-puma-doc-2.16.0-4.6.1.aarch64"
}
},
{
"category": "product_version",
"name": "zookeeper-client-3.4.10-6.1.aarch64",
"product": {
"name": "zookeeper-client-3.4.10-6.1.aarch64",
"product_id": "zookeeper-client-3.4.10-6.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "ansible-2.2.3.0-12.2.noarch",
"product": {
"name": "ansible-2.2.3.0-12.2.noarch",
"product_id": "ansible-2.2.3.0-12.2.noarch"
}
},
{
"category": "product_version",
"name": "crowbar-ha-4.0+git.1585316203.d6ad2c8-4.52.4.noarch",
"product": {
"name": "crowbar-ha-4.0+git.1585316203.d6ad2c8-4.52.4.noarch",
"product_id": "crowbar-ha-4.0+git.1585316203.d6ad2c8-4.52.4.noarch"
}
},
{
"category": "product_version",
"name": "crowbar-openstack-4.0+git.1589804581.9972163f0-9.71.4.noarch",
"product": {
"name": "crowbar-openstack-4.0+git.1589804581.9972163f0-9.71.4.noarch",
"product_id": "crowbar-openstack-4.0+git.1589804581.9972163f0-9.71.4.noarch"
}
},
{
"category": "product_version",
"name": "monasca-installer-20180608_12.47-12.1.noarch",
"product": {
"name": "monasca-installer-20180608_12.47-12.1.noarch",
"product_id": "monasca-installer-20180608_12.47-12.1.noarch"
}
},
{
"category": "product_version",
"name": "openstack-dashboard-theme-SUSE-2016.2-5.12.4.noarch",
"product": {
"name": "openstack-dashboard-theme-SUSE-2016.2-5.12.4.noarch",
"product_id": "openstack-dashboard-theme-SUSE-2016.2-5.12.4.noarch"
}
},
{
"category": "product_version",
"name": "openstack-manila-3.0.1~dev30-4.12.2.noarch",
"product": {
"name": "openstack-manila-3.0.1~dev30-4.12.2.noarch",
"product_id": "openstack-manila-3.0.1~dev30-4.12.2.noarch"
}
},
{
"category": "product_version",
"name": "openstack-manila-api-3.0.1~dev30-4.12.2.noarch",
"product": {
"name": "openstack-manila-api-3.0.1~dev30-4.12.2.noarch",
"product_id": "openstack-manila-api-3.0.1~dev30-4.12.2.noarch"
}
},
{
"category": "product_version",
"name": "openstack-manila-data-3.0.1~dev30-4.12.2.noarch",
"product": {
"name": "openstack-manila-data-3.0.1~dev30-4.12.2.noarch",
"product_id": "openstack-manila-data-3.0.1~dev30-4.12.2.noarch"
}
},
{
"category": "product_version",
"name": "openstack-manila-doc-3.0.1~dev30-4.12.3.noarch",
"product": {
"name": "openstack-manila-doc-3.0.1~dev30-4.12.3.noarch",
"product_id": "openstack-manila-doc-3.0.1~dev30-4.12.3.noarch"
}
},
{
"category": "product_version",
"name": "openstack-manila-scheduler-3.0.1~dev30-4.12.2.noarch",
"product": {
"name": "openstack-manila-scheduler-3.0.1~dev30-4.12.2.noarch",
"product_id": "openstack-manila-scheduler-3.0.1~dev30-4.12.2.noarch"
}
},
{
"category": "product_version",
"name": "openstack-manila-share-3.0.1~dev30-4.12.2.noarch",
"product": {
"name": "openstack-manila-share-3.0.1~dev30-4.12.2.noarch",
"product_id": "openstack-manila-share-3.0.1~dev30-4.12.2.noarch"
}
},
{
"category": "product_version",
"name": "openstack-manila-test-3.0.1~dev30-4.12.2.noarch",
"product": {
"name": "openstack-manila-test-3.0.1~dev30-4.12.2.noarch",
"product_id": "openstack-manila-test-3.0.1~dev30-4.12.2.noarch"
}
},
{
"category": "product_version",
"name": "openstack-neutron-fwaas-9.0.2~dev5-4.9.3.noarch",
"product": {
"name": "openstack-neutron-fwaas-9.0.2~dev5-4.9.3.noarch",
"product_id": "openstack-neutron-fwaas-9.0.2~dev5-4.9.3.noarch"
}
},
{
"category": "product_version",
"name": "openstack-neutron-fwaas-doc-9.0.2~dev5-4.9.4.noarch",
"product": {
"name": "openstack-neutron-fwaas-doc-9.0.2~dev5-4.9.4.noarch",
"product_id": "openstack-neutron-fwaas-doc-9.0.2~dev5-4.9.4.noarch"
}
},
{
"category": "product_version",
"name": "openstack-neutron-fwaas-test-9.0.2~dev5-4.9.3.noarch",
"product": {
"name": "openstack-neutron-fwaas-test-9.0.2~dev5-4.9.3.noarch",
"product_id": "openstack-neutron-fwaas-test-9.0.2~dev5-4.9.3.noarch"
}
},
{
"category": "product_version",
"name": "openstack-nova-14.0.11~dev13-4.40.2.noarch",
"product": {
"name": "openstack-nova-14.0.11~dev13-4.40.2.noarch",
"product_id": "openstack-nova-14.0.11~dev13-4.40.2.noarch"
}
},
{
"category": "product_version",
"name": "openstack-nova-api-14.0.11~dev13-4.40.2.noarch",
"product": {
"name": "openstack-nova-api-14.0.11~dev13-4.40.2.noarch",
"product_id": "openstack-nova-api-14.0.11~dev13-4.40.2.noarch"
}
},
{
"category": "product_version",
"name": "openstack-nova-cells-14.0.11~dev13-4.40.2.noarch",
"product": {
"name": "openstack-nova-cells-14.0.11~dev13-4.40.2.noarch",
"product_id": "openstack-nova-cells-14.0.11~dev13-4.40.2.noarch"
}
},
{
"category": "product_version",
"name": "openstack-nova-cert-14.0.11~dev13-4.40.2.noarch",
"product": {
"name": "openstack-nova-cert-14.0.11~dev13-4.40.2.noarch",
"product_id": "openstack-nova-cert-14.0.11~dev13-4.40.2.noarch"
}
},
{
"category": "product_version",
"name": "openstack-nova-compute-14.0.11~dev13-4.40.2.noarch",
"product": {
"name": "openstack-nova-compute-14.0.11~dev13-4.40.2.noarch",
"product_id": "openstack-nova-compute-14.0.11~dev13-4.40.2.noarch"
}
},
{
"category": "product_version",
"name": "openstack-nova-conductor-14.0.11~dev13-4.40.2.noarch",
"product": {
"name": "openstack-nova-conductor-14.0.11~dev13-4.40.2.noarch",
"product_id": "openstack-nova-conductor-14.0.11~dev13-4.40.2.noarch"
}
},
{
"category": "product_version",
"name": "openstack-nova-console-14.0.11~dev13-4.40.2.noarch",
"product": {
"name": "openstack-nova-console-14.0.11~dev13-4.40.2.noarch",
"product_id": "openstack-nova-console-14.0.11~dev13-4.40.2.noarch"
}
},
{
"category": "product_version",
"name": "openstack-nova-consoleauth-14.0.11~dev13-4.40.2.noarch",
"product": {
"name": "openstack-nova-consoleauth-14.0.11~dev13-4.40.2.noarch",
"product_id": "openstack-nova-consoleauth-14.0.11~dev13-4.40.2.noarch"
}
},
{
"category": "product_version",
"name": "openstack-nova-doc-14.0.11~dev13-4.40.2.noarch",
"product": {
"name": "openstack-nova-doc-14.0.11~dev13-4.40.2.noarch",
"product_id": "openstack-nova-doc-14.0.11~dev13-4.40.2.noarch"
}
},
{
"category": "product_version",
"name": "openstack-nova-network-14.0.11~dev13-4.40.2.noarch",
"product": {
"name": "openstack-nova-network-14.0.11~dev13-4.40.2.noarch",
"product_id": "openstack-nova-network-14.0.11~dev13-4.40.2.noarch"
}
},
{
"category": "product_version",
"name": "openstack-nova-novncproxy-14.0.11~dev13-4.40.2.noarch",
"product": {
"name": "openstack-nova-novncproxy-14.0.11~dev13-4.40.2.noarch",
"product_id": "openstack-nova-novncproxy-14.0.11~dev13-4.40.2.noarch"
}
},
{
"category": "product_version",
"name": "openstack-nova-placement-api-14.0.11~dev13-4.40.2.noarch",
"product": {
"name": "openstack-nova-placement-api-14.0.11~dev13-4.40.2.noarch",
"product_id": "openstack-nova-placement-api-14.0.11~dev13-4.40.2.noarch"
}
},
{
"category": "product_version",
"name": "openstack-nova-scheduler-14.0.11~dev13-4.40.2.noarch",
"product": {
"name": "openstack-nova-scheduler-14.0.11~dev13-4.40.2.noarch",
"product_id": "openstack-nova-scheduler-14.0.11~dev13-4.40.2.noarch"
}
},
{
"category": "product_version",
"name": "openstack-nova-serialproxy-14.0.11~dev13-4.40.2.noarch",
"product": {
"name": "openstack-nova-serialproxy-14.0.11~dev13-4.40.2.noarch",
"product_id": "openstack-nova-serialproxy-14.0.11~dev13-4.40.2.noarch"
}
},
{
"category": "product_version",
"name": "openstack-nova-test-14.0.11~dev13-4.40.2.noarch",
"product": {
"name": "openstack-nova-test-14.0.11~dev13-4.40.2.noarch",
"product_id": "openstack-nova-test-14.0.11~dev13-4.40.2.noarch"
}
},
{
"category": "product_version",
"name": "openstack-nova-vncproxy-14.0.11~dev13-4.40.2.noarch",
"product": {
"name": "openstack-nova-vncproxy-14.0.11~dev13-4.40.2.noarch",
"product_id": "openstack-nova-vncproxy-14.0.11~dev13-4.40.2.noarch"
}
},
{
"category": "product_version",
"name": "openstack-tempest-12.2.1~a0~dev177-4.9.1.noarch",
"product": {
"name": "openstack-tempest-12.2.1~a0~dev177-4.9.1.noarch",
"product_id": "openstack-tempest-12.2.1~a0~dev177-4.9.1.noarch"
}
},
{
"category": "product_version",
"name": "openstack-tempest-test-12.2.1~a0~dev177-4.9.1.noarch",
"product": {
"name": "openstack-tempest-test-12.2.1~a0~dev177-4.9.1.noarch",
"product_id": "openstack-tempest-test-12.2.1~a0~dev177-4.9.1.noarch"
}
},
{
"category": "product_version",
"name": "openstack-xen-plugins-14.0.11~dev13-4.40.2.noarch",
"product": {
"name": "openstack-xen-plugins-14.0.11~dev13-4.40.2.noarch",
"product_id": "openstack-xen-plugins-14.0.11~dev13-4.40.2.noarch"
}
},
{
"category": "product_version",
"name": "python-Django-1.8.19-3.23.1.noarch",
"product": {
"name": "python-Django-1.8.19-3.23.1.noarch",
"product_id": "python-Django-1.8.19-3.23.1.noarch"
}
},
{
"category": "product_version",
"name": "python-manila-3.0.1~dev30-4.12.2.noarch",
"product": {
"name": "python-manila-3.0.1~dev30-4.12.2.noarch",
"product_id": "python-manila-3.0.1~dev30-4.12.2.noarch"
}
},
{
"category": "product_version",
"name": "python-neutron-fwaas-9.0.2~dev5-4.9.3.noarch",
"product": {
"name": "python-neutron-fwaas-9.0.2~dev5-4.9.3.noarch",
"product_id": "python-neutron-fwaas-9.0.2~dev5-4.9.3.noarch"
}
},
{
"category": "product_version",
"name": "python-nova-14.0.11~dev13-4.40.2.noarch",
"product": {
"name": "python-nova-14.0.11~dev13-4.40.2.noarch",
"product_id": "python-nova-14.0.11~dev13-4.40.2.noarch"
}
},
{
"category": "product_version",
"name": "python-psql2mysql-0.5.0+git.1589351878.4ef877c-1.12.1.noarch",
"product": {
"name": "python-psql2mysql-0.5.0+git.1589351878.4ef877c-1.12.1.noarch",
"product_id": "python-psql2mysql-0.5.0+git.1589351878.4ef877c-1.12.1.noarch"
}
},
{
"category": "product_version",
"name": "python-py-1.8.1-11.12.1.noarch",
"product": {
"name": "python-py-1.8.1-11.12.1.noarch",
"product_id": "python-py-1.8.1-11.12.1.noarch"
}
},
{
"category": "product_version",
"name": "python-pylons-sphinx-themes-1.0.11-1.3.1.noarch",
"product": {
"name": "python-pylons-sphinx-themes-1.0.11-1.3.1.noarch",
"product_id": "python-pylons-sphinx-themes-1.0.11-1.3.1.noarch"
}
},
{
"category": "product_version",
"name": "python-pysaml2-4.0.2-3.17.1.noarch",
"product": {
"name": "python-pysaml2-4.0.2-3.17.1.noarch",
"product_id": "python-pysaml2-4.0.2-3.17.1.noarch"
}
},
{
"category": "product_version",
"name": "python-tempest-12.2.1~a0~dev177-4.9.1.noarch",
"product": {
"name": "python-tempest-12.2.1~a0~dev177-4.9.1.noarch",
"product_id": "python-tempest-12.2.1~a0~dev177-4.9.1.noarch"
}
},
{
"category": "product_version",
"name": "python-waitress-1.4.3-3.3.1.noarch",
"product": {
"name": "python-waitress-1.4.3-3.3.1.noarch",
"product_id": "python-waitress-1.4.3-3.3.1.noarch"
}
},
{
"category": "product_version",
"name": "python-waitress-doc-1.4.3-3.3.1.noarch",
"product": {
"name": "python-waitress-doc-1.4.3-3.3.1.noarch",
"product_id": "python-waitress-doc-1.4.3-3.3.1.noarch"
}
},
{
"category": "product_version",
"name": "python3-py-1.8.1-11.12.1.noarch",
"product": {
"name": "python3-py-1.8.1-11.12.1.noarch",
"product_id": "python3-py-1.8.1-11.12.1.noarch"
}
},
{
"category": "product_version",
"name": "python3-waitress-1.4.3-3.3.1.noarch",
"product": {
"name": "python3-waitress-1.4.3-3.3.1.noarch",
"product_id": "python3-waitress-1.4.3-3.3.1.noarch"
}
},
{
"category": "product_version",
"name": "python3-waitress-doc-1.4.3-3.3.1.noarch",
"product": {
"name": "python3-waitress-doc-1.4.3-3.3.1.noarch",
"product_id": "python3-waitress-doc-1.4.3-3.3.1.noarch"
}
},
{
"category": "product_version",
"name": "release-notes-suse-openstack-cloud-7.20180803-3.18.3.noarch",
"product": {
"name": "release-notes-suse-openstack-cloud-7.20180803-3.18.3.noarch",
"product_id": "release-notes-suse-openstack-cloud-7.20180803-3.18.3.noarch"
}
},
{
"category": "product_version",
"name": "zookeeper-server-3.4.10-6.1.noarch",
"product": {
"name": "zookeeper-server-3.4.10-6.1.noarch",
"product_id": "zookeeper-server-3.4.10-6.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.ppc64le",
"product": {
"name": "crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.ppc64le",
"product_id": "crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.ppc64le"
}
},
{
"category": "product_version",
"name": "crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.ppc64le",
"product": {
"name": "crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.ppc64le",
"product_id": "crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.ppc64le"
}
},
{
"category": "product_version",
"name": "crowbar-core-devel-4.0+git.1580209654.1d112d31f-9.66.5.ppc64le",
"product": {
"name": "crowbar-core-devel-4.0+git.1580209654.1d112d31f-9.66.5.ppc64le",
"product_id": "crowbar-core-devel-4.0+git.1580209654.1d112d31f-9.66.5.ppc64le"
}
},
{
"category": "product_version",
"name": "erlang-rabbitmq-client-3.4.4-3.16.1.ppc64le",
"product": {
"name": "erlang-rabbitmq-client-3.4.4-3.16.1.ppc64le",
"product_id": "erlang-rabbitmq-client-3.4.4-3.16.1.ppc64le"
}
},
{
"category": "product_version",
"name": "grafana-4.6.5-1.14.1.ppc64le",
"product": {
"name": "grafana-4.6.5-1.14.1.ppc64le",
"product_id": "grafana-4.6.5-1.14.1.ppc64le"
}
},
{
"category": "product_version",
"name": "keepalived-2.0.19-1.8.1.ppc64le",
"product": {
"name": "keepalived-2.0.19-1.8.1.ppc64le",
"product_id": "keepalived-2.0.19-1.8.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kibana-4.6.3-5.1.ppc64le",
"product": {
"name": "kibana-4.6.3-5.1.ppc64le",
"product_id": "kibana-4.6.3-5.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libzookeeper2-3.4.10-6.1.ppc64le",
"product": {
"name": "libzookeeper2-3.4.10-6.1.ppc64le",
"product_id": "libzookeeper2-3.4.10-6.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libzookeeper2-devel-3.4.10-6.1.ppc64le",
"product": {
"name": "libzookeeper2-devel-3.4.10-6.1.ppc64le",
"product_id": "libzookeeper2-devel-3.4.10-6.1.ppc64le"
}
},
{
"category": "product_version",
"name": "memcached-1.5.17-3.6.1.ppc64le",
"product": {
"name": "memcached-1.5.17-3.6.1.ppc64le",
"product_id": "memcached-1.5.17-3.6.1.ppc64le"
}
},
{
"category": "product_version",
"name": "memcached-devel-1.5.17-3.6.1.ppc64le",
"product": {
"name": "memcached-devel-1.5.17-3.6.1.ppc64le",
"product_id": "memcached-devel-1.5.17-3.6.1.ppc64le"
}
},
{
"category": "product_version",
"name": "python-Pillow-2.8.1-4.12.1.ppc64le",
"product": {
"name": "python-Pillow-2.8.1-4.12.1.ppc64le",
"product_id": "python-Pillow-2.8.1-4.12.1.ppc64le"
}
},
{
"category": "product_version",
"name": "python-Pillow-tk-2.8.1-4.12.1.ppc64le",
"product": {
"name": "python-Pillow-tk-2.8.1-4.12.1.ppc64le",
"product_id": "python-Pillow-tk-2.8.1-4.12.1.ppc64le"
}
},
{
"category": "product_version",
"name": "python-psutil-1.2.1-21.1.ppc64le",
"product": {
"name": "python-psutil-1.2.1-21.1.ppc64le",
"product_id": "python-psutil-1.2.1-21.1.ppc64le"
}
},
{
"category": "product_version",
"name": "python3-psutil-1.2.1-21.1.ppc64le",
"product": {
"name": "python3-psutil-1.2.1-21.1.ppc64le",
"product_id": "python3-psutil-1.2.1-21.1.ppc64le"
}
},
{
"category": "product_version",
"name": "rabbitmq-server-3.4.4-3.16.1.ppc64le",
"product": {
"name": "rabbitmq-server-3.4.4-3.16.1.ppc64le",
"product_id": "rabbitmq-server-3.4.4-3.16.1.ppc64le"
}
},
{
"category": "product_version",
"name": "rabbitmq-server-plugins-3.4.4-3.16.1.ppc64le",
"product": {
"name": "rabbitmq-server-plugins-3.4.4-3.16.1.ppc64le",
"product_id": "rabbitmq-server-plugins-3.4.4-3.16.1.ppc64le"
}
},
{
"category": "product_version",
"name": "ruby2.1-rubygem-activeresource-4.0.0-3.3.1.ppc64le",
"product": {
"name": "ruby2.1-rubygem-activeresource-4.0.0-3.3.1.ppc64le",
"product_id": "ruby2.1-rubygem-activeresource-4.0.0-3.3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "ruby2.1-rubygem-activeresource-doc-4.0.0-3.3.1.ppc64le",
"product": {
"name": "ruby2.1-rubygem-activeresource-doc-4.0.0-3.3.1.ppc64le",
"product_id": "ruby2.1-rubygem-activeresource-doc-4.0.0-3.3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.ppc64le",
"product": {
"name": "ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.ppc64le",
"product_id": "ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.ppc64le"
}
},
{
"category": "product_version",
"name": "ruby2.1-rubygem-crowbar-client-doc-3.9.2-7.20.1.ppc64le",
"product": {
"name": "ruby2.1-rubygem-crowbar-client-doc-3.9.2-7.20.1.ppc64le",
"product_id": "ruby2.1-rubygem-crowbar-client-doc-3.9.2-7.20.1.ppc64le"
}
},
{
"category": "product_version",
"name": "ruby2.1-rubygem-crowbar-client-testsuite-3.9.2-7.20.1.ppc64le",
"product": {
"name": "ruby2.1-rubygem-crowbar-client-testsuite-3.9.2-7.20.1.ppc64le",
"product_id": "ruby2.1-rubygem-crowbar-client-testsuite-3.9.2-7.20.1.ppc64le"
}
},
{
"category": "product_version",
"name": "ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.ppc64le",
"product": {
"name": "ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.ppc64le",
"product_id": "ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "ruby2.1-rubygem-puma-2.16.0-4.6.1.ppc64le",
"product": {
"name": "ruby2.1-rubygem-puma-2.16.0-4.6.1.ppc64le",
"product_id": "ruby2.1-rubygem-puma-2.16.0-4.6.1.ppc64le"
}
},
{
"category": "product_version",
"name": "ruby2.1-rubygem-puma-doc-2.16.0-4.6.1.ppc64le",
"product": {
"name": "ruby2.1-rubygem-puma-doc-2.16.0-4.6.1.ppc64le",
"product_id": "ruby2.1-rubygem-puma-doc-2.16.0-4.6.1.ppc64le"
}
},
{
"category": "product_version",
"name": "zookeeper-client-3.4.10-6.1.ppc64le",
"product": {
"name": "zookeeper-client-3.4.10-6.1.ppc64le",
"product_id": "zookeeper-client-3.4.10-6.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.s390x",
"product": {
"name": "crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.s390x",
"product_id": "crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.s390x"
}
},
{
"category": "product_version",
"name": "crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.s390x",
"product": {
"name": "crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.s390x",
"product_id": "crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.s390x"
}
},
{
"category": "product_version",
"name": "crowbar-core-devel-4.0+git.1580209654.1d112d31f-9.66.5.s390x",
"product": {
"name": "crowbar-core-devel-4.0+git.1580209654.1d112d31f-9.66.5.s390x",
"product_id": "crowbar-core-devel-4.0+git.1580209654.1d112d31f-9.66.5.s390x"
}
},
{
"category": "product_version",
"name": "erlang-rabbitmq-client-3.4.4-3.16.1.s390x",
"product": {
"name": "erlang-rabbitmq-client-3.4.4-3.16.1.s390x",
"product_id": "erlang-rabbitmq-client-3.4.4-3.16.1.s390x"
}
},
{
"category": "product_version",
"name": "grafana-4.6.5-1.14.1.s390x",
"product": {
"name": "grafana-4.6.5-1.14.1.s390x",
"product_id": "grafana-4.6.5-1.14.1.s390x"
}
},
{
"category": "product_version",
"name": "keepalived-2.0.19-1.8.1.s390x",
"product": {
"name": "keepalived-2.0.19-1.8.1.s390x",
"product_id": "keepalived-2.0.19-1.8.1.s390x"
}
},
{
"category": "product_version",
"name": "kibana-4.6.3-5.1.s390x",
"product": {
"name": "kibana-4.6.3-5.1.s390x",
"product_id": "kibana-4.6.3-5.1.s390x"
}
},
{
"category": "product_version",
"name": "libzookeeper2-3.4.10-6.1.s390x",
"product": {
"name": "libzookeeper2-3.4.10-6.1.s390x",
"product_id": "libzookeeper2-3.4.10-6.1.s390x"
}
},
{
"category": "product_version",
"name": "libzookeeper2-devel-3.4.10-6.1.s390x",
"product": {
"name": "libzookeeper2-devel-3.4.10-6.1.s390x",
"product_id": "libzookeeper2-devel-3.4.10-6.1.s390x"
}
},
{
"category": "product_version",
"name": "memcached-1.5.17-3.6.1.s390x",
"product": {
"name": "memcached-1.5.17-3.6.1.s390x",
"product_id": "memcached-1.5.17-3.6.1.s390x"
}
},
{
"category": "product_version",
"name": "memcached-devel-1.5.17-3.6.1.s390x",
"product": {
"name": "memcached-devel-1.5.17-3.6.1.s390x",
"product_id": "memcached-devel-1.5.17-3.6.1.s390x"
}
},
{
"category": "product_version",
"name": "python-Pillow-2.8.1-4.12.1.s390x",
"product": {
"name": "python-Pillow-2.8.1-4.12.1.s390x",
"product_id": "python-Pillow-2.8.1-4.12.1.s390x"
}
},
{
"category": "product_version",
"name": "python-Pillow-tk-2.8.1-4.12.1.s390x",
"product": {
"name": "python-Pillow-tk-2.8.1-4.12.1.s390x",
"product_id": "python-Pillow-tk-2.8.1-4.12.1.s390x"
}
},
{
"category": "product_version",
"name": "python-cffi-1.11.2-3.3.2.s390x",
"product": {
"name": "python-cffi-1.11.2-3.3.2.s390x",
"product_id": "python-cffi-1.11.2-3.3.2.s390x"
}
},
{
"category": "product_version",
"name": "python-psutil-1.2.1-21.1.s390x",
"product": {
"name": "python-psutil-1.2.1-21.1.s390x",
"product_id": "python-psutil-1.2.1-21.1.s390x"
}
},
{
"category": "product_version",
"name": "python3-psutil-1.2.1-21.1.s390x",
"product": {
"name": "python3-psutil-1.2.1-21.1.s390x",
"product_id": "python3-psutil-1.2.1-21.1.s390x"
}
},
{
"category": "product_version",
"name": "rabbitmq-server-3.4.4-3.16.1.s390x",
"product": {
"name": "rabbitmq-server-3.4.4-3.16.1.s390x",
"product_id": "rabbitmq-server-3.4.4-3.16.1.s390x"
}
},
{
"category": "product_version",
"name": "rabbitmq-server-plugins-3.4.4-3.16.1.s390x",
"product": {
"name": "rabbitmq-server-plugins-3.4.4-3.16.1.s390x",
"product_id": "rabbitmq-server-plugins-3.4.4-3.16.1.s390x"
}
},
{
"category": "product_version",
"name": "ruby2.1-rubygem-activeresource-4.0.0-3.3.1.s390x",
"product": {
"name": "ruby2.1-rubygem-activeresource-4.0.0-3.3.1.s390x",
"product_id": "ruby2.1-rubygem-activeresource-4.0.0-3.3.1.s390x"
}
},
{
"category": "product_version",
"name": "ruby2.1-rubygem-activeresource-doc-4.0.0-3.3.1.s390x",
"product": {
"name": "ruby2.1-rubygem-activeresource-doc-4.0.0-3.3.1.s390x",
"product_id": "ruby2.1-rubygem-activeresource-doc-4.0.0-3.3.1.s390x"
}
},
{
"category": "product_version",
"name": "ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.s390x",
"product": {
"name": "ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.s390x",
"product_id": "ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.s390x"
}
},
{
"category": "product_version",
"name": "ruby2.1-rubygem-crowbar-client-doc-3.9.2-7.20.1.s390x",
"product": {
"name": "ruby2.1-rubygem-crowbar-client-doc-3.9.2-7.20.1.s390x",
"product_id": "ruby2.1-rubygem-crowbar-client-doc-3.9.2-7.20.1.s390x"
}
},
{
"category": "product_version",
"name": "ruby2.1-rubygem-crowbar-client-testsuite-3.9.2-7.20.1.s390x",
"product": {
"name": "ruby2.1-rubygem-crowbar-client-testsuite-3.9.2-7.20.1.s390x",
"product_id": "ruby2.1-rubygem-crowbar-client-testsuite-3.9.2-7.20.1.s390x"
}
},
{
"category": "product_version",
"name": "ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.s390x",
"product": {
"name": "ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.s390x",
"product_id": "ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.s390x"
}
},
{
"category": "product_version",
"name": "ruby2.1-rubygem-puma-2.16.0-4.6.1.s390x",
"product": {
"name": "ruby2.1-rubygem-puma-2.16.0-4.6.1.s390x",
"product_id": "ruby2.1-rubygem-puma-2.16.0-4.6.1.s390x"
}
},
{
"category": "product_version",
"name": "ruby2.1-rubygem-puma-doc-2.16.0-4.6.1.s390x",
"product": {
"name": "ruby2.1-rubygem-puma-doc-2.16.0-4.6.1.s390x",
"product_id": "ruby2.1-rubygem-puma-doc-2.16.0-4.6.1.s390x"
}
},
{
"category": "product_version",
"name": "zookeeper-client-3.4.10-6.1.s390x",
"product": {
"name": "zookeeper-client-3.4.10-6.1.s390x",
"product_id": "zookeeper-client-3.4.10-6.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.x86_64",
"product": {
"name": "crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.x86_64",
"product_id": "crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.x86_64"
}
},
{
"category": "product_version",
"name": "crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.x86_64",
"product": {
"name": "crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.x86_64",
"product_id": "crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.x86_64"
}
},
{
"category": "product_version",
"name": "crowbar-core-devel-4.0+git.1580209654.1d112d31f-9.66.5.x86_64",
"product": {
"name": "crowbar-core-devel-4.0+git.1580209654.1d112d31f-9.66.5.x86_64",
"product_id": "crowbar-core-devel-4.0+git.1580209654.1d112d31f-9.66.5.x86_64"
}
},
{
"category": "product_version",
"name": "erlang-rabbitmq-client-3.4.4-3.16.1.x86_64",
"product": {
"name": "erlang-rabbitmq-client-3.4.4-3.16.1.x86_64",
"product_id": "erlang-rabbitmq-client-3.4.4-3.16.1.x86_64"
}
},
{
"category": "product_version",
"name": "grafana-4.6.5-1.14.1.x86_64",
"product": {
"name": "grafana-4.6.5-1.14.1.x86_64",
"product_id": "grafana-4.6.5-1.14.1.x86_64"
}
},
{
"category": "product_version",
"name": "keepalived-2.0.19-1.8.1.x86_64",
"product": {
"name": "keepalived-2.0.19-1.8.1.x86_64",
"product_id": "keepalived-2.0.19-1.8.1.x86_64"
}
},
{
"category": "product_version",
"name": "kibana-4.6.3-5.1.x86_64",
"product": {
"name": "kibana-4.6.3-5.1.x86_64",
"product_id": "kibana-4.6.3-5.1.x86_64"
}
},
{
"category": "product_version",
"name": "libzookeeper2-3.4.10-6.1.x86_64",
"product": {
"name": "libzookeeper2-3.4.10-6.1.x86_64",
"product_id": "libzookeeper2-3.4.10-6.1.x86_64"
}
},
{
"category": "product_version",
"name": "libzookeeper2-devel-3.4.10-6.1.x86_64",
"product": {
"name": "libzookeeper2-devel-3.4.10-6.1.x86_64",
"product_id": "libzookeeper2-devel-3.4.10-6.1.x86_64"
}
},
{
"category": "product_version",
"name": "memcached-1.5.17-3.6.1.x86_64",
"product": {
"name": "memcached-1.5.17-3.6.1.x86_64",
"product_id": "memcached-1.5.17-3.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "memcached-devel-1.5.17-3.6.1.x86_64",
"product": {
"name": "memcached-devel-1.5.17-3.6.1.x86_64",
"product_id": "memcached-devel-1.5.17-3.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "python-Pillow-2.8.1-4.12.1.x86_64",
"product": {
"name": "python-Pillow-2.8.1-4.12.1.x86_64",
"product_id": "python-Pillow-2.8.1-4.12.1.x86_64"
}
},
{
"category": "product_version",
"name": "python-Pillow-tk-2.8.1-4.12.1.x86_64",
"product": {
"name": "python-Pillow-tk-2.8.1-4.12.1.x86_64",
"product_id": "python-Pillow-tk-2.8.1-4.12.1.x86_64"
}
},
{
"category": "product_version",
"name": "python-cffi-1.11.2-3.3.2.x86_64",
"product": {
"name": "python-cffi-1.11.2-3.3.2.x86_64",
"product_id": "python-cffi-1.11.2-3.3.2.x86_64"
}
},
{
"category": "product_version",
"name": "python-psutil-1.2.1-21.1.x86_64",
"product": {
"name": "python-psutil-1.2.1-21.1.x86_64",
"product_id": "python-psutil-1.2.1-21.1.x86_64"
}
},
{
"category": "product_version",
"name": "python3-psutil-1.2.1-21.1.x86_64",
"product": {
"name": "python3-psutil-1.2.1-21.1.x86_64",
"product_id": "python3-psutil-1.2.1-21.1.x86_64"
}
},
{
"category": "product_version",
"name": "rabbitmq-server-3.4.4-3.16.1.x86_64",
"product": {
"name": "rabbitmq-server-3.4.4-3.16.1.x86_64",
"product_id": "rabbitmq-server-3.4.4-3.16.1.x86_64"
}
},
{
"category": "product_version",
"name": "rabbitmq-server-plugins-3.4.4-3.16.1.x86_64",
"product": {
"name": "rabbitmq-server-plugins-3.4.4-3.16.1.x86_64",
"product_id": "rabbitmq-server-plugins-3.4.4-3.16.1.x86_64"
}
},
{
"category": "product_version",
"name": "ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64",
"product": {
"name": "ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64",
"product_id": "ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "ruby2.1-rubygem-activeresource-doc-4.0.0-3.3.1.x86_64",
"product": {
"name": "ruby2.1-rubygem-activeresource-doc-4.0.0-3.3.1.x86_64",
"product_id": "ruby2.1-rubygem-activeresource-doc-4.0.0-3.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.x86_64",
"product": {
"name": "ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.x86_64",
"product_id": "ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.x86_64"
}
},
{
"category": "product_version",
"name": "ruby2.1-rubygem-crowbar-client-doc-3.9.2-7.20.1.x86_64",
"product": {
"name": "ruby2.1-rubygem-crowbar-client-doc-3.9.2-7.20.1.x86_64",
"product_id": "ruby2.1-rubygem-crowbar-client-doc-3.9.2-7.20.1.x86_64"
}
},
{
"category": "product_version",
"name": "ruby2.1-rubygem-crowbar-client-testsuite-3.9.2-7.20.1.x86_64",
"product": {
"name": "ruby2.1-rubygem-crowbar-client-testsuite-3.9.2-7.20.1.x86_64",
"product_id": "ruby2.1-rubygem-crowbar-client-testsuite-3.9.2-7.20.1.x86_64"
}
},
{
"category": "product_version",
"name": "ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64",
"product": {
"name": "ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64",
"product_id": "ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "ruby2.1-rubygem-puma-2.16.0-4.6.1.x86_64",
"product": {
"name": "ruby2.1-rubygem-puma-2.16.0-4.6.1.x86_64",
"product_id": "ruby2.1-rubygem-puma-2.16.0-4.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "ruby2.1-rubygem-puma-doc-2.16.0-4.6.1.x86_64",
"product": {
"name": "ruby2.1-rubygem-puma-doc-2.16.0-4.6.1.x86_64",
"product_id": "ruby2.1-rubygem-puma-doc-2.16.0-4.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "zookeeper-client-3.4.10-6.1.x86_64",
"product": {
"name": "zookeeper-client-3.4.10-6.1.x86_64",
"product_id": "zookeeper-client-3.4.10-6.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE OpenStack Cloud 7",
"product": {
"name": "SUSE OpenStack Cloud 7",
"product_id": "SUSE OpenStack Cloud 7",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-openstack-cloud:7"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-2.2.3.0-12.2.noarch as component of SUSE OpenStack Cloud 7",
"product_id": "SUSE OpenStack Cloud 7:ansible-2.2.3.0-12.2.noarch"
},
"product_reference": "ansible-2.2.3.0-12.2.noarch",
"relates_to_product_reference": "SUSE OpenStack Cloud 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.s390x as component of SUSE OpenStack Cloud 7",
"product_id": "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.s390x"
},
"product_reference": "crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.s390x",
"relates_to_product_reference": "SUSE OpenStack Cloud 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.x86_64 as component of SUSE OpenStack Cloud 7",
"product_id": "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.x86_64"
},
"product_reference": "crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.s390x as component of SUSE OpenStack Cloud 7",
"product_id": "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.s390x"
},
"product_reference": "crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.s390x",
"relates_to_product_reference": "SUSE OpenStack Cloud 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.x86_64 as component of SUSE OpenStack Cloud 7",
"product_id": "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.x86_64"
},
"product_reference": "crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "crowbar-ha-4.0+git.1585316203.d6ad2c8-4.52.4.noarch as component of SUSE OpenStack Cloud 7",
"product_id": "SUSE OpenStack Cloud 7:crowbar-ha-4.0+git.1585316203.d6ad2c8-4.52.4.noarch"
},
"product_reference": "crowbar-ha-4.0+git.1585316203.d6ad2c8-4.52.4.noarch",
"relates_to_product_reference": "SUSE OpenStack Cloud 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "crowbar-openstack-4.0+git.1589804581.9972163f0-9.71.4.noarch as component of SUSE OpenStack Cloud 7",
"product_id": "SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1589804581.9972163f0-9.71.4.noarch"
},
"product_reference": "crowbar-openstack-4.0+git.1589804581.9972163f0-9.71.4.noarch",
"relates_to_product_reference": "SUSE OpenStack Cloud 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-4.6.5-1.14.1.x86_64 as component of SUSE OpenStack Cloud 7",
"product_id": "SUSE OpenStack Cloud 7:grafana-4.6.5-1.14.1.x86_64"
},
"product_reference": "grafana-4.6.5-1.14.1.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "keepalived-2.0.19-1.8.1.s390x as component of SUSE OpenStack Cloud 7",
"product_id": "SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.s390x"
},
"product_reference": "keepalived-2.0.19-1.8.1.s390x",
"relates_to_product_reference": "SUSE OpenStack Cloud 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "keepalived-2.0.19-1.8.1.x86_64 as component of SUSE OpenStack Cloud 7",
"product_id": "SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.x86_64"
},
"product_reference": "keepalived-2.0.19-1.8.1.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kibana-4.6.3-5.1.x86_64 as component of SUSE OpenStack Cloud 7",
"product_id": "SUSE OpenStack Cloud 7:kibana-4.6.3-5.1.x86_64"
},
"product_reference": "kibana-4.6.3-5.1.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "memcached-1.5.17-3.6.1.s390x as component of SUSE OpenStack Cloud 7",
"product_id": "SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.s390x"
},
"product_reference": "memcached-1.5.17-3.6.1.s390x",
"relates_to_product_reference": "SUSE OpenStack Cloud 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "memcached-1.5.17-3.6.1.x86_64 as component of SUSE OpenStack Cloud 7",
"product_id": "SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.x86_64"
},
"product_reference": "memcached-1.5.17-3.6.1.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "monasca-installer-20180608_12.47-12.1.noarch as component of SUSE OpenStack Cloud 7",
"product_id": "SUSE OpenStack Cloud 7:monasca-installer-20180608_12.47-12.1.noarch"
},
"product_reference": "monasca-installer-20180608_12.47-12.1.noarch",
"relates_to_product_reference": "SUSE OpenStack Cloud 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-dashboard-theme-SUSE-2016.2-5.12.4.noarch as component of SUSE OpenStack Cloud 7",
"product_id": "SUSE OpenStack Cloud 7:openstack-dashboard-theme-SUSE-2016.2-5.12.4.noarch"
},
"product_reference": "openstack-dashboard-theme-SUSE-2016.2-5.12.4.noarch",
"relates_to_product_reference": "SUSE OpenStack Cloud 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-manila-3.0.1~dev30-4.12.2.noarch as component of SUSE OpenStack Cloud 7",
"product_id": "SUSE OpenStack Cloud 7:openstack-manila-3.0.1~dev30-4.12.2.noarch"
},
"product_reference": "openstack-manila-3.0.1~dev30-4.12.2.noarch",
"relates_to_product_reference": "SUSE OpenStack Cloud 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-manila-api-3.0.1~dev30-4.12.2.noarch as component of SUSE OpenStack Cloud 7",
"product_id": "SUSE OpenStack Cloud 7:openstack-manila-api-3.0.1~dev30-4.12.2.noarch"
},
"product_reference": "openstack-manila-api-3.0.1~dev30-4.12.2.noarch",
"relates_to_product_reference": "SUSE OpenStack Cloud 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-manila-data-3.0.1~dev30-4.12.2.noarch as component of SUSE OpenStack Cloud 7",
"product_id": "SUSE OpenStack Cloud 7:openstack-manila-data-3.0.1~dev30-4.12.2.noarch"
},
"product_reference": "openstack-manila-data-3.0.1~dev30-4.12.2.noarch",
"relates_to_product_reference": "SUSE OpenStack Cloud 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-manila-doc-3.0.1~dev30-4.12.3.noarch as component of SUSE OpenStack Cloud 7",
"product_id": "SUSE OpenStack Cloud 7:openstack-manila-doc-3.0.1~dev30-4.12.3.noarch"
},
"product_reference": "openstack-manila-doc-3.0.1~dev30-4.12.3.noarch",
"relates_to_product_reference": "SUSE OpenStack Cloud 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-manila-scheduler-3.0.1~dev30-4.12.2.noarch as component of SUSE OpenStack Cloud 7",
"product_id": "SUSE OpenStack Cloud 7:openstack-manila-scheduler-3.0.1~dev30-4.12.2.noarch"
},
"product_reference": "openstack-manila-scheduler-3.0.1~dev30-4.12.2.noarch",
"relates_to_product_reference": "SUSE OpenStack Cloud 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-manila-share-3.0.1~dev30-4.12.2.noarch as component of SUSE OpenStack Cloud 7",
"product_id": "SUSE OpenStack Cloud 7:openstack-manila-share-3.0.1~dev30-4.12.2.noarch"
},
"product_reference": "openstack-manila-share-3.0.1~dev30-4.12.2.noarch",
"relates_to_product_reference": "SUSE OpenStack Cloud 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-neutron-fwaas-9.0.2~dev5-4.9.3.noarch as component of SUSE OpenStack Cloud 7",
"product_id": "SUSE OpenStack Cloud 7:openstack-neutron-fwaas-9.0.2~dev5-4.9.3.noarch"
},
"product_reference": "openstack-neutron-fwaas-9.0.2~dev5-4.9.3.noarch",
"relates_to_product_reference": "SUSE OpenStack Cloud 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-neutron-fwaas-doc-9.0.2~dev5-4.9.4.noarch as component of SUSE OpenStack Cloud 7",
"product_id": "SUSE OpenStack Cloud 7:openstack-neutron-fwaas-doc-9.0.2~dev5-4.9.4.noarch"
},
"product_reference": "openstack-neutron-fwaas-doc-9.0.2~dev5-4.9.4.noarch",
"relates_to_product_reference": "SUSE OpenStack Cloud 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-nova-14.0.11~dev13-4.40.2.noarch as component of SUSE OpenStack Cloud 7",
"product_id": "SUSE OpenStack Cloud 7:openstack-nova-14.0.11~dev13-4.40.2.noarch"
},
"product_reference": "openstack-nova-14.0.11~dev13-4.40.2.noarch",
"relates_to_product_reference": "SUSE OpenStack Cloud 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-nova-api-14.0.11~dev13-4.40.2.noarch as component of SUSE OpenStack Cloud 7",
"product_id": "SUSE OpenStack Cloud 7:openstack-nova-api-14.0.11~dev13-4.40.2.noarch"
},
"product_reference": "openstack-nova-api-14.0.11~dev13-4.40.2.noarch",
"relates_to_product_reference": "SUSE OpenStack Cloud 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-nova-cells-14.0.11~dev13-4.40.2.noarch as component of SUSE OpenStack Cloud 7",
"product_id": "SUSE OpenStack Cloud 7:openstack-nova-cells-14.0.11~dev13-4.40.2.noarch"
},
"product_reference": "openstack-nova-cells-14.0.11~dev13-4.40.2.noarch",
"relates_to_product_reference": "SUSE OpenStack Cloud 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-nova-cert-14.0.11~dev13-4.40.2.noarch as component of SUSE OpenStack Cloud 7",
"product_id": "SUSE OpenStack Cloud 7:openstack-nova-cert-14.0.11~dev13-4.40.2.noarch"
},
"product_reference": "openstack-nova-cert-14.0.11~dev13-4.40.2.noarch",
"relates_to_product_reference": "SUSE OpenStack Cloud 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-nova-compute-14.0.11~dev13-4.40.2.noarch as component of SUSE OpenStack Cloud 7",
"product_id": "SUSE OpenStack Cloud 7:openstack-nova-compute-14.0.11~dev13-4.40.2.noarch"
},
"product_reference": "openstack-nova-compute-14.0.11~dev13-4.40.2.noarch",
"relates_to_product_reference": "SUSE OpenStack Cloud 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-nova-conductor-14.0.11~dev13-4.40.2.noarch as component of SUSE OpenStack Cloud 7",
"product_id": "SUSE OpenStack Cloud 7:openstack-nova-conductor-14.0.11~dev13-4.40.2.noarch"
},
"product_reference": "openstack-nova-conductor-14.0.11~dev13-4.40.2.noarch",
"relates_to_product_reference": "SUSE OpenStack Cloud 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-nova-console-14.0.11~dev13-4.40.2.noarch as component of SUSE OpenStack Cloud 7",
"product_id": "SUSE OpenStack Cloud 7:openstack-nova-console-14.0.11~dev13-4.40.2.noarch"
},
"product_reference": "openstack-nova-console-14.0.11~dev13-4.40.2.noarch",
"relates_to_product_reference": "SUSE OpenStack Cloud 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-nova-consoleauth-14.0.11~dev13-4.40.2.noarch as component of SUSE OpenStack Cloud 7",
"product_id": "SUSE OpenStack Cloud 7:openstack-nova-consoleauth-14.0.11~dev13-4.40.2.noarch"
},
"product_reference": "openstack-nova-consoleauth-14.0.11~dev13-4.40.2.noarch",
"relates_to_product_reference": "SUSE OpenStack Cloud 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-nova-doc-14.0.11~dev13-4.40.2.noarch as component of SUSE OpenStack Cloud 7",
"product_id": "SUSE OpenStack Cloud 7:openstack-nova-doc-14.0.11~dev13-4.40.2.noarch"
},
"product_reference": "openstack-nova-doc-14.0.11~dev13-4.40.2.noarch",
"relates_to_product_reference": "SUSE OpenStack Cloud 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-nova-novncproxy-14.0.11~dev13-4.40.2.noarch as component of SUSE OpenStack Cloud 7",
"product_id": "SUSE OpenStack Cloud 7:openstack-nova-novncproxy-14.0.11~dev13-4.40.2.noarch"
},
"product_reference": "openstack-nova-novncproxy-14.0.11~dev13-4.40.2.noarch",
"relates_to_product_reference": "SUSE OpenStack Cloud 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-nova-placement-api-14.0.11~dev13-4.40.2.noarch as component of SUSE OpenStack Cloud 7",
"product_id": "SUSE OpenStack Cloud 7:openstack-nova-placement-api-14.0.11~dev13-4.40.2.noarch"
},
"product_reference": "openstack-nova-placement-api-14.0.11~dev13-4.40.2.noarch",
"relates_to_product_reference": "SUSE OpenStack Cloud 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-nova-scheduler-14.0.11~dev13-4.40.2.noarch as component of SUSE OpenStack Cloud 7",
"product_id": "SUSE OpenStack Cloud 7:openstack-nova-scheduler-14.0.11~dev13-4.40.2.noarch"
},
"product_reference": "openstack-nova-scheduler-14.0.11~dev13-4.40.2.noarch",
"relates_to_product_reference": "SUSE OpenStack Cloud 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-nova-serialproxy-14.0.11~dev13-4.40.2.noarch as component of SUSE OpenStack Cloud 7",
"product_id": "SUSE OpenStack Cloud 7:openstack-nova-serialproxy-14.0.11~dev13-4.40.2.noarch"
},
"product_reference": "openstack-nova-serialproxy-14.0.11~dev13-4.40.2.noarch",
"relates_to_product_reference": "SUSE OpenStack Cloud 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-nova-vncproxy-14.0.11~dev13-4.40.2.noarch as component of SUSE OpenStack Cloud 7",
"product_id": "SUSE OpenStack Cloud 7:openstack-nova-vncproxy-14.0.11~dev13-4.40.2.noarch"
},
"product_reference": "openstack-nova-vncproxy-14.0.11~dev13-4.40.2.noarch",
"relates_to_product_reference": "SUSE OpenStack Cloud 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-tempest-12.2.1~a0~dev177-4.9.1.noarch as component of SUSE OpenStack Cloud 7",
"product_id": "SUSE OpenStack Cloud 7:openstack-tempest-12.2.1~a0~dev177-4.9.1.noarch"
},
"product_reference": "openstack-tempest-12.2.1~a0~dev177-4.9.1.noarch",
"relates_to_product_reference": "SUSE OpenStack Cloud 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-tempest-test-12.2.1~a0~dev177-4.9.1.noarch as component of SUSE OpenStack Cloud 7",
"product_id": "SUSE OpenStack Cloud 7:openstack-tempest-test-12.2.1~a0~dev177-4.9.1.noarch"
},
"product_reference": "openstack-tempest-test-12.2.1~a0~dev177-4.9.1.noarch",
"relates_to_product_reference": "SUSE OpenStack Cloud 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-Django-1.8.19-3.23.1.noarch as component of SUSE OpenStack Cloud 7",
"product_id": "SUSE OpenStack Cloud 7:python-Django-1.8.19-3.23.1.noarch"
},
"product_reference": "python-Django-1.8.19-3.23.1.noarch",
"relates_to_product_reference": "SUSE OpenStack Cloud 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-Pillow-2.8.1-4.12.1.s390x as component of SUSE OpenStack Cloud 7",
"product_id": "SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.s390x"
},
"product_reference": "python-Pillow-2.8.1-4.12.1.s390x",
"relates_to_product_reference": "SUSE OpenStack Cloud 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-Pillow-2.8.1-4.12.1.x86_64 as component of SUSE OpenStack Cloud 7",
"product_id": "SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.x86_64"
},
"product_reference": "python-Pillow-2.8.1-4.12.1.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-manila-3.0.1~dev30-4.12.2.noarch as component of SUSE OpenStack Cloud 7",
"product_id": "SUSE OpenStack Cloud 7:python-manila-3.0.1~dev30-4.12.2.noarch"
},
"product_reference": "python-manila-3.0.1~dev30-4.12.2.noarch",
"relates_to_product_reference": "SUSE OpenStack Cloud 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-neutron-fwaas-9.0.2~dev5-4.9.3.noarch as component of SUSE OpenStack Cloud 7",
"product_id": "SUSE OpenStack Cloud 7:python-neutron-fwaas-9.0.2~dev5-4.9.3.noarch"
},
"product_reference": "python-neutron-fwaas-9.0.2~dev5-4.9.3.noarch",
"relates_to_product_reference": "SUSE OpenStack Cloud 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-nova-14.0.11~dev13-4.40.2.noarch as component of SUSE OpenStack Cloud 7",
"product_id": "SUSE OpenStack Cloud 7:python-nova-14.0.11~dev13-4.40.2.noarch"
},
"product_reference": "python-nova-14.0.11~dev13-4.40.2.noarch",
"relates_to_product_reference": "SUSE OpenStack Cloud 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-psql2mysql-0.5.0+git.1589351878.4ef877c-1.12.1.noarch as component of SUSE OpenStack Cloud 7",
"product_id": "SUSE OpenStack Cloud 7:python-psql2mysql-0.5.0+git.1589351878.4ef877c-1.12.1.noarch"
},
"product_reference": "python-psql2mysql-0.5.0+git.1589351878.4ef877c-1.12.1.noarch",
"relates_to_product_reference": "SUSE OpenStack Cloud 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-psutil-1.2.1-21.1.s390x as component of SUSE OpenStack Cloud 7",
"product_id": "SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.s390x"
},
"product_reference": "python-psutil-1.2.1-21.1.s390x",
"relates_to_product_reference": "SUSE OpenStack Cloud 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-psutil-1.2.1-21.1.x86_64 as component of SUSE OpenStack Cloud 7",
"product_id": "SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.x86_64"
},
"product_reference": "python-psutil-1.2.1-21.1.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-py-1.8.1-11.12.1.noarch as component of SUSE OpenStack Cloud 7",
"product_id": "SUSE OpenStack Cloud 7:python-py-1.8.1-11.12.1.noarch"
},
"product_reference": "python-py-1.8.1-11.12.1.noarch",
"relates_to_product_reference": "SUSE OpenStack Cloud 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-pysaml2-4.0.2-3.17.1.noarch as component of SUSE OpenStack Cloud 7",
"product_id": "SUSE OpenStack Cloud 7:python-pysaml2-4.0.2-3.17.1.noarch"
},
"product_reference": "python-pysaml2-4.0.2-3.17.1.noarch",
"relates_to_product_reference": "SUSE OpenStack Cloud 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-tempest-12.2.1~a0~dev177-4.9.1.noarch as component of SUSE OpenStack Cloud 7",
"product_id": "SUSE OpenStack Cloud 7:python-tempest-12.2.1~a0~dev177-4.9.1.noarch"
},
"product_reference": "python-tempest-12.2.1~a0~dev177-4.9.1.noarch",
"relates_to_product_reference": "SUSE OpenStack Cloud 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-waitress-1.4.3-3.3.1.noarch as component of SUSE OpenStack Cloud 7",
"product_id": "SUSE OpenStack Cloud 7:python-waitress-1.4.3-3.3.1.noarch"
},
"product_reference": "python-waitress-1.4.3-3.3.1.noarch",
"relates_to_product_reference": "SUSE OpenStack Cloud 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rabbitmq-server-3.4.4-3.16.1.s390x as component of SUSE OpenStack Cloud 7",
"product_id": "SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.s390x"
},
"product_reference": "rabbitmq-server-3.4.4-3.16.1.s390x",
"relates_to_product_reference": "SUSE OpenStack Cloud 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rabbitmq-server-3.4.4-3.16.1.x86_64 as component of SUSE OpenStack Cloud 7",
"product_id": "SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.x86_64"
},
"product_reference": "rabbitmq-server-3.4.4-3.16.1.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rabbitmq-server-plugins-3.4.4-3.16.1.s390x as component of SUSE OpenStack Cloud 7",
"product_id": "SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.s390x"
},
"product_reference": "rabbitmq-server-plugins-3.4.4-3.16.1.s390x",
"relates_to_product_reference": "SUSE OpenStack Cloud 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rabbitmq-server-plugins-3.4.4-3.16.1.x86_64 as component of SUSE OpenStack Cloud 7",
"product_id": "SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.x86_64"
},
"product_reference": "rabbitmq-server-plugins-3.4.4-3.16.1.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "release-notes-suse-openstack-cloud-7.20180803-3.18.3.noarch as component of SUSE OpenStack Cloud 7",
"product_id": "SUSE OpenStack Cloud 7:release-notes-suse-openstack-cloud-7.20180803-3.18.3.noarch"
},
"product_reference": "release-notes-suse-openstack-cloud-7.20180803-3.18.3.noarch",
"relates_to_product_reference": "SUSE OpenStack Cloud 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ruby2.1-rubygem-activeresource-4.0.0-3.3.1.s390x as component of SUSE OpenStack Cloud 7",
"product_id": "SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.s390x"
},
"product_reference": "ruby2.1-rubygem-activeresource-4.0.0-3.3.1.s390x",
"relates_to_product_reference": "SUSE OpenStack Cloud 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64 as component of SUSE OpenStack Cloud 7",
"product_id": "SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64"
},
"product_reference": "ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.s390x as component of SUSE OpenStack Cloud 7",
"product_id": "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.s390x"
},
"product_reference": "ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.s390x",
"relates_to_product_reference": "SUSE OpenStack Cloud 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.x86_64 as component of SUSE OpenStack Cloud 7",
"product_id": "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.x86_64"
},
"product_reference": "ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.s390x as component of SUSE OpenStack Cloud 7",
"product_id": "SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.s390x"
},
"product_reference": "ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.s390x",
"relates_to_product_reference": "SUSE OpenStack Cloud 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64 as component of SUSE OpenStack Cloud 7",
"product_id": "SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64"
},
"product_reference": "ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ruby2.1-rubygem-puma-2.16.0-4.6.1.s390x as component of SUSE OpenStack Cloud 7",
"product_id": "SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.s390x"
},
"product_reference": "ruby2.1-rubygem-puma-2.16.0-4.6.1.s390x",
"relates_to_product_reference": "SUSE OpenStack Cloud 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ruby2.1-rubygem-puma-2.16.0-4.6.1.x86_64 as component of SUSE OpenStack Cloud 7",
"product_id": "SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.x86_64"
},
"product_reference": "ruby2.1-rubygem-puma-2.16.0-4.6.1.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "zookeeper-server-3.4.10-6.1.noarch as component of SUSE OpenStack Cloud 7",
"product_id": "SUSE OpenStack Cloud 7:zookeeper-server-3.4.10-6.1.noarch"
},
"product_reference": "zookeeper-server-3.4.10-6.1.noarch",
"relates_to_product_reference": "SUSE OpenStack Cloud 7"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2017-1000246",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-1000246"
}
],
"notes": [
{
"category": "general",
"text": "Python package pysaml2 version 4.4.0 and earlier reuses the initialization vector across encryptions in the IDP server, resulting in weak encryption of data.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE OpenStack Cloud 7:ansible-2.2.3.0-12.2.noarch",
"SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.s390x",
"SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.x86_64",
"SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.s390x",
"SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.x86_64",
"SUSE OpenStack Cloud 7:crowbar-ha-4.0+git.1585316203.d6ad2c8-4.52.4.noarch",
"SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1589804581.9972163f0-9.71.4.noarch",
"SUSE OpenStack Cloud 7:grafana-4.6.5-1.14.1.x86_64",
"SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.s390x",
"SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.x86_64",
"SUSE OpenStack Cloud 7:kibana-4.6.3-5.1.x86_64",
"SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.s390x",
"SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.x86_64",
"SUSE OpenStack Cloud 7:monasca-installer-20180608_12.47-12.1.noarch",
"SUSE OpenStack Cloud 7:openstack-dashboard-theme-SUSE-2016.2-5.12.4.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-api-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-data-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-doc-3.0.1~dev30-4.12.3.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-scheduler-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-share-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-neutron-fwaas-9.0.2~dev5-4.9.3.noarch",
"SUSE OpenStack Cloud 7:openstack-neutron-fwaas-doc-9.0.2~dev5-4.9.4.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-api-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-cells-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-cert-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-compute-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-conductor-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-console-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-consoleauth-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-doc-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-novncproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-placement-api-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-scheduler-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-serialproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-vncproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-tempest-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:openstack-tempest-test-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:python-Django-1.8.19-3.23.1.noarch",
"SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.s390x",
"SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.x86_64",
"SUSE OpenStack Cloud 7:python-manila-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:python-neutron-fwaas-9.0.2~dev5-4.9.3.noarch",
"SUSE OpenStack Cloud 7:python-nova-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:python-psql2mysql-0.5.0+git.1589351878.4ef877c-1.12.1.noarch",
"SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.s390x",
"SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.x86_64",
"SUSE OpenStack Cloud 7:python-py-1.8.1-11.12.1.noarch",
"SUSE OpenStack Cloud 7:python-pysaml2-4.0.2-3.17.1.noarch",
"SUSE OpenStack Cloud 7:python-tempest-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:python-waitress-1.4.3-3.3.1.noarch",
"SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.s390x",
"SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.x86_64",
"SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.s390x",
"SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.x86_64",
"SUSE OpenStack Cloud 7:release-notes-suse-openstack-cloud-7.20180803-3.18.3.noarch",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.x86_64",
"SUSE OpenStack Cloud 7:zookeeper-server-3.4.10-6.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-1000246",
"url": "https://www.suse.com/security/cve/CVE-2017-1000246"
},
{
"category": "external",
"summary": "SUSE Bug 1068612 for CVE-2017-1000246",
"url": "https://bugzilla.suse.com/1068612"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE OpenStack Cloud 7:ansible-2.2.3.0-12.2.noarch",
"SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.s390x",
"SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.x86_64",
"SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.s390x",
"SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.x86_64",
"SUSE OpenStack Cloud 7:crowbar-ha-4.0+git.1585316203.d6ad2c8-4.52.4.noarch",
"SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1589804581.9972163f0-9.71.4.noarch",
"SUSE OpenStack Cloud 7:grafana-4.6.5-1.14.1.x86_64",
"SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.s390x",
"SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.x86_64",
"SUSE OpenStack Cloud 7:kibana-4.6.3-5.1.x86_64",
"SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.s390x",
"SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.x86_64",
"SUSE OpenStack Cloud 7:monasca-installer-20180608_12.47-12.1.noarch",
"SUSE OpenStack Cloud 7:openstack-dashboard-theme-SUSE-2016.2-5.12.4.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-api-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-data-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-doc-3.0.1~dev30-4.12.3.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-scheduler-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-share-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-neutron-fwaas-9.0.2~dev5-4.9.3.noarch",
"SUSE OpenStack Cloud 7:openstack-neutron-fwaas-doc-9.0.2~dev5-4.9.4.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-api-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-cells-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-cert-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-compute-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-conductor-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-console-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-consoleauth-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-doc-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-novncproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-placement-api-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-scheduler-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-serialproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-vncproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-tempest-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:openstack-tempest-test-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:python-Django-1.8.19-3.23.1.noarch",
"SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.s390x",
"SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.x86_64",
"SUSE OpenStack Cloud 7:python-manila-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:python-neutron-fwaas-9.0.2~dev5-4.9.3.noarch",
"SUSE OpenStack Cloud 7:python-nova-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:python-psql2mysql-0.5.0+git.1589351878.4ef877c-1.12.1.noarch",
"SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.s390x",
"SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.x86_64",
"SUSE OpenStack Cloud 7:python-py-1.8.1-11.12.1.noarch",
"SUSE OpenStack Cloud 7:python-pysaml2-4.0.2-3.17.1.noarch",
"SUSE OpenStack Cloud 7:python-tempest-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:python-waitress-1.4.3-3.3.1.noarch",
"SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.s390x",
"SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.x86_64",
"SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.s390x",
"SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.x86_64",
"SUSE OpenStack Cloud 7:release-notes-suse-openstack-cloud-7.20180803-3.18.3.noarch",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.x86_64",
"SUSE OpenStack Cloud 7:zookeeper-server-3.4.10-6.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"products": [
"SUSE OpenStack Cloud 7:ansible-2.2.3.0-12.2.noarch",
"SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.s390x",
"SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.x86_64",
"SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.s390x",
"SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.x86_64",
"SUSE OpenStack Cloud 7:crowbar-ha-4.0+git.1585316203.d6ad2c8-4.52.4.noarch",
"SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1589804581.9972163f0-9.71.4.noarch",
"SUSE OpenStack Cloud 7:grafana-4.6.5-1.14.1.x86_64",
"SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.s390x",
"SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.x86_64",
"SUSE OpenStack Cloud 7:kibana-4.6.3-5.1.x86_64",
"SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.s390x",
"SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.x86_64",
"SUSE OpenStack Cloud 7:monasca-installer-20180608_12.47-12.1.noarch",
"SUSE OpenStack Cloud 7:openstack-dashboard-theme-SUSE-2016.2-5.12.4.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-api-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-data-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-doc-3.0.1~dev30-4.12.3.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-scheduler-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-share-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-neutron-fwaas-9.0.2~dev5-4.9.3.noarch",
"SUSE OpenStack Cloud 7:openstack-neutron-fwaas-doc-9.0.2~dev5-4.9.4.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-api-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-cells-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-cert-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-compute-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-conductor-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-console-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-consoleauth-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-doc-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-novncproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-placement-api-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-scheduler-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-serialproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-vncproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-tempest-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:openstack-tempest-test-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:python-Django-1.8.19-3.23.1.noarch",
"SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.s390x",
"SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.x86_64",
"SUSE OpenStack Cloud 7:python-manila-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:python-neutron-fwaas-9.0.2~dev5-4.9.3.noarch",
"SUSE OpenStack Cloud 7:python-nova-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:python-psql2mysql-0.5.0+git.1589351878.4ef877c-1.12.1.noarch",
"SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.s390x",
"SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.x86_64",
"SUSE OpenStack Cloud 7:python-py-1.8.1-11.12.1.noarch",
"SUSE OpenStack Cloud 7:python-pysaml2-4.0.2-3.17.1.noarch",
"SUSE OpenStack Cloud 7:python-tempest-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:python-waitress-1.4.3-3.3.1.noarch",
"SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.s390x",
"SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.x86_64",
"SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.s390x",
"SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.x86_64",
"SUSE OpenStack Cloud 7:release-notes-suse-openstack-cloud-7.20180803-3.18.3.noarch",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.x86_64",
"SUSE OpenStack Cloud 7:zookeeper-server-3.4.10-6.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-07-29T14:31:35Z",
"details": "low"
}
],
"title": "CVE-2017-1000246"
},
{
"cve": "CVE-2017-4965",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-4965"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in these Pivotal RabbitMQ versions: all 3.4.x versions, all 3.5.x versions, and 3.6.x versions prior to 3.6.9; and these RabbitMQ for PCF versions: all 1.5.x versions, 1.6.x versions prior to 1.6.18, and 1.7.x versions prior to 1.7.15. Several forms in the RabbitMQ management UI are vulnerable to XSS attacks.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE OpenStack Cloud 7:ansible-2.2.3.0-12.2.noarch",
"SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.s390x",
"SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.x86_64",
"SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.s390x",
"SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.x86_64",
"SUSE OpenStack Cloud 7:crowbar-ha-4.0+git.1585316203.d6ad2c8-4.52.4.noarch",
"SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1589804581.9972163f0-9.71.4.noarch",
"SUSE OpenStack Cloud 7:grafana-4.6.5-1.14.1.x86_64",
"SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.s390x",
"SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.x86_64",
"SUSE OpenStack Cloud 7:kibana-4.6.3-5.1.x86_64",
"SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.s390x",
"SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.x86_64",
"SUSE OpenStack Cloud 7:monasca-installer-20180608_12.47-12.1.noarch",
"SUSE OpenStack Cloud 7:openstack-dashboard-theme-SUSE-2016.2-5.12.4.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-api-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-data-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-doc-3.0.1~dev30-4.12.3.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-scheduler-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-share-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-neutron-fwaas-9.0.2~dev5-4.9.3.noarch",
"SUSE OpenStack Cloud 7:openstack-neutron-fwaas-doc-9.0.2~dev5-4.9.4.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-api-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-cells-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-cert-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-compute-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-conductor-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-console-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-consoleauth-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-doc-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-novncproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-placement-api-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-scheduler-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-serialproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-vncproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-tempest-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:openstack-tempest-test-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:python-Django-1.8.19-3.23.1.noarch",
"SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.s390x",
"SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.x86_64",
"SUSE OpenStack Cloud 7:python-manila-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:python-neutron-fwaas-9.0.2~dev5-4.9.3.noarch",
"SUSE OpenStack Cloud 7:python-nova-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:python-psql2mysql-0.5.0+git.1589351878.4ef877c-1.12.1.noarch",
"SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.s390x",
"SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.x86_64",
"SUSE OpenStack Cloud 7:python-py-1.8.1-11.12.1.noarch",
"SUSE OpenStack Cloud 7:python-pysaml2-4.0.2-3.17.1.noarch",
"SUSE OpenStack Cloud 7:python-tempest-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:python-waitress-1.4.3-3.3.1.noarch",
"SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.s390x",
"SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.x86_64",
"SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.s390x",
"SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.x86_64",
"SUSE OpenStack Cloud 7:release-notes-suse-openstack-cloud-7.20180803-3.18.3.noarch",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.x86_64",
"SUSE OpenStack Cloud 7:zookeeper-server-3.4.10-6.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-4965",
"url": "https://www.suse.com/security/cve/CVE-2017-4965"
},
{
"category": "external",
"summary": "SUSE Bug 1037777 for CVE-2017-4965",
"url": "https://bugzilla.suse.com/1037777"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE OpenStack Cloud 7:ansible-2.2.3.0-12.2.noarch",
"SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.s390x",
"SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.x86_64",
"SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.s390x",
"SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.x86_64",
"SUSE OpenStack Cloud 7:crowbar-ha-4.0+git.1585316203.d6ad2c8-4.52.4.noarch",
"SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1589804581.9972163f0-9.71.4.noarch",
"SUSE OpenStack Cloud 7:grafana-4.6.5-1.14.1.x86_64",
"SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.s390x",
"SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.x86_64",
"SUSE OpenStack Cloud 7:kibana-4.6.3-5.1.x86_64",
"SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.s390x",
"SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.x86_64",
"SUSE OpenStack Cloud 7:monasca-installer-20180608_12.47-12.1.noarch",
"SUSE OpenStack Cloud 7:openstack-dashboard-theme-SUSE-2016.2-5.12.4.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-api-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-data-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-doc-3.0.1~dev30-4.12.3.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-scheduler-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-share-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-neutron-fwaas-9.0.2~dev5-4.9.3.noarch",
"SUSE OpenStack Cloud 7:openstack-neutron-fwaas-doc-9.0.2~dev5-4.9.4.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-api-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-cells-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-cert-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-compute-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-conductor-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-console-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-consoleauth-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-doc-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-novncproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-placement-api-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-scheduler-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-serialproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-vncproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-tempest-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:openstack-tempest-test-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:python-Django-1.8.19-3.23.1.noarch",
"SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.s390x",
"SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.x86_64",
"SUSE OpenStack Cloud 7:python-manila-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:python-neutron-fwaas-9.0.2~dev5-4.9.3.noarch",
"SUSE OpenStack Cloud 7:python-nova-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:python-psql2mysql-0.5.0+git.1589351878.4ef877c-1.12.1.noarch",
"SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.s390x",
"SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.x86_64",
"SUSE OpenStack Cloud 7:python-py-1.8.1-11.12.1.noarch",
"SUSE OpenStack Cloud 7:python-pysaml2-4.0.2-3.17.1.noarch",
"SUSE OpenStack Cloud 7:python-tempest-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:python-waitress-1.4.3-3.3.1.noarch",
"SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.s390x",
"SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.x86_64",
"SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.s390x",
"SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.x86_64",
"SUSE OpenStack Cloud 7:release-notes-suse-openstack-cloud-7.20180803-3.18.3.noarch",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.x86_64",
"SUSE OpenStack Cloud 7:zookeeper-server-3.4.10-6.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE OpenStack Cloud 7:ansible-2.2.3.0-12.2.noarch",
"SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.s390x",
"SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.x86_64",
"SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.s390x",
"SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.x86_64",
"SUSE OpenStack Cloud 7:crowbar-ha-4.0+git.1585316203.d6ad2c8-4.52.4.noarch",
"SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1589804581.9972163f0-9.71.4.noarch",
"SUSE OpenStack Cloud 7:grafana-4.6.5-1.14.1.x86_64",
"SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.s390x",
"SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.x86_64",
"SUSE OpenStack Cloud 7:kibana-4.6.3-5.1.x86_64",
"SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.s390x",
"SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.x86_64",
"SUSE OpenStack Cloud 7:monasca-installer-20180608_12.47-12.1.noarch",
"SUSE OpenStack Cloud 7:openstack-dashboard-theme-SUSE-2016.2-5.12.4.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-api-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-data-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-doc-3.0.1~dev30-4.12.3.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-scheduler-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-share-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-neutron-fwaas-9.0.2~dev5-4.9.3.noarch",
"SUSE OpenStack Cloud 7:openstack-neutron-fwaas-doc-9.0.2~dev5-4.9.4.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-api-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-cells-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-cert-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-compute-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-conductor-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-console-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-consoleauth-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-doc-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-novncproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-placement-api-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-scheduler-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-serialproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-vncproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-tempest-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:openstack-tempest-test-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:python-Django-1.8.19-3.23.1.noarch",
"SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.s390x",
"SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.x86_64",
"SUSE OpenStack Cloud 7:python-manila-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:python-neutron-fwaas-9.0.2~dev5-4.9.3.noarch",
"SUSE OpenStack Cloud 7:python-nova-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:python-psql2mysql-0.5.0+git.1589351878.4ef877c-1.12.1.noarch",
"SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.s390x",
"SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.x86_64",
"SUSE OpenStack Cloud 7:python-py-1.8.1-11.12.1.noarch",
"SUSE OpenStack Cloud 7:python-pysaml2-4.0.2-3.17.1.noarch",
"SUSE OpenStack Cloud 7:python-tempest-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:python-waitress-1.4.3-3.3.1.noarch",
"SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.s390x",
"SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.x86_64",
"SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.s390x",
"SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.x86_64",
"SUSE OpenStack Cloud 7:release-notes-suse-openstack-cloud-7.20180803-3.18.3.noarch",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.x86_64",
"SUSE OpenStack Cloud 7:zookeeper-server-3.4.10-6.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-07-29T14:31:35Z",
"details": "low"
}
],
"title": "CVE-2017-4965"
},
{
"cve": "CVE-2017-4967",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-4967"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in these Pivotal RabbitMQ versions: all 3.4.x versions, all 3.5.x versions, and 3.6.x versions prior to 3.6.9; and these RabbitMQ for PCF versions: all 1.5.x versions, 1.6.x versions prior to 1.6.18, and 1.7.x versions prior to 1.7.15. Several forms in the RabbitMQ management UI are vulnerable to XSS attacks.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE OpenStack Cloud 7:ansible-2.2.3.0-12.2.noarch",
"SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.s390x",
"SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.x86_64",
"SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.s390x",
"SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.x86_64",
"SUSE OpenStack Cloud 7:crowbar-ha-4.0+git.1585316203.d6ad2c8-4.52.4.noarch",
"SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1589804581.9972163f0-9.71.4.noarch",
"SUSE OpenStack Cloud 7:grafana-4.6.5-1.14.1.x86_64",
"SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.s390x",
"SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.x86_64",
"SUSE OpenStack Cloud 7:kibana-4.6.3-5.1.x86_64",
"SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.s390x",
"SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.x86_64",
"SUSE OpenStack Cloud 7:monasca-installer-20180608_12.47-12.1.noarch",
"SUSE OpenStack Cloud 7:openstack-dashboard-theme-SUSE-2016.2-5.12.4.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-api-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-data-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-doc-3.0.1~dev30-4.12.3.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-scheduler-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-share-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-neutron-fwaas-9.0.2~dev5-4.9.3.noarch",
"SUSE OpenStack Cloud 7:openstack-neutron-fwaas-doc-9.0.2~dev5-4.9.4.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-api-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-cells-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-cert-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-compute-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-conductor-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-console-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-consoleauth-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-doc-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-novncproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-placement-api-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-scheduler-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-serialproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-vncproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-tempest-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:openstack-tempest-test-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:python-Django-1.8.19-3.23.1.noarch",
"SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.s390x",
"SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.x86_64",
"SUSE OpenStack Cloud 7:python-manila-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:python-neutron-fwaas-9.0.2~dev5-4.9.3.noarch",
"SUSE OpenStack Cloud 7:python-nova-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:python-psql2mysql-0.5.0+git.1589351878.4ef877c-1.12.1.noarch",
"SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.s390x",
"SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.x86_64",
"SUSE OpenStack Cloud 7:python-py-1.8.1-11.12.1.noarch",
"SUSE OpenStack Cloud 7:python-pysaml2-4.0.2-3.17.1.noarch",
"SUSE OpenStack Cloud 7:python-tempest-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:python-waitress-1.4.3-3.3.1.noarch",
"SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.s390x",
"SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.x86_64",
"SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.s390x",
"SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.x86_64",
"SUSE OpenStack Cloud 7:release-notes-suse-openstack-cloud-7.20180803-3.18.3.noarch",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.x86_64",
"SUSE OpenStack Cloud 7:zookeeper-server-3.4.10-6.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-4967",
"url": "https://www.suse.com/security/cve/CVE-2017-4967"
},
{
"category": "external",
"summary": "SUSE Bug 1037777 for CVE-2017-4967",
"url": "https://bugzilla.suse.com/1037777"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE OpenStack Cloud 7:ansible-2.2.3.0-12.2.noarch",
"SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.s390x",
"SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.x86_64",
"SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.s390x",
"SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.x86_64",
"SUSE OpenStack Cloud 7:crowbar-ha-4.0+git.1585316203.d6ad2c8-4.52.4.noarch",
"SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1589804581.9972163f0-9.71.4.noarch",
"SUSE OpenStack Cloud 7:grafana-4.6.5-1.14.1.x86_64",
"SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.s390x",
"SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.x86_64",
"SUSE OpenStack Cloud 7:kibana-4.6.3-5.1.x86_64",
"SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.s390x",
"SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.x86_64",
"SUSE OpenStack Cloud 7:monasca-installer-20180608_12.47-12.1.noarch",
"SUSE OpenStack Cloud 7:openstack-dashboard-theme-SUSE-2016.2-5.12.4.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-api-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-data-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-doc-3.0.1~dev30-4.12.3.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-scheduler-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-share-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-neutron-fwaas-9.0.2~dev5-4.9.3.noarch",
"SUSE OpenStack Cloud 7:openstack-neutron-fwaas-doc-9.0.2~dev5-4.9.4.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-api-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-cells-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-cert-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-compute-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-conductor-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-console-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-consoleauth-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-doc-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-novncproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-placement-api-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-scheduler-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-serialproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-vncproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-tempest-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:openstack-tempest-test-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:python-Django-1.8.19-3.23.1.noarch",
"SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.s390x",
"SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.x86_64",
"SUSE OpenStack Cloud 7:python-manila-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:python-neutron-fwaas-9.0.2~dev5-4.9.3.noarch",
"SUSE OpenStack Cloud 7:python-nova-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:python-psql2mysql-0.5.0+git.1589351878.4ef877c-1.12.1.noarch",
"SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.s390x",
"SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.x86_64",
"SUSE OpenStack Cloud 7:python-py-1.8.1-11.12.1.noarch",
"SUSE OpenStack Cloud 7:python-pysaml2-4.0.2-3.17.1.noarch",
"SUSE OpenStack Cloud 7:python-tempest-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:python-waitress-1.4.3-3.3.1.noarch",
"SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.s390x",
"SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.x86_64",
"SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.s390x",
"SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.x86_64",
"SUSE OpenStack Cloud 7:release-notes-suse-openstack-cloud-7.20180803-3.18.3.noarch",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.x86_64",
"SUSE OpenStack Cloud 7:zookeeper-server-3.4.10-6.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE OpenStack Cloud 7:ansible-2.2.3.0-12.2.noarch",
"SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.s390x",
"SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.x86_64",
"SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.s390x",
"SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.x86_64",
"SUSE OpenStack Cloud 7:crowbar-ha-4.0+git.1585316203.d6ad2c8-4.52.4.noarch",
"SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1589804581.9972163f0-9.71.4.noarch",
"SUSE OpenStack Cloud 7:grafana-4.6.5-1.14.1.x86_64",
"SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.s390x",
"SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.x86_64",
"SUSE OpenStack Cloud 7:kibana-4.6.3-5.1.x86_64",
"SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.s390x",
"SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.x86_64",
"SUSE OpenStack Cloud 7:monasca-installer-20180608_12.47-12.1.noarch",
"SUSE OpenStack Cloud 7:openstack-dashboard-theme-SUSE-2016.2-5.12.4.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-api-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-data-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-doc-3.0.1~dev30-4.12.3.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-scheduler-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-share-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-neutron-fwaas-9.0.2~dev5-4.9.3.noarch",
"SUSE OpenStack Cloud 7:openstack-neutron-fwaas-doc-9.0.2~dev5-4.9.4.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-api-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-cells-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-cert-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-compute-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-conductor-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-console-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-consoleauth-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-doc-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-novncproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-placement-api-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-scheduler-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-serialproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-vncproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-tempest-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:openstack-tempest-test-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:python-Django-1.8.19-3.23.1.noarch",
"SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.s390x",
"SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.x86_64",
"SUSE OpenStack Cloud 7:python-manila-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:python-neutron-fwaas-9.0.2~dev5-4.9.3.noarch",
"SUSE OpenStack Cloud 7:python-nova-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:python-psql2mysql-0.5.0+git.1589351878.4ef877c-1.12.1.noarch",
"SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.s390x",
"SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.x86_64",
"SUSE OpenStack Cloud 7:python-py-1.8.1-11.12.1.noarch",
"SUSE OpenStack Cloud 7:python-pysaml2-4.0.2-3.17.1.noarch",
"SUSE OpenStack Cloud 7:python-tempest-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:python-waitress-1.4.3-3.3.1.noarch",
"SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.s390x",
"SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.x86_64",
"SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.s390x",
"SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.x86_64",
"SUSE OpenStack Cloud 7:release-notes-suse-openstack-cloud-7.20180803-3.18.3.noarch",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.x86_64",
"SUSE OpenStack Cloud 7:zookeeper-server-3.4.10-6.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-07-29T14:31:35Z",
"details": "low"
}
],
"title": "CVE-2017-4967"
},
{
"cve": "CVE-2018-1000115",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-1000115"
}
],
"notes": [
{
"category": "general",
"text": "Memcached version 1.5.5 contains an Insufficient Control of Network Message Volume (Network Amplification, CWE-406) vulnerability in the UDP support of the memcached server that can result in denial of service via network flood (traffic amplification of 1:50,000 has been reported by reliable sources). This attack appear to be exploitable via network connectivity to port 11211 UDP. This vulnerability appears to have been fixed in 1.5.6 due to the disabling of the UDP protocol by default.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE OpenStack Cloud 7:ansible-2.2.3.0-12.2.noarch",
"SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.s390x",
"SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.x86_64",
"SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.s390x",
"SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.x86_64",
"SUSE OpenStack Cloud 7:crowbar-ha-4.0+git.1585316203.d6ad2c8-4.52.4.noarch",
"SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1589804581.9972163f0-9.71.4.noarch",
"SUSE OpenStack Cloud 7:grafana-4.6.5-1.14.1.x86_64",
"SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.s390x",
"SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.x86_64",
"SUSE OpenStack Cloud 7:kibana-4.6.3-5.1.x86_64",
"SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.s390x",
"SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.x86_64",
"SUSE OpenStack Cloud 7:monasca-installer-20180608_12.47-12.1.noarch",
"SUSE OpenStack Cloud 7:openstack-dashboard-theme-SUSE-2016.2-5.12.4.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-api-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-data-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-doc-3.0.1~dev30-4.12.3.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-scheduler-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-share-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-neutron-fwaas-9.0.2~dev5-4.9.3.noarch",
"SUSE OpenStack Cloud 7:openstack-neutron-fwaas-doc-9.0.2~dev5-4.9.4.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-api-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-cells-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-cert-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-compute-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-conductor-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-console-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-consoleauth-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-doc-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-novncproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-placement-api-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-scheduler-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-serialproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-vncproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-tempest-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:openstack-tempest-test-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:python-Django-1.8.19-3.23.1.noarch",
"SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.s390x",
"SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.x86_64",
"SUSE OpenStack Cloud 7:python-manila-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:python-neutron-fwaas-9.0.2~dev5-4.9.3.noarch",
"SUSE OpenStack Cloud 7:python-nova-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:python-psql2mysql-0.5.0+git.1589351878.4ef877c-1.12.1.noarch",
"SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.s390x",
"SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.x86_64",
"SUSE OpenStack Cloud 7:python-py-1.8.1-11.12.1.noarch",
"SUSE OpenStack Cloud 7:python-pysaml2-4.0.2-3.17.1.noarch",
"SUSE OpenStack Cloud 7:python-tempest-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:python-waitress-1.4.3-3.3.1.noarch",
"SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.s390x",
"SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.x86_64",
"SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.s390x",
"SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.x86_64",
"SUSE OpenStack Cloud 7:release-notes-suse-openstack-cloud-7.20180803-3.18.3.noarch",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.x86_64",
"SUSE OpenStack Cloud 7:zookeeper-server-3.4.10-6.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-1000115",
"url": "https://www.suse.com/security/cve/CVE-2018-1000115"
},
{
"category": "external",
"summary": "SUSE Bug 1083903 for CVE-2018-1000115",
"url": "https://bugzilla.suse.com/1083903"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE OpenStack Cloud 7:ansible-2.2.3.0-12.2.noarch",
"SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.s390x",
"SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.x86_64",
"SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.s390x",
"SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.x86_64",
"SUSE OpenStack Cloud 7:crowbar-ha-4.0+git.1585316203.d6ad2c8-4.52.4.noarch",
"SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1589804581.9972163f0-9.71.4.noarch",
"SUSE OpenStack Cloud 7:grafana-4.6.5-1.14.1.x86_64",
"SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.s390x",
"SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.x86_64",
"SUSE OpenStack Cloud 7:kibana-4.6.3-5.1.x86_64",
"SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.s390x",
"SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.x86_64",
"SUSE OpenStack Cloud 7:monasca-installer-20180608_12.47-12.1.noarch",
"SUSE OpenStack Cloud 7:openstack-dashboard-theme-SUSE-2016.2-5.12.4.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-api-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-data-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-doc-3.0.1~dev30-4.12.3.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-scheduler-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-share-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-neutron-fwaas-9.0.2~dev5-4.9.3.noarch",
"SUSE OpenStack Cloud 7:openstack-neutron-fwaas-doc-9.0.2~dev5-4.9.4.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-api-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-cells-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-cert-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-compute-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-conductor-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-console-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-consoleauth-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-doc-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-novncproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-placement-api-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-scheduler-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-serialproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-vncproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-tempest-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:openstack-tempest-test-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:python-Django-1.8.19-3.23.1.noarch",
"SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.s390x",
"SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.x86_64",
"SUSE OpenStack Cloud 7:python-manila-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:python-neutron-fwaas-9.0.2~dev5-4.9.3.noarch",
"SUSE OpenStack Cloud 7:python-nova-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:python-psql2mysql-0.5.0+git.1589351878.4ef877c-1.12.1.noarch",
"SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.s390x",
"SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.x86_64",
"SUSE OpenStack Cloud 7:python-py-1.8.1-11.12.1.noarch",
"SUSE OpenStack Cloud 7:python-pysaml2-4.0.2-3.17.1.noarch",
"SUSE OpenStack Cloud 7:python-tempest-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:python-waitress-1.4.3-3.3.1.noarch",
"SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.s390x",
"SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.x86_64",
"SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.s390x",
"SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.x86_64",
"SUSE OpenStack Cloud 7:release-notes-suse-openstack-cloud-7.20180803-3.18.3.noarch",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.x86_64",
"SUSE OpenStack Cloud 7:zookeeper-server-3.4.10-6.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE OpenStack Cloud 7:ansible-2.2.3.0-12.2.noarch",
"SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.s390x",
"SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.x86_64",
"SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.s390x",
"SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.x86_64",
"SUSE OpenStack Cloud 7:crowbar-ha-4.0+git.1585316203.d6ad2c8-4.52.4.noarch",
"SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1589804581.9972163f0-9.71.4.noarch",
"SUSE OpenStack Cloud 7:grafana-4.6.5-1.14.1.x86_64",
"SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.s390x",
"SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.x86_64",
"SUSE OpenStack Cloud 7:kibana-4.6.3-5.1.x86_64",
"SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.s390x",
"SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.x86_64",
"SUSE OpenStack Cloud 7:monasca-installer-20180608_12.47-12.1.noarch",
"SUSE OpenStack Cloud 7:openstack-dashboard-theme-SUSE-2016.2-5.12.4.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-api-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-data-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-doc-3.0.1~dev30-4.12.3.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-scheduler-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-share-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-neutron-fwaas-9.0.2~dev5-4.9.3.noarch",
"SUSE OpenStack Cloud 7:openstack-neutron-fwaas-doc-9.0.2~dev5-4.9.4.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-api-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-cells-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-cert-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-compute-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-conductor-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-console-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-consoleauth-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-doc-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-novncproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-placement-api-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-scheduler-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-serialproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-vncproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-tempest-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:openstack-tempest-test-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:python-Django-1.8.19-3.23.1.noarch",
"SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.s390x",
"SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.x86_64",
"SUSE OpenStack Cloud 7:python-manila-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:python-neutron-fwaas-9.0.2~dev5-4.9.3.noarch",
"SUSE OpenStack Cloud 7:python-nova-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:python-psql2mysql-0.5.0+git.1589351878.4ef877c-1.12.1.noarch",
"SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.s390x",
"SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.x86_64",
"SUSE OpenStack Cloud 7:python-py-1.8.1-11.12.1.noarch",
"SUSE OpenStack Cloud 7:python-pysaml2-4.0.2-3.17.1.noarch",
"SUSE OpenStack Cloud 7:python-tempest-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:python-waitress-1.4.3-3.3.1.noarch",
"SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.s390x",
"SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.x86_64",
"SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.s390x",
"SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.x86_64",
"SUSE OpenStack Cloud 7:release-notes-suse-openstack-cloud-7.20180803-3.18.3.noarch",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.x86_64",
"SUSE OpenStack Cloud 7:zookeeper-server-3.4.10-6.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-07-29T14:31:35Z",
"details": "low"
}
],
"title": "CVE-2018-1000115"
},
{
"cve": "CVE-2019-0201",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-0201"
}
],
"notes": [
{
"category": "general",
"text": "An issue is present in Apache ZooKeeper 1.0.0 to 3.4.13 and 3.5.0-alpha to 3.5.4-beta. ZooKeeper\u0027s getACL() command doesn\u0027t check any permission when retrieves the ACLs of the requested node and returns all information contained in the ACL Id field as plaintext string. DigestAuthenticationProvider overloads the Id field with the hash value that is used for user authentication. As a consequence, if Digest Authentication is in use, the unsalted hash value will be disclosed by getACL() request for unauthenticated or unprivileged users.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE OpenStack Cloud 7:ansible-2.2.3.0-12.2.noarch",
"SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.s390x",
"SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.x86_64",
"SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.s390x",
"SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.x86_64",
"SUSE OpenStack Cloud 7:crowbar-ha-4.0+git.1585316203.d6ad2c8-4.52.4.noarch",
"SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1589804581.9972163f0-9.71.4.noarch",
"SUSE OpenStack Cloud 7:grafana-4.6.5-1.14.1.x86_64",
"SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.s390x",
"SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.x86_64",
"SUSE OpenStack Cloud 7:kibana-4.6.3-5.1.x86_64",
"SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.s390x",
"SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.x86_64",
"SUSE OpenStack Cloud 7:monasca-installer-20180608_12.47-12.1.noarch",
"SUSE OpenStack Cloud 7:openstack-dashboard-theme-SUSE-2016.2-5.12.4.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-api-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-data-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-doc-3.0.1~dev30-4.12.3.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-scheduler-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-share-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-neutron-fwaas-9.0.2~dev5-4.9.3.noarch",
"SUSE OpenStack Cloud 7:openstack-neutron-fwaas-doc-9.0.2~dev5-4.9.4.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-api-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-cells-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-cert-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-compute-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-conductor-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-console-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-consoleauth-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-doc-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-novncproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-placement-api-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-scheduler-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-serialproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-vncproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-tempest-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:openstack-tempest-test-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:python-Django-1.8.19-3.23.1.noarch",
"SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.s390x",
"SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.x86_64",
"SUSE OpenStack Cloud 7:python-manila-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:python-neutron-fwaas-9.0.2~dev5-4.9.3.noarch",
"SUSE OpenStack Cloud 7:python-nova-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:python-psql2mysql-0.5.0+git.1589351878.4ef877c-1.12.1.noarch",
"SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.s390x",
"SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.x86_64",
"SUSE OpenStack Cloud 7:python-py-1.8.1-11.12.1.noarch",
"SUSE OpenStack Cloud 7:python-pysaml2-4.0.2-3.17.1.noarch",
"SUSE OpenStack Cloud 7:python-tempest-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:python-waitress-1.4.3-3.3.1.noarch",
"SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.s390x",
"SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.x86_64",
"SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.s390x",
"SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.x86_64",
"SUSE OpenStack Cloud 7:release-notes-suse-openstack-cloud-7.20180803-3.18.3.noarch",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.x86_64",
"SUSE OpenStack Cloud 7:zookeeper-server-3.4.10-6.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-0201",
"url": "https://www.suse.com/security/cve/CVE-2019-0201"
},
{
"category": "external",
"summary": "SUSE Bug 1135773 for CVE-2019-0201",
"url": "https://bugzilla.suse.com/1135773"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE OpenStack Cloud 7:ansible-2.2.3.0-12.2.noarch",
"SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.s390x",
"SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.x86_64",
"SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.s390x",
"SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.x86_64",
"SUSE OpenStack Cloud 7:crowbar-ha-4.0+git.1585316203.d6ad2c8-4.52.4.noarch",
"SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1589804581.9972163f0-9.71.4.noarch",
"SUSE OpenStack Cloud 7:grafana-4.6.5-1.14.1.x86_64",
"SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.s390x",
"SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.x86_64",
"SUSE OpenStack Cloud 7:kibana-4.6.3-5.1.x86_64",
"SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.s390x",
"SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.x86_64",
"SUSE OpenStack Cloud 7:monasca-installer-20180608_12.47-12.1.noarch",
"SUSE OpenStack Cloud 7:openstack-dashboard-theme-SUSE-2016.2-5.12.4.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-api-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-data-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-doc-3.0.1~dev30-4.12.3.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-scheduler-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-share-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-neutron-fwaas-9.0.2~dev5-4.9.3.noarch",
"SUSE OpenStack Cloud 7:openstack-neutron-fwaas-doc-9.0.2~dev5-4.9.4.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-api-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-cells-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-cert-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-compute-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-conductor-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-console-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-consoleauth-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-doc-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-novncproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-placement-api-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-scheduler-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-serialproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-vncproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-tempest-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:openstack-tempest-test-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:python-Django-1.8.19-3.23.1.noarch",
"SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.s390x",
"SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.x86_64",
"SUSE OpenStack Cloud 7:python-manila-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:python-neutron-fwaas-9.0.2~dev5-4.9.3.noarch",
"SUSE OpenStack Cloud 7:python-nova-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:python-psql2mysql-0.5.0+git.1589351878.4ef877c-1.12.1.noarch",
"SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.s390x",
"SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.x86_64",
"SUSE OpenStack Cloud 7:python-py-1.8.1-11.12.1.noarch",
"SUSE OpenStack Cloud 7:python-pysaml2-4.0.2-3.17.1.noarch",
"SUSE OpenStack Cloud 7:python-tempest-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:python-waitress-1.4.3-3.3.1.noarch",
"SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.s390x",
"SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.x86_64",
"SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.s390x",
"SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.x86_64",
"SUSE OpenStack Cloud 7:release-notes-suse-openstack-cloud-7.20180803-3.18.3.noarch",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.x86_64",
"SUSE OpenStack Cloud 7:zookeeper-server-3.4.10-6.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"SUSE OpenStack Cloud 7:ansible-2.2.3.0-12.2.noarch",
"SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.s390x",
"SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.x86_64",
"SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.s390x",
"SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.x86_64",
"SUSE OpenStack Cloud 7:crowbar-ha-4.0+git.1585316203.d6ad2c8-4.52.4.noarch",
"SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1589804581.9972163f0-9.71.4.noarch",
"SUSE OpenStack Cloud 7:grafana-4.6.5-1.14.1.x86_64",
"SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.s390x",
"SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.x86_64",
"SUSE OpenStack Cloud 7:kibana-4.6.3-5.1.x86_64",
"SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.s390x",
"SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.x86_64",
"SUSE OpenStack Cloud 7:monasca-installer-20180608_12.47-12.1.noarch",
"SUSE OpenStack Cloud 7:openstack-dashboard-theme-SUSE-2016.2-5.12.4.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-api-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-data-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-doc-3.0.1~dev30-4.12.3.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-scheduler-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-share-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-neutron-fwaas-9.0.2~dev5-4.9.3.noarch",
"SUSE OpenStack Cloud 7:openstack-neutron-fwaas-doc-9.0.2~dev5-4.9.4.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-api-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-cells-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-cert-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-compute-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-conductor-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-console-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-consoleauth-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-doc-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-novncproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-placement-api-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-scheduler-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-serialproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-vncproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-tempest-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:openstack-tempest-test-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:python-Django-1.8.19-3.23.1.noarch",
"SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.s390x",
"SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.x86_64",
"SUSE OpenStack Cloud 7:python-manila-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:python-neutron-fwaas-9.0.2~dev5-4.9.3.noarch",
"SUSE OpenStack Cloud 7:python-nova-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:python-psql2mysql-0.5.0+git.1589351878.4ef877c-1.12.1.noarch",
"SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.s390x",
"SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.x86_64",
"SUSE OpenStack Cloud 7:python-py-1.8.1-11.12.1.noarch",
"SUSE OpenStack Cloud 7:python-pysaml2-4.0.2-3.17.1.noarch",
"SUSE OpenStack Cloud 7:python-tempest-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:python-waitress-1.4.3-3.3.1.noarch",
"SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.s390x",
"SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.x86_64",
"SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.s390x",
"SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.x86_64",
"SUSE OpenStack Cloud 7:release-notes-suse-openstack-cloud-7.20180803-3.18.3.noarch",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.x86_64",
"SUSE OpenStack Cloud 7:zookeeper-server-3.4.10-6.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-07-29T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2019-0201"
},
{
"cve": "CVE-2019-11596",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-11596"
}
],
"notes": [
{
"category": "general",
"text": "In memcached before 1.5.14, a NULL pointer dereference was found in the \"lru mode\" and \"lru temp_ttl\" commands. This causes a denial of service when parsing crafted lru command messages in process_lru_command in memcached.c.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE OpenStack Cloud 7:ansible-2.2.3.0-12.2.noarch",
"SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.s390x",
"SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.x86_64",
"SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.s390x",
"SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.x86_64",
"SUSE OpenStack Cloud 7:crowbar-ha-4.0+git.1585316203.d6ad2c8-4.52.4.noarch",
"SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1589804581.9972163f0-9.71.4.noarch",
"SUSE OpenStack Cloud 7:grafana-4.6.5-1.14.1.x86_64",
"SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.s390x",
"SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.x86_64",
"SUSE OpenStack Cloud 7:kibana-4.6.3-5.1.x86_64",
"SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.s390x",
"SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.x86_64",
"SUSE OpenStack Cloud 7:monasca-installer-20180608_12.47-12.1.noarch",
"SUSE OpenStack Cloud 7:openstack-dashboard-theme-SUSE-2016.2-5.12.4.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-api-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-data-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-doc-3.0.1~dev30-4.12.3.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-scheduler-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-share-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-neutron-fwaas-9.0.2~dev5-4.9.3.noarch",
"SUSE OpenStack Cloud 7:openstack-neutron-fwaas-doc-9.0.2~dev5-4.9.4.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-api-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-cells-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-cert-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-compute-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-conductor-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-console-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-consoleauth-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-doc-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-novncproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-placement-api-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-scheduler-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-serialproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-vncproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-tempest-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:openstack-tempest-test-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:python-Django-1.8.19-3.23.1.noarch",
"SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.s390x",
"SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.x86_64",
"SUSE OpenStack Cloud 7:python-manila-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:python-neutron-fwaas-9.0.2~dev5-4.9.3.noarch",
"SUSE OpenStack Cloud 7:python-nova-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:python-psql2mysql-0.5.0+git.1589351878.4ef877c-1.12.1.noarch",
"SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.s390x",
"SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.x86_64",
"SUSE OpenStack Cloud 7:python-py-1.8.1-11.12.1.noarch",
"SUSE OpenStack Cloud 7:python-pysaml2-4.0.2-3.17.1.noarch",
"SUSE OpenStack Cloud 7:python-tempest-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:python-waitress-1.4.3-3.3.1.noarch",
"SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.s390x",
"SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.x86_64",
"SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.s390x",
"SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.x86_64",
"SUSE OpenStack Cloud 7:release-notes-suse-openstack-cloud-7.20180803-3.18.3.noarch",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.x86_64",
"SUSE OpenStack Cloud 7:zookeeper-server-3.4.10-6.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-11596",
"url": "https://www.suse.com/security/cve/CVE-2019-11596"
},
{
"category": "external",
"summary": "SUSE Bug 1133817 for CVE-2019-11596",
"url": "https://bugzilla.suse.com/1133817"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE OpenStack Cloud 7:ansible-2.2.3.0-12.2.noarch",
"SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.s390x",
"SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.x86_64",
"SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.s390x",
"SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.x86_64",
"SUSE OpenStack Cloud 7:crowbar-ha-4.0+git.1585316203.d6ad2c8-4.52.4.noarch",
"SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1589804581.9972163f0-9.71.4.noarch",
"SUSE OpenStack Cloud 7:grafana-4.6.5-1.14.1.x86_64",
"SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.s390x",
"SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.x86_64",
"SUSE OpenStack Cloud 7:kibana-4.6.3-5.1.x86_64",
"SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.s390x",
"SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.x86_64",
"SUSE OpenStack Cloud 7:monasca-installer-20180608_12.47-12.1.noarch",
"SUSE OpenStack Cloud 7:openstack-dashboard-theme-SUSE-2016.2-5.12.4.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-api-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-data-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-doc-3.0.1~dev30-4.12.3.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-scheduler-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-share-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-neutron-fwaas-9.0.2~dev5-4.9.3.noarch",
"SUSE OpenStack Cloud 7:openstack-neutron-fwaas-doc-9.0.2~dev5-4.9.4.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-api-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-cells-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-cert-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-compute-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-conductor-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-console-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-consoleauth-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-doc-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-novncproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-placement-api-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-scheduler-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-serialproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-vncproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-tempest-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:openstack-tempest-test-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:python-Django-1.8.19-3.23.1.noarch",
"SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.s390x",
"SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.x86_64",
"SUSE OpenStack Cloud 7:python-manila-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:python-neutron-fwaas-9.0.2~dev5-4.9.3.noarch",
"SUSE OpenStack Cloud 7:python-nova-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:python-psql2mysql-0.5.0+git.1589351878.4ef877c-1.12.1.noarch",
"SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.s390x",
"SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.x86_64",
"SUSE OpenStack Cloud 7:python-py-1.8.1-11.12.1.noarch",
"SUSE OpenStack Cloud 7:python-pysaml2-4.0.2-3.17.1.noarch",
"SUSE OpenStack Cloud 7:python-tempest-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:python-waitress-1.4.3-3.3.1.noarch",
"SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.s390x",
"SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.x86_64",
"SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.s390x",
"SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.x86_64",
"SUSE OpenStack Cloud 7:release-notes-suse-openstack-cloud-7.20180803-3.18.3.noarch",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.x86_64",
"SUSE OpenStack Cloud 7:zookeeper-server-3.4.10-6.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE OpenStack Cloud 7:ansible-2.2.3.0-12.2.noarch",
"SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.s390x",
"SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.x86_64",
"SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.s390x",
"SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.x86_64",
"SUSE OpenStack Cloud 7:crowbar-ha-4.0+git.1585316203.d6ad2c8-4.52.4.noarch",
"SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1589804581.9972163f0-9.71.4.noarch",
"SUSE OpenStack Cloud 7:grafana-4.6.5-1.14.1.x86_64",
"SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.s390x",
"SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.x86_64",
"SUSE OpenStack Cloud 7:kibana-4.6.3-5.1.x86_64",
"SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.s390x",
"SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.x86_64",
"SUSE OpenStack Cloud 7:monasca-installer-20180608_12.47-12.1.noarch",
"SUSE OpenStack Cloud 7:openstack-dashboard-theme-SUSE-2016.2-5.12.4.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-api-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-data-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-doc-3.0.1~dev30-4.12.3.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-scheduler-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-share-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-neutron-fwaas-9.0.2~dev5-4.9.3.noarch",
"SUSE OpenStack Cloud 7:openstack-neutron-fwaas-doc-9.0.2~dev5-4.9.4.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-api-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-cells-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-cert-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-compute-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-conductor-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-console-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-consoleauth-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-doc-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-novncproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-placement-api-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-scheduler-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-serialproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-vncproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-tempest-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:openstack-tempest-test-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:python-Django-1.8.19-3.23.1.noarch",
"SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.s390x",
"SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.x86_64",
"SUSE OpenStack Cloud 7:python-manila-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:python-neutron-fwaas-9.0.2~dev5-4.9.3.noarch",
"SUSE OpenStack Cloud 7:python-nova-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:python-psql2mysql-0.5.0+git.1589351878.4ef877c-1.12.1.noarch",
"SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.s390x",
"SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.x86_64",
"SUSE OpenStack Cloud 7:python-py-1.8.1-11.12.1.noarch",
"SUSE OpenStack Cloud 7:python-pysaml2-4.0.2-3.17.1.noarch",
"SUSE OpenStack Cloud 7:python-tempest-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:python-waitress-1.4.3-3.3.1.noarch",
"SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.s390x",
"SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.x86_64",
"SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.s390x",
"SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.x86_64",
"SUSE OpenStack Cloud 7:release-notes-suse-openstack-cloud-7.20180803-3.18.3.noarch",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.x86_64",
"SUSE OpenStack Cloud 7:zookeeper-server-3.4.10-6.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-07-29T14:31:35Z",
"details": "important"
}
],
"title": "CVE-2019-11596"
},
{
"cve": "CVE-2019-15026",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-15026"
}
],
"notes": [
{
"category": "general",
"text": "memcached 1.5.16, when UNIX sockets are used, has a stack-based buffer over-read in conn_to_str in memcached.c.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE OpenStack Cloud 7:ansible-2.2.3.0-12.2.noarch",
"SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.s390x",
"SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.x86_64",
"SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.s390x",
"SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.x86_64",
"SUSE OpenStack Cloud 7:crowbar-ha-4.0+git.1585316203.d6ad2c8-4.52.4.noarch",
"SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1589804581.9972163f0-9.71.4.noarch",
"SUSE OpenStack Cloud 7:grafana-4.6.5-1.14.1.x86_64",
"SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.s390x",
"SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.x86_64",
"SUSE OpenStack Cloud 7:kibana-4.6.3-5.1.x86_64",
"SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.s390x",
"SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.x86_64",
"SUSE OpenStack Cloud 7:monasca-installer-20180608_12.47-12.1.noarch",
"SUSE OpenStack Cloud 7:openstack-dashboard-theme-SUSE-2016.2-5.12.4.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-api-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-data-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-doc-3.0.1~dev30-4.12.3.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-scheduler-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-share-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-neutron-fwaas-9.0.2~dev5-4.9.3.noarch",
"SUSE OpenStack Cloud 7:openstack-neutron-fwaas-doc-9.0.2~dev5-4.9.4.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-api-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-cells-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-cert-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-compute-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-conductor-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-console-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-consoleauth-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-doc-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-novncproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-placement-api-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-scheduler-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-serialproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-vncproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-tempest-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:openstack-tempest-test-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:python-Django-1.8.19-3.23.1.noarch",
"SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.s390x",
"SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.x86_64",
"SUSE OpenStack Cloud 7:python-manila-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:python-neutron-fwaas-9.0.2~dev5-4.9.3.noarch",
"SUSE OpenStack Cloud 7:python-nova-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:python-psql2mysql-0.5.0+git.1589351878.4ef877c-1.12.1.noarch",
"SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.s390x",
"SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.x86_64",
"SUSE OpenStack Cloud 7:python-py-1.8.1-11.12.1.noarch",
"SUSE OpenStack Cloud 7:python-pysaml2-4.0.2-3.17.1.noarch",
"SUSE OpenStack Cloud 7:python-tempest-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:python-waitress-1.4.3-3.3.1.noarch",
"SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.s390x",
"SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.x86_64",
"SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.s390x",
"SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.x86_64",
"SUSE OpenStack Cloud 7:release-notes-suse-openstack-cloud-7.20180803-3.18.3.noarch",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.x86_64",
"SUSE OpenStack Cloud 7:zookeeper-server-3.4.10-6.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-15026",
"url": "https://www.suse.com/security/cve/CVE-2019-15026"
},
{
"category": "external",
"summary": "SUSE Bug 1149110 for CVE-2019-15026",
"url": "https://bugzilla.suse.com/1149110"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE OpenStack Cloud 7:ansible-2.2.3.0-12.2.noarch",
"SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.s390x",
"SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.x86_64",
"SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.s390x",
"SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.x86_64",
"SUSE OpenStack Cloud 7:crowbar-ha-4.0+git.1585316203.d6ad2c8-4.52.4.noarch",
"SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1589804581.9972163f0-9.71.4.noarch",
"SUSE OpenStack Cloud 7:grafana-4.6.5-1.14.1.x86_64",
"SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.s390x",
"SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.x86_64",
"SUSE OpenStack Cloud 7:kibana-4.6.3-5.1.x86_64",
"SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.s390x",
"SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.x86_64",
"SUSE OpenStack Cloud 7:monasca-installer-20180608_12.47-12.1.noarch",
"SUSE OpenStack Cloud 7:openstack-dashboard-theme-SUSE-2016.2-5.12.4.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-api-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-data-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-doc-3.0.1~dev30-4.12.3.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-scheduler-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-share-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-neutron-fwaas-9.0.2~dev5-4.9.3.noarch",
"SUSE OpenStack Cloud 7:openstack-neutron-fwaas-doc-9.0.2~dev5-4.9.4.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-api-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-cells-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-cert-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-compute-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-conductor-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-console-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-consoleauth-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-doc-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-novncproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-placement-api-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-scheduler-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-serialproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-vncproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-tempest-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:openstack-tempest-test-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:python-Django-1.8.19-3.23.1.noarch",
"SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.s390x",
"SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.x86_64",
"SUSE OpenStack Cloud 7:python-manila-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:python-neutron-fwaas-9.0.2~dev5-4.9.3.noarch",
"SUSE OpenStack Cloud 7:python-nova-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:python-psql2mysql-0.5.0+git.1589351878.4ef877c-1.12.1.noarch",
"SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.s390x",
"SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.x86_64",
"SUSE OpenStack Cloud 7:python-py-1.8.1-11.12.1.noarch",
"SUSE OpenStack Cloud 7:python-pysaml2-4.0.2-3.17.1.noarch",
"SUSE OpenStack Cloud 7:python-tempest-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:python-waitress-1.4.3-3.3.1.noarch",
"SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.s390x",
"SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.x86_64",
"SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.s390x",
"SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.x86_64",
"SUSE OpenStack Cloud 7:release-notes-suse-openstack-cloud-7.20180803-3.18.3.noarch",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.x86_64",
"SUSE OpenStack Cloud 7:zookeeper-server-3.4.10-6.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L",
"version": "3.0"
},
"products": [
"SUSE OpenStack Cloud 7:ansible-2.2.3.0-12.2.noarch",
"SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.s390x",
"SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.x86_64",
"SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.s390x",
"SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.x86_64",
"SUSE OpenStack Cloud 7:crowbar-ha-4.0+git.1585316203.d6ad2c8-4.52.4.noarch",
"SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1589804581.9972163f0-9.71.4.noarch",
"SUSE OpenStack Cloud 7:grafana-4.6.5-1.14.1.x86_64",
"SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.s390x",
"SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.x86_64",
"SUSE OpenStack Cloud 7:kibana-4.6.3-5.1.x86_64",
"SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.s390x",
"SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.x86_64",
"SUSE OpenStack Cloud 7:monasca-installer-20180608_12.47-12.1.noarch",
"SUSE OpenStack Cloud 7:openstack-dashboard-theme-SUSE-2016.2-5.12.4.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-api-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-data-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-doc-3.0.1~dev30-4.12.3.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-scheduler-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-share-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-neutron-fwaas-9.0.2~dev5-4.9.3.noarch",
