Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2020-11077 (GCVE-0-2020-11077)
Vulnerability from cvelistv5
Published
2020-05-22 14:55
Modified
2024-08-04 11:21
Severity ?
EPSS score ?
Summary
In Puma (RubyGem) before 4.3.5 and 3.12.6, a client could smuggle a request through a proxy, causing the proxy to send a response back to another unknown client. If the proxy uses persistent connections and the client adds another request in via HTTP pipelining, the proxy may mistake it as the first request's body. Puma, however, would see it as two requests, and when processing the second request, send back a response that the proxy does not expect. If the proxy has reused the persistent connection to Puma to send another request for a different client, the second response from the first client will be sent to the second client. This is a similar but different vulnerability from CVE-2020-11076. The problem has been fixed in Puma 3.12.6 and Puma 4.3.5.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T11:21:14.618Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/puma/puma/blob/master/History.md#434435-and-31253126--2020-05-22", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://github.com/puma/puma/security/advisories/GHSA-w64w-qqph-5gxm", }, { name: "openSUSE-SU-2020:0990", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00034.html", }, { name: "openSUSE-SU-2020:1001", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00038.html", }, { name: "FEDORA-2020-fe354f24e8", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SKIY5H67GJIGJL6SMFWFLUQQQR3EMVPR/", }, { name: "[debian-lts-announce] 20201007 [SECURITY] [DLA 2398-1] puma security update", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2020/10/msg00009.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "puma", vendor: "puma", versions: [ { status: "affected", version: "< 3.12.6", }, { status: "affected", version: ">= 4.0.0, < 4.3.5", }, ], }, ], descriptions: [ { lang: "en", value: "In Puma (RubyGem) before 4.3.5 and 3.12.6, a client could smuggle a request through a proxy, causing the proxy to send a response back to another unknown client. If the proxy uses persistent connections and the client adds another request in via HTTP pipelining, the proxy may mistake it as the first request's body. Puma, however, would see it as two requests, and when processing the second request, send back a response that the proxy does not expect. If the proxy has reused the persistent connection to Puma to send another request for a different client, the second response from the first client will be sent to the second client. This is a similar but different vulnerability from CVE-2020-11076. The problem has been fixed in Puma 3.12.6 and Puma 4.3.5.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.8, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-444", description: "CWE-444: Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2020-10-07T12:06:27", orgId: "a0819718-46f1-4df5-94e2-005712e83aaa", shortName: "GitHub_M", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://github.com/puma/puma/blob/master/History.md#434435-and-31253126--2020-05-22", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://github.com/puma/puma/security/advisories/GHSA-w64w-qqph-5gxm", }, { name: "openSUSE-SU-2020:0990", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00034.html", }, { name: "openSUSE-SU-2020:1001", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00038.html", }, { name: "FEDORA-2020-fe354f24e8", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SKIY5H67GJIGJL6SMFWFLUQQQR3EMVPR/", }, { name: "[debian-lts-announce] 20201007 [SECURITY] [DLA 2398-1] puma security update", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.debian.org/debian-lts-announce/2020/10/msg00009.html", }, ], source: { advisory: "GHSA-w64w-qqph-5gxm", discovery: "UNKNOWN", }, title: "HTTP Smuggling via Transfer-Encoding Header in Puma", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security-advisories@github.com", ID: "CVE-2020-11077", STATE: "PUBLIC", TITLE: "HTTP Smuggling via Transfer-Encoding Header in Puma", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "puma", version: { version_data: [ { version_value: "< 3.12.6", }, { version_value: ">= 4.0.0, < 4.3.5", }, ], }, }, ], }, vendor_name: "puma", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "In Puma (RubyGem) before 4.3.5 and 3.12.6, a client could smuggle a request through a proxy, causing the proxy to send a response back to another unknown client. If the proxy uses persistent connections and the client adds another request in via HTTP pipelining, the proxy may mistake it as the first request's body. Puma, however, would see it as two requests, and when processing the second request, send back a response that the proxy does not expect. If the proxy has reused the persistent connection to Puma to send another request for a different client, the second response from the first client will be sent to the second client. This is a similar but different vulnerability from CVE-2020-11076. The problem has been fixed in Puma 3.12.6 and Puma 4.3.5.", }, ], }, impact: { cvss: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.8, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-444: Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling')", }, ], }, ], }, references: { reference_data: [ { name: "https://github.com/puma/puma/blob/master/History.md#434435-and-31253126--2020-05-22", refsource: "MISC", url: "https://github.com/puma/puma/blob/master/History.md#434435-and-31253126--2020-05-22", }, { name: "https://github.com/puma/puma/security/advisories/GHSA-w64w-qqph-5gxm", refsource: "CONFIRM", url: "https://github.com/puma/puma/security/advisories/GHSA-w64w-qqph-5gxm", }, { name: "openSUSE-SU-2020:0990", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00034.html", }, { name: "openSUSE-SU-2020:1001", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00038.html", }, { name: "FEDORA-2020-fe354f24e8", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SKIY5H67GJIGJL6SMFWFLUQQQR3EMVPR/", }, { name: "[debian-lts-announce] 20201007 [SECURITY] [DLA 2398-1] puma security update", refsource: "MLIST", url: "https://lists.debian.org/debian-lts-announce/2020/10/msg00009.html", }, ], }, source: { advisory: "GHSA-w64w-qqph-5gxm", discovery: "UNKNOWN", }, }, }, }, cveMetadata: { assignerOrgId: "a0819718-46f1-4df5-94e2-005712e83aaa", assignerShortName: "GitHub_M", cveId: "CVE-2020-11077", datePublished: "2020-05-22T14:55:13", dateReserved: "2020-03-30T00:00:00", dateUpdated: "2024-08-04T11:21:14.618Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", "vulnerability-lookup:meta": { fkie_nvd: { configurations: "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:puma:puma:*:*:*:*:*:ruby:*:*\", \"versionStartIncluding\": \"3.0.0\", \"versionEndExcluding\": \"3.12.6\", \"matchCriteriaId\": \"94D6645C-59B2-466F-A147-B23EF284DEBA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:puma:puma:*:*:*:*:*:ruby:*:*\", \"versionStartIncluding\": \"4.0.0\", \"versionEndExcluding\": \"4.3.5\", \"matchCriteriaId\": \"916E4164-0951-4145-85D6-684EF781F13A\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E460AA51-FCDA-46B9-AE97-E6676AA5E194\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DEECE5FC-CACF-4496-A3E7-164736409252\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B620311B-34A3-48A6-82DF-6F078D7A4493\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:opensuse:leap:15.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B009C22E-30A4-4288-BCF6-C3E81DEAF45A\"}]}]}]", descriptions: "[{\"lang\": \"en\", \"value\": \"In Puma (RubyGem) before 4.3.5 and 3.12.6, a client could smuggle a request through a proxy, causing the proxy to send a response back to another unknown client. If the proxy uses persistent connections and the client adds another request in via HTTP pipelining, the proxy may mistake it as the first request's body. Puma, however, would see it as two requests, and when processing the second request, send back a response that the proxy does not expect. If the proxy has reused the persistent connection to Puma to send another request for a different client, the second response from the first client will be sent to the second client. This is a similar but different vulnerability from CVE-2020-11076. The problem has been fixed in Puma 3.12.6 and Puma 4.3.5.\"}, {\"lang\": \"es\", \"value\": \"En Puma (RubyGem) versiones anteriores a 4.3.5 y 3.12.6, un cliente podr\\u00eda hacer pasar sin autorizaci\\u00f3n una petici\\u00f3n por medio de un proxy, causando que el proxy env\\u00ede una respuesta a otro cliente desconocido. Si el proxy usa conexiones persistentes y el cliente agrega otra petici\\u00f3n por medio de la canalizaci\\u00f3n HTTP, el proxy puede confundirlo como el cuerpo de la primera petici\\u00f3n. Sin embargo, Puma lo ver\\u00eda como dos peticiones y, al procesar la segunda petici\\u00f3n, devolver\\u00eda una respuesta que el proxy no espera. Si el proxy ha reutilizado la conexi\\u00f3n persistente a Puma para enviar otra petici\\u00f3n para un cliente diferente, la segunda respuesta desde el primer cliente ser\\u00e1 enviada al segundo cliente. Esta es una vulnerabilidad similar pero diferente de CVE-2020-11076. El problema se ha corregido en Puma versi\\u00f3n 3.12.6 y Puma versi\\u00f3n 4.3.5.\"}]", id: "CVE-2020-11077", lastModified: "2024-11-21T04:56:44.220", metrics: "{\"cvssMetricV31\": [{\"source\": \"security-advisories@github.com\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N\", \"baseScore\": 6.8, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"CHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"NONE\"}, \"exploitabilityScore\": 2.2, \"impactScore\": 4.0}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N\", \"baseScore\": 7.5, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"NONE\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 3.6}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:N/I:P/A:N\", \"baseScore\": 5.0, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"NONE\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 10.0, \"impactScore\": 2.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}", published: "2020-05-22T15:15:11.507", references: "[{\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00034.html\", \"source\": \"security-advisories@github.com\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00038.html\", \"source\": \"security-advisories@github.com\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://github.com/puma/puma/blob/master/History.md#434435-and-31253126--2020-05-22\", \"source\": \"security-advisories@github.com\", \"tags\": [\"Release Notes\"]}, {\"url\": \"https://github.com/puma/puma/security/advisories/GHSA-w64w-qqph-5gxm\", \"source\": \"security-advisories@github.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2020/10/msg00009.html\", \"source\": \"security-advisories@github.com\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SKIY5H67GJIGJL6SMFWFLUQQQR3EMVPR/\", \"source\": \"security-advisories@github.com\"}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00034.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00038.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://github.com/puma/puma/blob/master/History.md#434435-and-31253126--2020-05-22\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Release Notes\"]}, {\"url\": \"https://github.com/puma/puma/security/advisories/GHSA-w64w-qqph-5gxm\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2020/10/msg00009.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SKIY5H67GJIGJL6SMFWFLUQQQR3EMVPR/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]", sourceIdentifier: "security-advisories@github.com", vulnStatus: "Modified", weaknesses: "[{\"source\": \"security-advisories@github.com\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-444\"}]}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-444\"}]}]", }, nvd: "{\"cve\":{\"id\":\"CVE-2020-11077\",\"sourceIdentifier\":\"security-advisories@github.com\",\"published\":\"2020-05-22T15:15:11.507\",\"lastModified\":\"2024-11-21T04:56:44.220\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In Puma (RubyGem) before 4.3.5 and 3.12.6, a client could smuggle a request through a proxy, causing the proxy to send a response back to another unknown client. If the proxy uses persistent connections and the client adds another request in via HTTP pipelining, the proxy may mistake it as the first request's body. Puma, however, would see it as two requests, and when processing the second request, send back a response that the proxy does not expect. If the proxy has reused the persistent connection to Puma to send another request for a different client, the second response from the first client will be sent to the second client. This is a similar but different vulnerability from CVE-2020-11076. The problem has been fixed in Puma 3.12.6 and Puma 4.3.5.\"},{\"lang\":\"es\",\"value\":\"En Puma (RubyGem) versiones anteriores a 4.3.5 y 3.12.6, un cliente podría hacer pasar sin autorización una petición por medio de un proxy, causando que el proxy envíe una respuesta a otro cliente desconocido. Si el proxy usa conexiones persistentes y el cliente agrega otra petición por medio de la canalización HTTP, el proxy puede confundirlo como el cuerpo de la primera petición. Sin embargo, Puma lo vería como dos peticiones y, al procesar la segunda petición, devolvería una respuesta que el proxy no espera. Si el proxy ha reutilizado la conexión persistente a Puma para enviar otra petición para un cliente diferente, la segunda respuesta desde el primer cliente será enviada al segundo cliente. Esta es una vulnerabilidad similar pero diferente de CVE-2020-11076. El problema se ha corregido en Puma versión 3.12.6 y Puma versión 4.3.5.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N\",\"baseScore\":6.8,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.2,\"impactScore\":4.0},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:N/I:P/A:N\",\"baseScore\":5.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-444\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-444\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:puma:puma:*:*:*:*:*:ruby:*:*\",\"versionStartIncluding\":\"3.0.0\",\"versionEndExcluding\":\"3.12.6\",\"matchCriteriaId\":\"94D6645C-59B2-466F-A147-B23EF284DEBA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:puma:puma:*:*:*:*:*:ruby:*:*\",\"versionStartIncluding\":\"4.0.0\",\"versionEndExcluding\":\"4.3.5\",\"matchCriteriaId\":\"916E4164-0951-4145-85D6-684EF781F13A\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E460AA51-FCDA-46B9-AE97-E6676AA5E194\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DEECE5FC-CACF-4496-A3E7-164736409252\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B620311B-34A3-48A6-82DF-6F078D7A4493\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:opensuse:leap:15.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B009C22E-30A4-4288-BCF6-C3E81DEAF45A\"}]}]}],\"references\":[{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00034.html\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00038.html\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/puma/puma/blob/master/History.md#434435-and-31253126--2020-05-22\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://github.com/puma/puma/security/advisories/GHSA-w64w-qqph-5gxm\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2020/10/msg00009.html\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SKIY5H67GJIGJL6SMFWFLUQQQR3EMVPR/\",\"source\":\"security-advisories@github.com\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00034.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00038.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/puma/puma/blob/master/History.md#434435-and-31253126--2020-05-22\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://github.com/puma/puma/security/advisories/GHSA-w64w-qqph-5gxm\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2020/10/msg00009.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SKIY5H67GJIGJL6SMFWFLUQQQR3EMVPR/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}", }, }
suse-su-2020:3147-1
Vulnerability from csaf_suse
Published
2020-11-04 10:02
Modified
2020-11-04 10:02
Summary
Security update for rmt-server
Notes
Title of the patch
Security update for rmt-server
Description of the patch
This update for rmt-server fixes the following issues:
- Version 2.6.5
- Solved potential bug of SCC repository URLs changing over time. RMT
now self heals by removing the previous invalid repository and
creating the correct one.
- Version 2.6.4
- Add web server settings to /etc/rmt.conf:
Now it's possible to configure the minimum and maximum threads count as well
the number of web server workers to be booted through /etc/rmt.conf.
- Version 2.6.3
- Instead of using an MD5 of URLs for custom repository friendly_ids,
RMT now builds an ID from the name.
- Version 2.6.2
- Fix RMT file caching based on timestamps:
Previously, RMT sent GET requests with the header 'If-Modified-Since' to a
repository server and if the response had a 304 (Not Modified), it would copy
a file from the local cache instead of downloading. However, if the local file
timestamp accidentally changed to a date newer than the one on the repository
server, RMT would have an outdated file, which caused some errors.
Now, RMT makes HEAD requests to the repositories servers and inspect the
'Last-Modified' header to decide whether to download a file or copy it from
cache, by comparing the equalness of timestamps.
- Version 2.6.1
- Fixed an issue where relative paths supplied to `rmt-cli import repos`
caused the command to fail.
- Version 2.6.0
- Friendlier IDs for custom repositories:
In an effort to simplify the handling of SCC and custom repositories,
RMT now has friendly IDs. For SCC repositories, it's the same SCC ID
as before. For custom repositories, it can either be user provided
or RMT generated (MD5 of the provided URL).
Benefits:
* `rmt-cli mirror repositories` now works for custom repositories.
* Custom repository IDs can be the same across RMT instances.
* No more confusing 'SCC ID' vs 'ID' in `rmt-cli` output.
Deprecation Warnings:
* RMT now uses a different ID for custom repositories than before.
RMT still supports that old ID, but it's recommended to start
using the new ID to ensure future compatibility.
- Version 2.5.20
- Updated rails from 6.0.3.2 to 6.0.3.3:
- actionview (CVE-2020-15169)
- Version 2.5.19
- RMT now has the ability to remove local systems with the command
`rmt-cli systems remove`.
- Version 2.5.18
- Fixed exit code for `rmt-cli mirror` and its subcommands. Now it exits with 1
whenever an error occurrs during mirroring
- Improved message logging for `rtm-cli mirror`. Instead of logging an error
when it occurs, the command summarize all errors at the end of execution. Now
log messages have colors to better identify failure/success.
- Version 2.5.17
- RMT no longer provides the installer updates repository to systems via its
zypper service. This repository is used during the installation process, as
it provides an up-to-date installation experience, but it has no use on an
already installed system.
- Version 2.5.16
- Updated RMT's rails and puma dependencies.
- puma (CVE-2020-11076, CVE-2020-11077, CVE-2020-5249, CVE-2020-5247
CVE-2019-16770)
- actionpack (CVE-2020-8185, CVE-2020-8164, CVE-2020-8166)
- actionview (CVE-2020-8167, CVE-2020-5267, CVE-2019-5418, CVE-2019-5419)
- activesupport (CVE-2020-8165)
- railties (CVE-2019-5420)
- Version 2.5.15
- RMT now checks if repositories are fully mirrored during the
activation process. Previously, RMT only checked if the repositories
were enabled to be mirrored, but not that they were actually mirrored.
In this case, RMTs were not able to provide the repository data which
systems assumed it had.
- Version 2.5.14
- Enable 'Installer-Updates' repositories by default
- Fixed deprecation warning when thor encountered an error. Also,
instead of returning 0 for thor errors, rmt-cli will return 1
instead.
- Version 2.5.13
- Added `rmt-cli repos clean` command to remove locally mirrored files
of repositories which are not marked to be mirrored.
- Previously, RMT didn't track deduplicated files in its database. Now,
to accommodate `rmt-cli repos clean`, RMT will track all mirrored
files.
- Move the nginx reload to the configuration package which contain
nginx config files, don't reload nginx unconditionally from main
package.
- Version 2.5.12
- Update rack to version 2.2.3 (CVE-2020-8184: bsc#1173351)
- Update Rails to version 5.2.4.3:
- actionpack (CVE-2020-8164: bsc#1172177)
- actionpack (CVE-2020-8166: bsc#1172182)
- activesupport (CVE-2020-8165: bsc#1172186)
- actionview (CVE-2020-8167: bsc#1172184)
- Version 2.5.11
- rmt-server-pubcloud:
- SLES11 EOL
- Extension activation verification based on the available subscriptions
- Added a manual instance verification script
- Version 2.5.10
- Support rmt-server to run with Ruby 2.7 (Factory/Tumbleweed):
- Bump gem 'config' version from 1.7.2 to 2.2.1 to fix incompatibility Ruby
2.7 OpenStruct class;
- Bump gem 'typhoeus' version from 1.3.1 to 1.4.0 in order to also bump gem
'ethon' version, which caused a 'rb_safe_level' warning on Ruby 2.7;
- Fix 'last arg as keyword arg' Ruby 2.7 warning on source code;
- Disable 'deprecated' warnings from Ruby 2.7; Rails 5.1 generates a lot of
warnings with Ruby 2.7, mainly due to 'capturing the given block with
Proc.new', which is deprecated;
- Improve RPM spec to consider only the distribution default Ruby version
configured in OBS;
- Improve RPM spec to remove Ruby 2.7 warnings regarding 'bundler.
- Move nginx/vhosts.d directory to correct sub-package. They
are needed together with nginx, not rmt-server.
- Fix dependencies especially for containerized usage:
- mariadb and nginx are not hard requires, could run on another host
- Fix generic dependencies:
- systemd ordering was missing
- shadow is required for pre-install
- Version 2.5.9
- rmt-server-pubcloud: enforce strict authentication
- Version 2.5.8
- Use repomd_parser gem to remove repository metadata parsing code.
Patchnames
SUSE-2020-3147,SUSE-SLE-Product-HPC-15-2020-3147,SUSE-SLE-Product-SLES-15-2020-3147,SUSE-SLE-Product-SLES_SAP-15-2020-3147
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Security update for rmt-server", title: "Title of the patch", }, { category: "description", text: "This update for rmt-server fixes the following issues:\n\n- Version 2.6.5\n- Solved potential bug of SCC repository URLs changing over time. RMT\n now self heals by removing the previous invalid repository and\n creating the correct one.\n\n- Version 2.6.4\n- Add web server settings to /etc/rmt.conf:\n Now it's possible to configure the minimum and maximum threads count as well\n the number of web server workers to be booted through /etc/rmt.conf.\n\n- Version 2.6.3\n- Instead of using an MD5 of URLs for custom repository friendly_ids,\n RMT now builds an ID from the name.\n\n- Version 2.6.2\n- Fix RMT file caching based on timestamps:\n Previously, RMT sent GET requests with the header 'If-Modified-Since' to a\n repository server and if the response had a 304 (Not Modified), it would copy\n a file from the local cache instead of downloading. However, if the local file\n timestamp accidentally changed to a date newer than the one on the repository\n server, RMT would have an outdated file, which caused some errors.\n Now, RMT makes HEAD requests to the repositories servers and inspect the\n 'Last-Modified' header to decide whether to download a file or copy it from\n cache, by comparing the equalness of timestamps.\n \n\n- Version 2.6.1\n- Fixed an issue where relative paths supplied to `rmt-cli import repos`\n caused the command to fail.\n\n- Version 2.6.0\n- Friendlier IDs for custom repositories:\n In an effort to simplify the handling of SCC and custom repositories,\n RMT now has friendly IDs. For SCC repositories, it's the same SCC ID\n as before. For custom repositories, it can either be user provided\n or RMT generated (MD5 of the provided URL).\n Benefits:\n * `rmt-cli mirror repositories` now works for custom repositories.\n * Custom repository IDs can be the same across RMT instances.\n * No more confusing 'SCC ID' vs 'ID' in `rmt-cli` output.\n Deprecation Warnings:\n * RMT now uses a different ID for custom repositories than before.\n RMT still supports that old ID, but it's recommended to start\n using the new ID to ensure future compatibility.\n\n- Version 2.5.20\n- Updated rails from 6.0.3.2 to 6.0.3.3:\n - actionview (CVE-2020-15169)\n\n- Version 2.5.19\n- RMT now has the ability to remove local systems with the command\n `rmt-cli systems remove`.\n\n- Version 2.5.18\n- Fixed exit code for `rmt-cli mirror` and its subcommands. Now it exits with 1\n whenever an error occurrs during mirroring\n- Improved message logging for `rtm-cli mirror`. Instead of logging an error\n when it occurs, the command summarize all errors at the end of execution. Now\n log messages have colors to better identify failure/success.\n\n- Version 2.5.17\n- RMT no longer provides the installer updates repository to systems via its\n zypper service. This repository is used during the installation process, as\n it provides an up-to-date installation experience, but it has no use on an\n already installed system.\n\n- Version 2.5.16\n- Updated RMT's rails and puma dependencies.\n - puma (CVE-2020-11076, CVE-2020-11077, CVE-2020-5249, CVE-2020-5247\n CVE-2019-16770)\n - actionpack (CVE-2020-8185, CVE-2020-8164, CVE-2020-8166)\n - actionview (CVE-2020-8167, CVE-2020-5267, CVE-2019-5418, CVE-2019-5419)\n - activesupport (CVE-2020-8165)\n - railties (CVE-2019-5420)\n\n- Version 2.5.15\n- RMT now checks if repositories are fully mirrored during the\n activation process. Previously, RMT only checked if the repositories\n were enabled to be mirrored, but not that they were actually mirrored.\n In this case, RMTs were not able to provide the repository data which\n systems assumed it had.\n\n- Version 2.5.14\n- Enable 'Installer-Updates' repositories by default\n\n- Fixed deprecation warning when thor encountered an error. Also,\n instead of returning 0 for thor errors, rmt-cli will return 1\n instead.\n\n- Version 2.5.13\n- Added `rmt-cli repos clean` command to remove locally mirrored files\n of repositories which are not marked to be mirrored.\n- Previously, RMT didn't track deduplicated files in its database. Now,\n to accommodate `rmt-cli repos clean`, RMT will track all mirrored\n files.\n\n- Move the nginx reload to the configuration package which contain\n nginx config files, don't reload nginx unconditionally from main\n package.\n\n- Version 2.5.12\n- Update rack to version 2.2.3 (CVE-2020-8184: bsc#1173351)\n- Update Rails to version 5.2.4.3:\n - actionpack (CVE-2020-8164: bsc#1172177)\n - actionpack (CVE-2020-8166: bsc#1172182)\n - activesupport (CVE-2020-8165: bsc#1172186)\n - actionview (CVE-2020-8167: bsc#1172184)\n\n- Version 2.5.11\n- rmt-server-pubcloud:\n - SLES11 EOL\n - Extension activation verification based on the available subscriptions\n - Added a manual instance verification script\n\n- Version 2.5.10\n- Support rmt-server to run with Ruby 2.7 (Factory/Tumbleweed):\n - Bump gem 'config' version from 1.7.2 to 2.2.1 to fix incompatibility Ruby\n 2.7 OpenStruct class;\n - Bump gem 'typhoeus' version from 1.3.1 to 1.4.0 in order to also bump gem\n 'ethon' version, which caused a 'rb_safe_level' warning on Ruby 2.7;\n - Fix 'last arg as keyword arg' Ruby 2.7 warning on source code;\n - Disable 'deprecated' warnings from Ruby 2.7; Rails 5.1 generates a lot of\n warnings with Ruby 2.7, mainly due to 'capturing the given block with\n Proc.new', which is deprecated;\n - Improve RPM spec to consider only the distribution default Ruby version\n configured in OBS;\n - Improve RPM spec to remove Ruby 2.7 warnings regarding 'bundler.\n\n- Move nginx/vhosts.d directory to correct sub-package. They\n are needed together with nginx, not rmt-server.\n- Fix dependencies especially for containerized usage:\n - mariadb and nginx are not hard requires, could run on another host\n- Fix generic dependencies:\n - systemd ordering was missing\n - shadow is required for pre-install\n\n- Version 2.5.9\n- rmt-server-pubcloud: enforce strict authentication\n\n- Version 2.5.8\n- Use repomd_parser gem to remove repository metadata parsing code.\n", title: "Description of the patch", }, { category: "details", text: "SUSE-2020-3147,SUSE-SLE-Product-HPC-15-2020-3147,SUSE-SLE-Product-SLES-15-2020-3147,SUSE-SLE-Product-SLES_SAP-15-2020-3147", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2020_3147-1.json", }, { category: "self", summary: "URL for SUSE-SU-2020:3147-1", url: "https://www.suse.com/support/update/announcement/2020/suse-su-20203147-1/", }, { category: "self", summary: "E-Mail link for SUSE-SU-2020:3147-1", url: "https://lists.suse.com/pipermail/sle-security-updates/2020-November/007691.html", }, { category: "self", summary: "SUSE Bug 1172177", url: "https://bugzilla.suse.com/1172177", }, { category: "self", summary: "SUSE Bug 1172182", url: "https://bugzilla.suse.com/1172182", }, { category: "self", summary: "SUSE Bug 1172184", url: "https://bugzilla.suse.com/1172184", }, { category: "self", summary: "SUSE Bug 1172186", url: "https://bugzilla.suse.com/1172186", }, { category: "self", summary: "SUSE Bug 1173351", url: "https://bugzilla.suse.com/1173351", }, { category: "self", summary: "SUSE CVE CVE-2019-16770 page", url: "https://www.suse.com/security/cve/CVE-2019-16770/", }, { category: "self", summary: "SUSE CVE CVE-2019-5418 page", url: "https://www.suse.com/security/cve/CVE-2019-5418/", }, { category: "self", summary: "SUSE CVE CVE-2019-5419 page", url: "https://www.suse.com/security/cve/CVE-2019-5419/", }, { category: "self", summary: "SUSE CVE CVE-2019-5420 page", url: "https://www.suse.com/security/cve/CVE-2019-5420/", }, { category: "self", summary: "SUSE CVE CVE-2020-11076 page", url: "https://www.suse.com/security/cve/CVE-2020-11076/", }, { category: "self", summary: "SUSE CVE CVE-2020-11077 page", url: "https://www.suse.com/security/cve/CVE-2020-11077/", }, { category: "self", summary: "SUSE CVE CVE-2020-15169 page", url: "https://www.suse.com/security/cve/CVE-2020-15169/", }, { category: "self", summary: "SUSE CVE CVE-2020-5247 page", url: "https://www.suse.com/security/cve/CVE-2020-5247/", }, { category: "self", summary: "SUSE CVE CVE-2020-5249 page", url: "https://www.suse.com/security/cve/CVE-2020-5249/", }, { category: "self", summary: "SUSE CVE CVE-2020-5267 page", url: "https://www.suse.com/security/cve/CVE-2020-5267/", }, { category: "self", summary: "SUSE CVE CVE-2020-8164 page", url: "https://www.suse.com/security/cve/CVE-2020-8164/", }, { category: "self", summary: "SUSE CVE CVE-2020-8165 page", url: "https://www.suse.com/security/cve/CVE-2020-8165/", }, { category: "self", summary: "SUSE CVE CVE-2020-8166 page", url: "https://www.suse.com/security/cve/CVE-2020-8166/", }, { category: "self", summary: "SUSE CVE CVE-2020-8167 page", url: "https://www.suse.com/security/cve/CVE-2020-8167/", }, { category: "self", summary: "SUSE CVE CVE-2020-8184 page", url: "https://www.suse.com/security/cve/CVE-2020-8184/", }, { category: "self", summary: "SUSE CVE CVE-2020-8185 page", url: "https://www.suse.com/security/cve/CVE-2020-8185/", }, ], title: "Security update for rmt-server", tracking: { current_release_date: "2020-11-04T10:02:46Z", generator: { date: "2020-11-04T10:02:46Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "SUSE-SU-2020:3147-1", initial_release_date: "2020-11-04T10:02:46Z", revision_history: [ { date: "2020-11-04T10:02:46Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "rmt-server-2.6.5-3.34.1.aarch64", product: { name: "rmt-server-2.6.5-3.34.1.aarch64", product_id: "rmt-server-2.6.5-3.34.1.aarch64", }, }, { category: "product_version", name: "rmt-server-config-2.6.5-3.34.1.aarch64", product: { name: "rmt-server-config-2.6.5-3.34.1.aarch64", product_id: "rmt-server-config-2.6.5-3.34.1.aarch64", }, }, { category: "product_version", name: "rmt-server-pubcloud-2.6.5-3.34.1.aarch64", product: { name: "rmt-server-pubcloud-2.6.5-3.34.1.aarch64", product_id: "rmt-server-pubcloud-2.6.5-3.34.1.aarch64", }, }, ], category: "architecture", name: "aarch64", }, { branches: [ { category: "product_version", name: "rmt-server-2.6.5-3.34.1.ppc64le", product: { name: "rmt-server-2.6.5-3.34.1.ppc64le", product_id: "rmt-server-2.6.5-3.34.1.ppc64le", }, }, { category: "product_version", name: "rmt-server-config-2.6.5-3.34.1.ppc64le", product: { name: "rmt-server-config-2.6.5-3.34.1.ppc64le", product_id: "rmt-server-config-2.6.5-3.34.1.ppc64le", }, }, { category: "product_version", name: "rmt-server-pubcloud-2.6.5-3.34.1.ppc64le", product: { name: "rmt-server-pubcloud-2.6.5-3.34.1.ppc64le", product_id: "rmt-server-pubcloud-2.6.5-3.34.1.ppc64le", }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "rmt-server-2.6.5-3.34.1.s390x", product: { name: "rmt-server-2.6.5-3.34.1.s390x", product_id: "rmt-server-2.6.5-3.34.1.s390x", }, }, { category: "product_version", name: "rmt-server-config-2.6.5-3.34.1.s390x", product: { name: "rmt-server-config-2.6.5-3.34.1.s390x", product_id: "rmt-server-config-2.6.5-3.34.1.s390x", }, }, { category: "product_version", name: "rmt-server-pubcloud-2.6.5-3.34.1.s390x", product: { name: "rmt-server-pubcloud-2.6.5-3.34.1.s390x", product_id: "rmt-server-pubcloud-2.6.5-3.34.1.s390x", }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "rmt-server-2.6.5-3.34.1.x86_64", product: { name: "rmt-server-2.6.5-3.34.1.x86_64", product_id: "rmt-server-2.6.5-3.34.1.x86_64", }, }, { category: "product_version", name: "rmt-server-config-2.6.5-3.34.1.x86_64", product: { name: "rmt-server-config-2.6.5-3.34.1.x86_64", product_id: "rmt-server-config-2.6.5-3.34.1.x86_64", }, }, { category: "product_version", name: "rmt-server-pubcloud-2.6.5-3.34.1.x86_64", product: { name: "rmt-server-pubcloud-2.6.5-3.34.1.x86_64", product_id: "rmt-server-pubcloud-2.6.5-3.34.1.x86_64", }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_name", name: "SUSE Linux Enterprise High Performance Computing 15-ESPOS", product: { name: "SUSE Linux Enterprise High Performance Computing 15-ESPOS", product_id: "SUSE Linux Enterprise High Performance Computing 15-ESPOS", product_identification_helper: { cpe: "cpe:/o:suse:sle_hpc-espos:15", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise High Performance Computing 15-LTSS", product: { name: "SUSE Linux Enterprise High Performance Computing 15-LTSS", product_id: "SUSE Linux Enterprise High Performance Computing 15-LTSS", product_identification_helper: { cpe: "cpe:/o:suse:sle_hpc-ltss:15", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Server 15-LTSS", product: { name: "SUSE Linux Enterprise Server 15-LTSS", product_id: "SUSE Linux Enterprise Server 15-LTSS", product_identification_helper: { cpe: "cpe:/o:suse:sles-ltss:15", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Server for SAP Applications 15", product: { name: "SUSE Linux Enterprise Server for SAP Applications 15", product_id: "SUSE Linux Enterprise Server for SAP Applications 15", product_identification_helper: { cpe: "cpe:/o:suse:sles_sap:15", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "rmt-server-2.6.5-3.34.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15-ESPOS", product_id: "SUSE Linux Enterprise High Performance Computing 15-ESPOS:rmt-server-2.6.5-3.34.1.aarch64", }, product_reference: "rmt-server-2.6.5-3.34.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15-ESPOS", }, { category: "default_component_of", full_product_name: { name: "rmt-server-2.6.5-3.34.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15-ESPOS", product_id: "SUSE Linux Enterprise High Performance Computing 15-ESPOS:rmt-server-2.6.5-3.34.1.x86_64", }, product_reference: "rmt-server-2.6.5-3.34.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15-ESPOS", }, { category: "default_component_of", full_product_name: { name: "rmt-server-config-2.6.5-3.34.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15-ESPOS", product_id: "SUSE Linux Enterprise High Performance Computing 15-ESPOS:rmt-server-config-2.6.5-3.34.1.aarch64", }, product_reference: "rmt-server-config-2.6.5-3.34.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15-ESPOS", }, { category: "default_component_of", full_product_name: { name: "rmt-server-config-2.6.5-3.34.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15-ESPOS", product_id: "SUSE Linux Enterprise High Performance Computing 15-ESPOS:rmt-server-config-2.6.5-3.34.1.x86_64", }, product_reference: "rmt-server-config-2.6.5-3.34.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15-ESPOS", }, { category: "default_component_of", full_product_name: { name: "rmt-server-2.6.5-3.34.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15-LTSS", product_id: "SUSE Linux Enterprise High Performance Computing 15-LTSS:rmt-server-2.6.5-3.34.1.aarch64", }, product_reference: "rmt-server-2.6.5-3.34.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15-LTSS", }, { category: "default_component_of", full_product_name: { name: "rmt-server-2.6.5-3.34.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15-LTSS", product_id: "SUSE Linux Enterprise High Performance Computing 15-LTSS:rmt-server-2.6.5-3.34.1.x86_64", }, product_reference: "rmt-server-2.6.5-3.34.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15-LTSS", }, { category: "default_component_of", full_product_name: { name: "rmt-server-config-2.6.5-3.34.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15-LTSS", product_id: "SUSE Linux Enterprise High Performance Computing 15-LTSS:rmt-server-config-2.6.5-3.34.1.aarch64", }, product_reference: "rmt-server-config-2.6.5-3.34.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15-LTSS", }, { category: "default_component_of", full_product_name: { name: "rmt-server-config-2.6.5-3.34.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15-LTSS", product_id: "SUSE Linux Enterprise High Performance Computing 15-LTSS:rmt-server-config-2.6.5-3.34.1.x86_64", }, product_reference: "rmt-server-config-2.6.5-3.34.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15-LTSS", }, { category: "default_component_of", full_product_name: { name: "rmt-server-2.6.5-3.34.1.aarch64 as component of SUSE Linux Enterprise Server 15-LTSS", product_id: "SUSE Linux Enterprise Server 15-LTSS:rmt-server-2.6.5-3.34.1.aarch64", }, product_reference: "rmt-server-2.6.5-3.34.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Server 15-LTSS", }, { category: "default_component_of", full_product_name: { name: "rmt-server-2.6.5-3.34.1.ppc64le as component of SUSE Linux Enterprise Server 15-LTSS", product_id: "SUSE Linux Enterprise Server 15-LTSS:rmt-server-2.6.5-3.34.1.ppc64le", }, product_reference: "rmt-server-2.6.5-3.34.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server 15-LTSS", }, { category: "default_component_of", full_product_name: { name: "rmt-server-2.6.5-3.34.1.s390x as component of SUSE Linux Enterprise Server 15-LTSS", product_id: "SUSE Linux Enterprise Server 15-LTSS:rmt-server-2.6.5-3.34.1.s390x", }, product_reference: "rmt-server-2.6.5-3.34.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 15-LTSS", }, { category: "default_component_of", full_product_name: { name: "rmt-server-2.6.5-3.34.1.x86_64 as component of SUSE Linux Enterprise Server 15-LTSS", product_id: "SUSE Linux Enterprise Server 15-LTSS:rmt-server-2.6.5-3.34.1.x86_64", }, product_reference: "rmt-server-2.6.5-3.34.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 15-LTSS", }, { category: "default_component_of", full_product_name: { name: "rmt-server-config-2.6.5-3.34.1.aarch64 as component of SUSE Linux Enterprise Server 15-LTSS", product_id: "SUSE Linux Enterprise Server 15-LTSS:rmt-server-config-2.6.5-3.34.1.aarch64", }, product_reference: "rmt-server-config-2.6.5-3.34.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Server 15-LTSS", }, { category: "default_component_of", full_product_name: { name: "rmt-server-config-2.6.5-3.34.1.ppc64le as component of SUSE Linux Enterprise Server 15-LTSS", product_id: "SUSE Linux Enterprise Server 15-LTSS:rmt-server-config-2.6.5-3.34.1.ppc64le", }, product_reference: "rmt-server-config-2.6.5-3.34.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server 15-LTSS", }, { category: "default_component_of", full_product_name: { name: "rmt-server-config-2.6.5-3.34.1.s390x as component of SUSE Linux Enterprise Server 15-LTSS", product_id: "SUSE Linux Enterprise Server 15-LTSS:rmt-server-config-2.6.5-3.34.1.s390x", }, product_reference: "rmt-server-config-2.6.5-3.34.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 15-LTSS", }, { category: "default_component_of", full_product_name: { name: "rmt-server-config-2.6.5-3.34.1.x86_64 as component of SUSE Linux Enterprise Server 15-LTSS", product_id: "SUSE Linux Enterprise Server 15-LTSS:rmt-server-config-2.6.5-3.34.1.x86_64", }, product_reference: "rmt-server-config-2.6.5-3.34.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 15-LTSS", }, { category: "default_component_of", full_product_name: { name: "rmt-server-2.6.5-3.34.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15", product_id: "SUSE Linux Enterprise Server for SAP Applications 15:rmt-server-2.6.5-3.34.1.ppc64le", }, product_reference: "rmt-server-2.6.5-3.34.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 15", }, { category: "default_component_of", full_product_name: { name: "rmt-server-2.6.5-3.34.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15", product_id: "SUSE Linux Enterprise Server for SAP Applications 15:rmt-server-2.6.5-3.34.1.x86_64", }, product_reference: "rmt-server-2.6.5-3.34.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 15", }, { category: "default_component_of", full_product_name: { name: "rmt-server-config-2.6.5-3.34.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15", product_id: "SUSE Linux Enterprise Server for SAP Applications 15:rmt-server-config-2.6.5-3.34.1.ppc64le", }, product_reference: "rmt-server-config-2.6.5-3.34.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 15", }, { category: "default_component_of", full_product_name: { name: "rmt-server-config-2.6.5-3.34.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15", product_id: "SUSE Linux Enterprise Server for SAP Applications 15:rmt-server-config-2.6.5-3.34.1.x86_64", }, product_reference: "rmt-server-config-2.6.5-3.34.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 15", }, ], }, vulnerabilities: [ { cve: "CVE-2019-16770", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-16770", }, ], notes: [ { category: "general", text: "In Puma before versions 3.12.2 and 4.3.1, a poorly-behaved client could use keepalive requests to monopolize Puma's reactor and create a denial of service attack. If more keepalive connections to Puma are opened than there are threads available, additional connections will wait permanently if the attacker sends requests frequently enough. This vulnerability is patched in Puma 4.3.1 and 3.12.2.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise High Performance Computing 15-ESPOS:rmt-server-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:rmt-server-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:rmt-server-config-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:rmt-server-config-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:rmt-server-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:rmt-server-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:rmt-server-config-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:rmt-server-config-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-2.6.5-3.34.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-2.6.5-3.34.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-config-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-config-2.6.5-3.34.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-config-2.6.5-3.34.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-config-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:rmt-server-2.6.5-3.34.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:rmt-server-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:rmt-server-config-2.6.5-3.34.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:rmt-server-config-2.6.5-3.34.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-16770", url: "https://www.suse.com/security/cve/CVE-2019-16770", }, { category: "external", summary: "SUSE Bug 1158675 for CVE-2019-16770", url: "https://bugzilla.suse.com/1158675", }, { category: "external", summary: "SUSE Bug 1188527 for CVE-2019-16770", url: "https://bugzilla.suse.com/1188527", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise High Performance Computing 15-ESPOS:rmt-server-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:rmt-server-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:rmt-server-config-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:rmt-server-config-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:rmt-server-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:rmt-server-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:rmt-server-config-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:rmt-server-config-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-2.6.5-3.34.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-2.6.5-3.34.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-config-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-config-2.6.5-3.34.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-config-2.6.5-3.34.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-config-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:rmt-server-2.6.5-3.34.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:rmt-server-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:rmt-server-config-2.6.5-3.34.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:rmt-server-config-2.6.5-3.34.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise High Performance Computing 15-ESPOS:rmt-server-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:rmt-server-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:rmt-server-config-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:rmt-server-config-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:rmt-server-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:rmt-server-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:rmt-server-config-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:rmt-server-config-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-2.6.5-3.34.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-2.6.5-3.34.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-config-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-config-2.6.5-3.34.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-config-2.6.5-3.34.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-config-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:rmt-server-2.6.5-3.34.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:rmt-server-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:rmt-server-config-2.6.5-3.34.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:rmt-server-config-2.6.5-3.34.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2020-11-04T10:02:46Z", details: "important", }, ], title: "CVE-2019-16770", }, { cve: "CVE-2019-5418", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-5418", }, ], notes: [ { category: "general", text: "There is a File Content Disclosure vulnerability in Action View <5.2.2.1, <5.1.6.2, <5.0.7.2, <4.2.11.1 and v3 where specially crafted accept headers can cause contents of arbitrary files on the target system's filesystem to be exposed.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise High Performance Computing 15-ESPOS:rmt-server-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:rmt-server-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:rmt-server-config-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:rmt-server-config-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:rmt-server-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:rmt-server-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:rmt-server-config-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:rmt-server-config-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-2.6.5-3.34.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-2.6.5-3.34.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-config-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-config-2.6.5-3.34.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-config-2.6.5-3.34.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-config-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:rmt-server-2.6.5-3.34.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:rmt-server-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:rmt-server-config-2.6.5-3.34.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:rmt-server-config-2.6.5-3.34.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-5418", url: "https://www.suse.com/security/cve/CVE-2019-5418", }, { category: "external", summary: "SUSE Bug 1129272 for CVE-2019-5418", url: "https://bugzilla.suse.com/1129272", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise High Performance Computing 15-ESPOS:rmt-server-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:rmt-server-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:rmt-server-config-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:rmt-server-config-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:rmt-server-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:rmt-server-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:rmt-server-config-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:rmt-server-config-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-2.6.5-3.34.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-2.6.5-3.34.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-config-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-config-2.6.5-3.34.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-config-2.6.5-3.34.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-config-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:rmt-server-2.6.5-3.34.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:rmt-server-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:rmt-server-config-2.6.5-3.34.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:rmt-server-config-2.6.5-3.34.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.0", }, products: [ "SUSE Linux Enterprise High Performance Computing 15-ESPOS:rmt-server-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:rmt-server-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:rmt-server-config-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:rmt-server-config-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:rmt-server-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:rmt-server-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:rmt-server-config-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:rmt-server-config-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-2.6.5-3.34.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-2.6.5-3.34.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-config-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-config-2.6.5-3.34.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-config-2.6.5-3.34.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-config-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:rmt-server-2.6.5-3.34.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:rmt-server-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:rmt-server-config-2.6.5-3.34.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:rmt-server-config-2.6.5-3.34.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2020-11-04T10:02:46Z", details: "moderate", }, ], title: "CVE-2019-5418", }, { cve: "CVE-2019-5419", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-5419", }, ], notes: [ { category: "general", text: "There is a possible denial of service vulnerability in Action View (Rails) <5.2.2.1, <5.1.6.2, <5.0.7.2, <4.2.11.1 where specially crafted accept headers can cause action view to consume 100% cpu and make the server unresponsive.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise High Performance Computing 15-ESPOS:rmt-server-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:rmt-server-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:rmt-server-config-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:rmt-server-config-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:rmt-server-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:rmt-server-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:rmt-server-config-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:rmt-server-config-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-2.6.5-3.34.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-2.6.5-3.34.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-config-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-config-2.6.5-3.34.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-config-2.6.5-3.34.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-config-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:rmt-server-2.6.5-3.34.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:rmt-server-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:rmt-server-config-2.6.5-3.34.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:rmt-server-config-2.6.5-3.34.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-5419", url: "https://www.suse.com/security/cve/CVE-2019-5419", }, { category: "external", summary: "SUSE Bug 1129271 for CVE-2019-5419", url: "https://bugzilla.suse.com/1129271", }, { category: "external", summary: "SUSE Bug 1203810 for CVE-2019-5419", url: "https://bugzilla.suse.com/1203810", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise High Performance Computing 15-ESPOS:rmt-server-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:rmt-server-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:rmt-server-config-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:rmt-server-config-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:rmt-server-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:rmt-server-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:rmt-server-config-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:rmt-server-config-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-2.6.5-3.34.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-2.6.5-3.34.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-config-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-config-2.6.5-3.34.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-config-2.6.5-3.34.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-config-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:rmt-server-2.6.5-3.34.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:rmt-server-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:rmt-server-config-2.6.5-3.34.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:rmt-server-config-2.6.5-3.34.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise High Performance Computing 15-ESPOS:rmt-server-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:rmt-server-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:rmt-server-config-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:rmt-server-config-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:rmt-server-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:rmt-server-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:rmt-server-config-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:rmt-server-config-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-2.6.5-3.34.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-2.6.5-3.34.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-config-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-config-2.6.5-3.34.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-config-2.6.5-3.34.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-config-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:rmt-server-2.6.5-3.34.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:rmt-server-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:rmt-server-config-2.6.5-3.34.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:rmt-server-config-2.6.5-3.34.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2020-11-04T10:02:46Z", details: "moderate", }, ], title: "CVE-2019-5419", }, { cve: "CVE-2019-5420", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-5420", }, ], notes: [ { category: "general", text: "A remote code execution vulnerability in development mode Rails <5.2.2.1, <6.0.0.beta3 can allow an attacker to guess the automatically generated development mode secret token. This secret token can be used in combination with other Rails internals to escalate to a remote code execution exploit.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise High Performance Computing 15-ESPOS:rmt-server-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:rmt-server-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:rmt-server-config-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:rmt-server-config-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:rmt-server-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:rmt-server-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:rmt-server-config-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:rmt-server-config-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-2.6.5-3.34.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-2.6.5-3.34.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-config-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-config-2.6.5-3.34.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-config-2.6.5-3.34.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-config-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:rmt-server-2.6.5-3.34.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:rmt-server-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:rmt-server-config-2.6.5-3.34.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:rmt-server-config-2.6.5-3.34.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-5420", url: "https://www.suse.com/security/cve/CVE-2019-5420", }, { category: "external", summary: "SUSE Bug 1129268 for CVE-2019-5420", url: "https://bugzilla.suse.com/1129268", }, { category: "external", summary: "SUSE Bug 1203810 for CVE-2019-5420", url: "https://bugzilla.suse.com/1203810", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise High Performance Computing 15-ESPOS:rmt-server-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:rmt-server-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:rmt-server-config-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:rmt-server-config-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:rmt-server-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:rmt-server-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:rmt-server-config-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:rmt-server-config-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-2.6.5-3.34.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-2.6.5-3.34.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-config-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-config-2.6.5-3.34.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-config-2.6.5-3.34.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-config-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:rmt-server-2.6.5-3.34.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:rmt-server-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:rmt-server-config-2.6.5-3.34.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:rmt-server-config-2.6.5-3.34.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.1, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise High Performance Computing 15-ESPOS:rmt-server-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:rmt-server-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:rmt-server-config-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:rmt-server-config-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:rmt-server-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:rmt-server-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:rmt-server-config-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:rmt-server-config-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-2.6.5-3.34.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-2.6.5-3.34.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-config-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-config-2.6.5-3.34.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-config-2.6.5-3.34.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-config-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:rmt-server-2.6.5-3.34.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:rmt-server-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:rmt-server-config-2.6.5-3.34.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:rmt-server-config-2.6.5-3.34.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2020-11-04T10:02:46Z", details: "important", }, ], title: "CVE-2019-5420", }, { cve: "CVE-2020-11076", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-11076", }, ], notes: [ { category: "general", text: "In Puma (RubyGem) before 4.3.4 and 3.12.5, an attacker could smuggle an HTTP response, by using an invalid transfer-encoding header. The problem has been fixed in Puma 3.12.5 and Puma 4.3.4.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise High Performance Computing 15-ESPOS:rmt-server-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:rmt-server-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:rmt-server-config-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:rmt-server-config-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:rmt-server-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:rmt-server-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:rmt-server-config-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:rmt-server-config-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-2.6.5-3.34.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-2.6.5-3.34.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-config-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-config-2.6.5-3.34.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-config-2.6.5-3.34.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-config-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:rmt-server-2.6.5-3.34.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:rmt-server-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:rmt-server-config-2.6.5-3.34.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:rmt-server-config-2.6.5-3.34.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-11076", url: "https://www.suse.com/security/cve/CVE-2020-11076", }, { category: "external", summary: "SUSE Bug 1172175 for CVE-2020-11076", url: "https://bugzilla.suse.com/1172175", }, { category: "external", summary: "SUSE Bug 1172176 for CVE-2020-11076", url: "https://bugzilla.suse.com/1172176", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise High Performance Computing 15-ESPOS:rmt-server-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:rmt-server-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:rmt-server-config-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:rmt-server-config-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:rmt-server-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:rmt-server-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:rmt-server-config-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:rmt-server-config-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-2.6.5-3.34.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-2.6.5-3.34.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-config-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-config-2.6.5-3.34.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-config-2.6.5-3.34.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-config-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:rmt-server-2.6.5-3.34.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:rmt-server-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:rmt-server-config-2.6.5-3.34.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:rmt-server-config-2.6.5-3.34.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.8, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N", version: "3.1", }, products: [ "SUSE Linux Enterprise High Performance Computing 15-ESPOS:rmt-server-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:rmt-server-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:rmt-server-config-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:rmt-server-config-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:rmt-server-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:rmt-server-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:rmt-server-config-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:rmt-server-config-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-2.6.5-3.34.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-2.6.5-3.34.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-config-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-config-2.6.5-3.34.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-config-2.6.5-3.34.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-config-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:rmt-server-2.6.5-3.34.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:rmt-server-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:rmt-server-config-2.6.5-3.34.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:rmt-server-config-2.6.5-3.34.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2020-11-04T10:02:46Z", details: "moderate", }, ], title: "CVE-2020-11076", }, { cve: "CVE-2020-11077", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-11077", }, ], notes: [ { category: "general", text: "In Puma (RubyGem) before 4.3.5 and 3.12.6, a client could smuggle a request through a proxy, causing the proxy to send a response back to another unknown client. If the proxy uses persistent connections and the client adds another request in via HTTP pipelining, the proxy may mistake it as the first request's body. Puma, however, would see it as two requests, and when processing the second request, send back a response that the proxy does not expect. If the proxy has reused the persistent connection to Puma to send another request for a different client, the second response from the first client will be sent to the second client. This is a similar but different vulnerability from CVE-2020-11076. The problem has been fixed in Puma 3.12.6 and Puma 4.3.5.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise High Performance Computing 15-ESPOS:rmt-server-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:rmt-server-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:rmt-server-config-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:rmt-server-config-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:rmt-server-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:rmt-server-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:rmt-server-config-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:rmt-server-config-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-2.6.5-3.34.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-2.6.5-3.34.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-config-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-config-2.6.5-3.34.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-config-2.6.5-3.34.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-config-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:rmt-server-2.6.5-3.34.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:rmt-server-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:rmt-server-config-2.6.5-3.34.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:rmt-server-config-2.6.5-3.34.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-11077", url: "https://www.suse.com/security/cve/CVE-2020-11077", }, { category: "external", summary: "SUSE Bug 1172175 for CVE-2020-11077", url: "https://bugzilla.suse.com/1172175", }, { category: "external", summary: "SUSE Bug 1172176 for CVE-2020-11077", url: "https://bugzilla.suse.com/1172176", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise High Performance Computing 15-ESPOS:rmt-server-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:rmt-server-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:rmt-server-config-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:rmt-server-config-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:rmt-server-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:rmt-server-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:rmt-server-config-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:rmt-server-config-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-2.6.5-3.34.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-2.6.5-3.34.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-config-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-config-2.6.5-3.34.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-config-2.6.5-3.34.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-config-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:rmt-server-2.6.5-3.34.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:rmt-server-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:rmt-server-config-2.6.5-3.34.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:rmt-server-config-2.6.5-3.34.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.8, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N", version: "3.1", }, products: [ "SUSE Linux Enterprise High Performance Computing 15-ESPOS:rmt-server-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:rmt-server-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:rmt-server-config-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:rmt-server-config-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:rmt-server-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:rmt-server-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:rmt-server-config-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:rmt-server-config-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-2.6.5-3.34.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-2.6.5-3.34.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-config-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-config-2.6.5-3.34.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-config-2.6.5-3.34.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-config-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:rmt-server-2.6.5-3.34.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:rmt-server-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:rmt-server-config-2.6.5-3.34.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:rmt-server-config-2.6.5-3.34.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2020-11-04T10:02:46Z", details: "moderate", }, ], title: "CVE-2020-11077", }, { cve: "CVE-2020-15169", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-15169", }, ], notes: [ { category: "general", text: "In Action View before versions 5.2.4.4 and 6.0.3.3 there is a potential Cross-Site Scripting (XSS) vulnerability in Action View's translation helpers. Views that allow the user to control the default (not found) value of the `t` and `translate` helpers could be susceptible to XSS attacks. When an HTML-unsafe string is passed as the default for a missing translation key named html or ending in _html, the default string is incorrectly marked as HTML-safe and not escaped. This is patched in versions 6.0.3.3 and 5.2.4.4. A workaround without upgrading is proposed in the source advisory.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise High Performance Computing 15-ESPOS:rmt-server-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:rmt-server-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:rmt-server-config-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:rmt-server-config-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:rmt-server-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:rmt-server-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:rmt-server-config-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:rmt-server-config-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-2.6.5-3.34.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-2.6.5-3.34.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-config-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-config-2.6.5-3.34.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-config-2.6.5-3.34.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-config-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:rmt-server-2.6.5-3.34.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:rmt-server-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:rmt-server-config-2.6.5-3.34.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:rmt-server-config-2.6.5-3.34.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-15169", url: "https://www.suse.com/security/cve/CVE-2020-15169", }, { category: "external", summary: "SUSE Bug 1176421 for CVE-2020-15169", url: "https://bugzilla.suse.com/1176421", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise High Performance Computing 15-ESPOS:rmt-server-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:rmt-server-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:rmt-server-config-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:rmt-server-config-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:rmt-server-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:rmt-server-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:rmt-server-config-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:rmt-server-config-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-2.6.5-3.34.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-2.6.5-3.34.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-config-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-config-2.6.5-3.34.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-config-2.6.5-3.34.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-config-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:rmt-server-2.6.5-3.34.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:rmt-server-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:rmt-server-config-2.6.5-3.34.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:rmt-server-config-2.6.5-3.34.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.4, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, products: [ "SUSE Linux Enterprise High Performance Computing 15-ESPOS:rmt-server-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:rmt-server-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:rmt-server-config-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:rmt-server-config-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:rmt-server-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:rmt-server-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:rmt-server-config-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:rmt-server-config-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-2.6.5-3.34.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-2.6.5-3.34.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-config-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-config-2.6.5-3.34.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-config-2.6.5-3.34.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-config-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:rmt-server-2.6.5-3.34.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:rmt-server-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:rmt-server-config-2.6.5-3.34.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:rmt-server-config-2.6.5-3.34.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2020-11-04T10:02:46Z", details: "important", }, ], title: "CVE-2020-15169", }, { cve: "CVE-2020-5247", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-5247", }, ], notes: [ { category: "general", text: "In Puma (RubyGem) before 4.3.2 and before 3.12.3, if an application using Puma allows untrusted input in a response header, an attacker can use newline characters (i.e. `CR`, `LF` or`/r`, `/n`) to end the header and inject malicious content, such as additional headers or an entirely new response body. This vulnerability is known as HTTP Response Splitting. While not an attack in itself, response splitting is a vector for several other attacks, such as cross-site scripting (XSS). This is related to CVE-2019-16254, which fixed this vulnerability for the WEBrick Ruby web server. This has been fixed in versions 4.3.2 and 3.12.3 by checking all headers for line endings and rejecting headers with those characters.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise High Performance Computing 15-ESPOS:rmt-server-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:rmt-server-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:rmt-server-config-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:rmt-server-config-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:rmt-server-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:rmt-server-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:rmt-server-config-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:rmt-server-config-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-2.6.5-3.34.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-2.6.5-3.34.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-config-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-config-2.6.5-3.34.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-config-2.6.5-3.34.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-config-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:rmt-server-2.6.5-3.34.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:rmt-server-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:rmt-server-config-2.6.5-3.34.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:rmt-server-config-2.6.5-3.34.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-5247", url: "https://www.suse.com/security/cve/CVE-2020-5247", }, { category: "external", summary: "SUSE Bug 1165402 for CVE-2020-5247", url: "https://bugzilla.suse.com/1165402", }, { category: "external", summary: "SUSE Bug 1165524 for CVE-2020-5247", url: "https://bugzilla.suse.com/1165524", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise High Performance Computing 15-ESPOS:rmt-server-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:rmt-server-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:rmt-server-config-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:rmt-server-config-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:rmt-server-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:rmt-server-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:rmt-server-config-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:rmt-server-config-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-2.6.5-3.34.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-2.6.5-3.34.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-config-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-config-2.6.5-3.34.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-config-2.6.5-3.34.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-config-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:rmt-server-2.6.5-3.34.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:rmt-server-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:rmt-server-config-2.6.5-3.34.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:rmt-server-config-2.6.5-3.34.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N", version: "3.1", }, products: [ "SUSE Linux Enterprise High Performance Computing 15-ESPOS:rmt-server-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:rmt-server-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:rmt-server-config-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:rmt-server-config-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:rmt-server-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:rmt-server-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:rmt-server-config-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:rmt-server-config-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-2.6.5-3.34.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-2.6.5-3.34.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-config-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-config-2.6.5-3.34.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-config-2.6.5-3.34.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-config-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:rmt-server-2.6.5-3.34.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:rmt-server-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:rmt-server-config-2.6.5-3.34.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:rmt-server-config-2.6.5-3.34.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2020-11-04T10:02:46Z", details: "moderate", }, ], title: "CVE-2020-5247", }, { cve: "CVE-2020-5249", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-5249", }, ], notes: [ { category: "general", text: "In Puma (RubyGem) before 4.3.3 and 3.12.4, if an application using Puma allows untrusted input in an early-hints header, an attacker can use a carriage return character to end the header and inject malicious content, such as additional headers or an entirely new response body. This vulnerability is known as HTTP Response Splitting. While not an attack in itself, response splitting is a vector for several other attacks, such as cross-site scripting (XSS). This is related to CVE-2020-5247, which fixed this vulnerability but only for regular responses. This has been fixed in 4.3.3 and 3.12.4.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise High Performance Computing 15-ESPOS:rmt-server-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:rmt-server-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:rmt-server-config-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:rmt-server-config-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:rmt-server-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:rmt-server-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:rmt-server-config-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:rmt-server-config-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-2.6.5-3.34.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-2.6.5-3.34.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-config-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-config-2.6.5-3.34.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-config-2.6.5-3.34.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-config-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:rmt-server-2.6.5-3.34.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:rmt-server-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:rmt-server-config-2.6.5-3.34.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:rmt-server-config-2.6.5-3.34.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-5249", url: "https://www.suse.com/security/cve/CVE-2020-5249", }, { category: "external", summary: "SUSE Bug 1165524 for CVE-2020-5249", url: "https://bugzilla.suse.com/1165524", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise High Performance Computing 15-ESPOS:rmt-server-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:rmt-server-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:rmt-server-config-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:rmt-server-config-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:rmt-server-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:rmt-server-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:rmt-server-config-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:rmt-server-config-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-2.6.5-3.34.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-2.6.5-3.34.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-config-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-config-2.6.5-3.34.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-config-2.6.5-3.34.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-config-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:rmt-server-2.6.5-3.34.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:rmt-server-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:rmt-server-config-2.6.5-3.34.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:rmt-server-config-2.6.5-3.34.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", version: "3.1", }, products: [ "SUSE Linux Enterprise High Performance Computing 15-ESPOS:rmt-server-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:rmt-server-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:rmt-server-config-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:rmt-server-config-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:rmt-server-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:rmt-server-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:rmt-server-config-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:rmt-server-config-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-2.6.5-3.34.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-2.6.5-3.34.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-config-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-config-2.6.5-3.34.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-config-2.6.5-3.34.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-config-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:rmt-server-2.6.5-3.34.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:rmt-server-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:rmt-server-config-2.6.5-3.34.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:rmt-server-config-2.6.5-3.34.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2020-11-04T10:02:46Z", details: "moderate", }, ], title: "CVE-2020-5249", }, { cve: "CVE-2020-5267", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-5267", }, ], notes: [ { category: "general", text: "In ActionView before versions 6.0.2.2 and 5.2.4.2, there is a possible XSS vulnerability in ActionView's JavaScript literal escape helpers. Views that use the `j` or `escape_javascript` methods may be susceptible to XSS attacks. The issue is fixed in versions 6.0.2.2 and 5.2.4.2.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise High Performance Computing 15-ESPOS:rmt-server-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:rmt-server-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:rmt-server-config-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:rmt-server-config-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:rmt-server-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:rmt-server-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:rmt-server-config-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:rmt-server-config-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-2.6.5-3.34.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-2.6.5-3.34.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-config-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-config-2.6.5-3.34.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-config-2.6.5-3.34.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-config-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:rmt-server-2.6.5-3.34.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:rmt-server-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:rmt-server-config-2.6.5-3.34.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:rmt-server-config-2.6.5-3.34.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-5267", url: "https://www.suse.com/security/cve/CVE-2020-5267", }, { category: "external", summary: "SUSE Bug 1167240 for CVE-2020-5267", url: "https://bugzilla.suse.com/1167240", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise High Performance Computing 15-ESPOS:rmt-server-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:rmt-server-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:rmt-server-config-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:rmt-server-config-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:rmt-server-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:rmt-server-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:rmt-server-config-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:rmt-server-config-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-2.6.5-3.34.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-2.6.5-3.34.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-config-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-config-2.6.5-3.34.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-config-2.6.5-3.34.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-config-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:rmt-server-2.6.5-3.34.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:rmt-server-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:rmt-server-config-2.6.5-3.34.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:rmt-server-config-2.6.5-3.34.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.8, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, products: [ "SUSE Linux Enterprise High Performance Computing 15-ESPOS:rmt-server-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:rmt-server-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:rmt-server-config-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:rmt-server-config-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:rmt-server-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:rmt-server-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:rmt-server-config-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:rmt-server-config-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-2.6.5-3.34.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-2.6.5-3.34.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-config-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-config-2.6.5-3.34.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-config-2.6.5-3.34.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-config-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:rmt-server-2.6.5-3.34.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:rmt-server-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:rmt-server-config-2.6.5-3.34.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:rmt-server-config-2.6.5-3.34.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2020-11-04T10:02:46Z", details: "moderate", }, ], title: "CVE-2020-5267", }, { cve: "CVE-2020-8164", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-8164", }, ], notes: [ { category: "general", text: "A deserialization of untrusted data vulnerability exists in rails < 5.2.4.3, rails < 6.0.3.1 which can allow an attacker to supply information can be inadvertently leaked fromStrong Parameters.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise High Performance Computing 15-ESPOS:rmt-server-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:rmt-server-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:rmt-server-config-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:rmt-server-config-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:rmt-server-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:rmt-server-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:rmt-server-config-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:rmt-server-config-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-2.6.5-3.34.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-2.6.5-3.34.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-config-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-config-2.6.5-3.34.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-config-2.6.5-3.34.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-config-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:rmt-server-2.6.5-3.34.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:rmt-server-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:rmt-server-config-2.6.5-3.34.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:rmt-server-config-2.6.5-3.34.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-8164", url: "https://www.suse.com/security/cve/CVE-2020-8164", }, { category: "external", summary: "SUSE Bug 1172177 for CVE-2020-8164", url: "https://bugzilla.suse.com/1172177", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise High Performance Computing 15-ESPOS:rmt-server-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:rmt-server-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:rmt-server-config-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:rmt-server-config-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:rmt-server-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:rmt-server-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:rmt-server-config-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:rmt-server-config-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-2.6.5-3.34.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-2.6.5-3.34.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-config-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-config-2.6.5-3.34.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-config-2.6.5-3.34.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-config-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:rmt-server-2.6.5-3.34.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:rmt-server-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:rmt-server-config-2.6.5-3.34.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:rmt-server-config-2.6.5-3.34.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "SUSE Linux Enterprise High Performance Computing 15-ESPOS:rmt-server-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:rmt-server-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:rmt-server-config-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:rmt-server-config-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:rmt-server-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:rmt-server-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:rmt-server-config-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:rmt-server-config-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-2.6.5-3.34.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-2.6.5-3.34.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-config-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-config-2.6.5-3.34.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-config-2.6.5-3.34.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-config-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:rmt-server-2.6.5-3.34.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:rmt-server-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:rmt-server-config-2.6.5-3.34.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:rmt-server-config-2.6.5-3.34.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2020-11-04T10:02:46Z", details: "important", }, ], title: "CVE-2020-8164", }, { cve: "CVE-2020-8165", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-8165", }, ], notes: [ { category: "general", text: "A deserialization of untrusted data vulnernerability exists in rails < 5.2.4.3, rails < 6.0.3.1 that can allow an attacker to unmarshal user-provided objects in MemCacheStore and RedisCacheStore potentially resulting in an RCE.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise High Performance Computing 15-ESPOS:rmt-server-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:rmt-server-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:rmt-server-config-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:rmt-server-config-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:rmt-server-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:rmt-server-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:rmt-server-config-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:rmt-server-config-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-2.6.5-3.34.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-2.6.5-3.34.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-config-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-config-2.6.5-3.34.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-config-2.6.5-3.34.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-config-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:rmt-server-2.6.5-3.34.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:rmt-server-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:rmt-server-config-2.6.5-3.34.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:rmt-server-config-2.6.5-3.34.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-8165", url: "https://www.suse.com/security/cve/CVE-2020-8165", }, { category: "external", summary: "SUSE Bug 1172186 for CVE-2020-8165", url: "https://bugzilla.suse.com/1172186", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise High Performance Computing 15-ESPOS:rmt-server-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:rmt-server-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:rmt-server-config-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:rmt-server-config-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:rmt-server-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:rmt-server-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:rmt-server-config-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:rmt-server-config-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-2.6.5-3.34.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-2.6.5-3.34.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-config-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-config-2.6.5-3.34.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-config-2.6.5-3.34.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-config-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:rmt-server-2.6.5-3.34.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:rmt-server-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:rmt-server-config-2.6.5-3.34.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:rmt-server-config-2.6.5-3.34.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise High Performance Computing 15-ESPOS:rmt-server-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:rmt-server-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:rmt-server-config-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:rmt-server-config-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:rmt-server-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:rmt-server-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:rmt-server-config-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:rmt-server-config-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-2.6.5-3.34.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-2.6.5-3.34.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-config-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-config-2.6.5-3.34.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-config-2.6.5-3.34.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-config-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:rmt-server-2.6.5-3.34.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:rmt-server-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:rmt-server-config-2.6.5-3.34.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:rmt-server-config-2.6.5-3.34.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2020-11-04T10:02:46Z", details: "critical", }, ], title: "CVE-2020-8165", }, { cve: "CVE-2020-8166", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-8166", }, ], notes: [ { category: "general", text: "A CSRF forgery vulnerability exists in rails < 5.2.5, rails < 6.0.4 that makes it possible for an attacker to, given a global CSRF token such as the one present in the authenticity_token meta tag, forge a per-form CSRF token.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise High Performance Computing 15-ESPOS:rmt-server-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:rmt-server-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:rmt-server-config-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:rmt-server-config-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:rmt-server-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:rmt-server-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:rmt-server-config-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:rmt-server-config-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-2.6.5-3.34.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-2.6.5-3.34.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-config-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-config-2.6.5-3.34.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-config-2.6.5-3.34.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-config-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:rmt-server-2.6.5-3.34.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:rmt-server-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:rmt-server-config-2.6.5-3.34.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:rmt-server-config-2.6.5-3.34.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-8166", url: "https://www.suse.com/security/cve/CVE-2020-8166", }, { category: "external", summary: "SUSE Bug 1172182 for CVE-2020-8166", url: "https://bugzilla.suse.com/1172182", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise High Performance Computing 15-ESPOS:rmt-server-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:rmt-server-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:rmt-server-config-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:rmt-server-config-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:rmt-server-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:rmt-server-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:rmt-server-config-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:rmt-server-config-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-2.6.5-3.34.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-2.6.5-3.34.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-config-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-config-2.6.5-3.34.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-config-2.6.5-3.34.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-config-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:rmt-server-2.6.5-3.34.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:rmt-server-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:rmt-server-config-2.6.5-3.34.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:rmt-server-config-2.6.5-3.34.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 3.7, baseSeverity: "LOW", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", version: "3.1", }, products: [ "SUSE Linux Enterprise High Performance Computing 15-ESPOS:rmt-server-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:rmt-server-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:rmt-server-config-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:rmt-server-config-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:rmt-server-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:rmt-server-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:rmt-server-config-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:rmt-server-config-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-2.6.5-3.34.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-2.6.5-3.34.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-config-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-config-2.6.5-3.34.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-config-2.6.5-3.34.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-config-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:rmt-server-2.6.5-3.34.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:rmt-server-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:rmt-server-config-2.6.5-3.34.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:rmt-server-config-2.6.5-3.34.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2020-11-04T10:02:46Z", details: "low", }, ], title: "CVE-2020-8166", }, { cve: "CVE-2020-8167", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-8167", }, ], notes: [ { category: "general", text: "A CSRF vulnerability exists in rails <= 6.0.3 rails-ujs module that could allow attackers to send CSRF tokens to wrong domains.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise High Performance Computing 15-ESPOS:rmt-server-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:rmt-server-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:rmt-server-config-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:rmt-server-config-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:rmt-server-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:rmt-server-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:rmt-server-config-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:rmt-server-config-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-2.6.5-3.34.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-2.6.5-3.34.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-config-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-config-2.6.5-3.34.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-config-2.6.5-3.34.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-config-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:rmt-server-2.6.5-3.34.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:rmt-server-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:rmt-server-config-2.6.5-3.34.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:rmt-server-config-2.6.5-3.34.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-8167", url: "https://www.suse.com/security/cve/CVE-2020-8167", }, { category: "external", summary: "SUSE Bug 1172184 for CVE-2020-8167", url: "https://bugzilla.suse.com/1172184", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise High Performance Computing 15-ESPOS:rmt-server-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:rmt-server-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:rmt-server-config-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:rmt-server-config-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:rmt-server-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:rmt-server-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:rmt-server-config-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:rmt-server-config-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-2.6.5-3.34.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-2.6.5-3.34.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-config-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-config-2.6.5-3.34.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-config-2.6.5-3.34.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-config-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:rmt-server-2.6.5-3.34.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:rmt-server-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:rmt-server-config-2.6.5-3.34.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:rmt-server-config-2.6.5-3.34.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N", version: "3.1", }, products: [ "SUSE Linux Enterprise High Performance Computing 15-ESPOS:rmt-server-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:rmt-server-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:rmt-server-config-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:rmt-server-config-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:rmt-server-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:rmt-server-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:rmt-server-config-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:rmt-server-config-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-2.6.5-3.34.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-2.6.5-3.34.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-config-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-config-2.6.5-3.34.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-config-2.6.5-3.34.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-config-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:rmt-server-2.6.5-3.34.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:rmt-server-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:rmt-server-config-2.6.5-3.34.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:rmt-server-config-2.6.5-3.34.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2020-11-04T10:02:46Z", details: "moderate", }, ], title: "CVE-2020-8167", }, { cve: "CVE-2020-8184", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-8184", }, ], notes: [ { category: "general", text: "A reliance on cookies without validation/integrity check security vulnerability exists in rack < 2.2.3, rack < 2.1.4 that makes it is possible for an attacker to forge a secure or host-only cookie prefix.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise High Performance Computing 15-ESPOS:rmt-server-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:rmt-server-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:rmt-server-config-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:rmt-server-config-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:rmt-server-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:rmt-server-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:rmt-server-config-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:rmt-server-config-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-2.6.5-3.34.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-2.6.5-3.34.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-config-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-config-2.6.5-3.34.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-config-2.6.5-3.34.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-config-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:rmt-server-2.6.5-3.34.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:rmt-server-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:rmt-server-config-2.6.5-3.34.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:rmt-server-config-2.6.5-3.34.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-8184", url: "https://www.suse.com/security/cve/CVE-2020-8184", }, { category: "external", summary: "SUSE Bug 1173351 for CVE-2020-8184", url: "https://bugzilla.suse.com/1173351", }, { category: "external", summary: "SUSE Bug 1177352 for CVE-2020-8184", url: "https://bugzilla.suse.com/1177352", }, { category: "external", summary: "SUSE Bug 1193081 for CVE-2020-8184", url: "https://bugzilla.suse.com/1193081", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise High Performance Computing 15-ESPOS:rmt-server-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:rmt-server-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:rmt-server-config-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:rmt-server-config-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:rmt-server-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:rmt-server-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:rmt-server-config-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:rmt-server-config-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-2.6.5-3.34.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-2.6.5-3.34.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-config-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-config-2.6.5-3.34.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-config-2.6.5-3.34.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-config-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:rmt-server-2.6.5-3.34.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:rmt-server-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:rmt-server-config-2.6.5-3.34.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:rmt-server-config-2.6.5-3.34.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.8, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, products: [ "SUSE Linux Enterprise High Performance Computing 15-ESPOS:rmt-server-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:rmt-server-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:rmt-server-config-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:rmt-server-config-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:rmt-server-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:rmt-server-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:rmt-server-config-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:rmt-server-config-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-2.6.5-3.34.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-2.6.5-3.34.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-config-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-config-2.6.5-3.34.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-config-2.6.5-3.34.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-config-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:rmt-server-2.6.5-3.34.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:rmt-server-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:rmt-server-config-2.6.5-3.34.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:rmt-server-config-2.6.5-3.34.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2020-11-04T10:02:46Z", details: "moderate", }, ], title: "CVE-2020-8184", }, { cve: "CVE-2020-8185", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-8185", }, ], notes: [ { category: "general", text: "A denial of service vulnerability exists in Rails <6.0.3.2 that allowed an untrusted user to run any pending migrations on a Rails app running in production.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise High Performance Computing 15-ESPOS:rmt-server-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:rmt-server-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:rmt-server-config-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:rmt-server-config-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:rmt-server-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:rmt-server-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:rmt-server-config-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:rmt-server-config-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-2.6.5-3.34.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-2.6.5-3.34.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-config-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-config-2.6.5-3.34.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-config-2.6.5-3.34.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-config-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:rmt-server-2.6.5-3.34.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:rmt-server-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:rmt-server-config-2.6.5-3.34.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:rmt-server-config-2.6.5-3.34.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-8185", url: "https://www.suse.com/security/cve/CVE-2020-8185", }, { category: "external", summary: "SUSE Bug 1173564 for CVE-2020-8185", url: "https://bugzilla.suse.com/1173564", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise High Performance Computing 15-ESPOS:rmt-server-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:rmt-server-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:rmt-server-config-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:rmt-server-config-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:rmt-server-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:rmt-server-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:rmt-server-config-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:rmt-server-config-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-2.6.5-3.34.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-2.6.5-3.34.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-config-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-config-2.6.5-3.34.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-config-2.6.5-3.34.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-config-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:rmt-server-2.6.5-3.34.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:rmt-server-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:rmt-server-config-2.6.5-3.34.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:rmt-server-config-2.6.5-3.34.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise High Performance Computing 15-ESPOS:rmt-server-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:rmt-server-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:rmt-server-config-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:rmt-server-config-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:rmt-server-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:rmt-server-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:rmt-server-config-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:rmt-server-config-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-2.6.5-3.34.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-2.6.5-3.34.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-config-2.6.5-3.34.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-config-2.6.5-3.34.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-config-2.6.5-3.34.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:rmt-server-config-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:rmt-server-2.6.5-3.34.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:rmt-server-2.6.5-3.34.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:rmt-server-config-2.6.5-3.34.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:rmt-server-config-2.6.5-3.34.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2020-11-04T10:02:46Z", details: "moderate", }, ], title: "CVE-2020-8185", }, ], }
suse-su-2020:2060-1
Vulnerability from csaf_suse
Published
2020-07-28 15:54
Modified
2020-07-28 15:54
Summary
Security update for rubygem-puma
Notes
Title of the patch
Security update for rubygem-puma
Description of the patch
This update for rubygem-puma fixes the following issues:
- Add patches for disabling TLSv1.0 and TLSv1.1 (jsc#SLE-6965):
- Add CVE-2020-11077.patch (bsc#1172175, CVE-2020-11077)
- Add CVE-2020-11076.patch (bsc#1172176, CVE-2020-11076)
- Add CVE-2020-5247.patch (bsc#1165402)
'Fixes a problem where we were not splitting newlines in headers
according to Rack spec'
The patch is reduced compared to the upstream version, which was
patching also the parts that are not implemented in our old Puma
version. This applies to unit test as well.
- Add CVE-2019-16770.patch (bsc#1158675, SOC-10999, CVE-2019-16770)
This patch fixes a DoS vulnerability a malicious client could use to
block a large amount of threads.
Patchnames
SUSE-2020-2060,SUSE-OpenStack-Cloud-6-LTSS-2020-2060
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Security update for rubygem-puma", title: "Title of the patch", }, { category: "description", text: "This update for rubygem-puma fixes the following issues:\n\n- Add patches for disabling TLSv1.0 and TLSv1.1 (jsc#SLE-6965):\n- Add CVE-2020-11077.patch (bsc#1172175, CVE-2020-11077)\n- Add CVE-2020-11076.patch (bsc#1172176, CVE-2020-11076)\n- Add CVE-2020-5247.patch (bsc#1165402)\n 'Fixes a problem where we were not splitting newlines in headers\n according to Rack spec'\n The patch is reduced compared to the upstream version, which was\n patching also the parts that are not implemented in our old Puma\n version. This applies to unit test as well.\n- Add CVE-2019-16770.patch (bsc#1158675, SOC-10999, CVE-2019-16770)\n This patch fixes a DoS vulnerability a malicious client could use to\n block a large amount of threads.\n", title: "Description of the patch", }, { category: "details", text: "SUSE-2020-2060,SUSE-OpenStack-Cloud-6-LTSS-2020-2060", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2020_2060-1.json", }, { category: "self", summary: "URL for SUSE-SU-2020:2060-1", url: "https://www.suse.com/support/update/announcement/2020/suse-su-20202060-1/", }, { category: "self", summary: "E-Mail link for SUSE-SU-2020:2060-1", url: "https://lists.suse.com/pipermail/sle-security-updates/2020-July/007189.html", }, { category: "self", summary: "SUSE Bug 1158675", url: "https://bugzilla.suse.com/1158675", }, { category: "self", summary: "SUSE Bug 1165402", url: "https://bugzilla.suse.com/1165402", }, { category: "self", summary: "SUSE Bug 1172175", url: "https://bugzilla.suse.com/1172175", }, { category: "self", summary: "SUSE Bug 1172176", url: "https://bugzilla.suse.com/1172176", }, { category: "self", summary: "SUSE CVE CVE-2019-16770 page", url: "https://www.suse.com/security/cve/CVE-2019-16770/", }, { category: "self", summary: "SUSE CVE CVE-2020-11076 page", url: "https://www.suse.com/security/cve/CVE-2020-11076/", }, { category: "self", summary: "SUSE CVE CVE-2020-11077 page", url: "https://www.suse.com/security/cve/CVE-2020-11077/", }, { category: "self", summary: "SUSE CVE CVE-2020-5247 page", url: "https://www.suse.com/security/cve/CVE-2020-5247/", }, ], title: "Security update for rubygem-puma", tracking: { current_release_date: "2020-07-28T15:54:20Z", generator: { date: "2020-07-28T15:54:20Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "SUSE-SU-2020:2060-1", initial_release_date: "2020-07-28T15:54:20Z", revision_history: [ { date: "2020-07-28T15:54:20Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "ruby2.1-rubygem-puma-2.16.0-4.3.1.aarch64", product: { name: "ruby2.1-rubygem-puma-2.16.0-4.3.1.aarch64", product_id: "ruby2.1-rubygem-puma-2.16.0-4.3.1.aarch64", }, }, { category: "product_version", name: "ruby2.1-rubygem-puma-doc-2.16.0-4.3.1.aarch64", product: { name: "ruby2.1-rubygem-puma-doc-2.16.0-4.3.1.aarch64", product_id: "ruby2.1-rubygem-puma-doc-2.16.0-4.3.1.aarch64", }, }, ], category: "architecture", name: "aarch64", }, { branches: [ { category: "product_version", name: "ruby2.1-rubygem-puma-2.16.0-4.3.1.i586", product: { name: "ruby2.1-rubygem-puma-2.16.0-4.3.1.i586", product_id: "ruby2.1-rubygem-puma-2.16.0-4.3.1.i586", }, }, { category: "product_version", name: "ruby2.1-rubygem-puma-doc-2.16.0-4.3.1.i586", product: { name: "ruby2.1-rubygem-puma-doc-2.16.0-4.3.1.i586", product_id: "ruby2.1-rubygem-puma-doc-2.16.0-4.3.1.i586", }, }, ], category: "architecture", name: "i586", }, { branches: [ { category: "product_version", name: "ruby2.1-rubygem-puma-2.16.0-4.3.1.ppc64le", product: { name: "ruby2.1-rubygem-puma-2.16.0-4.3.1.ppc64le", product_id: "ruby2.1-rubygem-puma-2.16.0-4.3.1.ppc64le", }, }, { category: "product_version", name: "ruby2.1-rubygem-puma-doc-2.16.0-4.3.1.ppc64le", product: { name: "ruby2.1-rubygem-puma-doc-2.16.0-4.3.1.ppc64le", product_id: "ruby2.1-rubygem-puma-doc-2.16.0-4.3.1.ppc64le", }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "ruby2.1-rubygem-puma-2.16.0-4.3.1.s390", product: { name: "ruby2.1-rubygem-puma-2.16.0-4.3.1.s390", product_id: "ruby2.1-rubygem-puma-2.16.0-4.3.1.s390", }, }, { category: "product_version", name: "ruby2.1-rubygem-puma-doc-2.16.0-4.3.1.s390", product: { name: "ruby2.1-rubygem-puma-doc-2.16.0-4.3.1.s390", product_id: "ruby2.1-rubygem-puma-doc-2.16.0-4.3.1.s390", }, }, ], category: "architecture", name: "s390", }, { branches: [ { category: "product_version", name: "ruby2.1-rubygem-puma-2.16.0-4.3.1.s390x", product: { name: "ruby2.1-rubygem-puma-2.16.0-4.3.1.s390x", product_id: "ruby2.1-rubygem-puma-2.16.0-4.3.1.s390x", }, }, { category: "product_version", name: "ruby2.1-rubygem-puma-doc-2.16.0-4.3.1.s390x", product: { name: "ruby2.1-rubygem-puma-doc-2.16.0-4.3.1.s390x", product_id: "ruby2.1-rubygem-puma-doc-2.16.0-4.3.1.s390x", }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "ruby2.1-rubygem-puma-2.16.0-4.3.1.x86_64", product: { name: "ruby2.1-rubygem-puma-2.16.0-4.3.1.x86_64", product_id: "ruby2.1-rubygem-puma-2.16.0-4.3.1.x86_64", }, }, { category: "product_version", name: "ruby2.1-rubygem-puma-doc-2.16.0-4.3.1.x86_64", product: { name: "ruby2.1-rubygem-puma-doc-2.16.0-4.3.1.x86_64", product_id: "ruby2.1-rubygem-puma-doc-2.16.0-4.3.1.x86_64", }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_name", name: "SUSE OpenStack Cloud 6-LTSS", product: { name: "SUSE OpenStack Cloud 6-LTSS", product_id: "SUSE OpenStack Cloud 6-LTSS", product_identification_helper: { cpe: "cpe:/o:suse:suse-openstack-cloud-ltss:6", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "ruby2.1-rubygem-puma-2.16.0-4.3.1.x86_64 as component of SUSE OpenStack Cloud 6-LTSS", product_id: "SUSE OpenStack Cloud 6-LTSS:ruby2.1-rubygem-puma-2.16.0-4.3.1.x86_64", }, product_reference: "ruby2.1-rubygem-puma-2.16.0-4.3.1.x86_64", relates_to_product_reference: "SUSE OpenStack Cloud 6-LTSS", }, ], }, vulnerabilities: [ { cve: "CVE-2019-16770", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-16770", }, ], notes: [ { category: "general", text: "In Puma before versions 3.12.2 and 4.3.1, a poorly-behaved client could use keepalive requests to monopolize Puma's reactor and create a denial of service attack. If more keepalive connections to Puma are opened than there are threads available, additional connections will wait permanently if the attacker sends requests frequently enough. This vulnerability is patched in Puma 4.3.1 and 3.12.2.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE OpenStack Cloud 6-LTSS:ruby2.1-rubygem-puma-2.16.0-4.3.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-16770", url: "https://www.suse.com/security/cve/CVE-2019-16770", }, { category: "external", summary: "SUSE Bug 1158675 for CVE-2019-16770", url: "https://bugzilla.suse.com/1158675", }, { category: "external", summary: "SUSE Bug 1188527 for CVE-2019-16770", url: "https://bugzilla.suse.com/1188527", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE OpenStack Cloud 6-LTSS:ruby2.1-rubygem-puma-2.16.0-4.3.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE OpenStack Cloud 6-LTSS:ruby2.1-rubygem-puma-2.16.0-4.3.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2020-07-28T15:54:20Z", details: "important", }, ], title: "CVE-2019-16770", }, { cve: "CVE-2020-11076", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-11076", }, ], notes: [ { category: "general", text: "In Puma (RubyGem) before 4.3.4 and 3.12.5, an attacker could smuggle an HTTP response, by using an invalid transfer-encoding header. The problem has been fixed in Puma 3.12.5 and Puma 4.3.4.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE OpenStack Cloud 6-LTSS:ruby2.1-rubygem-puma-2.16.0-4.3.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-11076", url: "https://www.suse.com/security/cve/CVE-2020-11076", }, { category: "external", summary: "SUSE Bug 1172175 for CVE-2020-11076", url: "https://bugzilla.suse.com/1172175", }, { category: "external", summary: "SUSE Bug 1172176 for CVE-2020-11076", url: "https://bugzilla.suse.com/1172176", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE OpenStack Cloud 6-LTSS:ruby2.1-rubygem-puma-2.16.0-4.3.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.8, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N", version: "3.1", }, products: [ "SUSE OpenStack Cloud 6-LTSS:ruby2.1-rubygem-puma-2.16.0-4.3.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2020-07-28T15:54:20Z", details: "moderate", }, ], title: "CVE-2020-11076", }, { cve: "CVE-2020-11077", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-11077", }, ], notes: [ { category: "general", text: "In Puma (RubyGem) before 4.3.5 and 3.12.6, a client could smuggle a request through a proxy, causing the proxy to send a response back to another unknown client. If the proxy uses persistent connections and the client adds another request in via HTTP pipelining, the proxy may mistake it as the first request's body. Puma, however, would see it as two requests, and when processing the second request, send back a response that the proxy does not expect. If the proxy has reused the persistent connection to Puma to send another request for a different client, the second response from the first client will be sent to the second client. This is a similar but different vulnerability from CVE-2020-11076. The problem has been fixed in Puma 3.12.6 and Puma 4.3.5.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE OpenStack Cloud 6-LTSS:ruby2.1-rubygem-puma-2.16.0-4.3.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-11077", url: "https://www.suse.com/security/cve/CVE-2020-11077", }, { category: "external", summary: "SUSE Bug 1172175 for CVE-2020-11077", url: "https://bugzilla.suse.com/1172175", }, { category: "external", summary: "SUSE Bug 1172176 for CVE-2020-11077", url: "https://bugzilla.suse.com/1172176", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE OpenStack Cloud 6-LTSS:ruby2.1-rubygem-puma-2.16.0-4.3.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.8, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N", version: "3.1", }, products: [ "SUSE OpenStack Cloud 6-LTSS:ruby2.1-rubygem-puma-2.16.0-4.3.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2020-07-28T15:54:20Z", details: "moderate", }, ], title: "CVE-2020-11077", }, { cve: "CVE-2020-5247", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-5247", }, ], notes: [ { category: "general", text: "In Puma (RubyGem) before 4.3.2 and before 3.12.3, if an application using Puma allows untrusted input in a response header, an attacker can use newline characters (i.e. `CR`, `LF` or`/r`, `/n`) to end the header and inject malicious content, such as additional headers or an entirely new response body. This vulnerability is known as HTTP Response Splitting. While not an attack in itself, response splitting is a vector for several other attacks, such as cross-site scripting (XSS). This is related to CVE-2019-16254, which fixed this vulnerability for the WEBrick Ruby web server. This has been fixed in versions 4.3.2 and 3.12.3 by checking all headers for line endings and rejecting headers with those characters.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE OpenStack Cloud 6-LTSS:ruby2.1-rubygem-puma-2.16.0-4.3.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-5247", url: "https://www.suse.com/security/cve/CVE-2020-5247", }, { category: "external", summary: "SUSE Bug 1165402 for CVE-2020-5247", url: "https://bugzilla.suse.com/1165402", }, { category: "external", summary: "SUSE Bug 1165524 for CVE-2020-5247", url: "https://bugzilla.suse.com/1165524", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE OpenStack Cloud 6-LTSS:ruby2.1-rubygem-puma-2.16.0-4.3.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N", version: "3.1", }, products: [ "SUSE OpenStack Cloud 6-LTSS:ruby2.1-rubygem-puma-2.16.0-4.3.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2020-07-28T15:54:20Z", details: "moderate", }, ], title: "CVE-2020-5247", }, ], }
suse-ru-2020:2072-1
Vulnerability from csaf_suse
Published
2020-07-29 14:31
Modified
2020-07-29 14:31
Summary
Security update for ansible, crowbar-core, crowbar-ha, crowbar-openstack, etcd, flannel, grafana, keepalived, kibana, memcached, monasca-installer, openstack-dashboard-theme-SUSE, openstack-manila, openstack-neutron-fwaas, openstack-nova, openstack-tempest, python-Django, python-Pillow, python-psql2mysql, python-psutil, python-py, python-pysaml2, python-waitress, rabbitmq-server, release-notes-suse-openstack-cloud, zookeeper
Notes
Title of the patch
Security update for ansible, crowbar-core, crowbar-ha, crowbar-openstack, etcd, flannel, grafana, keepalived, kibana, memcached, monasca-installer, openstack-dashboard-theme-SUSE, openstack-manila, openstack-neutron-fwaas, openstack-nova, openstack-tempest, python-Django, python-Pillow, python-psql2mysql, python-psutil, python-py, python-pysaml2, python-waitress, rabbitmq-server, release-notes-suse-openstack-cloud, zookeeper
Description of the patch
This update for ansible, crowbar-core, crowbar-ha, crowbar-openstack, etcd, flannel, grafana, keepalived, kibana, memcached, monasca-installer, openstack-dashboard-theme-SUSE, openstack-manila, openstack-neutron-fwaas, openstack-nova, openstack-tempest, python-Django, python-Pillow, python-psql2mysql, python-psutil, python-py, python-pysaml2, python-waitress, rabbitmq-server, release-notes-suse-openstack-cloud, zookeeper fixes the following issues:
Security fixes included ins this update:
ansible
- CVE-2019-3828: Fixed a path traversal in the fetch module (bsc#1126503).
grafana
- CVE-2020-13379: Fixed an incorrect access control issue which could
lead to information leaks or denial of service (bsc#1172409).
- CVE-2020-12052: Fixed an cross site scripting vulnerability related to
the annotation popup (bsc#1170657).
kibana
- CVE-2020-10743: Fixed a clickjacking vulnerability (bsc#1171909).
memcached (to version 1.5.17)
- CVE-2019-15026: Fixed a stack-based buffer over-read
in conn_to_str()n (bsc#1149110).
- CVE-2019-11596: Fixed a denial of service in the 'lru' command
(bsc#1133817)
- CVE-2018-1000115: Disabled UDP by default to reduce DDoS amplification
attacks (bsc#1083903).
python-Django
- CVE-2020-13254: Fixed a data leakage via malformed memcached keys
(bsc#1172167).
- CVE-2020-13596: Fixed a cross site scripting vulnerability related to
the admin parameters of the ForeignKeyRawIdWidget (bsc#1172166).
- Fixed a regression with the fix for CVE-2019-3498 (bsc#1161349).
python-Pillow
- CVE-2019-16865: Fixed a denial of service with specially crafted
image files (bsc#1153191).
- CVE-2020-5312: Fixed a buffer overflow in the PCX P mode (bsc#1160152).
- CVE-2020-5313: Fixed a buffer overflow related to FLI (bsc#1160153).
- CVE-2019-19911: Fixed a denial of service in FpxImagePlugin.py
(bsc#1160192).
python-pysaml2
- CVE-2020-5390: Fixed an issue with the verification of signatures in
SAML documents (bsc#1160851)
- CVE-2017-1000246: Fixed an issue with weak encryption data, caused by
initialization vector reuse(bsc#1068612).
python-waitress (to version 1.4.3)
- CVE-2019-16785: Fixed HTTP request smuggling through LF vs CRLF
handling (bsc#1161088).
- CVE-2019-16786: Fixed HTTP request smuggling through invalid
Transfer-Encoding (bsc#1161089).
- CVE-2019-16789: Fixed HTTP Request Smuggling through invalid
whitespace characters (bsc#1160790).
- CVE-2019-16792: Fixed HTTP Request Smuggling through Content-Length
header handling (bsc#1161670).
rubygem-activeresource
- CVE-2020-8151: Fixed information disclosure issue through specially
crafted requests (bsc#1171560)
rubygem-json-1_7
- CVE-2020-10663: Fixed Unsafe Object Creation Vulnerability in JSON
(bsc#1167244)
rubygem-puma
- CVE-2020-11077: Fixed HTTP Request Smuggling through proxy (bsc#1172175)
- CVE-2020-11076: Fixed HTTP Request smuggling through invalid
Transfer-Encoding header.
- CVE-2020-5247: Fixed HTTP Response Splitting through newline characters
handling (bsc#1165402)
zookeeper:
- CVE-2019-0201: Fixed an information disclosure related to
getACL() (bsc#1135773).
Non security fixes included in this update:
Changes in ansible:
- Add 0001-Disallow-use-of-remote-home-directories-containing-..patch
(bsc#1126503, CVE-2019-3828)
Changes in crowbar-core:
- Update to version 4.0+git.1580209654.1d112d31f:
* network: start OVS before wickedd (SOC-11067)
Changes in crowbar-ha:
- Update to version 4.0+git.1585316203.d6ad2c8:
* [4.0] add ssl termination on haproxy (bsc#1149535)
Changes in crowbar-openstack:
- Update to version 4.0+git.1589804581.9972163f0:
* [4.0] magnum: fix check for image/flavor (SOC-11251)
- Update to version 4.0+git.1589647351.ccfd9481f:
* [4.0] trove: fix rabbitmq connection URL (SOC-11286)
- Update to version 4.0+git.1589458214.9f765aa08:
* [4.0] Fix create magnum k8s image and flavor (SOC-11251)
- Update to version 4.0+git.1588271860.131fc8cc1:
* run keystone_register on cluster founder only when HA (SOC-11248)
* nova: run keystone_register on cluster founder only (SOC-11243)
- Update to version 4.0+git.1588096523.679da5c50:
* tempest: retry openstack commands (SOC-11238)
- Update to version 4.0+git.1587129016.c009e43c9:
* Disable magnum.tests.functional.api.v1.test_cluster (SOC-11224)
- Update to version 4.0+git.1587035427.abb6e9b4e:
* Fix barbican SSL support (SOC-9298)
- Update to version 4.0+git.1586421486.5601320b7:
* Fix magnum tempest tests (SOC-9298)
- Update to version 4.0+git.1585331022.609482166:
* tempest: update blacklisted tempest test cases (SOC-9801,SOC-11174,SOC-11187)
- Update to version 4.0+git.1585136604.988f3a1da:
* Disabling failing tempest tests on SOC7
* [4.0] ec2-api: run keystone_register on cluster founder only (SOC-11079)
- Update to version 4.0+git.1582582068.c8c2448c0:
* neutron: Place space between CLI arguments
- Update to version 4.0+git.1580894959.1fe5fd282:
* Revert '[4.0] rabbitmq: sync startup definitions.json with recipe' (SOC-11082)
- Update to version 4.0+git.1580469474.967ab8baf:
* rabbitmq: sync startup definitions.json with recipe (SOC-11077)
Changes in etcd:
- Build against go 1.6
- Fix etcd build. We are generating 2 binaries, etcd and etcdctl.
They need to be built separately
- Ensure /var/lib/etcd is controlled by etcd:etcd
- exclude i586. We don't expect this package to be built on i586.
- remove sysconfig.etcd: this file is not being used
- Update to version 3.1.0:
* raft: add node should reset the pendingConf state
* v3rpc: don't close watcher if client closes send
* e2e: add test for v3 watch over grpc gateway
* mvcc: remove unused restore method
* integration: don't expect recv to stop on CloseSend in waitResponse
* Documentation: add grpc gateway watch example
* version: bump up v3.1.0-rc.1+git
* discovery: warn on scheme mismatch
* grpcproxy: fix deadlock on watch broadcasts stop
* etcdmain: add '/metrics' HTTP/1 path to grpc-proxy
* etcd-tester: do not resolve localhost
* raftexample: confState should be saved after apply
* raft: test case to check the duplicate add node propose
* raft: fix test case, should wait config propose applied
* raft: fix test case for data race
* raft: use the channel instead of sleep to make test case reliable
* raft: fix TestNodeProposeAddDuplicateNode
* etcdmain: handle TLS in grpc-proxy listener
* etcd-tester:limit max retry backoff delay
* functional-tester: add withBlock() to grpc dial
* op-guide: add notes about Prometheus data source in Grafana
* clientv3: return copy of endpoints, not pointer
* auth: add a timeout mechanism to simple token
* client: update README about health monitoring
* grpcproxy: fix race between watch ranges delete() and broadcasts empty()
* lease: Use monotonic time in lease
* integration: use Range to wait for reboot in quota tests
* grpcproxy: fix race between coalesce and bcast on nextrev
* etcd-tester: refactor lease checker
* store: check sorted order in TestStoreGetSorted
* vendor: bump go-systemd to v14 to avoid build error
* integration: cancel Watch when TestV3WatchWithPrevKV exits
* grpcproxy: add richer metrics for watch
* grpcproxy: add cache related metrics
* raft: Fix election 'logs converge' test
* raft: Export Progress.IsPaused
* benchmark: add rate limit
* etcdctl: remove GetUser check before mutable commands
* grpcproxy: lock store when getting size
* Documentation: link added to libraries-and-tools.md with a new v2 Scala Client
* grpcproxy: fix deadlock in watchbroadcast
* etcdserver: time out when readStateC is blocking
* store: fix store_test.go comments
* vendor: update ugorji/go
* client: update generated ugorji codec
* doc: initial faq
* clientv3/integration: test lease keepalive works following quorum loss
* integration: use RequireLeader for TestV3LeaseFailover
* v3rpc, etcdserver, leasehttp: ctxize Renew with request timeout
* Documentation: add blox and chain as users
* etcdserver: do not send v2 sync if ttl keys do not exist
* ROADMAP: update for 3.2
* Documentation: add more FAQ questions
* grpcproxy: fix minor typo
* vendor: use versions when possible in glide.yaml
* scripts: use glide update if repo exists in glide.lock
* github: make bug reporting link non-relative
* github: make contribution link non-relative
* Documentation: update get examples to be clearer about ranges
* etcdserver, embed, v2http: move pprof setup to embed
* doc: add faq about apply warning logging
* test: exclude '_home' for gosimple, unused
* auth: fix gosimple errors
* integration: simplify boolean comparison in resp.Created
* raft: simplify boolean comparison, remove unused
* tools: simplify boolean comparison, remove unused
* e2e: remove unused 'ctlV3GetFailPerm'
* v3rpc: remove unused 'splitMethodName' function
* grpcproxy: remove unused field 'wbs *watchBroadcasts'
* doc: add faq about missing heartbeat
* etcdctl: 'fields' output formats
* build: remove dir use -r flag
* etcd-tester: add 'enable-pprof' option
* etcd-tester: cancel lease stream; fix OOM panic
* doc: add hardware section
* auth: improve 'removeSubsetRangePerms' to O(n)
* Documentation: use port 2379 in local cluster guide The port in endpoints should be 2379, instead of 12379.
* op-guide/clustering: fix typo
* embed: deep copy user handlers
* Documentation: add more FAQs (follower, leader, sys-require)
* clientv3: close Lease on client Close
* netutil: ctx-ize URLStringsEqual
* etcdserver: retry for 30s on advertise url check
* membership: retry for 30s on advertise url check
* clientv3: return error from KeepAlive if corresponding loop exits
* clientv3: add test for keep alive loop exit case
* auth, etcdserver: protect membership change operations with auth
* e2e: test cases of protecting membership change with auth
* clientv3: better error message for keep alive loop halt
* Documentation: FAQ entry for cluster ID mismatches
* dev-guide: add limit.md
* Documentation: minor fix nodes -> node
* etcdctl: warn when backend takes too long to open on migrate
* docs: explicitly set ETCDCTL_API=3 in recovery.md
* v3api, rpctypes: add ErrTimeoutDueToConnectionLost
* clientv3/integration: test lease grant/keepalive with/without failures
* clientv3: don't reset keepalive stream on grant failure
* etcdctl: tighten up output, reorganize README.md
* Documentation: add FAQs on membership operation
* Documentation: add 'why.md'
* embed: only override default advertised client URL if the client listen URL is 0.0.0.0
* raft: make memory storage set method thread safe
* raft: resume paused followers on receipt of MsgHeartbeatResp
* etcd-tester: fix typo, add endpoint in logs
* lease: force leader to apply its pending committed index for lease operations
* leasehttp: buffer error channel to prevent goroutine leak
* raft: fix pre-vote tests
* etcdserver: rework update committed index logic
* etcd-tester: remove unused err var from maxRev
* e2e: check etcdctl endpoint health is healthy if denied permission to key
* benchmark: a new option for configuring dial timeout
* ctlv3: consider permission denied error to be healthy for endpoints
* etcdmain: add --metrics flag for exposing histogram metrics
* e2e: test cluster-health
* v2http: submit QGET in health endpoint if no progress
* test: bump grpcproxy pass timeout to 15m
* lease: use atomics for accessing lease expiry
* e2e: poll '/version' in release upgrade tests
* e2e: unset ETCDCTL_API env var before running u2e tests
* etcdserver: consistent naming in raftReadyHandler
* coverage: rework code coverage for unit and integration tests
* testutil: whitelist thread created by go cover
* rafthttp: bump up timeout in pipeline test
* grpcproxy, etcdmain, integration: return done channel with WatchServer
* integration: defer clus.Terminate in watch tests
* raftexample: load snapshot when opening WAL
* etcd-runner: make command compliant
* raft: use status to test node stop
* etcdserver: expose ErrNotEnoughStartedMembers
* etcdserver: resume compactor only if leader
* benchmark: enable grpc error logging on stderr
* etcd-runner:add flags in watcher for hardcoded values
* docs: fix recovery example in recovery.md
* auth: use quorum get for GetUser/GetRole for mutable operations
* grpcproxy: tear down watch when client context is done
* integration: use only digits in unix ports
* e2e: dump stack on ctlTest timeout
* expect: EXPECT_DEBUG environment variable
* why: add origin of the term etcd
* testutil: increase size of buffer for stack dump
* raft: fix test case for #7042
* vendor: update ugorji/go
* integration: add grpc auth testing
* auth: reject empty user name when checking op permissions
* etcdctl: create root role on auth enable if it does not yet exist
* raft: add RawNode test case for #6866
* pkg/report: support 99.9-percentile, change column name
* documentation: display docs.md in github browser
* benchmark: option to rate limit range benchmark
* etcdserver, clientv3: handle a case of expired auth token
* tools: Add etcd 3.0 load test tool refernece
* transport: warn on user-provided CA
* NEWS: add v3.1.0, v3.0.16 + minor fixes
* clienv3: fix balancer test logic
* clientv3: don't reset stream on keepaliveonce or revoke failure
* grpcproxy: use ccache for key cache
* vendor: remove groupcache, add ccache
* pkg/report: add 'Stats' to expose report raw data
* travis: use Go 1.7.4, drop old env var
* ctlv3: print cluster info after adding new member
* Documentation: document upgrading to v3.1
* pkg/report: add nil checking for getTimeSeries
* etcdserver: use ReqTimeout for linearized read
* grpcproxy, etcdmain, integration: add close channel to kv proxy
* glide: update 'golang.org/x/net'
* vendor: update 'golang.org/x/net'
* Documentation: update experimental_apis for v3.1 release
* NEWS: fix date for v3.1 release
* Documentation: fix typo s/endpoint-health/endpoint health/
* clientv3/concurrency: fix rev comparison on concurrent key deletion
* integration: test STM apply on concurrent deletion
* pkg/flags: fixed prefix checking of the env variables
* etcdctlv3: snapshot restore works with lease key
* test: passed the test script arguments as the test function parameters
* documentation: update build documentation
* version: bump to v3.1.0
- Update to version 3.1.0rc.1:
* grpcproxy: watch next revision should be start revision when not 0
* grpcproxy: copy range request before storing in cache
* raft: return empty status if node is stopped
* mvcc: store.restore taking too long triggering snapshot cycle fix
* mvcc: TestStoreRestore fix
* mvcc : Added benchmark for store.resotre
* pkg/netutil: get default interface for tc commands
* version: bump up v3.1.0-rc.1
Changes in grafana:
- Add CVE-2020-13379.patch
* Security: fix unauthorized avatar proxying (bsc#1172409, CVE-2020-13379)
- Refresh systemd-notification.patch
- Fix declaration for LICENSE
- Add 0002-CVE-2020-12052-bsc1170657-XSS-annotation-popup-vulnerability.patch
* Security: Fix annotation popup XSS vulnerability
(bsc#1170657)
- Add CVE-2019-15043.patch (SOC-10357, CVE-2019-15043, bsc#1148383)
Changes in keepalived:
- update to 2.0.19
- new BR pkgconfig(libnftnl) to fix nftables support
- add nftables to the BR
- added patch
* linux-4.15.patch
- add buildrequires for file-devel
- used in the checker to verify scripts
- enable json stats and config dump support
new BR: pkgconfig(json-c)
- enable http regexp support: new BR pcre2-devel
- disable dbus instance creation support as it is marked as
dangerous
- Add BFD build option to keepalived.spec rpm file
Issue #1114 identified that the keepalived.spec file was not being
generated to build BFD support even if keepalived had been
configured to support it.
- full changelog
https://keepalived.org/changelog.html
- update to 1.4.5:
* Update snapcraft.yaml for 1.4.x+git
* Fix generation of git-commit.h with git commit number.
* Set virtual server address family correctly.
* Set virtual server address family correctly when using tunnelled
real servers.
* Fix handling of virtual servers with no real servers at config time.
* Add warning if virtual and real servers are different address families.
Although normally the virtual server and real servers must have the
same address family, if a real server is tunnelled, the address families
can be different. However, the kernel didn't support that until 3.18,
so add a check that the address families are the same if different
address families are not supported by the kernel.
* Send correct status in Dbus VrrpStatusChange notification.
When an instance transitioned from BACKUP to FAULT, the Dbus
status change message reported the old status (BACKUP) rather than
the new status (FAULT). This commit attempts to resolved that.
* doc: ipvs schedulers update
* Fix a couple of typos in configure.ac.
* Fix namespace collision with musl if_ether.h.
* Check if return value from read_value_block() is null before using.
* Fix reporting real server stats via SNMP.
* Make checker process handle RTM_NEWLINK messages with -a option
Even though the checker process doesn't subscribe to RTNLGRP_LINK
messages, it appears that older kernels (certainly 2.6.32) can
send RTM_NEWLINK (but not RTM_DELLINK) messages. This occurs
when the link is set to up state.
Only the VRRP process is interested in link messages, and so the
checker process doesn't do the necessary initialisation to be able
to handle RTM_NEWLINK messages.
This commit makes the checker process simply discard RTM_NEWLINK
and RTM_DELLINK messages, rather than assuming that if it receives
an RTM_NEWLINK message it must be the VRRP process.
This problem was reported in issue #848 since the checker process
was segfaulting when a new interface was added when the -a command
line option was specified.
* Fix handling RTM_NEWLINK when building without VRRP code.
* Fix building on Fedora 28.
net-snmp-config output can include compiler and linker flags that
refer to spec files that were used to build net-snmp but may not
exist on the system building keepalived. That would cause the build
done by configure to test for net-snmp support to fail; in particular
on a Fedora 28 system that doesn't have the redhat-rpm-config package
installed.
This commit checks that any spec files in the compiler and linker
flags returned by net-snmp-config exist on the system building
keepalived, and if not it removes the reference(s) to the spec file(s).
* keepalived-1.4.3 released.
* vrrp: setting '0' as default value for ifa_flags to make gcc happy.
* Add additional libraries when testing for presence of SSL_CTX_new().
It appears that some systems need -lcrypto when linking with -lssl.
* Sanitise checking of libnl3 in configure.ac.
* Report and handle missing '}'s in config files.
* Add missing '\n' in keepalived.data output.
* Stop backup taking over as master while master reloads.
If a reload was initiated just before an advert, and since it took
one advert interval after a reload before an advert was sent, if the
reload itself took more than one advert interval, the backup could
time out and take over as master.
This commit makes keepalived send adverts for all instances that are
master immediately before a reload, and also sends adverts immediately
after a reload, thereby trippling the time available for the reload
to complete.
* Add route option fastopen_no_cookie and rule option l3mdev.
* Fix errors in KEEPALIVED-MIB.txt.
* Simplify setting on IN6_ADDR_GEN_MODE.
* Cosmetic changes to keepalived(8) man page.
* Don't set ipvs sync daemon to master state before becoming master
If a vrrp instance which was the one specified for the ipvs sync
daemon was configured with initial state master, the sync daemon
was being set to master mode before the vrrp instance transitioned
to master mode. This caused an error message when the vrrp instance
transitioned to master and attempted to make the sync daemon go from
backup to master mode.
This commit stops setting the sync daemon to master mode at initialisation
time, and it is set to master mode when the vrrp instance transitions
to master.
* Fix freeing vector which has not had any entries allocated.
* Add additional mem-check disgnostics
vector_alloc, vectot_alloc_slot, vector_free and alloc_strvec all
call MALLOC/FREE but the functions written in the mem_check log
are vector_alloc etc, not the functions that call them.
This commit adds logging of the originating calling function.
* Fix memory leak in parser.c.
* Improve alignment of new mem-check logging.
* Disable all checkers on a virtual server when ha_suspend set.
Only the first checker was being disabled; this commit now disables
all of them.
Also, make the decision to disable a checker when starting/reloading
when scheduling the checker, so that the existance of the required
address can be checked.
* Stop genhash segfaulting when built with --enable-mem-check.
* Fix memory allocation problems in genhash.
* Properly fix memory allocation problems in genhash.
* Fix persistence_granularity IPv4 netmask validation.
The logic test from inet_aton() appears to be inverted.
* Fix segfault when checker configuration is missing expected parameter
Issue #806 mentioned as an aside that 'nb_get_retry' without a parameter
was sigfaulting. Commit be7ae80 - 'Stop segfaulting when configuration
keyword is missing its parameter' missed the 'hidden' uses of vector_slot()
(i.e. those used via definitions in header files).
This commit now updates those uses of vector_slot() to use strvec_slot()
instead.
* Fix compiling on Linux 2.x kernels.
There were missing checks for HAVE_DECL_CLONE_NEWNET causing
references to an undeclared variable if CLONE_NEWNET wasn't defined.
* Improve parsing of kernel release.
The kernel EXTRAVERSION can start with any character (although
starting with a digit would be daft), so relax the check for it
starting with a '-'. Kernels using both '+' and '.' being the
first character of EXTRAVERSION have been reported.
* Improve grammer.
* add support for SNI in SSL_GET check.
this adds a `enable_sni` parameter to SSL_GET, making sure the check
passes the virtualhost in the SNI extension during SSL handshake.
* Optimise setting host name for SSL_GET requests with SNI.
* Allow SNI to be used with SSL_GET with OpenSSL v1.0.0 and LibreSSL.
* Use configure to check for SSL_set_tlsext_host_name()
Rather than checking for a specific version of the OpenSSL library
(and it would also need checking the version of the LibreSSL library)
let configure check for the presence of SSL_set_tlsext_host_name().
Also omit all code related to SNI of SSL_set_tlsext_host_name() is
not available.
* Use configure to determine available OpenSSL functionality
Rather than using version numbers of the OpenSSL library to determine
what functions are available, let configure determine whether the
functions are supported.
The also means that the same tests work for LibreSSL.
* Add support for gratuitous ARPs for IP over Infiniband.
* Use system header definition instead of local definition IF_HWADDR_MAX
linux/netdevice.h has definition MAX_ADDR_LEN, which is 32, whereas
IF_HWADDR_MAX was locally defined to be 20.
Unfortunately we end up with more system header file juggling to ensure
we don't have duplicate definitions.
* Fix vrrp_script and check_misc scripts of type </dev/tcp/127.0.0.1/80.
* Add the first pre-defined config definition (${_PWD})
${_PWD} in a configuration file will be replaced with the full
path name of the directory that keepalived is reading the current
configuration file from.
* Open and run the notify fifo and script if no other fifo
Due to the way the code was structured the notify_fifo for both
checker and vrrp messages wasn't run if neither the vrrp or checker
fifo wasn't configured.
Also, if all three fifos were configured, the general fifo script
was executed by both the vrrp and checker process, causing problems.
* Add support for Infiniband interfaces when dumping configuration.
* Tidy up layout in vrrp_arp.c.
* Add configure check for support of position independant executables (PIE).
* Add check for -pie support, and fix writing to keepalived.data.
* keepalived-1.4.2 released.
* Make genhash exit with exit code 1 on error.
Issue #766 identified that genhash always exits with exit code 1
even if an error has occurred.
* Rationalise printing of http header in genhash.
* Use http header Content-Length field in HTTP_CHECK/SSL_CHECK.
If a Content-Length is supplied in the http header, use that as a
limit to the data length (as wget does). If the length of data
received does not match the Content-Length log a warning.
* Optimise parameter passing to fprintf in genhash.
* Don't declare mark variable if don't have MARK socket option.
* Fix sync groups with only one member.
Commit c88744a0 allowed sync groups with only 1 member again, but
didn't stop removing the sync group if there was only 1 member.
This commit now doesn't remove sync groups with only one member.
* Make track scripts work with --enable-debug config option.
* Add warning if --enable-debug configure option is used.
* Allow more flexibility of layout of { and } in config files.
keepalived was a bit fussy about where '{'s and '}'s (braces) could
be placed in terms of after the keyword, or on a line on their own.
It certainly was not possible to have multiple braces on one line.
This commit now provides complete flexibility of where braces are, so
long as they occur in the correct order.
* Make alloc_value_block() report block type if there is an error.
* Simplify alloc_value_block() by using libc string functions.
* Add dumping of garp delay config when using -d option.
* Fix fractions of seconds for garp group garp_interval.
* Make read_value_block() use alloc_value_block().
This removes quite a bit of duplication of functionality, and
ensures the configuration parsing will be more consistent.
* Fix build with Linux kernel headers v4.15.
Linux kernel version 4.15 changed the libc/kernel headers suppression
logic in a way that introduces collisions.
* Add missing command line options to keepalived(8) man page.
* Fix --dont-release-vrrp.
On github, ushuz reported that commit 62e8455 - 'Don't delete vmac
interfaces before dropping multicast membership' broke --dont-release-vrrp.
This commit restores the correct functionality.
* Define _GNU_SOURCE for all compilation units.
Rather than defining _GNU_SOURCE when needed, let configure add
it to the flags passed to the C compiler, so that it is defined
for all compilation units. This ensures consistence.
* Fix new warnings procuded by gcc 8.
* Fix dumping empty lists.
Add a check in dump_list() for an empty list, and don't attempt
to dump it if it is empty.
* Resolve conversion-check compiler warnings.
* Add missing content to installing_keepalived.rst documentation.
Issue #778 identified that there was text missing at the end of
the document, and that is now added.
* Fix systemd service to start after network-online.target.
This fix was merged downstream by RedHat in response to
RHBZ #1413320.
* Update INSTALL file to describe packages needed for building
documentation.
* INSTALL: note linux distro package that provides 'sphinx_rtd_theme'
* Clear /proc/sys/net/ipv6/conf/IF/disable_ipv6 when create VMACs.
An issue was identified where keepalived was reporting permission
denied when attempting to add an IPv6 address to a VMAC interface.
It turned out that this was because
/proc/sys/net/ipv6/conf/default/disable_ipv6
was set to 1, causing IPv6 to be disables on all interfaces that
keepalived created.
This commit clears disable_ipv6 on any VMAC interfaces that
keepalived creates if the vrrp instance is using IPv6.
- remove linux-4.15.patch: does not apply anymore and not needed
(the distros using 4.15 have moved on to keepalived 2.x)
- Only Require insserv on distributions without systemd.
- Fix systemd related requires/buildRequires
- Do not run scriptlets that use insserv when using systemd
- add linux-4.15.patch
Changes in kibana:
- Add 0001-Configurable-custom-response-headers-for-server.patch
(bsc#1171909, CVE-2020-10743)
Changes in memcached:
- version update to 1.5.17
* bugfixes
fix strncpy call in stats conns to avoid ASAN violation (bsc#1149110, CVE-2019-15026)
extstore: fix indentation
add error handling when calling dup function
add unlock when item_cachedump malloc failed
extstore: emulate pread(v) for macOS
fix off-by-one in logger to allow CAS commands to be logged.
use strdup for explicitly configured slab sizes
move mem_requested from slabs.c to items.c (internal cleanup)
* new features
add server address to the 'stats conns' output
log client connection id with fetchers and mutations
Add a handler for seccomp crashes
- version update to 1.5.16
* bugfixes
When nsuffix is 0 space for flags hasn't been allocated so don't memcpy them.
- version update to 1.5.15
* bugfixes
Speed up incr/decr by replacing snprintf.
Use correct buffer size for internal URI encoding.
change some links from http to https
Fix small memory leak in testapp.c.
free window_global in slab_automove_extstore.c
remove inline_ascii_response option
-Y [filename] for ascii authentication mode
fix: idle-timeout wasn't compatible with binprot
* features
-Y [authfile] enables an authentication mode for ASCII protocol.
- modified patches
% memcached-autofoo.patch (refreshed)
- version update to 1.5.14
* update -h output for -I (max item size)
* fix segfault in 'lru' command (bsc#1133817, CVE-2019-11596)
* fix compile error on centos7
* extstore: error adjusting page_size after ext_path
* extstore: fix segfault if page_count is too high.
* close delete + incr item survival race bug
* memcached-tool dump fix loss of exp value
* Fix 'qw' in 'MemcachedTest.pm' so wait_ext_flush is exported properly
* Experimental TLS support.
* Basic implementation of TLS for memcached.
* Improve Get And Touch documentation
* fix INCR/DECR refcount leak for invalid items
- modified patches
% memcached-autofoo.patch (refreshed)
- Version bump to 1.5.11:
* extstore: balance IO thread queues
- Drop memcached-fix_test.patch that is present now upstream
- Add patch to fix aarch64, ppc64* and s390x tests:
* memcached-fix_test.patch
- Fix linter errors regarding COPYING
- update to 1.5.10:
* disruptive change in extstore: -o ext_page_count= is deprecated
and no longer works. To specify size: -o ext_path=/d/m/e:500G
extstore figures out the page count based on your desired page
size. M|G|T|P supported.
* extstore: Add basic JBOD support: ext_path can be specified
multiple times for striping onto simimar devices
* fix alignment issues on some ARM platforms for chunked items
- Update to 1.5.9:
* Bugfix release.
* Important note: if using --enable-seccomp, privilege dropping
is no longer on by default. The feature is experimental and many
users are reporting hard to diagnose problems on varied platforms.
* Seccomp is now marked EXPERIMENTAL, and must be explicitly
enabled by adding -o drop_privileges. Once we're more confident
with the usability of the feature, it will be enabled in -o modern,
like any other new change. You should only use it if you are
willing to carefully test it, especially if you're a vendor or
distribution.
* Also important is a crash fix in extstore when using the ASCII
protocol, large items, and running low on memory.
- update to 1.5.8:
* Bugfixes for seccomp and extstore
* Extstore platform portability has been greatly improved for ARM
and 32bit systems
- includes changes from 1.5.7:
* Fix alignment issues for 64bit ARM processors
* Fix seccomp portability
* Fix refcount leak with extstore while using binary touch commands
- turn on the testsuite again, it seems to pass server side,
too
- Home directory shouldn't be world readable bsc#1077718
- Mention that this stream isn't affected by bsc#1085209,
CVE-2018-1000127 to make the checker bots happy.
- update to 1.5.6 (bsc#1083903, CVE-2018-1000115):
* This update disables UDP by default to reduce DDoS amplification
attacks
* see https://github.com/memcached/memcached/wiki/ReleaseNotes156
* see https://github.com/memcached/memcached/wiki/ReleaseNotes155
* see https://github.com/memcached/memcached/wiki/ReleaseNotes154
* see https://github.com/memcached/memcached/wiki/ReleaseNotes153
* see https://github.com/memcached/memcached/wiki/ReleaseNotes152
* see https://github.com/memcached/memcached/wiki/ReleaseNotes151
* see https://github.com/memcached/memcached/wiki/ReleaseNotes150
- Replace references to /var/adm/fillup-templates with new
%_fillupdir macro (boo#1069468)
Changes in monasca-installer:
- Add 0001-kibana:-set-x-frame-options-header.patch (bsc#1171909,
CVE-2020-10743)
Changes in openstack-dashboard-theme-SUSE:
- Switch github URL from git@ to git:// to bypass authentication
Changes in openstack-manila:
- Add 0001-Fix-exportfs-u-usage-in-generic-driver.patch
Backported from upstream patch https://review.opendev.org/#/c/411631/
Related Bug (SOC-9801)
Changes in openstack-neutron-fwaas:
- Add 0050-Remove-tempest-shared-physical-network.patch (SOC-9801)
This tempest configuration option is not present in tempest, as
it was only added after the SOC7 release cut.
Changes in openstack-nova:
- Add 0001-live-mig-keep-disk-device-address-same.patch (bsc#1164316)
- Fix for https://bugs.launchpad.net/nova/+bug/1715569
Changes in openstack-tempest:
- Add 0001-Use-available-scheduler-filters.patch
Backported from upstream patch https://review.opendev.org/#/c/570207/
Related Bugs: SOC-9801,SOC-11174
- Add 0001-Remove-volume_feature_enabled.volume_services.patch
Backported from upstream patch https://review.opendev.org/#/c/438220/
Related Bug (SOC-9801)
Changes in python-cffi:
- Do not build python3 subpackages as C:OS:Newton does not support
it
- provide also python-cffi = 1.10.0 and 1.5.2 to avoid breaking the
cloud 7 and 8 requirements (bsc#948198)
- Update in SLE-12 (bsc#1138748, jsc#ECO-1256, jsc#PM-1598)
- Add dont-corrupt-memory.patch to fix boo#1111657 (originally
from https://bitbucket.org/cffi/cffi/commits/7a76a3815340)
- build python3 subpackage (FATE#324435, FATE#323875)
- Add patch cffi-loader.patch to fix bsc#1070737
- Sort out with spec-cleaner
- update to version 1.11.2:
* Fix Windows issue with managing the thread-state on CPython 3.0 to
3.5
- Update pytest in spec to add c directory tests in addition to
testing directory.
- Omit test_init_once_multithread tests as they rely on multiple
threads finishing in a given time. Returns sporadic pass/fail
within build.
- Update to 1.11.1:
* Fix tests, remove deprecated C API usage
* Fix (hack) for 3.6.0/3.6.1/3.6.2 giving incompatible binary
extensions (cpython issue #29943)
* Fix for 3.7.0a1+
- Update to 1.11.0:
* Support the modern standard types char16_t and char32_t. These
work like wchar_t: they represent one unicode character, or when
used as charN_t * or charN_t[] they represent a unicode string.
The difference with wchar_t is that they have a known, fixed
size. They should work at all places that used to work with
wchar_t (please report an issue if I missed something). Note
that with set_source(), you need to make sure that these types
are actually defined by the C source you provide (if used in
cdef()).
* Support the C99 types float _Complex and double _Complex. Note
that libffi doesn’t support them, which means that in the ABI
mode you still cannot call C functions that take complex
numbers directly as arguments or return type.
* Fixed a rare race condition when creating multiple FFI instances
from multiple threads. (Note that you aren’t meant to create
many FFI instances: in inline mode, you should write
ffi = cffi.FFI() at module level just after import cffi; and in
out-of-line mode you don’t instantiate FFI explicitly at all.)
* Windows: using callbacks can be messy because the CFFI internal
error messages show up to stderr—but stderr goes nowhere in many
applications. This makes it particularly hard to get started
with the embedding mode. (Once you get started, you can at least
use @ffi.def_extern(onerror=...) and send the error logs where
it makes sense for your application, or record them in log
files, and so on.) So what is new in CFFI is that now, on
Windows CFFI will try to open a non-modal MessageBox (in addition
to sending raw messages to stderr). The MessageBox is only
visible if the process stays alive: typically, console
applications that crash close immediately, but that is also the
situation where stderr should be visible anyway.
* Progress on support for callbacks in NetBSD.
* Functions returning booleans would in some case still return 0
or 1 instead of False or True. Fixed.
* ffi.gc() now takes an optional third parameter, which gives an
estimate of the size (in bytes) of the object. So far, this is
only used by PyPy, to make the next GC occur more quickly
(issue #320). In the future, this might have an effect on
CPython too (provided the CPython issue 31105 is addressed).
* Add a note to the documentation: the ABI mode gives function
objects that are slower to call than the API mode does. For
some reason it is often thought to be faster. It is not!
- Update to 1.10.1:
* Fixed the line numbers reported in case of cdef() errors. Also,
I just noticed, but pycparser always supported the preprocessor
directive # 42 'foo.h' to mean “from the next line, we’re in
file foo.h starting from line 42”, which it puts in the error
messages.
- update to 1.10.0:
* Issue #295: use calloc() directly instead of PyObject_Malloc()+memset()
to handle ffi.new() with a default allocator. Speeds up ffi.new(large-array)
where most of the time you never touch most of the array.