"SUSE OpenStack Cloud 7:openstack-neutron-fwaas-doc-9.0.2~dev5-4.9.4.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-api-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-cells-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-cert-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-compute-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-conductor-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-console-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-consoleauth-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-doc-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-novncproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-placement-api-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-scheduler-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-serialproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-vncproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-tempest-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:openstack-tempest-test-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:python-Django-1.8.19-3.23.1.noarch",
"SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.s390x",
"SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.x86_64",
"SUSE OpenStack Cloud 7:python-manila-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:python-neutron-fwaas-9.0.2~dev5-4.9.3.noarch",
"SUSE OpenStack Cloud 7:python-nova-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:python-psql2mysql-0.5.0+git.1589351878.4ef877c-1.12.1.noarch",
"SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.s390x",
"SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.x86_64",
"SUSE OpenStack Cloud 7:python-py-1.8.1-11.12.1.noarch",
"SUSE OpenStack Cloud 7:python-pysaml2-4.0.2-3.17.1.noarch",
"SUSE OpenStack Cloud 7:python-tempest-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:python-waitress-1.4.3-3.3.1.noarch",
"SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.s390x",
"SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.x86_64",
"SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.s390x",
"SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.x86_64",
"SUSE OpenStack Cloud 7:release-notes-suse-openstack-cloud-7.20180803-3.18.3.noarch",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.x86_64",
"SUSE OpenStack Cloud 7:zookeeper-server-3.4.10-6.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-07-29T14:31:35Z",
"details": "low"
}
],
"title": "CVE-2019-15026"
},
{
"cve": "CVE-2019-15043",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-15043"
}
],
"notes": [
{
"category": "general",
"text": "In Grafana 2.x through 6.x before 6.3.4, parts of the HTTP API allow unauthenticated use. This makes it possible to run a denial of service attack against the server running Grafana.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE OpenStack Cloud 7:ansible-2.2.3.0-12.2.noarch",
"SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.s390x",
"SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.x86_64",
"SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.s390x",
"SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.x86_64",
"SUSE OpenStack Cloud 7:crowbar-ha-4.0+git.1585316203.d6ad2c8-4.52.4.noarch",
"SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1589804581.9972163f0-9.71.4.noarch",
"SUSE OpenStack Cloud 7:grafana-4.6.5-1.14.1.x86_64",
"SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.s390x",
"SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.x86_64",
"SUSE OpenStack Cloud 7:kibana-4.6.3-5.1.x86_64",
"SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.s390x",
"SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.x86_64",
"SUSE OpenStack Cloud 7:monasca-installer-20180608_12.47-12.1.noarch",
"SUSE OpenStack Cloud 7:openstack-dashboard-theme-SUSE-2016.2-5.12.4.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-api-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-data-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-doc-3.0.1~dev30-4.12.3.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-scheduler-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-share-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-neutron-fwaas-9.0.2~dev5-4.9.3.noarch",
"SUSE OpenStack Cloud 7:openstack-neutron-fwaas-doc-9.0.2~dev5-4.9.4.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-api-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-cells-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-cert-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-compute-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-conductor-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-console-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-consoleauth-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-doc-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-novncproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-placement-api-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-scheduler-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-serialproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-vncproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-tempest-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:openstack-tempest-test-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:python-Django-1.8.19-3.23.1.noarch",
"SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.s390x",
"SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.x86_64",
"SUSE OpenStack Cloud 7:python-manila-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:python-neutron-fwaas-9.0.2~dev5-4.9.3.noarch",
"SUSE OpenStack Cloud 7:python-nova-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:python-psql2mysql-0.5.0+git.1589351878.4ef877c-1.12.1.noarch",
"SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.s390x",
"SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.x86_64",
"SUSE OpenStack Cloud 7:python-py-1.8.1-11.12.1.noarch",
"SUSE OpenStack Cloud 7:python-pysaml2-4.0.2-3.17.1.noarch",
"SUSE OpenStack Cloud 7:python-tempest-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:python-waitress-1.4.3-3.3.1.noarch",
"SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.s390x",
"SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.x86_64",
"SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.s390x",
"SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.x86_64",
"SUSE OpenStack Cloud 7:release-notes-suse-openstack-cloud-7.20180803-3.18.3.noarch",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.x86_64",
"SUSE OpenStack Cloud 7:zookeeper-server-3.4.10-6.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-15043",
"url": "https://www.suse.com/security/cve/CVE-2019-15043"
},
{
"category": "external",
"summary": "SUSE Bug 1148383 for CVE-2019-15043",
"url": "https://bugzilla.suse.com/1148383"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE OpenStack Cloud 7:ansible-2.2.3.0-12.2.noarch",
"SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.s390x",
"SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.x86_64",
"SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.s390x",
"SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.x86_64",
"SUSE OpenStack Cloud 7:crowbar-ha-4.0+git.1585316203.d6ad2c8-4.52.4.noarch",
"SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1589804581.9972163f0-9.71.4.noarch",
"SUSE OpenStack Cloud 7:grafana-4.6.5-1.14.1.x86_64",
"SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.s390x",
"SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.x86_64",
"SUSE OpenStack Cloud 7:kibana-4.6.3-5.1.x86_64",
"SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.s390x",
"SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.x86_64",
"SUSE OpenStack Cloud 7:monasca-installer-20180608_12.47-12.1.noarch",
"SUSE OpenStack Cloud 7:openstack-dashboard-theme-SUSE-2016.2-5.12.4.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-api-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-data-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-doc-3.0.1~dev30-4.12.3.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-scheduler-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-share-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-neutron-fwaas-9.0.2~dev5-4.9.3.noarch",
"SUSE OpenStack Cloud 7:openstack-neutron-fwaas-doc-9.0.2~dev5-4.9.4.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-api-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-cells-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-cert-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-compute-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-conductor-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-console-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-consoleauth-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-doc-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-novncproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-placement-api-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-scheduler-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-serialproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-vncproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-tempest-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:openstack-tempest-test-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:python-Django-1.8.19-3.23.1.noarch",
"SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.s390x",
"SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.x86_64",
"SUSE OpenStack Cloud 7:python-manila-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:python-neutron-fwaas-9.0.2~dev5-4.9.3.noarch",
"SUSE OpenStack Cloud 7:python-nova-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:python-psql2mysql-0.5.0+git.1589351878.4ef877c-1.12.1.noarch",
"SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.s390x",
"SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.x86_64",
"SUSE OpenStack Cloud 7:python-py-1.8.1-11.12.1.noarch",
"SUSE OpenStack Cloud 7:python-pysaml2-4.0.2-3.17.1.noarch",
"SUSE OpenStack Cloud 7:python-tempest-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:python-waitress-1.4.3-3.3.1.noarch",
"SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.s390x",
"SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.x86_64",
"SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.s390x",
"SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.x86_64",
"SUSE OpenStack Cloud 7:release-notes-suse-openstack-cloud-7.20180803-3.18.3.noarch",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.x86_64",
"SUSE OpenStack Cloud 7:zookeeper-server-3.4.10-6.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE OpenStack Cloud 7:ansible-2.2.3.0-12.2.noarch",
"SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.s390x",
"SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.x86_64",
"SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.s390x",
"SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.x86_64",
"SUSE OpenStack Cloud 7:crowbar-ha-4.0+git.1585316203.d6ad2c8-4.52.4.noarch",
"SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1589804581.9972163f0-9.71.4.noarch",
"SUSE OpenStack Cloud 7:grafana-4.6.5-1.14.1.x86_64",
"SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.s390x",
"SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.x86_64",
"SUSE OpenStack Cloud 7:kibana-4.6.3-5.1.x86_64",
"SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.s390x",
"SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.x86_64",
"SUSE OpenStack Cloud 7:monasca-installer-20180608_12.47-12.1.noarch",
"SUSE OpenStack Cloud 7:openstack-dashboard-theme-SUSE-2016.2-5.12.4.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-api-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-data-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-doc-3.0.1~dev30-4.12.3.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-scheduler-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-share-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-neutron-fwaas-9.0.2~dev5-4.9.3.noarch",
"SUSE OpenStack Cloud 7:openstack-neutron-fwaas-doc-9.0.2~dev5-4.9.4.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-api-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-cells-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-cert-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-compute-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-conductor-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-console-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-consoleauth-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-doc-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-novncproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-placement-api-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-scheduler-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-serialproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-vncproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-tempest-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:openstack-tempest-test-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:python-Django-1.8.19-3.23.1.noarch",
"SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.s390x",
"SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.x86_64",
"SUSE OpenStack Cloud 7:python-manila-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:python-neutron-fwaas-9.0.2~dev5-4.9.3.noarch",
"SUSE OpenStack Cloud 7:python-nova-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:python-psql2mysql-0.5.0+git.1589351878.4ef877c-1.12.1.noarch",
"SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.s390x",
"SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.x86_64",
"SUSE OpenStack Cloud 7:python-py-1.8.1-11.12.1.noarch",
"SUSE OpenStack Cloud 7:python-pysaml2-4.0.2-3.17.1.noarch",
"SUSE OpenStack Cloud 7:python-tempest-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:python-waitress-1.4.3-3.3.1.noarch",
"SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.s390x",
"SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.x86_64",
"SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.s390x",
"SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.x86_64",
"SUSE OpenStack Cloud 7:release-notes-suse-openstack-cloud-7.20180803-3.18.3.noarch",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.x86_64",
"SUSE OpenStack Cloud 7:zookeeper-server-3.4.10-6.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-07-29T14:31:35Z",
"details": "important"
}
],
"title": "CVE-2019-15043"
},
{
"cve": "CVE-2019-16785",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-16785"
}
],
"notes": [
{
"category": "general",
"text": "Waitress through version 1.3.1 implemented a \"MAY\" part of the RFC7230 which states: \"Although the line terminator for the start-line and header fields is the sequence CRLF, a recipient MAY recognize a single LF as a line terminator and ignore any preceding CR.\" Unfortunately if a front-end server does not parse header fields with an LF the same way as it does those with a CRLF it can lead to the front-end and the back-end server parsing the same HTTP message in two different ways. This can lead to a potential for HTTP request smuggling/splitting whereby Waitress may see two requests while the front-end server only sees a single HTTP message. This issue is fixed in Waitress 1.4.0.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE OpenStack Cloud 7:ansible-2.2.3.0-12.2.noarch",
"SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.s390x",
"SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.x86_64",
"SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.s390x",
"SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.x86_64",
"SUSE OpenStack Cloud 7:crowbar-ha-4.0+git.1585316203.d6ad2c8-4.52.4.noarch",
"SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1589804581.9972163f0-9.71.4.noarch",
"SUSE OpenStack Cloud 7:grafana-4.6.5-1.14.1.x86_64",
"SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.s390x",
"SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.x86_64",
"SUSE OpenStack Cloud 7:kibana-4.6.3-5.1.x86_64",
"SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.s390x",
"SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.x86_64",
"SUSE OpenStack Cloud 7:monasca-installer-20180608_12.47-12.1.noarch",
"SUSE OpenStack Cloud 7:openstack-dashboard-theme-SUSE-2016.2-5.12.4.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-api-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-data-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-doc-3.0.1~dev30-4.12.3.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-scheduler-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-share-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-neutron-fwaas-9.0.2~dev5-4.9.3.noarch",
"SUSE OpenStack Cloud 7:openstack-neutron-fwaas-doc-9.0.2~dev5-4.9.4.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-api-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-cells-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-cert-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-compute-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-conductor-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-console-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-consoleauth-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-doc-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-novncproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-placement-api-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-scheduler-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-serialproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-vncproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-tempest-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:openstack-tempest-test-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:python-Django-1.8.19-3.23.1.noarch",
"SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.s390x",
"SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.x86_64",
"SUSE OpenStack Cloud 7:python-manila-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:python-neutron-fwaas-9.0.2~dev5-4.9.3.noarch",
"SUSE OpenStack Cloud 7:python-nova-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:python-psql2mysql-0.5.0+git.1589351878.4ef877c-1.12.1.noarch",
"SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.s390x",
"SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.x86_64",
"SUSE OpenStack Cloud 7:python-py-1.8.1-11.12.1.noarch",
"SUSE OpenStack Cloud 7:python-pysaml2-4.0.2-3.17.1.noarch",
"SUSE OpenStack Cloud 7:python-tempest-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:python-waitress-1.4.3-3.3.1.noarch",
"SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.s390x",
"SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.x86_64",
"SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.s390x",
"SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.x86_64",
"SUSE OpenStack Cloud 7:release-notes-suse-openstack-cloud-7.20180803-3.18.3.noarch",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.x86_64",
"SUSE OpenStack Cloud 7:zookeeper-server-3.4.10-6.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-16785",
"url": "https://www.suse.com/security/cve/CVE-2019-16785"
},
{
"category": "external",
"summary": "SUSE Bug 1161088 for CVE-2019-16785",
"url": "https://bugzilla.suse.com/1161088"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE OpenStack Cloud 7:ansible-2.2.3.0-12.2.noarch",
"SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.s390x",
"SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.x86_64",
"SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.s390x",
"SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.x86_64",
"SUSE OpenStack Cloud 7:crowbar-ha-4.0+git.1585316203.d6ad2c8-4.52.4.noarch",
"SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1589804581.9972163f0-9.71.4.noarch",
"SUSE OpenStack Cloud 7:grafana-4.6.5-1.14.1.x86_64",
"SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.s390x",
"SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.x86_64",
"SUSE OpenStack Cloud 7:kibana-4.6.3-5.1.x86_64",
"SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.s390x",
"SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.x86_64",
"SUSE OpenStack Cloud 7:monasca-installer-20180608_12.47-12.1.noarch",
"SUSE OpenStack Cloud 7:openstack-dashboard-theme-SUSE-2016.2-5.12.4.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-api-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-data-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-doc-3.0.1~dev30-4.12.3.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-scheduler-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-share-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-neutron-fwaas-9.0.2~dev5-4.9.3.noarch",
"SUSE OpenStack Cloud 7:openstack-neutron-fwaas-doc-9.0.2~dev5-4.9.4.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-api-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-cells-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-cert-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-compute-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-conductor-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-console-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-consoleauth-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-doc-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-novncproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-placement-api-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-scheduler-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-serialproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-vncproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-tempest-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:openstack-tempest-test-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:python-Django-1.8.19-3.23.1.noarch",
"SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.s390x",
"SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.x86_64",
"SUSE OpenStack Cloud 7:python-manila-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:python-neutron-fwaas-9.0.2~dev5-4.9.3.noarch",
"SUSE OpenStack Cloud 7:python-nova-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:python-psql2mysql-0.5.0+git.1589351878.4ef877c-1.12.1.noarch",
"SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.s390x",
"SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.x86_64",
"SUSE OpenStack Cloud 7:python-py-1.8.1-11.12.1.noarch",
"SUSE OpenStack Cloud 7:python-pysaml2-4.0.2-3.17.1.noarch",
"SUSE OpenStack Cloud 7:python-tempest-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:python-waitress-1.4.3-3.3.1.noarch",
"SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.s390x",
"SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.x86_64",
"SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.s390x",
"SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.x86_64",
"SUSE OpenStack Cloud 7:release-notes-suse-openstack-cloud-7.20180803-3.18.3.noarch",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.x86_64",
"SUSE OpenStack Cloud 7:zookeeper-server-3.4.10-6.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE OpenStack Cloud 7:ansible-2.2.3.0-12.2.noarch",
"SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.s390x",
"SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.x86_64",
"SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.s390x",
"SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.x86_64",
"SUSE OpenStack Cloud 7:crowbar-ha-4.0+git.1585316203.d6ad2c8-4.52.4.noarch",
"SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1589804581.9972163f0-9.71.4.noarch",
"SUSE OpenStack Cloud 7:grafana-4.6.5-1.14.1.x86_64",
"SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.s390x",
"SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.x86_64",
"SUSE OpenStack Cloud 7:kibana-4.6.3-5.1.x86_64",
"SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.s390x",
"SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.x86_64",
"SUSE OpenStack Cloud 7:monasca-installer-20180608_12.47-12.1.noarch",
"SUSE OpenStack Cloud 7:openstack-dashboard-theme-SUSE-2016.2-5.12.4.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-api-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-data-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-doc-3.0.1~dev30-4.12.3.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-scheduler-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-share-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-neutron-fwaas-9.0.2~dev5-4.9.3.noarch",
"SUSE OpenStack Cloud 7:openstack-neutron-fwaas-doc-9.0.2~dev5-4.9.4.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-api-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-cells-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-cert-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-compute-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-conductor-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-console-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-consoleauth-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-doc-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-novncproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-placement-api-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-scheduler-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-serialproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-vncproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-tempest-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:openstack-tempest-test-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:python-Django-1.8.19-3.23.1.noarch",
"SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.s390x",
"SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.x86_64",
"SUSE OpenStack Cloud 7:python-manila-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:python-neutron-fwaas-9.0.2~dev5-4.9.3.noarch",
"SUSE OpenStack Cloud 7:python-nova-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:python-psql2mysql-0.5.0+git.1589351878.4ef877c-1.12.1.noarch",
"SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.s390x",
"SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.x86_64",
"SUSE OpenStack Cloud 7:python-py-1.8.1-11.12.1.noarch",
"SUSE OpenStack Cloud 7:python-pysaml2-4.0.2-3.17.1.noarch",
"SUSE OpenStack Cloud 7:python-tempest-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:python-waitress-1.4.3-3.3.1.noarch",
"SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.s390x",
"SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.x86_64",
"SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.s390x",
"SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.x86_64",
"SUSE OpenStack Cloud 7:release-notes-suse-openstack-cloud-7.20180803-3.18.3.noarch",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.x86_64",
"SUSE OpenStack Cloud 7:zookeeper-server-3.4.10-6.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-07-29T14:31:35Z",
"details": "important"
}
],
"title": "CVE-2019-16785"
},
{
"cve": "CVE-2019-16786",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-16786"
}
],
"notes": [
{
"category": "general",
"text": "Waitress through version 1.3.1 would parse the Transfer-Encoding header and only look for a single string value, if that value was not chunked it would fall through and use the Content-Length header instead. According to the HTTP standard Transfer-Encoding should be a comma separated list, with the inner-most encoding first, followed by any further transfer codings, ending with chunked. Requests sent with: \"Transfer-Encoding: gzip, chunked\" would incorrectly get ignored, and the request would use a Content-Length header instead to determine the body size of the HTTP message. This could allow for Waitress to treat a single request as multiple requests in the case of HTTP pipelining. This issue is fixed in Waitress 1.4.0.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE OpenStack Cloud 7:ansible-2.2.3.0-12.2.noarch",
"SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.s390x",
"SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.x86_64",
"SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.s390x",
"SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.x86_64",
"SUSE OpenStack Cloud 7:crowbar-ha-4.0+git.1585316203.d6ad2c8-4.52.4.noarch",
"SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1589804581.9972163f0-9.71.4.noarch",
"SUSE OpenStack Cloud 7:grafana-4.6.5-1.14.1.x86_64",
"SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.s390x",
"SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.x86_64",
"SUSE OpenStack Cloud 7:kibana-4.6.3-5.1.x86_64",
"SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.s390x",
"SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.x86_64",
"SUSE OpenStack Cloud 7:monasca-installer-20180608_12.47-12.1.noarch",
"SUSE OpenStack Cloud 7:openstack-dashboard-theme-SUSE-2016.2-5.12.4.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-api-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-data-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-doc-3.0.1~dev30-4.12.3.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-scheduler-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-share-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-neutron-fwaas-9.0.2~dev5-4.9.3.noarch",
"SUSE OpenStack Cloud 7:openstack-neutron-fwaas-doc-9.0.2~dev5-4.9.4.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-api-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-cells-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-cert-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-compute-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-conductor-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-console-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-consoleauth-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-doc-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-novncproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-placement-api-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-scheduler-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-serialproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-vncproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-tempest-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:openstack-tempest-test-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:python-Django-1.8.19-3.23.1.noarch",
"SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.s390x",
"SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.x86_64",
"SUSE OpenStack Cloud 7:python-manila-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:python-neutron-fwaas-9.0.2~dev5-4.9.3.noarch",
"SUSE OpenStack Cloud 7:python-nova-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:python-psql2mysql-0.5.0+git.1589351878.4ef877c-1.12.1.noarch",
"SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.s390x",
"SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.x86_64",
"SUSE OpenStack Cloud 7:python-py-1.8.1-11.12.1.noarch",
"SUSE OpenStack Cloud 7:python-pysaml2-4.0.2-3.17.1.noarch",
"SUSE OpenStack Cloud 7:python-tempest-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:python-waitress-1.4.3-3.3.1.noarch",
"SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.s390x",
"SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.x86_64",
"SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.s390x",
"SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.x86_64",
"SUSE OpenStack Cloud 7:release-notes-suse-openstack-cloud-7.20180803-3.18.3.noarch",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.x86_64",
"SUSE OpenStack Cloud 7:zookeeper-server-3.4.10-6.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-16786",
"url": "https://www.suse.com/security/cve/CVE-2019-16786"
},
{
"category": "external",
"summary": "SUSE Bug 1161089 for CVE-2019-16786",
"url": "https://bugzilla.suse.com/1161089"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE OpenStack Cloud 7:ansible-2.2.3.0-12.2.noarch",
"SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.s390x",
"SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.x86_64",
"SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.s390x",
"SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.x86_64",
"SUSE OpenStack Cloud 7:crowbar-ha-4.0+git.1585316203.d6ad2c8-4.52.4.noarch",
"SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1589804581.9972163f0-9.71.4.noarch",
"SUSE OpenStack Cloud 7:grafana-4.6.5-1.14.1.x86_64",
"SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.s390x",
"SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.x86_64",
"SUSE OpenStack Cloud 7:kibana-4.6.3-5.1.x86_64",
"SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.s390x",
"SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.x86_64",
"SUSE OpenStack Cloud 7:monasca-installer-20180608_12.47-12.1.noarch",
"SUSE OpenStack Cloud 7:openstack-dashboard-theme-SUSE-2016.2-5.12.4.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-api-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-data-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-doc-3.0.1~dev30-4.12.3.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-scheduler-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-share-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-neutron-fwaas-9.0.2~dev5-4.9.3.noarch",
"SUSE OpenStack Cloud 7:openstack-neutron-fwaas-doc-9.0.2~dev5-4.9.4.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-api-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-cells-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-cert-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-compute-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-conductor-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-console-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-consoleauth-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-doc-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-novncproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-placement-api-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-scheduler-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-serialproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-vncproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-tempest-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:openstack-tempest-test-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:python-Django-1.8.19-3.23.1.noarch",
"SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.s390x",
"SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.x86_64",
"SUSE OpenStack Cloud 7:python-manila-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:python-neutron-fwaas-9.0.2~dev5-4.9.3.noarch",
"SUSE OpenStack Cloud 7:python-nova-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:python-psql2mysql-0.5.0+git.1589351878.4ef877c-1.12.1.noarch",
"SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.s390x",
"SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.x86_64",
"SUSE OpenStack Cloud 7:python-py-1.8.1-11.12.1.noarch",
"SUSE OpenStack Cloud 7:python-pysaml2-4.0.2-3.17.1.noarch",
"SUSE OpenStack Cloud 7:python-tempest-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:python-waitress-1.4.3-3.3.1.noarch",
"SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.s390x",
"SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.x86_64",
"SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.s390x",
"SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.x86_64",
"SUSE OpenStack Cloud 7:release-notes-suse-openstack-cloud-7.20180803-3.18.3.noarch",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.x86_64",
"SUSE OpenStack Cloud 7:zookeeper-server-3.4.10-6.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE OpenStack Cloud 7:ansible-2.2.3.0-12.2.noarch",
"SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.s390x",
"SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.x86_64",
"SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.s390x",
"SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.x86_64",
"SUSE OpenStack Cloud 7:crowbar-ha-4.0+git.1585316203.d6ad2c8-4.52.4.noarch",
"SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1589804581.9972163f0-9.71.4.noarch",
"SUSE OpenStack Cloud 7:grafana-4.6.5-1.14.1.x86_64",
"SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.s390x",
"SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.x86_64",
"SUSE OpenStack Cloud 7:kibana-4.6.3-5.1.x86_64",
"SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.s390x",
"SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.x86_64",
"SUSE OpenStack Cloud 7:monasca-installer-20180608_12.47-12.1.noarch",
"SUSE OpenStack Cloud 7:openstack-dashboard-theme-SUSE-2016.2-5.12.4.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-api-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-data-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-doc-3.0.1~dev30-4.12.3.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-scheduler-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-share-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-neutron-fwaas-9.0.2~dev5-4.9.3.noarch",
"SUSE OpenStack Cloud 7:openstack-neutron-fwaas-doc-9.0.2~dev5-4.9.4.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-api-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-cells-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-cert-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-compute-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-conductor-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-console-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-consoleauth-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-doc-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-novncproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-placement-api-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-scheduler-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-serialproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-vncproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-tempest-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:openstack-tempest-test-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:python-Django-1.8.19-3.23.1.noarch",
"SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.s390x",
"SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.x86_64",
"SUSE OpenStack Cloud 7:python-manila-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:python-neutron-fwaas-9.0.2~dev5-4.9.3.noarch",
"SUSE OpenStack Cloud 7:python-nova-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:python-psql2mysql-0.5.0+git.1589351878.4ef877c-1.12.1.noarch",
"SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.s390x",
"SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.x86_64",
"SUSE OpenStack Cloud 7:python-py-1.8.1-11.12.1.noarch",
"SUSE OpenStack Cloud 7:python-pysaml2-4.0.2-3.17.1.noarch",
"SUSE OpenStack Cloud 7:python-tempest-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:python-waitress-1.4.3-3.3.1.noarch",
"SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.s390x",
"SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.x86_64",
"SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.s390x",
"SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.x86_64",
"SUSE OpenStack Cloud 7:release-notes-suse-openstack-cloud-7.20180803-3.18.3.noarch",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.x86_64",
"SUSE OpenStack Cloud 7:zookeeper-server-3.4.10-6.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-07-29T14:31:35Z",
"details": "important"
}
],
"title": "CVE-2019-16786"
},
{
"cve": "CVE-2019-16789",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-16789"
}
],
"notes": [
{
"category": "general",
"text": "In Waitress through version 1.4.0, if a proxy server is used in front of waitress, an invalid request may be sent by an attacker that bypasses the front-end and is parsed differently by waitress leading to a potential for HTTP request smuggling. Specially crafted requests containing special whitespace characters in the Transfer-Encoding header would get parsed by Waitress as being a chunked request, but a front-end server would use the Content-Length instead as the Transfer-Encoding header is considered invalid due to containing invalid characters. If a front-end server does HTTP pipelining to a backend Waitress server this could lead to HTTP request splitting which may lead to potential cache poisoning or unexpected information disclosure. This issue is fixed in Waitress 1.4.1 through more strict HTTP field validation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE OpenStack Cloud 7:ansible-2.2.3.0-12.2.noarch",
"SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.s390x",
"SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.x86_64",
"SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.s390x",
"SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.x86_64",
"SUSE OpenStack Cloud 7:crowbar-ha-4.0+git.1585316203.d6ad2c8-4.52.4.noarch",
"SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1589804581.9972163f0-9.71.4.noarch",
"SUSE OpenStack Cloud 7:grafana-4.6.5-1.14.1.x86_64",
"SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.s390x",
"SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.x86_64",
"SUSE OpenStack Cloud 7:kibana-4.6.3-5.1.x86_64",
"SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.s390x",
"SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.x86_64",
"SUSE OpenStack Cloud 7:monasca-installer-20180608_12.47-12.1.noarch",
"SUSE OpenStack Cloud 7:openstack-dashboard-theme-SUSE-2016.2-5.12.4.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-api-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-data-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-doc-3.0.1~dev30-4.12.3.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-scheduler-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-share-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-neutron-fwaas-9.0.2~dev5-4.9.3.noarch",
"SUSE OpenStack Cloud 7:openstack-neutron-fwaas-doc-9.0.2~dev5-4.9.4.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-api-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-cells-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-cert-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-compute-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-conductor-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-console-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-consoleauth-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-doc-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-novncproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-placement-api-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-scheduler-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-serialproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-vncproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-tempest-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:openstack-tempest-test-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:python-Django-1.8.19-3.23.1.noarch",
"SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.s390x",
"SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.x86_64",
"SUSE OpenStack Cloud 7:python-manila-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:python-neutron-fwaas-9.0.2~dev5-4.9.3.noarch",
"SUSE OpenStack Cloud 7:python-nova-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:python-psql2mysql-0.5.0+git.1589351878.4ef877c-1.12.1.noarch",
"SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.s390x",
"SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.x86_64",
"SUSE OpenStack Cloud 7:python-py-1.8.1-11.12.1.noarch",
"SUSE OpenStack Cloud 7:python-pysaml2-4.0.2-3.17.1.noarch",
"SUSE OpenStack Cloud 7:python-tempest-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:python-waitress-1.4.3-3.3.1.noarch",
"SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.s390x",
"SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.x86_64",
"SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.s390x",
"SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.x86_64",
"SUSE OpenStack Cloud 7:release-notes-suse-openstack-cloud-7.20180803-3.18.3.noarch",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.x86_64",
"SUSE OpenStack Cloud 7:zookeeper-server-3.4.10-6.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-16789",
"url": "https://www.suse.com/security/cve/CVE-2019-16789"
},
{
"category": "external",
"summary": "SUSE Bug 1160790 for CVE-2019-16789",
"url": "https://bugzilla.suse.com/1160790"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE OpenStack Cloud 7:ansible-2.2.3.0-12.2.noarch",
"SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.s390x",
"SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.x86_64",
"SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.s390x",
"SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.x86_64",
"SUSE OpenStack Cloud 7:crowbar-ha-4.0+git.1585316203.d6ad2c8-4.52.4.noarch",
"SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1589804581.9972163f0-9.71.4.noarch",
"SUSE OpenStack Cloud 7:grafana-4.6.5-1.14.1.x86_64",
"SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.s390x",
"SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.x86_64",
"SUSE OpenStack Cloud 7:kibana-4.6.3-5.1.x86_64",
"SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.s390x",
"SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.x86_64",
"SUSE OpenStack Cloud 7:monasca-installer-20180608_12.47-12.1.noarch",
"SUSE OpenStack Cloud 7:openstack-dashboard-theme-SUSE-2016.2-5.12.4.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-api-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-data-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-doc-3.0.1~dev30-4.12.3.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-scheduler-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-share-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-neutron-fwaas-9.0.2~dev5-4.9.3.noarch",
"SUSE OpenStack Cloud 7:openstack-neutron-fwaas-doc-9.0.2~dev5-4.9.4.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-api-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-cells-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-cert-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-compute-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-conductor-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-console-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-consoleauth-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-doc-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-novncproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-placement-api-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-scheduler-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-serialproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-vncproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-tempest-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:openstack-tempest-test-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:python-Django-1.8.19-3.23.1.noarch",
"SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.s390x",
"SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.x86_64",
"SUSE OpenStack Cloud 7:python-manila-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:python-neutron-fwaas-9.0.2~dev5-4.9.3.noarch",
"SUSE OpenStack Cloud 7:python-nova-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:python-psql2mysql-0.5.0+git.1589351878.4ef877c-1.12.1.noarch",
"SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.s390x",
"SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.x86_64",
"SUSE OpenStack Cloud 7:python-py-1.8.1-11.12.1.noarch",
"SUSE OpenStack Cloud 7:python-pysaml2-4.0.2-3.17.1.noarch",
"SUSE OpenStack Cloud 7:python-tempest-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:python-waitress-1.4.3-3.3.1.noarch",
"SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.s390x",
"SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.x86_64",
"SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.s390x",
"SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.x86_64",
"SUSE OpenStack Cloud 7:release-notes-suse-openstack-cloud-7.20180803-3.18.3.noarch",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.x86_64",
"SUSE OpenStack Cloud 7:zookeeper-server-3.4.10-6.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE OpenStack Cloud 7:ansible-2.2.3.0-12.2.noarch",
"SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.s390x",
"SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.x86_64",
"SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.s390x",
"SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.x86_64",
"SUSE OpenStack Cloud 7:crowbar-ha-4.0+git.1585316203.d6ad2c8-4.52.4.noarch",
"SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1589804581.9972163f0-9.71.4.noarch",
"SUSE OpenStack Cloud 7:grafana-4.6.5-1.14.1.x86_64",
"SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.s390x",
"SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.x86_64",
"SUSE OpenStack Cloud 7:kibana-4.6.3-5.1.x86_64",
"SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.s390x",
"SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.x86_64",
"SUSE OpenStack Cloud 7:monasca-installer-20180608_12.47-12.1.noarch",
"SUSE OpenStack Cloud 7:openstack-dashboard-theme-SUSE-2016.2-5.12.4.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-api-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-data-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-doc-3.0.1~dev30-4.12.3.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-scheduler-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-share-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-neutron-fwaas-9.0.2~dev5-4.9.3.noarch",
"SUSE OpenStack Cloud 7:openstack-neutron-fwaas-doc-9.0.2~dev5-4.9.4.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-api-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-cells-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-cert-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-compute-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-conductor-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-console-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-consoleauth-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-doc-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-novncproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-placement-api-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-scheduler-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-serialproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-vncproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-tempest-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:openstack-tempest-test-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:python-Django-1.8.19-3.23.1.noarch",
"SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.s390x",
"SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.x86_64",
"SUSE OpenStack Cloud 7:python-manila-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:python-neutron-fwaas-9.0.2~dev5-4.9.3.noarch",
"SUSE OpenStack Cloud 7:python-nova-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:python-psql2mysql-0.5.0+git.1589351878.4ef877c-1.12.1.noarch",
"SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.s390x",
"SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.x86_64",
"SUSE OpenStack Cloud 7:python-py-1.8.1-11.12.1.noarch",
"SUSE OpenStack Cloud 7:python-pysaml2-4.0.2-3.17.1.noarch",
"SUSE OpenStack Cloud 7:python-tempest-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:python-waitress-1.4.3-3.3.1.noarch",
"SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.s390x",
"SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.x86_64",
"SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.s390x",
"SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.x86_64",
"SUSE OpenStack Cloud 7:release-notes-suse-openstack-cloud-7.20180803-3.18.3.noarch",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.x86_64",
"SUSE OpenStack Cloud 7:zookeeper-server-3.4.10-6.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-07-29T14:31:35Z",
"details": "important"
}
],
"title": "CVE-2019-16789"
},
{
"cve": "CVE-2019-16792",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-16792"
}
],
"notes": [
{
"category": "general",
"text": "Waitress through version 1.3.1 allows request smuggling by sending the Content-Length header twice. Waitress would header fold a double Content-Length header and due to being unable to cast the now comma separated value to an integer would set the Content-Length to 0 internally. If two Content-Length headers are sent in a single request, Waitress would treat the request as having no body, thereby treating the body of the request as a new request in HTTP pipelining. This issue is fixed in Waitress 1.4.0.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE OpenStack Cloud 7:ansible-2.2.3.0-12.2.noarch",
"SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.s390x",
"SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.x86_64",
"SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.s390x",
"SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.x86_64",
"SUSE OpenStack Cloud 7:crowbar-ha-4.0+git.1585316203.d6ad2c8-4.52.4.noarch",
"SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1589804581.9972163f0-9.71.4.noarch",
"SUSE OpenStack Cloud 7:grafana-4.6.5-1.14.1.x86_64",
"SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.s390x",
"SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.x86_64",
"SUSE OpenStack Cloud 7:kibana-4.6.3-5.1.x86_64",
"SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.s390x",
"SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.x86_64",
"SUSE OpenStack Cloud 7:monasca-installer-20180608_12.47-12.1.noarch",
"SUSE OpenStack Cloud 7:openstack-dashboard-theme-SUSE-2016.2-5.12.4.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-api-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-data-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-doc-3.0.1~dev30-4.12.3.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-scheduler-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-share-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-neutron-fwaas-9.0.2~dev5-4.9.3.noarch",
"SUSE OpenStack Cloud 7:openstack-neutron-fwaas-doc-9.0.2~dev5-4.9.4.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-api-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-cells-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-cert-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-compute-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-conductor-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-console-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-consoleauth-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-doc-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-novncproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-placement-api-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-scheduler-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-serialproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-vncproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-tempest-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:openstack-tempest-test-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:python-Django-1.8.19-3.23.1.noarch",
"SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.s390x",
"SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.x86_64",
"SUSE OpenStack Cloud 7:python-manila-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:python-neutron-fwaas-9.0.2~dev5-4.9.3.noarch",
"SUSE OpenStack Cloud 7:python-nova-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:python-psql2mysql-0.5.0+git.1589351878.4ef877c-1.12.1.noarch",
"SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.s390x",
"SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.x86_64",
"SUSE OpenStack Cloud 7:python-py-1.8.1-11.12.1.noarch",
"SUSE OpenStack Cloud 7:python-pysaml2-4.0.2-3.17.1.noarch",
"SUSE OpenStack Cloud 7:python-tempest-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:python-waitress-1.4.3-3.3.1.noarch",
"SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.s390x",
"SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.x86_64",
"SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.s390x",
"SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.x86_64",
"SUSE OpenStack Cloud 7:release-notes-suse-openstack-cloud-7.20180803-3.18.3.noarch",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.x86_64",
"SUSE OpenStack Cloud 7:zookeeper-server-3.4.10-6.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-16792",
"url": "https://www.suse.com/security/cve/CVE-2019-16792"
},
{
"category": "external",
"summary": "SUSE Bug 1161670 for CVE-2019-16792",
"url": "https://bugzilla.suse.com/1161670"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE OpenStack Cloud 7:ansible-2.2.3.0-12.2.noarch",
"SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.s390x",
"SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.x86_64",
"SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.s390x",
"SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.x86_64",
"SUSE OpenStack Cloud 7:crowbar-ha-4.0+git.1585316203.d6ad2c8-4.52.4.noarch",
"SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1589804581.9972163f0-9.71.4.noarch",
"SUSE OpenStack Cloud 7:grafana-4.6.5-1.14.1.x86_64",
"SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.s390x",
"SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.x86_64",
"SUSE OpenStack Cloud 7:kibana-4.6.3-5.1.x86_64",
"SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.s390x",
"SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.x86_64",
"SUSE OpenStack Cloud 7:monasca-installer-20180608_12.47-12.1.noarch",
"SUSE OpenStack Cloud 7:openstack-dashboard-theme-SUSE-2016.2-5.12.4.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-api-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-data-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-doc-3.0.1~dev30-4.12.3.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-scheduler-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-share-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-neutron-fwaas-9.0.2~dev5-4.9.3.noarch",
"SUSE OpenStack Cloud 7:openstack-neutron-fwaas-doc-9.0.2~dev5-4.9.4.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-api-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-cells-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-cert-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-compute-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-conductor-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-console-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-consoleauth-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-doc-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-novncproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-placement-api-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-scheduler-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-serialproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-vncproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-tempest-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:openstack-tempest-test-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:python-Django-1.8.19-3.23.1.noarch",
"SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.s390x",
"SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.x86_64",
"SUSE OpenStack Cloud 7:python-manila-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:python-neutron-fwaas-9.0.2~dev5-4.9.3.noarch",
"SUSE OpenStack Cloud 7:python-nova-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:python-psql2mysql-0.5.0+git.1589351878.4ef877c-1.12.1.noarch",
"SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.s390x",
"SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.x86_64",
"SUSE OpenStack Cloud 7:python-py-1.8.1-11.12.1.noarch",
"SUSE OpenStack Cloud 7:python-pysaml2-4.0.2-3.17.1.noarch",
"SUSE OpenStack Cloud 7:python-tempest-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:python-waitress-1.4.3-3.3.1.noarch",
"SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.s390x",
"SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.x86_64",
"SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.s390x",
"SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.x86_64",
"SUSE OpenStack Cloud 7:release-notes-suse-openstack-cloud-7.20180803-3.18.3.noarch",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.x86_64",
"SUSE OpenStack Cloud 7:zookeeper-server-3.4.10-6.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE OpenStack Cloud 7:ansible-2.2.3.0-12.2.noarch",
"SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.s390x",
"SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.x86_64",
"SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.s390x",
"SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.x86_64",
"SUSE OpenStack Cloud 7:crowbar-ha-4.0+git.1585316203.d6ad2c8-4.52.4.noarch",
"SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1589804581.9972163f0-9.71.4.noarch",
"SUSE OpenStack Cloud 7:grafana-4.6.5-1.14.1.x86_64",
"SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.s390x",
"SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.x86_64",
"SUSE OpenStack Cloud 7:kibana-4.6.3-5.1.x86_64",
"SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.s390x",
"SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.x86_64",
"SUSE OpenStack Cloud 7:monasca-installer-20180608_12.47-12.1.noarch",
"SUSE OpenStack Cloud 7:openstack-dashboard-theme-SUSE-2016.2-5.12.4.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-api-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-data-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-doc-3.0.1~dev30-4.12.3.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-scheduler-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-share-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-neutron-fwaas-9.0.2~dev5-4.9.3.noarch",
"SUSE OpenStack Cloud 7:openstack-neutron-fwaas-doc-9.0.2~dev5-4.9.4.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-api-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-cells-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-cert-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-compute-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-conductor-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-console-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-consoleauth-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-doc-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-novncproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-placement-api-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-scheduler-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-serialproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-vncproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-tempest-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:openstack-tempest-test-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:python-Django-1.8.19-3.23.1.noarch",
"SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.s390x",
"SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.x86_64",
"SUSE OpenStack Cloud 7:python-manila-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:python-neutron-fwaas-9.0.2~dev5-4.9.3.noarch",
"SUSE OpenStack Cloud 7:python-nova-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:python-psql2mysql-0.5.0+git.1589351878.4ef877c-1.12.1.noarch",
"SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.s390x",
"SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.x86_64",
"SUSE OpenStack Cloud 7:python-py-1.8.1-11.12.1.noarch",
"SUSE OpenStack Cloud 7:python-pysaml2-4.0.2-3.17.1.noarch",
"SUSE OpenStack Cloud 7:python-tempest-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:python-waitress-1.4.3-3.3.1.noarch",
"SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.s390x",
"SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.x86_64",
"SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.s390x",
"SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.x86_64",
"SUSE OpenStack Cloud 7:release-notes-suse-openstack-cloud-7.20180803-3.18.3.noarch",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.x86_64",
"SUSE OpenStack Cloud 7:zookeeper-server-3.4.10-6.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-07-29T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2019-16792"
},
{
"cve": "CVE-2019-16865",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-16865"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in Pillow before 6.2.0. When reading specially crafted invalid image files, the library can either allocate very large amounts of memory or take an extremely long period of time to process the image.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE OpenStack Cloud 7:ansible-2.2.3.0-12.2.noarch",
"SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.s390x",
"SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.x86_64",
"SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.s390x",
"SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.x86_64",
"SUSE OpenStack Cloud 7:crowbar-ha-4.0+git.1585316203.d6ad2c8-4.52.4.noarch",
"SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1589804581.9972163f0-9.71.4.noarch",
"SUSE OpenStack Cloud 7:grafana-4.6.5-1.14.1.x86_64",
"SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.s390x",
"SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.x86_64",
"SUSE OpenStack Cloud 7:kibana-4.6.3-5.1.x86_64",
"SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.s390x",
"SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.x86_64",
"SUSE OpenStack Cloud 7:monasca-installer-20180608_12.47-12.1.noarch",
"SUSE OpenStack Cloud 7:openstack-dashboard-theme-SUSE-2016.2-5.12.4.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-api-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-data-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-doc-3.0.1~dev30-4.12.3.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-scheduler-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-share-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-neutron-fwaas-9.0.2~dev5-4.9.3.noarch",