* Some OS/X build fixes (“only with Xcode but without CLT”).
* Improve a couple of error messages: when getting mismatched versions of
cffi and its backend; and when calling functions which cannot be called with
libffi because an argument is a struct that is “too complicated” (and not
a struct pointer, which always works).
* Add support for some unusual compilers (non-msvc, non-gcc, non-icc, non-clang)
* Implemented the remaining cases for ffi.from_buffer. Now all
buffer/memoryview objects can be passed. The one remaining check is against
passing unicode strings in Python 2. (They support the buffer interface, but
that gives the raw bytes behind the UTF16/UCS4 storage, which is most of the
times not what you expect. In Python 3 this has been fixed and the unicode
strings don’t support the memoryview interface any more.)
* The C type _Bool or bool now converts to a Python boolean when reading,
instead of the content of the byte as an integer. The potential
incompatibility here is what occurs if the byte contains a value different
from 0 and 1. Previously, it would just return it; with this change, CFFI
raises an exception in this case. But this case means “undefined behavior”
in C; if you really have to interface with a library relying on this,
don’t use bool in the CFFI side. Also, it is still valid to use a byte
string as initializer for a bool[], but now it must only contain \x00 or
\x01. As an aside, ffi.string() no longer works on bool[] (but it never made
much sense, as this function stops at the first zero).
* ffi.buffer is now the name of cffi’s buffer type, and ffi.buffer() works
like before but is the constructor of that type.
* ffi.addressof(lib, 'name') now works also in in-line mode, not only in
out-of-line mode. This is useful for taking the address of global variables.
* Issue #255: cdata objects of a primitive type (integers, floats, char) are
now compared and ordered by value. For example, <cdata 'int' 42> compares
equal to 42 and <cdata 'char' b'A'> compares equal to b'A'. Unlike C,
<cdata 'int' -1> does not compare equal to ffi.cast('unsigned int', -1): it
compares smaller, because -1 < 4294967295.
* PyPy: ffi.new() and ffi.new_allocator()() did not record “memory pressure”,
causing the GC to run too infrequently if you call ffi.new() very often
and/or with large arrays. Fixed in PyPy 5.7.
* Support in ffi.cdef() for numeric expressions with + or -. Assumes that
there is no overflow; it should be fixed first before we add more general
support for arbitrary arithmetic on constants.
- do not generate HTML documentation for packages that are indirect
dependencies of Sphinx
(see docs at https://cffi.readthedocs.org/ )
- update to 1.9.1
- Structs with variable-sized arrays as their last field: now we track the
length of the array after ffi.new() is called, just like we always tracked
the length of ffi.new('int[]', 42). This lets us detect out-of-range
accesses to array items. This also lets us display a better repr(), and
have the total size returned by ffi.sizeof() and ffi.buffer(). Previously
both functions would return a result based on the size of the declared
structure type, with an assumed empty array. (Thanks andrew for starting
this refactoring.)
- Add support in cdef()/set_source() for unspecified-length arrays in
typedefs: typedef int foo_t[...];. It was already supported for global
variables or structure fields.
- I turned in v1.8 a warning from cffi/model.py into an error: 'enum xxx' has
no values explicitly defined: refusing to guess which integer type it is
meant to be (unsigned/signed, int/long). Now I’m turning it back to a
warning again; it seems that guessing that the enum has size int is a
99%-safe bet. (But not 100%, so it stays as a warning.)
- Fix leaks in the code handling FILE * arguments. In CPython 3 there is a
remaining issue that is hard to fix: if you pass a Python file object to a
FILE * argument, then os.dup() is used and the new file descriptor is only
closed when the GC reclaims the Python file object—and not at the earlier
time when you call close(), which only closes the original file descriptor.
If this is an issue, you should avoid this automatic convertion of Python
file objects: instead, explicitly manipulate file descriptors and call
fdopen() from C (...via cffi).
- When passing a void * argument to a function with a different pointer type,
or vice-versa, the cast occurs automatically, like in C. The same occurs
for initialization with ffi.new() and a few other places. However, I
thought that char * had the same property—but I was mistaken. In C you get
the usual warning if you try to give a char * to a char ** argument, for
example. Sorry about the confusion. This has been fixed in CFFI by giving
for now a warning, too. It will turn into an error in a future version.
- Issue #283: fixed ffi.new() on structures/unions with nested anonymous
structures/unions, when there is at least one union in the mix. When
initialized with a list or a dict, it should now behave more closely like
the { } syntax does in GCC.
- CPython 3.x: experimental: the generated C extension modules now use the
“limited API”, which means that, as a compiled .so/.dll, it should work
directly on any version of CPython >= 3.2. The name produced by distutils
is still version-specific. To get the version-independent name, you can
rename it manually to NAME.abi3.so, or use the very recent setuptools 26.
- Added ffi.compile(debug=...), similar to python setup.py build --debug but
defaulting to True if we are running a debugging version of Python itself.
- Removed the restriction that ffi.from_buffer() cannot be used on byte
strings. Now you can get a char * out of a byte string, which is valid as
long as the string object is kept alive. (But don’t use it to modify the
string object! If you need this, use bytearray or other official
techniques.)
- PyPy 5.4 can now pass a byte string directly to a char * argument (in older
versions, a copy would be made). This used to be a CPython-only
optimization.
- ffi.gc(p, None) removes the destructor on an object previously created by
another call to ffi.gc()
- bool(ffi.cast('primitive type', x)) now returns False if the value is zero
(including -0.0), and True otherwise. Previously this would only return
False for cdata objects of a pointer type when the pointer is NULL.
- bytearrays: ffi.from_buffer(bytearray-object) is now supported. (The reason
it was not supported was that it was hard to do in PyPy, but it works since
PyPy 5.3.) To call a C function with a char * argument from a buffer
object—now including bytearrays—you write lib.foo(ffi.from_buffer(x)).
Additionally, this is now supported: p[0:length] = bytearray-object. The
problem with this was that a iterating over bytearrays gives numbers
instead of characters. (Now it is implemented with just a memcpy, of
course, not actually iterating over the characters.)
- C++: compiling the generated C code with C++ was supposed to work, but
failed if you make use the bool type (because that is rendered as the C
_Bool type, which doesn’t exist in C++).
- help(lib) and help(lib.myfunc) now give useful information, as well as
dir(p) where p is a struct or pointer-to-struct.
- drop upstreamed python-cffi-avoid-bitshifting-negative-int.patch
- update for multipython build
- Add python-cffi-avoid-bitshifting-negative-int.patch to actually
fix the 'negative left shift' warning by replacing bitshifting
in appropriate places by bitwise and comparison to self; patch
taken from upstream git. Drop cffi-1.5.2-wnoerror.patch: no
longer required.
- disable 'negative left shift' warning in test suite to prevent
failures with gcc6, until upstream fixes the undefined code
in question (boo#981848, cffi-1.5.2-wnoerror.patch)
- Update to version 1.6.0:
* ffi.list_types()
* ffi.unpack()
* extern “Python+C”
* in API mode, lib.foo.__doc__ contains the C signature now.
* Yet another attempt at robustness of ffi.def_extern() against
CPython’s interpreter shutdown logic.
Changes in python-pylons-sphinx-themes:
- moved LICENSE.txt to docs to match old structure
- specfile:
* update copyright year
- update to version 1.0.11:
* Fix the width of linenos table column when used in code-blocks.
- Replace %fdupes -s with plain %fdupes; hardlinks are better.
- Update to version 1.0.10 (2018-09-25)
+ Add Read the Docs to the recipients of ad revenue.
- Update to version 1.0.9 (2018-09-23)
+ Remove hyphenation because it sometimes hyphenates
inappropriately, such as in code.
- Update to version 1.0.8 (2018-09-21)
+ Fix support for Ethical Ads.
- Update to version 1.0.7 (2018-09-21)
+ Added support for Ethical Ads for Read The Docs.
See https://github.com/Pylons/pylons-sphinx-themes/pull/12
- Remove superfluous devel dependency for noarch package
- Update to version 1.0.6
* Update zest.releaser in order to release to PyPI.
- Update to version 1.0.5
* Clean up licensing
https://github.com/Pylons/pylons-sphinx-themes/issues/8
- Provide/obsolete old pylons_sphinx_theme
- Update to version 1.0.4
* Specify line spacing for list items for only within the
.body class.
version 1.0.3
* Add line spacing for list items. Closes #4.
version 1.0.2:
* Remove HTTPS protocol to allow either HTTPS or HTTP.
version 1.0.1:
* Use HTTPS for protocol of stylesheets.
version 1.0:
* Use zest.releaser for releasing.
* Improve documentation.
- Converted to single-spec
- version 0.3.1: initial build
Changes in python-Django:
- Fix merge artifact in CVE-2020-13596.patch
- Add CVE-2019-19844.patch (bsc#1159447, CVE-2019-19844)
* Fix Potential account hijack via password reset form
- Security fixes (bsc#1172167, bsc#1172166, CVE-2020-13254, CVE-2020-13596)
* Added patch CVE-2020-13254.patch
* Added patch CVE-2020-13596.patch
- Set _defaultlicensedir
- Fix for SG#56542, bsc#1161349:
* Fixed CVE-2019-3498-Fixed-content-spoof.patch
- Fix for SG#56542, bsc#1161349:
* Fixed CVE-2019-3498-Fixed-content-spoof.patch
(There was a bug in this .patch file; some code had been
accidentally included in the backport, and this stopped the 404
page from loading. See commit message and bug report for more
information)
Changes in python-Pillow:
- Remove decompression_bomb.gif and relevant test case to avoid
ClamAV scan alerts during build
- Add 0008-Corrected-negative-seeks.patch
* From upstream, backported
* Fixes part of CVE-2019-16865, bsc#1153191
- Add 0009-Make-Image.crop-an-immediate-operation.patch
* From upstream, backported
* Fixes https://github.com/python-pillow/Pillow/issues/1077
* Used by 0012-Added-decompression-bomb-checks.patch
- Add 0010-Crop-decompression.patch
* From upstream, backported
* Fixes https://github.com/python-pillow/Pillow/issues/2402
* Used by 0012-Added-decompression-bomb-checks.patch
- Add 0011-Added-DecompressionBombError.patch
* From upstream, backported
* Adds DecompressionBombError class
* Used by 0012-Added-decompression-bomb-checks.patch
- Add 0012-Added-decompression-bomb-checks.patch
* From upstream, backported
* Fixes part of CVE-2019-16865, bsc#1153191
- Add 0013-Raise-error-if-dimension-is-a-string.patch
* From upstream, backported
* Fixes part of CVE-2019-16865, bsc#1153191
- Add 0014-Catch-buffer-overruns.patch
* From upstream, backported
* Fixes part of CVE-2019-16865, bsc#1153191
- Add 0015-Catch-PCX-P-mode-buffer-overrun.patch
* From upstream, backported
* Fixes CVE-2020-5312, bsc#1160152
- Add 0016-Ensure-previous-FLI-frame-is-loaded.patch
* From upstream, backported
* Fixes https://github.com/python-pillow/Pillow/issues/2649
* Uncovers CVE-2020-5313, bsc#1160153
- Add 0017-Catch-FLI-buffer-overrun.patch
* From upstream, backported
* Fixes CVE-2020-5313, bsc#1160153
- Add 018-Invalid-number-of-bands-in-FPX-image.patch
* From upstream, backported
* Fixes CVE-2019-19911, bsc#1160192
Changes in python-psql2mysql:
- Update to version 0.5.0+git.1589351878.4ef877c:
* Do not fail on instance_info length, it is expected to be LONGTEXT
- Update to version 0.5.0+git.1582192453.98e9561:
* Neutron drivers use own naming for alembic migrations, e.g. cisco_alembic_version, aci_alembic_version, etc depending on driver.
Changes in python-psutil:
- Add bsc1156525-CVE-2019-18874.patch (bsc#1156525, CVE-2019-18874)
Changes in python-py:
- update to version 1.5.2
-----------------------------------------------------------------
- update to version 1.4.33
Changes in python-py:
- update to version 1.5.2:
* fix #169, #170: error importing py.log on Windows: no module named
'syslog'.
- changes from version 1.5.1:
* fix #167 - prevent pip from installing py in unsupported Python
versions.
- changes from version 1.5.0:
* python 2.6 and 3.3 are no longer supported
* deprecate py.std and remove all internal uses
* fix #73 turn py.error into an actual module
* path join to / no longer produces leading double slashes
* fix #82 - remove unsupportable aliases
* fix python37 compatibility of path.sysfind on windows by correctly
replacing vars
* turn iniconfig and apipkg into vendored packages and ease
de-vendoring for distributions
* fix #68 remove invalid py.test.ensuretemp references
* fix #25 - deprecate path.listdir(sort=callable)
* add TerminalWriter.chars_on_current_line read-only property that
tracks how many characters have been written to the current line.
- changes from version 1.4.34
* fix issue119 / pytest issue708 where tmpdir may fail to make
numbered directories when the filesystem is case-insensitive.
- update to version 1.4.33:
* avoid imports in calls to py.path.local().fnmatch(). Thanks
Andreas Pelme for the PR.
* fix issue106: Naive unicode encoding when calling fspath() in
python2. Thanks Tiago Nobrega for the PR.
* fix issue110: unittest.TestCase.assertWarns fails with py
imported.
- changes from version 1.4.32
* fix issue70: aded ability to copy all stat info in
py.path.local.copy.
* make TerminalWriter.fullwidth a property. This results in the
correct value when the terminal gets resized.
* update supported html tags to include recent additions.
Thanks Denis Afonso for the PR.
* Remove internal code in ``Source.compile`` meant to support
earlier Python 3 versions that produced the side effect
of leaving ``None`` in ``sys.modules`` when called (see
pytest-dev/pytest#2103). Thanks Bruno Oliveira for the PR.
Changes in python-pysaml2:
- Add 0001-Always-generate-a-random-IV-for-AES-operations.patch
(CVE-2017-1000246, bsc#1068612)
- Add 0001-Fix-XML-Signature-Wrapping-XSW-vulnerabilities.patch
(CVE-2020-5390, bsc#1160851)
Changes in python-waitress:
- update to 1.4.3 to include fixes for:
* CVE-2019-16785 / bsc#1161088
* CVE-2019-16786 / bsc#1161089
* CVE-2019-16789 / bsc#1160790
* CVE-2019-16792 / bsc#1161670
- moved LICENSE.txt to docs to match old structure
- make sure UTF8 locale is used when runnning tests
* Sometimes functional tests executed in python3 failed if stdout was not
set to UTF-8. The error message was:
ValueError: underlying buffer has been detached
- %python3_only -> %python_alternative
- update to 1.4.3
* Waitress did not properly validate that the HTTP headers it received
were properly formed, thereby potentially allowing a front-end server
to treat a request different from Waitress. This could lead to HTTP
request smuggling/splitting.
- drop patch local-intersphinx-inventories.patch
* it was commented out, anyway
- update to 1.4.0:
- Waitress used to slam the door shut on HTTP pipelined requests without
setting the ``Connection: close`` header as appropriate in the response. This
is of course not very friendly. Waitress now explicitly sets the header when
responding with an internally generated error such as 400 Bad Request or 500
Internal Server Error to notify the remote client that it will be closing the
connection after the response is sent.
- Waitress no longer allows any spaces to exist between the header field-name
and the colon. While waitress did not strip the space and thereby was not
vulnerable to any potential header field-name confusion, it should have sent
back a 400 Bad Request. See https://github.com/Pylons/waitress/issues/273
- CRLR handling Security fixes
- update to 1.3.1
* Waitress won’t accidentally throw away part of the path if it
starts with a double slash
- version update to 1.3.0
Deprecations
~~~~~~~~~~~~
- The ``send_bytes`` adjustment now defaults to ``1`` and is deprecated
pending removal in a future release.
and https://github.com/Pylons/waitress/pull/246
Features
~~~~~~~~
- Add a new ``outbuf_high_watermark`` adjustment which is used to apply
backpressure on the ``app_iter`` to avoid letting it spin faster than data
can be written to the socket. This stabilizes responses that iterate quickly
with a lot of data.
See https://github.com/Pylons/waitress/pull/242
- Stop early and close the ``app_iter`` when attempting to write to a closed
socket due to a client disconnect. This should notify a long-lived streaming
response when a client hangs up.
See https://github.com/Pylons/waitress/pull/238
and https://github.com/Pylons/waitress/pull/240
and https://github.com/Pylons/waitress/pull/241
- Adjust the flush to output ``SO_SNDBUF`` bytes instead of whatever was
set in the ``send_bytes`` adjustment. ``send_bytes`` now only controls how
much waitress will buffer internally before flushing to the kernel, whereas
previously it used to also throttle how much data was sent to the kernel.
This change enables a streaming ``app_iter`` containing small chunks to
still be flushed efficiently.
See https://github.com/Pylons/waitress/pull/246
Bugfixes
~~~~~~~~
- Upon receiving a request that does not include HTTP/1.0 or HTTP/1.1 we will
no longer set the version to the string value 'None'. See
https://github.com/Pylons/waitress/pull/252 and
https://github.com/Pylons/waitress/issues/110
- When a client closes a socket unexpectedly there was potential for memory
leaks in which data was written to the buffers after they were closed,
causing them to reopen.
See https://github.com/Pylons/waitress/pull/239
- Fix the queue depth warnings to only show when all threads are busy.
See https://github.com/Pylons/waitress/pull/243
and https://github.com/Pylons/waitress/pull/247
- Trigger the ``app_iter`` to close as part of shutdown. This will only be
noticeable for users of the internal server api. In more typical operations
the server will die before benefiting from these changes.
See https://github.com/Pylons/waitress/pull/245
- Fix a bug in which a streaming ``app_iter`` may never cleanup data that has
already been sent. This would cause buffers in waitress to grow without
bounds. These buffers now properly rotate and release their data.
See https://github.com/Pylons/waitress/pull/242
- Fix a bug in which non-seekable subclasses of ``io.IOBase`` would trigger
an exception when passed to the ``wsgi.file_wrapper`` callback.
See https://github.com/Pylons/waitress/pull/249
- Trim marketing wording and other platform mentions.
- Add fetch-intersphinx-inventories.sh to sources
- Add local-intersphinx-inventories.patch for generating the docs
correctly
- update to version 1.2.1:
too many changes to list here, see:
https://github.com/Pylons/waitress/blob/master/CHANGES.txt
or even:
https://github.com/Pylons/waitress/commits/master
- Remove superfluous devel dependency for noarch package
- update to version 1.1.0:
* Features
+ Waitress now has a __main__ and thus may be called with 'python
-mwaitress'
* Bugfixes
+ Waitress no longer allows lowercase HTTP verbs. This change was
made to fall in line with most HTTP servers. See
https://github.com/Pylons/waitress/pull/170
+ When receiving non-ascii bytes in the request URL, waitress will
no longer abruptly close the connection, instead returning a 400
Bad Request. See https://github.com/Pylons/waitress/pull/162 and
https://github.com/Pylons/waitress/issues/64
- Update to 1.0.2
* Python 3.6 is now officially supported in Waitress
* Add a work-around for libc issue on Linux not following the
documented standards. If getnameinfo() fails because of DNS not
being available it should return the IP address instead of the
reverse DNS entry, however instead getnameinfo() raises. We
catch this, and ask getnameinfo() for the same information
again, explicitly asking for IP address instead of reverse
DNS hostname.
- Implement single-spec version.
- Fix source URL.
- update to 1.0.1:
- IPv6 support on Windows was broken due to missing constants in the socket
module. This has been resolved by setting the constants on Windows if they
are missing. See https://github.com/Pylons/waitress/issues/138
- A ValueError was raised on Windows when passing a string for the port, on
Windows in Python 2 using service names instead of port numbers doesn't work
with `getaddrinfo`. This has been resolved by attempting to convert the port
number to an integer, if that fails a ValueError will be raised. See
https://github.com/Pylons/waitress/issues/139
- Removed `AI_ADDRCONFIG` from the call to `getaddrinfo`, this resolves an
issue whereby `getaddrinfo` wouldn't return any addresses to `bind` to on
hosts where there is no internet connection but localhost is requested to be
bound to. See https://github.com/Pylons/waitress/issues/131 for more
information.
- disable tests. need network access.
Changes in rabbitmq-server:
- Apply patches to resolve CVE-2017-4967,CVE-2017-4965 (bsc#1037777)
0001-Escape-HTML-tags-in-policy-definition-fields.patch
0002-Don-t-echo-provided-encoding-value-back.patch
0003-Strip-off-pids-and-format-consumer-details-for-2-end.patch
0004-Format-Web-contexts.patch
Changes in release-notes-suse-openstack-cloud:
- Switch github URL from git@ to https:// to bypass authentication
Changes in rubygem-activeresource:
- Add bsc#1171560-CVE-2020-8151-encode-id-param.patch
Prevent possible information disclosure issue that could allow
an attacker to create specially crafted requests to access data
in an unexpected way (bsc#1171560 CVE-2020-8151))
Changes in rubygem-crowbar-client:
- Update to 3.9.2
- Enable SES commands in Cloud8 (SOC-11122)
Changes in rubygem-json-1_7:
- Add CVE-2020-10663.patch (CVE-2020-10663, bsc#1167244)
Changes in rubygem-puma:
- Fix indentation in gem2rpm.yml
- Add CVE-2020-11077.patch (bsc#1172175, CVE-2020-11077)
- Add chunked-request-handling.patch (needed for CVE-2020-11076.patch)
- Add CVE-2020-11076.patch (bsc#1172176, CVE-2020-11076)
- Add all patches to gem2rpm.yml
- Add CVE-2020-5247.patch (bsc#1165402)
'Fixes a problem where we were not splitting newlines in headers
according to Rack spec'
The patch is reduced compared to the upstream version, which was
patching also the parts that are not implemented in our old Puma
version. This applies to unit test as well.
Changes in zookeeper:
- Apply 0002-Apply-patch-to-resolve-CVE-2019-0201.patch
This applies the patch for ZOOKEEPER-1392 to resolve CVE-2019-0201
Should not allow to read ACL when not authorized to read node
(bsc#1135773)
- Various cleanups in spec file
Patchnames
SUSE-2020-2072,SUSE-OpenStack-Cloud-7-2020-2072
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "low", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Security update for ansible, crowbar-core, crowbar-ha, crowbar-openstack, etcd, flannel, grafana, keepalived, kibana, memcached, monasca-installer, openstack-dashboard-theme-SUSE, openstack-manila, openstack-neutron-fwaas, openstack-nova, openstack-tempest, python-Django, python-Pillow, python-psql2mysql, python-psutil, python-py, python-pysaml2, python-waitress, rabbitmq-server, release-notes-suse-openstack-cloud, zookeeper", title: "Title of the patch", }, { category: "description", text: "This update for ansible, crowbar-core, crowbar-ha, crowbar-openstack, etcd, flannel, grafana, keepalived, kibana, memcached, monasca-installer, openstack-dashboard-theme-SUSE, openstack-manila, openstack-neutron-fwaas, openstack-nova, openstack-tempest, python-Django, python-Pillow, python-psql2mysql, python-psutil, python-py, python-pysaml2, python-waitress, rabbitmq-server, release-notes-suse-openstack-cloud, zookeeper fixes the following issues:\n\nSecurity fixes included ins this update:\n\nansible\n- CVE-2019-3828: Fixed a path traversal in the fetch module (bsc#1126503).\n\ngrafana\n- CVE-2020-13379: Fixed an incorrect access control issue which could\nlead to information leaks or denial of service (bsc#1172409).\n- CVE-2020-12052: Fixed an cross site scripting vulnerability related to\nthe annotation popup (bsc#1170657).\n\nkibana\n- CVE-2020-10743: Fixed a clickjacking vulnerability (bsc#1171909).\n\nmemcached (to version 1.5.17)\n- CVE-2019-15026: Fixed a stack-based buffer over-read\nin conn_to_str()n (bsc#1149110).\n- CVE-2019-11596: Fixed a denial of service in the 'lru' command\n(bsc#1133817)\n- CVE-2018-1000115: Disabled UDP by default to reduce DDoS amplification\nattacks (bsc#1083903).\n\npython-Django\n- CVE-2020-13254: Fixed a data leakage via malformed memcached keys\n(bsc#1172167).\n- CVE-2020-13596: Fixed a cross site scripting vulnerability related to\nthe admin parameters of the ForeignKeyRawIdWidget (bsc#1172166).\n- Fixed a regression with the fix for CVE-2019-3498 (bsc#1161349).\n\npython-Pillow\n- CVE-2019-16865: Fixed a denial of service with specially crafted\nimage files (bsc#1153191).\n- CVE-2020-5312: Fixed a buffer overflow in the PCX P mode (bsc#1160152).\n- CVE-2020-5313: Fixed a buffer overflow related to FLI (bsc#1160153).\n- CVE-2019-19911: Fixed a denial of service in FpxImagePlugin.py\n(bsc#1160192).\n\npython-pysaml2\n- CVE-2020-5390: Fixed an issue with the verification of signatures in\nSAML documents (bsc#1160851)\n- CVE-2017-1000246: Fixed an issue with weak encryption data, caused by\ninitialization vector reuse(bsc#1068612).\n\npython-waitress (to version 1.4.3)\n- CVE-2019-16785: Fixed HTTP request smuggling through LF vs CRLF\nhandling (bsc#1161088).\n- CVE-2019-16786: Fixed HTTP request smuggling through invalid\nTransfer-Encoding (bsc#1161089).\n- CVE-2019-16789: Fixed HTTP Request Smuggling through invalid\nwhitespace characters (bsc#1160790).\n- CVE-2019-16792: Fixed HTTP Request Smuggling through Content-Length\nheader handling (bsc#1161670).\n\nrubygem-activeresource\n- CVE-2020-8151: Fixed information disclosure issue through specially\ncrafted requests (bsc#1171560)\n\nrubygem-json-1_7\n- CVE-2020-10663: Fixed Unsafe Object Creation Vulnerability in JSON\n(bsc#1167244)\n\nrubygem-puma\n- CVE-2020-11077: Fixed HTTP Request Smuggling through proxy (bsc#1172175)\n- CVE-2020-11076: Fixed HTTP Request smuggling through invalid\nTransfer-Encoding header.\n- CVE-2020-5247: Fixed HTTP Response Splitting through newline characters\nhandling (bsc#1165402)\n\nzookeeper:\n- CVE-2019-0201: Fixed an information disclosure related to\ngetACL() (bsc#1135773).\n\nNon security fixes included in this update:\n\nChanges in ansible:\n- Add 0001-Disallow-use-of-remote-home-directories-containing-..patch\n (bsc#1126503, CVE-2019-3828)\n\nChanges in crowbar-core:\n- Update to version 4.0+git.1580209654.1d112d31f:\n * network: start OVS before wickedd (SOC-11067)\n\nChanges in crowbar-ha:\n- Update to version 4.0+git.1585316203.d6ad2c8:\n * [4.0] add ssl termination on haproxy (bsc#1149535)\n\nChanges in crowbar-openstack:\n- Update to version 4.0+git.1589804581.9972163f0:\n * [4.0] magnum: fix check for image/flavor (SOC-11251)\n\n- Update to version 4.0+git.1589647351.ccfd9481f:\n * [4.0] trove: fix rabbitmq connection URL (SOC-11286)\n\n- Update to version 4.0+git.1589458214.9f765aa08:\n * [4.0] Fix create magnum k8s image and flavor (SOC-11251)\n\n- Update to version 4.0+git.1588271860.131fc8cc1:\n * run keystone_register on cluster founder only when HA (SOC-11248)\n * nova: run keystone_register on cluster founder only (SOC-11243)\n\n- Update to version 4.0+git.1588096523.679da5c50:\n * tempest: retry openstack commands (SOC-11238)\n\n- Update to version 4.0+git.1587129016.c009e43c9:\n * Disable magnum.tests.functional.api.v1.test_cluster (SOC-11224)\n\n- Update to version 4.0+git.1587035427.abb6e9b4e:\n * Fix barbican SSL support (SOC-9298)\n\n- Update to version 4.0+git.1586421486.5601320b7:\n * Fix magnum tempest tests (SOC-9298)\n\n- Update to version 4.0+git.1585331022.609482166:\n * tempest: update blacklisted tempest test cases (SOC-9801,SOC-11174,SOC-11187)\n\n- Update to version 4.0+git.1585136604.988f3a1da:\n * Disabling failing tempest tests on SOC7\n * [4.0] ec2-api: run keystone_register on cluster founder only (SOC-11079)\n\n- Update to version 4.0+git.1582582068.c8c2448c0:\n * neutron: Place space between CLI arguments\n\n- Update to version 4.0+git.1580894959.1fe5fd282:\n * Revert '[4.0] rabbitmq: sync startup definitions.json with recipe' (SOC-11082)\n\n- Update to version 4.0+git.1580469474.967ab8baf:\n * rabbitmq: sync startup definitions.json with recipe (SOC-11077)\n\nChanges in etcd:\n- Build against go 1.6\n\n- Fix etcd build. We are generating 2 binaries, etcd and etcdctl.\n They need to be built separately \n\n- Ensure /var/lib/etcd is controlled by etcd:etcd\n\n- exclude i586. We don't expect this package to be built on i586. \n\n- remove sysconfig.etcd: this file is not being used \n\n- Update to version 3.1.0:\n * raft: add node should reset the pendingConf state\n * v3rpc: don't close watcher if client closes send\n * e2e: add test for v3 watch over grpc gateway\n * mvcc: remove unused restore method\n * integration: don't expect recv to stop on CloseSend in waitResponse\n * Documentation: add grpc gateway watch example\n * version: bump up v3.1.0-rc.1+git\n * discovery: warn on scheme mismatch\n * grpcproxy: fix deadlock on watch broadcasts stop\n * etcdmain: add '/metrics' HTTP/1 path to grpc-proxy\n * etcd-tester: do not resolve localhost\n * raftexample: confState should be saved after apply\n * raft: test case to check the duplicate add node propose\n * raft: fix test case, should wait config propose applied\n * raft: fix test case for data race\n * raft: use the channel instead of sleep to make test case reliable\n * raft: fix TestNodeProposeAddDuplicateNode\n * etcdmain: handle TLS in grpc-proxy listener\n * etcd-tester:limit max retry backoff delay\n * functional-tester: add withBlock() to grpc dial\n * op-guide: add notes about Prometheus data source in Grafana\n * clientv3: return copy of endpoints, not pointer\n * auth: add a timeout mechanism to simple token\n * client: update README about health monitoring\n * grpcproxy: fix race between watch ranges delete() and broadcasts empty()\n * lease: Use monotonic time in lease\n * integration: use Range to wait for reboot in quota tests\n * grpcproxy: fix race between coalesce and bcast on nextrev\n * etcd-tester: refactor lease checker\n * store: check sorted order in TestStoreGetSorted\n * vendor: bump go-systemd to v14 to avoid build error\n * integration: cancel Watch when TestV3WatchWithPrevKV exits\n * grpcproxy: add richer metrics for watch\n * grpcproxy: add cache related metrics\n * raft: Fix election 'logs converge' test\n * raft: Export Progress.IsPaused\n * benchmark: add rate limit\n * etcdctl: remove GetUser check before mutable commands\n * grpcproxy: lock store when getting size\n * Documentation: link added to libraries-and-tools.md with a new v2 Scala Client\n * grpcproxy: fix deadlock in watchbroadcast\n * etcdserver: time out when readStateC is blocking\n * store: fix store_test.go comments\n * vendor: update ugorji/go\n * client: update generated ugorji codec\n * doc: initial faq\n * clientv3/integration: test lease keepalive works following quorum loss\n * integration: use RequireLeader for TestV3LeaseFailover\n * v3rpc, etcdserver, leasehttp: ctxize Renew with request timeout\n * Documentation: add blox and chain as users\n * etcdserver: do not send v2 sync if ttl keys do not exist\n * ROADMAP: update for 3.2\n * Documentation: add more FAQ questions\n * grpcproxy: fix minor typo\n * vendor: use versions when possible in glide.yaml\n * scripts: use glide update if repo exists in glide.lock\n * github: make bug reporting link non-relative\n * github: make contribution link non-relative\n * Documentation: update get examples to be clearer about ranges\n * etcdserver, embed, v2http: move pprof setup to embed\n * doc: add faq about apply warning logging\n * test: exclude '_home' for gosimple, unused\n * auth: fix gosimple errors\n * integration: simplify boolean comparison in resp.Created\n * raft: simplify boolean comparison, remove unused\n * tools: simplify boolean comparison, remove unused\n * e2e: remove unused 'ctlV3GetFailPerm'\n * v3rpc: remove unused 'splitMethodName' function\n * grpcproxy: remove unused field 'wbs *watchBroadcasts'\n * doc: add faq about missing heartbeat\n * etcdctl: 'fields' output formats\n * build: remove dir use -r flag\n * etcd-tester: add 'enable-pprof' option\n * etcd-tester: cancel lease stream; fix OOM panic\n * doc: add hardware section\n * auth: improve 'removeSubsetRangePerms' to O(n)\n * Documentation: use port 2379 in local cluster guide The port in endpoints should be 2379, instead of 12379.\n * op-guide/clustering: fix typo\n * embed: deep copy user handlers\n * Documentation: add more FAQs (follower, leader, sys-require)\n * clientv3: close Lease on client Close\n * netutil: ctx-ize URLStringsEqual\n * etcdserver: retry for 30s on advertise url check\n * membership: retry for 30s on advertise url check\n * clientv3: return error from KeepAlive if corresponding loop exits\n * clientv3: add test for keep alive loop exit case\n * auth, etcdserver: protect membership change operations with auth\n * e2e: test cases of protecting membership change with auth\n * clientv3: better error message for keep alive loop halt\n * Documentation: FAQ entry for cluster ID mismatches\n * dev-guide: add limit.md\n * Documentation: minor fix nodes -> node\n * etcdctl: warn when backend takes too long to open on migrate\n * docs: explicitly set ETCDCTL_API=3 in recovery.md\n * v3api, rpctypes: add ErrTimeoutDueToConnectionLost\n * clientv3/integration: test lease grant/keepalive with/without failures\n * clientv3: don't reset keepalive stream on grant failure\n * etcdctl: tighten up output, reorganize README.md\n * Documentation: add FAQs on membership operation\n * Documentation: add 'why.md'\n * embed: only override default advertised client URL if the client listen URL is 0.0.0.0\n * raft: make memory storage set method thread safe\n * raft: resume paused followers on receipt of MsgHeartbeatResp\n * etcd-tester: fix typo, add endpoint in logs\n * lease: force leader to apply its pending committed index for lease operations\n * leasehttp: buffer error channel to prevent goroutine leak\n * raft: fix pre-vote tests\n * etcdserver: rework update committed index logic\n * etcd-tester: remove unused err var from maxRev\n * e2e: check etcdctl endpoint health is healthy if denied permission to key\n * benchmark: a new option for configuring dial timeout\n * ctlv3: consider permission denied error to be healthy for endpoints\n * etcdmain: add --metrics flag for exposing histogram metrics\n * e2e: test cluster-health\n * v2http: submit QGET in health endpoint if no progress\n * test: bump grpcproxy pass timeout to 15m\n * lease: use atomics for accessing lease expiry\n * e2e: poll '/version' in release upgrade tests\n * e2e: unset ETCDCTL_API env var before running u2e tests\n * etcdserver: consistent naming in raftReadyHandler\n * coverage: rework code coverage for unit and integration tests\n * testutil: whitelist thread created by go cover\n * rafthttp: bump up timeout in pipeline test\n * grpcproxy, etcdmain, integration: return done channel with WatchServer\n * integration: defer clus.Terminate in watch tests\n * raftexample: load snapshot when opening WAL\n * etcd-runner: make command compliant\n * raft: use status to test node stop\n * etcdserver: expose ErrNotEnoughStartedMembers\n * etcdserver: resume compactor only if leader\n * benchmark: enable grpc error logging on stderr\n * etcd-runner:add flags in watcher for hardcoded values\n * docs: fix recovery example in recovery.md\n * auth: use quorum get for GetUser/GetRole for mutable operations\n * grpcproxy: tear down watch when client context is done\n * integration: use only digits in unix ports\n * e2e: dump stack on ctlTest timeout\n * expect: EXPECT_DEBUG environment variable\n * why: add origin of the term etcd\n * testutil: increase size of buffer for stack dump\n * raft: fix test case for #7042\n * vendor: update ugorji/go\n * integration: add grpc auth testing\n * auth: reject empty user name when checking op permissions\n * etcdctl: create root role on auth enable if it does not yet exist\n * raft: add RawNode test case for #6866\n * pkg/report: support 99.9-percentile, change column name\n * documentation: display docs.md in github browser\n * benchmark: option to rate limit range benchmark\n * etcdserver, clientv3: handle a case of expired auth token\n * tools: Add etcd 3.0 load test tool refernece\n * transport: warn on user-provided CA\n * NEWS: add v3.1.0, v3.0.16 + minor fixes\n * clienv3: fix balancer test logic\n * clientv3: don't reset stream on keepaliveonce or revoke failure\n * grpcproxy: use ccache for key cache\n * vendor: remove groupcache, add ccache\n * pkg/report: add 'Stats' to expose report raw data\n * travis: use Go 1.7.4, drop old env var\n * ctlv3: print cluster info after adding new member\n * Documentation: document upgrading to v3.1\n * pkg/report: add nil checking for getTimeSeries\n * etcdserver: use ReqTimeout for linearized read\n * grpcproxy, etcdmain, integration: add close channel to kv proxy\n * glide: update 'golang.org/x/net'\n * vendor: update 'golang.org/x/net'\n * Documentation: update experimental_apis for v3.1 release\n * NEWS: fix date for v3.1 release\n * Documentation: fix typo s/endpoint-health/endpoint health/\n * clientv3/concurrency: fix rev comparison on concurrent key deletion\n * integration: test STM apply on concurrent deletion\n * pkg/flags: fixed prefix checking of the env variables\n * etcdctlv3: snapshot restore works with lease key\n * test: passed the test script arguments as the test function parameters\n * documentation: update build documentation\n * version: bump to v3.1.0\n\n- Update to version 3.1.0rc.1:\n * grpcproxy: watch next revision should be start revision when not 0\n * grpcproxy: copy range request before storing in cache\n * raft: return empty status if node is stopped\n * mvcc: store.restore taking too long triggering snapshot cycle fix\n * mvcc: TestStoreRestore fix\n * mvcc : Added benchmark for store.resotre\n * pkg/netutil: get default interface for tc commands\n * version: bump up v3.1.0-rc.1\n\nChanges in grafana:\n- Add CVE-2020-13379.patch\n * Security: fix unauthorized avatar proxying (bsc#1172409, CVE-2020-13379)\n- Refresh systemd-notification.patch\n- Fix declaration for LICENSE\n\n- Add 0002-CVE-2020-12052-bsc1170657-XSS-annotation-popup-vulnerability.patch \n * Security: Fix annotation popup XSS vulnerability \n (bsc#1170657) \n\n- Add CVE-2019-15043.patch (SOC-10357, CVE-2019-15043, bsc#1148383)\nChanges in keepalived:\n- update to 2.0.19\n- new BR pkgconfig(libnftnl) to fix nftables support\n- add nftables to the BR\n- added patch\n * linux-4.15.patch\n- add buildrequires for file-devel\n - used in the checker to verify scripts\n- enable json stats and config dump support\n new BR: pkgconfig(json-c)\n- enable http regexp support: new BR pcre2-devel\n- disable dbus instance creation support as it is marked as\n dangerous\n- Add BFD build option to keepalived.spec rpm file\n Issue #1114 identified that the keepalived.spec file was not being\n generated to build BFD support even if keepalived had been\n configured to support it.\n- full changelog\n https://keepalived.org/changelog.html\n\n- update to 1.4.5:\n * Update snapcraft.yaml for 1.4.x+git\n * Fix generation of git-commit.h with git commit number.\n * Set virtual server address family correctly.\n * Set virtual server address family correctly when using tunnelled\n real servers.\n * Fix handling of virtual servers with no real servers at config time.\n * Add warning if virtual and real servers are different address families.\n Although normally the virtual server and real servers must have the\n same address family, if a real server is tunnelled, the address families\n can be different. However, the kernel didn't support that until 3.18,\n so add a check that the address families are the same if different\n address families are not supported by the kernel.\n * Send correct status in Dbus VrrpStatusChange notification.\n When an instance transitioned from BACKUP to FAULT, the Dbus\n status change message reported the old status (BACKUP) rather than\n the new status (FAULT). This commit attempts to resolved that.\n * doc: ipvs schedulers update\n * Fix a couple of typos in configure.ac.\n * Fix namespace collision with musl if_ether.h.\n * Check if return value from read_value_block() is null before using.\n * Fix reporting real server stats via SNMP.\n * Make checker process handle RTM_NEWLINK messages with -a option\n Even though the checker process doesn't subscribe to RTNLGRP_LINK\n messages, it appears that older kernels (certainly 2.6.32) can\n send RTM_NEWLINK (but not RTM_DELLINK) messages. This occurs\n when the link is set to up state.\n Only the VRRP process is interested in link messages, and so the\n checker process doesn't do the necessary initialisation to be able\n to handle RTM_NEWLINK messages.\n This commit makes the checker process simply discard RTM_NEWLINK\n and RTM_DELLINK messages, rather than assuming that if it receives\n an RTM_NEWLINK message it must be the VRRP process.\n This problem was reported in issue #848 since the checker process\n was segfaulting when a new interface was added when the -a command\n line option was specified.\n * Fix handling RTM_NEWLINK when building without VRRP code.\n * Fix building on Fedora 28.\n net-snmp-config output can include compiler and linker flags that\n refer to spec files that were used to build net-snmp but may not\n exist on the system building keepalived. That would cause the build\n done by configure to test for net-snmp support to fail; in particular\n on a Fedora 28 system that doesn't have the redhat-rpm-config package\n installed.\n This commit checks that any spec files in the compiler and linker\n flags returned by net-snmp-config exist on the system building\n keepalived, and if not it removes the reference(s) to the spec file(s).\n * keepalived-1.4.3 released.\n * vrrp: setting '0' as default value for ifa_flags to make gcc happy.\n * Add additional libraries when testing for presence of SSL_CTX_new().\n It appears that some systems need -lcrypto when linking with -lssl.\n * Sanitise checking of libnl3 in configure.ac.\n * Report and handle missing '}'s in config files.\n * Add missing '\\n' in keepalived.data output.\n * Stop backup taking over as master while master reloads.\n If a reload was initiated just before an advert, and since it took\n one advert interval after a reload before an advert was sent, if the\n reload itself took more than one advert interval, the backup could\n time out and take over as master.\n This commit makes keepalived send adverts for all instances that are\n master immediately before a reload, and also sends adverts immediately\n after a reload, thereby trippling the time available for the reload\n to complete.\n * Add route option fastopen_no_cookie and rule option l3mdev.\n * Fix errors in KEEPALIVED-MIB.txt.\n * Simplify setting on IN6_ADDR_GEN_MODE.\n * Cosmetic changes to keepalived(8) man page.\n * Don't set ipvs sync daemon to master state before becoming master\n If a vrrp instance which was the one specified for the ipvs sync\n daemon was configured with initial state master, the sync daemon\n was being set to master mode before the vrrp instance transitioned\n to master mode. This caused an error message when the vrrp instance\n transitioned to master and attempted to make the sync daemon go from\n backup to master mode.\n This commit stops setting the sync daemon to master mode at initialisation\n time, and it is set to master mode when the vrrp instance transitions\n to master.\n * Fix freeing vector which has not had any entries allocated.\n * Add additional mem-check disgnostics\n vector_alloc, vectot_alloc_slot, vector_free and alloc_strvec all\n call MALLOC/FREE but the functions written in the mem_check log\n are vector_alloc etc, not the functions that call them.\n This commit adds logging of the originating calling function.\n * Fix memory leak in parser.c.\n * Improve alignment of new mem-check logging.\n * Disable all checkers on a virtual server when ha_suspend set.\n Only the first checker was being disabled; this commit now disables\n all of them.\n Also, make the decision to disable a checker when starting/reloading\n when scheduling the checker, so that the existance of the required\n address can be checked.\n * Stop genhash segfaulting when built with --enable-mem-check.\n * Fix memory allocation problems in genhash.\n * Properly fix memory allocation problems in genhash.\n * Fix persistence_granularity IPv4 netmask validation.\n The logic test from inet_aton() appears to be inverted.\n * Fix segfault when checker configuration is missing expected parameter\n Issue #806 mentioned as an aside that 'nb_get_retry' without a parameter\n was sigfaulting. Commit be7ae80 - 'Stop segfaulting when configuration\n keyword is missing its parameter' missed the 'hidden' uses of vector_slot()\n (i.e. those used via definitions in header files).\n This commit now updates those uses of vector_slot() to use strvec_slot()\n instead.\n * Fix compiling on Linux 2.x kernels.\n There were missing checks for HAVE_DECL_CLONE_NEWNET causing\n references to an undeclared variable if CLONE_NEWNET wasn't defined.\n * Improve parsing of kernel release.\n The kernel EXTRAVERSION can start with any character (although\n starting with a digit would be daft), so relax the check for it\n starting with a '-'. Kernels using both '+' and '.' being the\n first character of EXTRAVERSION have been reported.\n * Improve grammer.\n * add support for SNI in SSL_GET check.\n this adds a `enable_sni` parameter to SSL_GET, making sure the check\n passes the virtualhost in the SNI extension during SSL handshake.\n * Optimise setting host name for SSL_GET requests with SNI.\n * Allow SNI to be used with SSL_GET with OpenSSL v1.0.0 and LibreSSL.\n * Use configure to check for SSL_set_tlsext_host_name()\n Rather than checking for a specific version of the OpenSSL library\n (and it would also need checking the version of the LibreSSL library)\n let configure check for the presence of SSL_set_tlsext_host_name().\n Also omit all code related to SNI of SSL_set_tlsext_host_name() is\n not available.\n * Use configure to determine available OpenSSL functionality\n Rather than using version numbers of the OpenSSL library to determine\n what functions are available, let configure determine whether the\n functions are supported.\n The also means that the same tests work for LibreSSL.\n * Add support for gratuitous ARPs for IP over Infiniband.\n * Use system header definition instead of local definition IF_HWADDR_MAX\n linux/netdevice.h has definition MAX_ADDR_LEN, which is 32, whereas\n IF_HWADDR_MAX was locally defined to be 20.\n Unfortunately we end up with more system header file juggling to ensure\n we don't have duplicate definitions.\n * Fix vrrp_script and check_misc scripts of type </dev/tcp/127.0.0.1/80.\n * Add the first pre-defined config definition (${_PWD})\n ${_PWD} in a configuration file will be replaced with the full\n path name of the directory that keepalived is reading the current\n configuration file from.\n * Open and run the notify fifo and script if no other fifo\n Due to the way the code was structured the notify_fifo for both\n checker and vrrp messages wasn't run if neither the vrrp or checker\n fifo wasn't configured.\n Also, if all three fifos were configured, the general fifo script\n was executed by both the vrrp and checker process, causing problems.\n * Add support for Infiniband interfaces when dumping configuration.\n * Tidy up layout in vrrp_arp.c.\n * Add configure check for support of position independant executables (PIE).\n * Add check for -pie support, and fix writing to keepalived.data.\n * keepalived-1.4.2 released.\n * Make genhash exit with exit code 1 on error.\n Issue #766 identified that genhash always exits with exit code 1\n even if an error has occurred.\n * Rationalise printing of http header in genhash.\n * Use http header Content-Length field in HTTP_CHECK/SSL_CHECK.\n If a Content-Length is supplied in the http header, use that as a\n limit to the data length (as wget does). If the length of data\n received does not match the Content-Length log a warning.\n * Optimise parameter passing to fprintf in genhash.\n * Don't declare mark variable if don't have MARK socket option.\n * Fix sync groups with only one member.\n Commit c88744a0 allowed sync groups with only 1 member again, but\n didn't stop removing the sync group if there was only 1 member.\n This commit now doesn't remove sync groups with only one member.\n * Make track scripts work with --enable-debug config option.\n * Add warning if --enable-debug configure option is used.\n * Allow more flexibility of layout of { and } in config files.\n keepalived was a bit fussy about where '{'s and '}'s (braces) could\n be placed in terms of after the keyword, or on a line on their own.\n It certainly was not possible to have multiple braces on one line.\n This commit now provides complete flexibility of where braces are, so\n long as they occur in the correct order.\n * Make alloc_value_block() report block type if there is an error.\n * Simplify alloc_value_block() by using libc string functions.\n * Add dumping of garp delay config when using -d option.\n * Fix fractions of seconds for garp group garp_interval.\n * Make read_value_block() use alloc_value_block().\n This removes quite a bit of duplication of functionality, and\n ensures the configuration parsing will be more consistent.\n * Fix build with Linux kernel headers v4.15.\n Linux kernel version 4.15 changed the libc/kernel headers suppression\n logic in a way that introduces collisions.\n * Add missing command line options to keepalived(8) man page.\n * Fix --dont-release-vrrp.\n On github, ushuz reported that commit 62e8455 - 'Don't delete vmac\n interfaces before dropping multicast membership' broke --dont-release-vrrp.\n This commit restores the correct functionality.\n * Define _GNU_SOURCE for all compilation units.\n Rather than defining _GNU_SOURCE when needed, let configure add\n it to the flags passed to the C compiler, so that it is defined\n for all compilation units. This ensures consistence.\n * Fix new warnings procuded by gcc 8.\n * Fix dumping empty lists.\n Add a check in dump_list() for an empty list, and don't attempt\n to dump it if it is empty.\n * Resolve conversion-check compiler warnings.\n * Add missing content to installing_keepalived.rst documentation.\n Issue #778 identified that there was text missing at the end of\n the document, and that is now added.\n * Fix systemd service to start after network-online.target.\n This fix was merged downstream by RedHat in response to\n RHBZ #1413320.\n * Update INSTALL file to describe packages needed for building\n documentation.\n * INSTALL: note linux distro package that provides 'sphinx_rtd_theme'\n * Clear /proc/sys/net/ipv6/conf/IF/disable_ipv6 when create VMACs.\n An issue was identified where keepalived was reporting permission\n denied when attempting to add an IPv6 address to a VMAC interface.\n It turned out that this was because\n /proc/sys/net/ipv6/conf/default/disable_ipv6\n was set to 1, causing IPv6 to be disables on all interfaces that\n keepalived created.\n This commit clears disable_ipv6 on any VMAC interfaces that\n keepalived creates if the vrrp instance is using IPv6.\n- remove linux-4.15.patch: does not apply anymore and not needed\n (the distros using 4.15 have moved on to keepalived 2.x)\n\n- Only Require insserv on distributions without systemd.\n- Fix systemd related requires/buildRequires\n- Do not run scriptlets that use insserv when using systemd\n\n- add linux-4.15.patch\n\nChanges in kibana:\n- Add 0001-Configurable-custom-response-headers-for-server.patch\n (bsc#1171909, CVE-2020-10743)\n\nChanges in memcached:\n- version update to 1.5.17\n * bugfixes\n fix strncpy call in stats conns to avoid ASAN violation (bsc#1149110, CVE-2019-15026)\n extstore: fix indentation\n add error handling when calling dup function\n add unlock when item_cachedump malloc failed\n extstore: emulate pread(v) for macOS\n fix off-by-one in logger to allow CAS commands to be logged.\n use strdup for explicitly configured slab sizes\n move mem_requested from slabs.c to items.c (internal cleanup)\n * new features\n add server address to the 'stats conns' output\n log client connection id with fetchers and mutations\n Add a handler for seccomp crashes\n- version update to 1.5.16\n * bugfixes\n When nsuffix is 0 space for flags hasn't been allocated so don't memcpy them.\n- version update to 1.5.15\n * bugfixes\n Speed up incr/decr by replacing snprintf.\n Use correct buffer size for internal URI encoding.\n change some links from http to https\n Fix small memory leak in testapp.c.\n free window_global in slab_automove_extstore.c\n remove inline_ascii_response option\n -Y [filename] for ascii authentication mode\n fix: idle-timeout wasn't compatible with binprot\n * features\n -Y [authfile] enables an authentication mode for ASCII protocol.\n- modified patches\n % memcached-autofoo.patch (refreshed)\n\n- version update to 1.5.14\n * update -h output for -I (max item size)\n * fix segfault in 'lru' command (bsc#1133817, CVE-2019-11596)\n * fix compile error on centos7\n * extstore: error adjusting page_size after ext_path\n * extstore: fix segfault if page_count is too high.\n * close delete + incr item survival race bug\n * memcached-tool dump fix loss of exp value\n * Fix 'qw' in 'MemcachedTest.pm' so wait_ext_flush is exported properly\n * Experimental TLS support.\n * Basic implementation of TLS for memcached.\n * Improve Get And Touch documentation\n * fix INCR/DECR refcount leak for invalid items\n- modified patches\n % memcached-autofoo.patch (refreshed)\n\n- Version bump to 1.5.11:\n * extstore: balance IO thread queues\n- Drop memcached-fix_test.patch that is present now upstream\n\n- Add patch to fix aarch64, ppc64* and s390x tests:\n * memcached-fix_test.patch\n\n- Fix linter errors regarding COPYING\n\n- update to 1.5.10:\n * disruptive change in extstore: -o ext_page_count= is deprecated\n and no longer works. To specify size: -o ext_path=/d/m/e:500G\n extstore figures out the page count based on your desired page\n size. M|G|T|P supported.\n * extstore: Add basic JBOD support: ext_path can be specified\n multiple times for striping onto simimar devices\n * fix alignment issues on some ARM platforms for chunked items\n\n- Update to 1.5.9:\n * Bugfix release.\n * Important note: if using --enable-seccomp, privilege dropping\n is no longer on by default. The feature is experimental and many\n users are reporting hard to diagnose problems on varied platforms.\n * Seccomp is now marked EXPERIMENTAL, and must be explicitly\n enabled by adding -o drop_privileges. Once we're more confident\n with the usability of the feature, it will be enabled in -o modern,\n like any other new change. You should only use it if you are\n willing to carefully test it, especially if you're a vendor or\n distribution.\n * Also important is a crash fix in extstore when using the ASCII\n protocol, large items, and running low on memory.\n\n- update to 1.5.8:\n * Bugfixes for seccomp and extstore\n * Extstore platform portability has been greatly improved for ARM\n and 32bit systems\n- includes changes from 1.5.7:\n * Fix alignment issues for 64bit ARM processors\n * Fix seccomp portability\n * Fix refcount leak with extstore while using binary touch commands\n\n- turn on the testsuite again, it seems to pass server side,\n too\n\n- Home directory shouldn't be world readable bsc#1077718\n- Mention that this stream isn't affected by bsc#1085209, \n CVE-2018-1000127 to make the checker bots happy.\n\n- update to 1.5.6 (bsc#1083903, CVE-2018-1000115):\n * This update disables UDP by default to reduce DDoS amplification\n attacks\n * see https://github.com/memcached/memcached/wiki/ReleaseNotes156\n * see https://github.com/memcached/memcached/wiki/ReleaseNotes155\n * see https://github.com/memcached/memcached/wiki/ReleaseNotes154\n * see https://github.com/memcached/memcached/wiki/ReleaseNotes153\n * see https://github.com/memcached/memcached/wiki/ReleaseNotes152\n * see https://github.com/memcached/memcached/wiki/ReleaseNotes151\n * see https://github.com/memcached/memcached/wiki/ReleaseNotes150\n\n- Replace references to /var/adm/fillup-templates with new \n %_fillupdir macro (boo#1069468)\n\nChanges in monasca-installer:\n- Add 0001-kibana:-set-x-frame-options-header.patch (bsc#1171909,\n CVE-2020-10743)\n\nChanges in openstack-dashboard-theme-SUSE:\n- Switch github URL from git@ to git:// to bypass authentication\n\nChanges in openstack-manila:\n- Add 0001-Fix-exportfs-u-usage-in-generic-driver.patch\n Backported from upstream patch https://review.opendev.org/#/c/411631/\n Related Bug (SOC-9801)\n\nChanges in openstack-neutron-fwaas:\n- Add 0050-Remove-tempest-shared-physical-network.patch (SOC-9801)\n This tempest configuration option is not present in tempest, as\n it was only added after the SOC7 release cut.\n\nChanges in openstack-nova:\n- Add 0001-live-mig-keep-disk-device-address-same.patch (bsc#1164316)\n - Fix for https://bugs.launchpad.net/nova/+bug/1715569\n\nChanges in openstack-tempest:\n\n- Add 0001-Use-available-scheduler-filters.patch\n Backported from upstream patch https://review.opendev.org/#/c/570207/\n Related Bugs: SOC-9801,SOC-11174\n\n- Add 0001-Remove-volume_feature_enabled.volume_services.patch\n Backported from upstream patch https://review.opendev.org/#/c/438220/\n Related Bug (SOC-9801)\n\n\nChanges in python-cffi:\n- Do not build python3 subpackages as C:OS:Newton does not support\n it\n\n- provide also python-cffi = 1.10.0 and 1.5.2 to avoid breaking the\n cloud 7 and 8 requirements (bsc#948198)\n\n- Update in SLE-12 (bsc#1138748, jsc#ECO-1256, jsc#PM-1598)\n\n- Add dont-corrupt-memory.patch to fix boo#1111657 (originally\n from https://bitbucket.org/cffi/cffi/commits/7a76a3815340)\n\n- build python3 subpackage (FATE#324435, FATE#323875)\n\n- Add patch cffi-loader.patch to fix bsc#1070737\n- Sort out with spec-cleaner\n\n- update to version 1.11.2:\n * Fix Windows issue with managing the thread-state on CPython 3.0 to\n 3.5\n\n- Update pytest in spec to add c directory tests in addition to \n testing directory.\n- Omit test_init_once_multithread tests as they rely on multiple\n threads finishing in a given time. Returns sporadic pass/fail\n within build.\n- Update to 1.11.1:\n * Fix tests, remove deprecated C API usage\n * Fix (hack) for 3.6.0/3.6.1/3.6.2 giving incompatible binary\n extensions (cpython issue #29943)\n * Fix for 3.7.0a1+\n\n- Update to 1.11.0:\n * Support the modern standard types char16_t and char32_t. These\n work like wchar_t: they represent one unicode character, or when\n used as charN_t * or charN_t[] they represent a unicode string.\n The difference with wchar_t is that they have a known, fixed\n size. They should work at all places that used to work with\n wchar_t (please report an issue if I missed something). Note\n that with set_source(), you need to make sure that these types\n are actually defined by the C source you provide (if used in\n cdef()).\n * Support the C99 types float _Complex and double _Complex. Note\n that libffi doesn’t support them, which means that in the ABI\n mode you still cannot call C functions that take complex\n numbers directly as arguments or return type.\n * Fixed a rare race condition when creating multiple FFI instances\n from multiple threads. (Note that you aren’t meant to create\n many FFI instances: in inline mode, you should write\n ffi = cffi.FFI() at module level just after import cffi; and in\n out-of-line mode you don’t instantiate FFI explicitly at all.)\n * Windows: using callbacks can be messy because the CFFI internal\n error messages show up to stderr—but stderr goes nowhere in many\n applications. This makes it particularly hard to get started\n with the embedding mode. (Once you get started, you can at least\n use @ffi.def_extern(onerror=...) and send the error logs where\n it makes sense for your application, or record them in log\n files, and so on.) So what is new in CFFI is that now, on\n Windows CFFI will try to open a non-modal MessageBox (in addition\n to sending raw messages to stderr). The MessageBox is only\n visible if the process stays alive: typically, console\n applications that crash close immediately, but that is also the\n situation where stderr should be visible anyway.\n * Progress on support for callbacks in NetBSD.\n * Functions returning booleans would in some case still return 0\n or 1 instead of False or True. Fixed.\n * ffi.gc() now takes an optional third parameter, which gives an\n estimate of the size (in bytes) of the object. So far, this is\n only used by PyPy, to make the next GC occur more quickly\n (issue #320). In the future, this might have an effect on\n CPython too (provided the CPython issue 31105 is addressed).\n * Add a note to the documentation: the ABI mode gives function\n objects that are slower to call than the API mode does. For\n some reason it is often thought to be faster. It is not!\n- Update to 1.10.1:\n * Fixed the line numbers reported in case of cdef() errors. Also,\n I just noticed, but pycparser always supported the preprocessor\n directive # 42 'foo.h' to mean “from the next line, we’re in\n file foo.h starting from line 42”, which it puts in the error\n messages. \n\n- update to 1.10.0:\n * Issue #295: use calloc() directly instead of PyObject_Malloc()+memset()\n to handle ffi.new() with a default allocator. Speeds up ffi.new(large-array)\n where most of the time you never touch most of the array.\n * Some OS/X build fixes (“only with Xcode but without CLT”).\n * Improve a couple of error messages: when getting mismatched versions of\n cffi and its backend; and when calling functions which cannot be called with\n libffi because an argument is a struct that is “too complicated” (and not\n a struct pointer, which always works).\n * Add support for some unusual compilers (non-msvc, non-gcc, non-icc, non-clang)\n * Implemented the remaining cases for ffi.from_buffer. Now all\n buffer/memoryview objects can be passed. The one remaining check is against\n passing unicode strings in Python 2. (They support the buffer interface, but\n that gives the raw bytes behind the UTF16/UCS4 storage, which is most of the\n times not what you expect. In Python 3 this has been fixed and the unicode\n strings don’t support the memoryview interface any more.)\n * The C type _Bool or bool now converts to a Python boolean when reading,\n instead of the content of the byte as an integer. The potential\n incompatibility here is what occurs if the byte contains a value different\n from 0 and 1. Previously, it would just return it; with this change, CFFI\n raises an exception in this case. But this case means “undefined behavior”\n in C; if you really have to interface with a library relying on this,\n don’t use bool in the CFFI side. Also, it is still valid to use a byte\n string as initializer for a bool[], but now it must only contain \\x00 or\n \\x01. As an aside, ffi.string() no longer works on bool[] (but it never made\n much sense, as this function stops at the first zero).\n * ffi.buffer is now the name of cffi’s buffer type, and ffi.buffer() works\n like before but is the constructor of that type.\n * ffi.addressof(lib, 'name') now works also in in-line mode, not only in\n out-of-line mode. This is useful for taking the address of global variables.\n * Issue #255: cdata objects of a primitive type (integers, floats, char) are\n now compared and ordered by value. For example, <cdata 'int' 42> compares\n equal to 42 and <cdata 'char' b'A'> compares equal to b'A'. Unlike C,\n <cdata 'int' -1> does not compare equal to ffi.cast('unsigned int', -1): it\n compares smaller, because -1 < 4294967295.\n * PyPy: ffi.new() and ffi.new_allocator()() did not record “memory pressure”,\n causing the GC to run too infrequently if you call ffi.new() very often\n and/or with large arrays. Fixed in PyPy 5.7.\n * Support in ffi.cdef() for numeric expressions with + or -. Assumes that\n there is no overflow; it should be fixed first before we add more general\n support for arbitrary arithmetic on constants.\n\n- do not generate HTML documentation for packages that are indirect\n dependencies of Sphinx\n (see docs at https://cffi.readthedocs.org/ )\n\n- update to 1.9.1\n - Structs with variable-sized arrays as their last field: now we track the\n length of the array after ffi.new() is called, just like we always tracked\n the length of ffi.new('int[]', 42). This lets us detect out-of-range\n accesses to array items. This also lets us display a better repr(), and\n have the total size returned by ffi.sizeof() and ffi.buffer(). Previously\n both functions would return a result based on the size of the declared\n structure type, with an assumed empty array. (Thanks andrew for starting\n this refactoring.)\n - Add support in cdef()/set_source() for unspecified-length arrays in\n typedefs: typedef int foo_t[...];. It was already supported for global\n variables or structure fields.\n - I turned in v1.8 a warning from cffi/model.py into an error: 'enum xxx' has\n no values explicitly defined: refusing to guess which integer type it is\n meant to be (unsigned/signed, int/long). Now I’m turning it back to a\n warning again; it seems that guessing that the enum has size int is a\n 99%-safe bet. (But not 100%, so it stays as a warning.)\n - Fix leaks in the code handling FILE * arguments. In CPython 3 there is a\n remaining issue that is hard to fix: if you pass a Python file object to a\n FILE * argument, then os.dup() is used and the new file descriptor is only\n closed when the GC reclaims the Python file object—and not at the earlier\n time when you call close(), which only closes the original file descriptor.\n If this is an issue, you should avoid this automatic convertion of Python\n file objects: instead, explicitly manipulate file descriptors and call\n fdopen() from C (...via cffi).\n - When passing a void * argument to a function with a different pointer type,\n or vice-versa, the cast occurs automatically, like in C. The same occurs\n for initialization with ffi.new() and a few other places. However, I\n thought that char * had the same property—but I was mistaken. In C you get\n the usual warning if you try to give a char * to a char ** argument, for\n example. Sorry about the confusion. This has been fixed in CFFI by giving\n for now a warning, too. It will turn into an error in a future version.\n - Issue #283: fixed ffi.new() on structures/unions with nested anonymous\n structures/unions, when there is at least one union in the mix. When\n initialized with a list or a dict, it should now behave more closely like\n the { } syntax does in GCC.\n - CPython 3.x: experimental: the generated C extension modules now use the\n “limited API”, which means that, as a compiled .so/.dll, it should work\n directly on any version of CPython >= 3.2. The name produced by distutils\n is still version-specific. To get the version-independent name, you can\n rename it manually to NAME.abi3.so, or use the very recent setuptools 26.\n - Added ffi.compile(debug=...), similar to python setup.py build --debug but\n defaulting to True if we are running a debugging version of Python itself.\n - Removed the restriction that ffi.from_buffer() cannot be used on byte\n strings. Now you can get a char * out of a byte string, which is valid as\n long as the string object is kept alive. (But don’t use it to modify the\n string object! If you need this, use bytearray or other official\n techniques.)\n - PyPy 5.4 can now pass a byte string directly to a char * argument (in older\n versions, a copy would be made). This used to be a CPython-only\n optimization.\n - ffi.gc(p, None) removes the destructor on an object previously created by\n another call to ffi.gc()\n - bool(ffi.cast('primitive type', x)) now returns False if the value is zero\n (including -0.0), and True otherwise. Previously this would only return\n False for cdata objects of a pointer type when the pointer is NULL.\n - bytearrays: ffi.from_buffer(bytearray-object) is now supported. (The reason\n it was not supported was that it was hard to do in PyPy, but it works since\n PyPy 5.3.) To call a C function with a char * argument from a buffer\n object—now including bytearrays—you write lib.foo(ffi.from_buffer(x)).\n Additionally, this is now supported: p[0:length] = bytearray-object. The\n problem with this was that a iterating over bytearrays gives numbers\n instead of characters. (Now it is implemented with just a memcpy, of\n course, not actually iterating over the characters.)\n - C++: compiling the generated C code with C++ was supposed to work, but\n failed if you make use the bool type (because that is rendered as the C\n _Bool type, which doesn’t exist in C++).\n - help(lib) and help(lib.myfunc) now give useful information, as well as\n dir(p) where p is a struct or pointer-to-struct.\n- drop upstreamed python-cffi-avoid-bitshifting-negative-int.patch\n\n- update for multipython build\n\n- Add python-cffi-avoid-bitshifting-negative-int.patch to actually\n fix the 'negative left shift' warning by replacing bitshifting\n in appropriate places by bitwise and comparison to self; patch\n taken from upstream git. Drop cffi-1.5.2-wnoerror.patch: no\n longer required.\n\n- disable 'negative left shift' warning in test suite to prevent\n failures with gcc6, until upstream fixes the undefined code\n in question (boo#981848, cffi-1.5.2-wnoerror.patch)\n\n- Update to version 1.6.0:\n * ffi.list_types()\n * ffi.unpack()\n * extern “Python+C”\n * in API mode, lib.foo.__doc__ contains the C signature now.\n * Yet another attempt at robustness of ffi.def_extern() against\n CPython’s interpreter shutdown logic.\n\nChanges in python-pylons-sphinx-themes:\n\n- moved LICENSE.txt to docs to match old structure\n\n- specfile:\n * update copyright year\n- update to version 1.0.11:\n * Fix the width of linenos table column when used in code-blocks.\n\n- Replace %fdupes -s with plain %fdupes; hardlinks are better.\n\n- Update to version 1.0.10 (2018-09-25)\n + Add Read the Docs to the recipients of ad revenue.\n- Update to version 1.0.9 (2018-09-23)\n + Remove hyphenation because it sometimes hyphenates\n inappropriately, such as in code.\n- Update to version 1.0.8 (2018-09-21)\n + Fix support for Ethical Ads.\n- Update to version 1.0.7 (2018-09-21)\n + Added support for Ethical Ads for Read The Docs.\n See https://github.com/Pylons/pylons-sphinx-themes/pull/12\n\n- Remove superfluous devel dependency for noarch package\n\n- Update to version 1.0.6\n * Update zest.releaser in order to release to PyPI.\n- Update to version 1.0.5\n * Clean up licensing\n https://github.com/Pylons/pylons-sphinx-themes/issues/8\n\n- Provide/obsolete old pylons_sphinx_theme\n\n- Update to version 1.0.4\n * Specify line spacing for list items for only within the\n .body class.\n version 1.0.3\n * Add line spacing for list items. Closes #4.\n version 1.0.2:\n * Remove HTTPS protocol to allow either HTTPS or HTTP.\n version 1.0.1:\n * Use HTTPS for protocol of stylesheets.\n version 1.0:\n * Use zest.releaser for releasing.\n * Improve documentation.\n- Converted to single-spec\n\n- version 0.3.1: initial build\n\nChanges in python-Django:\n- Fix merge artifact in CVE-2020-13596.patch\n\n- Add CVE-2019-19844.patch (bsc#1159447, CVE-2019-19844)\n * Fix Potential account hijack via password reset form\n\n- Security fixes (bsc#1172167, bsc#1172166, CVE-2020-13254, CVE-2020-13596)\n * Added patch CVE-2020-13254.patch\n * Added patch CVE-2020-13596.patch\n\n- Set _defaultlicensedir \n\n- Fix for SG#56542, bsc#1161349:\n * Fixed CVE-2019-3498-Fixed-content-spoof.patch\n\n- Fix for SG#56542, bsc#1161349:\n * Fixed CVE-2019-3498-Fixed-content-spoof.patch\n (There was a bug in this .patch file; some code had been\n accidentally included in the backport, and this stopped the 404\n page from loading. See commit message and bug report for more\n information)\n\nChanges in python-Pillow:\n- Remove decompression_bomb.gif and relevant test case to avoid\n ClamAV scan alerts during build\n\n- Add 0008-Corrected-negative-seeks.patch\n * From upstream, backported\n * Fixes part of CVE-2019-16865, bsc#1153191\n- Add 0009-Make-Image.crop-an-immediate-operation.patch\n * From upstream, backported\n * Fixes https://github.com/python-pillow/Pillow/issues/1077\n * Used by 0012-Added-decompression-bomb-checks.patch\n- Add 0010-Crop-decompression.patch\n * From upstream, backported\n * Fixes https://github.com/python-pillow/Pillow/issues/2402\n * Used by 0012-Added-decompression-bomb-checks.patch\n- Add 0011-Added-DecompressionBombError.patch\n * From upstream, backported\n * Adds DecompressionBombError class\n * Used by 0012-Added-decompression-bomb-checks.patch\n- Add 0012-Added-decompression-bomb-checks.patch\n * From upstream, backported\n * Fixes part of CVE-2019-16865, bsc#1153191\n- Add 0013-Raise-error-if-dimension-is-a-string.patch\n * From upstream, backported\n * Fixes part of CVE-2019-16865, bsc#1153191\n- Add 0014-Catch-buffer-overruns.patch\n * From upstream, backported\n * Fixes part of CVE-2019-16865, bsc#1153191\n- Add 0015-Catch-PCX-P-mode-buffer-overrun.patch\n * From upstream, backported\n * Fixes CVE-2020-5312, bsc#1160152\n- Add 0016-Ensure-previous-FLI-frame-is-loaded.patch\n * From upstream, backported\n * Fixes https://github.com/python-pillow/Pillow/issues/2649\n * Uncovers CVE-2020-5313, bsc#1160153\n- Add 0017-Catch-FLI-buffer-overrun.patch\n * From upstream, backported\n * Fixes CVE-2020-5313, bsc#1160153\n- Add 018-Invalid-number-of-bands-in-FPX-image.patch\n * From upstream, backported\n * Fixes CVE-2019-19911, bsc#1160192\n\nChanges in python-psql2mysql:\n- Update to version 0.5.0+git.1589351878.4ef877c:\n * Do not fail on instance_info length, it is expected to be LONGTEXT\n\n- Update to version 0.5.0+git.1582192453.98e9561:\n * Neutron drivers use own naming for alembic migrations, e.g. cisco_alembic_version, aci_alembic_version, etc depending on driver.\n\nChanges in python-psutil:\n- Add bsc1156525-CVE-2019-18874.patch (bsc#1156525, CVE-2019-18874)\n\nChanges in python-py:\n- update to version 1.5.2\n-----------------------------------------------------------------\n- update to version 1.4.33\n\nChanges in python-py:\n- update to version 1.5.2:\n * fix #169, #170: error importing py.log on Windows: no module named\n 'syslog'.\n- changes from version 1.5.1:\n * fix #167 - prevent pip from installing py in unsupported Python\n versions.\n- changes from version 1.5.0:\n * python 2.6 and 3.3 are no longer supported\n * deprecate py.std and remove all internal uses\n * fix #73 turn py.error into an actual module\n * path join to / no longer produces leading double slashes\n * fix #82 - remove unsupportable aliases\n * fix python37 compatibility of path.sysfind on windows by correctly\n replacing vars\n * turn iniconfig and apipkg into vendored packages and ease\n de-vendoring for distributions\n * fix #68 remove invalid py.test.ensuretemp references\n * fix #25 - deprecate path.listdir(sort=callable)\n * add TerminalWriter.chars_on_current_line read-only property that\n tracks how many characters have been written to the current line.\n- changes from version 1.4.34\n * fix issue119 / pytest issue708 where tmpdir may fail to make\n numbered directories when the filesystem is case-insensitive.\n\n- update to version 1.4.33:\n * avoid imports in calls to py.path.local().fnmatch(). Thanks\n Andreas Pelme for the PR.\n * fix issue106: Naive unicode encoding when calling fspath() in\n python2. Thanks Tiago Nobrega for the PR.\n * fix issue110: unittest.TestCase.assertWarns fails with py\n imported.\n- changes from version 1.4.32\n * fix issue70: aded ability to copy all stat info in\n py.path.local.copy.\n * make TerminalWriter.fullwidth a property. This results in the\n correct value when the terminal gets resized.\n * update supported html tags to include recent additions.\n Thanks Denis Afonso for the PR.\n * Remove internal code in ``Source.compile`` meant to support\n earlier Python 3 versions that produced the side effect\n of leaving ``None`` in ``sys.modules`` when called (see\n pytest-dev/pytest#2103). Thanks Bruno Oliveira for the PR.\n\nChanges in python-pysaml2:\n- Add 0001-Always-generate-a-random-IV-for-AES-operations.patch\n (CVE-2017-1000246, bsc#1068612)\n\n- Add 0001-Fix-XML-Signature-Wrapping-XSW-vulnerabilities.patch\n (CVE-2020-5390, bsc#1160851)\n\nChanges in python-waitress:\n- update to 1.4.3 to include fixes for:\n * CVE-2019-16785 / bsc#1161088\n * CVE-2019-16786 / bsc#1161089\n * CVE-2019-16789 / bsc#1160790\n * CVE-2019-16792 / bsc#1161670\n\n- moved LICENSE.txt to docs to match old structure \n\n- make sure UTF8 locale is used when runnning tests\n * Sometimes functional tests executed in python3 failed if stdout was not\n set to UTF-8. The error message was:\n ValueError: underlying buffer has been detached\n\n- %python3_only -> %python_alternative\n\n- update to 1.4.3\n * Waitress did not properly validate that the HTTP headers it received \n were properly formed, thereby potentially allowing a front-end server \n to treat a request different from Waitress. This could lead to HTTP \n request smuggling/splitting.\n- drop patch local-intersphinx-inventories.patch\n * it was commented out, anyway\n\n- update to 1.4.0:\n - Waitress used to slam the door shut on HTTP pipelined requests without\n setting the ``Connection: close`` header as appropriate in the response. This\n is of course not very friendly. Waitress now explicitly sets the header when\n responding with an internally generated error such as 400 Bad Request or 500\n Internal Server Error to notify the remote client that it will be closing the\n connection after the response is sent.\n - Waitress no longer allows any spaces to exist between the header field-name\n and the colon. While waitress did not strip the space and thereby was not\n vulnerable to any potential header field-name confusion, it should have sent\n back a 400 Bad Request. See https://github.com/Pylons/waitress/issues/273\n - CRLR handling Security fixes\n\n- update to 1.3.1\n * Waitress won’t accidentally throw away part of the path if it \n starts with a double slash\n\n- version update to 1.3.0\n Deprecations\n ~~~~~~~~~~~~\n - The ``send_bytes`` adjustment now defaults to ``1`` and is deprecated\n pending removal in a future release.\n and https://github.com/Pylons/waitress/pull/246\n Features\n ~~~~~~~~\n - Add a new ``outbuf_high_watermark`` adjustment which is used to apply\n backpressure on the ``app_iter`` to avoid letting it spin faster than data\n can be written to the socket. This stabilizes responses that iterate quickly\n with a lot of data.\n See https://github.com/Pylons/waitress/pull/242\n - Stop early and close the ``app_iter`` when attempting to write to a closed\n socket due to a client disconnect. This should notify a long-lived streaming\n response when a client hangs up.\n See https://github.com/Pylons/waitress/pull/238\n and https://github.com/Pylons/waitress/pull/240\n and https://github.com/Pylons/waitress/pull/241\n - Adjust the flush to output ``SO_SNDBUF`` bytes instead of whatever was\n set in the ``send_bytes`` adjustment. ``send_bytes`` now only controls how\n much waitress will buffer internally before flushing to the kernel, whereas\n previously it used to also throttle how much data was sent to the kernel.\n This change enables a streaming ``app_iter`` containing small chunks to\n still be flushed efficiently.\n See https://github.com/Pylons/waitress/pull/246\n Bugfixes\n ~~~~~~~~\n - Upon receiving a request that does not include HTTP/1.0 or HTTP/1.1 we will\n no longer set the version to the string value 'None'. See\n https://github.com/Pylons/waitress/pull/252 and\n https://github.com/Pylons/waitress/issues/110\n - When a client closes a socket unexpectedly there was potential for memory\n leaks in which data was written to the buffers after they were closed,\n causing them to reopen.\n See https://github.com/Pylons/waitress/pull/239\n - Fix the queue depth warnings to only show when all threads are busy.\n See https://github.com/Pylons/waitress/pull/243\n and https://github.com/Pylons/waitress/pull/247\n - Trigger the ``app_iter`` to close as part of shutdown. This will only be\n noticeable for users of the internal server api. In more typical operations\n the server will die before benefiting from these changes.\n See https://github.com/Pylons/waitress/pull/245\n - Fix a bug in which a streaming ``app_iter`` may never cleanup data that has\n already been sent. This would cause buffers in waitress to grow without\n bounds. These buffers now properly rotate and release their data.\n See https://github.com/Pylons/waitress/pull/242\n - Fix a bug in which non-seekable subclasses of ``io.IOBase`` would trigger\n an exception when passed to the ``wsgi.file_wrapper`` callback.\n See https://github.com/Pylons/waitress/pull/249\n\n- Trim marketing wording and other platform mentions.\n\n- Add fetch-intersphinx-inventories.sh to sources\n- Add local-intersphinx-inventories.patch for generating the docs\n correctly\n\n- update to version 1.2.1:\n too many changes to list here, see:\n https://github.com/Pylons/waitress/blob/master/CHANGES.txt\n or even:\n https://github.com/Pylons/waitress/commits/master\n\n- Remove superfluous devel dependency for noarch package\n\n- update to version 1.1.0:\n * Features\n + Waitress now has a __main__ and thus may be called with 'python\n -mwaitress'\n * Bugfixes\n + Waitress no longer allows lowercase HTTP verbs. This change was\n made to fall in line with most HTTP servers. See\n https://github.com/Pylons/waitress/pull/170\n + When receiving non-ascii bytes in the request URL, waitress will\n no longer abruptly close the connection, instead returning a 400\n Bad Request. See https://github.com/Pylons/waitress/pull/162 and\n https://github.com/Pylons/waitress/issues/64\n\n- Update to 1.0.2\n * Python 3.6 is now officially supported in Waitress\n * Add a work-around for libc issue on Linux not following the\n documented standards. If getnameinfo() fails because of DNS not\n being available it should return the IP address instead of the\n reverse DNS entry, however instead getnameinfo() raises. We\n catch this, and ask getnameinfo() for the same information\n again, explicitly asking for IP address instead of reverse\n DNS hostname.\n- Implement single-spec version.\n- Fix source URL.\n\n- update to 1.0.1:\n - IPv6 support on Windows was broken due to missing constants in the socket\n module. This has been resolved by setting the constants on Windows if they\n are missing. See https://github.com/Pylons/waitress/issues/138\n - A ValueError was raised on Windows when passing a string for the port, on\n Windows in Python 2 using service names instead of port numbers doesn't work\n with `getaddrinfo`. This has been resolved by attempting to convert the port\n number to an integer, if that fails a ValueError will be raised. See\n https://github.com/Pylons/waitress/issues/139\n - Removed `AI_ADDRCONFIG` from the call to `getaddrinfo`, this resolves an\n issue whereby `getaddrinfo` wouldn't return any addresses to `bind` to on\n hosts where there is no internet connection but localhost is requested to be\n bound to. See https://github.com/Pylons/waitress/issues/131 for more\n information.\n- disable tests. need network access.\n\nChanges in rabbitmq-server:\n- Apply patches to resolve CVE-2017-4967,CVE-2017-4965 (bsc#1037777)\n 0001-Escape-HTML-tags-in-policy-definition-fields.patch\n 0002-Don-t-echo-provided-encoding-value-back.patch\n 0003-Strip-off-pids-and-format-consumer-details-for-2-end.patch\n 0004-Format-Web-contexts.patch\n\nChanges in release-notes-suse-openstack-cloud:\n- Switch github URL from git@ to https:// to bypass authentication \n\nChanges in rubygem-activeresource:\n- Add bsc#1171560-CVE-2020-8151-encode-id-param.patch\n Prevent possible information disclosure issue that could allow\n an attacker to create specially crafted requests to access data\n in an unexpected way (bsc#1171560 CVE-2020-8151)) \n\nChanges in rubygem-crowbar-client:\n- Update to 3.9.2\n - Enable SES commands in Cloud8 (SOC-11122)\n\nChanges in rubygem-json-1_7:\n- Add CVE-2020-10663.patch (CVE-2020-10663, bsc#1167244)\n\nChanges in rubygem-puma:\n- Fix indentation in gem2rpm.yml \n\n- Add CVE-2020-11077.patch (bsc#1172175, CVE-2020-11077)\n- Add chunked-request-handling.patch (needed for CVE-2020-11076.patch)\n- Add CVE-2020-11076.patch (bsc#1172176, CVE-2020-11076)\n- Add all patches to gem2rpm.yml\n\n- Add CVE-2020-5247.patch (bsc#1165402)\n 'Fixes a problem where we were not splitting newlines in headers\n according to Rack spec'\n The patch is reduced compared to the upstream version, which was\n patching also the parts that are not implemented in our old Puma\n version. This applies to unit test as well.\n\nChanges in zookeeper:\n- Apply 0002-Apply-patch-to-resolve-CVE-2019-0201.patch\n This applies the patch for ZOOKEEPER-1392 to resolve CVE-2019-0201\n Should not allow to read ACL when not authorized to read node \n (bsc#1135773)\n\n- Various cleanups in spec file\n\n", title: "Description of the patch", }, { category: "details", text: "SUSE-2020-2072,SUSE-OpenStack-Cloud-7-2020-2072", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/suse-ru-2020_2072-1.json", }, { category: "self", summary: "URL for SUSE-RU-2020:2072-1", url: "https://www.suse.com/support/update/announcement//suse-ru-20202072-1/", }, { category: "self", summary: "E-Mail link for SUSE-RU-2020:2072-1", url: "https://lists.suse.com/pipermail/sle-updates/2020-July/015563.html", }, { category: "self", summary: "SUSE Bug 1037777", url: "https://bugzilla.suse.com/1037777", }, { category: "self", summary: "SUSE Bug 1068612", url: "https://bugzilla.suse.com/1068612", }, { category: "self", summary: "SUSE Bug 1069468", url: "https://bugzilla.suse.com/1069468", }, { category: "self", summary: "SUSE Bug 1070737", url: "https://bugzilla.suse.com/1070737", }, { category: "self", summary: "SUSE Bug 1077718", url: "https://bugzilla.suse.com/1077718", }, { category: "self", summary: "SUSE Bug 1083903", url: "https://bugzilla.suse.com/1083903", }, { category: "self", summary: "SUSE Bug 1111657", url: "https://bugzilla.suse.com/1111657", }, { category: "self", summary: "SUSE Bug 1126503", url: "https://bugzilla.suse.com/1126503", }, { category: "self", summary: "SUSE Bug 1133817", url: "https://bugzilla.suse.com/1133817", }, { category: "self", summary: "SUSE Bug 1135773", url: "https://bugzilla.suse.com/1135773", }, { category: "self", summary: "SUSE Bug 1138748", url: "https://bugzilla.suse.com/1138748", }, { category: "self", summary: "SUSE Bug 1148383", url: "https://bugzilla.suse.com/1148383", }, { category: "self", summary: "SUSE Bug 1149110", url: "https://bugzilla.suse.com/1149110", }, { category: "self", summary: "SUSE Bug 1149535", url: "https://bugzilla.suse.com/1149535", }, { category: "self", summary: "SUSE Bug 1153191", url: "https://bugzilla.suse.com/1153191", }, { category: "self", summary: "SUSE Bug 1156525", url: "https://bugzilla.suse.com/1156525", }, { category: "self", summary: "SUSE Bug 1159447", url: "https://bugzilla.suse.com/1159447", }, { category: "self", summary: "SUSE Bug 1160152", url: "https://bugzilla.suse.com/1160152", }, { category: "self", summary: "SUSE Bug 1160153", url: "https://bugzilla.suse.com/1160153", }, { category: "self", summary: "SUSE Bug 1160192", url: "https://bugzilla.suse.com/1160192", }, { category: "self", summary: "SUSE Bug 1160790", url: "https://bugzilla.suse.com/1160790", }, { category: "self", summary: "SUSE Bug 1160851", url: "https://bugzilla.suse.com/1160851", }, { category: "self", summary: "SUSE Bug 1161088", url: "https://bugzilla.suse.com/1161088", }, { category: "self", summary: "SUSE Bug 1161089", url: "https://bugzilla.suse.com/1161089", }, { category: "self", summary: "SUSE Bug 1161349", url: "https://bugzilla.suse.com/1161349", }, { category: "self", summary: "SUSE Bug 1161670", url: "https://bugzilla.suse.com/1161670", }, { category: "self", summary: "SUSE Bug 1164316", url: "https://bugzilla.suse.com/1164316", }, { category: "self", summary: "SUSE Bug 1165402", url: "https://bugzilla.suse.com/1165402", }, { category: "self", summary: "SUSE Bug 1167244", url: "https://bugzilla.suse.com/1167244", }, { category: "self", summary: "SUSE Bug 1170657", url: "https://bugzilla.suse.com/1170657", }, { category: "self", summary: "SUSE Bug 1171560", url: "https://bugzilla.suse.com/1171560", }, { category: "self", summary: "SUSE Bug 1171909", url: "https://bugzilla.suse.com/1171909", }, { category: "self", summary: "SUSE Bug 1172166", url: "https://bugzilla.suse.com/1172166", }, { category: "self", summary: "SUSE Bug 1172167", url: "https://bugzilla.suse.com/1172167", }, { category: "self", summary: "SUSE Bug 1172175", url: "https://bugzilla.suse.com/1172175", }, { category: "self", summary: "SUSE Bug 1172176", url: "https://bugzilla.suse.com/1172176", }, { category: "self", summary: "SUSE Bug 1172409", url: "https://bugzilla.suse.com/1172409", }, { category: "self", summary: "SUSE Bug 948198", url: "https://bugzilla.suse.com/948198", }, { category: "self", summary: "SUSE Bug 981848", url: "https://bugzilla.suse.com/981848", }, { category: "self", summary: "SUSE CVE CVE-2017-1000246 page", url: "https://www.suse.com/security/cve/CVE-2017-1000246/", }, { category: "self", summary: "SUSE CVE CVE-2017-4965 page", url: "https://www.suse.com/security/cve/CVE-2017-4965/", }, { category: "self", summary: "SUSE CVE CVE-2017-4967 page", url: "https://www.suse.com/security/cve/CVE-2017-4967/", }, { category: "self", summary: "SUSE CVE CVE-2018-1000115 page", url: "https://www.suse.com/security/cve/CVE-2018-1000115/", }, { category: "self", summary: "SUSE CVE CVE-2019-0201 page", url: "https://www.suse.com/security/cve/CVE-2019-0201/", }, { category: "self", summary: "SUSE CVE CVE-2019-11596 page", url: "https://www.suse.com/security/cve/CVE-2019-11596/", }, { category: "self", summary: "SUSE CVE CVE-2019-15026 page", url: "https://www.suse.com/security/cve/CVE-2019-15026/", }, { category: "self", summary: "SUSE CVE CVE-2019-15043 page", url: "https://www.suse.com/security/cve/CVE-2019-15043/", }, { category: "self", summary: "SUSE CVE CVE-2019-16785 page", url: "https://www.suse.com/security/cve/CVE-2019-16785/", }, { category: "self", summary: "SUSE CVE CVE-2019-16786 page", url: "https://www.suse.com/security/cve/CVE-2019-16786/", }, { category: "self", summary: "SUSE CVE CVE-2019-16789 page", url: "https://www.suse.com/security/cve/CVE-2019-16789/", }, { category: "self", summary: "SUSE CVE CVE-2019-16792 page", url: "https://www.suse.com/security/cve/CVE-2019-16792/", }, { category: "self", summary: "SUSE CVE CVE-2019-16865 page", url: "https://www.suse.com/security/cve/CVE-2019-16865/", }, { category: "self", summary: "SUSE CVE CVE-2019-18874 page", url: "https://www.suse.com/security/cve/CVE-2019-18874/", }, { category: "self", summary: "SUSE CVE CVE-2019-19844 page", url: "https://www.suse.com/security/cve/CVE-2019-19844/", }, { category: "self", summary: "SUSE CVE CVE-2019-19911 page", url: "https://www.suse.com/security/cve/CVE-2019-19911/", }, { category: "self", summary: "SUSE CVE CVE-2019-3498 page", url: "https://www.suse.com/security/cve/CVE-2019-3498/", }, { category: "self", summary: "SUSE CVE CVE-2019-3828 page", url: "https://www.suse.com/security/cve/CVE-2019-3828/", }, { category: "self", summary: "SUSE CVE CVE-2020-10663 page", url: "https://www.suse.com/security/cve/CVE-2020-10663/", }, { category: "self", summary: "SUSE CVE CVE-2020-10743 page", url: "https://www.suse.com/security/cve/CVE-2020-10743/", }, { category: "self", summary: "SUSE CVE CVE-2020-11076 page", url: "https://www.suse.com/security/cve/CVE-2020-11076/", }, { category: "self", summary: "SUSE CVE CVE-2020-11077 page", url: "https://www.suse.com/security/cve/CVE-2020-11077/", }, { category: "self", summary: "SUSE CVE CVE-2020-12052 page", url: "https://www.suse.com/security/cve/CVE-2020-12052/", }, { category: "self", summary: "SUSE CVE CVE-2020-13254 page", url: "https://www.suse.com/security/cve/CVE-2020-13254/", }, { category: "self", summary: "SUSE CVE CVE-2020-13379 page", url: "https://www.suse.com/security/cve/CVE-2020-13379/", }, { category: "self", summary: "SUSE CVE CVE-2020-13596 page", url: "https://www.suse.com/security/cve/CVE-2020-13596/", }, { category: "self", summary: "SUSE CVE CVE-2020-5247 page", url: "https://www.suse.com/security/cve/CVE-2020-5247/", }, { category: "self", summary: "SUSE CVE CVE-2020-5312 page", url: "https://www.suse.com/security/cve/CVE-2020-5312/", }, { category: "self", summary: "SUSE CVE CVE-2020-5313 page", url: "https://www.suse.com/security/cve/CVE-2020-5313/", }, { category: "self", summary: "SUSE CVE CVE-2020-5390 page", url: "https://www.suse.com/security/cve/CVE-2020-5390/", }, { category: "self", summary: "SUSE CVE CVE-2020-8151 page", url: "https://www.suse.com/security/cve/CVE-2020-8151/", }, ], title: "Security update for ansible, crowbar-core, crowbar-ha, crowbar-openstack, etcd, flannel, grafana, keepalived, kibana, memcached, monasca-installer, openstack-dashboard-theme-SUSE, openstack-manila, openstack-neutron-fwaas, openstack-nova, openstack-tempest, python-Django, python-Pillow, python-psql2mysql, python-psutil, python-py, python-pysaml2, python-waitress, rabbitmq-server, release-notes-suse-openstack-cloud, zookeeper", tracking: { current_release_date: "2020-07-29T14:31:35Z", generator: { date: "2020-07-29T14:31:35Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "SUSE-RU-2020:2072-1", initial_release_date: "2020-07-29T14:31:35Z", revision_history: [ { date: "2020-07-29T14:31:35Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.aarch64", product: { name: "crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.aarch64", product_id: "crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.aarch64", }, }, { category: "product_version", name: "crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.aarch64", product: { name: "crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.aarch64", product_id: "crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.aarch64", }, }, { category: "product_version", name: "crowbar-core-devel-4.0+git.1580209654.1d112d31f-9.66.5.aarch64", product: { name: "crowbar-core-devel-4.0+git.1580209654.1d112d31f-9.66.5.aarch64", product_id: "crowbar-core-devel-4.0+git.1580209654.1d112d31f-9.66.5.aarch64", }, }, { category: "product_version", name: "erlang-rabbitmq-client-3.4.4-3.16.1.aarch64", product: { name: "erlang-rabbitmq-client-3.4.4-3.16.1.aarch64", product_id: "erlang-rabbitmq-client-3.4.4-3.16.1.aarch64", }, }, { category: "product_version", name: "grafana-4.6.5-1.14.1.aarch64", product: { name: "grafana-4.6.5-1.14.1.aarch64", product_id: "grafana-4.6.5-1.14.1.aarch64", }, }, { category: "product_version", name: "keepalived-2.0.19-1.8.1.aarch64", product: { name: "keepalived-2.0.19-1.8.1.aarch64", product_id: "keepalived-2.0.19-1.8.1.aarch64", }, }, { category: "product_version", name: "kibana-4.6.3-5.1.aarch64", product: { name: "kibana-4.6.3-5.1.aarch64", product_id: "kibana-4.6.3-5.1.aarch64", }, }, { category: "product_version", name: "libzookeeper2-3.4.10-6.1.aarch64", product: { name: "libzookeeper2-3.4.10-6.1.aarch64", product_id: "libzookeeper2-3.4.10-6.1.aarch64", }, }, { category: "product_version", name: "libzookeeper2-devel-3.4.10-6.1.aarch64", product: { name: "libzookeeper2-devel-3.4.10-6.1.aarch64", product_id: "libzookeeper2-devel-3.4.10-6.1.aarch64", }, }, { category: "product_version", name: "memcached-1.5.17-3.6.1.aarch64", product: { name: "memcached-1.5.17-3.6.1.aarch64", product_id: "memcached-1.5.17-3.6.1.aarch64", }, }, { category: "product_version", name: "memcached-devel-1.5.17-3.6.1.aarch64", product: { name: "memcached-devel-1.5.17-3.6.1.aarch64", product_id: "memcached-devel-1.5.17-3.6.1.aarch64", }, }, { category: "product_version", name: "python-Pillow-2.8.1-4.12.1.aarch64", product: { name: "python-Pillow-2.8.1-4.12.1.aarch64", product_id: "python-Pillow-2.8.1-4.12.1.aarch64", }, }, { category: "product_version", name: "python-Pillow-tk-2.8.1-4.12.1.aarch64", product: { name: "python-Pillow-tk-2.8.1-4.12.1.aarch64", product_id: "python-Pillow-tk-2.8.1-4.12.1.aarch64", }, }, { category: "product_version", name: "python-psutil-1.2.1-21.1.aarch64", product: { name: "python-psutil-1.2.1-21.1.aarch64", product_id: "python-psutil-1.2.1-21.1.aarch64", }, }, { category: "product_version", name: "python3-psutil-1.2.1-21.1.aarch64", product: { name: "python3-psutil-1.2.1-21.1.aarch64", product_id: "python3-psutil-1.2.1-21.1.aarch64", }, }, { category: "product_version", name: "rabbitmq-server-3.4.4-3.16.1.aarch64", product: { name: "rabbitmq-server-3.4.4-3.16.1.aarch64", product_id: "rabbitmq-server-3.4.4-3.16.1.aarch64", }, }, { category: "product_version", name: "rabbitmq-server-plugins-3.4.4-3.16.1.aarch64", product: { name: "rabbitmq-server-plugins-3.4.4-3.16.1.aarch64", product_id: "rabbitmq-server-plugins-3.4.4-3.16.1.aarch64", }, }, { category: "product_version", name: "ruby2.1-rubygem-activeresource-4.0.0-3.3.1.aarch64", product: { name: "ruby2.1-rubygem-activeresource-4.0.0-3.3.1.aarch64", product_id: "ruby2.1-rubygem-activeresource-4.0.0-3.3.1.aarch64", }, }, { category: "product_version", name: "ruby2.1-rubygem-activeresource-doc-4.0.0-3.3.1.aarch64", product: { name: "ruby2.1-rubygem-activeresource-doc-4.0.0-3.3.1.aarch64", product_id: "ruby2.1-rubygem-activeresource-doc-4.0.0-3.3.1.aarch64", }, }, { category: "product_version", name: "ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.aarch64", product: { name: "ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.aarch64", product_id: "ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.aarch64", }, }, { category: "product_version", name: "ruby2.1-rubygem-crowbar-client-doc-3.9.2-7.20.1.aarch64", product: { name: "ruby2.1-rubygem-crowbar-client-doc-3.9.2-7.20.1.aarch64", product_id: "ruby2.1-rubygem-crowbar-client-doc-3.9.2-7.20.1.aarch64", }, }, { category: "product_version", name: "ruby2.1-rubygem-crowbar-client-testsuite-3.9.2-7.20.1.aarch64", product: { name: "ruby2.1-rubygem-crowbar-client-testsuite-3.9.2-7.20.1.aarch64", product_id: "ruby2.1-rubygem-crowbar-client-testsuite-3.9.2-7.20.1.aarch64", }, }, { category: "product_version", name: "ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.aarch64", product: { name: "ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.aarch64", product_id: "ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.aarch64", }, }, { category: "product_version", name: "ruby2.1-rubygem-puma-2.16.0-4.6.1.aarch64", product: { name: "ruby2.1-rubygem-puma-2.16.0-4.6.1.aarch64", product_id: "ruby2.1-rubygem-puma-2.16.0-4.6.1.aarch64", }, }, { category: "product_version", name: "ruby2.1-rubygem-puma-doc-2.16.0-4.6.1.aarch64", product: { name: "ruby2.1-rubygem-puma-doc-2.16.0-4.6.1.aarch64", product_id: "ruby2.1-rubygem-puma-doc-2.16.0-4.6.1.aarch64", }, }, { category: "product_version", name: "zookeeper-client-3.4.10-6.1.aarch64", product: { name: "zookeeper-client-3.4.10-6.1.aarch64", product_id: "zookeeper-client-3.4.10-6.1.aarch64", }, }, ], category: "architecture", name: "aarch64", }, { branches: [ { category: "product_version", name: "ansible-2.2.3.0-12.2.noarch", product: { name: "ansible-2.2.3.0-12.2.noarch", product_id: "ansible-2.2.3.0-12.2.noarch", }, }, { category: "product_version", name: "crowbar-ha-4.0+git.1585316203.d6ad2c8-4.52.4.noarch", product: { name: "crowbar-ha-4.0+git.1585316203.d6ad2c8-4.52.4.noarch", product_id: "crowbar-ha-4.0+git.1585316203.d6ad2c8-4.52.4.noarch", }, }, { category: "product_version", name: "crowbar-openstack-4.0+git.1589804581.9972163f0-9.71.4.noarch", product: { name: "crowbar-openstack-4.0+git.1589804581.9972163f0-9.71.4.noarch", product_id: "crowbar-openstack-4.0+git.1589804581.9972163f0-9.71.4.noarch", }, }, { category: "product_version", name: "monasca-installer-20180608_12.47-12.1.noarch", product: { name: "monasca-installer-20180608_12.47-12.1.noarch", product_id: "monasca-installer-20180608_12.47-12.1.noarch", }, }, { category: "product_version", name: "openstack-dashboard-theme-SUSE-2016.2-5.12.4.noarch", product: { name: "openstack-dashboard-theme-SUSE-2016.2-5.12.4.noarch", product_id: "openstack-dashboard-theme-SUSE-2016.2-5.12.4.noarch", }, }, { category: "product_version", name: "openstack-manila-3.0.1~dev30-4.12.2.noarch", product: { name: "openstack-manila-3.0.1~dev30-4.12.2.noarch", product_id: "openstack-manila-3.0.1~dev30-4.12.2.noarch", }, }, { category: "product_version", name: "openstack-manila-api-3.0.1~dev30-4.12.2.noarch", product: { name: "openstack-manila-api-3.0.1~dev30-4.12.2.noarch", product_id: "openstack-manila-api-3.0.1~dev30-4.12.2.noarch", }, }, { category: "product_version", name: "openstack-manila-data-3.0.1~dev30-4.12.2.noarch", product: { name: "openstack-manila-data-3.0.1~dev30-4.12.2.noarch", product_id: "openstack-manila-data-3.0.1~dev30-4.12.2.noarch", }, }, { category: "product_version", name: "openstack-manila-doc-3.0.1~dev30-4.12.3.noarch", product: { name: "openstack-manila-doc-3.0.1~dev30-4.12.3.noarch", product_id: "openstack-manila-doc-3.0.1~dev30-4.12.3.noarch", }, }, { category: "product_version", name: "openstack-manila-scheduler-3.0.1~dev30-4.12.2.noarch", product: { name: "openstack-manila-scheduler-3.0.1~dev30-4.12.2.noarch", product_id: "openstack-manila-scheduler-3.0.1~dev30-4.12.2.noarch", }, }, { category: "product_version", name: "openstack-manila-share-3.0.1~dev30-4.12.2.noarch", product: { name: "openstack-manila-share-3.0.1~dev30-4.12.2.noarch", product_id: "openstack-manila-share-3.0.1~dev30-4.12.2.noarch", }, }, { category: "product_version", name: "openstack-manila-test-3.0.1~dev30-4.12.2.noarch", product: { name: "openstack-manila-test-3.0.1~dev30-4.12.2.noarch", product_id: "openstack-manila-test-3.0.1~dev30-4.12.2.noarch", }, }, { category: "product_version", name: "openstack-neutron-fwaas-9.0.2~dev5-4.9.3.noarch", product: { name: "openstack-neutron-fwaas-9.0.2~dev5-4.9.3.noarch", product_id: "openstack-neutron-fwaas-9.0.2~dev5-4.9.3.noarch", }, }, { category: "product_version", name: "openstack-neutron-fwaas-doc-9.0.2~dev5-4.9.4.noarch", product: { name: "openstack-neutron-fwaas-doc-9.0.2~dev5-4.9.4.noarch", product_id: "openstack-neutron-fwaas-doc-9.0.2~dev5-4.9.4.noarch", }, }, { category: "product_version", name: "openstack-neutron-fwaas-test-9.0.2~dev5-4.9.3.noarch", product: { name: "openstack-neutron-fwaas-test-9.0.2~dev5-4.9.3.noarch", product_id: "openstack-neutron-fwaas-test-9.0.2~dev5-4.9.3.noarch", }, }, { category: "product_version", name: "openstack-nova-14.0.11~dev13-4.40.2.noarch", product: { name: "openstack-nova-14.0.11~dev13-4.40.2.noarch", product_id: "openstack-nova-14.0.11~dev13-4.40.2.noarch", }, }, { category: "product_version", name: "openstack-nova-api-14.0.11~dev13-4.40.2.noarch", product: { name: "openstack-nova-api-14.0.11~dev13-4.40.2.noarch", product_id: "openstack-nova-api-14.0.11~dev13-4.40.2.noarch", }, }, { category: "product_version", name: "openstack-nova-cells-14.0.11~dev13-4.40.2.noarch", product: { name: "openstack-nova-cells-14.0.11~dev13-4.40.2.noarch", product_id: "openstack-nova-cells-14.0.11~dev13-4.40.2.noarch", }, }, { category: "product_version", name: "openstack-nova-cert-14.0.11~dev13-4.40.2.noarch", product: { name: "openstack-nova-cert-14.0.11~dev13-4.40.2.noarch", product_id: "openstack-nova-cert-14.0.11~dev13-4.40.2.noarch", }, }, { category: "product_version", name: "openstack-nova-compute-14.0.11~dev13-4.40.2.noarch", product: { name: "openstack-nova-compute-14.0.11~dev13-4.40.2.noarch", product_id: "openstack-nova-compute-14.0.11~dev13-4.40.2.noarch", }, }, { category: "product_version", name: "openstack-nova-conductor-14.0.11~dev13-4.40.2.noarch", product: { name: "openstack-nova-conductor-14.0.11~dev13-4.40.2.noarch", product_id: "openstack-nova-conductor-14.0.11~dev13-4.40.2.noarch", }, }, { category: "product_version", name: "openstack-nova-console-14.0.11~dev13-4.40.2.noarch", product: { name: "openstack-nova-console-14.0.11~dev13-4.40.2.noarch", product_id: "openstack-nova-console-14.0.11~dev13-4.40.2.noarch", }, }, { category: "product_version", name: "openstack-nova-consoleauth-14.0.11~dev13-4.40.2.noarch", product: { name: "openstack-nova-consoleauth-14.0.11~dev13-4.40.2.noarch", product_id: "openstack-nova-consoleauth-14.0.11~dev13-4.40.2.noarch", }, }, { category: "product_version", name: "openstack-nova-doc-14.0.11~dev13-4.40.2.noarch", product: { name: "openstack-nova-doc-14.0.11~dev13-4.40.2.noarch", product_id: "openstack-nova-doc-14.0.11~dev13-4.40.2.noarch", }, }, { category: "product_version", name: "openstack-nova-network-14.0.11~dev13-4.40.2.noarch", product: { name: "openstack-nova-network-14.0.11~dev13-4.40.2.noarch", product_id: "openstack-nova-network-14.0.11~dev13-4.40.2.noarch", }, }, { category: "product_version", name: "openstack-nova-novncproxy-14.0.11~dev13-4.40.2.noarch", product: { name: "openstack-nova-novncproxy-14.0.11~dev13-4.40.2.noarch", product_id: "openstack-nova-novncproxy-14.0.11~dev13-4.40.2.noarch", }, }, { category: "product_version", name: "openstack-nova-placement-api-14.0.11~dev13-4.40.2.noarch", product: { name: "openstack-nova-placement-api-14.0.11~dev13-4.40.2.noarch", product_id: "openstack-nova-placement-api-14.0.11~dev13-4.40.2.noarch", }, }, { category: "product_version", name: "openstack-nova-scheduler-14.0.11~dev13-4.40.2.noarch", product: { name: "openstack-nova-scheduler-14.0.11~dev13-4.40.2.noarch", product_id: "openstack-nova-scheduler-14.0.11~dev13-4.40.2.noarch", }, }, { category: "product_version", name: "openstack-nova-serialproxy-14.0.11~dev13-4.40.2.noarch", product: { name: "openstack-nova-serialproxy-14.0.11~dev13-4.40.2.noarch", product_id: "openstack-nova-serialproxy-14.0.11~dev13-4.40.2.noarch", }, }, { category: "product_version", name: "openstack-nova-test-14.0.11~dev13-4.40.2.noarch", product: { name: "openstack-nova-test-14.0.11~dev13-4.40.2.noarch", product_id: "openstack-nova-test-14.0.11~dev13-4.40.2.noarch", }, }, { category: "product_version", name: "openstack-nova-vncproxy-14.0.11~dev13-4.40.2.noarch", product: { name: "openstack-nova-vncproxy-14.0.11~dev13-4.40.2.noarch", product_id: "openstack-nova-vncproxy-14.0.11~dev13-4.40.2.noarch", }, }, { category: "product_version", name: "openstack-tempest-12.2.1~a0~dev177-4.9.1.noarch", product: { name: "openstack-tempest-12.2.1~a0~dev177-4.9.1.noarch", product_id: "openstack-tempest-12.2.1~a0~dev177-4.9.1.noarch", }, }, { category: "product_version", name: "openstack-tempest-test-12.2.1~a0~dev177-4.9.1.noarch", product: { name: "openstack-tempest-test-12.2.1~a0~dev177-4.9.1.noarch", product_id: "openstack-tempest-test-12.2.1~a0~dev177-4.9.1.noarch", }, }, { category: "product_version", name: "openstack-xen-plugins-14.0.11~dev13-4.40.2.noarch", product: { name: "openstack-xen-plugins-14.0.11~dev13-4.40.2.noarch", product_id: "openstack-xen-plugins-14.0.11~dev13-4.40.2.noarch", }, }, { category: "product_version", name: "python-Django-1.8.19-3.23.1.noarch", product: { name: "python-Django-1.8.19-3.23.1.noarch", product_id: "python-Django-1.8.19-3.23.1.noarch", }, }, { category: "product_version", name: "python-manila-3.0.1~dev30-4.12.2.noarch", product: { name: "python-manila-3.0.1~dev30-4.12.2.noarch", product_id: "python-manila-3.0.1~dev30-4.12.2.noarch", }, }, { category: "product_version", name: "python-neutron-fwaas-9.0.2~dev5-4.9.3.noarch", product: { name: "python-neutron-fwaas-9.0.2~dev5-4.9.3.noarch", product_id: "python-neutron-fwaas-9.0.2~dev5-4.9.3.noarch", }, }, { category: "product_version", name: "python-nova-14.0.11~dev13-4.40.2.noarch", product: { name: "python-nova-14.0.11~dev13-4.40.2.noarch", product_id: "python-nova-14.0.11~dev13-4.40.2.noarch", }, }, { category: "product_version", name: "python-psql2mysql-0.5.0+git.1589351878.4ef877c-1.12.1.noarch", product: { name: "python-psql2mysql-0.5.0+git.1589351878.4ef877c-1.12.1.noarch", product_id: "python-psql2mysql-0.5.0+git.1589351878.4ef877c-1.12.1.noarch", }, }, { category: "product_version", name: "python-py-1.8.1-11.12.1.noarch", product: { name: "python-py-1.8.1-11.12.1.noarch", product_id: "python-py-1.8.1-11.12.1.noarch", }, }, { category: "product_version", name: "python-pylons-sphinx-themes-1.0.11-1.3.1.noarch", product: { name: "python-pylons-sphinx-themes-1.0.11-1.3.1.noarch", product_id: "python-pylons-sphinx-themes-1.0.11-1.3.1.noarch", }, }, { category: "product_version", name: "python-pysaml2-4.0.2-3.17.1.noarch", product: { name: "python-pysaml2-4.0.2-3.17.1.noarch", product_id: "python-pysaml2-4.0.2-3.17.1.noarch", }, }, { category: "product_version", name: "python-tempest-12.2.1~a0~dev177-4.9.1.noarch", product: { name: "python-tempest-12.2.1~a0~dev177-4.9.1.noarch", product_id: "python-tempest-12.2.1~a0~dev177-4.9.1.noarch", }, }, { category: "product_version", name: "python-waitress-1.4.3-3.3.1.noarch", product: { name: "python-waitress-1.4.3-3.3.1.noarch", product_id: "python-waitress-1.4.3-3.3.1.noarch", }, }, { category: "product_version", name: "python-waitress-doc-1.4.3-3.3.1.noarch", product: { name: "python-waitress-doc-1.4.3-3.3.1.noarch", product_id: "python-waitress-doc-1.4.3-3.3.1.noarch", }, }, { category: "product_version", name: "python3-py-1.8.1-11.12.1.noarch", product: { name: "python3-py-1.8.1-11.12.1.noarch", product_id: "python3-py-1.8.1-11.12.1.noarch", }, }, { category: "product_version", name: "python3-waitress-1.4.3-3.3.1.noarch", product: { name: "python3-waitress-1.4.3-3.3.1.noarch", product_id: "python3-waitress-1.4.3-3.3.1.noarch", }, }, { category: "product_version", name: "python3-waitress-doc-1.4.3-3.3.1.noarch", product: { name: "python3-waitress-doc-1.4.3-3.3.1.noarch", product_id: "python3-waitress-doc-1.4.3-3.3.1.noarch", }, }, { category: "product_version", name: "release-notes-suse-openstack-cloud-7.20180803-3.18.3.noarch", product: { name: "release-notes-suse-openstack-cloud-7.20180803-3.18.3.noarch", product_id: "release-notes-suse-openstack-cloud-7.20180803-3.18.3.noarch", }, }, { category: "product_version", name: "zookeeper-server-3.4.10-6.1.noarch", product: { name: "zookeeper-server-3.4.10-6.1.noarch", product_id: "zookeeper-server-3.4.10-6.1.noarch", }, }, ], category: "architecture", name: "noarch", }, { branches: [ { category: "product_version", name: "crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.ppc64le", product: { name: "crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.ppc64le", product_id: "crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.ppc64le", }, }, { category: "product_version", name: "crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.ppc64le", product: { name: "crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.ppc64le", product_id: "crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.ppc64le", }, }, { category: "product_version", name: "crowbar-core-devel-4.0+git.1580209654.1d112d31f-9.66.5.ppc64le", product: { name: "crowbar-core-devel-4.0+git.1580209654.1d112d31f-9.66.5.ppc64le", product_id: "crowbar-core-devel-4.0+git.1580209654.1d112d31f-9.66.5.ppc64le", }, }, { category: "product_version", name: "erlang-rabbitmq-client-3.4.4-3.16.1.ppc64le", product: { name: "erlang-rabbitmq-client-3.4.4-3.16.1.ppc64le", product_id: "erlang-rabbitmq-client-3.4.4-3.16.1.ppc64le", }, }, { category: "product_version", name: "grafana-4.6.5-1.14.1.ppc64le", product: { name: "grafana-4.6.5-1.14.1.ppc64le", product_id: "grafana-4.6.5-1.14.1.ppc64le", }, }, { category: "product_version", name: "keepalived-2.0.19-1.8.1.ppc64le", product: { name: "keepalived-2.0.19-1.8.1.ppc64le", product_id: "keepalived-2.0.19-1.8.1.ppc64le", }, }, { category: "product_version", name: "kibana-4.6.3-5.1.ppc64le", product: { name: "kibana-4.6.3-5.1.ppc64le", product_id: "kibana-4.6.3-5.1.ppc64le", }, }, { category: "product_version", name: "libzookeeper2-3.4.10-6.1.ppc64le", product: { name: "libzookeeper2-3.4.10-6.1.ppc64le", product_id: "libzookeeper2-3.4.10-6.1.ppc64le", }, }, { category: "product_version", name: "libzookeeper2-devel-3.4.10-6.1.ppc64le", product: { name: "libzookeeper2-devel-3.4.10-6.1.ppc64le", product_id: "libzookeeper2-devel-3.4.10-6.1.ppc64le", }, }, { category: "product_version", name: "memcached-1.5.17-3.6.1.ppc64le", product: { name: "memcached-1.5.17-3.6.1.ppc64le", product_id: "memcached-1.5.17-3.6.1.ppc64le", }, }, { category: "product_version", name: "memcached-devel-1.5.17-3.6.1.ppc64le", product: { name: "memcached-devel-1.5.17-3.6.1.ppc64le", product_id: "memcached-devel-1.5.17-3.6.1.ppc64le", }, }, { category: "product_version", name: "python-Pillow-2.8.1-4.12.1.ppc64le", product: { name: "python-Pillow-2.8.1-4.12.1.ppc64le", product_id: "python-Pillow-2.8.1-4.12.1.ppc64le", }, }, { category: "product_version", name: "python-Pillow-tk-2.8.1-4.12.1.ppc64le", product: { name: "python-Pillow-tk-2.8.1-4.12.1.ppc64le", product_id: "python-Pillow-tk-2.8.1-4.12.1.ppc64le", }, }, { category: "product_version", name: "python-psutil-1.2.1-21.1.ppc64le", product: { name: "python-psutil-1.2.1-21.1.ppc64le", product_id: "python-psutil-1.2.1-21.1.ppc64le", }, }, { category: "product_version", name: "python3-psutil-1.2.1-21.1.ppc64le", product: { name: "python3-psutil-1.2.1-21.1.ppc64le", product_id: "python3-psutil-1.2.1-21.1.ppc64le", }, }, { category: "product_version", name: "rabbitmq-server-3.4.4-3.16.1.ppc64le", product: { name: "rabbitmq-server-3.4.4-3.16.1.ppc64le", product_id: "rabbitmq-server-3.4.4-3.16.1.ppc64le", }, }, { category: "product_version", name: "rabbitmq-server-plugins-3.4.4-3.16.1.ppc64le", product: { name: "rabbitmq-server-plugins-3.4.4-3.16.1.ppc64le", product_id: "rabbitmq-server-plugins-3.4.4-3.16.1.ppc64le", }, }, { category: "product_version", name: "ruby2.1-rubygem-activeresource-4.0.0-3.3.1.ppc64le", product: { name: "ruby2.1-rubygem-activeresource-4.0.0-3.3.1.ppc64le", product_id: "ruby2.1-rubygem-activeresource-4.0.0-3.3.1.ppc64le", }, }, { category: "product_version", name: "ruby2.1-rubygem-activeresource-doc-4.0.0-3.3.1.ppc64le", product: { name: "ruby2.1-rubygem-activeresource-doc-4.0.0-3.3.1.ppc64le", product_id: "ruby2.1-rubygem-activeresource-doc-4.0.0-3.3.1.ppc64le", }, }, { category: "product_version", name: "ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.ppc64le", product: { name: "ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.ppc64le", product_id: "ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.ppc64le", }, }, { category: "product_version", name: "ruby2.1-rubygem-crowbar-client-doc-3.9.2-7.20.1.ppc64le", product: { name: "ruby2.1-rubygem-crowbar-client-doc-3.9.2-7.20.1.ppc64le", product_id: "ruby2.1-rubygem-crowbar-client-doc-3.9.2-7.20.1.ppc64le", }, }, { category: "product_version", name: "ruby2.1-rubygem-crowbar-client-testsuite-3.9.2-7.20.1.ppc64le", product: { name: "ruby2.1-rubygem-crowbar-client-testsuite-3.9.2-7.20.1.ppc64le", product_id: "ruby2.1-rubygem-crowbar-client-testsuite-3.9.2-7.20.1.ppc64le", }, }, { category: "product_version", name: "ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.ppc64le", product: { name: "ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.ppc64le", product_id: "ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.ppc64le", }, }, { category: "product_version", name: "ruby2.1-rubygem-puma-2.16.0-4.6.1.ppc64le", product: { name: "ruby2.1-rubygem-puma-2.16.0-4.6.1.ppc64le", product_id: "ruby2.1-rubygem-puma-2.16.0-4.6.1.ppc64le", }, }, { category: "product_version", name: "ruby2.1-rubygem-puma-doc-2.16.0-4.6.1.ppc64le", product: { name: "ruby2.1-rubygem-puma-doc-2.16.0-4.6.1.ppc64le", product_id: "ruby2.1-rubygem-puma-doc-2.16.0-4.6.1.ppc64le", }, }, { category: "product_version", name: "zookeeper-client-3.4.10-6.1.ppc64le", product: { name: "zookeeper-client-3.4.10-6.1.ppc64le", product_id: "zookeeper-client-3.4.10-6.1.ppc64le", }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.s390x", product: { name: "crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.s390x", product_id: "crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.s390x", }, }, { category: "product_version", name: "crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.s390x", product: { name: "crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.s390x", product_id: "crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.s390x", }, }, { category: "product_version", name: "crowbar-core-devel-4.0+git.1580209654.1d112d31f-9.66.5.s390x", product: { name: "crowbar-core-devel-4.0+git.1580209654.1d112d31f-9.66.5.s390x", product_id: "crowbar-core-devel-4.0+git.1580209654.1d112d31f-9.66.5.s390x", }, }, { category: "product_version", name: "erlang-rabbitmq-client-3.4.4-3.16.1.s390x", product: { name: "erlang-rabbitmq-client-3.4.4-3.16.1.s390x", product_id: "erlang-rabbitmq-client-3.4.4-3.16.1.s390x", }, }, { category: "product_version", name: "grafana-4.6.5-1.14.1.s390x", product: { name: "grafana-4.6.5-1.14.1.s390x", product_id: "grafana-4.6.5-1.14.1.s390x", }, }, { category: "product_version", name: "keepalived-2.0.19-1.8.1.s390x", product: { name: "keepalived-2.0.19-1.8.1.s390x", product_id: "keepalived-2.0.19-1.8.1.s390x", }, }, { category: "product_version", name: "kibana-4.6.3-5.1.s390x", product: { name: "kibana-4.6.3-5.1.s390x", product_id: "kibana-4.6.3-5.1.s390x", }, }, { category: "product_version", name: "libzookeeper2-3.4.10-6.1.s390x", product: { name: "libzookeeper2-3.4.10-6.1.s390x", product_id: "libzookeeper2-3.4.10-6.1.s390x", }, }, { category: "product_version", name: "libzookeeper2-devel-3.4.10-6.1.s390x", product: { name: "libzookeeper2-devel-3.4.10-6.1.s390x", product_id: "libzookeeper2-devel-3.4.10-6.1.s390x", }, }, { category: "product_version", name: "memcached-1.5.17-3.6.1.s390x", product: { name: "memcached-1.5.17-3.6.1.s390x", product_id: "memcached-1.5.17-3.6.1.s390x", }, }, { category: "product_version", name: "memcached-devel-1.5.17-3.6.1.s390x", product: { name: "memcached-devel-1.5.17-3.6.1.s390x", product_id: "memcached-devel-1.5.17-3.6.1.s390x", }, }, { category: "product_version", name: "python-Pillow-2.8.1-4.12.1.s390x", product: { name: "python-Pillow-2.8.1-4.12.1.s390x", product_id: "python-Pillow-2.8.1-4.12.1.s390x", }, }, { category: "product_version", name: "python-Pillow-tk-2.8.1-4.12.1.s390x", product: { name: "python-Pillow-tk-2.8.1-4.12.1.s390x", product_id: "python-Pillow-tk-2.8.1-4.12.1.s390x", }, }, { category: "product_version", name: "python-cffi-1.11.2-3.3.2.s390x", product: { name: "python-cffi-1.11.2-3.3.2.s390x", product_id: "python-cffi-1.11.2-3.3.2.s390x", }, }, { category: "product_version", name: "python-psutil-1.2.1-21.1.s390x", product: { name: "python-psutil-1.2.1-21.1.s390x", product_id: "python-psutil-1.2.1-21.1.s390x", }, }, { category: "product_version", name: "python3-psutil-1.2.1-21.1.s390x", product: { name: "python3-psutil-1.2.1-21.1.s390x", product_id: "python3-psutil-1.2.1-21.1.s390x", }, }, { category: "product_version", name: "rabbitmq-server-3.4.4-3.16.1.s390x", product: { name: "rabbitmq-server-3.4.4-3.16.1.s390x", product_id: "rabbitmq-server-3.4.4-3.16.1.s390x", }, }, { category: "product_version", name: "rabbitmq-server-plugins-3.4.4-3.16.1.s390x", product: { name: "rabbitmq-server-plugins-3.4.4-3.16.1.s390x", product_id: "rabbitmq-server-plugins-3.4.4-3.16.1.s390x", }, }, { category: "product_version", name: "ruby2.1-rubygem-activeresource-4.0.0-3.3.1.s390x", product: { name: "ruby2.1-rubygem-activeresource-4.0.0-3.3.1.s390x", product_id: "ruby2.1-rubygem-activeresource-4.0.0-3.3.1.s390x", }, }, { category: "product_version", name: "ruby2.1-rubygem-activeresource-doc-4.0.0-3.3.1.s390x", product: { name: "ruby2.1-rubygem-activeresource-doc-4.0.0-3.3.1.s390x", product_id: "ruby2.1-rubygem-activeresource-doc-4.0.0-3.3.1.s390x", }, }, { category: "product_version", name: "ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.s390x", product: { name: "ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.s390x", product_id: "ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.s390x", }, }, { category: "product_version", name: "ruby2.1-rubygem-crowbar-client-doc-3.9.2-7.20.1.s390x", product: { name: "ruby2.1-rubygem-crowbar-client-doc-3.9.2-7.20.1.s390x", product_id: "ruby2.1-rubygem-crowbar-client-doc-3.9.2-7.20.1.s390x", }, }, { category: "product_version", name: "ruby2.1-rubygem-crowbar-client-testsuite-3.9.2-7.20.1.s390x", product: { name: "ruby2.1-rubygem-crowbar-client-testsuite-3.9.2-7.20.1.s390x", product_id: "ruby2.1-rubygem-crowbar-client-testsuite-3.9.2-7.20.1.s390x", }, }, { category: "product_version", name: "ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.s390x", product: { name: "ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.s390x", product_id: "ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.s390x", }, }, { category: "product_version", name: "ruby2.1-rubygem-puma-2.16.0-4.6.1.s390x", product: { name: "ruby2.1-rubygem-puma-2.16.0-4.6.1.s390x", product_id: "ruby2.1-rubygem-puma-2.16.0-4.6.1.s390x", }, }, { category: "product_version", name: "ruby2.1-rubygem-puma-doc-2.16.0-4.6.1.s390x", product: { name: "ruby2.1-rubygem-puma-doc-2.16.0-4.6.1.s390x", product_id: "ruby2.1-rubygem-puma-doc-2.16.0-4.6.1.s390x", }, }, { category: "product_version", name: "zookeeper-client-3.4.10-6.1.s390x", product: { name: "zookeeper-client-3.4.10-6.1.s390x", product_id: "zookeeper-client-3.4.10-6.1.s390x", }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.x86_64", product: { name: "crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.x86_64", product_id: "crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.x86_64", }, }, { category: "product_version", name: "crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.x86_64", product: { name: "crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.x86_64", product_id: "crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.x86_64", }, }, { category: "product_version", name: "crowbar-core-devel-4.0+git.1580209654.1d112d31f-9.66.5.x86_64", product: { name: "crowbar-core-devel-4.0+git.1580209654.1d112d31f-9.66.5.x86_64", product_id: "crowbar-core-devel-4.0+git.1580209654.1d112d31f-9.66.5.x86_64", }, }, { category: "product_version", name: "erlang-rabbitmq-client-3.4.4-3.16.1.x86_64", product: { name: "erlang-rabbitmq-client-3.4.4-3.16.1.x86_64", product_id: "erlang-rabbitmq-client-3.4.4-3.16.1.x86_64", }, }, { category: "product_version", name: "grafana-4.6.5-1.14.1.x86_64", product: { name: "grafana-4.6.5-1.14.1.x86_64", product_id: "grafana-4.6.5-1.14.1.x86_64", }, }, { category: "product_version", name: "keepalived-2.0.19-1.8.1.x86_64", product: { name: "keepalived-2.0.19-1.8.1.x86_64", product_id: "keepalived-2.0.19-1.8.1.x86_64", }, }, { category: "product_version", name: "kibana-4.6.3-5.1.x86_64", product: { name: "kibana-4.6.3-5.1.x86_64", product_id: "kibana-4.6.3-5.1.x86_64", }, }, { category: "product_version", name: "libzookeeper2-3.4.10-6.1.x86_64", product: { name: "libzookeeper2-3.4.10-6.1.x86_64", product_id: "libzookeeper2-3.4.10-6.1.x86_64", }, }, { category: "product_version", name: "libzookeeper2-devel-3.4.10-6.1.x86_64", product: { name: "libzookeeper2-devel-3.4.10-6.1.x86_64", product_id: "libzookeeper2-devel-3.4.10-6.1.x86_64", }, }, { category: "product_version", name: "memcached-1.5.17-3.6.1.x86_64", product: { name: "memcached-1.5.17-3.6.1.x86_64", product_id: "memcached-1.5.17-3.6.1.x86_64", }, }, { category: "product_version", name: "memcached-devel-1.5.17-3.6.1.x86_64", product: { name: "memcached-devel-1.5.17-3.6.1.x86_64", product_id: "memcached-devel-1.5.17-3.6.1.x86_64", }, }, { category: "product_version", name: "python-Pillow-2.8.1-4.12.1.x86_64", product: { name: "python-Pillow-2.8.1-4.12.1.x86_64", product_id: "python-Pillow-2.8.1-4.12.1.x86_64", }, }, { category: "product_version", name: "python-Pillow-tk-2.8.1-4.12.1.x86_64", product: { name: "python-Pillow-tk-2.8.1-4.12.1.x86_64", product_id: "python-Pillow-tk-2.8.1-4.12.1.x86_64", }, }, { category: "product_version", name: "python-cffi-1.11.2-3.3.2.x86_64", product: { name: "python-cffi-1.11.2-3.3.2.x86_64", product_id: "python-cffi-1.11.2-3.3.2.x86_64", }, }, { category: "product_version", name: "python-psutil-1.2.1-21.1.x86_64", product: { name: "python-psutil-1.2.1-21.1.x86_64", product_id: "python-psutil-1.2.1-21.1.x86_64", }, }, { category: "product_version", name: "python3-psutil-1.2.1-21.1.x86_64", product: { name: "python3-psutil-1.2.1-21.1.x86_64", product_id: "python3-psutil-1.2.1-21.1.x86_64", }, }, { category: "product_version", name: "rabbitmq-server-3.4.4-3.16.1.x86_64", product: { name: "rabbitmq-server-3.4.4-3.16.1.x86_64", product_id: "rabbitmq-server-3.4.4-3.16.1.x86_64", }, }, { category: "product_version", name: "rabbitmq-server-plugins-3.4.4-3.16.1.x86_64", product: { name: "rabbitmq-server-plugins-3.4.4-3.16.1.x86_64", product_id: "rabbitmq-server-plugins-3.4.4-3.16.1.x86_64", }, }, { category: "product_version", name: "ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64", product: { name: "ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64", product_id: "ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64", }, }, { category: "product_version", name: "ruby2.1-rubygem-activeresource-doc-4.0.0-3.3.1.x86_64", product: { name: "ruby2.1-rubygem-activeresource-doc-4.0.0-3.3.1.x86_64", product_id: "ruby2.1-rubygem-activeresource-doc-4.0.0-3.3.1.x86_64", }, }, { category: "product_version", name: "ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.x86_64", product: { name: "ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.x86_64", product_id: "ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.x86_64", }, }, { category: "product_version", name: "ruby2.1-rubygem-crowbar-client-doc-3.9.2-7.20.1.x86_64", product: { name: "ruby2.1-rubygem-crowbar-client-doc-3.9.2-7.20.1.x86_64", product_id: "ruby2.1-rubygem-crowbar-client-doc-3.9.2-7.20.1.x86_64", }, }, { category: "product_version", name: "ruby2.1-rubygem-crowbar-client-testsuite-3.9.2-7.20.1.x86_64", product: { name: "ruby2.1-rubygem-crowbar-client-testsuite-3.9.2-7.20.1.x86_64", product_id: "ruby2.1-rubygem-crowbar-client-testsuite-3.9.2-7.20.1.x86_64", }, }, { category: "product_version", name: "ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64", product: { name: "ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64", product_id: "ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64", }, }, { category: "product_version", name: "ruby2.1-rubygem-puma-2.16.0-4.6.1.x86_64", product: { name: "ruby2.1-rubygem-puma-2.16.0-4.6.1.x86_64", product_id: "ruby2.1-rubygem-puma-2.16.0-4.6.1.x86_64", }, }, { category: "product_version", name: "ruby2.1-rubygem-puma-doc-2.16.0-4.6.1.x86_64", product: { name: "ruby2.1-rubygem-puma-doc-2.16.0-4.6.1.x86_64", product_id: "ruby2.1-rubygem-puma-doc-2.16.0-4.6.1.x86_64", }, }, { category: "product_version", name: "zookeeper-client-3.4.10-6.1.x86_64", product: { name: "zookeeper-client-3.4.10-6.1.x86_64", product_id: "zookeeper-client-3.4.10-6.1.x86_64", }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_name", name: "SUSE OpenStack Cloud 7", product: { name: "SUSE OpenStack Cloud 7", product_id: "SUSE OpenStack Cloud 7", product_identification_helper: { cpe: "cpe:/o:suse:suse-openstack-cloud:7", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "ansible-2.2.3.0-12.2.noarch as component of SUSE OpenStack Cloud 7", product_id: "SUSE OpenStack Cloud 7:ansible-2.2.3.0-12.2.noarch", }, product_reference: "ansible-2.2.3.0-12.2.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 7", }, { category: "default_component_of", full_product_name: { name: "crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.s390x as component of SUSE OpenStack Cloud 7", product_id: "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.s390x", }, product_reference: "crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.s390x", relates_to_product_reference: "SUSE OpenStack Cloud 7", }, { category: "default_component_of", full_product_name: { name: "crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.x86_64 as component of SUSE OpenStack Cloud 7", product_id: "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.x86_64", }, product_reference: "crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.x86_64", relates_to_product_reference: "SUSE OpenStack Cloud 7", }, { category: "default_component_of", full_product_name: { name: "crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.s390x as component of SUSE OpenStack Cloud 7", product_id: "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.s390x", }, product_reference: "crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.s390x", relates_to_product_reference: "SUSE OpenStack Cloud 7", }, { category: "default_component_of", full_product_name: { name: "crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.x86_64 as component of SUSE OpenStack Cloud 7", product_id: "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.x86_64", }, product_reference: "crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.x86_64", relates_to_product_reference: "SUSE OpenStack Cloud 7", }, { category: "default_component_of", full_product_name: { name: "crowbar-ha-4.0+git.1585316203.d6ad2c8-4.52.4.noarch as component of SUSE OpenStack Cloud 7", product_id: "SUSE OpenStack Cloud 7:crowbar-ha-4.0+git.1585316203.d6ad2c8-4.52.4.noarch", }, product_reference: "crowbar-ha-4.0+git.1585316203.d6ad2c8-4.52.4.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 7", }, { category: "default_component_of", full_product_name: { name: "crowbar-openstack-4.0+git.1589804581.9972163f0-9.71.4.noarch as component of SUSE OpenStack Cloud 7", product_id: "SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1589804581.9972163f0-9.71.4.noarch", }, product_reference: "crowbar-openstack-4.0+git.1589804581.9972163f0-9.71.4.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 7", }, { category: "default_component_of", full_product_name: { name: "grafana-4.6.5-1.14.1.x86_64 as component of SUSE OpenStack Cloud 7", product_id: "SUSE OpenStack Cloud 7:grafana-4.6.5-1.14.1.x86_64", }, product_reference: "grafana-4.6.5-1.14.1.x86_64", relates_to_product_reference: "SUSE OpenStack Cloud 7", }, { category: "default_component_of", full_product_name: { name: "keepalived-2.0.19-1.8.1.s390x as component of SUSE OpenStack Cloud 7", product_id: "SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.s390x", }, product_reference: "keepalived-2.0.19-1.8.1.s390x", relates_to_product_reference: "SUSE OpenStack Cloud 7", }, { category: "default_component_of", full_product_name: { name: "keepalived-2.0.19-1.8.1.x86_64 as component of SUSE OpenStack Cloud 7", product_id: "SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.x86_64", }, product_reference: "keepalived-2.0.19-1.8.1.x86_64", relates_to_product_reference: "SUSE OpenStack Cloud 7", }, { category: "default_component_of", full_product_name: { name: "kibana-4.6.3-5.1.x86_64 as component of SUSE OpenStack Cloud 7", product_id: "SUSE OpenStack Cloud 7:kibana-4.6.3-5.1.x86_64", }, product_reference: "kibana-4.6.3-5.1.x86_64", relates_to_product_reference: "SUSE OpenStack Cloud 7", }, { category: "default_component_of", full_product_name: { name: "memcached-1.5.17-3.6.1.s390x as component of SUSE OpenStack Cloud 7", product_id: "SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.s390x", }, product_reference: "memcached-1.5.17-3.6.1.s390x", relates_to_product_reference: "SUSE OpenStack Cloud 7", }, { category: "default_component_of", full_product_name: { name: "memcached-1.5.17-3.6.1.x86_64 as component of SUSE OpenStack Cloud 7", product_id: "SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.x86_64", }, product_reference: "memcached-1.5.17-3.6.1.x86_64", relates_to_product_reference: "SUSE OpenStack Cloud 7", }, { category: "default_component_of", full_product_name: { name: "monasca-installer-20180608_12.47-12.1.noarch as component of SUSE OpenStack Cloud 7", product_id: "SUSE OpenStack Cloud 7:monasca-installer-20180608_12.47-12.1.noarch", }, product_reference: "monasca-installer-20180608_12.47-12.1.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 7", }, { category: "default_component_of", full_product_name: { name: "openstack-dashboard-theme-SUSE-2016.2-5.12.4.noarch as component of SUSE OpenStack Cloud 7", product_id: "SUSE OpenStack Cloud 7:openstack-dashboard-theme-SUSE-2016.2-5.12.4.noarch", }, product_reference: "openstack-dashboard-theme-SUSE-2016.2-5.12.4.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 7", }, { category: "default_component_of", full_product_name: { name: "openstack-manila-3.0.1~dev30-4.12.2.noarch as component of SUSE OpenStack Cloud 7", product_id: "SUSE OpenStack Cloud 7:openstack-manila-3.0.1~dev30-4.12.2.noarch", }, product_reference: "openstack-manila-3.0.1~dev30-4.12.2.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 7", }, { category: "default_component_of", full_product_name: { name: "openstack-manila-api-3.0.1~dev30-4.12.2.noarch as component of SUSE OpenStack Cloud 7", product_id: "SUSE OpenStack Cloud 7:openstack-manila-api-3.0.1~dev30-4.12.2.noarch", }, product_reference: "openstack-manila-api-3.0.1~dev30-4.12.2.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 7", }, { category: "default_component_of", full_product_name: { name: "openstack-manila-data-3.0.1~dev30-4.12.2.noarch as component of SUSE OpenStack Cloud 7", product_id: "SUSE OpenStack Cloud 7:openstack-manila-data-3.0.1~dev30-4.12.2.noarch", }, product_reference: "openstack-manila-data-3.0.1~dev30-4.12.2.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 7", }, { category: "default_component_of", full_product_name: { name: "openstack-manila-doc-3.0.1~dev30-4.12.3.noarch as component of SUSE OpenStack Cloud 7", product_id: "SUSE OpenStack Cloud 7:openstack-manila-doc-3.0.1~dev30-4.12.3.noarch", }, product_reference: "openstack-manila-doc-3.0.1~dev30-4.12.3.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 7", }, { category: "default_component_of", full_product_name: { name: "openstack-manila-scheduler-3.0.1~dev30-4.12.2.noarch as component of SUSE OpenStack Cloud 7", product_id: "SUSE OpenStack Cloud 7:openstack-manila-scheduler-3.0.1~dev30-4.12.2.noarch", }, product_reference: "openstack-manila-scheduler-3.0.1~dev30-4.12.2.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 7", }, { category: "default_component_of", full_product_name: { name: "openstack-manila-share-3.0.1~dev30-4.12.2.noarch as component of SUSE OpenStack Cloud 7", product_id: "SUSE OpenStack Cloud 7:openstack-manila-share-3.0.1~dev30-4.12.2.noarch", }, product_reference: "openstack-manila-share-3.0.1~dev30-4.12.2.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 7", }, { category: "default_component_of", full_product_name: { name: "openstack-neutron-fwaas-9.0.2~dev5-4.9.3.noarch as component of SUSE OpenStack Cloud 7", product_id: "SUSE OpenStack Cloud 7:openstack-neutron-fwaas-9.0.2~dev5-4.9.3.noarch", }, product_reference: "openstack-neutron-fwaas-9.0.2~dev5-4.9.3.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 7", }, { category: "default_component_of", full_product_name: { name: "openstack-neutron-fwaas-doc-9.0.2~dev5-4.9.4.noarch as component of SUSE OpenStack Cloud 7", product_id: "SUSE OpenStack Cloud 7:openstack-neutron-fwaas-doc-9.0.2~dev5-4.9.4.noarch", }, product_reference: "openstack-neutron-fwaas-doc-9.0.2~dev5-4.9.4.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 7", }, { category: "default_component_of", full_product_name: { name: "openstack-nova-14.0.11~dev13-4.40.2.noarch as component of SUSE OpenStack Cloud 7", product_id: "SUSE OpenStack Cloud 7:openstack-nova-14.0.11~dev13-4.40.2.noarch", }, product_reference: "openstack-nova-14.0.11~dev13-4.40.2.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 7", }, { category: "default_component_of", full_product_name: { name: "openstack-nova-api-14.0.11~dev13-4.40.2.noarch as component of SUSE OpenStack Cloud 7", product_id: "SUSE OpenStack Cloud 7:openstack-nova-api-14.0.11~dev13-4.40.2.noarch", }, product_reference: "openstack-nova-api-14.0.11~dev13-4.40.2.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 7", }, { category: "default_component_of", full_product_name: { name: "openstack-nova-cells-14.0.11~dev13-4.40.2.noarch as component of SUSE OpenStack Cloud 7", product_id: "SUSE OpenStack Cloud 7:openstack-nova-cells-14.0.11~dev13-4.40.2.noarch", }, product_reference: "openstack-nova-cells-14.0.11~dev13-4.40.2.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 7", }, { category: "default_component_of", full_product_name: { name: "openstack-nova-cert-14.0.11~dev13-4.40.2.noarch as component of SUSE OpenStack Cloud 7", product_id: "SUSE OpenStack Cloud 7:openstack-nova-cert-14.0.11~dev13-4.40.2.noarch", }, product_reference: "openstack-nova-cert-14.0.11~dev13-4.40.2.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 7", }, { category: "default_component_of", full_product_name: { name: "openstack-nova-compute-14.0.11~dev13-4.40.2.noarch as component of SUSE OpenStack Cloud 7", product_id: "SUSE OpenStack Cloud 7:openstack-nova-compute-14.0.11~dev13-4.40.2.noarch", }, product_reference: "openstack-nova-compute-14.0.11~dev13-4.40.2.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 7", }, { category: "default_component_of", full_product_name: { name: "openstack-nova-conductor-14.0.11~dev13-4.40.2.noarch as component of SUSE OpenStack Cloud 7", product_id: "SUSE OpenStack Cloud 7:openstack-nova-conductor-14.0.11~dev13-4.40.2.noarch", }, product_reference: "openstack-nova-conductor-14.0.11~dev13-4.40.2.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 7", }, { category: "default_component_of", full_product_name: { name: "openstack-nova-console-14.0.11~dev13-4.40.2.noarch as component of SUSE OpenStack Cloud 7", product_id: "SUSE OpenStack Cloud 7:openstack-nova-console-14.0.11~dev13-4.40.2.noarch", }, product_reference: "openstack-nova-console-14.0.11~dev13-4.40.2.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 7", }, { category: "default_component_of", full_product_name: { name: "openstack-nova-consoleauth-14.0.11~dev13-4.40.2.noarch as component of SUSE OpenStack Cloud 7", product_id: "SUSE OpenStack Cloud 7:openstack-nova-consoleauth-14.0.11~dev13-4.40.2.noarch", }, product_reference: "openstack-nova-consoleauth-14.0.11~dev13-4.40.2.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 7", }, { category: "default_component_of", full_product_name: { name: "openstack-nova-doc-14.0.11~dev13-4.40.2.noarch as component of SUSE OpenStack Cloud 7", product_id: "SUSE OpenStack Cloud 7:openstack-nova-doc-14.0.11~dev13-4.40.2.noarch", }, product_reference: "openstack-nova-doc-14.0.11~dev13-4.40.2.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 7", }, { category: "default_component_of", full_product_name: { name: "openstack-nova-novncproxy-14.0.11~dev13-4.40.2.noarch as component of SUSE OpenStack Cloud 7", product_id: "SUSE OpenStack Cloud 7:openstack-nova-novncproxy-14.0.11~dev13-4.40.2.noarch", }, product_reference: "openstack-nova-novncproxy-14.0.11~dev13-4.40.2.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 7", }, { category: "default_component_of", full_product_name: { name: "openstack-nova-placement-api-14.0.11~dev13-4.40.2.noarch as component of SUSE OpenStack Cloud 7", product_id: "SUSE OpenStack Cloud 7:openstack-nova-placement-api-14.0.11~dev13-4.40.2.noarch", }, product_reference: "openstack-nova-placement-api-14.0.11~dev13-4.40.2.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 7", }, { category: "default_component_of", full_product_name: { name: "openstack-nova-scheduler-14.0.11~dev13-4.40.2.noarch as component of SUSE OpenStack Cloud 7", product_id: "SUSE OpenStack Cloud 7:openstack-nova-scheduler-14.0.11~dev13-4.40.2.noarch", }, product_reference: "openstack-nova-scheduler-14.0.11~dev13-4.40.2.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 7", }, { category: "default_component_of", full_product_name: { name: "openstack-nova-serialproxy-14.0.11~dev13-4.40.2.noarch as component of SUSE OpenStack Cloud 7", product_id: "SUSE OpenStack Cloud 7:openstack-nova-serialproxy-14.0.11~dev13-4.40.2.noarch", }, product_reference: "openstack-nova-serialproxy-14.0.11~dev13-4.40.2.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 7", }, { category: "default_component_of", full_product_name: { name: "openstack-nova-vncproxy-14.0.11~dev13-4.40.2.noarch as component of SUSE OpenStack Cloud 7", product_id: "SUSE OpenStack Cloud 7:openstack-nova-vncproxy-14.0.11~dev13-4.40.2.noarch", }, product_reference: "openstack-nova-vncproxy-14.0.11~dev13-4.40.2.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 7", }, { category: "default_component_of", full_product_name: { name: "openstack-tempest-12.2.1~a0~dev177-4.9.1.noarch as component of SUSE OpenStack Cloud 7", product_id: "SUSE OpenStack Cloud 7:openstack-tempest-12.2.1~a0~dev177-4.9.1.noarch", }, product_reference: "openstack-tempest-12.2.1~a0~dev177-4.9.1.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 7", }, { category: "default_component_of", full_product_name: { name: "openstack-tempest-test-12.2.1~a0~dev177-4.9.1.noarch as component of SUSE OpenStack Cloud 7", product_id: "SUSE OpenStack Cloud 7:openstack-tempest-test-12.2.1~a0~dev177-4.9.1.noarch", }, product_reference: "openstack-tempest-test-12.2.1~a0~dev177-4.9.1.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 7", }, { category: "default_component_of", full_product_name: { name: "python-Django-1.8.19-3.23.1.noarch as component of SUSE OpenStack Cloud 7", product_id: "SUSE OpenStack Cloud 7:python-Django-1.8.19-3.23.1.noarch", }, product_reference: "python-Django-1.8.19-3.23.1.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 7", }, { category: "default_component_of", full_product_name: { name: "python-Pillow-2.8.1-4.12.1.s390x as component of SUSE OpenStack Cloud 7", product_id: "SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.s390x", }, product_reference: "python-Pillow-2.8.1-4.12.1.s390x", relates_to_product_reference: "SUSE OpenStack Cloud 7", }, { category: "default_component_of", full_product_name: { name: "python-Pillow-2.8.1-4.12.1.x86_64 as component of SUSE OpenStack Cloud 7", product_id: "SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.x86_64", }, product_reference: "python-Pillow-2.8.1-4.12.1.x86_64", relates_to_product_reference: "SUSE OpenStack Cloud 7", }, { category: "default_component_of", full_product_name: { name: "python-manila-3.0.1~dev30-4.12.2.noarch as component of SUSE OpenStack Cloud 7", product_id: "SUSE OpenStack Cloud 7:python-manila-3.0.1~dev30-4.12.2.noarch", }, product_reference: "python-manila-3.0.1~dev30-4.12.2.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 7", }, { category: "default_component_of", full_product_name: { name: "python-neutron-fwaas-9.0.2~dev5-4.9.3.noarch as component of SUSE OpenStack Cloud 7", product_id: "SUSE OpenStack Cloud 7:python-neutron-fwaas-9.0.2~dev5-4.9.3.noarch", }, product_reference: "python-neutron-fwaas-9.0.2~dev5-4.9.3.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 7", }, { category: "default_component_of", full_product_name: { name: "python-nova-14.0.11~dev13-4.40.2.noarch as component of SUSE OpenStack Cloud 7", product_id: "SUSE OpenStack Cloud 7:python-nova-14.0.11~dev13-4.40.2.noarch", }, product_reference: "python-nova-14.0.11~dev13-4.40.2.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 7", }, { category: "default_component_of", full_product_name: { name: "python-psql2mysql-0.5.0+git.1589351878.4ef877c-1.12.1.noarch as component of SUSE OpenStack Cloud 7", product_id: "SUSE OpenStack Cloud 7:python-psql2mysql-0.5.0+git.1589351878.4ef877c-1.12.1.noarch", }, product_reference: "python-psql2mysql-0.5.0+git.1589351878.4ef877c-1.12.1.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 7", }, { category: "default_component_of", full_product_name: { name: "python-psutil-1.2.1-21.1.s390x as component of SUSE OpenStack Cloud 7", product_id: "SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.s390x", }, product_reference: "python-psutil-1.2.1-21.1.s390x", relates_to_product_reference: "SUSE OpenStack Cloud 7", }, { category: "default_component_of", full_product_name: { name: "python-psutil-1.2.1-21.1.x86_64 as component of SUSE OpenStack Cloud 7", product_id: "SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.x86_64", }, product_reference: "python-psutil-1.2.1-21.1.x86_64", relates_to_product_reference: "SUSE OpenStack Cloud 7", }, { category: "default_component_of", full_product_name: { name: "python-py-1.8.1-11.12.1.noarch as component of SUSE OpenStack Cloud 7", product_id: "SUSE OpenStack Cloud 7:python-py-1.8.1-11.12.1.noarch", }, product_reference: "python-py-1.8.1-11.12.1.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 7", }, { category: "default_component_of", full_product_name: { name: "python-pysaml2-4.0.2-3.17.1.noarch as component of SUSE OpenStack Cloud 7", product_id: "SUSE OpenStack Cloud 7:python-pysaml2-4.0.2-3.17.1.noarch", }, product_reference: "python-pysaml2-4.0.2-3.17.1.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 7", }, { category: "default_component_of", full_product_name: { name: "python-tempest-12.2.1~a0~dev177-4.9.1.noarch as component of SUSE OpenStack Cloud 7", product_id: "SUSE OpenStack Cloud 7:python-tempest-12.2.1~a0~dev177-4.9.1.noarch", }, product_reference: "python-tempest-12.2.1~a0~dev177-4.9.1.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 7", }, { category: "default_component_of", full_product_name: { name: "python-waitress-1.4.3-3.3.1.noarch as component of SUSE OpenStack Cloud 7", product_id: "SUSE OpenStack Cloud 7:python-waitress-1.4.3-3.3.1.noarch", }, product_reference: "python-waitress-1.4.3-3.3.1.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 7", }, { category: "default_component_of", full_product_name: { name: "rabbitmq-server-3.4.4-3.16.1.s390x as component of SUSE OpenStack Cloud 7", product_id: "SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.s390x", }, product_reference: "rabbitmq-server-3.4.4-3.16.1.s390x", relates_to_product_reference: "SUSE OpenStack Cloud 7", }, { category: "default_component_of", full_product_name: { name: "rabbitmq-server-3.4.4-3.16.1.x86_64 as component of SUSE OpenStack Cloud 7", product_id: "SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.x86_64", }, product_reference: "rabbitmq-server-3.4.4-3.16.1.x86_64", relates_to_product_reference: "SUSE OpenStack Cloud 7", }, { category: "default_component_of", full_product_name: { name: "rabbitmq-server-plugins-3.4.4-3.16.1.s390x as component of SUSE OpenStack Cloud 7", product_id: "SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.s390x", }, product_reference: "rabbitmq-server-plugins-3.4.4-3.16.1.s390x", relates_to_product_reference: "SUSE OpenStack Cloud 7", }, { category: "default_component_of", full_product_name: { name: "rabbitmq-server-plugins-3.4.4-3.16.1.x86_64 as component of SUSE OpenStack Cloud 7", product_id: "SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.x86_64", }, product_reference: "rabbitmq-server-plugins-3.4.4-3.16.1.x86_64", relates_to_product_reference: "SUSE OpenStack Cloud 7", }, { category: "default_component_of", full_product_name: { name: "release-notes-suse-openstack-cloud-7.20180803-3.18.3.noarch as component of SUSE OpenStack Cloud 7", product_id: "SUSE OpenStack Cloud 7:release-notes-suse-openstack-cloud-7.20180803-3.18.3.noarch", }, product_reference: "release-notes-suse-openstack-cloud-7.20180803-3.18.3.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 7", }, { category: "default_component_of", full_product_name: { name: "ruby2.1-rubygem-activeresource-4.0.0-3.3.1.s390x as component of SUSE OpenStack Cloud 7", product_id: "SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.s390x", }, product_reference: "ruby2.1-rubygem-activeresource-4.0.0-3.3.1.s390x", relates_to_product_reference: "SUSE OpenStack Cloud 7", }, { category: "default_component_of", full_product_name: { name: "ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64 as component of SUSE OpenStack Cloud 7", product_id: "SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64", }, product_reference: "ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64", relates_to_product_reference: "SUSE OpenStack Cloud 7", }, { category: "default_component_of", full_product_name: { name: "ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.s390x as component of SUSE OpenStack Cloud 7", product_id: "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.s390x", }, product_reference: "ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.s390x", relates_to_product_reference: "SUSE OpenStack Cloud 7", }, { category: "default_component_of", full_product_name: { name: "ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.x86_64 as component of SUSE OpenStack Cloud 7", product_id: "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.x86_64", }, product_reference: "ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.x86_64", relates_to_product_reference: "SUSE OpenStack Cloud 7", }, { category: "default_component_of", full_product_name: { name: "ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.s390x as component of SUSE OpenStack Cloud 7", product_id: "SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.s390x", }, product_reference: "ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.s390x", relates_to_product_reference: "SUSE OpenStack Cloud 7", }, { category: "default_component_of", full_product_name: { name: "ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64 as component of SUSE OpenStack Cloud 7", product_id: "SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64", }, product_reference: "ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64", relates_to_product_reference: "SUSE OpenStack Cloud 7", }, { category: "default_component_of", full_product_name: { name: "ruby2.1-rubygem-puma-2.16.0-4.6.1.s390x as component of SUSE OpenStack Cloud 7", product_id: "SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.s390x", }, product_reference: "ruby2.1-rubygem-puma-2.16.0-4.6.1.s390x", relates_to_product_reference: "SUSE OpenStack Cloud 7", }, { category: "default_component_of", full_product_name: { name: "ruby2.1-rubygem-puma-2.16.0-4.6.1.x86_64 as component of SUSE OpenStack Cloud 7", product_id: "SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.x86_64", }, product_reference: "ruby2.1-rubygem-puma-2.16.0-4.6.1.x86_64", relates_to_product_reference: "SUSE OpenStack Cloud 7", }, { category: "default_component_of", full_product_name: { name: "zookeeper-server-3.4.10-6.1.noarch as component of SUSE OpenStack Cloud 7", product_id: "SUSE OpenStack Cloud 7:zookeeper-server-3.4.10-6.1.noarch", }, product_reference: "zookeeper-server-3.4.10-6.1.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 7", }, ], }, vulnerabilities: [ { cve: "CVE-2017-1000246", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-1000246", }, ], notes: [ { category: "general", text: "Python package pysaml2 version 4.4.0 and earlier reuses the initialization vector across encryptions in the IDP server, resulting in weak encryption of data.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE OpenStack Cloud 7:ansible-2.2.3.0-12.2.noarch", "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.s390x", "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.x86_64", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.s390x", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.x86_64", "SUSE OpenStack Cloud 7:crowbar-ha-4.0+git.1585316203.d6ad2c8-4.52.4.noarch", "SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1589804581.9972163f0-9.71.4.noarch", "SUSE OpenStack Cloud 7:grafana-4.6.5-1.14.1.x86_64", "SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.s390x", "SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.x86_64", "SUSE OpenStack Cloud 7:kibana-4.6.3-5.1.x86_64", "SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.s390x", "SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.x86_64", "SUSE OpenStack Cloud 7:monasca-installer-20180608_12.47-12.1.noarch", "SUSE OpenStack Cloud 7:openstack-dashboard-theme-SUSE-2016.2-5.12.4.noarch", "SUSE OpenStack Cloud 7:openstack-manila-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-api-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-data-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-doc-3.0.1~dev30-4.12.3.noarch", "SUSE OpenStack Cloud 7:openstack-manila-scheduler-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-share-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-neutron-fwaas-9.0.2~dev5-4.9.3.noarch", "SUSE OpenStack Cloud 7:openstack-neutron-fwaas-doc-9.0.2~dev5-4.9.4.noarch", "SUSE OpenStack Cloud 7:openstack-nova-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-api-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-cells-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-cert-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-compute-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-conductor-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-console-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-consoleauth-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-doc-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-novncproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-placement-api-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-scheduler-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-serialproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-vncproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-tempest-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:openstack-tempest-test-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:python-Django-1.8.19-3.23.1.noarch", "SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.s390x", "SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.x86_64", "SUSE OpenStack Cloud 7:python-manila-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:python-neutron-fwaas-9.0.2~dev5-4.9.3.noarch", "SUSE OpenStack Cloud 7:python-nova-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:python-psql2mysql-0.5.0+git.1589351878.4ef877c-1.12.1.noarch", "SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.s390x", "SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.x86_64", "SUSE OpenStack Cloud 7:python-py-1.8.1-11.12.1.noarch", "SUSE OpenStack Cloud 7:python-pysaml2-4.0.2-3.17.1.noarch", "SUSE OpenStack Cloud 7:python-tempest-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.s390x", "SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.x86_64", "SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.s390x", "SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.x86_64", "SUSE OpenStack Cloud 7:release-notes-suse-openstack-cloud-7.20180803-3.18.3.noarch", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.x86_64", "SUSE OpenStack Cloud 7:zookeeper-server-3.4.10-6.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2017-1000246", url: "https://www.suse.com/security/cve/CVE-2017-1000246", }, { category: "external", summary: "SUSE Bug 1068612 for CVE-2017-1000246", url: "https://bugzilla.suse.com/1068612", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE OpenStack Cloud 7:ansible-2.2.3.0-12.2.noarch", "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.s390x", "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.x86_64", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.s390x", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.x86_64", "SUSE OpenStack Cloud 7:crowbar-ha-4.0+git.1585316203.d6ad2c8-4.52.4.noarch", "SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1589804581.9972163f0-9.71.4.noarch", "SUSE OpenStack Cloud 7:grafana-4.6.5-1.14.1.x86_64", "SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.s390x", "SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.x86_64", "SUSE OpenStack Cloud 7:kibana-4.6.3-5.1.x86_64", "SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.s390x", "SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.x86_64", "SUSE OpenStack Cloud 7:monasca-installer-20180608_12.47-12.1.noarch", "SUSE OpenStack Cloud 7:openstack-dashboard-theme-SUSE-2016.2-5.12.4.noarch", "SUSE OpenStack Cloud 7:openstack-manila-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-api-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-data-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-doc-3.0.1~dev30-4.12.3.noarch", "SUSE OpenStack Cloud 7:openstack-manila-scheduler-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-share-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-neutron-fwaas-9.0.2~dev5-4.9.3.noarch", "SUSE OpenStack Cloud 7:openstack-neutron-fwaas-doc-9.0.2~dev5-4.9.4.noarch", "SUSE OpenStack Cloud 7:openstack-nova-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-api-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-cells-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-cert-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-compute-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-conductor-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-console-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-consoleauth-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-doc-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-novncproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-placement-api-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-scheduler-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-serialproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-vncproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-tempest-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:openstack-tempest-test-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:python-Django-1.8.19-3.23.1.noarch", "SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.s390x", "SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.x86_64", "SUSE OpenStack Cloud 7:python-manila-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:python-neutron-fwaas-9.0.2~dev5-4.9.3.noarch", "SUSE OpenStack Cloud 7:python-nova-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:python-psql2mysql-0.5.0+git.1589351878.4ef877c-1.12.1.noarch", "SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.s390x", "SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.x86_64", "SUSE OpenStack Cloud 7:python-py-1.8.1-11.12.1.noarch", "SUSE OpenStack Cloud 7:python-pysaml2-4.0.2-3.17.1.noarch", "SUSE OpenStack Cloud 7:python-tempest-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.s390x", "SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.x86_64", "SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.s390x", "SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.x86_64", "SUSE OpenStack Cloud 7:release-notes-suse-openstack-cloud-7.20180803-3.18.3.noarch", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.x86_64", "SUSE OpenStack Cloud 7:zookeeper-server-3.4.10-6.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 3.7, baseSeverity: "LOW", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N", version: "3.0", }, products: [ "SUSE OpenStack Cloud 7:ansible-2.2.3.0-12.2.noarch", "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.s390x", "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.x86_64", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.s390x", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.x86_64", "SUSE OpenStack Cloud 7:crowbar-ha-4.0+git.1585316203.d6ad2c8-4.52.4.noarch", "SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1589804581.9972163f0-9.71.4.noarch", "SUSE OpenStack Cloud 7:grafana-4.6.5-1.14.1.x86_64", "SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.s390x", "SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.x86_64", "SUSE OpenStack Cloud 7:kibana-4.6.3-5.1.x86_64", "SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.s390x", "SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.x86_64", "SUSE OpenStack Cloud 7:monasca-installer-20180608_12.47-12.1.noarch", "SUSE OpenStack Cloud 7:openstack-dashboard-theme-SUSE-2016.2-5.12.4.noarch", "SUSE OpenStack Cloud 7:openstack-manila-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-api-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-data-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-doc-3.0.1~dev30-4.12.3.noarch", "SUSE OpenStack Cloud 7:openstack-manila-scheduler-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-share-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-neutron-fwaas-9.0.2~dev5-4.9.3.noarch", "SUSE OpenStack Cloud 7:openstack-neutron-fwaas-doc-9.0.2~dev5-4.9.4.noarch", "SUSE OpenStack Cloud 7:openstack-nova-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-api-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-cells-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-cert-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-compute-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-conductor-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-console-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-consoleauth-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-doc-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-novncproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-placement-api-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-scheduler-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-serialproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-vncproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-tempest-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:openstack-tempest-test-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:python-Django-1.8.19-3.23.1.noarch", "SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.s390x", "SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.x86_64", "SUSE OpenStack Cloud 7:python-manila-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:python-neutron-fwaas-9.0.2~dev5-4.9.3.noarch", "SUSE OpenStack Cloud 7:python-nova-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:python-psql2mysql-0.5.0+git.1589351878.4ef877c-1.12.1.noarch", "SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.s390x", "SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.x86_64", "SUSE OpenStack Cloud 7:python-py-1.8.1-11.12.1.noarch", "SUSE OpenStack Cloud 7:python-pysaml2-4.0.2-3.17.1.noarch", "SUSE OpenStack Cloud 7:python-tempest-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.s390x", "SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.x86_64", "SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.s390x", "SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.x86_64", "SUSE OpenStack Cloud 7:release-notes-suse-openstack-cloud-7.20180803-3.18.3.noarch", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.x86_64", "SUSE OpenStack Cloud 7:zookeeper-server-3.4.10-6.1.noarch", ], }, ], threats: [ { category: "impact", date: "2020-07-29T14:31:35Z", details: "low", }, ], title: "CVE-2017-1000246", }, { cve: "CVE-2017-4965", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-4965", }, ], notes: [ { category: "general", text: "An issue was discovered in these Pivotal RabbitMQ versions: all 3.4.x versions, all 3.5.x versions, and 3.6.x versions prior to 3.6.9; and these RabbitMQ for PCF versions: all 1.5.x versions, 1.6.x versions prior to 1.6.18, and 1.7.x versions prior to 1.7.15. Several forms in the RabbitMQ management UI are vulnerable to XSS attacks.