"SUSE OpenStack Cloud 7:openstack-neutron-fwaas-doc-9.0.2~dev5-4.9.4.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-api-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-cells-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-cert-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-compute-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-conductor-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-console-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-consoleauth-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-doc-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-novncproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-placement-api-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-scheduler-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-serialproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-vncproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-tempest-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:openstack-tempest-test-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:python-Django-1.8.19-3.23.1.noarch",
"SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.s390x",
"SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.x86_64",
"SUSE OpenStack Cloud 7:python-manila-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:python-neutron-fwaas-9.0.2~dev5-4.9.3.noarch",
"SUSE OpenStack Cloud 7:python-nova-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:python-psql2mysql-0.5.0+git.1589351878.4ef877c-1.12.1.noarch",
"SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.s390x",
"SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.x86_64",
"SUSE OpenStack Cloud 7:python-py-1.8.1-11.12.1.noarch",
"SUSE OpenStack Cloud 7:python-pysaml2-4.0.2-3.17.1.noarch",
"SUSE OpenStack Cloud 7:python-tempest-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:python-waitress-1.4.3-3.3.1.noarch",
"SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.s390x",
"SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.x86_64",
"SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.s390x",
"SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.x86_64",
"SUSE OpenStack Cloud 7:release-notes-suse-openstack-cloud-7.20180803-3.18.3.noarch",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.x86_64",
"SUSE OpenStack Cloud 7:zookeeper-server-3.4.10-6.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-16865",
"url": "https://www.suse.com/security/cve/CVE-2019-16865"
},
{
"category": "external",
"summary": "SUSE Bug 1153191 for CVE-2019-16865",
"url": "https://bugzilla.suse.com/1153191"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE OpenStack Cloud 7:ansible-2.2.3.0-12.2.noarch",
"SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.s390x",
"SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.x86_64",
"SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.s390x",
"SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.x86_64",
"SUSE OpenStack Cloud 7:crowbar-ha-4.0+git.1585316203.d6ad2c8-4.52.4.noarch",
"SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1589804581.9972163f0-9.71.4.noarch",
"SUSE OpenStack Cloud 7:grafana-4.6.5-1.14.1.x86_64",
"SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.s390x",
"SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.x86_64",
"SUSE OpenStack Cloud 7:kibana-4.6.3-5.1.x86_64",
"SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.s390x",
"SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.x86_64",
"SUSE OpenStack Cloud 7:monasca-installer-20180608_12.47-12.1.noarch",
"SUSE OpenStack Cloud 7:openstack-dashboard-theme-SUSE-2016.2-5.12.4.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-api-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-data-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-doc-3.0.1~dev30-4.12.3.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-scheduler-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-share-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-neutron-fwaas-9.0.2~dev5-4.9.3.noarch",
"SUSE OpenStack Cloud 7:openstack-neutron-fwaas-doc-9.0.2~dev5-4.9.4.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-api-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-cells-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-cert-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-compute-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-conductor-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-console-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-consoleauth-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-doc-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-novncproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-placement-api-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-scheduler-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-serialproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-vncproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-tempest-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:openstack-tempest-test-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:python-Django-1.8.19-3.23.1.noarch",
"SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.s390x",
"SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.x86_64",
"SUSE OpenStack Cloud 7:python-manila-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:python-neutron-fwaas-9.0.2~dev5-4.9.3.noarch",
"SUSE OpenStack Cloud 7:python-nova-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:python-psql2mysql-0.5.0+git.1589351878.4ef877c-1.12.1.noarch",
"SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.s390x",
"SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.x86_64",
"SUSE OpenStack Cloud 7:python-py-1.8.1-11.12.1.noarch",
"SUSE OpenStack Cloud 7:python-pysaml2-4.0.2-3.17.1.noarch",
"SUSE OpenStack Cloud 7:python-tempest-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:python-waitress-1.4.3-3.3.1.noarch",
"SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.s390x",
"SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.x86_64",
"SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.s390x",
"SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.x86_64",
"SUSE OpenStack Cloud 7:release-notes-suse-openstack-cloud-7.20180803-3.18.3.noarch",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.x86_64",
"SUSE OpenStack Cloud 7:zookeeper-server-3.4.10-6.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE OpenStack Cloud 7:ansible-2.2.3.0-12.2.noarch",
"SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.s390x",
"SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.x86_64",
"SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.s390x",
"SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.x86_64",
"SUSE OpenStack Cloud 7:crowbar-ha-4.0+git.1585316203.d6ad2c8-4.52.4.noarch",
"SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1589804581.9972163f0-9.71.4.noarch",
"SUSE OpenStack Cloud 7:grafana-4.6.5-1.14.1.x86_64",
"SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.s390x",
"SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.x86_64",
"SUSE OpenStack Cloud 7:kibana-4.6.3-5.1.x86_64",
"SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.s390x",
"SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.x86_64",
"SUSE OpenStack Cloud 7:monasca-installer-20180608_12.47-12.1.noarch",
"SUSE OpenStack Cloud 7:openstack-dashboard-theme-SUSE-2016.2-5.12.4.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-api-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-data-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-doc-3.0.1~dev30-4.12.3.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-scheduler-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-share-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-neutron-fwaas-9.0.2~dev5-4.9.3.noarch",
"SUSE OpenStack Cloud 7:openstack-neutron-fwaas-doc-9.0.2~dev5-4.9.4.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-api-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-cells-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-cert-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-compute-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-conductor-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-console-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-consoleauth-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-doc-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-novncproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-placement-api-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-scheduler-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-serialproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-vncproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-tempest-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:openstack-tempest-test-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:python-Django-1.8.19-3.23.1.noarch",
"SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.s390x",
"SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.x86_64",
"SUSE OpenStack Cloud 7:python-manila-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:python-neutron-fwaas-9.0.2~dev5-4.9.3.noarch",
"SUSE OpenStack Cloud 7:python-nova-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:python-psql2mysql-0.5.0+git.1589351878.4ef877c-1.12.1.noarch",
"SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.s390x",
"SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.x86_64",
"SUSE OpenStack Cloud 7:python-py-1.8.1-11.12.1.noarch",
"SUSE OpenStack Cloud 7:python-pysaml2-4.0.2-3.17.1.noarch",
"SUSE OpenStack Cloud 7:python-tempest-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:python-waitress-1.4.3-3.3.1.noarch",
"SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.s390x",
"SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.x86_64",
"SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.s390x",
"SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.x86_64",
"SUSE OpenStack Cloud 7:release-notes-suse-openstack-cloud-7.20180803-3.18.3.noarch",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.x86_64",
"SUSE OpenStack Cloud 7:zookeeper-server-3.4.10-6.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-07-29T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2019-16865"
},
{
"cve": "CVE-2019-18874",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-18874"
}
],
"notes": [
{
"category": "general",
"text": "psutil (aka python-psutil) through 5.6.5 can have a double free. This occurs because of refcount mishandling within a while or for loop that converts system data into a Python object.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE OpenStack Cloud 7:ansible-2.2.3.0-12.2.noarch",
"SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.s390x",
"SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.x86_64",
"SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.s390x",
"SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.x86_64",
"SUSE OpenStack Cloud 7:crowbar-ha-4.0+git.1585316203.d6ad2c8-4.52.4.noarch",
"SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1589804581.9972163f0-9.71.4.noarch",
"SUSE OpenStack Cloud 7:grafana-4.6.5-1.14.1.x86_64",
"SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.s390x",
"SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.x86_64",
"SUSE OpenStack Cloud 7:kibana-4.6.3-5.1.x86_64",
"SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.s390x",
"SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.x86_64",
"SUSE OpenStack Cloud 7:monasca-installer-20180608_12.47-12.1.noarch",
"SUSE OpenStack Cloud 7:openstack-dashboard-theme-SUSE-2016.2-5.12.4.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-api-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-data-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-doc-3.0.1~dev30-4.12.3.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-scheduler-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-share-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-neutron-fwaas-9.0.2~dev5-4.9.3.noarch",
"SUSE OpenStack Cloud 7:openstack-neutron-fwaas-doc-9.0.2~dev5-4.9.4.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-api-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-cells-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-cert-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-compute-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-conductor-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-console-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-consoleauth-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-doc-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-novncproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-placement-api-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-scheduler-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-serialproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-vncproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-tempest-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:openstack-tempest-test-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:python-Django-1.8.19-3.23.1.noarch",
"SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.s390x",
"SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.x86_64",
"SUSE OpenStack Cloud 7:python-manila-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:python-neutron-fwaas-9.0.2~dev5-4.9.3.noarch",
"SUSE OpenStack Cloud 7:python-nova-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:python-psql2mysql-0.5.0+git.1589351878.4ef877c-1.12.1.noarch",
"SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.s390x",
"SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.x86_64",
"SUSE OpenStack Cloud 7:python-py-1.8.1-11.12.1.noarch",
"SUSE OpenStack Cloud 7:python-pysaml2-4.0.2-3.17.1.noarch",
"SUSE OpenStack Cloud 7:python-tempest-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:python-waitress-1.4.3-3.3.1.noarch",
"SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.s390x",
"SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.x86_64",
"SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.s390x",
"SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.x86_64",
"SUSE OpenStack Cloud 7:release-notes-suse-openstack-cloud-7.20180803-3.18.3.noarch",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.x86_64",
"SUSE OpenStack Cloud 7:zookeeper-server-3.4.10-6.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-18874",
"url": "https://www.suse.com/security/cve/CVE-2019-18874"
},
{
"category": "external",
"summary": "SUSE Bug 1156525 for CVE-2019-18874",
"url": "https://bugzilla.suse.com/1156525"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE OpenStack Cloud 7:ansible-2.2.3.0-12.2.noarch",
"SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.s390x",
"SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.x86_64",
"SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.s390x",
"SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.x86_64",
"SUSE OpenStack Cloud 7:crowbar-ha-4.0+git.1585316203.d6ad2c8-4.52.4.noarch",
"SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1589804581.9972163f0-9.71.4.noarch",
"SUSE OpenStack Cloud 7:grafana-4.6.5-1.14.1.x86_64",
"SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.s390x",
"SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.x86_64",
"SUSE OpenStack Cloud 7:kibana-4.6.3-5.1.x86_64",
"SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.s390x",
"SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.x86_64",
"SUSE OpenStack Cloud 7:monasca-installer-20180608_12.47-12.1.noarch",
"SUSE OpenStack Cloud 7:openstack-dashboard-theme-SUSE-2016.2-5.12.4.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-api-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-data-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-doc-3.0.1~dev30-4.12.3.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-scheduler-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-share-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-neutron-fwaas-9.0.2~dev5-4.9.3.noarch",
"SUSE OpenStack Cloud 7:openstack-neutron-fwaas-doc-9.0.2~dev5-4.9.4.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-api-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-cells-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-cert-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-compute-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-conductor-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-console-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-consoleauth-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-doc-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-novncproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-placement-api-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-scheduler-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-serialproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-vncproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-tempest-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:openstack-tempest-test-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:python-Django-1.8.19-3.23.1.noarch",
"SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.s390x",
"SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.x86_64",
"SUSE OpenStack Cloud 7:python-manila-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:python-neutron-fwaas-9.0.2~dev5-4.9.3.noarch",
"SUSE OpenStack Cloud 7:python-nova-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:python-psql2mysql-0.5.0+git.1589351878.4ef877c-1.12.1.noarch",
"SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.s390x",
"SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.x86_64",
"SUSE OpenStack Cloud 7:python-py-1.8.1-11.12.1.noarch",
"SUSE OpenStack Cloud 7:python-pysaml2-4.0.2-3.17.1.noarch",
"SUSE OpenStack Cloud 7:python-tempest-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:python-waitress-1.4.3-3.3.1.noarch",
"SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.s390x",
"SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.x86_64",
"SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.s390x",
"SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.x86_64",
"SUSE OpenStack Cloud 7:release-notes-suse-openstack-cloud-7.20180803-3.18.3.noarch",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.x86_64",
"SUSE OpenStack Cloud 7:zookeeper-server-3.4.10-6.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE OpenStack Cloud 7:ansible-2.2.3.0-12.2.noarch",
"SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.s390x",
"SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.x86_64",
"SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.s390x",
"SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.x86_64",
"SUSE OpenStack Cloud 7:crowbar-ha-4.0+git.1585316203.d6ad2c8-4.52.4.noarch",
"SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1589804581.9972163f0-9.71.4.noarch",
"SUSE OpenStack Cloud 7:grafana-4.6.5-1.14.1.x86_64",
"SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.s390x",
"SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.x86_64",
"SUSE OpenStack Cloud 7:kibana-4.6.3-5.1.x86_64",
"SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.s390x",
"SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.x86_64",
"SUSE OpenStack Cloud 7:monasca-installer-20180608_12.47-12.1.noarch",
"SUSE OpenStack Cloud 7:openstack-dashboard-theme-SUSE-2016.2-5.12.4.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-api-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-data-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-doc-3.0.1~dev30-4.12.3.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-scheduler-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-share-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-neutron-fwaas-9.0.2~dev5-4.9.3.noarch",
"SUSE OpenStack Cloud 7:openstack-neutron-fwaas-doc-9.0.2~dev5-4.9.4.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-api-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-cells-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-cert-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-compute-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-conductor-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-console-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-consoleauth-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-doc-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-novncproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-placement-api-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-scheduler-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-serialproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-vncproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-tempest-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:openstack-tempest-test-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:python-Django-1.8.19-3.23.1.noarch",
"SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.s390x",
"SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.x86_64",
"SUSE OpenStack Cloud 7:python-manila-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:python-neutron-fwaas-9.0.2~dev5-4.9.3.noarch",
"SUSE OpenStack Cloud 7:python-nova-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:python-psql2mysql-0.5.0+git.1589351878.4ef877c-1.12.1.noarch",
"SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.s390x",
"SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.x86_64",
"SUSE OpenStack Cloud 7:python-py-1.8.1-11.12.1.noarch",
"SUSE OpenStack Cloud 7:python-pysaml2-4.0.2-3.17.1.noarch",
"SUSE OpenStack Cloud 7:python-tempest-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:python-waitress-1.4.3-3.3.1.noarch",
"SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.s390x",
"SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.x86_64",
"SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.s390x",
"SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.x86_64",
"SUSE OpenStack Cloud 7:release-notes-suse-openstack-cloud-7.20180803-3.18.3.noarch",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.x86_64",
"SUSE OpenStack Cloud 7:zookeeper-server-3.4.10-6.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-07-29T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2019-18874"
},
{
"cve": "CVE-2019-19844",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-19844"
}
],
"notes": [
{
"category": "general",
"text": "Django before 1.11.27, 2.x before 2.2.9, and 3.x before 3.0.1 allows account takeover. A suitably crafted email address (that is equal to an existing user\u0027s email address after case transformation of Unicode characters) would allow an attacker to be sent a password reset token for the matched user account. (One mitigation in the new releases is to send password reset tokens only to the registered user email address.)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE OpenStack Cloud 7:ansible-2.2.3.0-12.2.noarch",
"SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.s390x",
"SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.x86_64",
"SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.s390x",
"SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.x86_64",
"SUSE OpenStack Cloud 7:crowbar-ha-4.0+git.1585316203.d6ad2c8-4.52.4.noarch",
"SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1589804581.9972163f0-9.71.4.noarch",
"SUSE OpenStack Cloud 7:grafana-4.6.5-1.14.1.x86_64",
"SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.s390x",
"SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.x86_64",
"SUSE OpenStack Cloud 7:kibana-4.6.3-5.1.x86_64",
"SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.s390x",
"SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.x86_64",
"SUSE OpenStack Cloud 7:monasca-installer-20180608_12.47-12.1.noarch",
"SUSE OpenStack Cloud 7:openstack-dashboard-theme-SUSE-2016.2-5.12.4.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-api-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-data-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-doc-3.0.1~dev30-4.12.3.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-scheduler-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-share-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-neutron-fwaas-9.0.2~dev5-4.9.3.noarch",
"SUSE OpenStack Cloud 7:openstack-neutron-fwaas-doc-9.0.2~dev5-4.9.4.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-api-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-cells-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-cert-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-compute-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-conductor-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-console-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-consoleauth-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-doc-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-novncproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-placement-api-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-scheduler-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-serialproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-vncproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-tempest-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:openstack-tempest-test-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:python-Django-1.8.19-3.23.1.noarch",
"SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.s390x",
"SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.x86_64",
"SUSE OpenStack Cloud 7:python-manila-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:python-neutron-fwaas-9.0.2~dev5-4.9.3.noarch",
"SUSE OpenStack Cloud 7:python-nova-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:python-psql2mysql-0.5.0+git.1589351878.4ef877c-1.12.1.noarch",
"SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.s390x",
"SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.x86_64",
"SUSE OpenStack Cloud 7:python-py-1.8.1-11.12.1.noarch",
"SUSE OpenStack Cloud 7:python-pysaml2-4.0.2-3.17.1.noarch",
"SUSE OpenStack Cloud 7:python-tempest-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:python-waitress-1.4.3-3.3.1.noarch",
"SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.s390x",
"SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.x86_64",
"SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.s390x",
"SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.x86_64",
"SUSE OpenStack Cloud 7:release-notes-suse-openstack-cloud-7.20180803-3.18.3.noarch",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.x86_64",
"SUSE OpenStack Cloud 7:zookeeper-server-3.4.10-6.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-19844",
"url": "https://www.suse.com/security/cve/CVE-2019-19844"
},
{
"category": "external",
"summary": "SUSE Bug 1159447 for CVE-2019-19844",
"url": "https://bugzilla.suse.com/1159447"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE OpenStack Cloud 7:ansible-2.2.3.0-12.2.noarch",
"SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.s390x",
"SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.x86_64",
"SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.s390x",
"SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.x86_64",
"SUSE OpenStack Cloud 7:crowbar-ha-4.0+git.1585316203.d6ad2c8-4.52.4.noarch",
"SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1589804581.9972163f0-9.71.4.noarch",
"SUSE OpenStack Cloud 7:grafana-4.6.5-1.14.1.x86_64",
"SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.s390x",
"SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.x86_64",
"SUSE OpenStack Cloud 7:kibana-4.6.3-5.1.x86_64",
"SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.s390x",
"SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.x86_64",
"SUSE OpenStack Cloud 7:monasca-installer-20180608_12.47-12.1.noarch",
"SUSE OpenStack Cloud 7:openstack-dashboard-theme-SUSE-2016.2-5.12.4.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-api-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-data-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-doc-3.0.1~dev30-4.12.3.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-scheduler-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-share-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-neutron-fwaas-9.0.2~dev5-4.9.3.noarch",
"SUSE OpenStack Cloud 7:openstack-neutron-fwaas-doc-9.0.2~dev5-4.9.4.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-api-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-cells-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-cert-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-compute-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-conductor-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-console-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-consoleauth-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-doc-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-novncproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-placement-api-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-scheduler-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-serialproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-vncproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-tempest-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:openstack-tempest-test-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:python-Django-1.8.19-3.23.1.noarch",
"SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.s390x",
"SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.x86_64",
"SUSE OpenStack Cloud 7:python-manila-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:python-neutron-fwaas-9.0.2~dev5-4.9.3.noarch",
"SUSE OpenStack Cloud 7:python-nova-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:python-psql2mysql-0.5.0+git.1589351878.4ef877c-1.12.1.noarch",
"SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.s390x",
"SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.x86_64",
"SUSE OpenStack Cloud 7:python-py-1.8.1-11.12.1.noarch",
"SUSE OpenStack Cloud 7:python-pysaml2-4.0.2-3.17.1.noarch",
"SUSE OpenStack Cloud 7:python-tempest-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:python-waitress-1.4.3-3.3.1.noarch",
"SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.s390x",
"SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.x86_64",
"SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.s390x",
"SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.x86_64",
"SUSE OpenStack Cloud 7:release-notes-suse-openstack-cloud-7.20180803-3.18.3.noarch",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.x86_64",
"SUSE OpenStack Cloud 7:zookeeper-server-3.4.10-6.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE OpenStack Cloud 7:ansible-2.2.3.0-12.2.noarch",
"SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.s390x",
"SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.x86_64",
"SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.s390x",
"SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.x86_64",
"SUSE OpenStack Cloud 7:crowbar-ha-4.0+git.1585316203.d6ad2c8-4.52.4.noarch",
"SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1589804581.9972163f0-9.71.4.noarch",
"SUSE OpenStack Cloud 7:grafana-4.6.5-1.14.1.x86_64",
"SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.s390x",
"SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.x86_64",
"SUSE OpenStack Cloud 7:kibana-4.6.3-5.1.x86_64",
"SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.s390x",
"SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.x86_64",
"SUSE OpenStack Cloud 7:monasca-installer-20180608_12.47-12.1.noarch",
"SUSE OpenStack Cloud 7:openstack-dashboard-theme-SUSE-2016.2-5.12.4.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-api-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-data-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-doc-3.0.1~dev30-4.12.3.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-scheduler-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-share-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-neutron-fwaas-9.0.2~dev5-4.9.3.noarch",
"SUSE OpenStack Cloud 7:openstack-neutron-fwaas-doc-9.0.2~dev5-4.9.4.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-api-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-cells-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-cert-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-compute-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-conductor-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-console-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-consoleauth-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-doc-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-novncproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-placement-api-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-scheduler-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-serialproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-vncproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-tempest-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:openstack-tempest-test-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:python-Django-1.8.19-3.23.1.noarch",
"SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.s390x",
"SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.x86_64",
"SUSE OpenStack Cloud 7:python-manila-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:python-neutron-fwaas-9.0.2~dev5-4.9.3.noarch",
"SUSE OpenStack Cloud 7:python-nova-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:python-psql2mysql-0.5.0+git.1589351878.4ef877c-1.12.1.noarch",
"SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.s390x",
"SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.x86_64",
"SUSE OpenStack Cloud 7:python-py-1.8.1-11.12.1.noarch",
"SUSE OpenStack Cloud 7:python-pysaml2-4.0.2-3.17.1.noarch",
"SUSE OpenStack Cloud 7:python-tempest-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:python-waitress-1.4.3-3.3.1.noarch",
"SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.s390x",
"SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.x86_64",
"SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.s390x",
"SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.x86_64",
"SUSE OpenStack Cloud 7:release-notes-suse-openstack-cloud-7.20180803-3.18.3.noarch",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.x86_64",
"SUSE OpenStack Cloud 7:zookeeper-server-3.4.10-6.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-07-29T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2019-19844"
},
{
"cve": "CVE-2019-19911",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-19911"
}
],
"notes": [
{
"category": "general",
"text": "There is a DoS vulnerability in Pillow before 6.2.2 caused by FpxImagePlugin.py calling the range function on an unvalidated 32-bit integer if the number of bands is large. On Windows running 32-bit Python, this results in an OverflowError or MemoryError due to the 2 GB limit. However, on Linux running 64-bit Python this results in the process being terminated by the OOM killer.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE OpenStack Cloud 7:ansible-2.2.3.0-12.2.noarch",
"SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.s390x",
"SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.x86_64",
"SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.s390x",
"SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.x86_64",
"SUSE OpenStack Cloud 7:crowbar-ha-4.0+git.1585316203.d6ad2c8-4.52.4.noarch",
"SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1589804581.9972163f0-9.71.4.noarch",
"SUSE OpenStack Cloud 7:grafana-4.6.5-1.14.1.x86_64",
"SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.s390x",
"SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.x86_64",
"SUSE OpenStack Cloud 7:kibana-4.6.3-5.1.x86_64",
"SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.s390x",
"SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.x86_64",
"SUSE OpenStack Cloud 7:monasca-installer-20180608_12.47-12.1.noarch",
"SUSE OpenStack Cloud 7:openstack-dashboard-theme-SUSE-2016.2-5.12.4.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-api-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-data-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-doc-3.0.1~dev30-4.12.3.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-scheduler-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-share-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-neutron-fwaas-9.0.2~dev5-4.9.3.noarch",
"SUSE OpenStack Cloud 7:openstack-neutron-fwaas-doc-9.0.2~dev5-4.9.4.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-api-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-cells-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-cert-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-compute-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-conductor-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-console-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-consoleauth-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-doc-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-novncproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-placement-api-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-scheduler-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-serialproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-vncproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-tempest-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:openstack-tempest-test-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:python-Django-1.8.19-3.23.1.noarch",
"SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.s390x",
"SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.x86_64",
"SUSE OpenStack Cloud 7:python-manila-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:python-neutron-fwaas-9.0.2~dev5-4.9.3.noarch",
"SUSE OpenStack Cloud 7:python-nova-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:python-psql2mysql-0.5.0+git.1589351878.4ef877c-1.12.1.noarch",
"SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.s390x",
"SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.x86_64",
"SUSE OpenStack Cloud 7:python-py-1.8.1-11.12.1.noarch",
"SUSE OpenStack Cloud 7:python-pysaml2-4.0.2-3.17.1.noarch",
"SUSE OpenStack Cloud 7:python-tempest-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:python-waitress-1.4.3-3.3.1.noarch",
"SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.s390x",
"SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.x86_64",
"SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.s390x",
"SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.x86_64",
"SUSE OpenStack Cloud 7:release-notes-suse-openstack-cloud-7.20180803-3.18.3.noarch",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.x86_64",
"SUSE OpenStack Cloud 7:zookeeper-server-3.4.10-6.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-19911",
"url": "https://www.suse.com/security/cve/CVE-2019-19911"
},
{
"category": "external",
"summary": "SUSE Bug 1160192 for CVE-2019-19911",
"url": "https://bugzilla.suse.com/1160192"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE OpenStack Cloud 7:ansible-2.2.3.0-12.2.noarch",
"SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.s390x",
"SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.x86_64",
"SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.s390x",
"SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.x86_64",
"SUSE OpenStack Cloud 7:crowbar-ha-4.0+git.1585316203.d6ad2c8-4.52.4.noarch",
"SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1589804581.9972163f0-9.71.4.noarch",
"SUSE OpenStack Cloud 7:grafana-4.6.5-1.14.1.x86_64",
"SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.s390x",
"SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.x86_64",
"SUSE OpenStack Cloud 7:kibana-4.6.3-5.1.x86_64",
"SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.s390x",
"SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.x86_64",
"SUSE OpenStack Cloud 7:monasca-installer-20180608_12.47-12.1.noarch",
"SUSE OpenStack Cloud 7:openstack-dashboard-theme-SUSE-2016.2-5.12.4.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-api-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-data-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-doc-3.0.1~dev30-4.12.3.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-scheduler-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-share-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-neutron-fwaas-9.0.2~dev5-4.9.3.noarch",
"SUSE OpenStack Cloud 7:openstack-neutron-fwaas-doc-9.0.2~dev5-4.9.4.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-api-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-cells-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-cert-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-compute-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-conductor-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-console-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-consoleauth-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-doc-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-novncproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-placement-api-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-scheduler-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-serialproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-vncproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-tempest-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:openstack-tempest-test-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:python-Django-1.8.19-3.23.1.noarch",
"SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.s390x",
"SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.x86_64",
"SUSE OpenStack Cloud 7:python-manila-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:python-neutron-fwaas-9.0.2~dev5-4.9.3.noarch",
"SUSE OpenStack Cloud 7:python-nova-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:python-psql2mysql-0.5.0+git.1589351878.4ef877c-1.12.1.noarch",
"SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.s390x",
"SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.x86_64",
"SUSE OpenStack Cloud 7:python-py-1.8.1-11.12.1.noarch",
"SUSE OpenStack Cloud 7:python-pysaml2-4.0.2-3.17.1.noarch",
"SUSE OpenStack Cloud 7:python-tempest-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:python-waitress-1.4.3-3.3.1.noarch",
"SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.s390x",
"SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.x86_64",
"SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.s390x",
"SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.x86_64",
"SUSE OpenStack Cloud 7:release-notes-suse-openstack-cloud-7.20180803-3.18.3.noarch",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.x86_64",
"SUSE OpenStack Cloud 7:zookeeper-server-3.4.10-6.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE OpenStack Cloud 7:ansible-2.2.3.0-12.2.noarch",
"SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.s390x",
"SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.x86_64",
"SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.s390x",
"SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.x86_64",
"SUSE OpenStack Cloud 7:crowbar-ha-4.0+git.1585316203.d6ad2c8-4.52.4.noarch",
"SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1589804581.9972163f0-9.71.4.noarch",
"SUSE OpenStack Cloud 7:grafana-4.6.5-1.14.1.x86_64",
"SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.s390x",
"SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.x86_64",
"SUSE OpenStack Cloud 7:kibana-4.6.3-5.1.x86_64",
"SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.s390x",
"SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.x86_64",
"SUSE OpenStack Cloud 7:monasca-installer-20180608_12.47-12.1.noarch",
"SUSE OpenStack Cloud 7:openstack-dashboard-theme-SUSE-2016.2-5.12.4.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-api-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-data-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-doc-3.0.1~dev30-4.12.3.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-scheduler-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-share-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-neutron-fwaas-9.0.2~dev5-4.9.3.noarch",
"SUSE OpenStack Cloud 7:openstack-neutron-fwaas-doc-9.0.2~dev5-4.9.4.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-api-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-cells-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-cert-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-compute-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-conductor-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-console-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-consoleauth-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-doc-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-novncproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-placement-api-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-scheduler-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-serialproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-vncproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-tempest-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:openstack-tempest-test-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:python-Django-1.8.19-3.23.1.noarch",
"SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.s390x",
"SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.x86_64",
"SUSE OpenStack Cloud 7:python-manila-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:python-neutron-fwaas-9.0.2~dev5-4.9.3.noarch",
"SUSE OpenStack Cloud 7:python-nova-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:python-psql2mysql-0.5.0+git.1589351878.4ef877c-1.12.1.noarch",
"SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.s390x",
"SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.x86_64",
"SUSE OpenStack Cloud 7:python-py-1.8.1-11.12.1.noarch",
"SUSE OpenStack Cloud 7:python-pysaml2-4.0.2-3.17.1.noarch",
"SUSE OpenStack Cloud 7:python-tempest-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:python-waitress-1.4.3-3.3.1.noarch",
"SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.s390x",
"SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.x86_64",
"SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.s390x",
"SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.x86_64",
"SUSE OpenStack Cloud 7:release-notes-suse-openstack-cloud-7.20180803-3.18.3.noarch",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.x86_64",
"SUSE OpenStack Cloud 7:zookeeper-server-3.4.10-6.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-07-29T14:31:35Z",
"details": "important"
}
],
"title": "CVE-2019-19911"
},
{
"cve": "CVE-2019-3498",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-3498"
}
],
"notes": [
{
"category": "general",
"text": "In Django 1.11.x before 1.11.18, 2.0.x before 2.0.10, and 2.1.x before 2.1.5, an Improper Neutralization of Special Elements in Output Used by a Downstream Component issue exists in django.views.defaults.page_not_found(), leading to content spoofing (in a 404 error page) if a user fails to recognize that a crafted URL has malicious content.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE OpenStack Cloud 7:ansible-2.2.3.0-12.2.noarch",
"SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.s390x",
"SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.x86_64",
"SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.s390x",
"SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.x86_64",
"SUSE OpenStack Cloud 7:crowbar-ha-4.0+git.1585316203.d6ad2c8-4.52.4.noarch",
"SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1589804581.9972163f0-9.71.4.noarch",
"SUSE OpenStack Cloud 7:grafana-4.6.5-1.14.1.x86_64",
"SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.s390x",
"SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.x86_64",
"SUSE OpenStack Cloud 7:kibana-4.6.3-5.1.x86_64",
"SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.s390x",
"SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.x86_64",
"SUSE OpenStack Cloud 7:monasca-installer-20180608_12.47-12.1.noarch",
"SUSE OpenStack Cloud 7:openstack-dashboard-theme-SUSE-2016.2-5.12.4.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-api-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-data-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-doc-3.0.1~dev30-4.12.3.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-scheduler-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-share-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-neutron-fwaas-9.0.2~dev5-4.9.3.noarch",
"SUSE OpenStack Cloud 7:openstack-neutron-fwaas-doc-9.0.2~dev5-4.9.4.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-api-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-cells-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-cert-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-compute-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-conductor-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-console-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-consoleauth-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-doc-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-novncproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-placement-api-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-scheduler-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-serialproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-vncproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-tempest-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:openstack-tempest-test-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:python-Django-1.8.19-3.23.1.noarch",
"SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.s390x",
"SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.x86_64",
"SUSE OpenStack Cloud 7:python-manila-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:python-neutron-fwaas-9.0.2~dev5-4.9.3.noarch",
"SUSE OpenStack Cloud 7:python-nova-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:python-psql2mysql-0.5.0+git.1589351878.4ef877c-1.12.1.noarch",
"SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.s390x",
"SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.x86_64",
"SUSE OpenStack Cloud 7:python-py-1.8.1-11.12.1.noarch",
"SUSE OpenStack Cloud 7:python-pysaml2-4.0.2-3.17.1.noarch",
"SUSE OpenStack Cloud 7:python-tempest-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:python-waitress-1.4.3-3.3.1.noarch",
"SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.s390x",
"SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.x86_64",
"SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.s390x",
"SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.x86_64",
"SUSE OpenStack Cloud 7:release-notes-suse-openstack-cloud-7.20180803-3.18.3.noarch",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.x86_64",
"SUSE OpenStack Cloud 7:zookeeper-server-3.4.10-6.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-3498",
"url": "https://www.suse.com/security/cve/CVE-2019-3498"
},
{
"category": "external",
"summary": "SUSE Bug 1120932 for CVE-2019-3498",
"url": "https://bugzilla.suse.com/1120932"
},
{
"category": "external",
"summary": "SUSE Bug 1139945 for CVE-2019-3498",
"url": "https://bugzilla.suse.com/1139945"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE OpenStack Cloud 7:ansible-2.2.3.0-12.2.noarch",
"SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.s390x",
"SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.x86_64",
"SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.s390x",
"SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.x86_64",
"SUSE OpenStack Cloud 7:crowbar-ha-4.0+git.1585316203.d6ad2c8-4.52.4.noarch",
"SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1589804581.9972163f0-9.71.4.noarch",
"SUSE OpenStack Cloud 7:grafana-4.6.5-1.14.1.x86_64",
"SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.s390x",
"SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.x86_64",
"SUSE OpenStack Cloud 7:kibana-4.6.3-5.1.x86_64",
"SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.s390x",
"SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.x86_64",
"SUSE OpenStack Cloud 7:monasca-installer-20180608_12.47-12.1.noarch",
"SUSE OpenStack Cloud 7:openstack-dashboard-theme-SUSE-2016.2-5.12.4.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-api-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-data-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-doc-3.0.1~dev30-4.12.3.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-scheduler-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-share-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-neutron-fwaas-9.0.2~dev5-4.9.3.noarch",
"SUSE OpenStack Cloud 7:openstack-neutron-fwaas-doc-9.0.2~dev5-4.9.4.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-api-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-cells-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-cert-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-compute-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-conductor-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-console-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-consoleauth-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-doc-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-novncproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-placement-api-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-scheduler-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-serialproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-vncproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-tempest-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:openstack-tempest-test-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:python-Django-1.8.19-3.23.1.noarch",
"SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.s390x",
"SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.x86_64",
"SUSE OpenStack Cloud 7:python-manila-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:python-neutron-fwaas-9.0.2~dev5-4.9.3.noarch",
"SUSE OpenStack Cloud 7:python-nova-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:python-psql2mysql-0.5.0+git.1589351878.4ef877c-1.12.1.noarch",
"SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.s390x",
"SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.x86_64",
"SUSE OpenStack Cloud 7:python-py-1.8.1-11.12.1.noarch",
"SUSE OpenStack Cloud 7:python-pysaml2-4.0.2-3.17.1.noarch",
"SUSE OpenStack Cloud 7:python-tempest-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:python-waitress-1.4.3-3.3.1.noarch",
"SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.s390x",
"SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.x86_64",
"SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.s390x",
"SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.x86_64",
"SUSE OpenStack Cloud 7:release-notes-suse-openstack-cloud-7.20180803-3.18.3.noarch",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.x86_64",
"SUSE OpenStack Cloud 7:zookeeper-server-3.4.10-6.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.0"
},
"products": [
"SUSE OpenStack Cloud 7:ansible-2.2.3.0-12.2.noarch",
"SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.s390x",
"SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.x86_64",
"SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.s390x",
"SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.x86_64",
"SUSE OpenStack Cloud 7:crowbar-ha-4.0+git.1585316203.d6ad2c8-4.52.4.noarch",
"SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1589804581.9972163f0-9.71.4.noarch",
"SUSE OpenStack Cloud 7:grafana-4.6.5-1.14.1.x86_64",
"SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.s390x",
"SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.x86_64",
"SUSE OpenStack Cloud 7:kibana-4.6.3-5.1.x86_64",
"SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.s390x",
"SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.x86_64",
"SUSE OpenStack Cloud 7:monasca-installer-20180608_12.47-12.1.noarch",
"SUSE OpenStack Cloud 7:openstack-dashboard-theme-SUSE-2016.2-5.12.4.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-api-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-data-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-doc-3.0.1~dev30-4.12.3.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-scheduler-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-share-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-neutron-fwaas-9.0.2~dev5-4.9.3.noarch",
"SUSE OpenStack Cloud 7:openstack-neutron-fwaas-doc-9.0.2~dev5-4.9.4.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-api-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-cells-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-cert-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-compute-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-conductor-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-console-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-consoleauth-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-doc-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-novncproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-placement-api-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-scheduler-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-serialproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-vncproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-tempest-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:openstack-tempest-test-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:python-Django-1.8.19-3.23.1.noarch",
"SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.s390x",
"SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.x86_64",
"SUSE OpenStack Cloud 7:python-manila-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:python-neutron-fwaas-9.0.2~dev5-4.9.3.noarch",
"SUSE OpenStack Cloud 7:python-nova-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:python-psql2mysql-0.5.0+git.1589351878.4ef877c-1.12.1.noarch",
"SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.s390x",
"SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.x86_64",
"SUSE OpenStack Cloud 7:python-py-1.8.1-11.12.1.noarch",
"SUSE OpenStack Cloud 7:python-pysaml2-4.0.2-3.17.1.noarch",
"SUSE OpenStack Cloud 7:python-tempest-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:python-waitress-1.4.3-3.3.1.noarch",
"SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.s390x",
"SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.x86_64",
"SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.s390x",
"SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.x86_64",
"SUSE OpenStack Cloud 7:release-notes-suse-openstack-cloud-7.20180803-3.18.3.noarch",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.x86_64",
"SUSE OpenStack Cloud 7:zookeeper-server-3.4.10-6.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-07-29T14:31:35Z",
"details": "low"
}
],
"title": "CVE-2019-3498"
},
{
"cve": "CVE-2019-3828",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-3828"
}
],
"notes": [
{
"category": "general",
"text": "Ansible fetch module before versions 2.5.15, 2.6.14, 2.7.8 has a path traversal vulnerability which allows copying and overwriting files outside of the specified destination in the local ansible controller host, by not restricting an absolute path.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE OpenStack Cloud 7:ansible-2.2.3.0-12.2.noarch",
"SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.s390x",
"SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.x86_64",
"SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.s390x",
"SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.x86_64",
"SUSE OpenStack Cloud 7:crowbar-ha-4.0+git.1585316203.d6ad2c8-4.52.4.noarch",
"SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1589804581.9972163f0-9.71.4.noarch",
"SUSE OpenStack Cloud 7:grafana-4.6.5-1.14.1.x86_64",
"SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.s390x",
"SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.x86_64",
"SUSE OpenStack Cloud 7:kibana-4.6.3-5.1.x86_64",
"SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.s390x",
"SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.x86_64",
"SUSE OpenStack Cloud 7:monasca-installer-20180608_12.47-12.1.noarch",
"SUSE OpenStack Cloud 7:openstack-dashboard-theme-SUSE-2016.2-5.12.4.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-api-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-data-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-doc-3.0.1~dev30-4.12.3.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-scheduler-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-share-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-neutron-fwaas-9.0.2~dev5-4.9.3.noarch",
"SUSE OpenStack Cloud 7:openstack-neutron-fwaas-doc-9.0.2~dev5-4.9.4.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-api-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-cells-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-cert-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-compute-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-conductor-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-console-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-consoleauth-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-doc-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-novncproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-placement-api-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-scheduler-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-serialproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-vncproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-tempest-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:openstack-tempest-test-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:python-Django-1.8.19-3.23.1.noarch",
"SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.s390x",
"SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.x86_64",
"SUSE OpenStack Cloud 7:python-manila-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:python-neutron-fwaas-9.0.2~dev5-4.9.3.noarch",
"SUSE OpenStack Cloud 7:python-nova-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:python-psql2mysql-0.5.0+git.1589351878.4ef877c-1.12.1.noarch",
"SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.s390x",
"SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.x86_64",
"SUSE OpenStack Cloud 7:python-py-1.8.1-11.12.1.noarch",
"SUSE OpenStack Cloud 7:python-pysaml2-4.0.2-3.17.1.noarch",
"SUSE OpenStack Cloud 7:python-tempest-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:python-waitress-1.4.3-3.3.1.noarch",
"SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.s390x",
"SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.x86_64",
"SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.s390x",
"SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.x86_64",
"SUSE OpenStack Cloud 7:release-notes-suse-openstack-cloud-7.20180803-3.18.3.noarch",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.x86_64",
"SUSE OpenStack Cloud 7:zookeeper-server-3.4.10-6.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-3828",
"url": "https://www.suse.com/security/cve/CVE-2019-3828"
},
{
"category": "external",
"summary": "SUSE Bug 1126503 for CVE-2019-3828",
"url": "https://bugzilla.suse.com/1126503"
},
{
"category": "external",
"summary": "SUSE Bug 1164137 for CVE-2019-3828",
"url": "https://bugzilla.suse.com/1164137"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE OpenStack Cloud 7:ansible-2.2.3.0-12.2.noarch",
"SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.s390x",
"SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.x86_64",
"SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.s390x",
"SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.x86_64",
"SUSE OpenStack Cloud 7:crowbar-ha-4.0+git.1585316203.d6ad2c8-4.52.4.noarch",
"SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1589804581.9972163f0-9.71.4.noarch",
"SUSE OpenStack Cloud 7:grafana-4.6.5-1.14.1.x86_64",
"SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.s390x",
"SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.x86_64",
"SUSE OpenStack Cloud 7:kibana-4.6.3-5.1.x86_64",
"SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.s390x",
"SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.x86_64",
"SUSE OpenStack Cloud 7:monasca-installer-20180608_12.47-12.1.noarch",
"SUSE OpenStack Cloud 7:openstack-dashboard-theme-SUSE-2016.2-5.12.4.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-api-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-data-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-doc-3.0.1~dev30-4.12.3.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-scheduler-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-share-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-neutron-fwaas-9.0.2~dev5-4.9.3.noarch",
"SUSE OpenStack Cloud 7:openstack-neutron-fwaas-doc-9.0.2~dev5-4.9.4.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-api-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-cells-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-cert-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-compute-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-conductor-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-console-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-consoleauth-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-doc-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-novncproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-placement-api-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-scheduler-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-serialproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-vncproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-tempest-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:openstack-tempest-test-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:python-Django-1.8.19-3.23.1.noarch",
"SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.s390x",
"SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.x86_64",
"SUSE OpenStack Cloud 7:python-manila-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:python-neutron-fwaas-9.0.2~dev5-4.9.3.noarch",
"SUSE OpenStack Cloud 7:python-nova-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:python-psql2mysql-0.5.0+git.1589351878.4ef877c-1.12.1.noarch",
"SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.s390x",
"SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.x86_64",