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE OpenStack Cloud 7:ansible-2.2.3.0-12.2.noarch", "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.s390x", "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.x86_64", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.s390x", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.x86_64", "SUSE OpenStack Cloud 7:crowbar-ha-4.0+git.1585316203.d6ad2c8-4.52.4.noarch", "SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1589804581.9972163f0-9.71.4.noarch", "SUSE OpenStack Cloud 7:grafana-4.6.5-1.14.1.x86_64", "SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.s390x", "SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.x86_64", "SUSE OpenStack Cloud 7:kibana-4.6.3-5.1.x86_64", "SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.s390x", "SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.x86_64", "SUSE OpenStack Cloud 7:monasca-installer-20180608_12.47-12.1.noarch", "SUSE OpenStack Cloud 7:openstack-dashboard-theme-SUSE-2016.2-5.12.4.noarch", "SUSE OpenStack Cloud 7:openstack-manila-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-api-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-data-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-doc-3.0.1~dev30-4.12.3.noarch", "SUSE OpenStack Cloud 7:openstack-manila-scheduler-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-share-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-neutron-fwaas-9.0.2~dev5-4.9.3.noarch", "SUSE OpenStack Cloud 7:openstack-neutron-fwaas-doc-9.0.2~dev5-4.9.4.noarch", "SUSE OpenStack Cloud 7:openstack-nova-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-api-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-cells-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-cert-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-compute-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-conductor-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-console-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-consoleauth-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-doc-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-novncproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-placement-api-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-scheduler-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-serialproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-vncproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-tempest-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:openstack-tempest-test-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:python-Django-1.8.19-3.23.1.noarch", "SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.s390x", "SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.x86_64", "SUSE OpenStack Cloud 7:python-manila-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:python-neutron-fwaas-9.0.2~dev5-4.9.3.noarch", "SUSE OpenStack Cloud 7:python-nova-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:python-psql2mysql-0.5.0+git.1589351878.4ef877c-1.12.1.noarch", "SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.s390x", "SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.x86_64", "SUSE OpenStack Cloud 7:python-py-1.8.1-11.12.1.noarch", "SUSE OpenStack Cloud 7:python-pysaml2-4.0.2-3.17.1.noarch", "SUSE OpenStack Cloud 7:python-tempest-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.s390x", "SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.x86_64", "SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.s390x", "SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.x86_64", "SUSE OpenStack Cloud 7:release-notes-suse-openstack-cloud-7.20180803-3.18.3.noarch", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.x86_64", "SUSE OpenStack Cloud 7:zookeeper-server-3.4.10-6.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2017-4965", url: "https://www.suse.com/security/cve/CVE-2017-4965", }, { category: "external", summary: "SUSE Bug 1037777 for CVE-2017-4965", url: "https://bugzilla.suse.com/1037777", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE OpenStack Cloud 7:ansible-2.2.3.0-12.2.noarch", "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.s390x", "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.x86_64", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.s390x", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.x86_64", "SUSE OpenStack Cloud 7:crowbar-ha-4.0+git.1585316203.d6ad2c8-4.52.4.noarch", "SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1589804581.9972163f0-9.71.4.noarch", "SUSE OpenStack Cloud 7:grafana-4.6.5-1.14.1.x86_64", "SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.s390x", "SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.x86_64", "SUSE OpenStack Cloud 7:kibana-4.6.3-5.1.x86_64", "SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.s390x", "SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.x86_64", "SUSE OpenStack Cloud 7:monasca-installer-20180608_12.47-12.1.noarch", "SUSE OpenStack Cloud 7:openstack-dashboard-theme-SUSE-2016.2-5.12.4.noarch", "SUSE OpenStack Cloud 7:openstack-manila-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-api-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-data-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-doc-3.0.1~dev30-4.12.3.noarch", "SUSE OpenStack Cloud 7:openstack-manila-scheduler-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-share-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-neutron-fwaas-9.0.2~dev5-4.9.3.noarch", "SUSE OpenStack Cloud 7:openstack-neutron-fwaas-doc-9.0.2~dev5-4.9.4.noarch", "SUSE OpenStack Cloud 7:openstack-nova-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-api-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-cells-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-cert-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-compute-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-conductor-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-console-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-consoleauth-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-doc-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-novncproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-placement-api-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-scheduler-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-serialproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-vncproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-tempest-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:openstack-tempest-test-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:python-Django-1.8.19-3.23.1.noarch", "SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.s390x", "SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.x86_64", "SUSE OpenStack Cloud 7:python-manila-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:python-neutron-fwaas-9.0.2~dev5-4.9.3.noarch", "SUSE OpenStack Cloud 7:python-nova-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:python-psql2mysql-0.5.0+git.1589351878.4ef877c-1.12.1.noarch", "SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.s390x", "SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.x86_64", "SUSE OpenStack Cloud 7:python-py-1.8.1-11.12.1.noarch", "SUSE OpenStack Cloud 7:python-pysaml2-4.0.2-3.17.1.noarch", "SUSE OpenStack Cloud 7:python-tempest-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.s390x", "SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.x86_64", "SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.s390x", "SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.x86_64", "SUSE OpenStack Cloud 7:release-notes-suse-openstack-cloud-7.20180803-3.18.3.noarch", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.x86_64", "SUSE OpenStack Cloud 7:zookeeper-server-3.4.10-6.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 6.1, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, products: [ "SUSE OpenStack Cloud 7:ansible-2.2.3.0-12.2.noarch", "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.s390x", "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.x86_64", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.s390x", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.x86_64", "SUSE OpenStack Cloud 7:crowbar-ha-4.0+git.1585316203.d6ad2c8-4.52.4.noarch", "SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1589804581.9972163f0-9.71.4.noarch", "SUSE OpenStack Cloud 7:grafana-4.6.5-1.14.1.x86_64", "SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.s390x", "SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.x86_64", "SUSE OpenStack Cloud 7:kibana-4.6.3-5.1.x86_64", "SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.s390x", "SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.x86_64", "SUSE OpenStack Cloud 7:monasca-installer-20180608_12.47-12.1.noarch", "SUSE OpenStack Cloud 7:openstack-dashboard-theme-SUSE-2016.2-5.12.4.noarch", "SUSE OpenStack Cloud 7:openstack-manila-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-api-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-data-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-doc-3.0.1~dev30-4.12.3.noarch", "SUSE OpenStack Cloud 7:openstack-manila-scheduler-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-share-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-neutron-fwaas-9.0.2~dev5-4.9.3.noarch", "SUSE OpenStack Cloud 7:openstack-neutron-fwaas-doc-9.0.2~dev5-4.9.4.noarch", "SUSE OpenStack Cloud 7:openstack-nova-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-api-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-cells-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-cert-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-compute-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-conductor-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-console-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-consoleauth-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-doc-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-novncproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-placement-api-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-scheduler-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-serialproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-vncproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-tempest-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:openstack-tempest-test-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:python-Django-1.8.19-3.23.1.noarch", "SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.s390x", "SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.x86_64", "SUSE OpenStack Cloud 7:python-manila-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:python-neutron-fwaas-9.0.2~dev5-4.9.3.noarch", "SUSE OpenStack Cloud 7:python-nova-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:python-psql2mysql-0.5.0+git.1589351878.4ef877c-1.12.1.noarch", "SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.s390x", "SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.x86_64", "SUSE OpenStack Cloud 7:python-py-1.8.1-11.12.1.noarch", "SUSE OpenStack Cloud 7:python-pysaml2-4.0.2-3.17.1.noarch", "SUSE OpenStack Cloud 7:python-tempest-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.s390x", "SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.x86_64", "SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.s390x", "SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.x86_64", "SUSE OpenStack Cloud 7:release-notes-suse-openstack-cloud-7.20180803-3.18.3.noarch", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.x86_64", "SUSE OpenStack Cloud 7:zookeeper-server-3.4.10-6.1.noarch", ], }, ], threats: [ { category: "impact", date: "2020-07-29T14:31:35Z", details: "low", }, ], title: "CVE-2017-4965", }, { cve: "CVE-2017-4967", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-4967", }, ], notes: [ { category: "general", text: "An issue was discovered in these Pivotal RabbitMQ versions: all 3.4.x versions, all 3.5.x versions, and 3.6.x versions prior to 3.6.9; and these RabbitMQ for PCF versions: all 1.5.x versions, 1.6.x versions prior to 1.6.18, and 1.7.x versions prior to 1.7.15. Several forms in the RabbitMQ management UI are vulnerable to XSS attacks.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE OpenStack Cloud 7:ansible-2.2.3.0-12.2.noarch", "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.s390x", "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.x86_64", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.s390x", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.x86_64", "SUSE OpenStack Cloud 7:crowbar-ha-4.0+git.1585316203.d6ad2c8-4.52.4.noarch", "SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1589804581.9972163f0-9.71.4.noarch", "SUSE OpenStack Cloud 7:grafana-4.6.5-1.14.1.x86_64", "SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.s390x", "SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.x86_64", "SUSE OpenStack Cloud 7:kibana-4.6.3-5.1.x86_64", "SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.s390x", "SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.x86_64", "SUSE OpenStack Cloud 7:monasca-installer-20180608_12.47-12.1.noarch", "SUSE OpenStack Cloud 7:openstack-dashboard-theme-SUSE-2016.2-5.12.4.noarch", "SUSE OpenStack Cloud 7:openstack-manila-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-api-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-data-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-doc-3.0.1~dev30-4.12.3.noarch", "SUSE OpenStack Cloud 7:openstack-manila-scheduler-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-share-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-neutron-fwaas-9.0.2~dev5-4.9.3.noarch", "SUSE OpenStack Cloud 7:openstack-neutron-fwaas-doc-9.0.2~dev5-4.9.4.noarch", "SUSE OpenStack Cloud 7:openstack-nova-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-api-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-cells-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-cert-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-compute-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-conductor-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-console-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-consoleauth-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-doc-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-novncproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-placement-api-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-scheduler-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-serialproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-vncproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-tempest-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:openstack-tempest-test-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:python-Django-1.8.19-3.23.1.noarch", "SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.s390x", "SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.x86_64", "SUSE OpenStack Cloud 7:python-manila-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:python-neutron-fwaas-9.0.2~dev5-4.9.3.noarch", "SUSE OpenStack Cloud 7:python-nova-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:python-psql2mysql-0.5.0+git.1589351878.4ef877c-1.12.1.noarch", "SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.s390x", "SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.x86_64", "SUSE OpenStack Cloud 7:python-py-1.8.1-11.12.1.noarch", "SUSE OpenStack Cloud 7:python-pysaml2-4.0.2-3.17.1.noarch", "SUSE OpenStack Cloud 7:python-tempest-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.s390x", "SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.x86_64", "SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.s390x", "SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.x86_64", "SUSE OpenStack Cloud 7:release-notes-suse-openstack-cloud-7.20180803-3.18.3.noarch", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.x86_64", "SUSE OpenStack Cloud 7:zookeeper-server-3.4.10-6.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2017-4967", url: "https://www.suse.com/security/cve/CVE-2017-4967", }, { category: "external", summary: "SUSE Bug 1037777 for CVE-2017-4967", url: "https://bugzilla.suse.com/1037777", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE OpenStack Cloud 7:ansible-2.2.3.0-12.2.noarch", "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.s390x", "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.x86_64", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.s390x", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.x86_64", "SUSE OpenStack Cloud 7:crowbar-ha-4.0+git.1585316203.d6ad2c8-4.52.4.noarch", "SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1589804581.9972163f0-9.71.4.noarch", "SUSE OpenStack Cloud 7:grafana-4.6.5-1.14.1.x86_64", "SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.s390x", "SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.x86_64", "SUSE OpenStack Cloud 7:kibana-4.6.3-5.1.x86_64", "SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.s390x", "SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.x86_64", "SUSE OpenStack Cloud 7:monasca-installer-20180608_12.47-12.1.noarch", "SUSE OpenStack Cloud 7:openstack-dashboard-theme-SUSE-2016.2-5.12.4.noarch", "SUSE OpenStack Cloud 7:openstack-manila-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-api-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-data-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-doc-3.0.1~dev30-4.12.3.noarch", "SUSE OpenStack Cloud 7:openstack-manila-scheduler-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-share-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-neutron-fwaas-9.0.2~dev5-4.9.3.noarch", "SUSE OpenStack Cloud 7:openstack-neutron-fwaas-doc-9.0.2~dev5-4.9.4.noarch", "SUSE OpenStack Cloud 7:openstack-nova-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-api-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-cells-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-cert-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-compute-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-conductor-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-console-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-consoleauth-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-doc-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-novncproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-placement-api-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-scheduler-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-serialproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-vncproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-tempest-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:openstack-tempest-test-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:python-Django-1.8.19-3.23.1.noarch", "SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.s390x", "SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.x86_64", "SUSE OpenStack Cloud 7:python-manila-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:python-neutron-fwaas-9.0.2~dev5-4.9.3.noarch", "SUSE OpenStack Cloud 7:python-nova-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:python-psql2mysql-0.5.0+git.1589351878.4ef877c-1.12.1.noarch", "SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.s390x", "SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.x86_64", "SUSE OpenStack Cloud 7:python-py-1.8.1-11.12.1.noarch", "SUSE OpenStack Cloud 7:python-pysaml2-4.0.2-3.17.1.noarch", "SUSE OpenStack Cloud 7:python-tempest-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.s390x", "SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.x86_64", "SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.s390x", "SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.x86_64", "SUSE OpenStack Cloud 7:release-notes-suse-openstack-cloud-7.20180803-3.18.3.noarch", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.x86_64", "SUSE OpenStack Cloud 7:zookeeper-server-3.4.10-6.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 6.1, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, products: [ "SUSE OpenStack Cloud 7:ansible-2.2.3.0-12.2.noarch", "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.s390x", "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.x86_64", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.s390x", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.x86_64", "SUSE OpenStack Cloud 7:crowbar-ha-4.0+git.1585316203.d6ad2c8-4.52.4.noarch", "SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1589804581.9972163f0-9.71.4.noarch", "SUSE OpenStack Cloud 7:grafana-4.6.5-1.14.1.x86_64", "SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.s390x", "SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.x86_64", "SUSE OpenStack Cloud 7:kibana-4.6.3-5.1.x86_64", "SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.s390x", "SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.x86_64", "SUSE OpenStack Cloud 7:monasca-installer-20180608_12.47-12.1.noarch", "SUSE OpenStack Cloud 7:openstack-dashboard-theme-SUSE-2016.2-5.12.4.noarch", "SUSE OpenStack Cloud 7:openstack-manila-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-api-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-data-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-doc-3.0.1~dev30-4.12.3.noarch", "SUSE OpenStack Cloud 7:openstack-manila-scheduler-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-share-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-neutron-fwaas-9.0.2~dev5-4.9.3.noarch", "SUSE OpenStack Cloud 7:openstack-neutron-fwaas-doc-9.0.2~dev5-4.9.4.noarch", "SUSE OpenStack Cloud 7:openstack-nova-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-api-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-cells-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-cert-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-compute-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-conductor-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-console-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-consoleauth-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-doc-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-novncproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-placement-api-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-scheduler-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-serialproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-vncproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-tempest-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:openstack-tempest-test-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:python-Django-1.8.19-3.23.1.noarch", "SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.s390x", "SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.x86_64", "SUSE OpenStack Cloud 7:python-manila-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:python-neutron-fwaas-9.0.2~dev5-4.9.3.noarch", "SUSE OpenStack Cloud 7:python-nova-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:python-psql2mysql-0.5.0+git.1589351878.4ef877c-1.12.1.noarch", "SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.s390x", "SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.x86_64", "SUSE OpenStack Cloud 7:python-py-1.8.1-11.12.1.noarch", "SUSE OpenStack Cloud 7:python-pysaml2-4.0.2-3.17.1.noarch", "SUSE OpenStack Cloud 7:python-tempest-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.s390x", "SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.x86_64", "SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.s390x", "SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.x86_64", "SUSE OpenStack Cloud 7:release-notes-suse-openstack-cloud-7.20180803-3.18.3.noarch", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.x86_64", "SUSE OpenStack Cloud 7:zookeeper-server-3.4.10-6.1.noarch", ], }, ], threats: [ { category: "impact", date: "2020-07-29T14:31:35Z", details: "low", }, ], title: "CVE-2017-4967", }, { cve: "CVE-2018-1000115", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-1000115", }, ], notes: [ { category: "general", text: "Memcached version 1.5.5 contains an Insufficient Control of Network Message Volume (Network Amplification, CWE-406) vulnerability in the UDP support of the memcached server that can result in denial of service via network flood (traffic amplification of 1:50,000 has been reported by reliable sources). This attack appear to be exploitable via network connectivity to port 11211 UDP. This vulnerability appears to have been fixed in 1.5.6 due to the disabling of the UDP protocol by default.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE OpenStack Cloud 7:ansible-2.2.3.0-12.2.noarch", "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.s390x", "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.x86_64", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.s390x", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.x86_64", "SUSE OpenStack Cloud 7:crowbar-ha-4.0+git.1585316203.d6ad2c8-4.52.4.noarch", "SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1589804581.9972163f0-9.71.4.noarch", "SUSE OpenStack Cloud 7:grafana-4.6.5-1.14.1.x86_64", "SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.s390x", "SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.x86_64", "SUSE OpenStack Cloud 7:kibana-4.6.3-5.1.x86_64", "SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.s390x", "SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.x86_64", "SUSE OpenStack Cloud 7:monasca-installer-20180608_12.47-12.1.noarch", "SUSE OpenStack Cloud 7:openstack-dashboard-theme-SUSE-2016.2-5.12.4.noarch", "SUSE OpenStack Cloud 7:openstack-manila-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-api-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-data-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-doc-3.0.1~dev30-4.12.3.noarch", "SUSE OpenStack Cloud 7:openstack-manila-scheduler-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-share-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-neutron-fwaas-9.0.2~dev5-4.9.3.noarch", "SUSE OpenStack Cloud 7:openstack-neutron-fwaas-doc-9.0.2~dev5-4.9.4.noarch", "SUSE OpenStack Cloud 7:openstack-nova-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-api-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-cells-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-cert-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-compute-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-conductor-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-console-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-consoleauth-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-doc-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-novncproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-placement-api-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-scheduler-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-serialproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-vncproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-tempest-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:openstack-tempest-test-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:python-Django-1.8.19-3.23.1.noarch", "SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.s390x", "SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.x86_64", "SUSE OpenStack Cloud 7:python-manila-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:python-neutron-fwaas-9.0.2~dev5-4.9.3.noarch", "SUSE OpenStack Cloud 7:python-nova-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:python-psql2mysql-0.5.0+git.1589351878.4ef877c-1.12.1.noarch", "SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.s390x", "SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.x86_64", "SUSE OpenStack Cloud 7:python-py-1.8.1-11.12.1.noarch", "SUSE OpenStack Cloud 7:python-pysaml2-4.0.2-3.17.1.noarch", "SUSE OpenStack Cloud 7:python-tempest-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.s390x", "SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.x86_64", "SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.s390x", "SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.x86_64", "SUSE OpenStack Cloud 7:release-notes-suse-openstack-cloud-7.20180803-3.18.3.noarch", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.x86_64", "SUSE OpenStack Cloud 7:zookeeper-server-3.4.10-6.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2018-1000115", url: "https://www.suse.com/security/cve/CVE-2018-1000115", }, { category: "external", summary: "SUSE Bug 1083903 for CVE-2018-1000115", url: "https://bugzilla.suse.com/1083903", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE OpenStack Cloud 7:ansible-2.2.3.0-12.2.noarch", "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.s390x", "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.x86_64", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.s390x", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.x86_64", "SUSE OpenStack Cloud 7:crowbar-ha-4.0+git.1585316203.d6ad2c8-4.52.4.noarch", "SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1589804581.9972163f0-9.71.4.noarch", "SUSE OpenStack Cloud 7:grafana-4.6.5-1.14.1.x86_64", "SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.s390x", "SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.x86_64", "SUSE OpenStack Cloud 7:kibana-4.6.3-5.1.x86_64", "SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.s390x", "SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.x86_64", "SUSE OpenStack Cloud 7:monasca-installer-20180608_12.47-12.1.noarch", "SUSE OpenStack Cloud 7:openstack-dashboard-theme-SUSE-2016.2-5.12.4.noarch", "SUSE OpenStack Cloud 7:openstack-manila-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-api-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-data-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-doc-3.0.1~dev30-4.12.3.noarch", "SUSE OpenStack Cloud 7:openstack-manila-scheduler-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-share-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-neutron-fwaas-9.0.2~dev5-4.9.3.noarch", "SUSE OpenStack Cloud 7:openstack-neutron-fwaas-doc-9.0.2~dev5-4.9.4.noarch", "SUSE OpenStack Cloud 7:openstack-nova-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-api-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-cells-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-cert-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-compute-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-conductor-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-console-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-consoleauth-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-doc-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-novncproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-placement-api-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-scheduler-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-serialproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-vncproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-tempest-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:openstack-tempest-test-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:python-Django-1.8.19-3.23.1.noarch", "SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.s390x", "SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.x86_64", "SUSE OpenStack Cloud 7:python-manila-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:python-neutron-fwaas-9.0.2~dev5-4.9.3.noarch", "SUSE OpenStack Cloud 7:python-nova-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:python-psql2mysql-0.5.0+git.1589351878.4ef877c-1.12.1.noarch", "SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.s390x", "SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.x86_64", "SUSE OpenStack Cloud 7:python-py-1.8.1-11.12.1.noarch", "SUSE OpenStack Cloud 7:python-pysaml2-4.0.2-3.17.1.noarch", "SUSE OpenStack Cloud 7:python-tempest-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.s390x", "SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.x86_64", "SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.s390x", "SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.x86_64", "SUSE OpenStack Cloud 7:release-notes-suse-openstack-cloud-7.20180803-3.18.3.noarch", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.x86_64", "SUSE OpenStack Cloud 7:zookeeper-server-3.4.10-6.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "SUSE OpenStack Cloud 7:ansible-2.2.3.0-12.2.noarch", "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.s390x", "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.x86_64", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.s390x", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.x86_64", "SUSE OpenStack Cloud 7:crowbar-ha-4.0+git.1585316203.d6ad2c8-4.52.4.noarch", "SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1589804581.9972163f0-9.71.4.noarch", "SUSE OpenStack Cloud 7:grafana-4.6.5-1.14.1.x86_64", "SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.s390x", "SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.x86_64", "SUSE OpenStack Cloud 7:kibana-4.6.3-5.1.x86_64", "SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.s390x", "SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.x86_64", "SUSE OpenStack Cloud 7:monasca-installer-20180608_12.47-12.1.noarch", "SUSE OpenStack Cloud 7:openstack-dashboard-theme-SUSE-2016.2-5.12.4.noarch", "SUSE OpenStack Cloud 7:openstack-manila-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-api-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-data-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-doc-3.0.1~dev30-4.12.3.noarch", "SUSE OpenStack Cloud 7:openstack-manila-scheduler-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-share-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-neutron-fwaas-9.0.2~dev5-4.9.3.noarch", "SUSE OpenStack Cloud 7:openstack-neutron-fwaas-doc-9.0.2~dev5-4.9.4.noarch", "SUSE OpenStack Cloud 7:openstack-nova-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-api-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-cells-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-cert-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-compute-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-conductor-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-console-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-consoleauth-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-doc-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-novncproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-placement-api-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-scheduler-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-serialproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-vncproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-tempest-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:openstack-tempest-test-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:python-Django-1.8.19-3.23.1.noarch", "SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.s390x", "SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.x86_64", "SUSE OpenStack Cloud 7:python-manila-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:python-neutron-fwaas-9.0.2~dev5-4.9.3.noarch", "SUSE OpenStack Cloud 7:python-nova-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:python-psql2mysql-0.5.0+git.1589351878.4ef877c-1.12.1.noarch", "SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.s390x", "SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.x86_64", "SUSE OpenStack Cloud 7:python-py-1.8.1-11.12.1.noarch", "SUSE OpenStack Cloud 7:python-pysaml2-4.0.2-3.17.1.noarch", "SUSE OpenStack Cloud 7:python-tempest-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.s390x", "SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.x86_64", "SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.s390x", "SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.x86_64", "SUSE OpenStack Cloud 7:release-notes-suse-openstack-cloud-7.20180803-3.18.3.noarch", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.x86_64", "SUSE OpenStack Cloud 7:zookeeper-server-3.4.10-6.1.noarch", ], }, ], threats: [ { category: "impact", date: "2020-07-29T14:31:35Z", details: "important", }, ], title: "CVE-2018-1000115", }, { cve: "CVE-2019-0201", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-0201", }, ], notes: [ { category: "general", text: "An issue is present in Apache ZooKeeper 1.0.0 to 3.4.13 and 3.5.0-alpha to 3.5.4-beta. ZooKeeper's getACL() command doesn't check any permission when retrieves the ACLs of the requested node and returns all information contained in the ACL Id field as plaintext string. DigestAuthenticationProvider overloads the Id field with the hash value that is used for user authentication. As a consequence, if Digest Authentication is in use, the unsalted hash value will be disclosed by getACL() request for unauthenticated or unprivileged users.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE OpenStack Cloud 7:ansible-2.2.3.0-12.2.noarch", "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.s390x", "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.x86_64", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.s390x", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.x86_64", "SUSE OpenStack Cloud 7:crowbar-ha-4.0+git.1585316203.d6ad2c8-4.52.4.noarch", "SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1589804581.9972163f0-9.71.4.noarch", "SUSE OpenStack Cloud 7:grafana-4.6.5-1.14.1.x86_64", "SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.s390x", "SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.x86_64", "SUSE OpenStack Cloud 7:kibana-4.6.3-5.1.x86_64", "SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.s390x", "SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.x86_64", "SUSE OpenStack Cloud 7:monasca-installer-20180608_12.47-12.1.noarch", "SUSE OpenStack Cloud 7:openstack-dashboard-theme-SUSE-2016.2-5.12.4.noarch", "SUSE OpenStack Cloud 7:openstack-manila-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-api-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-data-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-doc-3.0.1~dev30-4.12.3.noarch", "SUSE OpenStack Cloud 7:openstack-manila-scheduler-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-share-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-neutron-fwaas-9.0.2~dev5-4.9.3.noarch", "SUSE OpenStack Cloud 7:openstack-neutron-fwaas-doc-9.0.2~dev5-4.9.4.noarch", "SUSE OpenStack Cloud 7:openstack-nova-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-api-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-cells-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-cert-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-compute-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-conductor-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-console-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-consoleauth-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-doc-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-novncproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-placement-api-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-scheduler-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-serialproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-vncproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-tempest-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:openstack-tempest-test-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:python-Django-1.8.19-3.23.1.noarch", "SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.s390x", "SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.x86_64", "SUSE OpenStack Cloud 7:python-manila-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:python-neutron-fwaas-9.0.2~dev5-4.9.3.noarch", "SUSE OpenStack Cloud 7:python-nova-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:python-psql2mysql-0.5.0+git.1589351878.4ef877c-1.12.1.noarch", "SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.s390x", "SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.x86_64", "SUSE OpenStack Cloud 7:python-py-1.8.1-11.12.1.noarch", "SUSE OpenStack Cloud 7:python-pysaml2-4.0.2-3.17.1.noarch", "SUSE OpenStack Cloud 7:python-tempest-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.s390x", "SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.x86_64", "SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.s390x", "SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.x86_64", "SUSE OpenStack Cloud 7:release-notes-suse-openstack-cloud-7.20180803-3.18.3.noarch", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.x86_64", "SUSE OpenStack Cloud 7:zookeeper-server-3.4.10-6.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2019-0201", url: "https://www.suse.com/security/cve/CVE-2019-0201", }, { category: "external", summary: "SUSE Bug 1135773 for CVE-2019-0201", url: "https://bugzilla.suse.com/1135773", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE OpenStack Cloud 7:ansible-2.2.3.0-12.2.noarch", "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.s390x", "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.x86_64", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.s390x", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.x86_64", "SUSE OpenStack Cloud 7:crowbar-ha-4.0+git.1585316203.d6ad2c8-4.52.4.noarch", "SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1589804581.9972163f0-9.71.4.noarch", "SUSE OpenStack Cloud 7:grafana-4.6.5-1.14.1.x86_64", "SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.s390x", "SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.x86_64", "SUSE OpenStack Cloud 7:kibana-4.6.3-5.1.x86_64", "SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.s390x", "SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.x86_64", "SUSE OpenStack Cloud 7:monasca-installer-20180608_12.47-12.1.noarch", "SUSE OpenStack Cloud 7:openstack-dashboard-theme-SUSE-2016.2-5.12.4.noarch", "SUSE OpenStack Cloud 7:openstack-manila-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-api-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-data-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-doc-3.0.1~dev30-4.12.3.noarch", "SUSE OpenStack Cloud 7:openstack-manila-scheduler-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-share-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-neutron-fwaas-9.0.2~dev5-4.9.3.noarch", "SUSE OpenStack Cloud 7:openstack-neutron-fwaas-doc-9.0.2~dev5-4.9.4.noarch", "SUSE OpenStack Cloud 7:openstack-nova-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-api-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-cells-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-cert-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-compute-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-conductor-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-console-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-consoleauth-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-doc-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-novncproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-placement-api-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-scheduler-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-serialproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-vncproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-tempest-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:openstack-tempest-test-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:python-Django-1.8.19-3.23.1.noarch", "SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.s390x", "SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.x86_64", "SUSE OpenStack Cloud 7:python-manila-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:python-neutron-fwaas-9.0.2~dev5-4.9.3.noarch", "SUSE OpenStack Cloud 7:python-nova-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:python-psql2mysql-0.5.0+git.1589351878.4ef877c-1.12.1.noarch", "SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.s390x", "SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.x86_64", "SUSE OpenStack Cloud 7:python-py-1.8.1-11.12.1.noarch", "SUSE OpenStack Cloud 7:python-pysaml2-4.0.2-3.17.1.noarch", "SUSE OpenStack Cloud 7:python-tempest-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.s390x", "SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.x86_64", "SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.s390x", "SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.x86_64", "SUSE OpenStack Cloud 7:release-notes-suse-openstack-cloud-7.20180803-3.18.3.noarch", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.x86_64", "SUSE OpenStack Cloud 7:zookeeper-server-3.4.10-6.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.0", }, products: [ "SUSE OpenStack Cloud 7:ansible-2.2.3.0-12.2.noarch", "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.s390x", "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.x86_64", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.s390x", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.x86_64", "SUSE OpenStack Cloud 7:crowbar-ha-4.0+git.1585316203.d6ad2c8-4.52.4.noarch", "SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1589804581.9972163f0-9.71.4.noarch", "SUSE OpenStack Cloud 7:grafana-4.6.5-1.14.1.x86_64", "SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.s390x", "SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.x86_64", "SUSE OpenStack Cloud 7:kibana-4.6.3-5.1.x86_64", "SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.s390x", "SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.x86_64", "SUSE OpenStack Cloud 7:monasca-installer-20180608_12.47-12.1.noarch", "SUSE OpenStack Cloud 7:openstack-dashboard-theme-SUSE-2016.2-5.12.4.noarch", "SUSE OpenStack Cloud 7:openstack-manila-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-api-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-data-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-doc-3.0.1~dev30-4.12.3.noarch", "SUSE OpenStack Cloud 7:openstack-manila-scheduler-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-share-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-neutron-fwaas-9.0.2~dev5-4.9.3.noarch", "SUSE OpenStack Cloud 7:openstack-neutron-fwaas-doc-9.0.2~dev5-4.9.4.noarch", "SUSE OpenStack Cloud 7:openstack-nova-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-api-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-cells-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-cert-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-compute-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-conductor-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-console-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-consoleauth-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-doc-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-novncproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-placement-api-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-scheduler-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-serialproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-vncproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-tempest-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:openstack-tempest-test-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:python-Django-1.8.19-3.23.1.noarch", "SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.s390x", "SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.x86_64", "SUSE OpenStack Cloud 7:python-manila-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:python-neutron-fwaas-9.0.2~dev5-4.9.3.noarch", "SUSE OpenStack Cloud 7:python-nova-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:python-psql2mysql-0.5.0+git.1589351878.4ef877c-1.12.1.noarch", "SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.s390x", "SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.x86_64", "SUSE OpenStack Cloud 7:python-py-1.8.1-11.12.1.noarch", "SUSE OpenStack Cloud 7:python-pysaml2-4.0.2-3.17.1.noarch", "SUSE OpenStack Cloud 7:python-tempest-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.s390x", "SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.x86_64", "SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.s390x", "SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.x86_64", "SUSE OpenStack Cloud 7:release-notes-suse-openstack-cloud-7.20180803-3.18.3.noarch", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.x86_64", "SUSE OpenStack Cloud 7:zookeeper-server-3.4.10-6.1.noarch", ], }, ], threats: [ { category: "impact", date: "2020-07-29T14:31:35Z", details: "important", }, ], title: "CVE-2019-0201", }, { cve: "CVE-2019-11596", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-11596", }, ], notes: [ { category: "general", text: "In memcached before 1.5.14, a NULL pointer dereference was found in the \"lru mode\" and \"lru temp_ttl\" commands. This causes a denial of service when parsing crafted lru command messages in process_lru_command in memcached.c.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE OpenStack Cloud 7:ansible-2.2.3.0-12.2.noarch", "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.s390x", "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.x86_64", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.s390x", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.x86_64", "SUSE OpenStack Cloud 7:crowbar-ha-4.0+git.1585316203.d6ad2c8-4.52.4.noarch", "SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1589804581.9972163f0-9.71.4.noarch", "SUSE OpenStack Cloud 7:grafana-4.6.5-1.14.1.x86_64", "SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.s390x", "SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.x86_64", "SUSE OpenStack Cloud 7:kibana-4.6.3-5.1.x86_64", "SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.s390x", "SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.x86_64", "SUSE OpenStack Cloud 7:monasca-installer-20180608_12.47-12.1.noarch", "SUSE OpenStack Cloud 7:openstack-dashboard-theme-SUSE-2016.2-5.12.4.noarch", "SUSE OpenStack Cloud 7:openstack-manila-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-api-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-data-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-doc-3.0.1~dev30-4.12.3.noarch", "SUSE OpenStack Cloud 7:openstack-manila-scheduler-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-share-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-neutron-fwaas-9.0.2~dev5-4.9.3.noarch", "SUSE OpenStack Cloud 7:openstack-neutron-fwaas-doc-9.0.2~dev5-4.9.4.noarch", "SUSE OpenStack Cloud 7:openstack-nova-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-api-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-cells-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-cert-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-compute-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-conductor-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-console-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-consoleauth-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-doc-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-novncproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-placement-api-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-scheduler-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-serialproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-vncproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-tempest-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:openstack-tempest-test-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:python-Django-1.8.19-3.23.1.noarch", "SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.s390x", "SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.x86_64", "SUSE OpenStack Cloud 7:python-manila-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:python-neutron-fwaas-9.0.2~dev5-4.9.3.noarch", "SUSE OpenStack Cloud 7:python-nova-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:python-psql2mysql-0.5.0+git.1589351878.4ef877c-1.12.1.noarch", "SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.s390x", "SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.x86_64", "SUSE OpenStack Cloud 7:python-py-1.8.1-11.12.1.noarch", "SUSE OpenStack Cloud 7:python-pysaml2-4.0.2-3.17.1.noarch", "SUSE OpenStack Cloud 7:python-tempest-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.s390x", "SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.x86_64", "SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.s390x", "SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.x86_64", "SUSE OpenStack Cloud 7:release-notes-suse-openstack-cloud-7.20180803-3.18.3.noarch", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.x86_64", "SUSE OpenStack Cloud 7:zookeeper-server-3.4.10-6.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2019-11596", url: "https://www.suse.com/security/cve/CVE-2019-11596", }, { category: "external", summary: "SUSE Bug 1133817 for CVE-2019-11596", url: "https://bugzilla.suse.com/1133817", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE OpenStack Cloud 7:ansible-2.2.3.0-12.2.noarch", "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.s390x", "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.x86_64", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.s390x", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.x86_64", "SUSE OpenStack Cloud 7:crowbar-ha-4.0+git.1585316203.d6ad2c8-4.52.4.noarch", "SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1589804581.9972163f0-9.71.4.noarch", "SUSE OpenStack Cloud 7:grafana-4.6.5-1.14.1.x86_64", "SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.s390x", "SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.x86_64", "SUSE OpenStack Cloud 7:kibana-4.6.3-5.1.x86_64", "SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.s390x", "SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.x86_64", "SUSE OpenStack Cloud 7:monasca-installer-20180608_12.47-12.1.noarch", "SUSE OpenStack Cloud 7:openstack-dashboard-theme-SUSE-2016.2-5.12.4.noarch", "SUSE OpenStack Cloud 7:openstack-manila-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-api-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-data-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-doc-3.0.1~dev30-4.12.3.noarch", "SUSE OpenStack Cloud 7:openstack-manila-scheduler-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-share-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-neutron-fwaas-9.0.2~dev5-4.9.3.noarch", "SUSE OpenStack Cloud 7:openstack-neutron-fwaas-doc-9.0.2~dev5-4.9.4.noarch", "SUSE OpenStack Cloud 7:openstack-nova-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-api-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-cells-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-cert-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-compute-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-conductor-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-console-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-consoleauth-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-doc-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-novncproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-placement-api-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-scheduler-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-serialproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-vncproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-tempest-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:openstack-tempest-test-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:python-Django-1.8.19-3.23.1.noarch", "SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.s390x", "SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.x86_64", "SUSE OpenStack Cloud 7:python-manila-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:python-neutron-fwaas-9.0.2~dev5-4.9.3.noarch", "SUSE OpenStack Cloud 7:python-nova-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:python-psql2mysql-0.5.0+git.1589351878.4ef877c-1.12.1.noarch", "SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.s390x", "SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.x86_64", "SUSE OpenStack Cloud 7:python-py-1.8.1-11.12.1.noarch", "SUSE OpenStack Cloud 7:python-pysaml2-4.0.2-3.17.1.noarch", "SUSE OpenStack Cloud 7:python-tempest-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.s390x", "SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.x86_64", "SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.s390x", "SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.x86_64", "SUSE OpenStack Cloud 7:release-notes-suse-openstack-cloud-7.20180803-3.18.3.noarch", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.x86_64", "SUSE OpenStack Cloud 7:zookeeper-server-3.4.10-6.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "SUSE OpenStack Cloud 7:ansible-2.2.3.0-12.2.noarch", "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.s390x", "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.x86_64", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.s390x", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.x86_64", "SUSE OpenStack Cloud 7:crowbar-ha-4.0+git.1585316203.d6ad2c8-4.52.4.noarch", "SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1589804581.9972163f0-9.71.4.noarch", "SUSE OpenStack Cloud 7:grafana-4.6.5-1.14.1.x86_64", "SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.s390x", "SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.x86_64", "SUSE OpenStack Cloud 7:kibana-4.6.3-5.1.x86_64", "SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.s390x", "SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.x86_64", "SUSE OpenStack Cloud 7:monasca-installer-20180608_12.47-12.1.noarch", "SUSE OpenStack Cloud 7:openstack-dashboard-theme-SUSE-2016.2-5.12.4.noarch", "SUSE OpenStack Cloud 7:openstack-manila-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-api-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-data-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-doc-3.0.1~dev30-4.12.3.noarch", "SUSE OpenStack Cloud 7:openstack-manila-scheduler-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-share-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-neutron-fwaas-9.0.2~dev5-4.9.3.noarch", "SUSE OpenStack Cloud 7:openstack-neutron-fwaas-doc-9.0.2~dev5-4.9.4.noarch", "SUSE OpenStack Cloud 7:openstack-nova-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-api-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-cells-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-cert-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-compute-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-conductor-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-console-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-consoleauth-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-doc-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-novncproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-placement-api-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-scheduler-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-serialproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-vncproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-tempest-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:openstack-tempest-test-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:python-Django-1.8.19-3.23.1.noarch", "SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.s390x", "SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.x86_64", "SUSE OpenStack Cloud 7:python-manila-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:python-neutron-fwaas-9.0.2~dev5-4.9.3.noarch", "SUSE OpenStack Cloud 7:python-nova-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:python-psql2mysql-0.5.0+git.1589351878.4ef877c-1.12.1.noarch", "SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.s390x", "SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.x86_64", "SUSE OpenStack Cloud 7:python-py-1.8.1-11.12.1.noarch", "SUSE OpenStack Cloud 7:python-pysaml2-4.0.2-3.17.1.noarch", "SUSE OpenStack Cloud 7:python-tempest-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.s390x", "SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.x86_64", "SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.s390x", "SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.x86_64", "SUSE OpenStack Cloud 7:release-notes-suse-openstack-cloud-7.20180803-3.18.3.noarch", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.x86_64", "SUSE OpenStack Cloud 7:zookeeper-server-3.4.10-6.1.noarch", ], }, ], threats: [ { category: "impact", date: "2020-07-29T14:31:35Z", details: "important", }, ], title: "CVE-2019-11596", }, { cve: "CVE-2019-15026", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-15026", }, ], notes: [ { category: "general", text: "memcached 1.5.16, when UNIX sockets are used, has a stack-based buffer over-read in conn_to_str in memcached.c.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE OpenStack Cloud 7:ansible-2.2.3.0-12.2.noarch", "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.s390x", "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.x86_64", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.s390x", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.x86_64", "SUSE OpenStack Cloud 7:crowbar-ha-4.0+git.1585316203.d6ad2c8-4.52.4.noarch", "SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1589804581.9972163f0-9.71.4.noarch", "SUSE OpenStack Cloud 7:grafana-4.6.5-1.14.1.x86_64", "SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.s390x", "SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.x86_64", "SUSE OpenStack Cloud 7:kibana-4.6.3-5.1.x86_64", "SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.s390x", "SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.x86_64", "SUSE OpenStack Cloud 7:monasca-installer-20180608_12.47-12.1.noarch", "SUSE OpenStack Cloud 7:openstack-dashboard-theme-SUSE-2016.2-5.12.4.noarch", "SUSE OpenStack Cloud 7:openstack-manila-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-api-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-data-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-doc-3.0.1~dev30-4.12.3.noarch", "SUSE OpenStack Cloud 7:openstack-manila-scheduler-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-share-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-neutron-fwaas-9.0.2~dev5-4.9.3.noarch", "SUSE OpenStack Cloud 7:openstack-neutron-fwaas-doc-9.0.2~dev5-4.9.4.noarch", "SUSE OpenStack Cloud 7:openstack-nova-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-api-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-cells-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-cert-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-compute-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-conductor-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-console-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-consoleauth-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-doc-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-novncproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-placement-api-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-scheduler-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-serialproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-vncproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-tempest-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:openstack-tempest-test-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:python-Django-1.8.19-3.23.1.noarch", "SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.s390x", "SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.x86_64", "SUSE OpenStack Cloud 7:python-manila-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:python-neutron-fwaas-9.0.2~dev5-4.9.3.noarch", "SUSE OpenStack Cloud 7:python-nova-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:python-psql2mysql-0.5.0+git.1589351878.4ef877c-1.12.1.noarch", "SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.s390x", "SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.x86_64", "SUSE OpenStack Cloud 7:python-py-1.8.1-11.12.1.noarch", "SUSE OpenStack Cloud 7:python-pysaml2-4.0.2-3.17.1.noarch", "SUSE OpenStack Cloud 7:python-tempest-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.s390x", "SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.x86_64", "SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.s390x", "SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.x86_64", "SUSE OpenStack Cloud 7:release-notes-suse-openstack-cloud-7.20180803-3.18.3.noarch", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.x86_64", "SUSE OpenStack Cloud 7:zookeeper-server-3.4.10-6.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2019-15026", url: "https://www.suse.com/security/cve/CVE-2019-15026", }, { category: "external", summary: "SUSE Bug 1149110 for CVE-2019-15026", url: "https://bugzilla.suse.com/1149110", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE OpenStack Cloud 7:ansible-2.2.3.0-12.2.noarch", "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.s390x", "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.x86_64", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.s390x", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.x86_64", "SUSE OpenStack Cloud 7:crowbar-ha-4.0+git.1585316203.d6ad2c8-4.52.4.noarch", "SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1589804581.9972163f0-9.71.4.noarch", "SUSE OpenStack Cloud 7:grafana-4.6.5-1.14.1.x86_64", "SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.s390x", "SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.x86_64", "SUSE OpenStack Cloud 7:kibana-4.6.3-5.1.x86_64", "SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.s390x", "SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.x86_64", "SUSE OpenStack Cloud 7:monasca-installer-20180608_12.47-12.1.noarch", "SUSE OpenStack Cloud 7:openstack-dashboard-theme-SUSE-2016.2-5.12.4.noarch", "SUSE OpenStack Cloud 7:openstack-manila-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-api-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-data-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-doc-3.0.1~dev30-4.12.3.noarch", "SUSE OpenStack Cloud 7:openstack-manila-scheduler-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-share-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-neutron-fwaas-9.0.2~dev5-4.9.3.noarch", "SUSE OpenStack Cloud 7:openstack-neutron-fwaas-doc-9.0.2~dev5-4.9.4.noarch", "SUSE OpenStack Cloud 7:openstack-nova-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-api-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-cells-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-cert-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-compute-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-conductor-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-console-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-consoleauth-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-doc-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-novncproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-placement-api-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-scheduler-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-serialproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-vncproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-tempest-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:openstack-tempest-test-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:python-Django-1.8.19-3.23.1.noarch", "SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.s390x", "SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.x86_64", "SUSE OpenStack Cloud 7:python-manila-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:python-neutron-fwaas-9.0.2~dev5-4.9.3.noarch", "SUSE OpenStack Cloud 7:python-nova-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:python-psql2mysql-0.5.0+git.1589351878.4ef877c-1.12.1.noarch", "SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.s390x", "SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.x86_64", "SUSE OpenStack Cloud 7:python-py-1.8.1-11.12.1.noarch", "SUSE OpenStack Cloud 7:python-pysaml2-4.0.2-3.17.1.noarch", "SUSE OpenStack Cloud 7:python-tempest-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.s390x", "SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.x86_64", "SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.s390x", "SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.x86_64", "SUSE OpenStack Cloud 7:release-notes-suse-openstack-cloud-7.20180803-3.18.3.noarch", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.x86_64", "SUSE OpenStack Cloud 7:zookeeper-server-3.4.10-6.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L", version: "3.0", }, products: [ "SUSE OpenStack Cloud 7:ansible-2.2.3.0-12.2.noarch", "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.s390x", "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.x86_64", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.s390x", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.x86_64", "SUSE OpenStack Cloud 7:crowbar-ha-4.0+git.1585316203.d6ad2c8-4.52.4.noarch", "SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1589804581.9972163f0-9.71.4.noarch", "SUSE OpenStack Cloud 7:grafana-4.6.5-1.14.1.x86_64", "SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.s390x", "SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.x86_64", "SUSE OpenStack Cloud 7:kibana-4.6.3-5.1.x86_64", "SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.s390x", "SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.x86_64", "SUSE OpenStack Cloud 7:monasca-installer-20180608_12.47-12.1.noarch", "SUSE OpenStack Cloud 7:openstack-dashboard-theme-SUSE-2016.2-5.12.4.noarch", "SUSE OpenStack Cloud 7:openstack-manila-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-api-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-data-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-doc-3.0.1~dev30-4.12.3.noarch", "SUSE OpenStack Cloud 7:openstack-manila-scheduler-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-share-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-neutron-fwaas-9.0.2~dev5-4.9.3.noarch", "SUSE OpenStack Cloud 7:openstack-neutron-fwaas-doc-9.0.2~dev5-4.9.4.noarch", "SUSE OpenStack Cloud 7:openstack-nova-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-api-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-cells-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-cert-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-compute-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-conductor-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-console-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-consoleauth-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-doc-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-novncproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-placement-api-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-scheduler-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-serialproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-vncproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-tempest-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:openstack-tempest-test-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:python-Django-1.8.19-3.23.1.noarch", "SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.s390x", "SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.x86_64", "SUSE OpenStack Cloud 7:python-manila-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:python-neutron-fwaas-9.0.2~dev5-4.9.3.noarch", "SUSE OpenStack Cloud 7:python-nova-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:python-psql2mysql-0.5.0+git.1589351878.4ef877c-1.12.1.noarch", "SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.s390x", "SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.x86_64", "SUSE OpenStack Cloud 7:python-py-1.8.1-11.12.1.noarch", "SUSE OpenStack Cloud 7:python-pysaml2-4.0.2-3.17.1.noarch", "SUSE OpenStack Cloud 7:python-tempest-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.s390x", "SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.x86_64", "SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.s390x", "SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.x86_64", "SUSE OpenStack Cloud 7:release-notes-suse-openstack-cloud-7.20180803-3.18.3.noarch", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.x86_64", "SUSE OpenStack Cloud 7:zookeeper-server-3.4.10-6.1.noarch", ], }, ], threats: [ { category: "impact", date: "2020-07-29T14:31:35Z", details: "low", }, ], title: "CVE-2019-15026", }, { cve: "CVE-2019-15043", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-15043", }, ], notes: [ { category: "general", text: "In Grafana 2.x through 6.x before 6.3.4, parts of the HTTP API allow unauthenticated use. This makes it possible to run a denial of service attack against the server running Grafana.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE OpenStack Cloud 7:ansible-2.2.3.0-12.2.noarch", "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.s390x", "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.x86_64", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.s390x", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.x86_64", "SUSE OpenStack Cloud 7:crowbar-ha-4.0+git.1585316203.d6ad2c8-4.52.4.noarch", "SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1589804581.9972163f0-9.71.4.noarch", "SUSE OpenStack Cloud 7:grafana-4.6.5-1.14.1.x86_64", "SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.s390x", "SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.x86_64", "SUSE OpenStack Cloud 7:kibana-4.6.3-5.1.x86_64", "SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.s390x", "SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.x86_64", "SUSE OpenStack Cloud 7:monasca-installer-20180608_12.47-12.1.noarch", "SUSE OpenStack Cloud 7:openstack-dashboard-theme-SUSE-2016.2-5.12.4.noarch", "SUSE OpenStack Cloud 7:openstack-manila-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-api-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-data-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-doc-3.0.1~dev30-4.12.3.noarch", "SUSE OpenStack Cloud 7:openstack-manila-scheduler-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-share-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-neutron-fwaas-9.0.2~dev5-4.9.3.noarch", "SUSE OpenStack Cloud 7:openstack-neutron-fwaas-doc-9.0.2~dev5-4.9.4.noarch", "SUSE OpenStack Cloud 7:openstack-nova-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-api-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-cells-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-cert-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-compute-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-conductor-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-console-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-consoleauth-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-doc-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-novncproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-placement-api-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-scheduler-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-serialproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-vncproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-tempest-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:openstack-tempest-test-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:python-Django-1.8.19-3.23.1.noarch", "SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.s390x", "SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.x86_64", "SUSE OpenStack Cloud 7:python-manila-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:python-neutron-fwaas-9.0.2~dev5-4.9.3.noarch", "SUSE OpenStack Cloud 7:python-nova-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:python-psql2mysql-0.5.0+git.1589351878.4ef877c-1.12.1.noarch", "SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.s390x", "SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.x86_64", "SUSE OpenStack Cloud 7:python-py-1.8.1-11.12.1.noarch", "SUSE OpenStack Cloud 7:python-pysaml2-4.0.2-3.17.1.noarch", "SUSE OpenStack Cloud 7:python-tempest-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.s390x", "SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.x86_64", "SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.s390x", "SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.x86_64", "SUSE OpenStack Cloud 7:release-notes-suse-openstack-cloud-7.20180803-3.18.3.noarch", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.x86_64", "SUSE OpenStack Cloud 7:zookeeper-server-3.4.10-6.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2019-15043", url: "https://www.suse.com/security/cve/CVE-2019-15043", }, { category: "external", summary: "SUSE Bug 1148383 for CVE-2019-15043", url: "https://bugzilla.suse.com/1148383", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE OpenStack Cloud 7:ansible-2.2.3.0-12.2.noarch", "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.s390x", "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.x86_64", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.s390x", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.x86_64", "SUSE OpenStack Cloud 7:crowbar-ha-4.0+git.1585316203.d6ad2c8-4.52.4.noarch", "SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1589804581.9972163f0-9.71.4.noarch", "SUSE OpenStack Cloud 7:grafana-4.6.5-1.14.1.x86_64", "SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.s390x", "SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.x86_64", "SUSE OpenStack Cloud 7:kibana-4.6.3-5.1.x86_64", "SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.s390x", "SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.x86_64", "SUSE OpenStack Cloud 7:monasca-installer-20180608_12.47-12.1.noarch", "SUSE OpenStack Cloud 7:openstack-dashboard-theme-SUSE-2016.2-5.12.4.noarch", "SUSE OpenStack Cloud 7:openstack-manila-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-api-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-data-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-doc-3.0.1~dev30-4.12.3.noarch", "SUSE OpenStack Cloud 7:openstack-manila-scheduler-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-share-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-neutron-fwaas-9.0.2~dev5-4.9.3.noarch", "SUSE OpenStack Cloud 7:openstack-neutron-fwaas-doc-9.0.2~dev5-4.9.4.noarch", "SUSE OpenStack Cloud 7:openstack-nova-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-api-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-cells-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-cert-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-compute-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-conductor-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-console-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-consoleauth-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-doc-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-novncproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-placement-api-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-scheduler-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-serialproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-vncproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-tempest-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:openstack-tempest-test-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:python-Django-1.8.19-3.23.1.noarch", "SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.s390x", "SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.x86_64", "SUSE OpenStack Cloud 7:python-manila-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:python-neutron-fwaas-9.0.2~dev5-4.9.3.noarch", "SUSE OpenStack Cloud 7:python-nova-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:python-psql2mysql-0.5.0+git.1589351878.4ef877c-1.12.1.noarch", "SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.s390x", "SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.x86_64", "SUSE OpenStack Cloud 7:python-py-1.8.1-11.12.1.noarch", "SUSE OpenStack Cloud 7:python-pysaml2-4.0.2-3.17.1.noarch", "SUSE OpenStack Cloud 7:python-tempest-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.s390x", "SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.x86_64", "SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.s390x", "SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.x86_64", "SUSE OpenStack Cloud 7:release-notes-suse-openstack-cloud-7.20180803-3.18.3.noarch", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.x86_64", "SUSE OpenStack Cloud 7:zookeeper-server-3.4.10-6.