"SUSE OpenStack Cloud 7:python-py-1.8.1-11.12.1.noarch",
"SUSE OpenStack Cloud 7:python-pysaml2-4.0.2-3.17.1.noarch",
"SUSE OpenStack Cloud 7:python-tempest-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:python-waitress-1.4.3-3.3.1.noarch",
"SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.s390x",
"SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.x86_64",
"SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.s390x",
"SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.x86_64",
"SUSE OpenStack Cloud 7:release-notes-suse-openstack-cloud-7.20180803-3.18.3.noarch",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.x86_64",
"SUSE OpenStack Cloud 7:zookeeper-server-3.4.10-6.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"SUSE OpenStack Cloud 7:ansible-2.2.3.0-12.2.noarch",
"SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.s390x",
"SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.x86_64",
"SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.s390x",
"SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.x86_64",
"SUSE OpenStack Cloud 7:crowbar-ha-4.0+git.1585316203.d6ad2c8-4.52.4.noarch",
"SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1589804581.9972163f0-9.71.4.noarch",
"SUSE OpenStack Cloud 7:grafana-4.6.5-1.14.1.x86_64",
"SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.s390x",
"SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.x86_64",
"SUSE OpenStack Cloud 7:kibana-4.6.3-5.1.x86_64",
"SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.s390x",
"SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.x86_64",
"SUSE OpenStack Cloud 7:monasca-installer-20180608_12.47-12.1.noarch",
"SUSE OpenStack Cloud 7:openstack-dashboard-theme-SUSE-2016.2-5.12.4.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-api-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-data-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-doc-3.0.1~dev30-4.12.3.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-scheduler-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-share-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-neutron-fwaas-9.0.2~dev5-4.9.3.noarch",
"SUSE OpenStack Cloud 7:openstack-neutron-fwaas-doc-9.0.2~dev5-4.9.4.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-api-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-cells-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-cert-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-compute-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-conductor-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-console-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-consoleauth-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-doc-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-novncproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-placement-api-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-scheduler-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-serialproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-vncproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-tempest-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:openstack-tempest-test-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:python-Django-1.8.19-3.23.1.noarch",
"SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.s390x",
"SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.x86_64",
"SUSE OpenStack Cloud 7:python-manila-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:python-neutron-fwaas-9.0.2~dev5-4.9.3.noarch",
"SUSE OpenStack Cloud 7:python-nova-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:python-psql2mysql-0.5.0+git.1589351878.4ef877c-1.12.1.noarch",
"SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.s390x",
"SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.x86_64",
"SUSE OpenStack Cloud 7:python-py-1.8.1-11.12.1.noarch",
"SUSE OpenStack Cloud 7:python-pysaml2-4.0.2-3.17.1.noarch",
"SUSE OpenStack Cloud 7:python-tempest-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:python-waitress-1.4.3-3.3.1.noarch",
"SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.s390x",
"SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.x86_64",
"SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.s390x",
"SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.x86_64",
"SUSE OpenStack Cloud 7:release-notes-suse-openstack-cloud-7.20180803-3.18.3.noarch",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.x86_64",
"SUSE OpenStack Cloud 7:zookeeper-server-3.4.10-6.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-07-29T14:31:35Z",
"details": "low"
}
],
"title": "CVE-2019-3828"
},
{
"cve": "CVE-2020-10663",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-10663"
}
],
"notes": [
{
"category": "general",
"text": "The JSON gem through 2.2.0 for Ruby, as used in Ruby 2.4 through 2.4.9, 2.5 through 2.5.7, and 2.6 through 2.6.5, has an Unsafe Object Creation Vulnerability. This is quite similar to CVE-2013-0269, but does not rely on poor garbage-collection behavior within Ruby. Specifically, use of JSON parsing methods can lead to creation of a malicious object within the interpreter, with adverse effects that are application-dependent.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE OpenStack Cloud 7:ansible-2.2.3.0-12.2.noarch",
"SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.s390x",
"SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.x86_64",
"SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.s390x",
"SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.x86_64",
"SUSE OpenStack Cloud 7:crowbar-ha-4.0+git.1585316203.d6ad2c8-4.52.4.noarch",
"SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1589804581.9972163f0-9.71.4.noarch",
"SUSE OpenStack Cloud 7:grafana-4.6.5-1.14.1.x86_64",
"SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.s390x",
"SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.x86_64",
"SUSE OpenStack Cloud 7:kibana-4.6.3-5.1.x86_64",
"SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.s390x",
"SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.x86_64",
"SUSE OpenStack Cloud 7:monasca-installer-20180608_12.47-12.1.noarch",
"SUSE OpenStack Cloud 7:openstack-dashboard-theme-SUSE-2016.2-5.12.4.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-api-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-data-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-doc-3.0.1~dev30-4.12.3.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-scheduler-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-share-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-neutron-fwaas-9.0.2~dev5-4.9.3.noarch",
"SUSE OpenStack Cloud 7:openstack-neutron-fwaas-doc-9.0.2~dev5-4.9.4.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-api-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-cells-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-cert-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-compute-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-conductor-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-console-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-consoleauth-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-doc-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-novncproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-placement-api-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-scheduler-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-serialproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-vncproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-tempest-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:openstack-tempest-test-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:python-Django-1.8.19-3.23.1.noarch",
"SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.s390x",
"SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.x86_64",
"SUSE OpenStack Cloud 7:python-manila-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:python-neutron-fwaas-9.0.2~dev5-4.9.3.noarch",
"SUSE OpenStack Cloud 7:python-nova-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:python-psql2mysql-0.5.0+git.1589351878.4ef877c-1.12.1.noarch",
"SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.s390x",
"SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.x86_64",
"SUSE OpenStack Cloud 7:python-py-1.8.1-11.12.1.noarch",
"SUSE OpenStack Cloud 7:python-pysaml2-4.0.2-3.17.1.noarch",
"SUSE OpenStack Cloud 7:python-tempest-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:python-waitress-1.4.3-3.3.1.noarch",
"SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.s390x",
"SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.x86_64",
"SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.s390x",
"SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.x86_64",
"SUSE OpenStack Cloud 7:release-notes-suse-openstack-cloud-7.20180803-3.18.3.noarch",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.x86_64",
"SUSE OpenStack Cloud 7:zookeeper-server-3.4.10-6.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-10663",
"url": "https://www.suse.com/security/cve/CVE-2020-10663"
},
{
"category": "external",
"summary": "SUSE Bug 1167244 for CVE-2020-10663",
"url": "https://bugzilla.suse.com/1167244"
},
{
"category": "external",
"summary": "SUSE Bug 1171517 for CVE-2020-10663",
"url": "https://bugzilla.suse.com/1171517"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE OpenStack Cloud 7:ansible-2.2.3.0-12.2.noarch",
"SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.s390x",
"SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.x86_64",
"SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.s390x",
"SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.x86_64",
"SUSE OpenStack Cloud 7:crowbar-ha-4.0+git.1585316203.d6ad2c8-4.52.4.noarch",
"SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1589804581.9972163f0-9.71.4.noarch",
"SUSE OpenStack Cloud 7:grafana-4.6.5-1.14.1.x86_64",
"SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.s390x",
"SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.x86_64",
"SUSE OpenStack Cloud 7:kibana-4.6.3-5.1.x86_64",
"SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.s390x",
"SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.x86_64",
"SUSE OpenStack Cloud 7:monasca-installer-20180608_12.47-12.1.noarch",
"SUSE OpenStack Cloud 7:openstack-dashboard-theme-SUSE-2016.2-5.12.4.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-api-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-data-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-doc-3.0.1~dev30-4.12.3.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-scheduler-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-share-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-neutron-fwaas-9.0.2~dev5-4.9.3.noarch",
"SUSE OpenStack Cloud 7:openstack-neutron-fwaas-doc-9.0.2~dev5-4.9.4.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-api-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-cells-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-cert-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-compute-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-conductor-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-console-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-consoleauth-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-doc-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-novncproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-placement-api-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-scheduler-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-serialproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-vncproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-tempest-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:openstack-tempest-test-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:python-Django-1.8.19-3.23.1.noarch",
"SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.s390x",
"SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.x86_64",
"SUSE OpenStack Cloud 7:python-manila-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:python-neutron-fwaas-9.0.2~dev5-4.9.3.noarch",
"SUSE OpenStack Cloud 7:python-nova-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:python-psql2mysql-0.5.0+git.1589351878.4ef877c-1.12.1.noarch",
"SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.s390x",
"SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.x86_64",
"SUSE OpenStack Cloud 7:python-py-1.8.1-11.12.1.noarch",
"SUSE OpenStack Cloud 7:python-pysaml2-4.0.2-3.17.1.noarch",
"SUSE OpenStack Cloud 7:python-tempest-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:python-waitress-1.4.3-3.3.1.noarch",
"SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.s390x",
"SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.x86_64",
"SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.s390x",
"SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.x86_64",
"SUSE OpenStack Cloud 7:release-notes-suse-openstack-cloud-7.20180803-3.18.3.noarch",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.x86_64",
"SUSE OpenStack Cloud 7:zookeeper-server-3.4.10-6.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE OpenStack Cloud 7:ansible-2.2.3.0-12.2.noarch",
"SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.s390x",
"SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.x86_64",
"SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.s390x",
"SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.x86_64",
"SUSE OpenStack Cloud 7:crowbar-ha-4.0+git.1585316203.d6ad2c8-4.52.4.noarch",
"SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1589804581.9972163f0-9.71.4.noarch",
"SUSE OpenStack Cloud 7:grafana-4.6.5-1.14.1.x86_64",
"SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.s390x",
"SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.x86_64",
"SUSE OpenStack Cloud 7:kibana-4.6.3-5.1.x86_64",
"SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.s390x",
"SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.x86_64",
"SUSE OpenStack Cloud 7:monasca-installer-20180608_12.47-12.1.noarch",
"SUSE OpenStack Cloud 7:openstack-dashboard-theme-SUSE-2016.2-5.12.4.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-api-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-data-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-doc-3.0.1~dev30-4.12.3.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-scheduler-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-share-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-neutron-fwaas-9.0.2~dev5-4.9.3.noarch",
"SUSE OpenStack Cloud 7:openstack-neutron-fwaas-doc-9.0.2~dev5-4.9.4.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-api-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-cells-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-cert-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-compute-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-conductor-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-console-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-consoleauth-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-doc-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-novncproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-placement-api-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-scheduler-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-serialproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-vncproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-tempest-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:openstack-tempest-test-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:python-Django-1.8.19-3.23.1.noarch",
"SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.s390x",
"SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.x86_64",
"SUSE OpenStack Cloud 7:python-manila-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:python-neutron-fwaas-9.0.2~dev5-4.9.3.noarch",
"SUSE OpenStack Cloud 7:python-nova-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:python-psql2mysql-0.5.0+git.1589351878.4ef877c-1.12.1.noarch",
"SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.s390x",
"SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.x86_64",
"SUSE OpenStack Cloud 7:python-py-1.8.1-11.12.1.noarch",
"SUSE OpenStack Cloud 7:python-pysaml2-4.0.2-3.17.1.noarch",
"SUSE OpenStack Cloud 7:python-tempest-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:python-waitress-1.4.3-3.3.1.noarch",
"SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.s390x",
"SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.x86_64",
"SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.s390x",
"SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.x86_64",
"SUSE OpenStack Cloud 7:release-notes-suse-openstack-cloud-7.20180803-3.18.3.noarch",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.x86_64",
"SUSE OpenStack Cloud 7:zookeeper-server-3.4.10-6.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-07-29T14:31:35Z",
"details": "important"
}
],
"title": "CVE-2020-10663"
},
{
"cve": "CVE-2020-10743",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-10743"
}
],
"notes": [
{
"category": "general",
"text": "It was discovered that OpenShift Container Platform\u0027s (OCP) distribution of Kibana could open in an iframe, which made it possible to intercept and manipulate requests. This flaw allows an attacker to trick a user into performing arbitrary actions in OCP\u0027s distribution of Kibana, such as clickjacking.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE OpenStack Cloud 7:ansible-2.2.3.0-12.2.noarch",
"SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.s390x",
"SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.x86_64",
"SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.s390x",
"SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.x86_64",
"SUSE OpenStack Cloud 7:crowbar-ha-4.0+git.1585316203.d6ad2c8-4.52.4.noarch",
"SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1589804581.9972163f0-9.71.4.noarch",
"SUSE OpenStack Cloud 7:grafana-4.6.5-1.14.1.x86_64",
"SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.s390x",
"SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.x86_64",
"SUSE OpenStack Cloud 7:kibana-4.6.3-5.1.x86_64",
"SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.s390x",
"SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.x86_64",
"SUSE OpenStack Cloud 7:monasca-installer-20180608_12.47-12.1.noarch",
"SUSE OpenStack Cloud 7:openstack-dashboard-theme-SUSE-2016.2-5.12.4.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-api-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-data-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-doc-3.0.1~dev30-4.12.3.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-scheduler-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-share-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-neutron-fwaas-9.0.2~dev5-4.9.3.noarch",
"SUSE OpenStack Cloud 7:openstack-neutron-fwaas-doc-9.0.2~dev5-4.9.4.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-api-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-cells-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-cert-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-compute-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-conductor-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-console-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-consoleauth-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-doc-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-novncproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-placement-api-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-scheduler-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-serialproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-vncproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-tempest-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:openstack-tempest-test-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:python-Django-1.8.19-3.23.1.noarch",
"SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.s390x",
"SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.x86_64",
"SUSE OpenStack Cloud 7:python-manila-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:python-neutron-fwaas-9.0.2~dev5-4.9.3.noarch",
"SUSE OpenStack Cloud 7:python-nova-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:python-psql2mysql-0.5.0+git.1589351878.4ef877c-1.12.1.noarch",
"SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.s390x",
"SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.x86_64",
"SUSE OpenStack Cloud 7:python-py-1.8.1-11.12.1.noarch",
"SUSE OpenStack Cloud 7:python-pysaml2-4.0.2-3.17.1.noarch",
"SUSE OpenStack Cloud 7:python-tempest-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:python-waitress-1.4.3-3.3.1.noarch",
"SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.s390x",
"SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.x86_64",
"SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.s390x",
"SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.x86_64",
"SUSE OpenStack Cloud 7:release-notes-suse-openstack-cloud-7.20180803-3.18.3.noarch",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.x86_64",
"SUSE OpenStack Cloud 7:zookeeper-server-3.4.10-6.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-10743",
"url": "https://www.suse.com/security/cve/CVE-2020-10743"
},
{
"category": "external",
"summary": "SUSE Bug 1171909 for CVE-2020-10743",
"url": "https://bugzilla.suse.com/1171909"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE OpenStack Cloud 7:ansible-2.2.3.0-12.2.noarch",
"SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.s390x",
"SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.x86_64",
"SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.s390x",
"SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.x86_64",
"SUSE OpenStack Cloud 7:crowbar-ha-4.0+git.1585316203.d6ad2c8-4.52.4.noarch",
"SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1589804581.9972163f0-9.71.4.noarch",
"SUSE OpenStack Cloud 7:grafana-4.6.5-1.14.1.x86_64",
"SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.s390x",
"SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.x86_64",
"SUSE OpenStack Cloud 7:kibana-4.6.3-5.1.x86_64",
"SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.s390x",
"SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.x86_64",
"SUSE OpenStack Cloud 7:monasca-installer-20180608_12.47-12.1.noarch",
"SUSE OpenStack Cloud 7:openstack-dashboard-theme-SUSE-2016.2-5.12.4.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-api-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-data-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-doc-3.0.1~dev30-4.12.3.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-scheduler-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-share-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-neutron-fwaas-9.0.2~dev5-4.9.3.noarch",
"SUSE OpenStack Cloud 7:openstack-neutron-fwaas-doc-9.0.2~dev5-4.9.4.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-api-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-cells-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-cert-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-compute-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-conductor-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-console-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-consoleauth-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-doc-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-novncproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-placement-api-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-scheduler-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-serialproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-vncproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-tempest-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:openstack-tempest-test-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:python-Django-1.8.19-3.23.1.noarch",
"SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.s390x",
"SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.x86_64",
"SUSE OpenStack Cloud 7:python-manila-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:python-neutron-fwaas-9.0.2~dev5-4.9.3.noarch",
"SUSE OpenStack Cloud 7:python-nova-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:python-psql2mysql-0.5.0+git.1589351878.4ef877c-1.12.1.noarch",
"SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.s390x",
"SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.x86_64",
"SUSE OpenStack Cloud 7:python-py-1.8.1-11.12.1.noarch",
"SUSE OpenStack Cloud 7:python-pysaml2-4.0.2-3.17.1.noarch",
"SUSE OpenStack Cloud 7:python-tempest-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:python-waitress-1.4.3-3.3.1.noarch",
"SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.s390x",
"SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.x86_64",
"SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.s390x",
"SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.x86_64",
"SUSE OpenStack Cloud 7:release-notes-suse-openstack-cloud-7.20180803-3.18.3.noarch",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.x86_64",
"SUSE OpenStack Cloud 7:zookeeper-server-3.4.10-6.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.9,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE OpenStack Cloud 7:ansible-2.2.3.0-12.2.noarch",
"SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.s390x",
"SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.x86_64",
"SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.s390x",
"SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.x86_64",
"SUSE OpenStack Cloud 7:crowbar-ha-4.0+git.1585316203.d6ad2c8-4.52.4.noarch",
"SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1589804581.9972163f0-9.71.4.noarch",
"SUSE OpenStack Cloud 7:grafana-4.6.5-1.14.1.x86_64",
"SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.s390x",
"SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.x86_64",
"SUSE OpenStack Cloud 7:kibana-4.6.3-5.1.x86_64",
"SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.s390x",
"SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.x86_64",
"SUSE OpenStack Cloud 7:monasca-installer-20180608_12.47-12.1.noarch",
"SUSE OpenStack Cloud 7:openstack-dashboard-theme-SUSE-2016.2-5.12.4.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-api-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-data-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-doc-3.0.1~dev30-4.12.3.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-scheduler-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-share-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-neutron-fwaas-9.0.2~dev5-4.9.3.noarch",
"SUSE OpenStack Cloud 7:openstack-neutron-fwaas-doc-9.0.2~dev5-4.9.4.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-api-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-cells-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-cert-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-compute-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-conductor-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-console-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-consoleauth-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-doc-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-novncproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-placement-api-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-scheduler-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-serialproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-vncproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-tempest-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:openstack-tempest-test-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:python-Django-1.8.19-3.23.1.noarch",
"SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.s390x",
"SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.x86_64",
"SUSE OpenStack Cloud 7:python-manila-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:python-neutron-fwaas-9.0.2~dev5-4.9.3.noarch",
"SUSE OpenStack Cloud 7:python-nova-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:python-psql2mysql-0.5.0+git.1589351878.4ef877c-1.12.1.noarch",
"SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.s390x",
"SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.x86_64",
"SUSE OpenStack Cloud 7:python-py-1.8.1-11.12.1.noarch",
"SUSE OpenStack Cloud 7:python-pysaml2-4.0.2-3.17.1.noarch",
"SUSE OpenStack Cloud 7:python-tempest-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:python-waitress-1.4.3-3.3.1.noarch",
"SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.s390x",
"SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.x86_64",
"SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.s390x",
"SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.x86_64",
"SUSE OpenStack Cloud 7:release-notes-suse-openstack-cloud-7.20180803-3.18.3.noarch",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.x86_64",
"SUSE OpenStack Cloud 7:zookeeper-server-3.4.10-6.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-07-29T14:31:35Z",
"details": "low"
}
],
"title": "CVE-2020-10743"
},
{
"cve": "CVE-2020-11076",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-11076"
}
],
"notes": [
{
"category": "general",
"text": "In Puma (RubyGem) before 4.3.4 and 3.12.5, an attacker could smuggle an HTTP response, by using an invalid transfer-encoding header. The problem has been fixed in Puma 3.12.5 and Puma 4.3.4.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE OpenStack Cloud 7:ansible-2.2.3.0-12.2.noarch",
"SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.s390x",
"SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.x86_64",
"SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.s390x",
"SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.x86_64",
"SUSE OpenStack Cloud 7:crowbar-ha-4.0+git.1585316203.d6ad2c8-4.52.4.noarch",
"SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1589804581.9972163f0-9.71.4.noarch",
"SUSE OpenStack Cloud 7:grafana-4.6.5-1.14.1.x86_64",
"SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.s390x",
"SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.x86_64",
"SUSE OpenStack Cloud 7:kibana-4.6.3-5.1.x86_64",
"SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.s390x",
"SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.x86_64",
"SUSE OpenStack Cloud 7:monasca-installer-20180608_12.47-12.1.noarch",
"SUSE OpenStack Cloud 7:openstack-dashboard-theme-SUSE-2016.2-5.12.4.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-api-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-data-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-doc-3.0.1~dev30-4.12.3.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-scheduler-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-share-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-neutron-fwaas-9.0.2~dev5-4.9.3.noarch",
"SUSE OpenStack Cloud 7:openstack-neutron-fwaas-doc-9.0.2~dev5-4.9.4.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-api-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-cells-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-cert-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-compute-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-conductor-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-console-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-consoleauth-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-doc-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-novncproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-placement-api-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-scheduler-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-serialproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-vncproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-tempest-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:openstack-tempest-test-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:python-Django-1.8.19-3.23.1.noarch",
"SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.s390x",
"SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.x86_64",
"SUSE OpenStack Cloud 7:python-manila-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:python-neutron-fwaas-9.0.2~dev5-4.9.3.noarch",
"SUSE OpenStack Cloud 7:python-nova-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:python-psql2mysql-0.5.0+git.1589351878.4ef877c-1.12.1.noarch",
"SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.s390x",
"SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.x86_64",
"SUSE OpenStack Cloud 7:python-py-1.8.1-11.12.1.noarch",
"SUSE OpenStack Cloud 7:python-pysaml2-4.0.2-3.17.1.noarch",
"SUSE OpenStack Cloud 7:python-tempest-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:python-waitress-1.4.3-3.3.1.noarch",
"SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.s390x",
"SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.x86_64",
"SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.s390x",
"SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.x86_64",
"SUSE OpenStack Cloud 7:release-notes-suse-openstack-cloud-7.20180803-3.18.3.noarch",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.x86_64",
"SUSE OpenStack Cloud 7:zookeeper-server-3.4.10-6.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-11076",
"url": "https://www.suse.com/security/cve/CVE-2020-11076"
},
{
"category": "external",
"summary": "SUSE Bug 1172175 for CVE-2020-11076",
"url": "https://bugzilla.suse.com/1172175"
},
{
"category": "external",
"summary": "SUSE Bug 1172176 for CVE-2020-11076",
"url": "https://bugzilla.suse.com/1172176"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE OpenStack Cloud 7:ansible-2.2.3.0-12.2.noarch",
"SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.s390x",
"SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.x86_64",
"SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.s390x",
"SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.x86_64",
"SUSE OpenStack Cloud 7:crowbar-ha-4.0+git.1585316203.d6ad2c8-4.52.4.noarch",
"SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1589804581.9972163f0-9.71.4.noarch",
"SUSE OpenStack Cloud 7:grafana-4.6.5-1.14.1.x86_64",
"SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.s390x",
"SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.x86_64",
"SUSE OpenStack Cloud 7:kibana-4.6.3-5.1.x86_64",
"SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.s390x",
"SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.x86_64",
"SUSE OpenStack Cloud 7:monasca-installer-20180608_12.47-12.1.noarch",
"SUSE OpenStack Cloud 7:openstack-dashboard-theme-SUSE-2016.2-5.12.4.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-api-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-data-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-doc-3.0.1~dev30-4.12.3.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-scheduler-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-share-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-neutron-fwaas-9.0.2~dev5-4.9.3.noarch",
"SUSE OpenStack Cloud 7:openstack-neutron-fwaas-doc-9.0.2~dev5-4.9.4.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-api-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-cells-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-cert-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-compute-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-conductor-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-console-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-consoleauth-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-doc-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-novncproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-placement-api-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-scheduler-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-serialproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-vncproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-tempest-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:openstack-tempest-test-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:python-Django-1.8.19-3.23.1.noarch",
"SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.s390x",
"SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.x86_64",
"SUSE OpenStack Cloud 7:python-manila-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:python-neutron-fwaas-9.0.2~dev5-4.9.3.noarch",
"SUSE OpenStack Cloud 7:python-nova-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:python-psql2mysql-0.5.0+git.1589351878.4ef877c-1.12.1.noarch",
"SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.s390x",
"SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.x86_64",
"SUSE OpenStack Cloud 7:python-py-1.8.1-11.12.1.noarch",
"SUSE OpenStack Cloud 7:python-pysaml2-4.0.2-3.17.1.noarch",
"SUSE OpenStack Cloud 7:python-tempest-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:python-waitress-1.4.3-3.3.1.noarch",
"SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.s390x",
"SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.x86_64",
"SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.s390x",
"SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.x86_64",
"SUSE OpenStack Cloud 7:release-notes-suse-openstack-cloud-7.20180803-3.18.3.noarch",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.x86_64",
"SUSE OpenStack Cloud 7:zookeeper-server-3.4.10-6.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE OpenStack Cloud 7:ansible-2.2.3.0-12.2.noarch",
"SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.s390x",
"SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.x86_64",
"SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.s390x",
"SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.x86_64",
"SUSE OpenStack Cloud 7:crowbar-ha-4.0+git.1585316203.d6ad2c8-4.52.4.noarch",
"SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1589804581.9972163f0-9.71.4.noarch",
"SUSE OpenStack Cloud 7:grafana-4.6.5-1.14.1.x86_64",
"SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.s390x",
"SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.x86_64",
"SUSE OpenStack Cloud 7:kibana-4.6.3-5.1.x86_64",
"SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.s390x",
"SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.x86_64",
"SUSE OpenStack Cloud 7:monasca-installer-20180608_12.47-12.1.noarch",
"SUSE OpenStack Cloud 7:openstack-dashboard-theme-SUSE-2016.2-5.12.4.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-api-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-data-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-doc-3.0.1~dev30-4.12.3.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-scheduler-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-share-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-neutron-fwaas-9.0.2~dev5-4.9.3.noarch",
"SUSE OpenStack Cloud 7:openstack-neutron-fwaas-doc-9.0.2~dev5-4.9.4.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-api-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-cells-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-cert-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-compute-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-conductor-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-console-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-consoleauth-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-doc-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-novncproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-placement-api-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-scheduler-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-serialproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-vncproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-tempest-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:openstack-tempest-test-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:python-Django-1.8.19-3.23.1.noarch",
"SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.s390x",
"SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.x86_64",
"SUSE OpenStack Cloud 7:python-manila-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:python-neutron-fwaas-9.0.2~dev5-4.9.3.noarch",
"SUSE OpenStack Cloud 7:python-nova-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:python-psql2mysql-0.5.0+git.1589351878.4ef877c-1.12.1.noarch",
"SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.s390x",
"SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.x86_64",
"SUSE OpenStack Cloud 7:python-py-1.8.1-11.12.1.noarch",
"SUSE OpenStack Cloud 7:python-pysaml2-4.0.2-3.17.1.noarch",
"SUSE OpenStack Cloud 7:python-tempest-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:python-waitress-1.4.3-3.3.1.noarch",
"SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.s390x",
"SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.x86_64",
"SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.s390x",
"SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.x86_64",
"SUSE OpenStack Cloud 7:release-notes-suse-openstack-cloud-7.20180803-3.18.3.noarch",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.x86_64",
"SUSE OpenStack Cloud 7:zookeeper-server-3.4.10-6.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-07-29T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2020-11076"
},
{
"cve": "CVE-2020-11077",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-11077"
}
],
"notes": [
{
"category": "general",
"text": "In Puma (RubyGem) before 4.3.5 and 3.12.6, a client could smuggle a request through a proxy, causing the proxy to send a response back to another unknown client. If the proxy uses persistent connections and the client adds another request in via HTTP pipelining, the proxy may mistake it as the first request\u0027s body. Puma, however, would see it as two requests, and when processing the second request, send back a response that the proxy does not expect. If the proxy has reused the persistent connection to Puma to send another request for a different client, the second response from the first client will be sent to the second client. This is a similar but different vulnerability from CVE-2020-11076. The problem has been fixed in Puma 3.12.6 and Puma 4.3.5.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE OpenStack Cloud 7:ansible-2.2.3.0-12.2.noarch",
"SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.s390x",
"SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.x86_64",
"SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.s390x",
"SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.x86_64",
"SUSE OpenStack Cloud 7:crowbar-ha-4.0+git.1585316203.d6ad2c8-4.52.4.noarch",
"SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1589804581.9972163f0-9.71.4.noarch",
"SUSE OpenStack Cloud 7:grafana-4.6.5-1.14.1.x86_64",
"SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.s390x",
"SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.x86_64",
"SUSE OpenStack Cloud 7:kibana-4.6.3-5.1.x86_64",
"SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.s390x",
"SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.x86_64",
"SUSE OpenStack Cloud 7:monasca-installer-20180608_12.47-12.1.noarch",
"SUSE OpenStack Cloud 7:openstack-dashboard-theme-SUSE-2016.2-5.12.4.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-api-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-data-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-doc-3.0.1~dev30-4.12.3.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-scheduler-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-share-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-neutron-fwaas-9.0.2~dev5-4.9.3.noarch",
"SUSE OpenStack Cloud 7:openstack-neutron-fwaas-doc-9.0.2~dev5-4.9.4.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-api-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-cells-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-cert-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-compute-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-conductor-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-console-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-consoleauth-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-doc-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-novncproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-placement-api-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-scheduler-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-serialproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-vncproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-tempest-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:openstack-tempest-test-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:python-Django-1.8.19-3.23.1.noarch",
"SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.s390x",
"SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.x86_64",
"SUSE OpenStack Cloud 7:python-manila-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:python-neutron-fwaas-9.0.2~dev5-4.9.3.noarch",
"SUSE OpenStack Cloud 7:python-nova-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:python-psql2mysql-0.5.0+git.1589351878.4ef877c-1.12.1.noarch",
"SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.s390x",
"SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.x86_64",
"SUSE OpenStack Cloud 7:python-py-1.8.1-11.12.1.noarch",
"SUSE OpenStack Cloud 7:python-pysaml2-4.0.2-3.17.1.noarch",
"SUSE OpenStack Cloud 7:python-tempest-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:python-waitress-1.4.3-3.3.1.noarch",
"SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.s390x",
"SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.x86_64",
"SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.s390x",
"SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.x86_64",
"SUSE OpenStack Cloud 7:release-notes-suse-openstack-cloud-7.20180803-3.18.3.noarch",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.x86_64",
"SUSE OpenStack Cloud 7:zookeeper-server-3.4.10-6.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-11077",
"url": "https://www.suse.com/security/cve/CVE-2020-11077"
},
{
"category": "external",
"summary": "SUSE Bug 1172175 for CVE-2020-11077",
"url": "https://bugzilla.suse.com/1172175"
},
{
"category": "external",
"summary": "SUSE Bug 1172176 for CVE-2020-11077",
"url": "https://bugzilla.suse.com/1172176"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE OpenStack Cloud 7:ansible-2.2.3.0-12.2.noarch",
"SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.s390x",
"SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.x86_64",
"SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.s390x",
"SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.x86_64",
"SUSE OpenStack Cloud 7:crowbar-ha-4.0+git.1585316203.d6ad2c8-4.52.4.noarch",
"SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1589804581.9972163f0-9.71.4.noarch",
"SUSE OpenStack Cloud 7:grafana-4.6.5-1.14.1.x86_64",
"SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.s390x",
"SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.x86_64",
"SUSE OpenStack Cloud 7:kibana-4.6.3-5.1.x86_64",
"SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.s390x",
"SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.x86_64",
"SUSE OpenStack Cloud 7:monasca-installer-20180608_12.47-12.1.noarch",
"SUSE OpenStack Cloud 7:openstack-dashboard-theme-SUSE-2016.2-5.12.4.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-api-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-data-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-doc-3.0.1~dev30-4.12.3.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-scheduler-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-share-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-neutron-fwaas-9.0.2~dev5-4.9.3.noarch",
"SUSE OpenStack Cloud 7:openstack-neutron-fwaas-doc-9.0.2~dev5-4.9.4.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-api-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-cells-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-cert-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-compute-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-conductor-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-console-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-consoleauth-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-doc-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-novncproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-placement-api-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-scheduler-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-serialproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-vncproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-tempest-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:openstack-tempest-test-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:python-Django-1.8.19-3.23.1.noarch",
"SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.s390x",
"SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.x86_64",
"SUSE OpenStack Cloud 7:python-manila-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:python-neutron-fwaas-9.0.2~dev5-4.9.3.noarch",
"SUSE OpenStack Cloud 7:python-nova-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:python-psql2mysql-0.5.0+git.1589351878.4ef877c-1.12.1.noarch",
"SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.s390x",
"SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.x86_64",
"SUSE OpenStack Cloud 7:python-py-1.8.1-11.12.1.noarch",
"SUSE OpenStack Cloud 7:python-pysaml2-4.0.2-3.17.1.noarch",
"SUSE OpenStack Cloud 7:python-tempest-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:python-waitress-1.4.3-3.3.1.noarch",
"SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.s390x",
"SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.x86_64",
"SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.s390x",
"SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.x86_64",
"SUSE OpenStack Cloud 7:release-notes-suse-openstack-cloud-7.20180803-3.18.3.noarch",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.x86_64",
"SUSE OpenStack Cloud 7:zookeeper-server-3.4.10-6.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE OpenStack Cloud 7:ansible-2.2.3.0-12.2.noarch",
"SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.s390x",
"SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.x86_64",
"SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.s390x",
"SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.x86_64",
"SUSE OpenStack Cloud 7:crowbar-ha-4.0+git.1585316203.d6ad2c8-4.52.4.noarch",
"SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1589804581.9972163f0-9.71.4.noarch",
"SUSE OpenStack Cloud 7:grafana-4.6.5-1.14.1.x86_64",
"SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.s390x",
"SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.x86_64",
"SUSE OpenStack Cloud 7:kibana-4.6.3-5.1.x86_64",
"SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.s390x",
"SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.x86_64",
"SUSE OpenStack Cloud 7:monasca-installer-20180608_12.47-12.1.noarch",
"SUSE OpenStack Cloud 7:openstack-dashboard-theme-SUSE-2016.2-5.12.4.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-api-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-data-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-doc-3.0.1~dev30-4.12.3.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-scheduler-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-share-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-neutron-fwaas-9.0.2~dev5-4.9.3.noarch",
"SUSE OpenStack Cloud 7:openstack-neutron-fwaas-doc-9.0.2~dev5-4.9.4.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-api-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-cells-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-cert-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-compute-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-conductor-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-console-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-consoleauth-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-doc-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-novncproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-placement-api-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-scheduler-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-serialproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-vncproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-tempest-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:openstack-tempest-test-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:python-Django-1.8.19-3.23.1.noarch",
"SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.s390x",
"SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.x86_64",
"SUSE OpenStack Cloud 7:python-manila-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:python-neutron-fwaas-9.0.2~dev5-4.9.3.noarch",
"SUSE OpenStack Cloud 7:python-nova-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:python-psql2mysql-0.5.0+git.1589351878.4ef877c-1.12.1.noarch",
"SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.s390x",
"SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.x86_64",
"SUSE OpenStack Cloud 7:python-py-1.8.1-11.12.1.noarch",
"SUSE OpenStack Cloud 7:python-pysaml2-4.0.2-3.17.1.noarch",
"SUSE OpenStack Cloud 7:python-tempest-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:python-waitress-1.4.3-3.3.1.noarch",
"SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.s390x",
"SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.x86_64",
"SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.s390x",
"SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.x86_64",
"SUSE OpenStack Cloud 7:release-notes-suse-openstack-cloud-7.20180803-3.18.3.noarch",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.x86_64",
"SUSE OpenStack Cloud 7:zookeeper-server-3.4.10-6.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-07-29T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2020-11077"
},
{
"cve": "CVE-2020-12052",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-12052"
}
],
"notes": [
{
"category": "general",
"text": "Grafana version \u003c 6.7.3 is vulnerable for annotation popup XSS.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE OpenStack Cloud 7:ansible-2.2.3.0-12.2.noarch",
"SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.s390x",
"SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.x86_64",
"SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.s390x",
"SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.x86_64",
"SUSE OpenStack Cloud 7:crowbar-ha-4.0+git.1585316203.d6ad2c8-4.52.4.noarch",
"SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1589804581.9972163f0-9.71.4.noarch",
"SUSE OpenStack Cloud 7:grafana-4.6.5-1.14.1.x86_64",
"SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.s390x",
"SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.x86_64",
"SUSE OpenStack Cloud 7:kibana-4.6.3-5.1.x86_64",
"SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.s390x",
"SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.x86_64",
"SUSE OpenStack Cloud 7:monasca-installer-20180608_12.47-12.1.noarch",
"SUSE OpenStack Cloud 7:openstack-dashboard-theme-SUSE-2016.2-5.12.4.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-api-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-data-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-doc-3.0.1~dev30-4.12.3.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-scheduler-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-share-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-neutron-fwaas-9.0.2~dev5-4.9.3.noarch",
"SUSE OpenStack Cloud 7:openstack-neutron-fwaas-doc-9.0.2~dev5-4.9.4.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-api-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-cells-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-cert-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-compute-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-conductor-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-console-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-consoleauth-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-doc-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-novncproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-placement-api-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-scheduler-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-serialproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-vncproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-tempest-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:openstack-tempest-test-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:python-Django-1.8.19-3.23.1.noarch",
"SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.s390x",
"SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.x86_64",
"SUSE OpenStack Cloud 7:python-manila-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:python-neutron-fwaas-9.0.2~dev5-4.9.3.noarch",
"SUSE OpenStack Cloud 7:python-nova-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:python-psql2mysql-0.5.0+git.1589351878.4ef877c-1.12.1.noarch",
"SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.s390x",
"SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.x86_64",
"SUSE OpenStack Cloud 7:python-py-1.8.1-11.12.1.noarch",
"SUSE OpenStack Cloud 7:python-pysaml2-4.0.2-3.17.1.noarch",
"SUSE OpenStack Cloud 7:python-tempest-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:python-waitress-1.4.3-3.3.1.noarch",
"SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.s390x",
"SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.x86_64",
"SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.s390x",
"SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.x86_64",
"SUSE OpenStack Cloud 7:release-notes-suse-openstack-cloud-7.20180803-3.18.3.noarch",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.x86_64",
"SUSE OpenStack Cloud 7:zookeeper-server-3.4.10-6.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-12052",
"url": "https://www.suse.com/security/cve/CVE-2020-12052"
},
{
"category": "external",
"summary": "SUSE Bug 1170657 for CVE-2020-12052",
"url": "https://bugzilla.suse.com/1170657"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE OpenStack Cloud 7:ansible-2.2.3.0-12.2.noarch",
"SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.s390x",
"SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.x86_64",
"SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.s390x",
"SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.x86_64",
"SUSE OpenStack Cloud 7:crowbar-ha-4.0+git.1585316203.d6ad2c8-4.52.4.noarch",
"SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1589804581.9972163f0-9.71.4.noarch",
"SUSE OpenStack Cloud 7:grafana-4.6.5-1.14.1.x86_64",
"SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.s390x",
"SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.x86_64",
"SUSE OpenStack Cloud 7:kibana-4.6.3-5.1.x86_64",
"SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.s390x",
"SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.x86_64",
"SUSE OpenStack Cloud 7:monasca-installer-20180608_12.47-12.1.noarch",
"SUSE OpenStack Cloud 7:openstack-dashboard-theme-SUSE-2016.2-5.12.4.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-api-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-data-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-doc-3.0.1~dev30-4.12.3.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-scheduler-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-share-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-neutron-fwaas-9.0.2~dev5-4.9.3.noarch",
"SUSE OpenStack Cloud 7:openstack-neutron-fwaas-doc-9.0.2~dev5-4.9.4.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-api-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-cells-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-cert-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-compute-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-conductor-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-console-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-consoleauth-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-doc-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-novncproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-placement-api-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-scheduler-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-serialproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-vncproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-tempest-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:openstack-tempest-test-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:python-Django-1.8.19-3.23.1.noarch",
"SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.s390x",
"SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.x86_64",
"SUSE OpenStack Cloud 7:python-manila-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:python-neutron-fwaas-9.0.2~dev5-4.9.3.noarch",
"SUSE OpenStack Cloud 7:python-nova-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:python-psql2mysql-0.5.0+git.1589351878.4ef877c-1.12.1.noarch",
"SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.s390x",
"SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.x86_64",
"SUSE OpenStack Cloud 7:python-py-1.8.1-11.12.1.noarch",
"SUSE OpenStack Cloud 7:python-pysaml2-4.0.2-3.17.1.noarch",
"SUSE OpenStack Cloud 7:python-tempest-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:python-waitress-1.4.3-3.3.1.noarch",
"SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.s390x",
"SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.x86_64",
"SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.s390x",
"SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.x86_64",
"SUSE OpenStack Cloud 7:release-notes-suse-openstack-cloud-7.20180803-3.18.3.noarch",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.x86_64",
"SUSE OpenStack Cloud 7:zookeeper-server-3.4.10-6.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE OpenStack Cloud 7:ansible-2.2.3.0-12.2.noarch",
"SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.s390x",
"SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.x86_64",
"SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.s390x",
"SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.x86_64",
"SUSE OpenStack Cloud 7:crowbar-ha-4.0+git.1585316203.d6ad2c8-4.52.4.noarch",
"SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1589804581.9972163f0-9.71.4.noarch",
"SUSE OpenStack Cloud 7:grafana-4.6.5-1.14.1.x86_64",
"SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.s390x",
"SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.x86_64",
"SUSE OpenStack Cloud 7:kibana-4.6.3-5.1.x86_64",
"SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.s390x",
"SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.x86_64",
"SUSE OpenStack Cloud 7:monasca-installer-20180608_12.47-12.1.noarch",
"SUSE OpenStack Cloud 7:openstack-dashboard-theme-SUSE-2016.2-5.12.4.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-api-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-data-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-doc-3.0.1~dev30-4.12.3.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-scheduler-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-share-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-neutron-fwaas-9.0.2~dev5-4.9.3.noarch",
"SUSE OpenStack Cloud 7:openstack-neutron-fwaas-doc-9.0.2~dev5-4.9.4.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-api-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-cells-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-cert-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-compute-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-conductor-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-console-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-consoleauth-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-doc-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-novncproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-placement-api-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-scheduler-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-serialproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-vncproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-tempest-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:openstack-tempest-test-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:python-Django-1.8.19-3.23.1.noarch",
"SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.s390x",
"SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.x86_64",
"SUSE OpenStack Cloud 7:python-manila-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:python-neutron-fwaas-9.0.2~dev5-4.9.3.noarch",
"SUSE OpenStack Cloud 7:python-nova-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:python-psql2mysql-0.5.0+git.1589351878.4ef877c-1.12.1.noarch",
"SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.s390x",
"SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.x86_64",
"SUSE OpenStack Cloud 7:python-py-1.8.1-11.12.1.noarch",
"SUSE OpenStack Cloud 7:python-pysaml2-4.0.2-3.17.1.noarch",
"SUSE OpenStack Cloud 7:python-tempest-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:python-waitress-1.4.3-3.3.1.noarch",
"SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.s390x",
"SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.x86_64",
"SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.s390x",
"SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.x86_64",
"SUSE OpenStack Cloud 7:release-notes-suse-openstack-cloud-7.20180803-3.18.3.noarch",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.x86_64",
"SUSE OpenStack Cloud 7:zookeeper-server-3.4.10-6.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-07-29T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2020-12052"
},
{
"cve": "CVE-2020-13254",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-13254"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in Django 2.2 before 2.2.13 and 3.0 before 3.0.7. In cases where a memcached backend does not perform key validation, passing malformed cache keys could result in a key collision, and potential data leakage.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE OpenStack Cloud 7:ansible-2.2.3.0-12.2.noarch",
"SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.s390x",
"SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.x86_64",
"SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.s390x",
"SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.x86_64",
"SUSE OpenStack Cloud 7:crowbar-ha-4.0+git.1585316203.d6ad2c8-4.52.4.noarch",
"SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1589804581.9972163f0-9.71.4.noarch",
"SUSE OpenStack Cloud 7:grafana-4.6.5-1.14.1.x86_64",
"SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.s390x",
"SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.x86_64",
"SUSE OpenStack Cloud 7:kibana-4.6.3-5.1.x86_64",
"SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.s390x",
"SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.x86_64",
"SUSE OpenStack Cloud 7:monasca-installer-20180608_12.47-12.1.noarch",
"SUSE OpenStack Cloud 7:openstack-dashboard-theme-SUSE-2016.2-5.12.4.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-api-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-data-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-doc-3.0.1~dev30-4.12.3.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-scheduler-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-share-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-neutron-fwaas-9.0.2~dev5-4.9.3.noarch",
"SUSE OpenStack Cloud 7:openstack-neutron-fwaas-doc-9.0.2~dev5-4.9.4.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-api-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-cells-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-cert-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-compute-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-conductor-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-console-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-consoleauth-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-doc-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-novncproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-placement-api-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-scheduler-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-serialproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-vncproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-tempest-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:openstack-tempest-test-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:python-Django-1.8.19-3.23.1.noarch",
"SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.s390x",
"SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.x86_64",
"SUSE OpenStack Cloud 7:python-manila-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:python-neutron-fwaas-9.0.2~dev5-4.9.3.noarch",
"SUSE OpenStack Cloud 7:python-nova-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:python-psql2mysql-0.5.0+git.1589351878.4ef877c-1.12.1.noarch",
"SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.s390x",
"SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.x86_64",
"SUSE OpenStack Cloud 7:python-py-1.8.1-11.12.1.noarch",
"SUSE OpenStack Cloud 7:python-pysaml2-4.0.2-3.17.1.noarch",
"SUSE OpenStack Cloud 7:python-tempest-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:python-waitress-1.4.3-3.3.1.noarch",
"SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.s390x",
"SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.x86_64",
"SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.s390x",
"SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.x86_64",
"SUSE OpenStack Cloud 7:release-notes-suse-openstack-cloud-7.20180803-3.18.3.noarch",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.x86_64",
"SUSE OpenStack Cloud 7:zookeeper-server-3.4.10-6.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-13254",
"url": "https://www.suse.com/security/cve/CVE-2020-13254"
},
{
"category": "external",
"summary": "SUSE Bug 1172166 for CVE-2020-13254",
"url": "https://bugzilla.suse.com/1172166"
},
{
"category": "external",
"summary": "SUSE Bug 1172167 for CVE-2020-13254",
"url": "https://bugzilla.suse.com/1172167"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE OpenStack Cloud 7:ansible-2.2.3.0-12.2.noarch",
"SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.s390x",
"SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.x86_64",
"SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.s390x",
"SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.x86_64",
"SUSE OpenStack Cloud 7:crowbar-ha-4.0+git.1585316203.d6ad2c8-4.52.4.noarch",
"SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1589804581.9972163f0-9.71.4.noarch",
"SUSE OpenStack Cloud 7:grafana-4.6.5-1.14.1.x86_64",
"SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.s390x",
"SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.x86_64",
"SUSE OpenStack Cloud 7:kibana-4.6.3-5.1.x86_64",
"SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.s390x",
"SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.x86_64",
"SUSE OpenStack Cloud 7:monasca-installer-20180608_12.47-12.1.noarch",
"SUSE OpenStack Cloud 7:openstack-dashboard-theme-SUSE-2016.2-5.12.4.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-api-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-data-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-doc-3.0.1~dev30-4.12.3.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-scheduler-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-share-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-neutron-fwaas-9.0.2~dev5-4.9.3.noarch",
"SUSE OpenStack Cloud 7:openstack-neutron-fwaas-doc-9.0.2~dev5-4.9.4.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-api-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-cells-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-cert-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-compute-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-conductor-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-console-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-consoleauth-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-doc-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-novncproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-placement-api-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-scheduler-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-serialproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-vncproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-tempest-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:openstack-tempest-test-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:python-Django-1.8.19-3.23.1.noarch",
"SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.s390x",
"SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.x86_64",
"SUSE OpenStack Cloud 7:python-manila-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:python-neutron-fwaas-9.0.2~dev5-4.9.3.noarch",
"SUSE OpenStack Cloud 7:python-nova-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:python-psql2mysql-0.5.0+git.1589351878.4ef877c-1.12.1.noarch",
"SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.s390x",
"SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.x86_64",
"SUSE OpenStack Cloud 7:python-py-1.8.1-11.12.1.noarch",
"SUSE OpenStack Cloud 7:python-pysaml2-4.0.2-3.17.1.noarch",
"SUSE OpenStack Cloud 7:python-tempest-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:python-waitress-1.4.3-3.3.1.noarch",
"SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.s390x",
"SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.x86_64",
"SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.s390x",
"SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.x86_64",
"SUSE OpenStack Cloud 7:release-notes-suse-openstack-cloud-7.20180803-3.18.3.noarch",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.x86_64",
"SUSE OpenStack Cloud 7:zookeeper-server-3.4.10-6.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE OpenStack Cloud 7:ansible-2.2.3.0-12.2.noarch",
"SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.s390x",
"SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.x86_64",
"SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.s390x",
"SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.x86_64",
"SUSE OpenStack Cloud 7:crowbar-ha-4.0+git.1585316203.d6ad2c8-4.52.4.noarch",
"SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1589804581.9972163f0-9.71.4.noarch",
"SUSE OpenStack Cloud 7:grafana-4.6.5-1.14.1.x86_64",
"SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.s390x",
"SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.x86_64",
"SUSE OpenStack Cloud 7:kibana-4.6.3-5.1.x86_64",
"SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.s390x",
"SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.x86_64",
"SUSE OpenStack Cloud 7:monasca-installer-20180608_12.47-12.1.noarch",
"SUSE OpenStack Cloud 7:openstack-dashboard-theme-SUSE-2016.2-5.12.4.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-api-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-data-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-doc-3.0.1~dev30-4.12.3.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-scheduler-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-share-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-neutron-fwaas-9.0.2~dev5-4.9.3.noarch",
"SUSE OpenStack Cloud 7:openstack-neutron-fwaas-doc-9.0.2~dev5-4.9.4.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-api-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-cells-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-cert-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-compute-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-conductor-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-console-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-consoleauth-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-doc-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-novncproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-placement-api-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-scheduler-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-serialproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-vncproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-tempest-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:openstack-tempest-test-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:python-Django-1.8.19-3.23.1.noarch",
"SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.s390x",
"SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.x86_64",
"SUSE OpenStack Cloud 7:python-manila-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:python-neutron-fwaas-9.0.2~dev5-4.9.3.noarch",
"SUSE OpenStack Cloud 7:python-nova-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:python-psql2mysql-0.5.0+git.1589351878.4ef877c-1.12.1.noarch",
"SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.s390x",
"SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.x86_64",
"SUSE OpenStack Cloud 7:python-py-1.8.1-11.12.1.noarch",
"SUSE OpenStack Cloud 7:python-pysaml2-4.0.2-3.17.1.noarch",
"SUSE OpenStack Cloud 7:python-tempest-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:python-waitress-1.4.3-3.3.1.noarch",
"SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.s390x",
"SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.x86_64",
"SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.s390x",
"SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.x86_64",
"SUSE OpenStack Cloud 7:release-notes-suse-openstack-cloud-7.20180803-3.18.3.noarch",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.x86_64",
"SUSE OpenStack Cloud 7:zookeeper-server-3.4.10-6.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-07-29T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2020-13254"
},
{
"cve": "CVE-2020-13379",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-13379"
}
],
"notes": [
{
"category": "general",
"text": "The avatar feature in Grafana 3.0.1 through 7.0.1 has an SSRF Incorrect Access Control issue. This vulnerability allows any unauthenticated user/client to make Grafana send HTTP requests to any URL and return its result to the user/client. This can be used to gain information about the network that Grafana is running on. Furthermore, passing invalid URL objects could be used for DOS\u0027ing Grafana via SegFault.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE OpenStack Cloud 7:ansible-2.2.3.0-12.2.noarch",
"SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.s390x",
"SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.x86_64",
"SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.s390x",
"SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.x86_64",
"SUSE OpenStack Cloud 7:crowbar-ha-4.0+git.1585316203.d6ad2c8-4.52.4.noarch",
"SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1589804581.9972163f0-9.71.4.noarch",
"SUSE OpenStack Cloud 7:grafana-4.6.5-1.14.1.x86_64",
"SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.s390x",
"SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.x86_64",
"SUSE OpenStack Cloud 7:kibana-4.6.3-5.1.x86_64",
"SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.s390x",
"SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.x86_64",
"SUSE OpenStack Cloud 7:monasca-installer-20180608_12.47-12.1.noarch",
"SUSE OpenStack Cloud 7:openstack-dashboard-theme-SUSE-2016.2-5.12.4.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-api-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-data-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-doc-3.0.1~dev30-4.12.3.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-scheduler-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-share-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-neutron-fwaas-9.0.2~dev5-4.9.3.noarch",
"SUSE OpenStack Cloud 7:openstack-neutron-fwaas-doc-9.0.2~dev5-4.9.4.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-api-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-cells-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-cert-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-compute-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-conductor-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-console-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-consoleauth-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-doc-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-novncproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-placement-api-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-scheduler-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-serialproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-vncproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-tempest-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:openstack-tempest-test-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:python-Django-1.8.19-3.23.1.noarch",
"SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.s390x",
"SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.x86_64",
"SUSE OpenStack Cloud 7:python-manila-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:python-neutron-fwaas-9.0.2~dev5-4.9.3.noarch",
"SUSE OpenStack Cloud 7:python-nova-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:python-psql2mysql-0.5.0+git.1589351878.4ef877c-1.12.1.noarch",
"SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.s390x",
"SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.x86_64",
"SUSE OpenStack Cloud 7:python-py-1.8.1-11.12.1.noarch",
"SUSE OpenStack Cloud 7:python-pysaml2-4.0.2-3.17.1.noarch",
"SUSE OpenStack Cloud 7:python-tempest-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:python-waitress-1.4.3-3.3.1.noarch",
"SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.s390x",
"SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.x86_64",
"SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.s390x",
"SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.x86_64",
"SUSE OpenStack Cloud 7:release-notes-suse-openstack-cloud-7.20180803-3.18.3.noarch",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.x86_64",
"SUSE OpenStack Cloud 7:zookeeper-server-3.4.10-6.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-13379",
"url": "https://www.suse.com/security/cve/CVE-2020-13379"
},
{
"category": "external",
"summary": "SUSE Bug 1172409 for CVE-2020-13379",
"url": "https://bugzilla.suse.com/1172409"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE OpenStack Cloud 7:ansible-2.2.3.0-12.2.noarch",
"SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.s390x",
"SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.x86_64",
"SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.s390x",
"SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.x86_64",
"SUSE OpenStack Cloud 7:crowbar-ha-4.0+git.1585316203.d6ad2c8-4.52.4.noarch",
"SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1589804581.9972163f0-9.71.4.noarch",
"SUSE OpenStack Cloud 7:grafana-4.6.5-1.14.1.x86_64",
"SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.s390x",
"SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.x86_64",
"SUSE OpenStack Cloud 7:kibana-4.6.3-5.1.x86_64",
"SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.s390x",
"SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.x86_64",
"SUSE OpenStack Cloud 7:monasca-installer-20180608_12.47-12.1.noarch",
"SUSE OpenStack Cloud 7:openstack-dashboard-theme-SUSE-2016.2-5.12.4.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-api-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-data-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-doc-3.0.1~dev30-4.12.3.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-scheduler-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-share-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-neutron-fwaas-9.0.2~dev5-4.9.3.noarch",
"SUSE OpenStack Cloud 7:openstack-neutron-fwaas-doc-9.0.2~dev5-4.9.4.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-api-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-cells-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-cert-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-compute-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-conductor-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-console-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-consoleauth-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-doc-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-novncproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-placement-api-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-scheduler-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-serialproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-vncproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-tempest-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:openstack-tempest-test-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:python-Django-1.8.19-3.23.1.noarch",
"SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.s390x",
"SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.x86_64",
"SUSE OpenStack Cloud 7:python-manila-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:python-neutron-fwaas-9.0.2~dev5-4.9.3.noarch",
"SUSE OpenStack Cloud 7:python-nova-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:python-psql2mysql-0.5.0+git.1589351878.4ef877c-1.12.1.noarch",
"SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.s390x",
"SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.x86_64",
"SUSE OpenStack Cloud 7:python-py-1.8.1-11.12.1.noarch",
"SUSE OpenStack Cloud 7:python-pysaml2-4.0.2-3.17.1.noarch",
"SUSE OpenStack Cloud 7:python-tempest-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:python-waitress-1.4.3-3.3.1.noarch",
"SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.s390x",
"SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.x86_64",
"SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.s390x",
"SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.x86_64",
"SUSE OpenStack Cloud 7:release-notes-suse-openstack-cloud-7.20180803-3.18.3.noarch",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.x86_64",
"SUSE OpenStack Cloud 7:zookeeper-server-3.4.10-6.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE OpenStack Cloud 7:ansible-2.2.3.0-12.2.noarch",
"SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.s390x",
"SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.x86_64",
"SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.s390x",
"SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.x86_64",
"SUSE OpenStack Cloud 7:crowbar-ha-4.0+git.1585316203.d6ad2c8-4.52.4.noarch",
"SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1589804581.9972163f0-9.71.4.noarch",
"SUSE OpenStack Cloud 7:grafana-4.6.5-1.14.1.x86_64",
"SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.s390x",
"SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.x86_64",
"SUSE OpenStack Cloud 7:kibana-4.6.3-5.1.x86_64",
"SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.s390x",
"SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.x86_64",
"SUSE OpenStack Cloud 7:monasca-installer-20180608_12.47-12.1.noarch",
"SUSE OpenStack Cloud 7:openstack-dashboard-theme-SUSE-2016.2-5.12.4.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-api-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-data-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-doc-3.0.1~dev30-4.12.3.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-scheduler-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-share-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-neutron-fwaas-9.0.2~dev5-4.9.3.noarch",
"SUSE OpenStack Cloud 7:openstack-neutron-fwaas-doc-9.0.2~dev5-4.9.4.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-api-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-cells-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-cert-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-compute-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-conductor-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-console-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-consoleauth-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-doc-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-novncproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-placement-api-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-scheduler-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-serialproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-vncproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-tempest-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:openstack-tempest-test-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:python-Django-1.8.19-3.23.1.noarch",
"SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.s390x",
"SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.x86_64",
"SUSE OpenStack Cloud 7:python-manila-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:python-neutron-fwaas-9.0.2~dev5-4.9.3.noarch",
"SUSE OpenStack Cloud 7:python-nova-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:python-psql2mysql-0.5.0+git.1589351878.4ef877c-1.12.1.noarch",
"SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.s390x",
"SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.x86_64",
"SUSE OpenStack Cloud 7:python-py-1.8.1-11.12.1.noarch",
"SUSE OpenStack Cloud 7:python-pysaml2-4.0.2-3.17.1.noarch",
"SUSE OpenStack Cloud 7:python-tempest-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:python-waitress-1.4.3-3.3.1.noarch",
"SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.s390x",
"SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.x86_64",
"SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.s390x",
"SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.x86_64",
"SUSE OpenStack Cloud 7:release-notes-suse-openstack-cloud-7.20180803-3.18.3.noarch",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.x86_64",
"SUSE OpenStack Cloud 7:zookeeper-server-3.4.10-6.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-07-29T14:31:35Z",
"details": "important"
}
],
"title": "CVE-2020-13379"
},
{
"cve": "CVE-2020-13596",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-13596"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in Django 2.2 before 2.2.13 and 3.0 before 3.0.7. Query parameters generated by the Django admin ForeignKeyRawIdWidget were not properly URL encoded, leading to a possibility of an XSS attack.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE OpenStack Cloud 7:ansible-2.2.3.0-12.2.noarch",
"SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.s390x",
"SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.x86_64",
"SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.s390x",
"SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.x86_64",
"SUSE OpenStack Cloud 7:crowbar-ha-4.0+git.1585316203.d6ad2c8-4.52.4.noarch",
"SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1589804581.9972163f0-9.71.4.noarch",
"SUSE OpenStack Cloud 7:grafana-4.6.5-1.14.1.x86_64",
"SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.s390x",
"SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.x86_64",
"SUSE OpenStack Cloud 7:kibana-4.6.3-5.1.x86_64",
"SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.s390x",
"SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.x86_64",
"SUSE OpenStack Cloud 7:monasca-installer-20180608_12.47-12.1.noarch",
"SUSE OpenStack Cloud 7:openstack-dashboard-theme-SUSE-2016.2-5.12.4.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-api-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-data-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-doc-3.0.1~dev30-4.12.3.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-scheduler-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-share-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-neutron-fwaas-9.0.2~dev5-4.9.3.noarch",
"SUSE OpenStack Cloud 7:openstack-neutron-fwaas-doc-9.0.2~dev5-4.9.4.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-api-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-cells-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-cert-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-compute-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-conductor-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-console-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-consoleauth-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-doc-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-novncproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-placement-api-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-scheduler-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-serialproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-vncproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-tempest-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:openstack-tempest-test-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:python-Django-1.8.19-3.23.1.noarch",
"SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.s390x",
"SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.x86_64",
"SUSE OpenStack Cloud 7:python-manila-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:python-neutron-fwaas-9.0.2~dev5-4.9.3.noarch",
"SUSE OpenStack Cloud 7:python-nova-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:python-psql2mysql-0.5.0+git.1589351878.4ef877c-1.12.1.noarch",
"SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.s390x",
"SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.x86_64",
"SUSE OpenStack Cloud 7:python-py-1.8.1-11.12.1.noarch",
"SUSE OpenStack Cloud 7:python-pysaml2-4.0.2-3.17.1.noarch",
"SUSE OpenStack Cloud 7:python-tempest-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:python-waitress-1.4.3-3.3.1.noarch",
"SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.s390x",
"SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.x86_64",
"SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.s390x",
"SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.x86_64",
"SUSE OpenStack Cloud 7:release-notes-suse-openstack-cloud-7.20180803-3.18.3.noarch",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.x86_64",
"SUSE OpenStack Cloud 7:zookeeper-server-3.4.10-6.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-13596",
"url": "https://www.suse.com/security/cve/CVE-2020-13596"
},
{
"category": "external",
"summary": "SUSE Bug 1172166 for CVE-2020-13596",
"url": "https://bugzilla.suse.com/1172166"
},
{
"category": "external",
"summary": "SUSE Bug 1172167 for CVE-2020-13596",
"url": "https://bugzilla.suse.com/1172167"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE OpenStack Cloud 7:ansible-2.2.3.0-12.2.noarch",
"SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.s390x",
"SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.x86_64",
"SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.s390x",
"SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.x86_64",
"SUSE OpenStack Cloud 7:crowbar-ha-4.0+git.1585316203.d6ad2c8-4.52.4.noarch",
"SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1589804581.9972163f0-9.71.4.noarch",
"SUSE OpenStack Cloud 7:grafana-4.6.5-1.14.1.x86_64",
"SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.s390x",
"SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.x86_64",
"SUSE OpenStack Cloud 7:kibana-4.6.3-5.1.x86_64",
"SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.s390x",
"SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.x86_64",
"SUSE OpenStack Cloud 7:monasca-installer-20180608_12.47-12.1.noarch",
"SUSE OpenStack Cloud 7:openstack-dashboard-theme-SUSE-2016.2-5.12.4.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-api-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-data-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-doc-3.0.1~dev30-4.12.3.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-scheduler-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-share-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-neutron-fwaas-9.0.2~dev5-4.9.3.noarch",
"SUSE OpenStack Cloud 7:openstack-neutron-fwaas-doc-9.0.2~dev5-4.9.4.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-api-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-cells-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-cert-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-compute-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-conductor-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-console-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-consoleauth-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-doc-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-novncproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-placement-api-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-scheduler-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-serialproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-vncproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-tempest-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:openstack-tempest-test-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:python-Django-1.8.19-3.23.1.noarch",
"SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.s390x",
"SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.x86_64",
"SUSE OpenStack Cloud 7:python-manila-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:python-neutron-fwaas-9.0.2~dev5-4.9.3.noarch",
"SUSE OpenStack Cloud 7:python-nova-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:python-psql2mysql-0.5.0+git.1589351878.4ef877c-1.12.1.noarch",
"SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.s390x",
"SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.x86_64",
"SUSE OpenStack Cloud 7:python-py-1.8.1-11.12.1.noarch",
"SUSE OpenStack Cloud 7:python-pysaml2-4.0.2-3.17.1.noarch",
"SUSE OpenStack Cloud 7:python-tempest-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:python-waitress-1.4.3-3.3.1.noarch",
"SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.s390x",
"SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.x86_64",
"SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.s390x",
"SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.x86_64",
"SUSE OpenStack Cloud 7:release-notes-suse-openstack-cloud-7.20180803-3.18.3.noarch",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.x86_64",
"SUSE OpenStack Cloud 7:zookeeper-server-3.4.10-6.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE OpenStack Cloud 7:ansible-2.2.3.0-12.2.noarch",
"SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.s390x",
"SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.x86_64",
"SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.s390x",
"SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.x86_64",
"SUSE OpenStack Cloud 7:crowbar-ha-4.0+git.1585316203.d6ad2c8-4.52.4.noarch",
"SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1589804581.9972163f0-9.71.4.noarch",
"SUSE OpenStack Cloud 7:grafana-4.6.5-1.14.1.x86_64",
"SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.s390x",
"SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.x86_64",
"SUSE OpenStack Cloud 7:kibana-4.6.3-5.1.x86_64",
"SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.s390x",
"SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.x86_64",
"SUSE OpenStack Cloud 7:monasca-installer-20180608_12.47-12.1.noarch",
"SUSE OpenStack Cloud 7:openstack-dashboard-theme-SUSE-2016.2-5.12.4.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-api-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-data-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-doc-3.0.1~dev30-4.12.3.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-scheduler-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-share-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-neutron-fwaas-9.0.2~dev5-4.9.3.noarch",
"SUSE OpenStack Cloud 7:openstack-neutron-fwaas-doc-9.0.2~dev5-4.9.4.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-api-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-cells-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-cert-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-compute-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-conductor-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-console-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-consoleauth-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-doc-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-novncproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-placement-api-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-scheduler-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-serialproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-vncproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-tempest-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:openstack-tempest-test-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:python-Django-1.8.19-3.23.1.noarch",
"SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.s390x",
"SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.x86_64",
"SUSE OpenStack Cloud 7:python-manila-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:python-neutron-fwaas-9.0.2~dev5-4.9.3.noarch",
"SUSE OpenStack Cloud 7:python-nova-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:python-psql2mysql-0.5.0+git.1589351878.4ef877c-1.12.1.noarch",
"SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.s390x",
"SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.x86_64",
"SUSE OpenStack Cloud 7:python-py-1.8.1-11.12.1.noarch",
"SUSE OpenStack Cloud 7:python-pysaml2-4.0.2-3.17.1.noarch",
"SUSE OpenStack Cloud 7:python-tempest-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:python-waitress-1.4.3-3.3.1.noarch",
"SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.s390x",
"SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.x86_64",
"SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.s390x",
"SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.x86_64",
"SUSE OpenStack Cloud 7:release-notes-suse-openstack-cloud-7.20180803-3.18.3.noarch",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.x86_64",
"SUSE OpenStack Cloud 7:zookeeper-server-3.4.10-6.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-07-29T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2020-13596"
},
{
"cve": "CVE-2020-5247",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-5247"
}
],
"notes": [
{
"category": "general",
"text": "In Puma (RubyGem) before 4.3.2 and before 3.12.3, if an application using Puma allows untrusted input in a response header, an attacker can use newline characters (i.e. `CR`, `LF` or`/r`, `/n`) to end the header and inject malicious content, such as additional headers or an entirely new response body. This vulnerability is known as HTTP Response Splitting. While not an attack in itself, response splitting is a vector for several other attacks, such as cross-site scripting (XSS). This is related to CVE-2019-16254, which fixed this vulnerability for the WEBrick Ruby web server. This has been fixed in versions 4.3.2 and 3.12.3 by checking all headers for line endings and rejecting headers with those characters.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE OpenStack Cloud 7:ansible-2.2.3.0-12.2.noarch",
"SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.s390x",
"SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.x86_64",
"SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.s390x",
"SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.x86_64",
"SUSE OpenStack Cloud 7:crowbar-ha-4.0+git.1585316203.d6ad2c8-4.52.4.noarch",
"SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1589804581.9972163f0-9.71.4.noarch",
"SUSE OpenStack Cloud 7:grafana-4.6.5-1.14.1.x86_64",
"SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.s390x",
"SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.x86_64",
"SUSE OpenStack Cloud 7:kibana-4.6.3-5.1.x86_64",
"SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.s390x",
"SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.x86_64",
"SUSE OpenStack Cloud 7:monasca-installer-20180608_12.47-12.1.noarch",
"SUSE OpenStack Cloud 7:openstack-dashboard-theme-SUSE-2016.2-5.12.4.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-api-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-data-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-doc-3.0.1~dev30-4.12.3.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-scheduler-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-share-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-neutron-fwaas-9.0.2~dev5-4.9.3.noarch",
"SUSE OpenStack Cloud 7:openstack-neutron-fwaas-doc-9.0.2~dev5-4.9.4.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-api-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-cells-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-cert-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-compute-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-conductor-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-console-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-consoleauth-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-doc-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-novncproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-placement-api-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-scheduler-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-serialproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-vncproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-tempest-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:openstack-tempest-test-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:python-Django-1.8.19-3.23.1.noarch",
"SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.s390x",
"SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.x86_64",
"SUSE OpenStack Cloud 7:python-manila-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:python-neutron-fwaas-9.0.2~dev5-4.9.3.noarch",
"SUSE OpenStack Cloud 7:python-nova-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:python-psql2mysql-0.5.0+git.1589351878.4ef877c-1.12.1.noarch",
"SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.s390x",
"SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.x86_64",
"SUSE OpenStack Cloud 7:python-py-1.8.1-11.12.1.noarch",
"SUSE OpenStack Cloud 7:python-pysaml2-4.0.2-3.17.1.noarch",
"SUSE OpenStack Cloud 7:python-tempest-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:python-waitress-1.4.3-3.3.1.noarch",
"SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.s390x",
"SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.x86_64",
"SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.s390x",
"SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.x86_64",
"SUSE OpenStack Cloud 7:release-notes-suse-openstack-cloud-7.20180803-3.18.3.noarch",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.x86_64",
"SUSE OpenStack Cloud 7:zookeeper-server-3.4.10-6.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-5247",
"url": "https://www.suse.com/security/cve/CVE-2020-5247"
},
{
"category": "external",
"summary": "SUSE Bug 1165402 for CVE-2020-5247",
"url": "https://bugzilla.suse.com/1165402"
},
{
"category": "external",
"summary": "SUSE Bug 1165524 for CVE-2020-5247",
"url": "https://bugzilla.suse.com/1165524"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE OpenStack Cloud 7:ansible-2.2.3.0-12.2.noarch",
"SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.s390x",
"SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.x86_64",
"SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.s390x",
"SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.x86_64",
"SUSE OpenStack Cloud 7:crowbar-ha-4.0+git.1585316203.d6ad2c8-4.52.4.noarch",
"SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1589804581.9972163f0-9.71.4.noarch",
"SUSE OpenStack Cloud 7:grafana-4.6.5-1.14.1.x86_64",
"SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.s390x",
"SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.x86_64",
"SUSE OpenStack Cloud 7:kibana-4.6.3-5.1.x86_64",
"SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.s390x",
"SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.x86_64",
"SUSE OpenStack Cloud 7:monasca-installer-20180608_12.47-12.1.noarch",
"SUSE OpenStack Cloud 7:openstack-dashboard-theme-SUSE-2016.2-5.12.4.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-api-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-data-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-doc-3.0.1~dev30-4.12.3.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-scheduler-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-share-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-neutron-fwaas-9.0.2~dev5-4.9.3.noarch",
"SUSE OpenStack Cloud 7:openstack-neutron-fwaas-doc-9.0.2~dev5-4.9.4.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-api-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-cells-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-cert-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-compute-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-conductor-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-console-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-consoleauth-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-doc-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-novncproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-placement-api-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-scheduler-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-serialproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-vncproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-tempest-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:openstack-tempest-test-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:python-Django-1.8.19-3.23.1.noarch",
"SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.s390x",
"SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.x86_64",
"SUSE OpenStack Cloud 7:python-manila-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:python-neutron-fwaas-9.0.2~dev5-4.9.3.noarch",
"SUSE OpenStack Cloud 7:python-nova-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:python-psql2mysql-0.5.0+git.1589351878.4ef877c-1.12.1.noarch",
"SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.s390x",
"SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.x86_64",
"SUSE OpenStack Cloud 7:python-py-1.8.1-11.12.1.noarch",
"SUSE OpenStack Cloud 7:python-pysaml2-4.0.2-3.17.1.noarch",
"SUSE OpenStack Cloud 7:python-tempest-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:python-waitress-1.4.3-3.3.1.noarch",
"SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.s390x",
"SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.x86_64",
"SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.s390x",
"SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.x86_64",
"SUSE OpenStack Cloud 7:release-notes-suse-openstack-cloud-7.20180803-3.18.3.noarch",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.x86_64",
"SUSE OpenStack Cloud 7:zookeeper-server-3.4.10-6.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE OpenStack Cloud 7:ansible-2.2.3.0-12.2.noarch",
"SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.s390x",
"SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.x86_64",
"SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.s390x",
"SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.x86_64",
"SUSE OpenStack Cloud 7:crowbar-ha-4.0+git.1585316203.d6ad2c8-4.52.4.noarch",
"SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1589804581.9972163f0-9.71.4.noarch",
"SUSE OpenStack Cloud 7:grafana-4.6.5-1.14.1.x86_64",
"SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.s390x",
"SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.x86_64",
"SUSE OpenStack Cloud 7:kibana-4.6.3-5.1.x86_64",
"SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.s390x",
"SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.x86_64",
"SUSE OpenStack Cloud 7:monasca-installer-20180608_12.47-12.1.noarch",
"SUSE OpenStack Cloud 7:openstack-dashboard-theme-SUSE-2016.2-5.12.4.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-api-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-data-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-doc-3.0.1~dev30-4.12.3.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-scheduler-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-share-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-neutron-fwaas-9.0.2~dev5-4.9.3.noarch",
"SUSE OpenStack Cloud 7:openstack-neutron-fwaas-doc-9.0.2~dev5-4.9.4.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-api-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-cells-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-cert-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-compute-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-conductor-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-console-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-consoleauth-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-doc-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-novncproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-placement-api-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-scheduler-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-serialproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-vncproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-tempest-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:openstack-tempest-test-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:python-Django-1.8.19-3.23.1.noarch",
"SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.s390x",
"SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.x86_64",
"SUSE OpenStack Cloud 7:python-manila-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:python-neutron-fwaas-9.0.2~dev5-4.9.3.noarch",
"SUSE OpenStack Cloud 7:python-nova-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:python-psql2mysql-0.5.0+git.1589351878.4ef877c-1.12.1.noarch",
"SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.s390x",
"SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.x86_64",
"SUSE OpenStack Cloud 7:python-py-1.8.1-11.12.1.noarch",
"SUSE OpenStack Cloud 7:python-pysaml2-4.0.2-3.17.1.noarch",
"SUSE OpenStack Cloud 7:python-tempest-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:python-waitress-1.4.3-3.3.1.noarch",
"SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.s390x",
"SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.x86_64",
"SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.s390x",
"SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.x86_64",
"SUSE OpenStack Cloud 7:release-notes-suse-openstack-cloud-7.20180803-3.18.3.noarch",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.x86_64",
"SUSE OpenStack Cloud 7:zookeeper-server-3.4.10-6.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-07-29T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2020-5247"
},
{
"cve": "CVE-2020-5312",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-5312"
}
],
"notes": [
{
"category": "general",
"text": "libImaging/PcxDecode.c in Pillow before 6.2.2 has a PCX P mode buffer overflow.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE OpenStack Cloud 7:ansible-2.2.3.0-12.2.noarch",
"SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.s390x",
"SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.x86_64",
"SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.s390x",
"SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.x86_64",
"SUSE OpenStack Cloud 7:crowbar-ha-4.0+git.1585316203.d6ad2c8-4.52.4.noarch",
"SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1589804581.9972163f0-9.71.4.noarch",
"SUSE OpenStack Cloud 7:grafana-4.6.5-1.14.1.x86_64",
"SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.s390x",
"SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.x86_64",
"SUSE OpenStack Cloud 7:kibana-4.6.3-5.1.x86_64",
"SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.s390x",
"SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.x86_64",
"SUSE OpenStack Cloud 7:monasca-installer-20180608_12.47-12.1.noarch",
"SUSE OpenStack Cloud 7:openstack-dashboard-theme-SUSE-2016.2-5.12.4.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-api-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-data-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-doc-3.0.1~dev30-4.12.3.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-scheduler-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-share-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-neutron-fwaas-9.0.2~dev5-4.9.3.noarch",
"SUSE OpenStack Cloud 7:openstack-neutron-fwaas-doc-9.0.2~dev5-4.9.4.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-api-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-cells-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-cert-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-compute-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-conductor-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-console-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-consoleauth-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-doc-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-novncproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-placement-api-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-scheduler-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-serialproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-vncproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-tempest-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:openstack-tempest-test-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:python-Django-1.8.19-3.23.1.noarch",
"SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.s390x",
"SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.x86_64",
"SUSE OpenStack Cloud 7:python-manila-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:python-neutron-fwaas-9.0.2~dev5-4.9.3.noarch",
"SUSE OpenStack Cloud 7:python-nova-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:python-psql2mysql-0.5.0+git.1589351878.4ef877c-1.12.1.noarch",
"SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.s390x",
"SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.x86_64",
"SUSE OpenStack Cloud 7:python-py-1.8.1-11.12.1.noarch",
"SUSE OpenStack Cloud 7:python-pysaml2-4.0.2-3.17.1.noarch",
"SUSE OpenStack Cloud 7:python-tempest-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:python-waitress-1.4.3-3.3.1.noarch",
"SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.s390x",
"SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.x86_64",
"SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.s390x",
"SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.x86_64",
"SUSE OpenStack Cloud 7:release-notes-suse-openstack-cloud-7.20180803-3.18.3.noarch",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.x86_64",
"SUSE OpenStack Cloud 7:zookeeper-server-3.4.10-6.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-5312",
"url": "https://www.suse.com/security/cve/CVE-2020-5312"
},
{
"category": "external",
"summary": "SUSE Bug 1160152 for CVE-2020-5312",
"url": "https://bugzilla.suse.com/1160152"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE OpenStack Cloud 7:ansible-2.2.3.0-12.2.noarch",
"SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.s390x",
"SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.x86_64",
"SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.s390x",
"SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.x86_64",
"SUSE OpenStack Cloud 7:crowbar-ha-4.0+git.1585316203.d6ad2c8-4.52.4.noarch",
"SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1589804581.9972163f0-9.71.4.noarch",
"SUSE OpenStack Cloud 7:grafana-4.6.5-1.14.1.x86_64",
"SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.s390x",
"SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.x86_64",
"SUSE OpenStack Cloud 7:kibana-4.6.3-5.1.x86_64",
"SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.s390x",
"SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.x86_64",
"SUSE OpenStack Cloud 7:monasca-installer-20180608_12.47-12.1.noarch",
"SUSE OpenStack Cloud 7:openstack-dashboard-theme-SUSE-2016.2-5.12.4.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-api-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-data-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-doc-3.0.1~dev30-4.12.3.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-scheduler-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-share-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-neutron-fwaas-9.0.2~dev5-4.9.3.noarch",
"SUSE OpenStack Cloud 7:openstack-neutron-fwaas-doc-9.0.2~dev5-4.9.4.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-api-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-cells-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-cert-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-compute-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-conductor-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-console-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-consoleauth-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-doc-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-novncproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-placement-api-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-scheduler-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-serialproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-vncproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-tempest-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:openstack-tempest-test-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:python-Django-1.8.19-3.23.1.noarch",
"SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.s390x",
"SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.x86_64",
"SUSE OpenStack Cloud 7:python-manila-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:python-neutron-fwaas-9.0.2~dev5-4.9.3.noarch",
"SUSE OpenStack Cloud 7:python-nova-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:python-psql2mysql-0.5.0+git.1589351878.4ef877c-1.12.1.noarch",
"SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.s390x",
"SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.x86_64",
"SUSE OpenStack Cloud 7:python-py-1.8.1-11.12.1.noarch",
"SUSE OpenStack Cloud 7:python-pysaml2-4.0.2-3.17.1.noarch",
"SUSE OpenStack Cloud 7:python-tempest-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:python-waitress-1.4.3-3.3.1.noarch",
"SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.s390x",
"SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.x86_64",
"SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.s390x",
"SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.x86_64",
"SUSE OpenStack Cloud 7:release-notes-suse-openstack-cloud-7.20180803-3.18.3.noarch",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.x86_64",
"SUSE OpenStack Cloud 7:zookeeper-server-3.4.10-6.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE OpenStack Cloud 7:ansible-2.2.3.0-12.2.noarch",
"SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.s390x",
"SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.x86_64",
"SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.s390x",
"SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.x86_64",
"SUSE OpenStack Cloud 7:crowbar-ha-4.0+git.1585316203.d6ad2c8-4.52.4.noarch",
"SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1589804581.9972163f0-9.71.4.noarch",
"SUSE OpenStack Cloud 7:grafana-4.6.5-1.14.1.x86_64",
"SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.s390x",
"SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.x86_64",
"SUSE OpenStack Cloud 7:kibana-4.6.3-5.1.x86_64",
"SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.s390x",
"SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.x86_64",
"SUSE OpenStack Cloud 7:monasca-installer-20180608_12.47-12.1.noarch",
"SUSE OpenStack Cloud 7:openstack-dashboard-theme-SUSE-2016.2-5.12.4.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-api-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-data-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-doc-3.0.1~dev30-4.12.3.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-scheduler-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-share-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-neutron-fwaas-9.0.2~dev5-4.9.3.noarch",
"SUSE OpenStack Cloud 7:openstack-neutron-fwaas-doc-9.0.2~dev5-4.9.4.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-api-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-cells-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-cert-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-compute-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-conductor-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-console-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-consoleauth-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-doc-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-novncproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-placement-api-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-scheduler-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-serialproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-vncproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-tempest-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:openstack-tempest-test-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:python-Django-1.8.19-3.23.1.noarch",
"SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.s390x",
"SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.x86_64",
"SUSE OpenStack Cloud 7:python-manila-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:python-neutron-fwaas-9.0.2~dev5-4.9.3.noarch",
"SUSE OpenStack Cloud 7:python-nova-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:python-psql2mysql-0.5.0+git.1589351878.4ef877c-1.12.1.noarch",
"SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.s390x",
"SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.x86_64",
"SUSE OpenStack Cloud 7:python-py-1.8.1-11.12.1.noarch",
"SUSE OpenStack Cloud 7:python-pysaml2-4.0.2-3.17.1.noarch",
"SUSE OpenStack Cloud 7:python-tempest-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:python-waitress-1.4.3-3.3.1.noarch",
"SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.s390x",
"SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.x86_64",
"SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.s390x",
"SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.x86_64",
"SUSE OpenStack Cloud 7:release-notes-suse-openstack-cloud-7.20180803-3.18.3.noarch",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.x86_64",
"SUSE OpenStack Cloud 7:zookeeper-server-3.4.10-6.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-07-29T14:31:35Z",
"details": "important"
}
],
"title": "CVE-2020-5312"
},
{
"cve": "CVE-2020-5313",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-5313"
}
],
"notes": [
{
"category": "general",
"text": "libImaging/FliDecode.c in Pillow before 6.2.2 has an FLI buffer overflow.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE OpenStack Cloud 7:ansible-2.2.3.0-12.2.noarch",
"SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.s390x",
"SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.x86_64",
"SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.s390x",
"SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.x86_64",
"SUSE OpenStack Cloud 7:crowbar-ha-4.0+git.1585316203.d6ad2c8-4.52.4.noarch",
"SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1589804581.9972163f0-9.71.4.noarch",
"SUSE OpenStack Cloud 7:grafana-4.6.5-1.14.1.x86_64",
"SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.s390x",
"SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.x86_64",
"SUSE OpenStack Cloud 7:kibana-4.6.3-5.1.x86_64",
"SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.s390x",
"SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.x86_64",
"SUSE OpenStack Cloud 7:monasca-installer-20180608_12.47-12.1.noarch",
"SUSE OpenStack Cloud 7:openstack-dashboard-theme-SUSE-2016.2-5.12.4.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-api-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-data-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-doc-3.0.1~dev30-4.12.3.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-scheduler-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-share-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-neutron-fwaas-9.0.2~dev5-4.9.3.noarch",
"SUSE OpenStack Cloud 7:openstack-neutron-fwaas-doc-9.0.2~dev5-4.9.4.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-api-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-cells-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-cert-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-compute-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-conductor-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-console-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-consoleauth-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-doc-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-novncproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-placement-api-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-scheduler-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-serialproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-vncproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-tempest-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:openstack-tempest-test-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:python-Django-1.8.19-3.23.1.noarch",
"SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.s390x",
"SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.x86_64",
"SUSE OpenStack Cloud 7:python-manila-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:python-neutron-fwaas-9.0.2~dev5-4.9.3.noarch",
"SUSE OpenStack Cloud 7:python-nova-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:python-psql2mysql-0.5.0+git.1589351878.4ef877c-1.12.1.noarch",
"SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.s390x",
"SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.x86_64",
"SUSE OpenStack Cloud 7:python-py-1.8.1-11.12.1.noarch",
"SUSE OpenStack Cloud 7:python-pysaml2-4.0.2-3.17.1.noarch",
"SUSE OpenStack Cloud 7:python-tempest-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:python-waitress-1.4.3-3.3.1.noarch",
"SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.s390x",
"SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.x86_64",
"SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.s390x",
"SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.x86_64",
"SUSE OpenStack Cloud 7:release-notes-suse-openstack-cloud-7.20180803-3.18.3.noarch",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.x86_64",
"SUSE OpenStack Cloud 7:zookeeper-server-3.4.10-6.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-5313",
"url": "https://www.suse.com/security/cve/CVE-2020-5313"
},
{
"category": "external",
"summary": "SUSE Bug 1160153 for CVE-2020-5313",
"url": "https://bugzilla.suse.com/1160153"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE OpenStack Cloud 7:ansible-2.2.3.0-12.2.noarch",
"SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.s390x",
"SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.x86_64",
"SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.s390x",
"SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.x86_64",
"SUSE OpenStack Cloud 7:crowbar-ha-4.0+git.1585316203.d6ad2c8-4.52.4.noarch",
"SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1589804581.9972163f0-9.71.4.noarch",
"SUSE OpenStack Cloud 7:grafana-4.6.5-1.14.1.x86_64",
"SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.s390x",
"SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.x86_64",
"SUSE OpenStack Cloud 7:kibana-4.6.3-5.1.x86_64",
"SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.s390x",
"SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.x86_64",
"SUSE OpenStack Cloud 7:monasca-installer-20180608_12.47-12.1.noarch",
"SUSE OpenStack Cloud 7:openstack-dashboard-theme-SUSE-2016.2-5.12.4.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-api-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-data-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-doc-3.0.1~dev30-4.12.3.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-scheduler-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-share-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-neutron-fwaas-9.0.2~dev5-4.9.3.noarch",