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 7.1, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H", version: "3.1", }, products: [ "SUSE OpenStack Cloud 7:ansible-2.2.3.0-12.2.noarch", "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.s390x", "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.x86_64", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.s390x", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.x86_64", "SUSE OpenStack Cloud 7:crowbar-ha-4.0+git.1585316203.d6ad2c8-4.52.4.noarch", "SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1589804581.9972163f0-9.71.4.noarch", "SUSE OpenStack Cloud 7:grafana-4.6.5-1.14.1.x86_64", "SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.s390x", "SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.x86_64", "SUSE OpenStack Cloud 7:kibana-4.6.3-5.1.x86_64", "SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.s390x", "SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.x86_64", "SUSE OpenStack Cloud 7:monasca-installer-20180608_12.47-12.1.noarch", "SUSE OpenStack Cloud 7:openstack-dashboard-theme-SUSE-2016.2-5.12.4.noarch", "SUSE OpenStack Cloud 7:openstack-manila-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-api-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-data-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-doc-3.0.1~dev30-4.12.3.noarch", "SUSE OpenStack Cloud 7:openstack-manila-scheduler-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-share-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-neutron-fwaas-9.0.2~dev5-4.9.3.noarch", "SUSE OpenStack Cloud 7:openstack-neutron-fwaas-doc-9.0.2~dev5-4.9.4.noarch", "SUSE OpenStack Cloud 7:openstack-nova-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-api-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-cells-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-cert-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-compute-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-conductor-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-console-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-consoleauth-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-doc-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-novncproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-placement-api-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-scheduler-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-serialproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-vncproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-tempest-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:openstack-tempest-test-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:python-Django-1.8.19-3.23.1.noarch", "SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.s390x", "SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.x86_64", "SUSE OpenStack Cloud 7:python-manila-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:python-neutron-fwaas-9.0.2~dev5-4.9.3.noarch", "SUSE OpenStack Cloud 7:python-nova-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:python-psql2mysql-0.5.0+git.1589351878.4ef877c-1.12.1.noarch", "SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.s390x", "SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.x86_64", "SUSE OpenStack Cloud 7:python-py-1.8.1-11.12.1.noarch", "SUSE OpenStack Cloud 7:python-pysaml2-4.0.2-3.17.1.noarch", "SUSE OpenStack Cloud 7:python-tempest-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.s390x", "SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.x86_64", "SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.s390x", "SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.x86_64", "SUSE OpenStack Cloud 7:release-notes-suse-openstack-cloud-7.20180803-3.18.3.noarch", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.x86_64", "SUSE OpenStack Cloud 7:zookeeper-server-3.4.10-6.1.noarch", ], }, ], threats: [ { category: "impact", date: "2020-07-29T14:31:35Z", details: "important", }, ], title: "CVE-2019-15043", }, { cve: "CVE-2019-16785", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-16785", }, ], notes: [ { category: "general", text: "Waitress through version 1.3.1 implemented a \"MAY\" part of the RFC7230 which states: \"Although the line terminator for the start-line and header fields is the sequence CRLF, a recipient MAY recognize a single LF as a line terminator and ignore any preceding CR.\" Unfortunately if a front-end server does not parse header fields with an LF the same way as it does those with a CRLF it can lead to the front-end and the back-end server parsing the same HTTP message in two different ways. This can lead to a potential for HTTP request smuggling/splitting whereby Waitress may see two requests while the front-end server only sees a single HTTP message. This issue is fixed in Waitress 1.4.0.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE OpenStack Cloud 7:ansible-2.2.3.0-12.2.noarch", "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.s390x", "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.x86_64", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.s390x", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.x86_64", "SUSE OpenStack Cloud 7:crowbar-ha-4.0+git.1585316203.d6ad2c8-4.52.4.noarch", "SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1589804581.9972163f0-9.71.4.noarch", "SUSE OpenStack Cloud 7:grafana-4.6.5-1.14.1.x86_64", "SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.s390x", "SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.x86_64", "SUSE OpenStack Cloud 7:kibana-4.6.3-5.1.x86_64", "SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.s390x", "SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.x86_64", "SUSE OpenStack Cloud 7:monasca-installer-20180608_12.47-12.1.noarch", "SUSE OpenStack Cloud 7:openstack-dashboard-theme-SUSE-2016.2-5.12.4.noarch", "SUSE OpenStack Cloud 7:openstack-manila-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-api-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-data-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-doc-3.0.1~dev30-4.12.3.noarch", "SUSE OpenStack Cloud 7:openstack-manila-scheduler-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-share-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-neutron-fwaas-9.0.2~dev5-4.9.3.noarch", "SUSE OpenStack Cloud 7:openstack-neutron-fwaas-doc-9.0.2~dev5-4.9.4.noarch", "SUSE OpenStack Cloud 7:openstack-nova-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-api-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-cells-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-cert-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-compute-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-conductor-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-console-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-consoleauth-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-doc-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-novncproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-placement-api-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-scheduler-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-serialproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-vncproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-tempest-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:openstack-tempest-test-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:python-Django-1.8.19-3.23.1.noarch", "SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.s390x", "SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.x86_64", "SUSE OpenStack Cloud 7:python-manila-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:python-neutron-fwaas-9.0.2~dev5-4.9.3.noarch", "SUSE OpenStack Cloud 7:python-nova-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:python-psql2mysql-0.5.0+git.1589351878.4ef877c-1.12.1.noarch", "SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.s390x", "SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.x86_64", "SUSE OpenStack Cloud 7:python-py-1.8.1-11.12.1.noarch", "SUSE OpenStack Cloud 7:python-pysaml2-4.0.2-3.17.1.noarch", "SUSE OpenStack Cloud 7:python-tempest-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.s390x", "SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.x86_64", "SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.s390x", "SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.x86_64", "SUSE OpenStack Cloud 7:release-notes-suse-openstack-cloud-7.20180803-3.18.3.noarch", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.x86_64", "SUSE OpenStack Cloud 7:zookeeper-server-3.4.10-6.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2019-16785", url: "https://www.suse.com/security/cve/CVE-2019-16785", }, { category: "external", summary: "SUSE Bug 1161088 for CVE-2019-16785", url: "https://bugzilla.suse.com/1161088", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE OpenStack Cloud 7:ansible-2.2.3.0-12.2.noarch", "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.s390x", "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.x86_64", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.s390x", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.x86_64", "SUSE OpenStack Cloud 7:crowbar-ha-4.0+git.1585316203.d6ad2c8-4.52.4.noarch", "SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1589804581.9972163f0-9.71.4.noarch", "SUSE OpenStack Cloud 7:grafana-4.6.5-1.14.1.x86_64", "SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.s390x", "SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.x86_64", "SUSE OpenStack Cloud 7:kibana-4.6.3-5.1.x86_64", "SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.s390x", "SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.x86_64", "SUSE OpenStack Cloud 7:monasca-installer-20180608_12.47-12.1.noarch", "SUSE OpenStack Cloud 7:openstack-dashboard-theme-SUSE-2016.2-5.12.4.noarch", "SUSE OpenStack Cloud 7:openstack-manila-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-api-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-data-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-doc-3.0.1~dev30-4.12.3.noarch", "SUSE OpenStack Cloud 7:openstack-manila-scheduler-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-share-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-neutron-fwaas-9.0.2~dev5-4.9.3.noarch", "SUSE OpenStack Cloud 7:openstack-neutron-fwaas-doc-9.0.2~dev5-4.9.4.noarch", "SUSE OpenStack Cloud 7:openstack-nova-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-api-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-cells-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-cert-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-compute-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-conductor-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-console-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-consoleauth-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-doc-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-novncproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-placement-api-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-scheduler-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-serialproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-vncproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-tempest-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:openstack-tempest-test-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:python-Django-1.8.19-3.23.1.noarch", "SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.s390x", "SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.x86_64", "SUSE OpenStack Cloud 7:python-manila-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:python-neutron-fwaas-9.0.2~dev5-4.9.3.noarch", "SUSE OpenStack Cloud 7:python-nova-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:python-psql2mysql-0.5.0+git.1589351878.4ef877c-1.12.1.noarch", "SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.s390x", "SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.x86_64", "SUSE OpenStack Cloud 7:python-py-1.8.1-11.12.1.noarch", "SUSE OpenStack Cloud 7:python-pysaml2-4.0.2-3.17.1.noarch", "SUSE OpenStack Cloud 7:python-tempest-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.s390x", "SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.x86_64", "SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.s390x", "SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.x86_64", "SUSE OpenStack Cloud 7:release-notes-suse-openstack-cloud-7.20180803-3.18.3.noarch", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.x86_64", "SUSE OpenStack Cloud 7:zookeeper-server-3.4.10-6.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", version: "3.1", }, products: [ "SUSE OpenStack Cloud 7:ansible-2.2.3.0-12.2.noarch", "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.s390x", "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.x86_64", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.s390x", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.x86_64", "SUSE OpenStack Cloud 7:crowbar-ha-4.0+git.1585316203.d6ad2c8-4.52.4.noarch", "SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1589804581.9972163f0-9.71.4.noarch", "SUSE OpenStack Cloud 7:grafana-4.6.5-1.14.1.x86_64", "SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.s390x", "SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.x86_64", "SUSE OpenStack Cloud 7:kibana-4.6.3-5.1.x86_64", "SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.s390x", "SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.x86_64", "SUSE OpenStack Cloud 7:monasca-installer-20180608_12.47-12.1.noarch", "SUSE OpenStack Cloud 7:openstack-dashboard-theme-SUSE-2016.2-5.12.4.noarch", "SUSE OpenStack Cloud 7:openstack-manila-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-api-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-data-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-doc-3.0.1~dev30-4.12.3.noarch", "SUSE OpenStack Cloud 7:openstack-manila-scheduler-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-share-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-neutron-fwaas-9.0.2~dev5-4.9.3.noarch", "SUSE OpenStack Cloud 7:openstack-neutron-fwaas-doc-9.0.2~dev5-4.9.4.noarch", "SUSE OpenStack Cloud 7:openstack-nova-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-api-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-cells-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-cert-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-compute-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-conductor-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-console-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-consoleauth-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-doc-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-novncproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-placement-api-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-scheduler-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-serialproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-vncproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-tempest-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:openstack-tempest-test-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:python-Django-1.8.19-3.23.1.noarch", "SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.s390x", "SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.x86_64", "SUSE OpenStack Cloud 7:python-manila-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:python-neutron-fwaas-9.0.2~dev5-4.9.3.noarch", "SUSE OpenStack Cloud 7:python-nova-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:python-psql2mysql-0.5.0+git.1589351878.4ef877c-1.12.1.noarch", "SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.s390x", "SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.x86_64", "SUSE OpenStack Cloud 7:python-py-1.8.1-11.12.1.noarch", "SUSE OpenStack Cloud 7:python-pysaml2-4.0.2-3.17.1.noarch", "SUSE OpenStack Cloud 7:python-tempest-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.s390x", "SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.x86_64", "SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.s390x", "SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.x86_64", "SUSE OpenStack Cloud 7:release-notes-suse-openstack-cloud-7.20180803-3.18.3.noarch", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.x86_64", "SUSE OpenStack Cloud 7:zookeeper-server-3.4.10-6.1.noarch", ], }, ], threats: [ { category: "impact", date: "2020-07-29T14:31:35Z", details: "important", }, ], title: "CVE-2019-16785", }, { cve: "CVE-2019-16786", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-16786", }, ], notes: [ { category: "general", text: "Waitress through version 1.3.1 would parse the Transfer-Encoding header and only look for a single string value, if that value was not chunked it would fall through and use the Content-Length header instead. According to the HTTP standard Transfer-Encoding should be a comma separated list, with the inner-most encoding first, followed by any further transfer codings, ending with chunked. Requests sent with: \"Transfer-Encoding: gzip, chunked\" would incorrectly get ignored, and the request would use a Content-Length header instead to determine the body size of the HTTP message. This could allow for Waitress to treat a single request as multiple requests in the case of HTTP pipelining. This issue is fixed in Waitress 1.4.0.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE OpenStack Cloud 7:ansible-2.2.3.0-12.2.noarch", "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.s390x", "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.x86_64", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.s390x", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.x86_64", "SUSE OpenStack Cloud 7:crowbar-ha-4.0+git.1585316203.d6ad2c8-4.52.4.noarch", "SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1589804581.9972163f0-9.71.4.noarch", "SUSE OpenStack Cloud 7:grafana-4.6.5-1.14.1.x86_64", "SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.s390x", "SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.x86_64", "SUSE OpenStack Cloud 7:kibana-4.6.3-5.1.x86_64", "SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.s390x", "SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.x86_64", "SUSE OpenStack Cloud 7:monasca-installer-20180608_12.47-12.1.noarch", "SUSE OpenStack Cloud 7:openstack-dashboard-theme-SUSE-2016.2-5.12.4.noarch", "SUSE OpenStack Cloud 7:openstack-manila-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-api-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-data-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-doc-3.0.1~dev30-4.12.3.noarch", "SUSE OpenStack Cloud 7:openstack-manila-scheduler-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-share-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-neutron-fwaas-9.0.2~dev5-4.9.3.noarch", "SUSE OpenStack Cloud 7:openstack-neutron-fwaas-doc-9.0.2~dev5-4.9.4.noarch", "SUSE OpenStack Cloud 7:openstack-nova-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-api-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-cells-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-cert-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-compute-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-conductor-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-console-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-consoleauth-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-doc-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-novncproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-placement-api-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-scheduler-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-serialproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-vncproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-tempest-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:openstack-tempest-test-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:python-Django-1.8.19-3.23.1.noarch", "SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.s390x", "SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.x86_64", "SUSE OpenStack Cloud 7:python-manila-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:python-neutron-fwaas-9.0.2~dev5-4.9.3.noarch", "SUSE OpenStack Cloud 7:python-nova-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:python-psql2mysql-0.5.0+git.1589351878.4ef877c-1.12.1.noarch", "SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.s390x", "SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.x86_64", "SUSE OpenStack Cloud 7:python-py-1.8.1-11.12.1.noarch", "SUSE OpenStack Cloud 7:python-pysaml2-4.0.2-3.17.1.noarch", "SUSE OpenStack Cloud 7:python-tempest-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.s390x", "SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.x86_64", "SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.s390x", "SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.x86_64", "SUSE OpenStack Cloud 7:release-notes-suse-openstack-cloud-7.20180803-3.18.3.noarch", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.x86_64", "SUSE OpenStack Cloud 7:zookeeper-server-3.4.10-6.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2019-16786", url: "https://www.suse.com/security/cve/CVE-2019-16786", }, { category: "external", summary: "SUSE Bug 1161089 for CVE-2019-16786", url: "https://bugzilla.suse.com/1161089", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE OpenStack Cloud 7:ansible-2.2.3.0-12.2.noarch", "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.s390x", "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.x86_64", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.s390x", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.x86_64", "SUSE OpenStack Cloud 7:crowbar-ha-4.0+git.1585316203.d6ad2c8-4.52.4.noarch", "SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1589804581.9972163f0-9.71.4.noarch", "SUSE OpenStack Cloud 7:grafana-4.6.5-1.14.1.x86_64", "SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.s390x", "SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.x86_64", "SUSE OpenStack Cloud 7:kibana-4.6.3-5.1.x86_64", "SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.s390x", "SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.x86_64", "SUSE OpenStack Cloud 7:monasca-installer-20180608_12.47-12.1.noarch", "SUSE OpenStack Cloud 7:openstack-dashboard-theme-SUSE-2016.2-5.12.4.noarch", "SUSE OpenStack Cloud 7:openstack-manila-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-api-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-data-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-doc-3.0.1~dev30-4.12.3.noarch", "SUSE OpenStack Cloud 7:openstack-manila-scheduler-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-share-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-neutron-fwaas-9.0.2~dev5-4.9.3.noarch", "SUSE OpenStack Cloud 7:openstack-neutron-fwaas-doc-9.0.2~dev5-4.9.4.noarch", "SUSE OpenStack Cloud 7:openstack-nova-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-api-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-cells-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-cert-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-compute-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-conductor-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-console-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-consoleauth-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-doc-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-novncproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-placement-api-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-scheduler-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-serialproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-vncproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-tempest-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:openstack-tempest-test-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:python-Django-1.8.19-3.23.1.noarch", "SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.s390x", "SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.x86_64", "SUSE OpenStack Cloud 7:python-manila-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:python-neutron-fwaas-9.0.2~dev5-4.9.3.noarch", "SUSE OpenStack Cloud 7:python-nova-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:python-psql2mysql-0.5.0+git.1589351878.4ef877c-1.12.1.noarch", "SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.s390x", "SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.x86_64", "SUSE OpenStack Cloud 7:python-py-1.8.1-11.12.1.noarch", "SUSE OpenStack Cloud 7:python-pysaml2-4.0.2-3.17.1.noarch", "SUSE OpenStack Cloud 7:python-tempest-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.s390x", "SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.x86_64", "SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.s390x", "SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.x86_64", "SUSE OpenStack Cloud 7:release-notes-suse-openstack-cloud-7.20180803-3.18.3.noarch", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.x86_64", "SUSE OpenStack Cloud 7:zookeeper-server-3.4.10-6.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", version: "3.1", }, products: [ "SUSE OpenStack Cloud 7:ansible-2.2.3.0-12.2.noarch", "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.s390x", "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.x86_64", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.s390x", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.x86_64", "SUSE OpenStack Cloud 7:crowbar-ha-4.0+git.1585316203.d6ad2c8-4.52.4.noarch", "SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1589804581.9972163f0-9.71.4.noarch", "SUSE OpenStack Cloud 7:grafana-4.6.5-1.14.1.x86_64", "SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.s390x", "SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.x86_64", "SUSE OpenStack Cloud 7:kibana-4.6.3-5.1.x86_64", "SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.s390x", "SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.x86_64", "SUSE OpenStack Cloud 7:monasca-installer-20180608_12.47-12.1.noarch", "SUSE OpenStack Cloud 7:openstack-dashboard-theme-SUSE-2016.2-5.12.4.noarch", "SUSE OpenStack Cloud 7:openstack-manila-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-api-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-data-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-doc-3.0.1~dev30-4.12.3.noarch", "SUSE OpenStack Cloud 7:openstack-manila-scheduler-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-share-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-neutron-fwaas-9.0.2~dev5-4.9.3.noarch", "SUSE OpenStack Cloud 7:openstack-neutron-fwaas-doc-9.0.2~dev5-4.9.4.noarch", "SUSE OpenStack Cloud 7:openstack-nova-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-api-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-cells-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-cert-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-compute-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-conductor-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-console-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-consoleauth-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-doc-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-novncproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-placement-api-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-scheduler-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-serialproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-vncproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-tempest-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:openstack-tempest-test-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:python-Django-1.8.19-3.23.1.noarch", "SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.s390x", "SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.x86_64", "SUSE OpenStack Cloud 7:python-manila-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:python-neutron-fwaas-9.0.2~dev5-4.9.3.noarch", "SUSE OpenStack Cloud 7:python-nova-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:python-psql2mysql-0.5.0+git.1589351878.4ef877c-1.12.1.noarch", "SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.s390x", "SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.x86_64", "SUSE OpenStack Cloud 7:python-py-1.8.1-11.12.1.noarch", "SUSE OpenStack Cloud 7:python-pysaml2-4.0.2-3.17.1.noarch", "SUSE OpenStack Cloud 7:python-tempest-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.s390x", "SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.x86_64", "SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.s390x", "SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.x86_64", "SUSE OpenStack Cloud 7:release-notes-suse-openstack-cloud-7.20180803-3.18.3.noarch", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.x86_64", "SUSE OpenStack Cloud 7:zookeeper-server-3.4.10-6.1.noarch", ], }, ], threats: [ { category: "impact", date: "2020-07-29T14:31:35Z", details: "important", }, ], title: "CVE-2019-16786", }, { cve: "CVE-2019-16789", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-16789", }, ], notes: [ { category: "general", text: "In Waitress through version 1.4.0, if a proxy server is used in front of waitress, an invalid request may be sent by an attacker that bypasses the front-end and is parsed differently by waitress leading to a potential for HTTP request smuggling. Specially crafted requests containing special whitespace characters in the Transfer-Encoding header would get parsed by Waitress as being a chunked request, but a front-end server would use the Content-Length instead as the Transfer-Encoding header is considered invalid due to containing invalid characters. If a front-end server does HTTP pipelining to a backend Waitress server this could lead to HTTP request splitting which may lead to potential cache poisoning or unexpected information disclosure. This issue is fixed in Waitress 1.4.1 through more strict HTTP field validation.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE OpenStack Cloud 7:ansible-2.2.3.0-12.2.noarch", "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.s390x", "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.x86_64", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.s390x", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.x86_64", "SUSE OpenStack Cloud 7:crowbar-ha-4.0+git.1585316203.d6ad2c8-4.52.4.noarch", "SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1589804581.9972163f0-9.71.4.noarch", "SUSE OpenStack Cloud 7:grafana-4.6.5-1.14.1.x86_64", "SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.s390x", "SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.x86_64", "SUSE OpenStack Cloud 7:kibana-4.6.3-5.1.x86_64", "SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.s390x", "SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.x86_64", "SUSE OpenStack Cloud 7:monasca-installer-20180608_12.47-12.1.noarch", "SUSE OpenStack Cloud 7:openstack-dashboard-theme-SUSE-2016.2-5.12.4.noarch", "SUSE OpenStack Cloud 7:openstack-manila-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-api-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-data-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-doc-3.0.1~dev30-4.12.3.noarch", "SUSE OpenStack Cloud 7:openstack-manila-scheduler-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-share-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-neutron-fwaas-9.0.2~dev5-4.9.3.noarch", "SUSE OpenStack Cloud 7:openstack-neutron-fwaas-doc-9.0.2~dev5-4.9.4.noarch", "SUSE OpenStack Cloud 7:openstack-nova-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-api-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-cells-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-cert-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-compute-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-conductor-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-console-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-consoleauth-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-doc-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-novncproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-placement-api-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-scheduler-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-serialproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-vncproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-tempest-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:openstack-tempest-test-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:python-Django-1.8.19-3.23.1.noarch", "SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.s390x", "SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.x86_64", "SUSE OpenStack Cloud 7:python-manila-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:python-neutron-fwaas-9.0.2~dev5-4.9.3.noarch", "SUSE OpenStack Cloud 7:python-nova-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:python-psql2mysql-0.5.0+git.1589351878.4ef877c-1.12.1.noarch", "SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.s390x", "SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.x86_64", "SUSE OpenStack Cloud 7:python-py-1.8.1-11.12.1.noarch", "SUSE OpenStack Cloud 7:python-pysaml2-4.0.2-3.17.1.noarch", "SUSE OpenStack Cloud 7:python-tempest-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.s390x", "SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.x86_64", "SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.s390x", "SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.x86_64", "SUSE OpenStack Cloud 7:release-notes-suse-openstack-cloud-7.20180803-3.18.3.noarch", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.x86_64", "SUSE OpenStack Cloud 7:zookeeper-server-3.4.10-6.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2019-16789", url: "https://www.suse.com/security/cve/CVE-2019-16789", }, { category: "external", summary: "SUSE Bug 1160790 for CVE-2019-16789", url: "https://bugzilla.suse.com/1160790", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE OpenStack Cloud 7:ansible-2.2.3.0-12.2.noarch", "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.s390x", "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.x86_64", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.s390x", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.x86_64", "SUSE OpenStack Cloud 7:crowbar-ha-4.0+git.1585316203.d6ad2c8-4.52.4.noarch", "SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1589804581.9972163f0-9.71.4.noarch", "SUSE OpenStack Cloud 7:grafana-4.6.5-1.14.1.x86_64", "SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.s390x", "SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.x86_64", "SUSE OpenStack Cloud 7:kibana-4.6.3-5.1.x86_64", "SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.s390x", "SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.x86_64", "SUSE OpenStack Cloud 7:monasca-installer-20180608_12.47-12.1.noarch", "SUSE OpenStack Cloud 7:openstack-dashboard-theme-SUSE-2016.2-5.12.4.noarch", "SUSE OpenStack Cloud 7:openstack-manila-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-api-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-data-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-doc-3.0.1~dev30-4.12.3.noarch", "SUSE OpenStack Cloud 7:openstack-manila-scheduler-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-share-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-neutron-fwaas-9.0.2~dev5-4.9.3.noarch", "SUSE OpenStack Cloud 7:openstack-neutron-fwaas-doc-9.0.2~dev5-4.9.4.noarch", "SUSE OpenStack Cloud 7:openstack-nova-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-api-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-cells-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-cert-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-compute-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-conductor-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-console-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-consoleauth-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-doc-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-novncproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-placement-api-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-scheduler-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-serialproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-vncproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-tempest-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:openstack-tempest-test-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:python-Django-1.8.19-3.23.1.noarch", "SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.s390x", "SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.x86_64", "SUSE OpenStack Cloud 7:python-manila-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:python-neutron-fwaas-9.0.2~dev5-4.9.3.noarch", "SUSE OpenStack Cloud 7:python-nova-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:python-psql2mysql-0.5.0+git.1589351878.4ef877c-1.12.1.noarch", "SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.s390x", "SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.x86_64", "SUSE OpenStack Cloud 7:python-py-1.8.1-11.12.1.noarch", "SUSE OpenStack Cloud 7:python-pysaml2-4.0.2-3.17.1.noarch", "SUSE OpenStack Cloud 7:python-tempest-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.s390x", "SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.x86_64", "SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.s390x", "SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.x86_64", "SUSE OpenStack Cloud 7:release-notes-suse-openstack-cloud-7.20180803-3.18.3.noarch", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.x86_64", "SUSE OpenStack Cloud 7:zookeeper-server-3.4.10-6.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 7.1, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N", version: "3.1", }, products: [ "SUSE OpenStack Cloud 7:ansible-2.2.3.0-12.2.noarch", "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.s390x", "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.x86_64", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.s390x", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.x86_64", "SUSE OpenStack Cloud 7:crowbar-ha-4.0+git.1585316203.d6ad2c8-4.52.4.noarch", "SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1589804581.9972163f0-9.71.4.noarch", "SUSE OpenStack Cloud 7:grafana-4.6.5-1.14.1.x86_64", "SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.s390x", "SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.x86_64", "SUSE OpenStack Cloud 7:kibana-4.6.3-5.1.x86_64", "SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.s390x", "SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.x86_64", "SUSE OpenStack Cloud 7:monasca-installer-20180608_12.47-12.1.noarch", "SUSE OpenStack Cloud 7:openstack-dashboard-theme-SUSE-2016.2-5.12.4.noarch", "SUSE OpenStack Cloud 7:openstack-manila-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-api-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-data-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-doc-3.0.1~dev30-4.12.3.noarch", "SUSE OpenStack Cloud 7:openstack-manila-scheduler-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-share-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-neutron-fwaas-9.0.2~dev5-4.9.3.noarch", "SUSE OpenStack Cloud 7:openstack-neutron-fwaas-doc-9.0.2~dev5-4.9.4.noarch", "SUSE OpenStack Cloud 7:openstack-nova-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-api-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-cells-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-cert-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-compute-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-conductor-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-console-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-consoleauth-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-doc-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-novncproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-placement-api-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-scheduler-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-serialproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-vncproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-tempest-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:openstack-tempest-test-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:python-Django-1.8.19-3.23.1.noarch", "SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.s390x", "SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.x86_64", "SUSE OpenStack Cloud 7:python-manila-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:python-neutron-fwaas-9.0.2~dev5-4.9.3.noarch", "SUSE OpenStack Cloud 7:python-nova-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:python-psql2mysql-0.5.0+git.1589351878.4ef877c-1.12.1.noarch", "SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.s390x", "SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.x86_64", "SUSE OpenStack Cloud 7:python-py-1.8.1-11.12.1.noarch", "SUSE OpenStack Cloud 7:python-pysaml2-4.0.2-3.17.1.noarch", "SUSE OpenStack Cloud 7:python-tempest-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.s390x", "SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.x86_64", "SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.s390x", "SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.x86_64", "SUSE OpenStack Cloud 7:release-notes-suse-openstack-cloud-7.20180803-3.18.3.noarch", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.x86_64", "SUSE OpenStack Cloud 7:zookeeper-server-3.4.10-6.1.noarch", ], }, ], threats: [ { category: "impact", date: "2020-07-29T14:31:35Z", details: "important", }, ], title: "CVE-2019-16789", }, { cve: "CVE-2019-16792", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-16792", }, ], notes: [ { category: "general", text: "Waitress through version 1.3.1 allows request smuggling by sending the Content-Length header twice. Waitress would header fold a double Content-Length header and due to being unable to cast the now comma separated value to an integer would set the Content-Length to 0 internally. If two Content-Length headers are sent in a single request, Waitress would treat the request as having no body, thereby treating the body of the request as a new request in HTTP pipelining. This issue is fixed in Waitress 1.4.0.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE OpenStack Cloud 7:ansible-2.2.3.0-12.2.noarch", "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.s390x", "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.x86_64", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.s390x", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.x86_64", "SUSE OpenStack Cloud 7:crowbar-ha-4.0+git.1585316203.d6ad2c8-4.52.4.noarch", "SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1589804581.9972163f0-9.71.4.noarch", "SUSE OpenStack Cloud 7:grafana-4.6.5-1.14.1.x86_64", "SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.s390x", "SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.x86_64", "SUSE OpenStack Cloud 7:kibana-4.6.3-5.1.x86_64", "SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.s390x", "SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.x86_64", "SUSE OpenStack Cloud 7:monasca-installer-20180608_12.47-12.1.noarch", "SUSE OpenStack Cloud 7:openstack-dashboard-theme-SUSE-2016.2-5.12.4.noarch", "SUSE OpenStack Cloud 7:openstack-manila-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-api-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-data-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-doc-3.0.1~dev30-4.12.3.noarch", "SUSE OpenStack Cloud 7:openstack-manila-scheduler-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-share-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-neutron-fwaas-9.0.2~dev5-4.9.3.noarch", "SUSE OpenStack Cloud 7:openstack-neutron-fwaas-doc-9.0.2~dev5-4.9.4.noarch", "SUSE OpenStack Cloud 7:openstack-nova-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-api-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-cells-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-cert-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-compute-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-conductor-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-console-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-consoleauth-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-doc-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-novncproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-placement-api-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-scheduler-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-serialproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-vncproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-tempest-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:openstack-tempest-test-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:python-Django-1.8.19-3.23.1.noarch", "SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.s390x", "SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.x86_64", "SUSE OpenStack Cloud 7:python-manila-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:python-neutron-fwaas-9.0.2~dev5-4.9.3.noarch", "SUSE OpenStack Cloud 7:python-nova-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:python-psql2mysql-0.5.0+git.1589351878.4ef877c-1.12.1.noarch", "SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.s390x", "SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.x86_64", "SUSE OpenStack Cloud 7:python-py-1.8.1-11.12.1.noarch", "SUSE OpenStack Cloud 7:python-pysaml2-4.0.2-3.17.1.noarch", "SUSE OpenStack Cloud 7:python-tempest-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.s390x", "SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.x86_64", "SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.s390x", "SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.x86_64", "SUSE OpenStack Cloud 7:release-notes-suse-openstack-cloud-7.20180803-3.18.3.noarch", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.x86_64", "SUSE OpenStack Cloud 7:zookeeper-server-3.4.10-6.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2019-16792", url: "https://www.suse.com/security/cve/CVE-2019-16792", }, { category: "external", summary: "SUSE Bug 1161670 for CVE-2019-16792", url: "https://bugzilla.suse.com/1161670", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE OpenStack Cloud 7:ansible-2.2.3.0-12.2.noarch", "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.s390x", "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.x86_64", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.s390x", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.x86_64", "SUSE OpenStack Cloud 7:crowbar-ha-4.0+git.1585316203.d6ad2c8-4.52.4.noarch", "SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1589804581.9972163f0-9.71.4.noarch", "SUSE OpenStack Cloud 7:grafana-4.6.5-1.14.1.x86_64", "SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.s390x", "SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.x86_64", "SUSE OpenStack Cloud 7:kibana-4.6.3-5.1.x86_64", "SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.s390x", "SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.x86_64", "SUSE OpenStack Cloud 7:monasca-installer-20180608_12.47-12.1.noarch", "SUSE OpenStack Cloud 7:openstack-dashboard-theme-SUSE-2016.2-5.12.4.noarch", "SUSE OpenStack Cloud 7:openstack-manila-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-api-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-data-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-doc-3.0.1~dev30-4.12.3.noarch", "SUSE OpenStack Cloud 7:openstack-manila-scheduler-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-share-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-neutron-fwaas-9.0.2~dev5-4.9.3.noarch", "SUSE OpenStack Cloud 7:openstack-neutron-fwaas-doc-9.0.2~dev5-4.9.4.noarch", "SUSE OpenStack Cloud 7:openstack-nova-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-api-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-cells-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-cert-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-compute-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-conductor-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-console-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-consoleauth-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-doc-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-novncproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-placement-api-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-scheduler-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-serialproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-vncproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-tempest-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:openstack-tempest-test-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:python-Django-1.8.19-3.23.1.noarch", "SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.s390x", "SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.x86_64", "SUSE OpenStack Cloud 7:python-manila-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:python-neutron-fwaas-9.0.2~dev5-4.9.3.noarch", "SUSE OpenStack Cloud 7:python-nova-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:python-psql2mysql-0.5.0+git.1589351878.4ef877c-1.12.1.noarch", "SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.s390x", "SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.x86_64", "SUSE OpenStack Cloud 7:python-py-1.8.1-11.12.1.noarch", "SUSE OpenStack Cloud 7:python-pysaml2-4.0.2-3.17.1.noarch", "SUSE OpenStack Cloud 7:python-tempest-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.s390x", "SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.x86_64", "SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.s390x", "SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.x86_64", "SUSE OpenStack Cloud 7:release-notes-suse-openstack-cloud-7.20180803-3.18.3.noarch", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.x86_64", "SUSE OpenStack Cloud 7:zookeeper-server-3.4.10-6.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N", version: "3.1", }, products: [ "SUSE OpenStack Cloud 7:ansible-2.2.3.0-12.2.noarch", "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.s390x", "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.x86_64", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.s390x", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.x86_64", "SUSE OpenStack Cloud 7:crowbar-ha-4.0+git.1585316203.d6ad2c8-4.52.4.noarch", "SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1589804581.9972163f0-9.71.4.noarch", "SUSE OpenStack Cloud 7:grafana-4.6.5-1.14.1.x86_64", "SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.s390x", "SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.x86_64", "SUSE OpenStack Cloud 7:kibana-4.6.3-5.1.x86_64", "SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.s390x", "SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.x86_64", "SUSE OpenStack Cloud 7:monasca-installer-20180608_12.47-12.1.noarch", "SUSE OpenStack Cloud 7:openstack-dashboard-theme-SUSE-2016.2-5.12.4.noarch", "SUSE OpenStack Cloud 7:openstack-manila-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-api-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-data-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-doc-3.0.1~dev30-4.12.3.noarch", "SUSE OpenStack Cloud 7:openstack-manila-scheduler-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-share-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-neutron-fwaas-9.0.2~dev5-4.9.3.noarch", "SUSE OpenStack Cloud 7:openstack-neutron-fwaas-doc-9.0.2~dev5-4.9.4.noarch", "SUSE OpenStack Cloud 7:openstack-nova-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-api-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-cells-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-cert-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-compute-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-conductor-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-console-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-consoleauth-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-doc-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-novncproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-placement-api-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-scheduler-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-serialproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-vncproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-tempest-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:openstack-tempest-test-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:python-Django-1.8.19-3.23.1.noarch", "SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.s390x", "SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.x86_64", "SUSE OpenStack Cloud 7:python-manila-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:python-neutron-fwaas-9.0.2~dev5-4.9.3.noarch", "SUSE OpenStack Cloud 7:python-nova-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:python-psql2mysql-0.5.0+git.1589351878.4ef877c-1.12.1.noarch", "SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.s390x", "SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.x86_64", "SUSE OpenStack Cloud 7:python-py-1.8.1-11.12.1.noarch", "SUSE OpenStack Cloud 7:python-pysaml2-4.0.2-3.17.1.noarch", "SUSE OpenStack Cloud 7:python-tempest-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.s390x", "SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.x86_64", "SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.s390x", "SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.x86_64", "SUSE OpenStack Cloud 7:release-notes-suse-openstack-cloud-7.20180803-3.18.3.noarch", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.x86_64", "SUSE OpenStack Cloud 7:zookeeper-server-3.4.10-6.1.noarch", ], }, ], threats: [ { category: "impact", date: "2020-07-29T14:31:35Z", details: "moderate", }, ], title: "CVE-2019-16792", }, { cve: "CVE-2019-16865", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-16865", }, ], notes: [ { category: "general", text: "An issue was discovered in Pillow before 6.2.0. When reading specially crafted invalid image files, the library can either allocate very large amounts of memory or take an extremely long period of time to process the image.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE OpenStack Cloud 7:ansible-2.2.3.0-12.2.noarch", "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.s390x", "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.x86_64", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.s390x", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.x86_64", "SUSE OpenStack Cloud 7:crowbar-ha-4.0+git.1585316203.d6ad2c8-4.52.4.noarch", "SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1589804581.9972163f0-9.71.4.noarch", "SUSE OpenStack Cloud 7:grafana-4.6.5-1.14.1.x86_64", "SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.s390x", "SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.x86_64", "SUSE OpenStack Cloud 7:kibana-4.6.3-5.1.x86_64", "SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.s390x", "SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.x86_64", "SUSE OpenStack Cloud 7:monasca-installer-20180608_12.47-12.1.noarch", "SUSE OpenStack Cloud 7:openstack-dashboard-theme-SUSE-2016.2-5.12.4.noarch", "SUSE OpenStack Cloud 7:openstack-manila-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-api-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-data-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-doc-3.0.1~dev30-4.12.3.noarch", "SUSE OpenStack Cloud 7:openstack-manila-scheduler-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-share-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-neutron-fwaas-9.0.2~dev5-4.9.3.noarch", "SUSE OpenStack Cloud 7:openstack-neutron-fwaas-doc-9.0.2~dev5-4.9.4.noarch", "SUSE OpenStack Cloud 7:openstack-nova-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-api-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-cells-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-cert-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-compute-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-conductor-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-console-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-consoleauth-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-doc-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-novncproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-placement-api-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-scheduler-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-serialproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-vncproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-tempest-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:openstack-tempest-test-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:python-Django-1.8.19-3.23.1.noarch", "SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.s390x", "SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.x86_64", "SUSE OpenStack Cloud 7:python-manila-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:python-neutron-fwaas-9.0.2~dev5-4.9.3.noarch", "SUSE OpenStack Cloud 7:python-nova-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:python-psql2mysql-0.5.0+git.1589351878.4ef877c-1.12.1.noarch", "SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.s390x", "SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.x86_64", "SUSE OpenStack Cloud 7:python-py-1.8.1-11.12.1.noarch", "SUSE OpenStack Cloud 7:python-pysaml2-4.0.2-3.17.1.noarch", "SUSE OpenStack Cloud 7:python-tempest-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.s390x", "SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.x86_64", "SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.s390x", "SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.x86_64", "SUSE OpenStack Cloud 7:release-notes-suse-openstack-cloud-7.20180803-3.18.3.noarch", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.x86_64", "SUSE OpenStack Cloud 7:zookeeper-server-3.4.10-6.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2019-16865", url: "https://www.suse.com/security/cve/CVE-2019-16865", }, { category: "external", summary: "SUSE Bug 1153191 for CVE-2019-16865", url: "https://bugzilla.suse.com/1153191", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE OpenStack Cloud 7:ansible-2.2.3.0-12.2.noarch", "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.s390x", "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.x86_64", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.s390x", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.x86_64", "SUSE OpenStack Cloud 7:crowbar-ha-4.0+git.1585316203.d6ad2c8-4.52.4.noarch", "SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1589804581.9972163f0-9.71.4.noarch", "SUSE OpenStack Cloud 7:grafana-4.6.5-1.14.1.x86_64", "SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.s390x", "SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.x86_64", "SUSE OpenStack Cloud 7:kibana-4.6.3-5.1.x86_64", "SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.s390x", "SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.x86_64", "SUSE OpenStack Cloud 7:monasca-installer-20180608_12.47-12.1.noarch", "SUSE OpenStack Cloud 7:openstack-dashboard-theme-SUSE-2016.2-5.12.4.noarch", "SUSE OpenStack Cloud 7:openstack-manila-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-api-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-data-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-doc-3.0.1~dev30-4.12.3.noarch", "SUSE OpenStack Cloud 7:openstack-manila-scheduler-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-share-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-neutron-fwaas-9.0.2~dev5-4.9.3.noarch", "SUSE OpenStack Cloud 7:openstack-neutron-fwaas-doc-9.0.2~dev5-4.9.4.noarch", "SUSE OpenStack Cloud 7:openstack-nova-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-api-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-cells-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-cert-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-compute-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-conductor-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-console-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-consoleauth-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-doc-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-novncproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-placement-api-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-scheduler-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-serialproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-vncproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-tempest-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:openstack-tempest-test-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:python-Django-1.8.19-3.23.1.noarch", "SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.s390x", "SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.x86_64", "SUSE OpenStack Cloud 7:python-manila-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:python-neutron-fwaas-9.0.2~dev5-4.9.3.noarch", "SUSE OpenStack Cloud 7:python-nova-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:python-psql2mysql-0.5.0+git.1589351878.4ef877c-1.12.1.noarch", "SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.s390x", "SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.x86_64", "SUSE OpenStack Cloud 7:python-py-1.8.1-11.12.1.noarch", "SUSE OpenStack Cloud 7:python-pysaml2-4.0.2-3.17.1.noarch", "SUSE OpenStack Cloud 7:python-tempest-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.s390x", "SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.x86_64", "SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.s390x", "SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.x86_64", "SUSE OpenStack Cloud 7:release-notes-suse-openstack-cloud-7.20180803-3.18.3.noarch", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.x86_64", "SUSE OpenStack Cloud 7:zookeeper-server-3.4.10-6.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "SUSE OpenStack Cloud 7:ansible-2.2.3.0-12.2.noarch", "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.s390x", "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.x86_64", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.s390x", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.x86_64", "SUSE OpenStack Cloud 7:crowbar-ha-4.0+git.1585316203.d6ad2c8-4.52.4.noarch", "SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1589804581.9972163f0-9.71.4.noarch", "SUSE OpenStack Cloud 7:grafana-4.6.5-1.14.1.x86_64", "SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.s390x", "SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.x86_64", "SUSE OpenStack Cloud 7:kibana-4.6.3-5.1.x86_64", "SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.s390x", "SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.x86_64", "SUSE OpenStack Cloud 7:monasca-installer-20180608_12.47-12.1.noarch", "SUSE OpenStack Cloud 7:openstack-dashboard-theme-SUSE-2016.2-5.12.4.noarch", "SUSE OpenStack Cloud 7:openstack-manila-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-api-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-data-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-doc-3.0.1~dev30-4.12.3.noarch", "SUSE OpenStack Cloud 7:openstack-manila-scheduler-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-share-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-neutron-fwaas-9.0.2~dev5-4.9.3.noarch", "SUSE OpenStack Cloud 7:openstack-neutron-fwaas-doc-9.0.2~dev5-4.9.4.noarch", "SUSE OpenStack Cloud 7:openstack-nova-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-api-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-cells-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-cert-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-compute-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-conductor-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-console-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-consoleauth-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-doc-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-novncproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-placement-api-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-scheduler-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-serialproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-vncproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-tempest-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:openstack-tempest-test-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:python-Django-1.8.19-3.23.1.noarch", "SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.s390x", "SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.x86_64", "SUSE OpenStack Cloud 7:python-manila-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:python-neutron-fwaas-9.0.2~dev5-4.9.3.noarch", "SUSE OpenStack Cloud 7:python-nova-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:python-psql2mysql-0.5.0+git.1589351878.4ef877c-1.12.1.noarch", "SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.s390x", "SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.x86_64", "SUSE OpenStack Cloud 7:python-py-1.8.1-11.12.1.noarch", "SUSE OpenStack Cloud 7:python-pysaml2-4.0.2-3.17.1.noarch", "SUSE OpenStack Cloud 7:python-tempest-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.s390x", "SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.x86_64", "SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.s390x", "SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.x86_64", "SUSE OpenStack Cloud 7:release-notes-suse-openstack-cloud-7.20180803-3.18.3.noarch", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.x86_64", "SUSE OpenStack Cloud 7:zookeeper-server-3.4.10-6.1.noarch", ], }, ], threats: [ { category: "impact", date: "2020-07-29T14:31:35Z", details: "low", }, ], title: "CVE-2019-16865", }, { cve: "CVE-2019-18874", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-18874", }, ], notes: [ { category: "general", text: "psutil (aka python-psutil) through 5.6.5 can have a double free. This occurs because of refcount mishandling within a while or for loop that converts system data into a Python object.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE OpenStack Cloud 7:ansible-2.2.3.0-12.2.noarch", "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.s390x", "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.x86_64", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.s390x", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.x86_64", "SUSE OpenStack Cloud 7:crowbar-ha-4.0+git.1585316203.d6ad2c8-4.52.4.noarch", "SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1589804581.9972163f0-9.71.4.noarch", "SUSE OpenStack Cloud 7:grafana-4.6.5-1.14.1.x86_64", "SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.s390x", "SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.x86_64", "SUSE OpenStack Cloud 7:kibana-4.6.3-5.1.x86_64", "SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.s390x", "SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.x86_64", "SUSE OpenStack Cloud 7:monasca-installer-20180608_12.47-12.1.noarch", "SUSE OpenStack Cloud 7:openstack-dashboard-theme-SUSE-2016.2-5.12.4.noarch", "SUSE OpenStack Cloud 7:openstack-manila-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-api-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-data-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-doc-3.0.1~dev30-4.12.3.noarch", "SUSE OpenStack Cloud 7:openstack-manila-scheduler-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-share-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-neutron-fwaas-9.0.2~dev5-4.9.3.noarch", "SUSE OpenStack Cloud 7:openstack-neutron-fwaas-doc-9.0.2~dev5-4.9.4.noarch", "SUSE OpenStack Cloud 7:openstack-nova-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-api-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-cells-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-cert-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-compute-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-conductor-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-console-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-consoleauth-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-doc-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-novncproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-placement-api-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-scheduler-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-serialproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-vncproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-tempest-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:openstack-tempest-test-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:python-Django-1.8.19-3.23.1.noarch", "SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.s390x", "SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.x86_64", "SUSE OpenStack Cloud 7:python-manila-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:python-neutron-fwaas-9.0.2~dev5-4.9.3.noarch", "SUSE OpenStack Cloud 7:python-nova-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:python-psql2mysql-0.5.0+git.1589351878.4ef877c-1.12.1.noarch", "SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.s390x", "SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.x86_64", "SUSE OpenStack Cloud 7:python-py-1.8.1-11.12.1.noarch", "SUSE OpenStack Cloud 7:python-pysaml2-4.0.2-3.17.1.noarch", "SUSE OpenStack Cloud 7:python-tempest-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.s390x", "SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.x86_64", "SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.s390x", "SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.x86_64", "SUSE OpenStack Cloud 7:release-notes-suse-openstack-cloud-7.20180803-3.18.3.noarch", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.x86_64", "SUSE OpenStack Cloud 7:zookeeper-server-3.4.10-6.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2019-18874", url: "https://www.suse.com/security/cve/CVE-2019-18874", }, { category: "external", summary: "SUSE Bug 1156525 for CVE-2019-18874", url: "https://bugzilla.suse.com/1156525", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE OpenStack Cloud 7:ansible-2.2.3.0-12.2.noarch", "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.s390x", "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.x86_64", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.s390x", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.x86_64", "SUSE OpenStack Cloud 7:crowbar-ha-4.0+git.1585316203.d6ad2c8-4.52.4.noarch", "SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1589804581.9972163f0-9.71.4.noarch", "SUSE OpenStack Cloud 7:grafana-4.6.5-1.14.1.x86_64", "SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.s390x", "SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.x86_64", "SUSE OpenStack Cloud 7:kibana-4.6.3-5.1.x86_64", "SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.s390x", "SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.x86_64", "SUSE OpenStack Cloud 7:monasca-installer-20180608_12.47-12.1.noarch", "SUSE OpenStack Cloud 7:openstack-dashboard-theme-SUSE-2016.2-5.12.4.noarch", "SUSE OpenStack Cloud 7:openstack-manila-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-api-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-data-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-doc-3.0.1~dev30-4.12.3.noarch", "SUSE OpenStack Cloud 7:openstack-manila-scheduler-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-share-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-neutron-fwaas-9.0.2~dev5-4.9.3.noarch", "SUSE OpenStack Cloud 7:openstack-neutron-fwaas-doc-9.0.2~dev5-4.9.4.noarch", "SUSE OpenStack Cloud 7:openstack-nova-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-api-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-cells-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-cert-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-compute-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-conductor-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-console-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-consoleauth-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-doc-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-novncproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-placement-api-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-scheduler-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-serialproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-vncproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-tempest-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:openstack-tempest-test-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:python-Django-1.8.19-3.23.1.noarch", "SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.s390x", "SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.x86_64", "SUSE OpenStack Cloud 7:python-manila-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:python-neutron-fwaas-9.0.2~dev5-4.9.3.noarch", "SUSE OpenStack Cloud 7:python-nova-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:python-psql2mysql-0.5.0+git.1589351878.4ef877c-1.12.1.noarch", "SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.s390x", "SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.x86_64", "SUSE OpenStack Cloud 7:python-py-1.8.1-11.12.1.noarch", "SUSE OpenStack Cloud 7:python-pysaml2-4.0.2-3.17.1.noarch", "SUSE OpenStack Cloud 7:python-tempest-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.s390x", "SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.x86_64", "SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.s390x", "SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.x86_64", "SUSE OpenStack Cloud 7:release-notes-suse-openstack-cloud-7.20180803-3.18.3.noarch", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.x86_64", "SUSE OpenStack Cloud 7:zookeeper-server-3.4.10-6.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "SUSE OpenStack Cloud 7:ansible-2.2.3.0-12.2.noarch", "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.s390x", "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.x86_64", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.s390x", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.x86_64", "SUSE OpenStack Cloud 7:crowbar-ha-4.0+git.1585316203.d6ad2c8-4.52.4.noarch", "SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1589804581.9972163f0-9.71.4.noarch", "SUSE OpenStack Cloud 7:grafana-4.6.5-1.14.1.x86_64", "SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.s390x", "SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.x86_64", "SUSE OpenStack Cloud 7:kibana-4.6.3-5.1.x86_64", "SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.s390x", "SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.x86_64", "SUSE OpenStack Cloud 7:monasca-installer-20180608_12.47-12.1.noarch", "SUSE OpenStack Cloud 7:openstack-dashboard-theme-SUSE-2016.2-5.12.4.noarch", "SUSE OpenStack Cloud 7:openstack-manila-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-api-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-data-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-doc-3.0.1~dev30-4.12.3.noarch", "SUSE OpenStack Cloud 7:openstack-manila-scheduler-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-share-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-neutron-fwaas-9.0.2~dev5-4.9.3.noarch", "SUSE OpenStack Cloud 7:openstack-neutron-fwaas-doc-9.0.2~dev5-4.9.4.noarch", "SUSE OpenStack Cloud 7:openstack-nova-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-api-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-cells-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-cert-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-compute-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-conductor-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-console-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-consoleauth-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-doc-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-novncproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-placement-api-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-scheduler-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-serialproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-vncproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-tempest-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:openstack-tempest-test-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:python-Django-1.8.19-3.23.1.noarch", "SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.s390x", "SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.x86_64", "SUSE OpenStack Cloud 7:python-manila-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:python-neutron-fwaas-9.0.2~dev5-4.9.3.noarch", "SUSE OpenStack Cloud 7:python-nova-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:python-psql2mysql-0.5.0+git.1589351878.4ef877c-1.12.1.noarch", "SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.s390x", "SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.x86_64", "SUSE OpenStack Cloud 7:python-py-1.8.1-11.12.1.noarch", "SUSE OpenStack Cloud 7:python-pysaml2-4.0.2-3.17.1.noarch", "SUSE OpenStack Cloud 7:python-tempest-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.s390x", "SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.x86_64", "SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.s390x", "SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.x86_64", "SUSE OpenStack Cloud 7:release-notes-suse-openstack-cloud-7.20180803-3.18.3.noarch", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.x86_64", "SUSE OpenStack Cloud 7:zookeeper-server-3.4.10-6.1.noarch", ], }, ], threats: [ { category: "impact", date: "2020-07-29T14:31:35Z", details: "low", }, ], title: "CVE-2019-18874", }, { cve: "CVE-2019-19844", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-19844", }, ], notes: [ { category: "general", text: "Django before 1.11.27, 2.x before 2.2.9, and 3.x before 3.0.1 allows account takeover. A suitably crafted email address (that is equal to an existing user's email address after case transformation of Unicode characters) would allow an attacker to be sent a password reset token for the matched user account. (One mitigation in the new releases is to send password reset tokens only to the registered user email address.)", title: "CVE description", }, ], product_status: { recommended: [ "SUSE OpenStack Cloud 7:ansible-2.2.3.0-12.2.noarch", "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.s390x", "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.x86_64", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.s390x", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.x86_64", "SUSE OpenStack Cloud 7:crowbar-ha-4.0+git.1585316203.d6ad2c8-4.52.4.noarch", "SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1589804581.9972163f0-9.71.4.noarch", "SUSE OpenStack Cloud 7:grafana-4.6.5-1.14.1.x86_64", "SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.s390x", "SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.x86_64", "SUSE OpenStack Cloud 7:kibana-4.6.3-5.1.x86_64", "SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.s390x", "SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.x86_64", "SUSE OpenStack Cloud 7:monasca-installer-20180608_12.47-12.1.noarch", "SUSE OpenStack Cloud 7:openstack-dashboard-theme-SUSE-2016.2-5.12.4.noarch", "SUSE OpenStack Cloud 7:openstack-manila-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-api-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-data-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-doc-3.0.1~dev30-4.12.3.noarch", "SUSE OpenStack Cloud 7:openstack-manila-scheduler-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-share-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-neutron-fwaas-9.0.2~dev5-4.9.3.noarch", "SUSE OpenStack Cloud 7:openstack-neutron-fwaas-doc-9.0.2~dev5-4.9.4.noarch", "SUSE OpenStack Cloud 7:openstack-nova-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-api-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-cells-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-cert-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-compute-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-conductor-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-console-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-consoleauth-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-doc-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-novncproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-placement-api-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-scheduler-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-serialproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-vncproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-tempest-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:openstack-tempest-test-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:python-Django-1.8.19-3.23.1.noarch", "SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.s390x", "SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.x86_64", "SUSE OpenStack Cloud 7:python-manila-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:python-neutron-fwaas-9.0.2~dev5-4.9.3.noarch", "SUSE OpenStack Cloud 7:python-nova-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:python-psql2mysql-0.5.0+git.1589351878.4ef877c-1.12.1.noarch", "SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.s390x", "SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.x86_64", "SUSE OpenStack Cloud 7:python-py-1.8.1-11.12.1.noarch", "SUSE OpenStack Cloud 7:python-pysaml2-4.0.2-3.17.1.noarch", "SUSE OpenStack Cloud 7:python-tempest-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.s390x", "SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.x86_64", "SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.s390x", "SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.x86_64", "SUSE OpenStack Cloud 7:release-notes-suse-openstack-cloud-7.20180803-3.18.3.noarch", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.x86_64", "SUSE OpenStack Cloud 7:zookeeper-server-3.4.10-6.