"SUSE OpenStack Cloud 7:openstack-neutron-fwaas-doc-9.0.2~dev5-4.9.4.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-api-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-cells-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-cert-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-compute-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-conductor-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-console-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-consoleauth-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-doc-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-novncproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-placement-api-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-scheduler-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-serialproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-vncproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-tempest-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:openstack-tempest-test-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:python-Django-1.8.19-3.23.1.noarch",
"SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.s390x",
"SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.x86_64",
"SUSE OpenStack Cloud 7:python-manila-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:python-neutron-fwaas-9.0.2~dev5-4.9.3.noarch",
"SUSE OpenStack Cloud 7:python-nova-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:python-psql2mysql-0.5.0+git.1589351878.4ef877c-1.12.1.noarch",
"SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.s390x",
"SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.x86_64",
"SUSE OpenStack Cloud 7:python-py-1.8.1-11.12.1.noarch",
"SUSE OpenStack Cloud 7:python-pysaml2-4.0.2-3.17.1.noarch",
"SUSE OpenStack Cloud 7:python-tempest-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:python-waitress-1.4.3-3.3.1.noarch",
"SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.s390x",
"SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.x86_64",
"SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.s390x",
"SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.x86_64",
"SUSE OpenStack Cloud 7:release-notes-suse-openstack-cloud-7.20180803-3.18.3.noarch",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.x86_64",
"SUSE OpenStack Cloud 7:zookeeper-server-3.4.10-6.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE OpenStack Cloud 7:ansible-2.2.3.0-12.2.noarch",
"SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.s390x",
"SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.x86_64",
"SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.s390x",
"SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.x86_64",
"SUSE OpenStack Cloud 7:crowbar-ha-4.0+git.1585316203.d6ad2c8-4.52.4.noarch",
"SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1589804581.9972163f0-9.71.4.noarch",
"SUSE OpenStack Cloud 7:grafana-4.6.5-1.14.1.x86_64",
"SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.s390x",
"SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.x86_64",
"SUSE OpenStack Cloud 7:kibana-4.6.3-5.1.x86_64",
"SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.s390x",
"SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.x86_64",
"SUSE OpenStack Cloud 7:monasca-installer-20180608_12.47-12.1.noarch",
"SUSE OpenStack Cloud 7:openstack-dashboard-theme-SUSE-2016.2-5.12.4.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-api-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-data-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-doc-3.0.1~dev30-4.12.3.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-scheduler-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-share-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-neutron-fwaas-9.0.2~dev5-4.9.3.noarch",
"SUSE OpenStack Cloud 7:openstack-neutron-fwaas-doc-9.0.2~dev5-4.9.4.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-api-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-cells-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-cert-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-compute-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-conductor-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-console-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-consoleauth-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-doc-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-novncproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-placement-api-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-scheduler-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-serialproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-vncproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-tempest-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:openstack-tempest-test-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:python-Django-1.8.19-3.23.1.noarch",
"SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.s390x",
"SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.x86_64",
"SUSE OpenStack Cloud 7:python-manila-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:python-neutron-fwaas-9.0.2~dev5-4.9.3.noarch",
"SUSE OpenStack Cloud 7:python-nova-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:python-psql2mysql-0.5.0+git.1589351878.4ef877c-1.12.1.noarch",
"SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.s390x",
"SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.x86_64",
"SUSE OpenStack Cloud 7:python-py-1.8.1-11.12.1.noarch",
"SUSE OpenStack Cloud 7:python-pysaml2-4.0.2-3.17.1.noarch",
"SUSE OpenStack Cloud 7:python-tempest-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:python-waitress-1.4.3-3.3.1.noarch",
"SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.s390x",
"SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.x86_64",
"SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.s390x",
"SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.x86_64",
"SUSE OpenStack Cloud 7:release-notes-suse-openstack-cloud-7.20180803-3.18.3.noarch",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.x86_64",
"SUSE OpenStack Cloud 7:zookeeper-server-3.4.10-6.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-07-29T14:31:35Z",
"details": "important"
}
],
"title": "CVE-2020-5313"
},
{
"cve": "CVE-2020-5390",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-5390"
}
],
"notes": [
{
"category": "general",
"text": "PySAML2 before 5.0.0 does not check that the signature in a SAML document is enveloped and thus signature wrapping is effective, i.e., it is affected by XML Signature Wrapping (XSW). The signature information and the node/object that is signed can be in different places and thus the signature verification will succeed, but the wrong data will be used. This specifically affects the verification of assertion that have been signed.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE OpenStack Cloud 7:ansible-2.2.3.0-12.2.noarch",
"SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.s390x",
"SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.x86_64",
"SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.s390x",
"SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.x86_64",
"SUSE OpenStack Cloud 7:crowbar-ha-4.0+git.1585316203.d6ad2c8-4.52.4.noarch",
"SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1589804581.9972163f0-9.71.4.noarch",
"SUSE OpenStack Cloud 7:grafana-4.6.5-1.14.1.x86_64",
"SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.s390x",
"SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.x86_64",
"SUSE OpenStack Cloud 7:kibana-4.6.3-5.1.x86_64",
"SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.s390x",
"SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.x86_64",
"SUSE OpenStack Cloud 7:monasca-installer-20180608_12.47-12.1.noarch",
"SUSE OpenStack Cloud 7:openstack-dashboard-theme-SUSE-2016.2-5.12.4.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-api-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-data-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-doc-3.0.1~dev30-4.12.3.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-scheduler-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-share-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-neutron-fwaas-9.0.2~dev5-4.9.3.noarch",
"SUSE OpenStack Cloud 7:openstack-neutron-fwaas-doc-9.0.2~dev5-4.9.4.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-api-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-cells-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-cert-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-compute-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-conductor-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-console-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-consoleauth-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-doc-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-novncproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-placement-api-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-scheduler-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-serialproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-vncproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-tempest-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:openstack-tempest-test-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:python-Django-1.8.19-3.23.1.noarch",
"SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.s390x",
"SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.x86_64",
"SUSE OpenStack Cloud 7:python-manila-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:python-neutron-fwaas-9.0.2~dev5-4.9.3.noarch",
"SUSE OpenStack Cloud 7:python-nova-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:python-psql2mysql-0.5.0+git.1589351878.4ef877c-1.12.1.noarch",
"SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.s390x",
"SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.x86_64",
"SUSE OpenStack Cloud 7:python-py-1.8.1-11.12.1.noarch",
"SUSE OpenStack Cloud 7:python-pysaml2-4.0.2-3.17.1.noarch",
"SUSE OpenStack Cloud 7:python-tempest-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:python-waitress-1.4.3-3.3.1.noarch",
"SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.s390x",
"SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.x86_64",
"SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.s390x",
"SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.x86_64",
"SUSE OpenStack Cloud 7:release-notes-suse-openstack-cloud-7.20180803-3.18.3.noarch",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.x86_64",
"SUSE OpenStack Cloud 7:zookeeper-server-3.4.10-6.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-5390",
"url": "https://www.suse.com/security/cve/CVE-2020-5390"
},
{
"category": "external",
"summary": "SUSE Bug 1160851 for CVE-2020-5390",
"url": "https://bugzilla.suse.com/1160851"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE OpenStack Cloud 7:ansible-2.2.3.0-12.2.noarch",
"SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.s390x",
"SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.x86_64",
"SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.s390x",
"SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.x86_64",
"SUSE OpenStack Cloud 7:crowbar-ha-4.0+git.1585316203.d6ad2c8-4.52.4.noarch",
"SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1589804581.9972163f0-9.71.4.noarch",
"SUSE OpenStack Cloud 7:grafana-4.6.5-1.14.1.x86_64",
"SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.s390x",
"SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.x86_64",
"SUSE OpenStack Cloud 7:kibana-4.6.3-5.1.x86_64",
"SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.s390x",
"SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.x86_64",
"SUSE OpenStack Cloud 7:monasca-installer-20180608_12.47-12.1.noarch",
"SUSE OpenStack Cloud 7:openstack-dashboard-theme-SUSE-2016.2-5.12.4.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-api-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-data-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-doc-3.0.1~dev30-4.12.3.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-scheduler-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-share-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-neutron-fwaas-9.0.2~dev5-4.9.3.noarch",
"SUSE OpenStack Cloud 7:openstack-neutron-fwaas-doc-9.0.2~dev5-4.9.4.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-api-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-cells-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-cert-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-compute-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-conductor-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-console-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-consoleauth-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-doc-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-novncproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-placement-api-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-scheduler-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-serialproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-vncproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-tempest-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:openstack-tempest-test-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:python-Django-1.8.19-3.23.1.noarch",
"SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.s390x",
"SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.x86_64",
"SUSE OpenStack Cloud 7:python-manila-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:python-neutron-fwaas-9.0.2~dev5-4.9.3.noarch",
"SUSE OpenStack Cloud 7:python-nova-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:python-psql2mysql-0.5.0+git.1589351878.4ef877c-1.12.1.noarch",
"SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.s390x",
"SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.x86_64",
"SUSE OpenStack Cloud 7:python-py-1.8.1-11.12.1.noarch",
"SUSE OpenStack Cloud 7:python-pysaml2-4.0.2-3.17.1.noarch",
"SUSE OpenStack Cloud 7:python-tempest-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:python-waitress-1.4.3-3.3.1.noarch",
"SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.s390x",
"SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.x86_64",
"SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.s390x",
"SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.x86_64",
"SUSE OpenStack Cloud 7:release-notes-suse-openstack-cloud-7.20180803-3.18.3.noarch",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.x86_64",
"SUSE OpenStack Cloud 7:zookeeper-server-3.4.10-6.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE OpenStack Cloud 7:ansible-2.2.3.0-12.2.noarch",
"SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.s390x",
"SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.x86_64",
"SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.s390x",
"SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.x86_64",
"SUSE OpenStack Cloud 7:crowbar-ha-4.0+git.1585316203.d6ad2c8-4.52.4.noarch",
"SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1589804581.9972163f0-9.71.4.noarch",
"SUSE OpenStack Cloud 7:grafana-4.6.5-1.14.1.x86_64",
"SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.s390x",
"SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.x86_64",
"SUSE OpenStack Cloud 7:kibana-4.6.3-5.1.x86_64",
"SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.s390x",
"SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.x86_64",
"SUSE OpenStack Cloud 7:monasca-installer-20180608_12.47-12.1.noarch",
"SUSE OpenStack Cloud 7:openstack-dashboard-theme-SUSE-2016.2-5.12.4.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-api-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-data-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-doc-3.0.1~dev30-4.12.3.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-scheduler-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-share-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-neutron-fwaas-9.0.2~dev5-4.9.3.noarch",
"SUSE OpenStack Cloud 7:openstack-neutron-fwaas-doc-9.0.2~dev5-4.9.4.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-api-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-cells-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-cert-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-compute-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-conductor-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-console-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-consoleauth-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-doc-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-novncproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-placement-api-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-scheduler-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-serialproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-vncproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-tempest-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:openstack-tempest-test-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:python-Django-1.8.19-3.23.1.noarch",
"SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.s390x",
"SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.x86_64",
"SUSE OpenStack Cloud 7:python-manila-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:python-neutron-fwaas-9.0.2~dev5-4.9.3.noarch",
"SUSE OpenStack Cloud 7:python-nova-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:python-psql2mysql-0.5.0+git.1589351878.4ef877c-1.12.1.noarch",
"SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.s390x",
"SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.x86_64",
"SUSE OpenStack Cloud 7:python-py-1.8.1-11.12.1.noarch",
"SUSE OpenStack Cloud 7:python-pysaml2-4.0.2-3.17.1.noarch",
"SUSE OpenStack Cloud 7:python-tempest-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:python-waitress-1.4.3-3.3.1.noarch",
"SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.s390x",
"SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.x86_64",
"SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.s390x",
"SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.x86_64",
"SUSE OpenStack Cloud 7:release-notes-suse-openstack-cloud-7.20180803-3.18.3.noarch",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.x86_64",
"SUSE OpenStack Cloud 7:zookeeper-server-3.4.10-6.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-07-29T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2020-5390"
},
{
"cve": "CVE-2020-8151",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-8151"
}
],
"notes": [
{
"category": "general",
"text": "There is a possible information disclosure issue in Active Resource \u003cv5.1.1 that could allow an attacker to create specially crafted requests to access data in an unexpected way and possibly leak information.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE OpenStack Cloud 7:ansible-2.2.3.0-12.2.noarch",
"SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.s390x",
"SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.x86_64",
"SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.s390x",
"SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.x86_64",
"SUSE OpenStack Cloud 7:crowbar-ha-4.0+git.1585316203.d6ad2c8-4.52.4.noarch",
"SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1589804581.9972163f0-9.71.4.noarch",
"SUSE OpenStack Cloud 7:grafana-4.6.5-1.14.1.x86_64",
"SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.s390x",
"SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.x86_64",
"SUSE OpenStack Cloud 7:kibana-4.6.3-5.1.x86_64",
"SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.s390x",
"SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.x86_64",
"SUSE OpenStack Cloud 7:monasca-installer-20180608_12.47-12.1.noarch",
"SUSE OpenStack Cloud 7:openstack-dashboard-theme-SUSE-2016.2-5.12.4.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-api-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-data-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-doc-3.0.1~dev30-4.12.3.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-scheduler-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-share-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-neutron-fwaas-9.0.2~dev5-4.9.3.noarch",
"SUSE OpenStack Cloud 7:openstack-neutron-fwaas-doc-9.0.2~dev5-4.9.4.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-api-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-cells-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-cert-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-compute-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-conductor-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-console-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-consoleauth-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-doc-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-novncproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-placement-api-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-scheduler-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-serialproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-vncproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-tempest-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:openstack-tempest-test-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:python-Django-1.8.19-3.23.1.noarch",
"SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.s390x",
"SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.x86_64",
"SUSE OpenStack Cloud 7:python-manila-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:python-neutron-fwaas-9.0.2~dev5-4.9.3.noarch",
"SUSE OpenStack Cloud 7:python-nova-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:python-psql2mysql-0.5.0+git.1589351878.4ef877c-1.12.1.noarch",
"SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.s390x",
"SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.x86_64",
"SUSE OpenStack Cloud 7:python-py-1.8.1-11.12.1.noarch",
"SUSE OpenStack Cloud 7:python-pysaml2-4.0.2-3.17.1.noarch",
"SUSE OpenStack Cloud 7:python-tempest-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:python-waitress-1.4.3-3.3.1.noarch",
"SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.s390x",
"SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.x86_64",
"SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.s390x",
"SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.x86_64",
"SUSE OpenStack Cloud 7:release-notes-suse-openstack-cloud-7.20180803-3.18.3.noarch",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.x86_64",
"SUSE OpenStack Cloud 7:zookeeper-server-3.4.10-6.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-8151",
"url": "https://www.suse.com/security/cve/CVE-2020-8151"
},
{
"category": "external",
"summary": "SUSE Bug 1171560 for CVE-2020-8151",
"url": "https://bugzilla.suse.com/1171560"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE OpenStack Cloud 7:ansible-2.2.3.0-12.2.noarch",
"SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.s390x",
"SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.x86_64",
"SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.s390x",
"SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.x86_64",
"SUSE OpenStack Cloud 7:crowbar-ha-4.0+git.1585316203.d6ad2c8-4.52.4.noarch",
"SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1589804581.9972163f0-9.71.4.noarch",
"SUSE OpenStack Cloud 7:grafana-4.6.5-1.14.1.x86_64",
"SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.s390x",
"SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.x86_64",
"SUSE OpenStack Cloud 7:kibana-4.6.3-5.1.x86_64",
"SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.s390x",
"SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.x86_64",
"SUSE OpenStack Cloud 7:monasca-installer-20180608_12.47-12.1.noarch",
"SUSE OpenStack Cloud 7:openstack-dashboard-theme-SUSE-2016.2-5.12.4.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-api-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-data-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-doc-3.0.1~dev30-4.12.3.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-scheduler-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-share-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-neutron-fwaas-9.0.2~dev5-4.9.3.noarch",
"SUSE OpenStack Cloud 7:openstack-neutron-fwaas-doc-9.0.2~dev5-4.9.4.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-api-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-cells-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-cert-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-compute-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-conductor-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-console-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-consoleauth-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-doc-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-novncproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-placement-api-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-scheduler-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-serialproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-vncproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-tempest-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:openstack-tempest-test-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:python-Django-1.8.19-3.23.1.noarch",
"SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.s390x",
"SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.x86_64",
"SUSE OpenStack Cloud 7:python-manila-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:python-neutron-fwaas-9.0.2~dev5-4.9.3.noarch",
"SUSE OpenStack Cloud 7:python-nova-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:python-psql2mysql-0.5.0+git.1589351878.4ef877c-1.12.1.noarch",
"SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.s390x",
"SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.x86_64",
"SUSE OpenStack Cloud 7:python-py-1.8.1-11.12.1.noarch",
"SUSE OpenStack Cloud 7:python-pysaml2-4.0.2-3.17.1.noarch",
"SUSE OpenStack Cloud 7:python-tempest-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:python-waitress-1.4.3-3.3.1.noarch",
"SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.s390x",
"SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.x86_64",
"SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.s390x",
"SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.x86_64",
"SUSE OpenStack Cloud 7:release-notes-suse-openstack-cloud-7.20180803-3.18.3.noarch",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.x86_64",
"SUSE OpenStack Cloud 7:zookeeper-server-3.4.10-6.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE OpenStack Cloud 7:ansible-2.2.3.0-12.2.noarch",
"SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.s390x",
"SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.x86_64",
"SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.s390x",
"SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.x86_64",
"SUSE OpenStack Cloud 7:crowbar-ha-4.0+git.1585316203.d6ad2c8-4.52.4.noarch",
"SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1589804581.9972163f0-9.71.4.noarch",
"SUSE OpenStack Cloud 7:grafana-4.6.5-1.14.1.x86_64",
"SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.s390x",
"SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.x86_64",
"SUSE OpenStack Cloud 7:kibana-4.6.3-5.1.x86_64",
"SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.s390x",
"SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.x86_64",
"SUSE OpenStack Cloud 7:monasca-installer-20180608_12.47-12.1.noarch",
"SUSE OpenStack Cloud 7:openstack-dashboard-theme-SUSE-2016.2-5.12.4.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-api-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-data-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-doc-3.0.1~dev30-4.12.3.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-scheduler-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-manila-share-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:openstack-neutron-fwaas-9.0.2~dev5-4.9.3.noarch",
"SUSE OpenStack Cloud 7:openstack-neutron-fwaas-doc-9.0.2~dev5-4.9.4.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-api-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-cells-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-cert-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-compute-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-conductor-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-console-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-consoleauth-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-doc-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-novncproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-placement-api-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-scheduler-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-serialproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-nova-vncproxy-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:openstack-tempest-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:openstack-tempest-test-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:python-Django-1.8.19-3.23.1.noarch",
"SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.s390x",
"SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.x86_64",
"SUSE OpenStack Cloud 7:python-manila-3.0.1~dev30-4.12.2.noarch",
"SUSE OpenStack Cloud 7:python-neutron-fwaas-9.0.2~dev5-4.9.3.noarch",
"SUSE OpenStack Cloud 7:python-nova-14.0.11~dev13-4.40.2.noarch",
"SUSE OpenStack Cloud 7:python-psql2mysql-0.5.0+git.1589351878.4ef877c-1.12.1.noarch",
"SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.s390x",
"SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.x86_64",
"SUSE OpenStack Cloud 7:python-py-1.8.1-11.12.1.noarch",
"SUSE OpenStack Cloud 7:python-pysaml2-4.0.2-3.17.1.noarch",
"SUSE OpenStack Cloud 7:python-tempest-12.2.1~a0~dev177-4.9.1.noarch",
"SUSE OpenStack Cloud 7:python-waitress-1.4.3-3.3.1.noarch",
"SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.s390x",
"SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.x86_64",
"SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.s390x",
"SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.x86_64",
"SUSE OpenStack Cloud 7:release-notes-suse-openstack-cloud-7.20180803-3.18.3.noarch",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.s390x",
"SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.x86_64",
"SUSE OpenStack Cloud 7:zookeeper-server-3.4.10-6.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-07-29T14:31:35Z",
"details": "moderate"
}
],
"title": "CVE-2020-8151"
}
]
}
SUSE-SU-2018:1326-1
Vulnerability from csaf_suse - Published: 2018-05-16 19:48 - Updated: 2018-05-16 19:48Summary
Security update for memcached
Notes
Title of the patch
Security update for memcached
Description of the patch
This update for memcached fixes the following issues:
- CVE-2018-1000115: Insufficient Control of Network Message Volume (Network Amplification, CWE-406) vulnerability
in the UDP support of the memcached server could result in denial of service via network flood
(traffic amplification of 1:50,000 has been reported by reliable sources). (bsc#1083903)
Patchnames
sdksp4-memcached-13608,slestso13-memcached-13608
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for memcached",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for memcached fixes the following issues:\n\n- CVE-2018-1000115: Insufficient Control of Network Message Volume (Network Amplification, CWE-406) vulnerability \nin the UDP support of the memcached server could result in denial of service via network flood \n(traffic amplification of 1:50,000 has been reported by reliable sources). (bsc#1083903)\n\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "sdksp4-memcached-13608,slestso13-memcached-13608",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2018_1326-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2018:1326-1",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181326-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2018:1326-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2018-May/004061.html"
},
{
"category": "self",
"summary": "SUSE Bug 1083903",
"url": "https://bugzilla.suse.com/1083903"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-1000115 page",
"url": "https://www.suse.com/security/cve/CVE-2018-1000115/"
}
],
"title": "Security update for memcached",
"tracking": {
"current_release_date": "2018-05-16T19:48:48Z",
"generator": {
"date": "2018-05-16T19:48:48Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2018:1326-1",
"initial_release_date": "2018-05-16T19:48:48Z",
"revision_history": [
{
"date": "2018-05-16T19:48:48Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "memcached-1.2.6-5.17.3.1.i586",
"product": {
"name": "memcached-1.2.6-5.17.3.1.i586",
"product_id": "memcached-1.2.6-5.17.3.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "memcached-1.2.6-5.17.3.1.ia64",
"product": {
"name": "memcached-1.2.6-5.17.3.1.ia64",
"product_id": "memcached-1.2.6-5.17.3.1.ia64"
}
}
],
"category": "architecture",
"name": "ia64"
},
{
"branches": [
{
"category": "product_version",
"name": "memcached-1.2.6-5.17.3.1.ppc64",
"product": {
"name": "memcached-1.2.6-5.17.3.1.ppc64",
"product_id": "memcached-1.2.6-5.17.3.1.ppc64"
}
}
],
"category": "architecture",
"name": "ppc64"
},
{
"branches": [
{
"category": "product_version",
"name": "memcached-1.2.6-5.17.3.1.s390x",
"product": {
"name": "memcached-1.2.6-5.17.3.1.s390x",
"product_id": "memcached-1.2.6-5.17.3.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "memcached-1.2.6-5.17.3.1.x86_64",
"product": {
"name": "memcached-1.2.6-5.17.3.1.x86_64",
"product_id": "memcached-1.2.6-5.17.3.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Software Development Kit 11 SP4",
"product": {
"name": "SUSE Linux Enterprise Software Development Kit 11 SP4",
"product_id": "SUSE Linux Enterprise Software Development Kit 11 SP4",
"product_identification_helper": {
"cpe": "cpe:/a:suse:sle-sdk:11:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Studio Onsite 1.3",
"product": {
"name": "SUSE Studio Onsite 1.3",
"product_id": "SUSE Studio Onsite 1.3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-studioonsite:1.3"
}
}
},
{
"category": "product_name",
"name": "SUSE Studio Onsite Runner 1.3",
"product": {
"name": "SUSE Studio Onsite Runner 1.3",
"product_id": "SUSE Studio Onsite Runner 1.3"
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "memcached-1.2.6-5.17.3.1.i586 as component of SUSE Linux Enterprise Software Development Kit 11 SP4",
"product_id": "SUSE Linux Enterprise Software Development Kit 11 SP4:memcached-1.2.6-5.17.3.1.i586"
},
"product_reference": "memcached-1.2.6-5.17.3.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "memcached-1.2.6-5.17.3.1.ia64 as component of SUSE Linux Enterprise Software Development Kit 11 SP4",
"product_id": "SUSE Linux Enterprise Software Development Kit 11 SP4:memcached-1.2.6-5.17.3.1.ia64"
},
"product_reference": "memcached-1.2.6-5.17.3.1.ia64",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "memcached-1.2.6-5.17.3.1.ppc64 as component of SUSE Linux Enterprise Software Development Kit 11 SP4",
"product_id": "SUSE Linux Enterprise Software Development Kit 11 SP4:memcached-1.2.6-5.17.3.1.ppc64"
},
"product_reference": "memcached-1.2.6-5.17.3.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "memcached-1.2.6-5.17.3.1.s390x as component of SUSE Linux Enterprise Software Development Kit 11 SP4",
"product_id": "SUSE Linux Enterprise Software Development Kit 11 SP4:memcached-1.2.6-5.17.3.1.s390x"
},
"product_reference": "memcached-1.2.6-5.17.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "memcached-1.2.6-5.17.3.1.x86_64 as component of SUSE Linux Enterprise Software Development Kit 11 SP4",
"product_id": "SUSE Linux Enterprise Software Development Kit 11 SP4:memcached-1.2.6-5.17.3.1.x86_64"
},
"product_reference": "memcached-1.2.6-5.17.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "memcached-1.2.6-5.17.3.1.s390x as component of SUSE Studio Onsite 1.3",
"product_id": "SUSE Studio Onsite 1.3:memcached-1.2.6-5.17.3.1.s390x"
},
"product_reference": "memcached-1.2.6-5.17.3.1.s390x",
"relates_to_product_reference": "SUSE Studio Onsite 1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "memcached-1.2.6-5.17.3.1.x86_64 as component of SUSE Studio Onsite 1.3",
"product_id": "SUSE Studio Onsite 1.3:memcached-1.2.6-5.17.3.1.x86_64"
},
"product_reference": "memcached-1.2.6-5.17.3.1.x86_64",
"relates_to_product_reference": "SUSE Studio Onsite 1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "memcached-1.2.6-5.17.3.1.s390x as component of SUSE Studio Onsite Runner 1.3",
"product_id": "SUSE Studio Onsite Runner 1.3:memcached-1.2.6-5.17.3.1.s390x"
},
"product_reference": "memcached-1.2.6-5.17.3.1.s390x",
"relates_to_product_reference": "SUSE Studio Onsite Runner 1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "memcached-1.2.6-5.17.3.1.x86_64 as component of SUSE Studio Onsite Runner 1.3",
"product_id": "SUSE Studio Onsite Runner 1.3:memcached-1.2.6-5.17.3.1.x86_64"
},
"product_reference": "memcached-1.2.6-5.17.3.1.x86_64",
"relates_to_product_reference": "SUSE Studio Onsite Runner 1.3"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2018-1000115",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-1000115"
}
],
"notes": [
{
"category": "general",
"text": "Memcached version 1.5.5 contains an Insufficient Control of Network Message Volume (Network Amplification, CWE-406) vulnerability in the UDP support of the memcached server that can result in denial of service via network flood (traffic amplification of 1:50,000 has been reported by reliable sources). This attack appear to be exploitable via network connectivity to port 11211 UDP. This vulnerability appears to have been fixed in 1.5.6 due to the disabling of the UDP protocol by default.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Software Development Kit 11 SP4:memcached-1.2.6-5.17.3.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:memcached-1.2.6-5.17.3.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:memcached-1.2.6-5.17.3.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:memcached-1.2.6-5.17.3.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:memcached-1.2.6-5.17.3.1.x86_64",
"SUSE Studio Onsite 1.3:memcached-1.2.6-5.17.3.1.s390x",
"SUSE Studio Onsite 1.3:memcached-1.2.6-5.17.3.1.x86_64",
"SUSE Studio Onsite Runner 1.3:memcached-1.2.6-5.17.3.1.s390x",
"SUSE Studio Onsite Runner 1.3:memcached-1.2.6-5.17.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-1000115",
"url": "https://www.suse.com/security/cve/CVE-2018-1000115"
},
{
"category": "external",
"summary": "SUSE Bug 1083903 for CVE-2018-1000115",
"url": "https://bugzilla.suse.com/1083903"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Software Development Kit 11 SP4:memcached-1.2.6-5.17.3.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:memcached-1.2.6-5.17.3.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:memcached-1.2.6-5.17.3.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:memcached-1.2.6-5.17.3.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:memcached-1.2.6-5.17.3.1.x86_64",
"SUSE Studio Onsite 1.3:memcached-1.2.6-5.17.3.1.s390x",
"SUSE Studio Onsite 1.3:memcached-1.2.6-5.17.3.1.x86_64",
"SUSE Studio Onsite Runner 1.3:memcached-1.2.6-5.17.3.1.s390x",
"SUSE Studio Onsite Runner 1.3:memcached-1.2.6-5.17.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Software Development Kit 11 SP4:memcached-1.2.6-5.17.3.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:memcached-1.2.6-5.17.3.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:memcached-1.2.6-5.17.3.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:memcached-1.2.6-5.17.3.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:memcached-1.2.6-5.17.3.1.x86_64",
"SUSE Studio Onsite 1.3:memcached-1.2.6-5.17.3.1.s390x",
"SUSE Studio Onsite 1.3:memcached-1.2.6-5.17.3.1.x86_64",
"SUSE Studio Onsite Runner 1.3:memcached-1.2.6-5.17.3.1.s390x",
"SUSE Studio Onsite Runner 1.3:memcached-1.2.6-5.17.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-05-16T19:48:48Z",
"details": "low"
}
],
"title": "CVE-2018-1000115"
}
]
}
SUSE-SU-2018:0955-1
Vulnerability from csaf_suse - Published: 2018-04-16 15:31 - Updated: 2018-04-16 15:31Summary
Security update for memcached
Notes
Title of the patch
Security update for memcached
Description of the patch
This update for memcached fixes the following issues:
- CVE-2018-1000115: Insufficient Control of Network Message Volume (Network Amplification, CWE-406) vulnerability
in the UDP support of the memcached server could result in denial of service via network flood
(traffic amplification of 1:50,000 has been reported by reliable sources). (bsc#1083903)
- Home directory shouldn't be world readable bsc#1077718
Patchnames
SUSE-SLE-SERVER-12-SP3-2018-647
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for memcached",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for memcached fixes the following issues:\n\n- CVE-2018-1000115: Insufficient Control of Network Message Volume (Network Amplification, CWE-406) vulnerability \nin the UDP support of the memcached server could result in denial of service via network flood \n(traffic amplification of 1:50,000 has been reported by reliable sources). (bsc#1083903)\n\n- Home directory shouldn\u0027t be world readable bsc#1077718\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLE-SERVER-12-SP3-2018-647",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2018_0955-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2018:0955-1",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20180955-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2018:0955-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2018-April/003893.html"
},
{
"category": "self",
"summary": "SUSE Bug 1077718",
"url": "https://bugzilla.suse.com/1077718"
},
{
"category": "self",
"summary": "SUSE Bug 1083903",
"url": "https://bugzilla.suse.com/1083903"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-1000115 page",
"url": "https://www.suse.com/security/cve/CVE-2018-1000115/"
}
],
"title": "Security update for memcached",
"tracking": {
"current_release_date": "2018-04-16T15:31:41Z",
"generator": {
"date": "2018-04-16T15:31:41Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2018:0955-1",
"initial_release_date": "2018-04-16T15:31:41Z",
"revision_history": [
{
"date": "2018-04-16T15:31:41Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "memcached-1.4.39-4.6.1.aarch64",
"product": {
"name": "memcached-1.4.39-4.6.1.aarch64",
"product_id": "memcached-1.4.39-4.6.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "memcached-1.4.39-4.6.1.ppc64le",
"product": {
"name": "memcached-1.4.39-4.6.1.ppc64le",
"product_id": "memcached-1.4.39-4.6.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "memcached-1.4.39-4.6.1.s390x",
"product": {
"name": "memcached-1.4.39-4.6.1.s390x",
"product_id": "memcached-1.4.39-4.6.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "memcached-1.4.39-4.6.1.x86_64",
"product": {
"name": "memcached-1.4.39-4.6.1.x86_64",
"product_id": "memcached-1.4.39-4.6.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12 SP3",
"product": {
"name": "SUSE Linux Enterprise Server 12 SP3",
"product_id": "SUSE Linux Enterprise Server 12 SP3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles:12:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:12:sp3"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "memcached-1.4.39-4.6.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP3",
"product_id": "SUSE Linux Enterprise Server 12 SP3:memcached-1.4.39-4.6.1.aarch64"
},
"product_reference": "memcached-1.4.39-4.6.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "memcached-1.4.39-4.6.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP3",
"product_id": "SUSE Linux Enterprise Server 12 SP3:memcached-1.4.39-4.6.1.ppc64le"
},
"product_reference": "memcached-1.4.39-4.6.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "memcached-1.4.39-4.6.1.s390x as component of SUSE Linux Enterprise Server 12 SP3",
"product_id": "SUSE Linux Enterprise Server 12 SP3:memcached-1.4.39-4.6.1.s390x"
},
"product_reference": "memcached-1.4.39-4.6.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "memcached-1.4.39-4.6.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP3",
"product_id": "SUSE Linux Enterprise Server 12 SP3:memcached-1.4.39-4.6.1.x86_64"
},
"product_reference": "memcached-1.4.39-4.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "memcached-1.4.39-4.6.1.aarch64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:memcached-1.4.39-4.6.1.aarch64"
},
"product_reference": "memcached-1.4.39-4.6.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "memcached-1.4.39-4.6.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:memcached-1.4.39-4.6.1.ppc64le"
},
"product_reference": "memcached-1.4.39-4.6.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "memcached-1.4.39-4.6.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:memcached-1.4.39-4.6.1.s390x"
},
"product_reference": "memcached-1.4.39-4.6.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "memcached-1.4.39-4.6.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:memcached-1.4.39-4.6.1.x86_64"
},
"product_reference": "memcached-1.4.39-4.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2018-1000115",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-1000115"
}
],
"notes": [
{
"category": "general",
"text": "Memcached version 1.5.5 contains an Insufficient Control of Network Message Volume (Network Amplification, CWE-406) vulnerability in the UDP support of the memcached server that can result in denial of service via network flood (traffic amplification of 1:50,000 has been reported by reliable sources). This attack appear to be exploitable via network connectivity to port 11211 UDP. This vulnerability appears to have been fixed in 1.5.6 due to the disabling of the UDP protocol by default.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP3:memcached-1.4.39-4.6.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:memcached-1.4.39-4.6.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:memcached-1.4.39-4.6.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:memcached-1.4.39-4.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:memcached-1.4.39-4.6.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:memcached-1.4.39-4.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:memcached-1.4.39-4.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:memcached-1.4.39-4.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-1000115",
"url": "https://www.suse.com/security/cve/CVE-2018-1000115"
},
{
"category": "external",
"summary": "SUSE Bug 1083903 for CVE-2018-1000115",
"url": "https://bugzilla.suse.com/1083903"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP3:memcached-1.4.39-4.6.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:memcached-1.4.39-4.6.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:memcached-1.4.39-4.6.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:memcached-1.4.39-4.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:memcached-1.4.39-4.6.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:memcached-1.4.39-4.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:memcached-1.4.39-4.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:memcached-1.4.39-4.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 12 SP3:memcached-1.4.39-4.6.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:memcached-1.4.39-4.6.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:memcached-1.4.39-4.6.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:memcached-1.4.39-4.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:memcached-1.4.39-4.6.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:memcached-1.4.39-4.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:memcached-1.4.39-4.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:memcached-1.4.39-4.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-04-16T15:31:41Z",
"details": "low"
}
],
"title": "CVE-2018-1000115"
}
]
}
SUSE-RU-2018:1071-1
Vulnerability from csaf_suse - Published: 2018-04-24 10:44 - Updated: 2018-04-24 10:44Summary
Recommended update for several crowbar barclamps
Notes
Title of the patch
Recommended update for several crowbar barclamps
Description of the patch
This update for Crowbar provides several fixes and improvements for the following barclamps:
crowbar-openstack:
- nova: Use internal placement url (bsc#1055188)
- nova: Subscribe to placement config (bsc#1055188)
- barbican: Add missing roles used in policy.json (bsc#1081573)
- barbican: Add creator role (bsc#1081573)
- memcached: Disable UDP by default (bsc#1083903)
- cinder: Set os_privileged_* values (bsc#1079763)
- apache: don't collect Listen ports from wsgi vhosts (bsc#1077234)
- magnum: Add domain name to keystone_auth (bsc#1080335)
- neutron-ha-tool: Add insecure flag (bsc#1075394)
crowbar-ha:
- pacemaker: Fix migration number.
Patchnames
SUSE-OpenStack-Cloud-7-2018-724
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Recommended update for several crowbar barclamps",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for Crowbar provides several fixes and improvements for the following barclamps:\n\ncrowbar-openstack:\n\n- nova: Use internal placement url (bsc#1055188)\n- nova: Subscribe to placement config (bsc#1055188)\n- barbican: Add missing roles used in policy.json (bsc#1081573)\n- barbican: Add creator role (bsc#1081573)\n- memcached: Disable UDP by default (bsc#1083903)\n- cinder: Set os_privileged_* values (bsc#1079763)\n- apache: don\u0027t collect Listen ports from wsgi vhosts (bsc#1077234)\n- magnum: Add domain name to keystone_auth (bsc#1080335)\n- neutron-ha-tool: Add insecure flag (bsc#1075394)\n\ncrowbar-ha:\n\n- pacemaker: Fix migration number.\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-OpenStack-Cloud-7-2018-724",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-ru-2018_1071-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-RU-2018:1071-1",
"url": "https://www.suse.com/support/update/announcement//suse-ru-20181071-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-RU-2018:1071-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2018-April/008303.html"
},
{
"category": "self",
"summary": "SUSE Bug 1055188",
"url": "https://bugzilla.suse.com/1055188"
},
{
"category": "self",
"summary": "SUSE Bug 1075394",
"url": "https://bugzilla.suse.com/1075394"
},
{
"category": "self",
"summary": "SUSE Bug 1077234",
"url": "https://bugzilla.suse.com/1077234"
},
{
"category": "self",
"summary": "SUSE Bug 1079763",
"url": "https://bugzilla.suse.com/1079763"
},
{
"category": "self",
"summary": "SUSE Bug 1080335",
"url": "https://bugzilla.suse.com/1080335"
},
{
"category": "self",
"summary": "SUSE Bug 1081573",
"url": "https://bugzilla.suse.com/1081573"
},
{
"category": "self",
"summary": "SUSE Bug 1083903",
"url": "https://bugzilla.suse.com/1083903"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-1000115 page",
"url": "https://www.suse.com/security/cve/CVE-2018-1000115/"
}
],
"title": "Recommended update for several crowbar barclamps",
"tracking": {
"current_release_date": "2018-04-24T10:44:03Z",
"generator": {
"date": "2018-04-24T10:44:03Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-RU-2018:1071-1",
"initial_release_date": "2018-04-24T10:44:03Z",
"revision_history": [
{
"date": "2018-04-24T10:44:03Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "crowbar-ha-4.0+git.1521473535.67d2302-4.28.1.noarch",
"product": {
"name": "crowbar-ha-4.0+git.1521473535.67d2302-4.28.1.noarch",
"product_id": "crowbar-ha-4.0+git.1521473535.67d2302-4.28.1.noarch"
}
},
{
"category": "product_version",
"name": "crowbar-openstack-4.0+git.1522325467.43e431f91-9.30.1.noarch",
"product": {
"name": "crowbar-openstack-4.0+git.1522325467.43e431f91-9.30.1.noarch",
"product_id": "crowbar-openstack-4.0+git.1522325467.43e431f91-9.30.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE OpenStack Cloud 7",
"product": {
"name": "SUSE OpenStack Cloud 7",
"product_id": "SUSE OpenStack Cloud 7",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-openstack-cloud:7"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "crowbar-ha-4.0+git.1521473535.67d2302-4.28.1.noarch as component of SUSE OpenStack Cloud 7",
"product_id": "SUSE OpenStack Cloud 7:crowbar-ha-4.0+git.1521473535.67d2302-4.28.1.noarch"
},
"product_reference": "crowbar-ha-4.0+git.1521473535.67d2302-4.28.1.noarch",
"relates_to_product_reference": "SUSE OpenStack Cloud 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "crowbar-openstack-4.0+git.1522325467.43e431f91-9.30.1.noarch as component of SUSE OpenStack Cloud 7",
"product_id": "SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1522325467.43e431f91-9.30.1.noarch"
},
"product_reference": "crowbar-openstack-4.0+git.1522325467.43e431f91-9.30.1.noarch",
"relates_to_product_reference": "SUSE OpenStack Cloud 7"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2018-1000115",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-1000115"
}
],
"notes": [
{
"category": "general",
"text": "Memcached version 1.5.5 contains an Insufficient Control of Network Message Volume (Network Amplification, CWE-406) vulnerability in the UDP support of the memcached server that can result in denial of service via network flood (traffic amplification of 1:50,000 has been reported by reliable sources). This attack appear to be exploitable via network connectivity to port 11211 UDP. This vulnerability appears to have been fixed in 1.5.6 due to the disabling of the UDP protocol by default.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE OpenStack Cloud 7:crowbar-ha-4.0+git.1521473535.67d2302-4.28.1.noarch",
"SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1522325467.43e431f91-9.30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-1000115",
"url": "https://www.suse.com/security/cve/CVE-2018-1000115"
},
{
"category": "external",
"summary": "SUSE Bug 1083903 for CVE-2018-1000115",
"url": "https://bugzilla.suse.com/1083903"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE OpenStack Cloud 7:crowbar-ha-4.0+git.1521473535.67d2302-4.28.1.noarch",
"SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1522325467.43e431f91-9.30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE OpenStack Cloud 7:crowbar-ha-4.0+git.1521473535.67d2302-4.28.1.noarch",
"SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1522325467.43e431f91-9.30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-04-24T10:44:03Z",
"details": "low"
}
],
"title": "CVE-2018-1000115"
}
]
}
SUSE-SU-2018:1103-1
Vulnerability from csaf_suse - Published: 2018-04-27 15:38 - Updated: 2018-04-27 15:38Summary
Security update for crowbar-openstack
Notes
Title of the patch
Security update for crowbar-openstack
Description of the patch
This update for crowbar-openstack provides the following fixes:
- memcached: Disable UDP by default to prevent spoofed traffic amplification DoS (bsc#1083903, CVE-2018-1000115)
- nova: Add resource limits for api and compute (bsc#1057086)
Patchnames
SUSE-OpenStack-Cloud-6-2018-752
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "low"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for crowbar-openstack",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\nThis update for crowbar-openstack provides the following fixes:\n\n- memcached: Disable UDP by default to prevent spoofed traffic amplification DoS (bsc#1083903, CVE-2018-1000115)\n- nova: Add resource limits for api and compute (bsc#1057086)\n\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-OpenStack-Cloud-6-2018-752",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2018_1103-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2018:1103-1",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181103-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2018:1103-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2018-April/003966.html"
},
{
"category": "self",
"summary": "SUSE Bug 1057086",
"url": "https://bugzilla.suse.com/1057086"
},
{
"category": "self",
"summary": "SUSE Bug 1083903",
"url": "https://bugzilla.suse.com/1083903"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-1000115 page",
"url": "https://www.suse.com/security/cve/CVE-2018-1000115/"
}
],
"title": "Security update for crowbar-openstack",
"tracking": {
"current_release_date": "2018-04-27T15:38:23Z",
"generator": {
"date": "2018-04-27T15:38:23Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2018:1103-1",
"initial_release_date": "2018-04-27T15:38:23Z",
"revision_history": [
{
"date": "2018-04-27T15:38:23Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "crowbar-openstack-3.0+git.1521471181.2b39130da-39.10.1.noarch",
"product": {
"name": "crowbar-openstack-3.0+git.1521471181.2b39130da-39.10.1.noarch",
"product_id": "crowbar-openstack-3.0+git.1521471181.2b39130da-39.10.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE OpenStack Cloud 6",
"product": {
"name": "SUSE OpenStack Cloud 6",
"product_id": "SUSE OpenStack Cloud 6",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-openstack-cloud:6"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "crowbar-openstack-3.0+git.1521471181.2b39130da-39.10.1.noarch as component of SUSE OpenStack Cloud 6",
"product_id": "SUSE OpenStack Cloud 6:crowbar-openstack-3.0+git.1521471181.2b39130da-39.10.1.noarch"
},
"product_reference": "crowbar-openstack-3.0+git.1521471181.2b39130da-39.10.1.noarch",
"relates_to_product_reference": "SUSE OpenStack Cloud 6"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2018-1000115",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-1000115"
}
],
"notes": [
{
"category": "general",
"text": "Memcached version 1.5.5 contains an Insufficient Control of Network Message Volume (Network Amplification, CWE-406) vulnerability in the UDP support of the memcached server that can result in denial of service via network flood (traffic amplification of 1:50,000 has been reported by reliable sources). This attack appear to be exploitable via network connectivity to port 11211 UDP. This vulnerability appears to have been fixed in 1.5.6 due to the disabling of the UDP protocol by default.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE OpenStack Cloud 6:crowbar-openstack-3.0+git.1521471181.2b39130da-39.10.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-1000115",
"url": "https://www.suse.com/security/cve/CVE-2018-1000115"
},
{
"category": "external",
"summary": "SUSE Bug 1083903 for CVE-2018-1000115",
"url": "https://bugzilla.suse.com/1083903"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE OpenStack Cloud 6:crowbar-openstack-3.0+git.1521471181.2b39130da-39.10.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE OpenStack Cloud 6:crowbar-openstack-3.0+git.1521471181.2b39130da-39.10.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-04-27T15:38:23Z",
"details": "low"
}
],
"title": "CVE-2018-1000115"
}
]
}
OPENSUSE-SU-2024:11045-1
Vulnerability from csaf_opensuse - Published: 2024-06-15 00:00 - Updated: 2024-06-15 00:00Summary
memcached-1.6.9-2.3 on GA media
Notes
Title of the patch
memcached-1.6.9-2.3 on GA media
Description of the patch
These are all security issues fixed in the memcached-1.6.9-2.3 package on the GA media of openSUSE Tumbleweed.
Patchnames
openSUSE-Tumbleweed-2024-11045
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "memcached-1.6.9-2.3 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the memcached-1.6.9-2.3 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2024-11045",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2024_11045-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-9951 page",
"url": "https://www.suse.com/security/cve/CVE-2017-9951/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-1000115 page",
"url": "https://www.suse.com/security/cve/CVE-2018-1000115/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-1000127 page",
"url": "https://www.suse.com/security/cve/CVE-2018-1000127/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-10931 page",
"url": "https://www.suse.com/security/cve/CVE-2020-10931/"
}
],
"title": "memcached-1.6.9-2.3 on GA media",
"tracking": {
"current_release_date": "2024-06-15T00:00:00Z",
"generator": {
"date": "2024-06-15T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2024:11045-1",
"initial_release_date": "2024-06-15T00:00:00Z",
"revision_history": [
{
"date": "2024-06-15T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "memcached-1.6.9-2.3.aarch64",
"product": {
"name": "memcached-1.6.9-2.3.aarch64",
"product_id": "memcached-1.6.9-2.3.aarch64"
}
},
{
"category": "product_version",
"name": "memcached-devel-1.6.9-2.3.aarch64",
"product": {
"name": "memcached-devel-1.6.9-2.3.aarch64",
"product_id": "memcached-devel-1.6.9-2.3.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "memcached-1.6.9-2.3.ppc64le",
"product": {
"name": "memcached-1.6.9-2.3.ppc64le",
"product_id": "memcached-1.6.9-2.3.ppc64le"
}
},
{
"category": "product_version",
"name": "memcached-devel-1.6.9-2.3.ppc64le",
"product": {
"name": "memcached-devel-1.6.9-2.3.ppc64le",
"product_id": "memcached-devel-1.6.9-2.3.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "memcached-1.6.9-2.3.s390x",
"product": {
"name": "memcached-1.6.9-2.3.s390x",
"product_id": "memcached-1.6.9-2.3.s390x"
}
},
{
"category": "product_version",
"name": "memcached-devel-1.6.9-2.3.s390x",
"product": {
"name": "memcached-devel-1.6.9-2.3.s390x",
"product_id": "memcached-devel-1.6.9-2.3.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "memcached-1.6.9-2.3.x86_64",
"product": {
"name": "memcached-1.6.9-2.3.x86_64",
"product_id": "memcached-1.6.9-2.3.x86_64"
}
},
{
"category": "product_version",
"name": "memcached-devel-1.6.9-2.3.x86_64",
"product": {
"name": "memcached-devel-1.6.9-2.3.x86_64",
"product_id": "memcached-devel-1.6.9-2.3.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "memcached-1.6.9-2.3.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:memcached-1.6.9-2.3.aarch64"
},
"product_reference": "memcached-1.6.9-2.3.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "memcached-1.6.9-2.3.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:memcached-1.6.9-2.3.ppc64le"
},
"product_reference": "memcached-1.6.9-2.3.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "memcached-1.6.9-2.3.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:memcached-1.6.9-2.3.s390x"
},
"product_reference": "memcached-1.6.9-2.3.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "memcached-1.6.9-2.3.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:memcached-1.6.9-2.3.x86_64"
},
"product_reference": "memcached-1.6.9-2.3.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "memcached-devel-1.6.9-2.3.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:memcached-devel-1.6.9-2.3.aarch64"
},
"product_reference": "memcached-devel-1.6.9-2.3.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "memcached-devel-1.6.9-2.3.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:memcached-devel-1.6.9-2.3.ppc64le"
},
"product_reference": "memcached-devel-1.6.9-2.3.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "memcached-devel-1.6.9-2.3.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:memcached-devel-1.6.9-2.3.s390x"
},
"product_reference": "memcached-devel-1.6.9-2.3.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "memcached-devel-1.6.9-2.3.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:memcached-devel-1.6.9-2.3.x86_64"
},
"product_reference": "memcached-devel-1.6.9-2.3.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2017-9951",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-9951"
}
],
"notes": [
{
"category": "general",
"text": "The try_read_command function in memcached.c in memcached before 1.4.39 allows remote attackers to cause a denial of service (segmentation fault) via a request to add/set a key, which makes a comparison between signed and unsigned int and triggers a heap-based buffer over-read. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-8705.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:memcached-1.6.9-2.3.aarch64",
"openSUSE Tumbleweed:memcached-1.6.9-2.3.ppc64le",
"openSUSE Tumbleweed:memcached-1.6.9-2.3.s390x",
"openSUSE Tumbleweed:memcached-1.6.9-2.3.x86_64",
"openSUSE Tumbleweed:memcached-devel-1.6.9-2.3.aarch64",
"openSUSE Tumbleweed:memcached-devel-1.6.9-2.3.ppc64le",
"openSUSE Tumbleweed:memcached-devel-1.6.9-2.3.s390x",
"openSUSE Tumbleweed:memcached-devel-1.6.9-2.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-9951",
"url": "https://www.suse.com/security/cve/CVE-2017-9951"
},
{
"category": "external",
"summary": "SUSE Bug 1007870 for CVE-2017-9951",
"url": "https://bugzilla.suse.com/1007870"
},
{
"category": "external",
"summary": "SUSE Bug 1056865 for CVE-2017-9951",
"url": "https://bugzilla.suse.com/1056865"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:memcached-1.6.9-2.3.aarch64",
"openSUSE Tumbleweed:memcached-1.6.9-2.3.ppc64le",
"openSUSE Tumbleweed:memcached-1.6.9-2.3.s390x",
"openSUSE Tumbleweed:memcached-1.6.9-2.3.x86_64",
"openSUSE Tumbleweed:memcached-devel-1.6.9-2.3.aarch64",
"openSUSE Tumbleweed:memcached-devel-1.6.9-2.3.ppc64le",
"openSUSE Tumbleweed:memcached-devel-1.6.9-2.3.s390x",
"openSUSE Tumbleweed:memcached-devel-1.6.9-2.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:memcached-1.6.9-2.3.aarch64",
"openSUSE Tumbleweed:memcached-1.6.9-2.3.ppc64le",
"openSUSE Tumbleweed:memcached-1.6.9-2.3.s390x",
"openSUSE Tumbleweed:memcached-1.6.9-2.3.x86_64",
"openSUSE Tumbleweed:memcached-devel-1.6.9-2.3.aarch64",
"openSUSE Tumbleweed:memcached-devel-1.6.9-2.3.ppc64le",
"openSUSE Tumbleweed:memcached-devel-1.6.9-2.3.s390x",
"openSUSE Tumbleweed:memcached-devel-1.6.9-2.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2017-9951"
},
{
"cve": "CVE-2018-1000115",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-1000115"
}
],
"notes": [
{
"category": "general",
"text": "Memcached version 1.5.5 contains an Insufficient Control of Network Message Volume (Network Amplification, CWE-406) vulnerability in the UDP support of the memcached server that can result in denial of service via network flood (traffic amplification of 1:50,000 has been reported by reliable sources). This attack appear to be exploitable via network connectivity to port 11211 UDP. This vulnerability appears to have been fixed in 1.5.6 due to the disabling of the UDP protocol by default.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:memcached-1.6.9-2.3.aarch64",