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2019-19844", url: "https://www.suse.com/security/cve/CVE-2019-19844", }, { category: "external", summary: "SUSE Bug 1159447 for CVE-2019-19844", url: "https://bugzilla.suse.com/1159447", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE OpenStack Cloud 7:ansible-2.2.3.0-12.2.noarch", "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.s390x", "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.x86_64", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.s390x", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.x86_64", "SUSE OpenStack Cloud 7:crowbar-ha-4.0+git.1585316203.d6ad2c8-4.52.4.noarch", "SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1589804581.9972163f0-9.71.4.noarch", "SUSE OpenStack Cloud 7:grafana-4.6.5-1.14.1.x86_64", "SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.s390x", "SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.x86_64", "SUSE OpenStack Cloud 7:kibana-4.6.3-5.1.x86_64", "SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.s390x", "SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.x86_64", "SUSE OpenStack Cloud 7:monasca-installer-20180608_12.47-12.1.noarch", "SUSE OpenStack Cloud 7:openstack-dashboard-theme-SUSE-2016.2-5.12.4.noarch", "SUSE OpenStack Cloud 7:openstack-manila-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-api-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-data-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-doc-3.0.1~dev30-4.12.3.noarch", "SUSE OpenStack Cloud 7:openstack-manila-scheduler-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-share-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-neutron-fwaas-9.0.2~dev5-4.9.3.noarch", "SUSE OpenStack Cloud 7:openstack-neutron-fwaas-doc-9.0.2~dev5-4.9.4.noarch", "SUSE OpenStack Cloud 7:openstack-nova-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-api-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-cells-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-cert-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-compute-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-conductor-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-console-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-consoleauth-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-doc-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-novncproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-placement-api-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-scheduler-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-serialproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-vncproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-tempest-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:openstack-tempest-test-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:python-Django-1.8.19-3.23.1.noarch", "SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.s390x", "SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.x86_64", "SUSE OpenStack Cloud 7:python-manila-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:python-neutron-fwaas-9.0.2~dev5-4.9.3.noarch", "SUSE OpenStack Cloud 7:python-nova-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:python-psql2mysql-0.5.0+git.1589351878.4ef877c-1.12.1.noarch", "SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.s390x", "SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.x86_64", "SUSE OpenStack Cloud 7:python-py-1.8.1-11.12.1.noarch", "SUSE OpenStack Cloud 7:python-pysaml2-4.0.2-3.17.1.noarch", "SUSE OpenStack Cloud 7:python-tempest-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.s390x", "SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.x86_64", "SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.s390x", "SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.x86_64", "SUSE OpenStack Cloud 7:release-notes-suse-openstack-cloud-7.20180803-3.18.3.noarch", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.x86_64", "SUSE OpenStack Cloud 7:zookeeper-server-3.4.10-6.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", version: "3.1", }, products: [ "SUSE OpenStack Cloud 7:ansible-2.2.3.0-12.2.noarch", "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.s390x", "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.x86_64", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.s390x", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.x86_64", "SUSE OpenStack Cloud 7:crowbar-ha-4.0+git.1585316203.d6ad2c8-4.52.4.noarch", "SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1589804581.9972163f0-9.71.4.noarch", "SUSE OpenStack Cloud 7:grafana-4.6.5-1.14.1.x86_64", "SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.s390x", "SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.x86_64", "SUSE OpenStack Cloud 7:kibana-4.6.3-5.1.x86_64", "SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.s390x", "SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.x86_64", "SUSE OpenStack Cloud 7:monasca-installer-20180608_12.47-12.1.noarch", "SUSE OpenStack Cloud 7:openstack-dashboard-theme-SUSE-2016.2-5.12.4.noarch", "SUSE OpenStack Cloud 7:openstack-manila-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-api-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-data-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-doc-3.0.1~dev30-4.12.3.noarch", "SUSE OpenStack Cloud 7:openstack-manila-scheduler-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-share-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-neutron-fwaas-9.0.2~dev5-4.9.3.noarch", "SUSE OpenStack Cloud 7:openstack-neutron-fwaas-doc-9.0.2~dev5-4.9.4.noarch", "SUSE OpenStack Cloud 7:openstack-nova-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-api-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-cells-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-cert-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-compute-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-conductor-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-console-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-consoleauth-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-doc-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-novncproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-placement-api-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-scheduler-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-serialproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-vncproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-tempest-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:openstack-tempest-test-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:python-Django-1.8.19-3.23.1.noarch", "SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.s390x", "SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.x86_64", "SUSE OpenStack Cloud 7:python-manila-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:python-neutron-fwaas-9.0.2~dev5-4.9.3.noarch", "SUSE OpenStack Cloud 7:python-nova-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:python-psql2mysql-0.5.0+git.1589351878.4ef877c-1.12.1.noarch", "SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.s390x", "SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.x86_64", "SUSE OpenStack Cloud 7:python-py-1.8.1-11.12.1.noarch", "SUSE OpenStack Cloud 7:python-pysaml2-4.0.2-3.17.1.noarch", "SUSE OpenStack Cloud 7:python-tempest-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.s390x", "SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.x86_64", "SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.s390x", "SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.x86_64", "SUSE OpenStack Cloud 7:release-notes-suse-openstack-cloud-7.20180803-3.18.3.noarch", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.x86_64", "SUSE OpenStack Cloud 7:zookeeper-server-3.4.10-6.1.noarch", ], }, ], threats: [ { category: "impact", date: "2020-07-29T14:31:35Z", details: "moderate", }, ], title: "CVE-2019-19844", }, { cve: "CVE-2019-19911", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-19911", }, ], notes: [ { category: "general", text: "There is a DoS vulnerability in Pillow before 6.2.2 caused by FpxImagePlugin.py calling the range function on an unvalidated 32-bit integer if the number of bands is large. On Windows running 32-bit Python, this results in an OverflowError or MemoryError due to the 2 GB limit. However, on Linux running 64-bit Python this results in the process being terminated by the OOM killer.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE OpenStack Cloud 7:ansible-2.2.3.0-12.2.noarch", "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.s390x", "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.x86_64", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.s390x", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.x86_64", "SUSE OpenStack Cloud 7:crowbar-ha-4.0+git.1585316203.d6ad2c8-4.52.4.noarch", "SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1589804581.9972163f0-9.71.4.noarch", "SUSE OpenStack Cloud 7:grafana-4.6.5-1.14.1.x86_64", "SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.s390x", "SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.x86_64", "SUSE OpenStack Cloud 7:kibana-4.6.3-5.1.x86_64", "SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.s390x", "SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.x86_64", "SUSE OpenStack Cloud 7:monasca-installer-20180608_12.47-12.1.noarch", "SUSE OpenStack Cloud 7:openstack-dashboard-theme-SUSE-2016.2-5.12.4.noarch", "SUSE OpenStack Cloud 7:openstack-manila-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-api-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-data-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-doc-3.0.1~dev30-4.12.3.noarch", "SUSE OpenStack Cloud 7:openstack-manila-scheduler-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-share-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-neutron-fwaas-9.0.2~dev5-4.9.3.noarch", "SUSE OpenStack Cloud 7:openstack-neutron-fwaas-doc-9.0.2~dev5-4.9.4.noarch", "SUSE OpenStack Cloud 7:openstack-nova-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-api-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-cells-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-cert-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-compute-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-conductor-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-console-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-consoleauth-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-doc-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-novncproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-placement-api-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-scheduler-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-serialproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-vncproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-tempest-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:openstack-tempest-test-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:python-Django-1.8.19-3.23.1.noarch", "SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.s390x", "SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.x86_64", "SUSE OpenStack Cloud 7:python-manila-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:python-neutron-fwaas-9.0.2~dev5-4.9.3.noarch", "SUSE OpenStack Cloud 7:python-nova-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:python-psql2mysql-0.5.0+git.1589351878.4ef877c-1.12.1.noarch", "SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.s390x", "SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.x86_64", "SUSE OpenStack Cloud 7:python-py-1.8.1-11.12.1.noarch", "SUSE OpenStack Cloud 7:python-pysaml2-4.0.2-3.17.1.noarch", "SUSE OpenStack Cloud 7:python-tempest-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.s390x", "SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.x86_64", "SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.s390x", "SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.x86_64", "SUSE OpenStack Cloud 7:release-notes-suse-openstack-cloud-7.20180803-3.18.3.noarch", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.x86_64", "SUSE OpenStack Cloud 7:zookeeper-server-3.4.10-6.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2019-19911", url: "https://www.suse.com/security/cve/CVE-2019-19911", }, { category: "external", summary: "SUSE Bug 1160192 for CVE-2019-19911", url: "https://bugzilla.suse.com/1160192", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE OpenStack Cloud 7:ansible-2.2.3.0-12.2.noarch", "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.s390x", "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.x86_64", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.s390x", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.x86_64", "SUSE OpenStack Cloud 7:crowbar-ha-4.0+git.1585316203.d6ad2c8-4.52.4.noarch", "SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1589804581.9972163f0-9.71.4.noarch", "SUSE OpenStack Cloud 7:grafana-4.6.5-1.14.1.x86_64", "SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.s390x", "SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.x86_64", "SUSE OpenStack Cloud 7:kibana-4.6.3-5.1.x86_64", "SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.s390x", "SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.x86_64", "SUSE OpenStack Cloud 7:monasca-installer-20180608_12.47-12.1.noarch", "SUSE OpenStack Cloud 7:openstack-dashboard-theme-SUSE-2016.2-5.12.4.noarch", "SUSE OpenStack Cloud 7:openstack-manila-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-api-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-data-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-doc-3.0.1~dev30-4.12.3.noarch", "SUSE OpenStack Cloud 7:openstack-manila-scheduler-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-share-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-neutron-fwaas-9.0.2~dev5-4.9.3.noarch", "SUSE OpenStack Cloud 7:openstack-neutron-fwaas-doc-9.0.2~dev5-4.9.4.noarch", "SUSE OpenStack Cloud 7:openstack-nova-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-api-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-cells-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-cert-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-compute-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-conductor-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-console-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-consoleauth-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-doc-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-novncproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-placement-api-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-scheduler-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-serialproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-vncproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-tempest-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:openstack-tempest-test-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:python-Django-1.8.19-3.23.1.noarch", "SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.s390x", "SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.x86_64", "SUSE OpenStack Cloud 7:python-manila-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:python-neutron-fwaas-9.0.2~dev5-4.9.3.noarch", "SUSE OpenStack Cloud 7:python-nova-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:python-psql2mysql-0.5.0+git.1589351878.4ef877c-1.12.1.noarch", "SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.s390x", "SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.x86_64", "SUSE OpenStack Cloud 7:python-py-1.8.1-11.12.1.noarch", "SUSE OpenStack Cloud 7:python-pysaml2-4.0.2-3.17.1.noarch", "SUSE OpenStack Cloud 7:python-tempest-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.s390x", "SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.x86_64", "SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.s390x", "SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.x86_64", "SUSE OpenStack Cloud 7:release-notes-suse-openstack-cloud-7.20180803-3.18.3.noarch", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.x86_64", "SUSE OpenStack Cloud 7:zookeeper-server-3.4.10-6.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE OpenStack Cloud 7:ansible-2.2.3.0-12.2.noarch", "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.s390x", "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.x86_64", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.s390x", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.x86_64", "SUSE OpenStack Cloud 7:crowbar-ha-4.0+git.1585316203.d6ad2c8-4.52.4.noarch", "SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1589804581.9972163f0-9.71.4.noarch", "SUSE OpenStack Cloud 7:grafana-4.6.5-1.14.1.x86_64", "SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.s390x", "SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.x86_64", "SUSE OpenStack Cloud 7:kibana-4.6.3-5.1.x86_64", "SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.s390x", "SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.x86_64", "SUSE OpenStack Cloud 7:monasca-installer-20180608_12.47-12.1.noarch", "SUSE OpenStack Cloud 7:openstack-dashboard-theme-SUSE-2016.2-5.12.4.noarch", "SUSE OpenStack Cloud 7:openstack-manila-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-api-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-data-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-doc-3.0.1~dev30-4.12.3.noarch", "SUSE OpenStack Cloud 7:openstack-manila-scheduler-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-share-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-neutron-fwaas-9.0.2~dev5-4.9.3.noarch", "SUSE OpenStack Cloud 7:openstack-neutron-fwaas-doc-9.0.2~dev5-4.9.4.noarch", "SUSE OpenStack Cloud 7:openstack-nova-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-api-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-cells-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-cert-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-compute-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-conductor-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-console-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-consoleauth-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-doc-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-novncproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-placement-api-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-scheduler-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-serialproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-vncproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-tempest-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:openstack-tempest-test-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:python-Django-1.8.19-3.23.1.noarch", "SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.s390x", "SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.x86_64", "SUSE OpenStack Cloud 7:python-manila-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:python-neutron-fwaas-9.0.2~dev5-4.9.3.noarch", "SUSE OpenStack Cloud 7:python-nova-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:python-psql2mysql-0.5.0+git.1589351878.4ef877c-1.12.1.noarch", "SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.s390x", "SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.x86_64", "SUSE OpenStack Cloud 7:python-py-1.8.1-11.12.1.noarch", "SUSE OpenStack Cloud 7:python-pysaml2-4.0.2-3.17.1.noarch", "SUSE OpenStack Cloud 7:python-tempest-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.s390x", "SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.x86_64", "SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.s390x", "SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.x86_64", "SUSE OpenStack Cloud 7:release-notes-suse-openstack-cloud-7.20180803-3.18.3.noarch", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.x86_64", "SUSE OpenStack Cloud 7:zookeeper-server-3.4.10-6.1.noarch", ], }, ], threats: [ { category: "impact", date: "2020-07-29T14:31:35Z", details: "important", }, ], title: "CVE-2019-19911", }, { cve: "CVE-2019-3498", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-3498", }, ], notes: [ { category: "general", text: "In Django 1.11.x before 1.11.18, 2.0.x before 2.0.10, and 2.1.x before 2.1.5, an Improper Neutralization of Special Elements in Output Used by a Downstream Component issue exists in django.views.defaults.page_not_found(), leading to content spoofing (in a 404 error page) if a user fails to recognize that a crafted URL has malicious content.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE OpenStack Cloud 7:ansible-2.2.3.0-12.2.noarch", "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.s390x", "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.x86_64", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.s390x", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.x86_64", "SUSE OpenStack Cloud 7:crowbar-ha-4.0+git.1585316203.d6ad2c8-4.52.4.noarch", "SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1589804581.9972163f0-9.71.4.noarch", "SUSE OpenStack Cloud 7:grafana-4.6.5-1.14.1.x86_64", "SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.s390x", "SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.x86_64", "SUSE OpenStack Cloud 7:kibana-4.6.3-5.1.x86_64", "SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.s390x", "SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.x86_64", "SUSE OpenStack Cloud 7:monasca-installer-20180608_12.47-12.1.noarch", "SUSE OpenStack Cloud 7:openstack-dashboard-theme-SUSE-2016.2-5.12.4.noarch", "SUSE OpenStack Cloud 7:openstack-manila-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-api-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-data-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-doc-3.0.1~dev30-4.12.3.noarch", "SUSE OpenStack Cloud 7:openstack-manila-scheduler-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-share-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-neutron-fwaas-9.0.2~dev5-4.9.3.noarch", "SUSE OpenStack Cloud 7:openstack-neutron-fwaas-doc-9.0.2~dev5-4.9.4.noarch", "SUSE OpenStack Cloud 7:openstack-nova-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-api-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-cells-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-cert-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-compute-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-conductor-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-console-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-consoleauth-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-doc-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-novncproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-placement-api-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-scheduler-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-serialproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-vncproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-tempest-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:openstack-tempest-test-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:python-Django-1.8.19-3.23.1.noarch", "SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.s390x", "SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.x86_64", "SUSE OpenStack Cloud 7:python-manila-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:python-neutron-fwaas-9.0.2~dev5-4.9.3.noarch", "SUSE OpenStack Cloud 7:python-nova-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:python-psql2mysql-0.5.0+git.1589351878.4ef877c-1.12.1.noarch", "SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.s390x", "SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.x86_64", "SUSE OpenStack Cloud 7:python-py-1.8.1-11.12.1.noarch", "SUSE OpenStack Cloud 7:python-pysaml2-4.0.2-3.17.1.noarch", "SUSE OpenStack Cloud 7:python-tempest-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.s390x", "SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.x86_64", "SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.s390x", "SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.x86_64", "SUSE OpenStack Cloud 7:release-notes-suse-openstack-cloud-7.20180803-3.18.3.noarch", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.x86_64", "SUSE OpenStack Cloud 7:zookeeper-server-3.4.10-6.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2019-3498", url: "https://www.suse.com/security/cve/CVE-2019-3498", }, { category: "external", summary: "SUSE Bug 1120932 for CVE-2019-3498", url: "https://bugzilla.suse.com/1120932", }, { category: "external", summary: "SUSE Bug 1139945 for CVE-2019-3498", url: "https://bugzilla.suse.com/1139945", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE OpenStack Cloud 7:ansible-2.2.3.0-12.2.noarch", "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.s390x", "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.x86_64", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.s390x", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.x86_64", "SUSE OpenStack Cloud 7:crowbar-ha-4.0+git.1585316203.d6ad2c8-4.52.4.noarch", "SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1589804581.9972163f0-9.71.4.noarch", "SUSE OpenStack Cloud 7:grafana-4.6.5-1.14.1.x86_64", "SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.s390x", "SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.x86_64", "SUSE OpenStack Cloud 7:kibana-4.6.3-5.1.x86_64", "SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.s390x", "SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.x86_64", "SUSE OpenStack Cloud 7:monasca-installer-20180608_12.47-12.1.noarch", "SUSE OpenStack Cloud 7:openstack-dashboard-theme-SUSE-2016.2-5.12.4.noarch", "SUSE OpenStack Cloud 7:openstack-manila-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-api-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-data-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-doc-3.0.1~dev30-4.12.3.noarch", "SUSE OpenStack Cloud 7:openstack-manila-scheduler-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-share-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-neutron-fwaas-9.0.2~dev5-4.9.3.noarch", "SUSE OpenStack Cloud 7:openstack-neutron-fwaas-doc-9.0.2~dev5-4.9.4.noarch", "SUSE OpenStack Cloud 7:openstack-nova-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-api-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-cells-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-cert-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-compute-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-conductor-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-console-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-consoleauth-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-doc-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-novncproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-placement-api-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-scheduler-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-serialproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-vncproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-tempest-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:openstack-tempest-test-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:python-Django-1.8.19-3.23.1.noarch", "SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.s390x", "SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.x86_64", "SUSE OpenStack Cloud 7:python-manila-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:python-neutron-fwaas-9.0.2~dev5-4.9.3.noarch", "SUSE OpenStack Cloud 7:python-nova-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:python-psql2mysql-0.5.0+git.1589351878.4ef877c-1.12.1.noarch", "SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.s390x", "SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.x86_64", "SUSE OpenStack Cloud 7:python-py-1.8.1-11.12.1.noarch", "SUSE OpenStack Cloud 7:python-pysaml2-4.0.2-3.17.1.noarch", "SUSE OpenStack Cloud 7:python-tempest-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.s390x", "SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.x86_64", "SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.s390x", "SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.x86_64", "SUSE OpenStack Cloud 7:release-notes-suse-openstack-cloud-7.20180803-3.18.3.noarch", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.x86_64", "SUSE OpenStack Cloud 7:zookeeper-server-3.4.10-6.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 4.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", version: "3.0", }, products: [ "SUSE OpenStack Cloud 7:ansible-2.2.3.0-12.2.noarch", "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.s390x", "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.x86_64", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.s390x", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.x86_64", "SUSE OpenStack Cloud 7:crowbar-ha-4.0+git.1585316203.d6ad2c8-4.52.4.noarch", "SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1589804581.9972163f0-9.71.4.noarch", "SUSE OpenStack Cloud 7:grafana-4.6.5-1.14.1.x86_64", "SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.s390x", "SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.x86_64", "SUSE OpenStack Cloud 7:kibana-4.6.3-5.1.x86_64", "SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.s390x", "SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.x86_64", "SUSE OpenStack Cloud 7:monasca-installer-20180608_12.47-12.1.noarch", "SUSE OpenStack Cloud 7:openstack-dashboard-theme-SUSE-2016.2-5.12.4.noarch", "SUSE OpenStack Cloud 7:openstack-manila-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-api-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-data-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-doc-3.0.1~dev30-4.12.3.noarch", "SUSE OpenStack Cloud 7:openstack-manila-scheduler-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-share-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-neutron-fwaas-9.0.2~dev5-4.9.3.noarch", "SUSE OpenStack Cloud 7:openstack-neutron-fwaas-doc-9.0.2~dev5-4.9.4.noarch", "SUSE OpenStack Cloud 7:openstack-nova-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-api-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-cells-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-cert-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-compute-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-conductor-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-console-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-consoleauth-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-doc-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-novncproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-placement-api-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-scheduler-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-serialproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-vncproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-tempest-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:openstack-tempest-test-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:python-Django-1.8.19-3.23.1.noarch", "SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.s390x", "SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.x86_64", "SUSE OpenStack Cloud 7:python-manila-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:python-neutron-fwaas-9.0.2~dev5-4.9.3.noarch", "SUSE OpenStack Cloud 7:python-nova-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:python-psql2mysql-0.5.0+git.1589351878.4ef877c-1.12.1.noarch", "SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.s390x", "SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.x86_64", "SUSE OpenStack Cloud 7:python-py-1.8.1-11.12.1.noarch", "SUSE OpenStack Cloud 7:python-pysaml2-4.0.2-3.17.1.noarch", "SUSE OpenStack Cloud 7:python-tempest-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.s390x", "SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.x86_64", "SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.s390x", "SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.x86_64", "SUSE OpenStack Cloud 7:release-notes-suse-openstack-cloud-7.20180803-3.18.3.noarch", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.x86_64", "SUSE OpenStack Cloud 7:zookeeper-server-3.4.10-6.1.noarch", ], }, ], threats: [ { category: "impact", date: "2020-07-29T14:31:35Z", details: "low", }, ], title: "CVE-2019-3498", }, { cve: "CVE-2019-3828", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-3828", }, ], notes: [ { category: "general", text: "Ansible fetch module before versions 2.5.15, 2.6.14, 2.7.8 has a path traversal vulnerability which allows copying and overwriting files outside of the specified destination in the local ansible controller host, by not restricting an absolute path.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE OpenStack Cloud 7:ansible-2.2.3.0-12.2.noarch", "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.s390x", "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.x86_64", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.s390x", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.x86_64", "SUSE OpenStack Cloud 7:crowbar-ha-4.0+git.1585316203.d6ad2c8-4.52.4.noarch", "SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1589804581.9972163f0-9.71.4.noarch", "SUSE OpenStack Cloud 7:grafana-4.6.5-1.14.1.x86_64", "SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.s390x", "SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.x86_64", "SUSE OpenStack Cloud 7:kibana-4.6.3-5.1.x86_64", "SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.s390x", "SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.x86_64", "SUSE OpenStack Cloud 7:monasca-installer-20180608_12.47-12.1.noarch", "SUSE OpenStack Cloud 7:openstack-dashboard-theme-SUSE-2016.2-5.12.4.noarch", "SUSE OpenStack Cloud 7:openstack-manila-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-api-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-data-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-doc-3.0.1~dev30-4.12.3.noarch", "SUSE OpenStack Cloud 7:openstack-manila-scheduler-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-share-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-neutron-fwaas-9.0.2~dev5-4.9.3.noarch", "SUSE OpenStack Cloud 7:openstack-neutron-fwaas-doc-9.0.2~dev5-4.9.4.noarch", "SUSE OpenStack Cloud 7:openstack-nova-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-api-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-cells-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-cert-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-compute-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-conductor-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-console-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-consoleauth-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-doc-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-novncproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-placement-api-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-scheduler-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-serialproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-vncproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-tempest-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:openstack-tempest-test-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:python-Django-1.8.19-3.23.1.noarch", "SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.s390x", "SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.x86_64", "SUSE OpenStack Cloud 7:python-manila-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:python-neutron-fwaas-9.0.2~dev5-4.9.3.noarch", "SUSE OpenStack Cloud 7:python-nova-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:python-psql2mysql-0.5.0+git.1589351878.4ef877c-1.12.1.noarch", "SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.s390x", "SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.x86_64", "SUSE OpenStack Cloud 7:python-py-1.8.1-11.12.1.noarch", "SUSE OpenStack Cloud 7:python-pysaml2-4.0.2-3.17.1.noarch", "SUSE OpenStack Cloud 7:python-tempest-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.s390x", "SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.x86_64", "SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.s390x", "SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.x86_64", "SUSE OpenStack Cloud 7:release-notes-suse-openstack-cloud-7.20180803-3.18.3.noarch", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.x86_64", "SUSE OpenStack Cloud 7:zookeeper-server-3.4.10-6.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2019-3828", url: "https://www.suse.com/security/cve/CVE-2019-3828", }, { category: "external", summary: "SUSE Bug 1126503 for CVE-2019-3828", url: "https://bugzilla.suse.com/1126503", }, { category: "external", summary: "SUSE Bug 1164137 for CVE-2019-3828", url: "https://bugzilla.suse.com/1164137", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE OpenStack Cloud 7:ansible-2.2.3.0-12.2.noarch", "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.s390x", "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.x86_64", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.s390x", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.x86_64", "SUSE OpenStack Cloud 7:crowbar-ha-4.0+git.1585316203.d6ad2c8-4.52.4.noarch", "SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1589804581.9972163f0-9.71.4.noarch", "SUSE OpenStack Cloud 7:grafana-4.6.5-1.14.1.x86_64", "SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.s390x", "SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.x86_64", "SUSE OpenStack Cloud 7:kibana-4.6.3-5.1.x86_64", "SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.s390x", "SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.x86_64", "SUSE OpenStack Cloud 7:monasca-installer-20180608_12.47-12.1.noarch", "SUSE OpenStack Cloud 7:openstack-dashboard-theme-SUSE-2016.2-5.12.4.noarch", "SUSE OpenStack Cloud 7:openstack-manila-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-api-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-data-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-doc-3.0.1~dev30-4.12.3.noarch", "SUSE OpenStack Cloud 7:openstack-manila-scheduler-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-share-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-neutron-fwaas-9.0.2~dev5-4.9.3.noarch", "SUSE OpenStack Cloud 7:openstack-neutron-fwaas-doc-9.0.2~dev5-4.9.4.noarch", "SUSE OpenStack Cloud 7:openstack-nova-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-api-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-cells-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-cert-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-compute-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-conductor-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-console-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-consoleauth-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-doc-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-novncproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-placement-api-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-scheduler-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-serialproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-vncproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-tempest-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:openstack-tempest-test-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:python-Django-1.8.19-3.23.1.noarch", "SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.s390x", "SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.x86_64", "SUSE OpenStack Cloud 7:python-manila-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:python-neutron-fwaas-9.0.2~dev5-4.9.3.noarch", "SUSE OpenStack Cloud 7:python-nova-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:python-psql2mysql-0.5.0+git.1589351878.4ef877c-1.12.1.noarch", "SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.s390x", "SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.x86_64", "SUSE OpenStack Cloud 7:python-py-1.8.1-11.12.1.noarch", "SUSE OpenStack Cloud 7:python-pysaml2-4.0.2-3.17.1.noarch", "SUSE OpenStack Cloud 7:python-tempest-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.s390x", "SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.x86_64", "SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.s390x", "SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.x86_64", "SUSE OpenStack Cloud 7:release-notes-suse-openstack-cloud-7.20180803-3.18.3.noarch", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.x86_64", "SUSE OpenStack Cloud 7:zookeeper-server-3.4.10-6.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 4.2, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", version: "3.0", }, products: [ "SUSE OpenStack Cloud 7:ansible-2.2.3.0-12.2.noarch", "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.s390x", "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.x86_64", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.s390x", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.x86_64", "SUSE OpenStack Cloud 7:crowbar-ha-4.0+git.1585316203.d6ad2c8-4.52.4.noarch", "SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1589804581.9972163f0-9.71.4.noarch", "SUSE OpenStack Cloud 7:grafana-4.6.5-1.14.1.x86_64", "SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.s390x", "SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.x86_64", "SUSE OpenStack Cloud 7:kibana-4.6.3-5.1.x86_64", "SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.s390x", "SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.x86_64", "SUSE OpenStack Cloud 7:monasca-installer-20180608_12.47-12.1.noarch", "SUSE OpenStack Cloud 7:openstack-dashboard-theme-SUSE-2016.2-5.12.4.noarch", "SUSE OpenStack Cloud 7:openstack-manila-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-api-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-data-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-doc-3.0.1~dev30-4.12.3.noarch", "SUSE OpenStack Cloud 7:openstack-manila-scheduler-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-share-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-neutron-fwaas-9.0.2~dev5-4.9.3.noarch", "SUSE OpenStack Cloud 7:openstack-neutron-fwaas-doc-9.0.2~dev5-4.9.4.noarch", "SUSE OpenStack Cloud 7:openstack-nova-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-api-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-cells-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-cert-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-compute-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-conductor-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-console-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-consoleauth-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-doc-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-novncproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-placement-api-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-scheduler-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-serialproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-vncproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-tempest-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:openstack-tempest-test-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:python-Django-1.8.19-3.23.1.noarch", "SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.s390x", "SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.x86_64", "SUSE OpenStack Cloud 7:python-manila-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:python-neutron-fwaas-9.0.2~dev5-4.9.3.noarch", "SUSE OpenStack Cloud 7:python-nova-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:python-psql2mysql-0.5.0+git.1589351878.4ef877c-1.12.1.noarch", "SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.s390x", "SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.x86_64", "SUSE OpenStack Cloud 7:python-py-1.8.1-11.12.1.noarch", "SUSE OpenStack Cloud 7:python-pysaml2-4.0.2-3.17.1.noarch", "SUSE OpenStack Cloud 7:python-tempest-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.s390x", "SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.x86_64", "SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.s390x", "SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.x86_64", "SUSE OpenStack Cloud 7:release-notes-suse-openstack-cloud-7.20180803-3.18.3.noarch", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.x86_64", "SUSE OpenStack Cloud 7:zookeeper-server-3.4.10-6.1.noarch", ], }, ], threats: [ { category: "impact", date: "2020-07-29T14:31:35Z", details: "moderate", }, ], title: "CVE-2019-3828", }, { cve: "CVE-2020-10663", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-10663", }, ], notes: [ { category: "general", text: "The JSON gem through 2.2.0 for Ruby, as used in Ruby 2.4 through 2.4.9, 2.5 through 2.5.7, and 2.6 through 2.6.5, has an Unsafe Object Creation Vulnerability. This is quite similar to CVE-2013-0269, but does not rely on poor garbage-collection behavior within Ruby. Specifically, use of JSON parsing methods can lead to creation of a malicious object within the interpreter, with adverse effects that are application-dependent.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE OpenStack Cloud 7:ansible-2.2.3.0-12.2.noarch", "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.s390x", "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.x86_64", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.s390x", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.x86_64", "SUSE OpenStack Cloud 7:crowbar-ha-4.0+git.1585316203.d6ad2c8-4.52.4.noarch", "SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1589804581.9972163f0-9.71.4.noarch", "SUSE OpenStack Cloud 7:grafana-4.6.5-1.14.1.x86_64", "SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.s390x", "SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.x86_64", "SUSE OpenStack Cloud 7:kibana-4.6.3-5.1.x86_64", "SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.s390x", "SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.x86_64", "SUSE OpenStack Cloud 7:monasca-installer-20180608_12.47-12.1.noarch", "SUSE OpenStack Cloud 7:openstack-dashboard-theme-SUSE-2016.2-5.12.4.noarch", "SUSE OpenStack Cloud 7:openstack-manila-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-api-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-data-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-doc-3.0.1~dev30-4.12.3.noarch", "SUSE OpenStack Cloud 7:openstack-manila-scheduler-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-share-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-neutron-fwaas-9.0.2~dev5-4.9.3.noarch", "SUSE OpenStack Cloud 7:openstack-neutron-fwaas-doc-9.0.2~dev5-4.9.4.noarch", "SUSE OpenStack Cloud 7:openstack-nova-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-api-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-cells-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-cert-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-compute-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-conductor-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-console-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-consoleauth-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-doc-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-novncproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-placement-api-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-scheduler-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-serialproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-vncproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-tempest-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:openstack-tempest-test-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:python-Django-1.8.19-3.23.1.noarch", "SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.s390x", "SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.x86_64", "SUSE OpenStack Cloud 7:python-manila-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:python-neutron-fwaas-9.0.2~dev5-4.9.3.noarch", "SUSE OpenStack Cloud 7:python-nova-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:python-psql2mysql-0.5.0+git.1589351878.4ef877c-1.12.1.noarch", "SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.s390x", "SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.x86_64", "SUSE OpenStack Cloud 7:python-py-1.8.1-11.12.1.noarch", "SUSE OpenStack Cloud 7:python-pysaml2-4.0.2-3.17.1.noarch", "SUSE OpenStack Cloud 7:python-tempest-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.s390x", "SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.x86_64", "SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.s390x", "SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.x86_64", "SUSE OpenStack Cloud 7:release-notes-suse-openstack-cloud-7.20180803-3.18.3.noarch", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.x86_64", "SUSE OpenStack Cloud 7:zookeeper-server-3.4.10-6.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2020-10663", url: "https://www.suse.com/security/cve/CVE-2020-10663", }, { category: "external", summary: "SUSE Bug 1167244 for CVE-2020-10663", url: "https://bugzilla.suse.com/1167244", }, { category: "external", summary: "SUSE Bug 1171517 for CVE-2020-10663", url: "https://bugzilla.suse.com/1171517", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE OpenStack Cloud 7:ansible-2.2.3.0-12.2.noarch", "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.s390x", "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.x86_64", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.s390x", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.x86_64", "SUSE OpenStack Cloud 7:crowbar-ha-4.0+git.1585316203.d6ad2c8-4.52.4.noarch", "SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1589804581.9972163f0-9.71.4.noarch", "SUSE OpenStack Cloud 7:grafana-4.6.5-1.14.1.x86_64", "SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.s390x", "SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.x86_64", "SUSE OpenStack Cloud 7:kibana-4.6.3-5.1.x86_64", "SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.s390x", "SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.x86_64", "SUSE OpenStack Cloud 7:monasca-installer-20180608_12.47-12.1.noarch", "SUSE OpenStack Cloud 7:openstack-dashboard-theme-SUSE-2016.2-5.12.4.noarch", "SUSE OpenStack Cloud 7:openstack-manila-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-api-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-data-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-doc-3.0.1~dev30-4.12.3.noarch", "SUSE OpenStack Cloud 7:openstack-manila-scheduler-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-share-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-neutron-fwaas-9.0.2~dev5-4.9.3.noarch", "SUSE OpenStack Cloud 7:openstack-neutron-fwaas-doc-9.0.2~dev5-4.9.4.noarch", "SUSE OpenStack Cloud 7:openstack-nova-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-api-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-cells-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-cert-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-compute-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-conductor-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-console-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-consoleauth-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-doc-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-novncproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-placement-api-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-scheduler-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-serialproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-vncproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-tempest-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:openstack-tempest-test-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:python-Django-1.8.19-3.23.1.noarch", "SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.s390x", "SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.x86_64", "SUSE OpenStack Cloud 7:python-manila-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:python-neutron-fwaas-9.0.2~dev5-4.9.3.noarch", "SUSE OpenStack Cloud 7:python-nova-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:python-psql2mysql-0.5.0+git.1589351878.4ef877c-1.12.1.noarch", "SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.s390x", "SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.x86_64", "SUSE OpenStack Cloud 7:python-py-1.8.1-11.12.1.noarch", "SUSE OpenStack Cloud 7:python-pysaml2-4.0.2-3.17.1.noarch", "SUSE OpenStack Cloud 7:python-tempest-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.s390x", "SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.x86_64", "SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.s390x", "SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.x86_64", "SUSE OpenStack Cloud 7:release-notes-suse-openstack-cloud-7.20180803-3.18.3.noarch", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.x86_64", "SUSE OpenStack Cloud 7:zookeeper-server-3.4.10-6.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE OpenStack Cloud 7:ansible-2.2.3.0-12.2.noarch", "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.s390x", "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.x86_64", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.s390x", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.x86_64", "SUSE OpenStack Cloud 7:crowbar-ha-4.0+git.1585316203.d6ad2c8-4.52.4.noarch", "SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1589804581.9972163f0-9.71.4.noarch", "SUSE OpenStack Cloud 7:grafana-4.6.5-1.14.1.x86_64", "SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.s390x", "SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.x86_64", "SUSE OpenStack Cloud 7:kibana-4.6.3-5.1.x86_64", "SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.s390x", "SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.x86_64", "SUSE OpenStack Cloud 7:monasca-installer-20180608_12.47-12.1.noarch", "SUSE OpenStack Cloud 7:openstack-dashboard-theme-SUSE-2016.2-5.12.4.noarch", "SUSE OpenStack Cloud 7:openstack-manila-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-api-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-data-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-doc-3.0.1~dev30-4.12.3.noarch", "SUSE OpenStack Cloud 7:openstack-manila-scheduler-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-share-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-neutron-fwaas-9.0.2~dev5-4.9.3.noarch", "SUSE OpenStack Cloud 7:openstack-neutron-fwaas-doc-9.0.2~dev5-4.9.4.noarch", "SUSE OpenStack Cloud 7:openstack-nova-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-api-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-cells-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-cert-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-compute-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-conductor-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-console-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-consoleauth-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-doc-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-novncproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-placement-api-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-scheduler-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-serialproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-vncproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-tempest-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:openstack-tempest-test-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:python-Django-1.8.19-3.23.1.noarch", "SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.s390x", "SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.x86_64", "SUSE OpenStack Cloud 7:python-manila-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:python-neutron-fwaas-9.0.2~dev5-4.9.3.noarch", "SUSE OpenStack Cloud 7:python-nova-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:python-psql2mysql-0.5.0+git.1589351878.4ef877c-1.12.1.noarch", "SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.s390x", "SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.x86_64", "SUSE OpenStack Cloud 7:python-py-1.8.1-11.12.1.noarch", "SUSE OpenStack Cloud 7:python-pysaml2-4.0.2-3.17.1.noarch", "SUSE OpenStack Cloud 7:python-tempest-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.s390x", "SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.x86_64", "SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.s390x", "SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.x86_64", "SUSE OpenStack Cloud 7:release-notes-suse-openstack-cloud-7.20180803-3.18.3.noarch", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.x86_64", "SUSE OpenStack Cloud 7:zookeeper-server-3.4.10-6.1.noarch", ], }, ], threats: [ { category: "impact", date: "2020-07-29T14:31:35Z", details: "important", }, ], title: "CVE-2020-10663", }, { cve: "CVE-2020-10743", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-10743", }, ], notes: [ { category: "general", text: "It was discovered that OpenShift Container Platform's (OCP) distribution of Kibana could open in an iframe, which made it possible to intercept and manipulate requests. This flaw allows an attacker to trick a user into performing arbitrary actions in OCP's distribution of Kibana, such as clickjacking.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE OpenStack Cloud 7:ansible-2.2.3.0-12.2.noarch", "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.s390x", "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.x86_64", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.s390x", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.x86_64", "SUSE OpenStack Cloud 7:crowbar-ha-4.0+git.1585316203.d6ad2c8-4.52.4.noarch", "SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1589804581.9972163f0-9.71.4.noarch", "SUSE OpenStack Cloud 7:grafana-4.6.5-1.14.1.x86_64", "SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.s390x", "SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.x86_64", "SUSE OpenStack Cloud 7:kibana-4.6.3-5.1.x86_64", "SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.s390x", "SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.x86_64", "SUSE OpenStack Cloud 7:monasca-installer-20180608_12.47-12.1.noarch", "SUSE OpenStack Cloud 7:openstack-dashboard-theme-SUSE-2016.2-5.12.4.noarch", "SUSE OpenStack Cloud 7:openstack-manila-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-api-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-data-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-doc-3.0.1~dev30-4.12.3.noarch", "SUSE OpenStack Cloud 7:openstack-manila-scheduler-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-share-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-neutron-fwaas-9.0.2~dev5-4.9.3.noarch", "SUSE OpenStack Cloud 7:openstack-neutron-fwaas-doc-9.0.2~dev5-4.9.4.noarch", "SUSE OpenStack Cloud 7:openstack-nova-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-api-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-cells-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-cert-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-compute-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-conductor-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-console-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-consoleauth-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-doc-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-novncproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-placement-api-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-scheduler-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-serialproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-vncproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-tempest-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:openstack-tempest-test-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:python-Django-1.8.19-3.23.1.noarch", "SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.s390x", "SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.x86_64", "SUSE OpenStack Cloud 7:python-manila-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:python-neutron-fwaas-9.0.2~dev5-4.9.3.noarch", "SUSE OpenStack Cloud 7:python-nova-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:python-psql2mysql-0.5.0+git.1589351878.4ef877c-1.12.1.noarch", "SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.s390x", "SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.x86_64", "SUSE OpenStack Cloud 7:python-py-1.8.1-11.12.1.noarch", "SUSE OpenStack Cloud 7:python-pysaml2-4.0.2-3.17.1.noarch", "SUSE OpenStack Cloud 7:python-tempest-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.s390x", "SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.x86_64", "SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.s390x", "SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.x86_64", "SUSE OpenStack Cloud 7:release-notes-suse-openstack-cloud-7.20180803-3.18.3.noarch", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.x86_64", "SUSE OpenStack Cloud 7:zookeeper-server-3.4.10-6.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2020-10743", url: "https://www.suse.com/security/cve/CVE-2020-10743", }, { category: "external", summary: "SUSE Bug 1171909 for CVE-2020-10743", url: "https://bugzilla.suse.com/1171909", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE OpenStack Cloud 7:ansible-2.2.3.0-12.2.noarch", "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.s390x", "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.x86_64", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.s390x", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.x86_64", "SUSE OpenStack Cloud 7:crowbar-ha-4.0+git.1585316203.d6ad2c8-4.52.4.noarch", "SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1589804581.9972163f0-9.71.4.noarch", "SUSE OpenStack Cloud 7:grafana-4.6.5-1.14.1.x86_64", "SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.s390x", "SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.x86_64", "SUSE OpenStack Cloud 7:kibana-4.6.3-5.1.x86_64", "SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.s390x", "SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.x86_64", "SUSE OpenStack Cloud 7:monasca-installer-20180608_12.47-12.1.noarch", "SUSE OpenStack Cloud 7:openstack-dashboard-theme-SUSE-2016.2-5.12.4.noarch", "SUSE OpenStack Cloud 7:openstack-manila-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-api-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-data-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-doc-3.0.1~dev30-4.12.3.noarch", "SUSE OpenStack Cloud 7:openstack-manila-scheduler-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-share-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-neutron-fwaas-9.0.2~dev5-4.9.3.noarch", "SUSE OpenStack Cloud 7:openstack-neutron-fwaas-doc-9.0.2~dev5-4.9.4.noarch", "SUSE OpenStack Cloud 7:openstack-nova-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-api-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-cells-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-cert-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-compute-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-conductor-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-console-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-consoleauth-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-doc-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-novncproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-placement-api-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-scheduler-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-serialproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-vncproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-tempest-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:openstack-tempest-test-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:python-Django-1.8.19-3.23.1.noarch", "SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.s390x", "SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.x86_64", "SUSE OpenStack Cloud 7:python-manila-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:python-neutron-fwaas-9.0.2~dev5-4.9.3.noarch", "SUSE OpenStack Cloud 7:python-nova-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:python-psql2mysql-0.5.0+git.1589351878.4ef877c-1.12.1.noarch", "SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.s390x", "SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.x86_64", "SUSE OpenStack Cloud 7:python-py-1.8.1-11.12.1.noarch", "SUSE OpenStack Cloud 7:python-pysaml2-4.0.2-3.17.1.noarch", "SUSE OpenStack Cloud 7:python-tempest-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.s390x", "SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.x86_64", "SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.s390x", "SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.x86_64", "SUSE OpenStack Cloud 7:release-notes-suse-openstack-cloud-7.20180803-3.18.3.noarch", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.x86_64", "SUSE OpenStack Cloud 7:zookeeper-server-3.4.10-6.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 3.9, baseSeverity: "LOW", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N", version: "3.1", }, products: [ "SUSE OpenStack Cloud 7:ansible-2.2.3.0-12.2.noarch", "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.s390x", "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.x86_64", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.s390x", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.x86_64", "SUSE OpenStack Cloud 7:crowbar-ha-4.0+git.1585316203.d6ad2c8-4.52.4.noarch", "SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1589804581.9972163f0-9.71.4.noarch", "SUSE OpenStack Cloud 7:grafana-4.6.5-1.14.1.x86_64", "SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.s390x", "SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.x86_64", "SUSE OpenStack Cloud 7:kibana-4.6.3-5.1.x86_64", "SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.s390x", "SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.x86_64", "SUSE OpenStack Cloud 7:monasca-installer-20180608_12.47-12.1.noarch", "SUSE OpenStack Cloud 7:openstack-dashboard-theme-SUSE-2016.2-5.12.4.noarch", "SUSE OpenStack Cloud 7:openstack-manila-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-api-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-data-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-doc-3.0.1~dev30-4.12.3.noarch", "SUSE OpenStack Cloud 7:openstack-manila-scheduler-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-share-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-neutron-fwaas-9.0.2~dev5-4.9.3.noarch", "SUSE OpenStack Cloud 7:openstack-neutron-fwaas-doc-9.0.2~dev5-4.9.4.noarch", "SUSE OpenStack Cloud 7:openstack-nova-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-api-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-cells-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-cert-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-compute-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-conductor-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-console-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-consoleauth-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-doc-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-novncproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-placement-api-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-scheduler-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-serialproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-vncproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-tempest-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:openstack-tempest-test-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:python-Django-1.8.19-3.23.1.noarch", "SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.s390x", "SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.x86_64", "SUSE OpenStack Cloud 7:python-manila-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:python-neutron-fwaas-9.0.2~dev5-4.9.3.noarch", "SUSE OpenStack Cloud 7:python-nova-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:python-psql2mysql-0.5.0+git.1589351878.4ef877c-1.12.1.noarch", "SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.s390x", "SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.x86_64", "SUSE OpenStack Cloud 7:python-py-1.8.1-11.12.1.noarch", "SUSE OpenStack Cloud 7:python-pysaml2-4.0.2-3.17.1.noarch", "SUSE OpenStack Cloud 7:python-tempest-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.s390x", "SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.x86_64", "SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.s390x", "SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.x86_64", "SUSE OpenStack Cloud 7:release-notes-suse-openstack-cloud-7.20180803-3.18.3.noarch", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.x86_64", "SUSE OpenStack Cloud 7:zookeeper-server-3.4.10-6.1.noarch", ], }, ], threats: [ { category: "impact", date: "2020-07-29T14:31:35Z", details: "low", }, ], title: "CVE-2020-10743", }, { cve: "CVE-2020-11076", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-11076", }, ], notes: [ { category: "general", text: "In Puma (RubyGem) before 4.3.4 and 3.12.5, an attacker could smuggle an HTTP response, by using an invalid transfer-encoding header. The problem has been fixed in Puma 3.12.5 and Puma 4.3.4.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE OpenStack Cloud 7:ansible-2.2.3.0-12.2.noarch", "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.s390x", "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.x86_64", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.s390x", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.x86_64", "SUSE OpenStack Cloud 7:crowbar-ha-4.0+git.1585316203.d6ad2c8-4.52.4.noarch", "SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1589804581.9972163f0-9.71.4.noarch", "SUSE OpenStack Cloud 7:grafana-4.6.5-1.14.1.x86_64", "SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.s390x", "SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.x86_64", "SUSE OpenStack Cloud 7:kibana-4.6.3-5.1.x86_64", "SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.s390x", "SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.x86_64", "SUSE OpenStack Cloud 7:monasca-installer-20180608_12.47-12.1.noarch", "SUSE OpenStack Cloud 7:openstack-dashboard-theme-SUSE-2016.2-5.12.4.noarch", "SUSE OpenStack Cloud 7:openstack-manila-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-api-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-data-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-doc-3.0.1~dev30-4.12.3.noarch", "SUSE OpenStack Cloud 7:openstack-manila-scheduler-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-share-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-neutron-fwaas-9.0.2~dev5-4.9.3.noarch", "SUSE OpenStack Cloud 7:openstack-neutron-fwaas-doc-9.0.2~dev5-4.9.4.noarch", "SUSE OpenStack Cloud 7:openstack-nova-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-api-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-cells-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-cert-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-compute-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-conductor-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-console-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-consoleauth-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-doc-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-novncproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-placement-api-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-scheduler-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-serialproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-vncproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-tempest-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:openstack-tempest-test-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:python-Django-1.8.19-3.23.1.noarch", "SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.s390x", "SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.x86_64", "SUSE OpenStack Cloud 7:python-manila-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:python-neutron-fwaas-9.0.2~dev5-4.9.3.noarch", "SUSE OpenStack Cloud 7:python-nova-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:python-psql2mysql-0.5.0+git.1589351878.4ef877c-1.12.1.noarch", "SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.s390x", "SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.x86_64", "SUSE OpenStack Cloud 7:python-py-1.8.1-11.12.1.noarch", "SUSE OpenStack Cloud 7:python-pysaml2-4.0.2-3.17.1.noarch", "SUSE OpenStack Cloud 7:python-tempest-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.s390x", "SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.x86_64", "SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.s390x", "SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.x86_64", "SUSE OpenStack Cloud 7:release-notes-suse-openstack-cloud-7.20180803-3.18.3.noarch", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.x86_64", "SUSE OpenStack Cloud 7:zookeeper-server-3.4.10-6.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2020-11076", url: "https://www.suse.com/security/cve/CVE-2020-11076", }, { category: "external", summary: "SUSE Bug 1172175 for CVE-2020-11076", url: "https://bugzilla.suse.com/1172175", }, { category: "external", summary: "SUSE Bug 1172176 for CVE-2020-11076", url: "https://bugzilla.suse.com/1172176", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE OpenStack Cloud 7:ansible-2.2.3.0-12.2.noarch", "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.s390x", "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.x86_64", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.s390x", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.x86_64", "SUSE OpenStack Cloud 7:crowbar-ha-4.0+git.1585316203.d6ad2c8-4.52.4.noarch", "SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1589804581.9972163f0-9.71.4.noarch", "SUSE OpenStack Cloud 7:grafana-4.6.5-1.14.1.x86_64", "SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.s390x", "SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.x86_64", "SUSE OpenStack Cloud 7:kibana-4.6.3-5.1.x86_64", "SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.s390x", "SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.x86_64", "SUSE OpenStack Cloud 7:monasca-installer-20180608_12.47-12.1.noarch", "SUSE OpenStack Cloud 7:openstack-dashboard-theme-SUSE-2016.2-5.12.4.noarch", "SUSE OpenStack Cloud 7:openstack-manila-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-api-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-data-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-doc-3.0.1~dev30-4.12.3.noarch", "SUSE OpenStack Cloud 7:openstack-manila-scheduler-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-share-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-neutron-fwaas-9.0.2~dev5-4.9.3.noarch", "SUSE OpenStack Cloud 7:openstack-neutron-fwaas-doc-9.0.2~dev5-4.9.4.noarch", "SUSE OpenStack Cloud 7:openstack-nova-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-api-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-cells-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-cert-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-compute-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-conductor-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-console-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-consoleauth-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-doc-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-novncproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-placement-api-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-scheduler-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-serialproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-vncproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-tempest-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:openstack-tempest-test-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:python-Django-1.8.19-3.23.1.noarch", "SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.s390x", "SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.x86_64", "SUSE OpenStack Cloud 7:python-manila-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:python-neutron-fwaas-9.0.2~dev5-4.9.3.noarch", "SUSE OpenStack Cloud 7:python-nova-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:python-psql2mysql-0.5.0+git.1589351878.4ef877c-1.12.1.noarch", "SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.s390x", "SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.x86_64", "SUSE OpenStack Cloud 7:python-py-1.8.1-11.12.1.noarch", "SUSE OpenStack Cloud 7:python-pysaml2-4.0.2-3.17.1.noarch", "SUSE OpenStack Cloud 7:python-tempest-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.s390x", "SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.x86_64", "SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.s390x", "SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.x86_64", "SUSE OpenStack Cloud 7:release-notes-suse-openstack-cloud-7.20180803-3.18.3.noarch", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.x86_64", "SUSE OpenStack Cloud 7:zookeeper-server-3.4.10-6.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 6.8, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N", version: "3.1", }, products: [ "SUSE OpenStack Cloud 7:ansible-2.2.3.0-12.2.noarch", "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.s390x", "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.x86_64", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.s390x", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.x86_64", "SUSE OpenStack Cloud 7:crowbar-ha-4.0+git.1585316203.d6ad2c8-4.52.4.noarch", "SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1589804581.9972163f0-9.71.4.noarch", "SUSE OpenStack Cloud 7:grafana-4.6.5-1.14.1.x86_64", "SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.s390x", "SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.x86_64", "SUSE OpenStack Cloud 7:kibana-4.6.3-5.1.x86_64", "SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.s390x", "SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.x86_64", "SUSE OpenStack Cloud 7:monasca-installer-20180608_12.47-12.1.noarch", "SUSE OpenStack Cloud 7:openstack-dashboard-theme-SUSE-2016.2-5.12.4.noarch", "SUSE OpenStack Cloud 7:openstack-manila-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-api-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-data-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-doc-3.0.1~dev30-4.12.3.noarch", "SUSE OpenStack Cloud 7:openstack-manila-scheduler-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-share-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-neutron-fwaas-9.0.2~dev5-4.9.3.noarch", "SUSE OpenStack Cloud 7:openstack-neutron-fwaas-doc-9.0.2~dev5-4.9.4.noarch", "SUSE OpenStack Cloud 7:openstack-nova-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-api-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-cells-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-cert-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-compute-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-conductor-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-console-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-consoleauth-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-doc-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-novncproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-placement-api-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-scheduler-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-serialproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-vncproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-tempest-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:openstack-tempest-test-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:python-Django-1.8.19-3.23.1.noarch", "SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.s390x", "SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.x86_64", "SUSE OpenStack Cloud 7:python-manila-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:python-neutron-fwaas-9.0.2~dev5-4.9.3.noarch", "SUSE OpenStack Cloud 7:python-nova-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:python-psql2mysql-0.5.0+git.1589351878.4ef877c-1.12.1.noarch", "SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.s390x", "SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.x86_64", "SUSE OpenStack Cloud 7:python-py-1.8.1-11.12.1.noarch", "SUSE OpenStack Cloud 7:python-pysaml2-4.0.2-3.17.1.noarch", "SUSE OpenStack Cloud 7:python-tempest-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.s390x", "SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.x86_64", "SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.s390x", "SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.x86_64", "SUSE OpenStack Cloud 7:release-notes-suse-openstack-cloud-7.20180803-3.18.3.noarch", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.x86_64", "SUSE OpenStack Cloud 7:zookeeper-server-3.4.10-6.1.noarch", ], }, ], threats: [ { category: "impact", date: "2020-07-29T14:31:35Z", details: "moderate", }, ], title: "CVE-2020-11076", }, { cve: "CVE-2020-11077", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-11077", }, ], notes: [ { category: "general", text: "In Puma (RubyGem) before 4.3.5 and 3.12.6, a client could smuggle a request through a proxy, causing the proxy to send a response back to another unknown client. If the proxy uses persistent connections and the client adds another request in via HTTP pipelining, the proxy may mistake it as the first request's body. Puma, however, would see it as two requests, and when processing the second request, send back a response that the proxy does not expect. If the proxy has reused the persistent connection to Puma to send another request for a different client, the second response from the first client will be sent to the second client. This is a similar but different vulnerability from CVE-2020-11076. The problem has been fixed in Puma 3.12.6 and Puma 4.3.5.