"openSUSE Tumbleweed:memcached-1.6.9-2.3.ppc64le",
"openSUSE Tumbleweed:memcached-1.6.9-2.3.s390x",
"openSUSE Tumbleweed:memcached-1.6.9-2.3.x86_64",
"openSUSE Tumbleweed:memcached-devel-1.6.9-2.3.aarch64",
"openSUSE Tumbleweed:memcached-devel-1.6.9-2.3.ppc64le",
"openSUSE Tumbleweed:memcached-devel-1.6.9-2.3.s390x",
"openSUSE Tumbleweed:memcached-devel-1.6.9-2.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-1000115",
"url": "https://www.suse.com/security/cve/CVE-2018-1000115"
},
{
"category": "external",
"summary": "SUSE Bug 1083903 for CVE-2018-1000115",
"url": "https://bugzilla.suse.com/1083903"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:memcached-1.6.9-2.3.aarch64",
"openSUSE Tumbleweed:memcached-1.6.9-2.3.ppc64le",
"openSUSE Tumbleweed:memcached-1.6.9-2.3.s390x",
"openSUSE Tumbleweed:memcached-1.6.9-2.3.x86_64",
"openSUSE Tumbleweed:memcached-devel-1.6.9-2.3.aarch64",
"openSUSE Tumbleweed:memcached-devel-1.6.9-2.3.ppc64le",
"openSUSE Tumbleweed:memcached-devel-1.6.9-2.3.s390x",
"openSUSE Tumbleweed:memcached-devel-1.6.9-2.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:memcached-1.6.9-2.3.aarch64",
"openSUSE Tumbleweed:memcached-1.6.9-2.3.ppc64le",
"openSUSE Tumbleweed:memcached-1.6.9-2.3.s390x",
"openSUSE Tumbleweed:memcached-1.6.9-2.3.x86_64",
"openSUSE Tumbleweed:memcached-devel-1.6.9-2.3.aarch64",
"openSUSE Tumbleweed:memcached-devel-1.6.9-2.3.ppc64le",
"openSUSE Tumbleweed:memcached-devel-1.6.9-2.3.s390x",
"openSUSE Tumbleweed:memcached-devel-1.6.9-2.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2018-1000115"
},
{
"cve": "CVE-2018-1000127",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-1000127"
}
],
"notes": [
{
"category": "general",
"text": "memcached version prior to 1.4.37 contains an Integer Overflow vulnerability in items.c:item_free() that can result in data corruption and deadlocks due to items existing in hash table being reused from free list. This attack appear to be exploitable via network connectivity to the memcached service. This vulnerability appears to have been fixed in 1.4.37 and later.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:memcached-1.6.9-2.3.aarch64",
"openSUSE Tumbleweed:memcached-1.6.9-2.3.ppc64le",
"openSUSE Tumbleweed:memcached-1.6.9-2.3.s390x",
"openSUSE Tumbleweed:memcached-1.6.9-2.3.x86_64",
"openSUSE Tumbleweed:memcached-devel-1.6.9-2.3.aarch64",
"openSUSE Tumbleweed:memcached-devel-1.6.9-2.3.ppc64le",
"openSUSE Tumbleweed:memcached-devel-1.6.9-2.3.s390x",
"openSUSE Tumbleweed:memcached-devel-1.6.9-2.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-1000127",
"url": "https://www.suse.com/security/cve/CVE-2018-1000127"
},
{
"category": "external",
"summary": "SUSE Bug 1085209 for CVE-2018-1000127",
"url": "https://bugzilla.suse.com/1085209"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:memcached-1.6.9-2.3.aarch64",
"openSUSE Tumbleweed:memcached-1.6.9-2.3.ppc64le",
"openSUSE Tumbleweed:memcached-1.6.9-2.3.s390x",
"openSUSE Tumbleweed:memcached-1.6.9-2.3.x86_64",
"openSUSE Tumbleweed:memcached-devel-1.6.9-2.3.aarch64",
"openSUSE Tumbleweed:memcached-devel-1.6.9-2.3.ppc64le",
"openSUSE Tumbleweed:memcached-devel-1.6.9-2.3.s390x",
"openSUSE Tumbleweed:memcached-devel-1.6.9-2.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:memcached-1.6.9-2.3.aarch64",
"openSUSE Tumbleweed:memcached-1.6.9-2.3.ppc64le",
"openSUSE Tumbleweed:memcached-1.6.9-2.3.s390x",
"openSUSE Tumbleweed:memcached-1.6.9-2.3.x86_64",
"openSUSE Tumbleweed:memcached-devel-1.6.9-2.3.aarch64",
"openSUSE Tumbleweed:memcached-devel-1.6.9-2.3.ppc64le",
"openSUSE Tumbleweed:memcached-devel-1.6.9-2.3.s390x",
"openSUSE Tumbleweed:memcached-devel-1.6.9-2.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2018-1000127"
},
{
"cve": "CVE-2020-10931",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-10931"
}
],
"notes": [
{
"category": "general",
"text": "Memcached 1.6.x before 1.6.2 allows remote attackers to cause a denial of service (daemon crash) via a crafted binary protocol header to try_read_command_binary in memcached.c.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:memcached-1.6.9-2.3.aarch64",
"openSUSE Tumbleweed:memcached-1.6.9-2.3.ppc64le",
"openSUSE Tumbleweed:memcached-1.6.9-2.3.s390x",
"openSUSE Tumbleweed:memcached-1.6.9-2.3.x86_64",
"openSUSE Tumbleweed:memcached-devel-1.6.9-2.3.aarch64",
"openSUSE Tumbleweed:memcached-devel-1.6.9-2.3.ppc64le",
"openSUSE Tumbleweed:memcached-devel-1.6.9-2.3.s390x",
"openSUSE Tumbleweed:memcached-devel-1.6.9-2.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-10931",
"url": "https://www.suse.com/security/cve/CVE-2020-10931"
},
{
"category": "external",
"summary": "SUSE Bug 1167522 for CVE-2020-10931",
"url": "https://bugzilla.suse.com/1167522"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:memcached-1.6.9-2.3.aarch64",
"openSUSE Tumbleweed:memcached-1.6.9-2.3.ppc64le",
"openSUSE Tumbleweed:memcached-1.6.9-2.3.s390x",
"openSUSE Tumbleweed:memcached-1.6.9-2.3.x86_64",
"openSUSE Tumbleweed:memcached-devel-1.6.9-2.3.aarch64",
"openSUSE Tumbleweed:memcached-devel-1.6.9-2.3.ppc64le",
"openSUSE Tumbleweed:memcached-devel-1.6.9-2.3.s390x",
"openSUSE Tumbleweed:memcached-devel-1.6.9-2.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:memcached-1.6.9-2.3.aarch64",
"openSUSE Tumbleweed:memcached-1.6.9-2.3.ppc64le",
"openSUSE Tumbleweed:memcached-1.6.9-2.3.s390x",
"openSUSE Tumbleweed:memcached-1.6.9-2.3.x86_64",
"openSUSE Tumbleweed:memcached-devel-1.6.9-2.3.aarch64",
"openSUSE Tumbleweed:memcached-devel-1.6.9-2.3.ppc64le",
"openSUSE Tumbleweed:memcached-devel-1.6.9-2.3.s390x",
"openSUSE Tumbleweed:memcached-devel-1.6.9-2.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2020-10931"
}
]
}
CERTFR-2019-AVI-023
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans Oracle Sun Systems. Certaines d'entre elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur, un déni de service à distance et une atteinte à la confidentialité des données.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
References
| Title | Publication Time | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Tape Library ACSLS version 8.4",
"product": {
"name": "N/A",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "Sun ZFS Storage Appliance Kit (AK) versions ant\u00e9rieures \u00e0 8.8.2",
"product": {
"name": "N/A",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "Oracle Solaris versions 10 et 11",
"product": {
"name": "N/A",
"vendor": {
"name": "Oracle",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2018-6913",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-6913"
},
{
"name": "CVE-2017-1000456",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-1000456"
},
{
"name": "CVE-2018-19628",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-19628"
},
{
"name": "CVE-2018-19158",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-19158"
},
{
"name": "CVE-2018-13988",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-13988"
},
{
"name": "CVE-2017-14517",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-14517"
},
{
"name": "CVE-2018-3282",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-3282"
},
{
"name": "CVE-2016-0635",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-0635"
},
{
"name": "CVE-2018-0739",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0739"
},
{
"name": "CVE-2018-1000115",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000115"
},
{
"name": "CVE-2018-9918",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-9918"
},
{
"name": "CVE-2019-2545",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2545"
},
{
"name": "CVE-2019-2541",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2541"
},
{
"name": "CVE-2018-0734",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0734"
},
{
"name": "CVE-2019-2544",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2544"
},
{
"name": "CVE-2018-3247",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-3247"
},
{
"name": "CVE-2018-1275",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1275"
},
{
"name": "CVE-2018-3639",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-3639"
},
{
"name": "CVE-2019-2543",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2543"
},
{
"name": "CVE-2017-5645",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-5645"
},
{
"name": "CVE-2017-18267",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-18267"
},
{
"name": "CVE-2019-2412",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2412"
},
{
"name": "CVE-2016-8705",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-8705"
},
{
"name": "CVE-2018-17183",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-17183"
},
{
"name": "CVE-2019-2437",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2437"
},
{
"name": "CVE-2018-3646",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-3646"
},
{
"name": "CVE-2018-5407",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-5407"
},
{
"name": "CVE-2018-3070",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-3070"
},
{
"name": "CVE-2018-15909",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-15909"
},
{
"name": "CVE-2018-11763",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-11763"
}
],
"links": [],
"reference": "CERTFR-2019-AVI-023",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2019-01-16T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "D\u00e9ni de service"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Oracle Sun Systems.\nCertaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer un\nprobl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur, un d\u00e9ni de service \u00e0\ndistance et une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans Oracle Sun Systems",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Oracle cpujan2019-5072801 du 15 janvier 2019",
"url": "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html#AppendixSUNS"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Oracle bulletinjan2019-5251593 du 15 janvier 2019",
"url": "https://www.oracle.com/technetwork/topics/security/bulletinjan2019-5251593.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Oracle cpujan2019verbose-5072807 du 15 janvier 2019",
"url": "https://www.oracle.com/technetwork/security-advisory/cpujan2019verbose-5072807.html#SUNS"
}
]
}
CERTFR-2018-AVI-339
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans les produits Juniper . Certaines d'entre elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur, une exécution de code arbitraire à distance et un déni de service à distance.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Juniper Networks | N/A | Contrail Service Orchestration (CSO) versions antérieures à 4.0.0 et 3.3.0 | ||
| Juniper Networks | Junos Space | Junos Space versions antérieures à 18.1R1 | ||
| Juniper Networks | Junos OS | Junos OS versions antérieures à 12.1X46-D45, 12.1X46-D67, 12.1X46-D76, 12.1X46-D77, 12.3R11, 12.3R12-S10, 12.3X48-D20, 12.3X48-D25, 12.3X48-D55, 12.3X48-D66, 12.3X48-D70, 12.3X54-D34, 14.1X53-D30, 14.1X53-D47, 15.1F5-S5, 15.1F6-S1, 15.1F6-S10, 15.1F7, 15.1R4-S5, 15.1R4-S9, 15.1R5, 15.1R6-S6, 15.1R7, 15.1R7-S1, 15.1R8, 15.1X49-D110, 15.1X49-D131, 15.1X49-D140, 15.1X49-D20, 15.1X49-D35, 15.1X53-D233, 15.1X53-D234, 15.1X53-D47, 15.1X53-D470, 15.1X53-D471, 15.1X53-D490, 15.1X53-D59, 15.1X53-D60, 15.1X53-D67, 15.1X54-D70, 15.1X8.3, 16.1R2, 16.1R3, 16.1R3-S8, 16.1R3-S9, 16.1R4-S10, 16.1R4-S8, 16.1R4-S9, 16.1R5-S4, 16.1R6-S1, 16.1R6-S3, 16.1R6-S4, 16.1R7, 16.1X65-D46, 16.1X65-D47, 16.2R1, 16.2R1-S6, 16.2R1-S7, 16.2R2-S5, 16.2R2-S6, 16.2R3, 17.1R1-S7, 17.1R2-S7, 17.1R3, 17.2R1-S4, 17.2R1-S6, 17.2R2-S4, 17.2R2-S5, 17.2R3, 17.2X75-D100, 17.2X75-D110, 17.2X75-D70, 17.2X75-D90, 17.2X75-D91, 17.3R1, 17.3R1-S4, 17.3R2, 17.3R2-S2, 17.3R3, 17.4R1-S2, 17.4R1-S3, 17.4R1-S4, 17.4R2, 18.1R1, 18.1R2, 18.1X75-D10, 18.2R1, 18.2X75-D10 et 18.2X75-D5 |
References
| Title | Publication Time | Tags | |||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Contrail Service Orchestration (CSO) versions ant\u00e9rieures \u00e0 4.0.0 et 3.3.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos Space versions ant\u00e9rieures \u00e0 18.1R1",
"product": {
"name": "Junos Space",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions ant\u00e9rieures \u00e0 12.1X46-D45, 12.1X46-D67, 12.1X46-D76, 12.1X46-D77, 12.3R11, 12.3R12-S10, 12.3X48-D20, 12.3X48-D25, 12.3X48-D55, 12.3X48-D66, 12.3X48-D70, 12.3X54-D34, 14.1X53-D30, 14.1X53-D47, 15.1F5-S5, 15.1F6-S1, 15.1F6-S10, 15.1F7, 15.1R4-S5, 15.1R4-S9, 15.1R5, 15.1R6-S6, 15.1R7, 15.1R7-S1, 15.1R8, 15.1X49-D110, 15.1X49-D131, 15.1X49-D140, 15.1X49-D20, 15.1X49-D35, 15.1X53-D233, 15.1X53-D234, 15.1X53-D47, 15.1X53-D470, 15.1X53-D471, 15.1X53-D490, 15.1X53-D59, 15.1X53-D60, 15.1X53-D67, 15.1X54-D70, 15.1X8.3, 16.1R2, 16.1R3, 16.1R3-S8, 16.1R3-S9, 16.1R4-S10, 16.1R4-S8, 16.1R4-S9, 16.1R5-S4, 16.1R6-S1, 16.1R6-S3, 16.1R6-S4, 16.1R7, 16.1X65-D46, 16.1X65-D47, 16.2R1, 16.2R1-S6, 16.2R1-S7, 16.2R2-S5, 16.2R2-S6, 16.2R3, 17.1R1-S7, 17.1R2-S7, 17.1R3, 17.2R1-S4, 17.2R1-S6, 17.2R2-S4, 17.2R2-S5, 17.2R3, 17.2X75-D100, 17.2X75-D110, 17.2X75-D70, 17.2X75-D90, 17.2X75-D91, 17.3R1, 17.3R1-S4, 17.3R2, 17.3R2-S2, 17.3R3, 17.4R1-S2, 17.4R1-S3, 17.4R1-S4, 17.4R2, 18.1R1, 18.1R2, 18.1X75-D10, 18.2R1, 18.2X75-D10 et 18.2X75-D5",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2017-7407",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7407"
},
{
"name": "CVE-2018-0027",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0027"
},
{
"name": "CVE-2016-8615",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-8615"
},
{
"name": "CVE-2015-3153",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-3153"
},
{
"name": "CVE-2018-0024",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0024"
},
{
"name": "CVE-2017-1000257",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-1000257"
},
{
"name": "CVE-2016-8619",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-8619"
},
{
"name": "CVE-2013-1944",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-1944"
},
{
"name": "CVE-2018-2603",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-2603"
},
{
"name": "CVE-2017-8818",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-8818"
},
{
"name": "CVE-2018-0031",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0031"
},
{
"name": "CVE-2018-0035",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0035"
},
{
"name": "CVE-2018-1000115",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000115"
},
{
"name": "CVE-2016-9952",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-9952"
},
{
"name": "CVE-2017-10295",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-10295"
},
{
"name": "CVE-2013-4545",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-4545"
},
{
"name": "CVE-2015-7236",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-7236"
},
{
"name": "CVE-2017-3737",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3737"
},
{
"name": "CVE-2016-4802",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4802"
},
{
"name": "CVE-2017-10388",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-10388"
},
{
"name": "CVE-2016-9953",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-9953"
},
{
"name": "CVE-2016-8624",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-8624"
},
{
"name": "CVE-2018-0039",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0039"
},
{
"name": "CVE-2016-8616",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-8616"
},
{
"name": "CVE-2015-3148",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-3148"
},
{
"name": "CVE-2016-8620",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-8620"
},
{
"name": "CVE-2014-3613",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-3613"
},
{
"name": "CVE-2018-1000121",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000121"
},
{
"name": "CVE-2013-6422",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-6422"
},
{
"name": "CVE-2018-0042",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0042"
},
{
"name": "CVE-2018-2618",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-2618"
},
{
"name": "CVE-2018-1000005",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000005"
},
{
"name": "CVE-2016-8617",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-8617"
},
{
"name": "CVE-2016-0754",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-0754"
},
{
"name": "CVE-2017-1000101",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-1000101"
},
{
"name": "CVE-2018-1000120",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000120"
},
{
"name": "CVE-2014-8150",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-8150"
},
{
"name": "CVE-2014-3707",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-3707"
},
{
"name": "CVE-2016-8618",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-8618"
},
{
"name": "CVE-2018-0037",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0037"
},
{
"name": "CVE-2015-3143",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-3143"
},
{
"name": "CVE-2018-0040",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0040"
},
{
"name": "CVE-2016-5419",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-5419"
},
{
"name": "CVE-2017-12613",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12613"
},
{
"name": "CVE-2018-2637",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-2637"
},
{
"name": "CVE-2017-10198",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-10198"
},
{
"name": "CVE-2017-10355",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-10355"
},
{
"name": "CVE-2016-8623",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-8623"
},
{
"name": "CVE-2017-5754",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-5754"
},
{
"name": "CVE-2016-3739",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3739"
},
{
"name": "CVE-2018-2663",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-2663"
},
{
"name": "CVE-2017-15896",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-15896"
},
{
"name": "CVE-2018-2579",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-2579"
},
{
"name": "CVE-2017-8816",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-8816"
},
{
"name": "CVE-2017-5753",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-5753"
},
{
"name": "CVE-2016-7167",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7167"
},
{
"name": "CVE-2017-9502",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-9502"
},
{
"name": "CVE-2018-0030",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0030"
},
{
"name": "CVE-2018-0034",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0034"
},
{
"name": "CVE-2018-2633",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-2633"
},
{
"name": "CVE-2000-0973",
"url": "https://www.cve.org/CVERecord?id=CVE-2000-0973"
},
{
"name": "CVE-2014-0139",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-0139"
},
{
"name": "CVE-2016-5420",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-5420"
},
{
"name": "CVE-2016-7141",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7141"
},
{
"name": "CVE-2014-0138",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-0138"
},
{
"name": "CVE-2016-8621",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-8621"
},
{
"name": "CVE-2018-0029",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0029"
},
{
"name": "CVE-2018-0025",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0025"
},
{
"name": "CVE-2017-1000254",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-1000254"
},
{
"name": "CVE-2018-2599",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-2599"
},
{
"name": "CVE-2017-8817",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-8817"
},
{
"name": "CVE-2017-10356",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-10356"
},
{
"name": "CVE-2018-0038",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0038"
},
{
"name": "CVE-2016-9586",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-9586"
},
{
"name": "CVE-2017-1000100",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-1000100"
},
{
"name": "CVE-2017-10345",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-10345"
},
{
"name": "CVE-2018-0041",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0041"
},
{
"name": "CVE-2017-5715",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-5715"
},
{
"name": "CVE-2018-2629",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-2629"
},
{
"name": "CVE-2016-8622",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-8622"
},
{
"name": "CVE-2013-2174",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-2174"
},
{
"name": "CVE-2018-1000007",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000007"
},
{
"name": "CVE-2018-0032",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0032"
},
{
"name": "CVE-2016-5421",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-5421"
},
{
"name": "CVE-2018-2678",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-2678"
},
{
"name": "CVE-2014-0015",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-0015"
},
{
"name": "CVE-2017-1000099",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-1000099"
},
{
"name": "CVE-2018-2588",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-2588"
},
{
"name": "CVE-2018-1000122",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000122"
},
{
"name": "CVE-2017-3145",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3145"
},
{
"name": "CVE-2016-8625",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-8625"
},
{
"name": "CVE-2018-0026",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0026"
},
{
"name": "CVE-2016-0755",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-0755"
}
],
"links": [],
"reference": "CERTFR-2018-AVI-339",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2018-07-12T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits\nJuniper . Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer\nun probl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur, une ex\u00e9cution de\ncode arbitraire \u00e0 distance et un d\u00e9ni de service \u00e0 distance.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Juniper",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10869 du 11 juillet 2018",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10869\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10866 du 11 juillet 2018",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10866\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10874 du 11 juillet 2018",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10874\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10863 du 11 juillet 2018",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10863\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10871 du 11 juillet 2018",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10871\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10857 du 11 juillet 2018",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10857\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10868 du 11 juillet 2018",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10868\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10859 du 11 juillet 2018",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10859\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10872 du 11 juillet 2018",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10872\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10858 du 11 juillet 2018",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10858\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10861 du 11 juillet 2018",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10861\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10860 du 11 juillet 2018",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10860\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10864 du 11 juillet 2018",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10864\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10873 du 11 juillet 2018",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10873\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10865 du 11 juillet 2018",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10865\u0026cat=SIRT_1\u0026actp=LIST"
}
]
}
CERTFR-2019-AVI-023
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans Oracle Sun Systems. Certaines d'entre elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur, un déni de service à distance et une atteinte à la confidentialité des données.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
References
| Title | Publication Time | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Tape Library ACSLS version 8.4",
"product": {
"name": "N/A",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "Sun ZFS Storage Appliance Kit (AK) versions ant\u00e9rieures \u00e0 8.8.2",
"product": {
"name": "N/A",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "Oracle Solaris versions 10 et 11",
"product": {
"name": "N/A",
"vendor": {
"name": "Oracle",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2018-6913",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-6913"
},
{
"name": "CVE-2017-1000456",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-1000456"
},
{
"name": "CVE-2018-19628",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-19628"
},
{
"name": "CVE-2018-19158",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-19158"
},
{
"name": "CVE-2018-13988",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-13988"
},
{
"name": "CVE-2017-14517",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-14517"
},
{
"name": "CVE-2018-3282",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-3282"
},
{
"name": "CVE-2016-0635",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-0635"
},
{
"name": "CVE-2018-0739",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0739"
},
{
"name": "CVE-2018-1000115",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000115"
},
{
"name": "CVE-2018-9918",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-9918"
},
{
"name": "CVE-2019-2545",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2545"
},
{
"name": "CVE-2019-2541",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2541"
},
{
"name": "CVE-2018-0734",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0734"
},
{
"name": "CVE-2019-2544",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2544"
},
{
"name": "CVE-2018-3247",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-3247"
},
{
"name": "CVE-2018-1275",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1275"
},
{
"name": "CVE-2018-3639",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-3639"
},
{
"name": "CVE-2019-2543",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2543"
},
{
"name": "CVE-2017-5645",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-5645"
},
{
"name": "CVE-2017-18267",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-18267"
},
{
"name": "CVE-2019-2412",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2412"
},
{
"name": "CVE-2016-8705",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-8705"
},
{
"name": "CVE-2018-17183",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-17183"
},
{
"name": "CVE-2019-2437",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2437"
},
{
"name": "CVE-2018-3646",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-3646"
},
{
"name": "CVE-2018-5407",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-5407"
},
{
"name": "CVE-2018-3070",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-3070"
},
{
"name": "CVE-2018-15909",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-15909"
},
{
"name": "CVE-2018-11763",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-11763"
}
],
"links": [],
"reference": "CERTFR-2019-AVI-023",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2019-01-16T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "D\u00e9ni de service"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Oracle Sun Systems.\nCertaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer un\nprobl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur, un d\u00e9ni de service \u00e0\ndistance et une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans Oracle Sun Systems",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Oracle cpujan2019-5072801 du 15 janvier 2019",
"url": "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html#AppendixSUNS"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Oracle bulletinjan2019-5251593 du 15 janvier 2019",
"url": "https://www.oracle.com/technetwork/topics/security/bulletinjan2019-5251593.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Oracle cpujan2019verbose-5072807 du 15 janvier 2019",
"url": "https://www.oracle.com/technetwork/security-advisory/cpujan2019verbose-5072807.html#SUNS"
}
]
}
CERTFR-2018-AVI-339
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans les produits Juniper . Certaines d'entre elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur, une exécution de code arbitraire à distance et un déni de service à distance.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Juniper Networks | N/A | Contrail Service Orchestration (CSO) versions antérieures à 4.0.0 et 3.3.0 | ||
| Juniper Networks | Junos Space | Junos Space versions antérieures à 18.1R1 | ||
| Juniper Networks | Junos OS | Junos OS versions antérieures à 12.1X46-D45, 12.1X46-D67, 12.1X46-D76, 12.1X46-D77, 12.3R11, 12.3R12-S10, 12.3X48-D20, 12.3X48-D25, 12.3X48-D55, 12.3X48-D66, 12.3X48-D70, 12.3X54-D34, 14.1X53-D30, 14.1X53-D47, 15.1F5-S5, 15.1F6-S1, 15.1F6-S10, 15.1F7, 15.1R4-S5, 15.1R4-S9, 15.1R5, 15.1R6-S6, 15.1R7, 15.1R7-S1, 15.1R8, 15.1X49-D110, 15.1X49-D131, 15.1X49-D140, 15.1X49-D20, 15.1X49-D35, 15.1X53-D233, 15.1X53-D234, 15.1X53-D47, 15.1X53-D470, 15.1X53-D471, 15.1X53-D490, 15.1X53-D59, 15.1X53-D60, 15.1X53-D67, 15.1X54-D70, 15.1X8.3, 16.1R2, 16.1R3, 16.1R3-S8, 16.1R3-S9, 16.1R4-S10, 16.1R4-S8, 16.1R4-S9, 16.1R5-S4, 16.1R6-S1, 16.1R6-S3, 16.1R6-S4, 16.1R7, 16.1X65-D46, 16.1X65-D47, 16.2R1, 16.2R1-S6, 16.2R1-S7, 16.2R2-S5, 16.2R2-S6, 16.2R3, 17.1R1-S7, 17.1R2-S7, 17.1R3, 17.2R1-S4, 17.2R1-S6, 17.2R2-S4, 17.2R2-S5, 17.2R3, 17.2X75-D100, 17.2X75-D110, 17.2X75-D70, 17.2X75-D90, 17.2X75-D91, 17.3R1, 17.3R1-S4, 17.3R2, 17.3R2-S2, 17.3R3, 17.4R1-S2, 17.4R1-S3, 17.4R1-S4, 17.4R2, 18.1R1, 18.1R2, 18.1X75-D10, 18.2R1, 18.2X75-D10 et 18.2X75-D5 |
References
| Title | Publication Time | Tags | |||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Contrail Service Orchestration (CSO) versions ant\u00e9rieures \u00e0 4.0.0 et 3.3.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos Space versions ant\u00e9rieures \u00e0 18.1R1",
"product": {
"name": "Junos Space",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions ant\u00e9rieures \u00e0 12.1X46-D45, 12.1X46-D67, 12.1X46-D76, 12.1X46-D77, 12.3R11, 12.3R12-S10, 12.3X48-D20, 12.3X48-D25, 12.3X48-D55, 12.3X48-D66, 12.3X48-D70, 12.3X54-D34, 14.1X53-D30, 14.1X53-D47, 15.1F5-S5, 15.1F6-S1, 15.1F6-S10, 15.1F7, 15.1R4-S5, 15.1R4-S9, 15.1R5, 15.1R6-S6, 15.1R7, 15.1R7-S1, 15.1R8, 15.1X49-D110, 15.1X49-D131, 15.1X49-D140, 15.1X49-D20, 15.1X49-D35, 15.1X53-D233, 15.1X53-D234, 15.1X53-D47, 15.1X53-D470, 15.1X53-D471, 15.1X53-D490, 15.1X53-D59, 15.1X53-D60, 15.1X53-D67, 15.1X54-D70, 15.1X8.3, 16.1R2, 16.1R3, 16.1R3-S8, 16.1R3-S9, 16.1R4-S10, 16.1R4-S8, 16.1R4-S9, 16.1R5-S4, 16.1R6-S1, 16.1R6-S3, 16.1R6-S4, 16.1R7, 16.1X65-D46, 16.1X65-D47, 16.2R1, 16.2R1-S6, 16.2R1-S7, 16.2R2-S5, 16.2R2-S6, 16.2R3, 17.1R1-S7, 17.1R2-S7, 17.1R3, 17.2R1-S4, 17.2R1-S6, 17.2R2-S4, 17.2R2-S5, 17.2R3, 17.2X75-D100, 17.2X75-D110, 17.2X75-D70, 17.2X75-D90, 17.2X75-D91, 17.3R1, 17.3R1-S4, 17.3R2, 17.3R2-S2, 17.3R3, 17.4R1-S2, 17.4R1-S3, 17.4R1-S4, 17.4R2, 18.1R1, 18.1R2, 18.1X75-D10, 18.2R1, 18.2X75-D10 et 18.2X75-D5",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2017-7407",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7407"
},
{
"name": "CVE-2018-0027",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0027"
},
{
"name": "CVE-2016-8615",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-8615"
},
{
"name": "CVE-2015-3153",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-3153"
},
{
"name": "CVE-2018-0024",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0024"
},
{
"name": "CVE-2017-1000257",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-1000257"
},
{
"name": "CVE-2016-8619",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-8619"
},
{
"name": "CVE-2013-1944",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-1944"
},
{
"name": "CVE-2018-2603",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-2603"
},
{
"name": "CVE-2017-8818",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-8818"
},
{
"name": "CVE-2018-0031",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0031"
},
{
"name": "CVE-2018-0035",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0035"
},
{
"name": "CVE-2018-1000115",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000115"
},
{
"name": "CVE-2016-9952",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-9952"
},
{
"name": "CVE-2017-10295",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-10295"
},
{
"name": "CVE-2013-4545",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-4545"
},
{
"name": "CVE-2015-7236",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-7236"
},
{
"name": "CVE-2017-3737",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3737"
},
{
"name": "CVE-2016-4802",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4802"
},
{
"name": "CVE-2017-10388",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-10388"
},
{
"name": "CVE-2016-9953",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-9953"
},
{
"name": "CVE-2016-8624",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-8624"
},
{
"name": "CVE-2018-0039",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0039"
},
{
"name": "CVE-2016-8616",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-8616"
},
{
"name": "CVE-2015-3148",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-3148"
},
{
"name": "CVE-2016-8620",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-8620"
},
{
"name": "CVE-2014-3613",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-3613"
},
{
"name": "CVE-2018-1000121",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000121"
},
{
"name": "CVE-2013-6422",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-6422"
},
{
"name": "CVE-2018-0042",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0042"
},
{
"name": "CVE-2018-2618",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-2618"
},
{
"name": "CVE-2018-1000005",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000005"
},
{
"name": "CVE-2016-8617",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-8617"
},
{
"name": "CVE-2016-0754",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-0754"
},
{
"name": "CVE-2017-1000101",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-1000101"
},
{
"name": "CVE-2018-1000120",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000120"
},
{
"name": "CVE-2014-8150",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-8150"
},
{
"name": "CVE-2014-3707",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-3707"
},
{
"name": "CVE-2016-8618",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-8618"
},
{
"name": "CVE-2018-0037",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0037"
},
{
"name": "CVE-2015-3143",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-3143"
},
{
"name": "CVE-2018-0040",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0040"
},
{
"name": "CVE-2016-5419",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-5419"
},
{
"name": "CVE-2017-12613",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12613"
},
{
"name": "CVE-2018-2637",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-2637"
},
{
"name": "CVE-2017-10198",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-10198"
},
{
"name": "CVE-2017-10355",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-10355"
},
{
"name": "CVE-2016-8623",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-8623"
},
{
"name": "CVE-2017-5754",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-5754"
},
{
"name": "CVE-2016-3739",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3739"
},
{
"name": "CVE-2018-2663",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-2663"
},
{
"name": "CVE-2017-15896",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-15896"
},
{
"name": "CVE-2018-2579",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-2579"
},
{
"name": "CVE-2017-8816",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-8816"
},
{
"name": "CVE-2017-5753",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-5753"
},
{
"name": "CVE-2016-7167",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7167"
},
{
"name": "CVE-2017-9502",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-9502"
},
{
"name": "CVE-2018-0030",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0030"
},
{
"name": "CVE-2018-0034",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0034"
},
{
"name": "CVE-2018-2633",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-2633"
},
{
"name": "CVE-2000-0973",
"url": "https://www.cve.org/CVERecord?id=CVE-2000-0973"
},
{
"name": "CVE-2014-0139",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-0139"
},
{
"name": "CVE-2016-5420",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-5420"
},
{
"name": "CVE-2016-7141",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7141"
},
{
"name": "CVE-2014-0138",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-0138"
},
{
"name": "CVE-2016-8621",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-8621"
},
{
"name": "CVE-2018-0029",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0029"
},
{
"name": "CVE-2018-0025",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0025"
},
{
"name": "CVE-2017-1000254",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-1000254"
},
{
"name": "CVE-2018-2599",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-2599"
},
{
"name": "CVE-2017-8817",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-8817"
},
{
"name": "CVE-2017-10356",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-10356"
},
{
"name": "CVE-2018-0038",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0038"
},
{
"name": "CVE-2016-9586",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-9586"
},
{
"name": "CVE-2017-1000100",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-1000100"
},
{
"name": "CVE-2017-10345",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-10345"
},
{
"name": "CVE-2018-0041",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0041"
},
{
"name": "CVE-2017-5715",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-5715"
},
{
"name": "CVE-2018-2629",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-2629"
},
{
"name": "CVE-2016-8622",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-8622"
},
{
"name": "CVE-2013-2174",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-2174"
},
{
"name": "CVE-2018-1000007",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000007"
},
{
"name": "CVE-2018-0032",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0032"
},
{
"name": "CVE-2016-5421",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-5421"
},
{
"name": "CVE-2018-2678",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-2678"
},
{
"name": "CVE-2014-0015",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-0015"
},
{
"name": "CVE-2017-1000099",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-1000099"
},
{
"name": "CVE-2018-2588",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-2588"
},
{
"name": "CVE-2018-1000122",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000122"
},
{
"name": "CVE-2017-3145",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3145"
},
{
"name": "CVE-2016-8625",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-8625"
},
{
"name": "CVE-2018-0026",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0026"
},
{
"name": "CVE-2016-0755",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-0755"
}
],
"links": [],
"reference": "CERTFR-2018-AVI-339",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2018-07-12T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits\nJuniper . Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer\nun probl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur, une ex\u00e9cution de\ncode arbitraire \u00e0 distance et un d\u00e9ni de service \u00e0 distance.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Juniper",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10869 du 11 juillet 2018",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10869\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10866 du 11 juillet 2018",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10866\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10874 du 11 juillet 2018",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10874\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10863 du 11 juillet 2018",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10863\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10871 du 11 juillet 2018",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10871\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10857 du 11 juillet 2018",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10857\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10868 du 11 juillet 2018",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10868\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10859 du 11 juillet 2018",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10859\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10872 du 11 juillet 2018",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10872\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10858 du 11 juillet 2018",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10858\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10861 du 11 juillet 2018",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10861\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10860 du 11 juillet 2018",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10860\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10864 du 11 juillet 2018",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10864\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10873 du 11 juillet 2018",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10873\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10865 du 11 juillet 2018",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10865\u0026cat=SIRT_1\u0026actp=LIST"
}
]
}
CNVD-2018-04860
Vulnerability from cnvd - Published: 2018-03-12
VLAI Severity ?
Title
Memcached拒绝服务漏洞
Description
Memcached是美国软件开发者布莱德-菲兹派翠克(Brad Fitzpatrick)所研发的一套高性能的分布式内存对象缓存系统。该系统通过在内存中缓存数据和对象来减少读取数据库的次数,从而提高网站访问速度。
Memcached 1.5.5版本中存在安全漏洞,该漏洞源于程序未能充分的限制Network Message Volume。攻击者可利用该漏洞造成拒绝服务。
Severity
中
Patch Name
Memcached拒绝服务漏洞的补丁
Patch Description
Memcached是美国软件开发者布莱德-菲兹派翠克(Brad Fitzpatrick)所研发的一套高性能的分布式内存对象缓存系统。该系统通过在内存中缓存数据和对象来减少读取数据库的次数,从而提高网站访问速度。
Memcached 1.5.5版本中存在安全漏洞,该漏洞源于程序未能充分的限制Network Message Volume。攻击者可利用该漏洞造成拒绝服务。目前,供应商发布了安全公告及相关补丁信息,修复了此漏洞。
Formal description
目前厂商已发布升级补丁以修复漏洞,补丁获取链接: https://github.com/memcached/memcached/wiki/ReleaseNotes156
Reference
https://blogs.akamai.com/2018/03/memcached-fueled-13-tbps-attacks.html
https://github.com/memcached/memcached/commit/dbb7a8af90054bf4ef51f5814ef7ceb17d83d974
https://www.exploit-db.com/exploits/44264/
Impacted products
| Name | Memcached Memcached 1.5.5 |
|---|
{
"cves": {
"cve": {
"cveNumber": "CVE-2018-1000115"
}
},
"description": "Memcached\u662f\u7f8e\u56fd\u8f6f\u4ef6\u5f00\u53d1\u8005\u5e03\u83b1\u5fb7-\u83f2\u5179\u6d3e\u7fe0\u514b\uff08Brad Fitzpatrick\uff09\u6240\u7814\u53d1\u7684\u4e00\u5957\u9ad8\u6027\u80fd\u7684\u5206\u5e03\u5f0f\u5185\u5b58\u5bf9\u8c61\u7f13\u5b58\u7cfb\u7edf\u3002\u8be5\u7cfb\u7edf\u901a\u8fc7\u5728\u5185\u5b58\u4e2d\u7f13\u5b58\u6570\u636e\u548c\u5bf9\u8c61\u6765\u51cf\u5c11\u8bfb\u53d6\u6570\u636e\u5e93\u7684\u6b21\u6570\uff0c\u4ece\u800c\u63d0\u9ad8\u7f51\u7ad9\u8bbf\u95ee\u901f\u5ea6\u3002\r\n\r\nMemcached 1.5.5\u7248\u672c\u4e2d\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u7a0b\u5e8f\u672a\u80fd\u5145\u5206\u7684\u9650\u5236Network Message Volume\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u9020\u6210\u62d2\u7edd\u670d\u52a1\u3002",
"discovererName": "anonymous",
"formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u53d1\u5e03\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u6f0f\u6d1e\uff0c\u8865\u4e01\u83b7\u53d6\u94fe\u63a5\uff1a\r\nhttps://github.com/memcached/memcached/wiki/ReleaseNotes156",
"isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
"number": "CNVD-2018-04860",
"openTime": "2018-03-12",
"patchDescription": "Memcached\u662f\u7f8e\u56fd\u8f6f\u4ef6\u5f00\u53d1\u8005\u5e03\u83b1\u5fb7-\u83f2\u5179\u6d3e\u7fe0\u514b\uff08Brad Fitzpatrick\uff09\u6240\u7814\u53d1\u7684\u4e00\u5957\u9ad8\u6027\u80fd\u7684\u5206\u5e03\u5f0f\u5185\u5b58\u5bf9\u8c61\u7f13\u5b58\u7cfb\u7edf\u3002\u8be5\u7cfb\u7edf\u901a\u8fc7\u5728\u5185\u5b58\u4e2d\u7f13\u5b58\u6570\u636e\u548c\u5bf9\u8c61\u6765\u51cf\u5c11\u8bfb\u53d6\u6570\u636e\u5e93\u7684\u6b21\u6570\uff0c\u4ece\u800c\u63d0\u9ad8\u7f51\u7ad9\u8bbf\u95ee\u901f\u5ea6\u3002\r\n\r\nMemcached 1.5.5\u7248\u672c\u4e2d\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u7a0b\u5e8f\u672a\u80fd\u5145\u5206\u7684\u9650\u5236Network Message Volume\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u9020\u6210\u62d2\u7edd\u670d\u52a1\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
"patchName": "Memcached\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\u7684\u8865\u4e01",
"products": {
"product": "Memcached Memcached 1.5.5"
},
"referenceLink": "https://blogs.akamai.com/2018/03/memcached-fueled-13-tbps-attacks.html\r\nhttps://github.com/memcached/memcached/commit/dbb7a8af90054bf4ef51f5814ef7ceb17d83d974\r\nhttps://www.exploit-db.com/exploits/44264/",
"serverity": "\u4e2d",
"submitTime": "2018-03-07",
"title": "Memcached\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e"
}
GSD-2018-1000115
Vulnerability from gsd - Updated: 2023-12-13 01:22Details
Memcached version 1.5.5 contains an Insufficient Control of Network Message Volume (Network Amplification, CWE-406) vulnerability in the UDP support of the memcached server that can result in denial of service via network flood (traffic amplification of 1:50,000 has been reported by reliable sources). This attack appear to be exploitable via network connectivity to port 11211 UDP. This vulnerability appears to have been fixed in 1.5.6 due to the disabling of the UDP protocol by default.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2018-1000115",
"description": "Memcached version 1.5.5 contains an Insufficient Control of Network Message Volume (Network Amplification, CWE-406) vulnerability in the UDP support of the memcached server that can result in denial of service via network flood (traffic amplification of 1:50,000 has been reported by reliable sources). This attack appear to be exploitable via network connectivity to port 11211 UDP. This vulnerability appears to have been fixed in 1.5.6 due to the disabling of the UDP protocol by default.",
"id": "GSD-2018-1000115",
"references": [
"https://www.suse.com/security/cve/CVE-2018-1000115.html",
"https://www.debian.org/security/2018/dsa-4218",
"https://access.redhat.com/errata/RHSA-2018:2857",
"https://access.redhat.com/errata/RHSA-2018:2331",
"https://access.redhat.com/errata/RHBA-2018:2140",
"https://access.redhat.com/errata/RHSA-2018:1627",
"https://access.redhat.com/errata/RHSA-2018:1593",
"https://ubuntu.com/security/CVE-2018-1000115",
"https://advisories.mageia.org/CVE-2018-1000115.html",
"https://security.archlinux.org/CVE-2018-1000115",
"https://alas.aws.amazon.com/cve/html/CVE-2018-1000115.html"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2018-1000115"
],
"details": "Memcached version 1.5.5 contains an Insufficient Control of Network Message Volume (Network Amplification, CWE-406) vulnerability in the UDP support of the memcached server that can result in denial of service via network flood (traffic amplification of 1:50,000 has been reported by reliable sources). This attack appear to be exploitable via network connectivity to port 11211 UDP. This vulnerability appears to have been fixed in 1.5.6 due to the disabling of the UDP protocol by default.",
"id": "GSD-2018-1000115",
"modified": "2023-12-13T01:22:27.905007Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"DATE_ASSIGNED": "3/2/2018 21:30:48",
"ID": "CVE-2018-1000115",
"REQUESTER": "kurt@seifried.org",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Memcached version 1.5.5 contains an Insufficient Control of Network Message Volume (Network Amplification, CWE-406) vulnerability in the UDP support of the memcached server that can result in denial of service via network flood (traffic amplification of 1:50,000 has been reported by reliable sources). This attack appear to be exploitable via network connectivity to port 11211 UDP. This vulnerability appears to have been fixed in 1.5.6 due to the disabling of the UDP protocol by default."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHBA-2018:2140",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHBA-2018:2140"
},
{
"name": "RHSA-2018:1593",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1593"
},
{
"name": "USN-3588-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3588-1/"
},
{
"name": "https://github.com/memcached/memcached/wiki/ReleaseNotes156",
"refsource": "MISC",
"url": "https://github.com/memcached/memcached/wiki/ReleaseNotes156"
},
{
"name": "44264",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/44264/"
},
{
"name": "https://twitter.com/dormando/status/968579781729009664",
"refsource": "MISC",
"url": "https://twitter.com/dormando/status/968579781729009664"
},
{
"name": "44265",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/44265/"
},
{
"name": "https://github.com/memcached/memcached/commit/dbb7a8af90054bf4ef51f5814ef7ceb17d83d974",
"refsource": "MISC",
"url": "https://github.com/memcached/memcached/commit/dbb7a8af90054bf4ef51f5814ef7ceb17d83d974"
},
{
"name": "RHSA-2018:2857",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:2857"
},
{
"name": "RHSA-2018:1627",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1627"
},
{
"name": "RHSA-2018:2331",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:2331"
},
{
"name": "DSA-4218",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2018/dsa-4218"
},
{
"name": "https://blogs.akamai.com/2018/03/memcached-fueled-13-tbps-attacks.html",
"refsource": "MISC",
"url": "https://blogs.akamai.com/2018/03/memcached-fueled-13-tbps-attacks.html"
},
{
"name": "https://github.com/memcached/memcached/issues/348",
"refsource": "MISC",
"url": "https://github.com/memcached/memcached/issues/348"
},
{
"name": "https://www.synology.com/support/security/Synology_SA_18_07",
"refsource": "CONFIRM",
"url": "https://www.synology.com/support/security/Synology_SA_18_07"
}
]
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:memcached:memcached:1.5.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:redhat:openstack:8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:redhat:openstack:9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:redhat:openstack:10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:redhat:openstack:11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:redhat:openstack:12:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-1000115"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "Memcached version 1.5.5 contains an Insufficient Control of Network Message Volume (Network Amplification, CWE-406) vulnerability in the UDP support of the memcached server that can result in denial of service via network flood (traffic amplification of 1:50,000 has been reported by reliable sources). This attack appear to be exploitable via network connectivity to port 11211 UDP. This vulnerability appears to have been fixed in 1.5.6 due to the disabling of the UDP protocol by default."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-400"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://twitter.com/dormando/status/968579781729009664",
"refsource": "MISC",
"tags": [
"Third Party Advisory"
],
"url": "https://twitter.com/dormando/status/968579781729009664"
},
{
"name": "https://github.com/memcached/memcached/wiki/ReleaseNotes156",
"refsource": "MISC",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/memcached/memcached/wiki/ReleaseNotes156"
},
{
"name": "https://github.com/memcached/memcached/issues/348",
"refsource": "MISC",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://github.com/memcached/memcached/issues/348"
},
{
"name": "https://github.com/memcached/memcached/commit/dbb7a8af90054bf4ef51f5814ef7ceb17d83d974",
"refsource": "MISC",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/memcached/memcached/commit/dbb7a8af90054bf4ef51f5814ef7ceb17d83d974"
},
{
"name": "https://blogs.akamai.com/2018/03/memcached-fueled-13-tbps-attacks.html",
"refsource": "MISC",
"tags": [
"Third Party Advisory"
],
"url": "https://blogs.akamai.com/2018/03/memcached-fueled-13-tbps-attacks.html"
},
{
"name": "44264",
"refsource": "EXPLOIT-DB",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.exploit-db.com/exploits/44264/"
},
{
"name": "44265",
"refsource": "EXPLOIT-DB",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.exploit-db.com/exploits/44265/"
},
{
"name": "https://www.synology.com/support/security/Synology_SA_18_07",
"refsource": "CONFIRM",
"tags": [
"Third Party Advisory"
],
"url": "https://www.synology.com/support/security/Synology_SA_18_07"
},
{
"name": "USN-3588-1",
"refsource": "UBUNTU",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3588-1/"
},
{
"name": "RHSA-2018:1627",
"refsource": "REDHAT",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1627"
},
{
"name": "RHSA-2018:1593",
"refsource": "REDHAT",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1593"
},
{
"name": "DSA-4218",
"refsource": "DEBIAN",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2018/dsa-4218"
},
{
"name": "RHSA-2018:2331",
"refsource": "REDHAT",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2331"
},
{
"name": "RHBA-2018:2140",
"refsource": "REDHAT",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHBA-2018:2140"
},
{
"name": "RHSA-2018:2857",
"refsource": "REDHAT",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2857"
}
]
}
},
"impact": {
"baseMetricV2": {
"acInsufInfo": false,
"cvssV2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"userInteractionRequired": false
},
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
},
"lastModifiedDate": "2021-08-04T17:15Z",
"publishedDate": "2018-03-05T14:29Z"
}
}
}
GHSA-F4XM-W85J-GC55
Vulnerability from github – Published: 2022-05-13 01:07 – Updated: 2022-05-13 01:07
VLAI?
Details
Memcached version 1.5.5 contains an Insufficient Control of Network Message Volume (Network Amplification, CWE-406) vulnerability in the UDP support of the memcached server that can result in denial of service via network flood (traffic amplification of 1:50,000 has been reported by reliable sources). This attack appear to be exploitable via network connectivity to port 11211 UDP. This vulnerability appears to have been fixed in 1.5.6 due to the disabling of the UDP protocol by default.
Severity ?
7.5 (High)
{
"affected": [],
"aliases": [
"CVE-2018-1000115"
],
"database_specific": {
"cwe_ids": [
"CWE-400"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2018-03-05T14:29:00Z",
"severity": "HIGH"
},
"details": "Memcached version 1.5.5 contains an Insufficient Control of Network Message Volume (Network Amplification, CWE-406) vulnerability in the UDP support of the memcached server that can result in denial of service via network flood (traffic amplification of 1:50,000 has been reported by reliable sources). This attack appear to be exploitable via network connectivity to port 11211 UDP. This vulnerability appears to have been fixed in 1.5.6 due to the disabling of the UDP protocol by default.",
"id": "GHSA-f4xm-w85j-gc55",
"modified": "2022-05-13T01:07:32Z",
"published": "2022-05-13T01:07:32Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1000115"
},
{
"type": "WEB",
"url": "https://github.com/memcached/memcached/issues/348"
},
{
"type": "WEB",
"url": "https://github.com/memcached/memcached/commit/dbb7a8af90054bf4ef51f5814ef7ceb17d83d974"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHBA-2018:2140"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2018:1593"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2018:1627"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2018:2331"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2018:2857"
},
{
"type": "WEB",
"url": "https://blogs.akamai.com/2018/03/memcached-fueled-13-tbps-attacks.html"
},
{
"type": "WEB",
"url": "https://github.com/memcached/memcached/wiki/ReleaseNotes156"
},
{
"type": "WEB",
"url": "https://twitter.com/dormando/status/968579781729009664"
},
{
"type": "WEB",
"url": "https://usn.ubuntu.com/3588-1"
},
{
"type": "WEB",
"url": "https://www.debian.org/security/2018/dsa-4218"
},
{
"type": "WEB",
"url": "https://www.exploit-db.com/exploits/44264"
},
{
"type": "WEB",
"url": "https://www.exploit-db.com/exploits/44265"
},
{
"type": "WEB",
"url": "https://www.synology.com/support/security/Synology_SA_18_07"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
FKIE_CVE-2018-1000115
Vulnerability from fkie_nvd - Published: 2018-03-05 14:29 - Updated: 2024-11-21 03:39
Severity ?
Summary
Memcached version 1.5.5 contains an Insufficient Control of Network Message Volume (Network Amplification, CWE-406) vulnerability in the UDP support of the memcached server that can result in denial of service via network flood (traffic amplification of 1:50,000 has been reported by reliable sources). This attack appear to be exploitable via network connectivity to port 11211 UDP. This vulnerability appears to have been fixed in 1.5.6 due to the disabling of the UDP protocol by default.
References
| URL | Tags | ||
|---|---|---|---|
| cve@mitre.org | https://access.redhat.com/errata/RHBA-2018:2140 | Third Party Advisory | |
| cve@mitre.org | https://access.redhat.com/errata/RHSA-2018:1593 | Third Party Advisory | |
| cve@mitre.org | https://access.redhat.com/errata/RHSA-2018:1627 | Third Party Advisory | |
| cve@mitre.org | https://access.redhat.com/errata/RHSA-2018:2331 | Third Party Advisory | |
| cve@mitre.org | https://access.redhat.com/errata/RHSA-2018:2857 | Third Party Advisory | |
| cve@mitre.org | https://blogs.akamai.com/2018/03/memcached-fueled-13-tbps-attacks.html | Third Party Advisory | |
| cve@mitre.org | https://github.com/memcached/memcached/commit/dbb7a8af90054bf4ef51f5814ef7ceb17d83d974 | Patch, Third Party Advisory | |
| cve@mitre.org | https://github.com/memcached/memcached/issues/348 | Issue Tracking, Third Party Advisory | |
| cve@mitre.org | https://github.com/memcached/memcached/wiki/ReleaseNotes156 | Third Party Advisory | |
| cve@mitre.org | https://twitter.com/dormando/status/968579781729009664 | Third Party Advisory | |
| cve@mitre.org | https://usn.ubuntu.com/3588-1/ | Third Party Advisory | |
| cve@mitre.org | https://www.debian.org/security/2018/dsa-4218 | Third Party Advisory | |
| cve@mitre.org | https://www.exploit-db.com/exploits/44264/ | Exploit, Third Party Advisory, VDB Entry | |
| cve@mitre.org | https://www.exploit-db.com/exploits/44265/ | Exploit, Third Party Advisory, VDB Entry | |
| cve@mitre.org | https://www.synology.com/support/security/Synology_SA_18_07 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/errata/RHBA-2018:2140 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/errata/RHSA-2018:1593 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/errata/RHSA-2018:1627 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/errata/RHSA-2018:2331 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/errata/RHSA-2018:2857 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://blogs.akamai.com/2018/03/memcached-fueled-13-tbps-attacks.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/memcached/memcached/commit/dbb7a8af90054bf4ef51f5814ef7ceb17d83d974 | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/memcached/memcached/issues/348 | Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/memcached/memcached/wiki/ReleaseNotes156 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://twitter.com/dormando/status/968579781729009664 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://usn.ubuntu.com/3588-1/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.debian.org/security/2018/dsa-4218 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.exploit-db.com/exploits/44264/ | Exploit, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.exploit-db.com/exploits/44265/ | Exploit, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.synology.com/support/security/Synology_SA_18_07 | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| memcached | memcached | 1.5.5 | |
| canonical | ubuntu_linux | 14.04 | |
| canonical | ubuntu_linux | 16.04 | |
| canonical | ubuntu_linux | 17.10 | |
| debian | debian_linux | 8.0 | |
| debian | debian_linux | 9.0 | |
| redhat | openstack | 8 | |
| redhat | openstack | 9 | |
| redhat | openstack | 10 | |
| redhat | openstack | 11 | |
| redhat | openstack | 12 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:memcached:memcached:1.5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "81CD27E0-30C4-484D-A846-6121C88C49EA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "B5A6F2F3-4894-4392-8296-3B8DD2679084",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*",
"matchCriteriaId": "9070C9D8-A14A-467F-8253-33B966C16886",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:redhat:openstack:8:*:*:*:*:*:*:*",
"matchCriteriaId": "E8B8C725-34CF-4340-BE7B-37E58CF706D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:openstack:9:*:*:*:*:*:*:*",
"matchCriteriaId": "F40C26BE-56CB-4022-A1D8-3CA0A8F87F4B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:openstack:10:*:*:*:*:*:*:*",
"matchCriteriaId": "E722FEF7-58A6-47AD-B1D0-DB0B71B0C7AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:openstack:11:*:*:*:*:*:*:*",
"matchCriteriaId": "4E9AF77C-5D49-4842-9817-AD710A919073",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:openstack:12:*:*:*:*:*:*:*",
"matchCriteriaId": "4D4AC996-B340-4A14-86F7-FF83B4D5EC8F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Memcached version 1.5.5 contains an Insufficient Control of Network Message Volume (Network Amplification, CWE-406) vulnerability in the UDP support of the memcached server that can result in denial of service via network flood (traffic amplification of 1:50,000 has been reported by reliable sources). This attack appear to be exploitable via network connectivity to port 11211 UDP. This vulnerability appears to have been fixed in 1.5.6 due to the disabling of the UDP protocol by default."
},
{
"lang": "es",
"value": "Memcached 1.5.5 contiene una vulnerabilidad de control insuficiente de volumen de mensaje de red (amplificaci\u00f3n de red, CWE-406) en el soporte UDP del servidor memcached que puede resultar en una denegaci\u00f3n de servicio (DoS) mediante una inundaci\u00f3n de red (fuentes fiables reportan una amplificaci\u00f3n de tr\u00e1fico de 1:50.000). Este ataque parece ser explotable mediante conectividad de red en el puerto UDP 11211. Parece ser que esta vulnerabilidad se ha solucionado en la versi\u00f3n 1.5.6 debido a que se deshabilita por defecto el protocolo UDP."
}
],
"id": "CVE-2018-1000115",
"lastModified": "2024-11-21T03:39:40.657",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-03-05T14:29:00.203",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHBA-2018:2140"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1593"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1627"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2331"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2857"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://blogs.akamai.com/2018/03/memcached-fueled-13-tbps-attacks.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/memcached/memcached/commit/dbb7a8af90054bf4ef51f5814ef7ceb17d83d974"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://github.com/memcached/memcached/issues/348"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/memcached/memcached/wiki/ReleaseNotes156"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://twitter.com/dormando/status/968579781729009664"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3588-1/"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2018/dsa-4218"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.exploit-db.com/exploits/44264/"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.exploit-db.com/exploits/44265/"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://www.synology.com/support/security/Synology_SA_18_07"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHBA-2018:2140"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1593"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1627"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2331"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2857"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://blogs.akamai.com/2018/03/memcached-fueled-13-tbps-attacks.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/memcached/memcached/commit/dbb7a8af90054bf4ef51f5814ef7ceb17d83d974"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://github.com/memcached/memcached/issues/348"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/memcached/memcached/wiki/ReleaseNotes156"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://twitter.com/dormando/status/968579781729009664"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3588-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2018/dsa-4218"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.exploit-db.com/exploits/44264/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.exploit-db.com/exploits/44265/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.synology.com/support/security/Synology_SA_18_07"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-400"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…