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE OpenStack Cloud 7:ansible-2.2.3.0-12.2.noarch", "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.s390x", "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.x86_64", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.s390x", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.x86_64", "SUSE OpenStack Cloud 7:crowbar-ha-4.0+git.1585316203.d6ad2c8-4.52.4.noarch", "SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1589804581.9972163f0-9.71.4.noarch", "SUSE OpenStack Cloud 7:grafana-4.6.5-1.14.1.x86_64", "SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.s390x", "SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.x86_64", "SUSE OpenStack Cloud 7:kibana-4.6.3-5.1.x86_64", "SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.s390x", "SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.x86_64", "SUSE OpenStack Cloud 7:monasca-installer-20180608_12.47-12.1.noarch", "SUSE OpenStack Cloud 7:openstack-dashboard-theme-SUSE-2016.2-5.12.4.noarch", "SUSE OpenStack Cloud 7:openstack-manila-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-api-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-data-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-doc-3.0.1~dev30-4.12.3.noarch", "SUSE OpenStack Cloud 7:openstack-manila-scheduler-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-share-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-neutron-fwaas-9.0.2~dev5-4.9.3.noarch", "SUSE OpenStack Cloud 7:openstack-neutron-fwaas-doc-9.0.2~dev5-4.9.4.noarch", "SUSE OpenStack Cloud 7:openstack-nova-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-api-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-cells-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-cert-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-compute-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-conductor-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-console-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-consoleauth-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-doc-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-novncproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-placement-api-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-scheduler-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-serialproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-vncproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-tempest-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:openstack-tempest-test-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:python-Django-1.8.19-3.23.1.noarch", "SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.s390x", "SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.x86_64", "SUSE OpenStack Cloud 7:python-manila-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:python-neutron-fwaas-9.0.2~dev5-4.9.3.noarch", "SUSE OpenStack Cloud 7:python-nova-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:python-psql2mysql-0.5.0+git.1589351878.4ef877c-1.12.1.noarch", "SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.s390x", "SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.x86_64", "SUSE OpenStack Cloud 7:python-py-1.8.1-11.12.1.noarch", "SUSE OpenStack Cloud 7:python-pysaml2-4.0.2-3.17.1.noarch", "SUSE OpenStack Cloud 7:python-tempest-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.s390x", "SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.x86_64", "SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.s390x", "SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.x86_64", "SUSE OpenStack Cloud 7:release-notes-suse-openstack-cloud-7.20180803-3.18.3.noarch", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.x86_64", "SUSE OpenStack Cloud 7:zookeeper-server-3.4.10-6.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2020-11077", url: "https://www.suse.com/security/cve/CVE-2020-11077", }, { category: "external", summary: "SUSE Bug 1172175 for CVE-2020-11077", url: "https://bugzilla.suse.com/1172175", }, { category: "external", summary: "SUSE Bug 1172176 for CVE-2020-11077", url: "https://bugzilla.suse.com/1172176", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE OpenStack Cloud 7:ansible-2.2.3.0-12.2.noarch", "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.s390x", "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.x86_64", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.s390x", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.x86_64", "SUSE OpenStack Cloud 7:crowbar-ha-4.0+git.1585316203.d6ad2c8-4.52.4.noarch", "SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1589804581.9972163f0-9.71.4.noarch", "SUSE OpenStack Cloud 7:grafana-4.6.5-1.14.1.x86_64", "SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.s390x", "SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.x86_64", "SUSE OpenStack Cloud 7:kibana-4.6.3-5.1.x86_64", "SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.s390x", "SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.x86_64", "SUSE OpenStack Cloud 7:monasca-installer-20180608_12.47-12.1.noarch", "SUSE OpenStack Cloud 7:openstack-dashboard-theme-SUSE-2016.2-5.12.4.noarch", "SUSE OpenStack Cloud 7:openstack-manila-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-api-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-data-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-doc-3.0.1~dev30-4.12.3.noarch", "SUSE OpenStack Cloud 7:openstack-manila-scheduler-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-share-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-neutron-fwaas-9.0.2~dev5-4.9.3.noarch", "SUSE OpenStack Cloud 7:openstack-neutron-fwaas-doc-9.0.2~dev5-4.9.4.noarch", "SUSE OpenStack Cloud 7:openstack-nova-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-api-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-cells-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-cert-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-compute-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-conductor-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-console-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-consoleauth-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-doc-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-novncproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-placement-api-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-scheduler-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-serialproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-vncproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-tempest-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:openstack-tempest-test-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:python-Django-1.8.19-3.23.1.noarch", "SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.s390x", "SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.x86_64", "SUSE OpenStack Cloud 7:python-manila-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:python-neutron-fwaas-9.0.2~dev5-4.9.3.noarch", "SUSE OpenStack Cloud 7:python-nova-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:python-psql2mysql-0.5.0+git.1589351878.4ef877c-1.12.1.noarch", "SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.s390x", "SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.x86_64", "SUSE OpenStack Cloud 7:python-py-1.8.1-11.12.1.noarch", "SUSE OpenStack Cloud 7:python-pysaml2-4.0.2-3.17.1.noarch", "SUSE OpenStack Cloud 7:python-tempest-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.s390x", "SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.x86_64", "SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.s390x", "SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.x86_64", "SUSE OpenStack Cloud 7:release-notes-suse-openstack-cloud-7.20180803-3.18.3.noarch", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.x86_64", "SUSE OpenStack Cloud 7:zookeeper-server-3.4.10-6.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 6.8, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N", version: "3.1", }, products: [ "SUSE OpenStack Cloud 7:ansible-2.2.3.0-12.2.noarch", "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.s390x", "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.x86_64", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.s390x", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.x86_64", "SUSE OpenStack Cloud 7:crowbar-ha-4.0+git.1585316203.d6ad2c8-4.52.4.noarch", "SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1589804581.9972163f0-9.71.4.noarch", "SUSE OpenStack Cloud 7:grafana-4.6.5-1.14.1.x86_64", "SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.s390x", "SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.x86_64", "SUSE OpenStack Cloud 7:kibana-4.6.3-5.1.x86_64", "SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.s390x", "SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.x86_64", "SUSE OpenStack Cloud 7:monasca-installer-20180608_12.47-12.1.noarch", "SUSE OpenStack Cloud 7:openstack-dashboard-theme-SUSE-2016.2-5.12.4.noarch", "SUSE OpenStack Cloud 7:openstack-manila-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-api-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-data-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-doc-3.0.1~dev30-4.12.3.noarch", "SUSE OpenStack Cloud 7:openstack-manila-scheduler-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-share-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-neutron-fwaas-9.0.2~dev5-4.9.3.noarch", "SUSE OpenStack Cloud 7:openstack-neutron-fwaas-doc-9.0.2~dev5-4.9.4.noarch", "SUSE OpenStack Cloud 7:openstack-nova-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-api-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-cells-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-cert-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-compute-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-conductor-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-console-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-consoleauth-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-doc-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-novncproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-placement-api-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-scheduler-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-serialproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-vncproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-tempest-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:openstack-tempest-test-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:python-Django-1.8.19-3.23.1.noarch", "SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.s390x", "SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.x86_64", "SUSE OpenStack Cloud 7:python-manila-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:python-neutron-fwaas-9.0.2~dev5-4.9.3.noarch", "SUSE OpenStack Cloud 7:python-nova-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:python-psql2mysql-0.5.0+git.1589351878.4ef877c-1.12.1.noarch", "SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.s390x", "SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.x86_64", "SUSE OpenStack Cloud 7:python-py-1.8.1-11.12.1.noarch", "SUSE OpenStack Cloud 7:python-pysaml2-4.0.2-3.17.1.noarch", "SUSE OpenStack Cloud 7:python-tempest-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.s390x", "SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.x86_64", "SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.s390x", "SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.x86_64", "SUSE OpenStack Cloud 7:release-notes-suse-openstack-cloud-7.20180803-3.18.3.noarch", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.x86_64", "SUSE OpenStack Cloud 7:zookeeper-server-3.4.10-6.1.noarch", ], }, ], threats: [ { category: "impact", date: "2020-07-29T14:31:35Z", details: "moderate", }, ], title: "CVE-2020-11077", }, { cve: "CVE-2020-12052", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-12052", }, ], notes: [ { category: "general", text: "Grafana version < 6.7.3 is vulnerable for annotation popup XSS.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE OpenStack Cloud 7:ansible-2.2.3.0-12.2.noarch", "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.s390x", "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.x86_64", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.s390x", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.x86_64", "SUSE OpenStack Cloud 7:crowbar-ha-4.0+git.1585316203.d6ad2c8-4.52.4.noarch", "SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1589804581.9972163f0-9.71.4.noarch", "SUSE OpenStack Cloud 7:grafana-4.6.5-1.14.1.x86_64", "SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.s390x", "SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.x86_64", "SUSE OpenStack Cloud 7:kibana-4.6.3-5.1.x86_64", "SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.s390x", "SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.x86_64", "SUSE OpenStack Cloud 7:monasca-installer-20180608_12.47-12.1.noarch", "SUSE OpenStack Cloud 7:openstack-dashboard-theme-SUSE-2016.2-5.12.4.noarch", "SUSE OpenStack Cloud 7:openstack-manila-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-api-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-data-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-doc-3.0.1~dev30-4.12.3.noarch", "SUSE OpenStack Cloud 7:openstack-manila-scheduler-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-share-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-neutron-fwaas-9.0.2~dev5-4.9.3.noarch", "SUSE OpenStack Cloud 7:openstack-neutron-fwaas-doc-9.0.2~dev5-4.9.4.noarch", "SUSE OpenStack Cloud 7:openstack-nova-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-api-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-cells-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-cert-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-compute-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-conductor-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-console-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-consoleauth-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-doc-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-novncproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-placement-api-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-scheduler-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-serialproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-vncproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-tempest-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:openstack-tempest-test-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:python-Django-1.8.19-3.23.1.noarch", "SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.s390x", "SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.x86_64", "SUSE OpenStack Cloud 7:python-manila-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:python-neutron-fwaas-9.0.2~dev5-4.9.3.noarch", "SUSE OpenStack Cloud 7:python-nova-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:python-psql2mysql-0.5.0+git.1589351878.4ef877c-1.12.1.noarch", "SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.s390x", "SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.x86_64", "SUSE OpenStack Cloud 7:python-py-1.8.1-11.12.1.noarch", "SUSE OpenStack Cloud 7:python-pysaml2-4.0.2-3.17.1.noarch", "SUSE OpenStack Cloud 7:python-tempest-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.s390x", "SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.x86_64", "SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.s390x", "SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.x86_64", "SUSE OpenStack Cloud 7:release-notes-suse-openstack-cloud-7.20180803-3.18.3.noarch", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.x86_64", "SUSE OpenStack Cloud 7:zookeeper-server-3.4.10-6.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2020-12052", url: "https://www.suse.com/security/cve/CVE-2020-12052", }, { category: "external", summary: "SUSE Bug 1170657 for CVE-2020-12052", url: "https://bugzilla.suse.com/1170657", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE OpenStack Cloud 7:ansible-2.2.3.0-12.2.noarch", "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.s390x", "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.x86_64", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.s390x", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.x86_64", "SUSE OpenStack Cloud 7:crowbar-ha-4.0+git.1585316203.d6ad2c8-4.52.4.noarch", "SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1589804581.9972163f0-9.71.4.noarch", "SUSE OpenStack Cloud 7:grafana-4.6.5-1.14.1.x86_64", "SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.s390x", "SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.x86_64", "SUSE OpenStack Cloud 7:kibana-4.6.3-5.1.x86_64", "SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.s390x", "SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.x86_64", "SUSE OpenStack Cloud 7:monasca-installer-20180608_12.47-12.1.noarch", "SUSE OpenStack Cloud 7:openstack-dashboard-theme-SUSE-2016.2-5.12.4.noarch", "SUSE OpenStack Cloud 7:openstack-manila-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-api-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-data-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-doc-3.0.1~dev30-4.12.3.noarch", "SUSE OpenStack Cloud 7:openstack-manila-scheduler-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-share-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-neutron-fwaas-9.0.2~dev5-4.9.3.noarch", "SUSE OpenStack Cloud 7:openstack-neutron-fwaas-doc-9.0.2~dev5-4.9.4.noarch", "SUSE OpenStack Cloud 7:openstack-nova-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-api-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-cells-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-cert-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-compute-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-conductor-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-console-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-consoleauth-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-doc-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-novncproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-placement-api-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-scheduler-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-serialproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-vncproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-tempest-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:openstack-tempest-test-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:python-Django-1.8.19-3.23.1.noarch", "SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.s390x", "SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.x86_64", "SUSE OpenStack Cloud 7:python-manila-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:python-neutron-fwaas-9.0.2~dev5-4.9.3.noarch", "SUSE OpenStack Cloud 7:python-nova-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:python-psql2mysql-0.5.0+git.1589351878.4ef877c-1.12.1.noarch", "SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.s390x", "SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.x86_64", "SUSE OpenStack Cloud 7:python-py-1.8.1-11.12.1.noarch", "SUSE OpenStack Cloud 7:python-pysaml2-4.0.2-3.17.1.noarch", "SUSE OpenStack Cloud 7:python-tempest-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.s390x", "SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.x86_64", "SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.s390x", "SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.x86_64", "SUSE OpenStack Cloud 7:release-notes-suse-openstack-cloud-7.20180803-3.18.3.noarch", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.x86_64", "SUSE OpenStack Cloud 7:zookeeper-server-3.4.10-6.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 6.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", version: "3.1", }, products: [ "SUSE OpenStack Cloud 7:ansible-2.2.3.0-12.2.noarch", "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.s390x", "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.x86_64", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.s390x", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.x86_64", "SUSE OpenStack Cloud 7:crowbar-ha-4.0+git.1585316203.d6ad2c8-4.52.4.noarch", "SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1589804581.9972163f0-9.71.4.noarch", "SUSE OpenStack Cloud 7:grafana-4.6.5-1.14.1.x86_64", "SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.s390x", "SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.x86_64", "SUSE OpenStack Cloud 7:kibana-4.6.3-5.1.x86_64", "SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.s390x", "SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.x86_64", "SUSE OpenStack Cloud 7:monasca-installer-20180608_12.47-12.1.noarch", "SUSE OpenStack Cloud 7:openstack-dashboard-theme-SUSE-2016.2-5.12.4.noarch", "SUSE OpenStack Cloud 7:openstack-manila-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-api-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-data-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-doc-3.0.1~dev30-4.12.3.noarch", "SUSE OpenStack Cloud 7:openstack-manila-scheduler-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-share-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-neutron-fwaas-9.0.2~dev5-4.9.3.noarch", "SUSE OpenStack Cloud 7:openstack-neutron-fwaas-doc-9.0.2~dev5-4.9.4.noarch", "SUSE OpenStack Cloud 7:openstack-nova-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-api-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-cells-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-cert-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-compute-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-conductor-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-console-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-consoleauth-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-doc-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-novncproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-placement-api-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-scheduler-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-serialproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-vncproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-tempest-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:openstack-tempest-test-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:python-Django-1.8.19-3.23.1.noarch", "SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.s390x", "SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.x86_64", "SUSE OpenStack Cloud 7:python-manila-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:python-neutron-fwaas-9.0.2~dev5-4.9.3.noarch", "SUSE OpenStack Cloud 7:python-nova-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:python-psql2mysql-0.5.0+git.1589351878.4ef877c-1.12.1.noarch", "SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.s390x", "SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.x86_64", "SUSE OpenStack Cloud 7:python-py-1.8.1-11.12.1.noarch", "SUSE OpenStack Cloud 7:python-pysaml2-4.0.2-3.17.1.noarch", "SUSE OpenStack Cloud 7:python-tempest-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.s390x", "SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.x86_64", "SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.s390x", "SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.x86_64", "SUSE OpenStack Cloud 7:release-notes-suse-openstack-cloud-7.20180803-3.18.3.noarch", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.x86_64", "SUSE OpenStack Cloud 7:zookeeper-server-3.4.10-6.1.noarch", ], }, ], threats: [ { category: "impact", date: "2020-07-29T14:31:35Z", details: "moderate", }, ], title: "CVE-2020-12052", }, { cve: "CVE-2020-13254", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-13254", }, ], notes: [ { category: "general", text: "An issue was discovered in Django 2.2 before 2.2.13 and 3.0 before 3.0.7. In cases where a memcached backend does not perform key validation, passing malformed cache keys could result in a key collision, and potential data leakage.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE OpenStack Cloud 7:ansible-2.2.3.0-12.2.noarch", "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.s390x", "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.x86_64", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.s390x", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.x86_64", "SUSE OpenStack Cloud 7:crowbar-ha-4.0+git.1585316203.d6ad2c8-4.52.4.noarch", "SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1589804581.9972163f0-9.71.4.noarch", "SUSE OpenStack Cloud 7:grafana-4.6.5-1.14.1.x86_64", "SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.s390x", "SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.x86_64", "SUSE OpenStack Cloud 7:kibana-4.6.3-5.1.x86_64", "SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.s390x", "SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.x86_64", "SUSE OpenStack Cloud 7:monasca-installer-20180608_12.47-12.1.noarch", "SUSE OpenStack Cloud 7:openstack-dashboard-theme-SUSE-2016.2-5.12.4.noarch", "SUSE OpenStack Cloud 7:openstack-manila-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-api-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-data-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-doc-3.0.1~dev30-4.12.3.noarch", "SUSE OpenStack Cloud 7:openstack-manila-scheduler-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-share-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-neutron-fwaas-9.0.2~dev5-4.9.3.noarch", "SUSE OpenStack Cloud 7:openstack-neutron-fwaas-doc-9.0.2~dev5-4.9.4.noarch", "SUSE OpenStack Cloud 7:openstack-nova-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-api-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-cells-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-cert-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-compute-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-conductor-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-console-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-consoleauth-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-doc-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-novncproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-placement-api-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-scheduler-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-serialproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-vncproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-tempest-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:openstack-tempest-test-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:python-Django-1.8.19-3.23.1.noarch", "SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.s390x", "SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.x86_64", "SUSE OpenStack Cloud 7:python-manila-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:python-neutron-fwaas-9.0.2~dev5-4.9.3.noarch", "SUSE OpenStack Cloud 7:python-nova-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:python-psql2mysql-0.5.0+git.1589351878.4ef877c-1.12.1.noarch", "SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.s390x", "SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.x86_64", "SUSE OpenStack Cloud 7:python-py-1.8.1-11.12.1.noarch", "SUSE OpenStack Cloud 7:python-pysaml2-4.0.2-3.17.1.noarch", "SUSE OpenStack Cloud 7:python-tempest-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.s390x", "SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.x86_64", "SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.s390x", "SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.x86_64", "SUSE OpenStack Cloud 7:release-notes-suse-openstack-cloud-7.20180803-3.18.3.noarch", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.x86_64", "SUSE OpenStack Cloud 7:zookeeper-server-3.4.10-6.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2020-13254", url: "https://www.suse.com/security/cve/CVE-2020-13254", }, { category: "external", summary: "SUSE Bug 1172166 for CVE-2020-13254", url: "https://bugzilla.suse.com/1172166", }, { category: "external", summary: "SUSE Bug 1172167 for CVE-2020-13254", url: "https://bugzilla.suse.com/1172167", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE OpenStack Cloud 7:ansible-2.2.3.0-12.2.noarch", "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.s390x", "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.x86_64", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.s390x", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.x86_64", "SUSE OpenStack Cloud 7:crowbar-ha-4.0+git.1585316203.d6ad2c8-4.52.4.noarch", "SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1589804581.9972163f0-9.71.4.noarch", "SUSE OpenStack Cloud 7:grafana-4.6.5-1.14.1.x86_64", "SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.s390x", "SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.x86_64", "SUSE OpenStack Cloud 7:kibana-4.6.3-5.1.x86_64", "SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.s390x", "SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.x86_64", "SUSE OpenStack Cloud 7:monasca-installer-20180608_12.47-12.1.noarch", "SUSE OpenStack Cloud 7:openstack-dashboard-theme-SUSE-2016.2-5.12.4.noarch", "SUSE OpenStack Cloud 7:openstack-manila-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-api-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-data-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-doc-3.0.1~dev30-4.12.3.noarch", "SUSE OpenStack Cloud 7:openstack-manila-scheduler-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-share-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-neutron-fwaas-9.0.2~dev5-4.9.3.noarch", "SUSE OpenStack Cloud 7:openstack-neutron-fwaas-doc-9.0.2~dev5-4.9.4.noarch", "SUSE OpenStack Cloud 7:openstack-nova-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-api-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-cells-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-cert-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-compute-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-conductor-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-console-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-consoleauth-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-doc-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-novncproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-placement-api-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-scheduler-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-serialproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-vncproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-tempest-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:openstack-tempest-test-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:python-Django-1.8.19-3.23.1.noarch", "SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.s390x", "SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.x86_64", "SUSE OpenStack Cloud 7:python-manila-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:python-neutron-fwaas-9.0.2~dev5-4.9.3.noarch", "SUSE OpenStack Cloud 7:python-nova-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:python-psql2mysql-0.5.0+git.1589351878.4ef877c-1.12.1.noarch", "SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.s390x", "SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.x86_64", "SUSE OpenStack Cloud 7:python-py-1.8.1-11.12.1.noarch", "SUSE OpenStack Cloud 7:python-pysaml2-4.0.2-3.17.1.noarch", "SUSE OpenStack Cloud 7:python-tempest-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.s390x", "SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.x86_64", "SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.s390x", "SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.x86_64", "SUSE OpenStack Cloud 7:release-notes-suse-openstack-cloud-7.20180803-3.18.3.noarch", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.x86_64", "SUSE OpenStack Cloud 7:zookeeper-server-3.4.10-6.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "SUSE OpenStack Cloud 7:ansible-2.2.3.0-12.2.noarch", "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.s390x", "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.x86_64", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.s390x", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.x86_64", "SUSE OpenStack Cloud 7:crowbar-ha-4.0+git.1585316203.d6ad2c8-4.52.4.noarch", "SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1589804581.9972163f0-9.71.4.noarch", "SUSE OpenStack Cloud 7:grafana-4.6.5-1.14.1.x86_64", "SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.s390x", "SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.x86_64", "SUSE OpenStack Cloud 7:kibana-4.6.3-5.1.x86_64", "SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.s390x", "SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.x86_64", "SUSE OpenStack Cloud 7:monasca-installer-20180608_12.47-12.1.noarch", "SUSE OpenStack Cloud 7:openstack-dashboard-theme-SUSE-2016.2-5.12.4.noarch", "SUSE OpenStack Cloud 7:openstack-manila-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-api-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-data-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-doc-3.0.1~dev30-4.12.3.noarch", "SUSE OpenStack Cloud 7:openstack-manila-scheduler-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-share-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-neutron-fwaas-9.0.2~dev5-4.9.3.noarch", "SUSE OpenStack Cloud 7:openstack-neutron-fwaas-doc-9.0.2~dev5-4.9.4.noarch", "SUSE OpenStack Cloud 7:openstack-nova-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-api-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-cells-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-cert-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-compute-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-conductor-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-console-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-consoleauth-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-doc-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-novncproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-placement-api-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-scheduler-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-serialproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-vncproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-tempest-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:openstack-tempest-test-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:python-Django-1.8.19-3.23.1.noarch", "SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.s390x", "SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.x86_64", "SUSE OpenStack Cloud 7:python-manila-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:python-neutron-fwaas-9.0.2~dev5-4.9.3.noarch", "SUSE OpenStack Cloud 7:python-nova-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:python-psql2mysql-0.5.0+git.1589351878.4ef877c-1.12.1.noarch", "SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.s390x", "SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.x86_64", "SUSE OpenStack Cloud 7:python-py-1.8.1-11.12.1.noarch", "SUSE OpenStack Cloud 7:python-pysaml2-4.0.2-3.17.1.noarch", "SUSE OpenStack Cloud 7:python-tempest-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.s390x", "SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.x86_64", "SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.s390x", "SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.x86_64", "SUSE OpenStack Cloud 7:release-notes-suse-openstack-cloud-7.20180803-3.18.3.noarch", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.x86_64", "SUSE OpenStack Cloud 7:zookeeper-server-3.4.10-6.1.noarch", ], }, ], threats: [ { category: "impact", date: "2020-07-29T14:31:35Z", details: "moderate", }, ], title: "CVE-2020-13254", }, { cve: "CVE-2020-13379", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-13379", }, ], notes: [ { category: "general", text: "The avatar feature in Grafana 3.0.1 through 7.0.1 has an SSRF Incorrect Access Control issue. This vulnerability allows any unauthenticated user/client to make Grafana send HTTP requests to any URL and return its result to the user/client. This can be used to gain information about the network that Grafana is running on. Furthermore, passing invalid URL objects could be used for DOS'ing Grafana via SegFault.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE OpenStack Cloud 7:ansible-2.2.3.0-12.2.noarch", "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.s390x", "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.x86_64", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.s390x", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.x86_64", "SUSE OpenStack Cloud 7:crowbar-ha-4.0+git.1585316203.d6ad2c8-4.52.4.noarch", "SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1589804581.9972163f0-9.71.4.noarch", "SUSE OpenStack Cloud 7:grafana-4.6.5-1.14.1.x86_64", "SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.s390x", "SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.x86_64", "SUSE OpenStack Cloud 7:kibana-4.6.3-5.1.x86_64", "SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.s390x", "SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.x86_64", "SUSE OpenStack Cloud 7:monasca-installer-20180608_12.47-12.1.noarch", "SUSE OpenStack Cloud 7:openstack-dashboard-theme-SUSE-2016.2-5.12.4.noarch", "SUSE OpenStack Cloud 7:openstack-manila-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-api-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-data-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-doc-3.0.1~dev30-4.12.3.noarch", "SUSE OpenStack Cloud 7:openstack-manila-scheduler-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-share-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-neutron-fwaas-9.0.2~dev5-4.9.3.noarch", "SUSE OpenStack Cloud 7:openstack-neutron-fwaas-doc-9.0.2~dev5-4.9.4.noarch", "SUSE OpenStack Cloud 7:openstack-nova-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-api-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-cells-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-cert-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-compute-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-conductor-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-console-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-consoleauth-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-doc-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-novncproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-placement-api-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-scheduler-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-serialproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-vncproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-tempest-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:openstack-tempest-test-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:python-Django-1.8.19-3.23.1.noarch", "SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.s390x", "SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.x86_64", "SUSE OpenStack Cloud 7:python-manila-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:python-neutron-fwaas-9.0.2~dev5-4.9.3.noarch", "SUSE OpenStack Cloud 7:python-nova-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:python-psql2mysql-0.5.0+git.1589351878.4ef877c-1.12.1.noarch", "SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.s390x", "SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.x86_64", "SUSE OpenStack Cloud 7:python-py-1.8.1-11.12.1.noarch", "SUSE OpenStack Cloud 7:python-pysaml2-4.0.2-3.17.1.noarch", "SUSE OpenStack Cloud 7:python-tempest-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.s390x", "SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.x86_64", "SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.s390x", "SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.x86_64", "SUSE OpenStack Cloud 7:release-notes-suse-openstack-cloud-7.20180803-3.18.3.noarch", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.x86_64", "SUSE OpenStack Cloud 7:zookeeper-server-3.4.10-6.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2020-13379", url: "https://www.suse.com/security/cve/CVE-2020-13379", }, { category: "external", summary: "SUSE Bug 1172409 for CVE-2020-13379", url: "https://bugzilla.suse.com/1172409", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE OpenStack Cloud 7:ansible-2.2.3.0-12.2.noarch", "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.s390x", "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.x86_64", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.s390x", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.x86_64", "SUSE OpenStack Cloud 7:crowbar-ha-4.0+git.1585316203.d6ad2c8-4.52.4.noarch", "SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1589804581.9972163f0-9.71.4.noarch", "SUSE OpenStack Cloud 7:grafana-4.6.5-1.14.1.x86_64", "SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.s390x", "SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.x86_64", "SUSE OpenStack Cloud 7:kibana-4.6.3-5.1.x86_64", "SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.s390x", "SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.x86_64", "SUSE OpenStack Cloud 7:monasca-installer-20180608_12.47-12.1.noarch", "SUSE OpenStack Cloud 7:openstack-dashboard-theme-SUSE-2016.2-5.12.4.noarch", "SUSE OpenStack Cloud 7:openstack-manila-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-api-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-data-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-doc-3.0.1~dev30-4.12.3.noarch", "SUSE OpenStack Cloud 7:openstack-manila-scheduler-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-share-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-neutron-fwaas-9.0.2~dev5-4.9.3.noarch", "SUSE OpenStack Cloud 7:openstack-neutron-fwaas-doc-9.0.2~dev5-4.9.4.noarch", "SUSE OpenStack Cloud 7:openstack-nova-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-api-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-cells-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-cert-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-compute-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-conductor-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-console-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-consoleauth-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-doc-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-novncproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-placement-api-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-scheduler-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-serialproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-vncproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-tempest-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:openstack-tempest-test-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:python-Django-1.8.19-3.23.1.noarch", "SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.s390x", "SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.x86_64", "SUSE OpenStack Cloud 7:python-manila-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:python-neutron-fwaas-9.0.2~dev5-4.9.3.noarch", "SUSE OpenStack Cloud 7:python-nova-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:python-psql2mysql-0.5.0+git.1589351878.4ef877c-1.12.1.noarch", "SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.s390x", "SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.x86_64", "SUSE OpenStack Cloud 7:python-py-1.8.1-11.12.1.noarch", "SUSE OpenStack Cloud 7:python-pysaml2-4.0.2-3.17.1.noarch", "SUSE OpenStack Cloud 7:python-tempest-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.s390x", "SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.x86_64", "SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.s390x", "SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.x86_64", "SUSE OpenStack Cloud 7:release-notes-suse-openstack-cloud-7.20180803-3.18.3.noarch", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.x86_64", "SUSE OpenStack Cloud 7:zookeeper-server-3.4.10-6.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "SUSE OpenStack Cloud 7:ansible-2.2.3.0-12.2.noarch", "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.s390x", "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.x86_64", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.s390x", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.x86_64", "SUSE OpenStack Cloud 7:crowbar-ha-4.0+git.1585316203.d6ad2c8-4.52.4.noarch", "SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1589804581.9972163f0-9.71.4.noarch", "SUSE OpenStack Cloud 7:grafana-4.6.5-1.14.1.x86_64", "SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.s390x", "SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.x86_64", "SUSE OpenStack Cloud 7:kibana-4.6.3-5.1.x86_64", "SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.s390x", "SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.x86_64", "SUSE OpenStack Cloud 7:monasca-installer-20180608_12.47-12.1.noarch", "SUSE OpenStack Cloud 7:openstack-dashboard-theme-SUSE-2016.2-5.12.4.noarch", "SUSE OpenStack Cloud 7:openstack-manila-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-api-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-data-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-doc-3.0.1~dev30-4.12.3.noarch", "SUSE OpenStack Cloud 7:openstack-manila-scheduler-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-share-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-neutron-fwaas-9.0.2~dev5-4.9.3.noarch", "SUSE OpenStack Cloud 7:openstack-neutron-fwaas-doc-9.0.2~dev5-4.9.4.noarch", "SUSE OpenStack Cloud 7:openstack-nova-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-api-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-cells-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-cert-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-compute-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-conductor-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-console-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-consoleauth-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-doc-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-novncproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-placement-api-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-scheduler-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-serialproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-vncproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-tempest-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:openstack-tempest-test-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:python-Django-1.8.19-3.23.1.noarch", "SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.s390x", "SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.x86_64", "SUSE OpenStack Cloud 7:python-manila-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:python-neutron-fwaas-9.0.2~dev5-4.9.3.noarch", "SUSE OpenStack Cloud 7:python-nova-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:python-psql2mysql-0.5.0+git.1589351878.4ef877c-1.12.1.noarch", "SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.s390x", "SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.x86_64", "SUSE OpenStack Cloud 7:python-py-1.8.1-11.12.1.noarch", "SUSE OpenStack Cloud 7:python-pysaml2-4.0.2-3.17.1.noarch", "SUSE OpenStack Cloud 7:python-tempest-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.s390x", "SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.x86_64", "SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.s390x", "SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.x86_64", "SUSE OpenStack Cloud 7:release-notes-suse-openstack-cloud-7.20180803-3.18.3.noarch", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.x86_64", "SUSE OpenStack Cloud 7:zookeeper-server-3.4.10-6.1.noarch", ], }, ], threats: [ { category: "impact", date: "2020-07-29T14:31:35Z", details: "important", }, ], title: "CVE-2020-13379", }, { cve: "CVE-2020-13596", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-13596", }, ], notes: [ { category: "general", text: "An issue was discovered in Django 2.2 before 2.2.13 and 3.0 before 3.0.7. Query parameters generated by the Django admin ForeignKeyRawIdWidget were not properly URL encoded, leading to a possibility of an XSS attack.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE OpenStack Cloud 7:ansible-2.2.3.0-12.2.noarch", "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.s390x", "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.x86_64", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.s390x", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.x86_64", "SUSE OpenStack Cloud 7:crowbar-ha-4.0+git.1585316203.d6ad2c8-4.52.4.noarch", "SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1589804581.9972163f0-9.71.4.noarch", "SUSE OpenStack Cloud 7:grafana-4.6.5-1.14.1.x86_64", "SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.s390x", "SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.x86_64", "SUSE OpenStack Cloud 7:kibana-4.6.3-5.1.x86_64", "SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.s390x", "SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.x86_64", "SUSE OpenStack Cloud 7:monasca-installer-20180608_12.47-12.1.noarch", "SUSE OpenStack Cloud 7:openstack-dashboard-theme-SUSE-2016.2-5.12.4.noarch", "SUSE OpenStack Cloud 7:openstack-manila-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-api-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-data-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-doc-3.0.1~dev30-4.12.3.noarch", "SUSE OpenStack Cloud 7:openstack-manila-scheduler-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-share-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-neutron-fwaas-9.0.2~dev5-4.9.3.noarch", "SUSE OpenStack Cloud 7:openstack-neutron-fwaas-doc-9.0.2~dev5-4.9.4.noarch", "SUSE OpenStack Cloud 7:openstack-nova-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-api-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-cells-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-cert-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-compute-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-conductor-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-console-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-consoleauth-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-doc-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-novncproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-placement-api-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-scheduler-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-serialproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-vncproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-tempest-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:openstack-tempest-test-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:python-Django-1.8.19-3.23.1.noarch", "SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.s390x", "SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.x86_64", "SUSE OpenStack Cloud 7:python-manila-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:python-neutron-fwaas-9.0.2~dev5-4.9.3.noarch", "SUSE OpenStack Cloud 7:python-nova-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:python-psql2mysql-0.5.0+git.1589351878.4ef877c-1.12.1.noarch", "SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.s390x", "SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.x86_64", "SUSE OpenStack Cloud 7:python-py-1.8.1-11.12.1.noarch", "SUSE OpenStack Cloud 7:python-pysaml2-4.0.2-3.17.1.noarch", "SUSE OpenStack Cloud 7:python-tempest-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.s390x", "SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.x86_64", "SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.s390x", "SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.x86_64", "SUSE OpenStack Cloud 7:release-notes-suse-openstack-cloud-7.20180803-3.18.3.noarch", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.x86_64", "SUSE OpenStack Cloud 7:zookeeper-server-3.4.10-6.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2020-13596", url: "https://www.suse.com/security/cve/CVE-2020-13596", }, { category: "external", summary: "SUSE Bug 1172166 for CVE-2020-13596", url: "https://bugzilla.suse.com/1172166", }, { category: "external", summary: "SUSE Bug 1172167 for CVE-2020-13596", url: "https://bugzilla.suse.com/1172167", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE OpenStack Cloud 7:ansible-2.2.3.0-12.2.noarch", "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.s390x", "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.x86_64", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.s390x", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.x86_64", "SUSE OpenStack Cloud 7:crowbar-ha-4.0+git.1585316203.d6ad2c8-4.52.4.noarch", "SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1589804581.9972163f0-9.71.4.noarch", "SUSE OpenStack Cloud 7:grafana-4.6.5-1.14.1.x86_64", "SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.s390x", "SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.x86_64", "SUSE OpenStack Cloud 7:kibana-4.6.3-5.1.x86_64", "SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.s390x", "SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.x86_64", "SUSE OpenStack Cloud 7:monasca-installer-20180608_12.47-12.1.noarch", "SUSE OpenStack Cloud 7:openstack-dashboard-theme-SUSE-2016.2-5.12.4.noarch", "SUSE OpenStack Cloud 7:openstack-manila-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-api-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-data-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-doc-3.0.1~dev30-4.12.3.noarch", "SUSE OpenStack Cloud 7:openstack-manila-scheduler-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-share-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-neutron-fwaas-9.0.2~dev5-4.9.3.noarch", "SUSE OpenStack Cloud 7:openstack-neutron-fwaas-doc-9.0.2~dev5-4.9.4.noarch", "SUSE OpenStack Cloud 7:openstack-nova-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-api-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-cells-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-cert-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-compute-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-conductor-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-console-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-consoleauth-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-doc-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-novncproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-placement-api-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-scheduler-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-serialproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-vncproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-tempest-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:openstack-tempest-test-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:python-Django-1.8.19-3.23.1.noarch", "SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.s390x", "SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.x86_64", "SUSE OpenStack Cloud 7:python-manila-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:python-neutron-fwaas-9.0.2~dev5-4.9.3.noarch", "SUSE OpenStack Cloud 7:python-nova-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:python-psql2mysql-0.5.0+git.1589351878.4ef877c-1.12.1.noarch", "SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.s390x", "SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.x86_64", "SUSE OpenStack Cloud 7:python-py-1.8.1-11.12.1.noarch", "SUSE OpenStack Cloud 7:python-pysaml2-4.0.2-3.17.1.noarch", "SUSE OpenStack Cloud 7:python-tempest-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.s390x", "SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.x86_64", "SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.s390x", "SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.x86_64", "SUSE OpenStack Cloud 7:release-notes-suse-openstack-cloud-7.20180803-3.18.3.noarch", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.x86_64", "SUSE OpenStack Cloud 7:zookeeper-server-3.4.10-6.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 6.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", version: "3.1", }, products: [ "SUSE OpenStack Cloud 7:ansible-2.2.3.0-12.2.noarch", "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.s390x", "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.x86_64", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.s390x", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.x86_64", "SUSE OpenStack Cloud 7:crowbar-ha-4.0+git.1585316203.d6ad2c8-4.52.4.noarch", "SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1589804581.9972163f0-9.71.4.noarch", "SUSE OpenStack Cloud 7:grafana-4.6.5-1.14.1.x86_64", "SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.s390x", "SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.x86_64", "SUSE OpenStack Cloud 7:kibana-4.6.3-5.1.x86_64", "SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.s390x", "SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.x86_64", "SUSE OpenStack Cloud 7:monasca-installer-20180608_12.47-12.1.noarch", "SUSE OpenStack Cloud 7:openstack-dashboard-theme-SUSE-2016.2-5.12.4.noarch", "SUSE OpenStack Cloud 7:openstack-manila-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-api-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-data-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-doc-3.0.1~dev30-4.12.3.noarch", "SUSE OpenStack Cloud 7:openstack-manila-scheduler-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-share-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-neutron-fwaas-9.0.2~dev5-4.9.3.noarch", "SUSE OpenStack Cloud 7:openstack-neutron-fwaas-doc-9.0.2~dev5-4.9.4.noarch", "SUSE OpenStack Cloud 7:openstack-nova-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-api-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-cells-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-cert-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-compute-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-conductor-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-console-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-consoleauth-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-doc-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-novncproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-placement-api-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-scheduler-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-serialproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-vncproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-tempest-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:openstack-tempest-test-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:python-Django-1.8.19-3.23.1.noarch", "SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.s390x", "SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.x86_64", "SUSE OpenStack Cloud 7:python-manila-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:python-neutron-fwaas-9.0.2~dev5-4.9.3.noarch", "SUSE OpenStack Cloud 7:python-nova-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:python-psql2mysql-0.5.0+git.1589351878.4ef877c-1.12.1.noarch", "SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.s390x", "SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.x86_64", "SUSE OpenStack Cloud 7:python-py-1.8.1-11.12.1.noarch", "SUSE OpenStack Cloud 7:python-pysaml2-4.0.2-3.17.1.noarch", "SUSE OpenStack Cloud 7:python-tempest-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.s390x", "SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.x86_64", "SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.s390x", "SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.x86_64", "SUSE OpenStack Cloud 7:release-notes-suse-openstack-cloud-7.20180803-3.18.3.noarch", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.x86_64", "SUSE OpenStack Cloud 7:zookeeper-server-3.4.10-6.1.noarch", ], }, ], threats: [ { category: "impact", date: "2020-07-29T14:31:35Z", details: "moderate", }, ], title: "CVE-2020-13596", }, { cve: "CVE-2020-5247", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-5247", }, ], notes: [ { category: "general", text: "In Puma (RubyGem) before 4.3.2 and before 3.12.3, if an application using Puma allows untrusted input in a response header, an attacker can use newline characters (i.e. `CR`, `LF` or`/r`, `/n`) to end the header and inject malicious content, such as additional headers or an entirely new response body. This vulnerability is known as HTTP Response Splitting. While not an attack in itself, response splitting is a vector for several other attacks, such as cross-site scripting (XSS). This is related to CVE-2019-16254, which fixed this vulnerability for the WEBrick Ruby web server. This has been fixed in versions 4.3.2 and 3.12.3 by checking all headers for line endings and rejecting headers with those characters.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE OpenStack Cloud 7:ansible-2.2.3.0-12.2.noarch", "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.s390x", "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.x86_64", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.s390x", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.x86_64", "SUSE OpenStack Cloud 7:crowbar-ha-4.0+git.1585316203.d6ad2c8-4.52.4.noarch", "SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1589804581.9972163f0-9.71.4.noarch", "SUSE OpenStack Cloud 7:grafana-4.6.5-1.14.1.x86_64", "SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.s390x", "SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.x86_64", "SUSE OpenStack Cloud 7:kibana-4.6.3-5.1.x86_64", "SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.s390x", "SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.x86_64", "SUSE OpenStack Cloud 7:monasca-installer-20180608_12.47-12.1.noarch", "SUSE OpenStack Cloud 7:openstack-dashboard-theme-SUSE-2016.2-5.12.4.noarch", "SUSE OpenStack Cloud 7:openstack-manila-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-api-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-data-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-doc-3.0.1~dev30-4.12.3.noarch", "SUSE OpenStack Cloud 7:openstack-manila-scheduler-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-share-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-neutron-fwaas-9.0.2~dev5-4.9.3.noarch", "SUSE OpenStack Cloud 7:openstack-neutron-fwaas-doc-9.0.2~dev5-4.9.4.noarch", "SUSE OpenStack Cloud 7:openstack-nova-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-api-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-cells-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-cert-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-compute-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-conductor-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-console-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-consoleauth-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-doc-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-novncproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-placement-api-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-scheduler-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-serialproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-vncproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-tempest-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:openstack-tempest-test-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:python-Django-1.8.19-3.23.1.noarch", "SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.s390x", "SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.x86_64", "SUSE OpenStack Cloud 7:python-manila-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:python-neutron-fwaas-9.0.2~dev5-4.9.3.noarch", "SUSE OpenStack Cloud 7:python-nova-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:python-psql2mysql-0.5.0+git.1589351878.4ef877c-1.12.1.noarch", "SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.s390x", "SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.x86_64", "SUSE OpenStack Cloud 7:python-py-1.8.1-11.12.1.noarch", "SUSE OpenStack Cloud 7:python-pysaml2-4.0.2-3.17.1.noarch", "SUSE OpenStack Cloud 7:python-tempest-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.s390x", "SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.x86_64", "SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.s390x", "SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.x86_64", "SUSE OpenStack Cloud 7:release-notes-suse-openstack-cloud-7.20180803-3.18.3.noarch", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.x86_64", "SUSE OpenStack Cloud 7:zookeeper-server-3.4.10-6.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2020-5247", url: "https://www.suse.com/security/cve/CVE-2020-5247", }, { category: "external", summary: "SUSE Bug 1165402 for CVE-2020-5247", url: "https://bugzilla.suse.com/1165402", }, { category: "external", summary: "SUSE Bug 1165524 for CVE-2020-5247", url: "https://bugzilla.suse.com/1165524", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE OpenStack Cloud 7:ansible-2.2.3.0-12.2.noarch", "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.s390x", "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.x86_64", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.s390x", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.x86_64", "SUSE OpenStack Cloud 7:crowbar-ha-4.0+git.1585316203.d6ad2c8-4.52.4.noarch", "SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1589804581.9972163f0-9.71.4.noarch", "SUSE OpenStack Cloud 7:grafana-4.6.5-1.14.1.x86_64", "SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.s390x", "SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.x86_64", "SUSE OpenStack Cloud 7:kibana-4.6.3-5.1.x86_64", "SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.s390x", "SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.x86_64", "SUSE OpenStack Cloud 7:monasca-installer-20180608_12.47-12.1.noarch", "SUSE OpenStack Cloud 7:openstack-dashboard-theme-SUSE-2016.2-5.12.4.noarch", "SUSE OpenStack Cloud 7:openstack-manila-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-api-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-data-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-doc-3.0.1~dev30-4.12.3.noarch", "SUSE OpenStack Cloud 7:openstack-manila-scheduler-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-share-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-neutron-fwaas-9.0.2~dev5-4.9.3.noarch", "SUSE OpenStack Cloud 7:openstack-neutron-fwaas-doc-9.0.2~dev5-4.9.4.noarch", "SUSE OpenStack Cloud 7:openstack-nova-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-api-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-cells-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-cert-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-compute-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-conductor-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-console-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-consoleauth-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-doc-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-novncproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-placement-api-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-scheduler-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-serialproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-vncproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-tempest-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:openstack-tempest-test-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:python-Django-1.8.19-3.23.1.noarch", "SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.s390x", "SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.x86_64", "SUSE OpenStack Cloud 7:python-manila-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:python-neutron-fwaas-9.0.2~dev5-4.9.3.noarch", "SUSE OpenStack Cloud 7:python-nova-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:python-psql2mysql-0.5.0+git.1589351878.4ef877c-1.12.1.noarch", "SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.s390x", "SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.x86_64", "SUSE OpenStack Cloud 7:python-py-1.8.1-11.12.1.noarch", "SUSE OpenStack Cloud 7:python-pysaml2-4.0.2-3.17.1.noarch", "SUSE OpenStack Cloud 7:python-tempest-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.s390x", "SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.x86_64", "SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.s390x", "SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.x86_64", "SUSE OpenStack Cloud 7:release-notes-suse-openstack-cloud-7.20180803-3.18.3.noarch", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.x86_64", "SUSE OpenStack Cloud 7:zookeeper-server-3.4.10-6.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N", version: "3.1", }, products: [ "SUSE OpenStack Cloud 7:ansible-2.2.3.0-12.2.noarch", "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.s390x", "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.x86_64", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.s390x", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.x86_64", "SUSE OpenStack Cloud 7:crowbar-ha-4.0+git.1585316203.d6ad2c8-4.52.4.noarch", "SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1589804581.9972163f0-9.71.4.noarch", "SUSE OpenStack Cloud 7:grafana-4.6.5-1.14.1.x86_64", "SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.s390x", "SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.x86_64", "SUSE OpenStack Cloud 7:kibana-4.6.3-5.1.x86_64", "SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.s390x", "SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.x86_64", "SUSE OpenStack Cloud 7:monasca-installer-20180608_12.47-12.1.noarch", "SUSE OpenStack Cloud 7:openstack-dashboard-theme-SUSE-2016.2-5.12.4.noarch", "SUSE OpenStack Cloud 7:openstack-manila-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-api-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-data-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-doc-3.0.1~dev30-4.12.3.noarch", "SUSE OpenStack Cloud 7:openstack-manila-scheduler-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-share-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-neutron-fwaas-9.0.2~dev5-4.9.3.noarch", "SUSE OpenStack Cloud 7:openstack-neutron-fwaas-doc-9.0.2~dev5-4.9.4.noarch", "SUSE OpenStack Cloud 7:openstack-nova-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-api-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-cells-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-cert-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-compute-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-conductor-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-console-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-consoleauth-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-doc-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-novncproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-placement-api-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-scheduler-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-serialproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-vncproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-tempest-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:openstack-tempest-test-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:python-Django-1.8.19-3.23.1.noarch", "SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.s390x", "SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.x86_64", "SUSE OpenStack Cloud 7:python-manila-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:python-neutron-fwaas-9.0.2~dev5-4.9.3.noarch", "SUSE OpenStack Cloud 7:python-nova-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:python-psql2mysql-0.5.0+git.1589351878.4ef877c-1.12.1.noarch", "SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.s390x", "SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.x86_64", "SUSE OpenStack Cloud 7:python-py-1.8.1-11.12.1.noarch", "SUSE OpenStack Cloud 7:python-pysaml2-4.0.2-3.17.1.noarch", "SUSE OpenStack Cloud 7:python-tempest-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.s390x", "SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.x86_64", "SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.s390x", "SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.x86_64", "SUSE OpenStack Cloud 7:release-notes-suse-openstack-cloud-7.20180803-3.18.3.noarch", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.x86_64", "SUSE OpenStack Cloud 7:zookeeper-server-3.4.10-6.1.noarch", ], }, ], threats: [ { category: "impact", date: "2020-07-29T14:31:35Z", details: "moderate", }, ], title: "CVE-2020-5247", }, { cve: "CVE-2020-5312", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-5312", }, ], notes: [ { category: "general", text: "libImaging/PcxDecode.c in Pillow before 6.2.2 has a PCX P mode buffer overflow.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE OpenStack Cloud 7:ansible-2.2.3.0-12.2.noarch", "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.s390x", "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.x86_64", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.s390x", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.x86_64", "SUSE OpenStack Cloud 7:crowbar-ha-4.0+git.1585316203.d6ad2c8-4.52.4.noarch", "SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1589804581.9972163f0-9.71.4.noarch", "SUSE OpenStack Cloud 7:grafana-4.6.5-1.14.1.x86_64", "SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.s390x", "SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.x86_64", "SUSE OpenStack Cloud 7:kibana-4.6.3-5.1.x86_64", "SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.s390x", "SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.x86_64", "SUSE OpenStack Cloud 7:monasca-installer-20180608_12.47-12.1.noarch", "SUSE OpenStack Cloud 7:openstack-dashboard-theme-SUSE-2016.2-5.12.4.noarch", "SUSE OpenStack Cloud 7:openstack-manila-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-api-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-data-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-doc-3.0.1~dev30-4.12.3.noarch", "SUSE OpenStack Cloud 7:openstack-manila-scheduler-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-share-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-neutron-fwaas-9.0.2~dev5-4.9.3.noarch", "SUSE OpenStack Cloud 7:openstack-neutron-fwaas-doc-9.0.2~dev5-4.9.4.noarch", "SUSE OpenStack Cloud 7:openstack-nova-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-api-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-cells-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-cert-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-compute-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-conductor-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-console-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-consoleauth-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-doc-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-novncproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-placement-api-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-scheduler-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-serialproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-vncproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-tempest-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:openstack-tempest-test-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:python-Django-1.8.19-3.23.1.noarch", "SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.s390x", "SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.x86_64", "SUSE OpenStack Cloud 7:python-manila-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:python-neutron-fwaas-9.0.2~dev5-4.9.3.noarch", "SUSE OpenStack Cloud 7:python-nova-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:python-psql2mysql-0.5.0+git.1589351878.4ef877c-1.12.1.noarch", "SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.s390x", "SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.x86_64", "SUSE OpenStack Cloud 7:python-py-1.8.1-11.12.1.noarch", "SUSE OpenStack Cloud 7:python-pysaml2-4.0.2-3.17.1.noarch", "SUSE OpenStack Cloud 7:python-tempest-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.s390x", "SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.x86_64", "SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.s390x", "SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.x86_64", "SUSE OpenStack Cloud 7:release-notes-suse-openstack-cloud-7.20180803-3.18.3.noarch", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.x86_64", "SUSE OpenStack Cloud 7:zookeeper-server-3.4.10-6.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2020-5312", url: "https://www.suse.com/security/cve/CVE-2020-5312", }, { category: "external", summary: "SUSE Bug 1160152 for CVE-2020-5312", url: "https://bugzilla.suse.com/1160152", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE OpenStack Cloud 7:ansible-2.2.3.0-12.2.noarch", "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.s390x", "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.x86_64", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.s390x", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.x86_64", "SUSE OpenStack Cloud 7:crowbar-ha-4.0+git.1585316203.d6ad2c8-4.52.4.noarch", "SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1589804581.9972163f0-9.71.4.noarch", "SUSE OpenStack Cloud 7:grafana-4.6.5-1.14.1.x86_64", "SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.s390x", "SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.x86_64", "SUSE OpenStack Cloud 7:kibana-4.6.3-5.1.x86_64", "SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.s390x", "SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.x86_64", "SUSE OpenStack Cloud 7:monasca-installer-20180608_12.47-12.1.noarch", "SUSE OpenStack Cloud 7:openstack-dashboard-theme-SUSE-2016.2-5.12.4.noarch", "SUSE OpenStack Cloud 7:openstack-manila-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-api-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-data-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-doc-3.0.1~dev30-4.12.3.noarch", "SUSE OpenStack Cloud 7:openstack-manila-scheduler-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-share-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-neutron-fwaas-9.0.2~dev5-4.9.3.noarch", "SUSE OpenStack Cloud 7:openstack-neutron-fwaas-doc-9.0.2~dev5-4.9.4.noarch", "SUSE OpenStack Cloud 7:openstack-nova-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-api-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-cells-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-cert-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-compute-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-conductor-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-console-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-consoleauth-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-doc-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-novncproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-placement-api-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-scheduler-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-serialproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-vncproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-tempest-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:openstack-tempest-test-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:python-Django-1.8.19-3.23.1.noarch", "SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.s390x", "SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.x86_64", "SUSE OpenStack Cloud 7:python-manila-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:python-neutron-fwaas-9.0.2~dev5-4.9.3.noarch", "SUSE OpenStack Cloud 7:python-nova-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:python-psql2mysql-0.5.0+git.1589351878.4ef877c-1.12.1.noarch", "SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.s390x", "SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.x86_64", "SUSE OpenStack Cloud 7:python-py-1.8.1-11.12.1.noarch", "SUSE OpenStack Cloud 7:python-pysaml2-4.0.2-3.17.1.noarch", "SUSE OpenStack Cloud 7:python-tempest-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.s390x", "SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.x86_64", "SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.s390x", "SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.x86_64", "SUSE OpenStack Cloud 7:release-notes-suse-openstack-cloud-7.20180803-3.18.3.noarch", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.x86_64", "SUSE OpenStack Cloud 7:zookeeper-server-3.4.10-6.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE OpenStack Cloud 7:ansible-2.2.3.0-12.2.noarch", "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.s390x", "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.x86_64", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.s390x", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.x86_64", "SUSE OpenStack Cloud 7:crowbar-ha-4.0+git.1585316203.d6ad2c8-4.52.4.noarch", "SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1589804581.9972163f0-9.71.4.noarch", "SUSE OpenStack Cloud 7:grafana-4.6.5-1.14.1.x86_64", "SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.s390x", "SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.x86_64", "SUSE OpenStack Cloud 7:kibana-4.6.3-5.1.x86_64", "SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.s390x", "SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.x86_64", "SUSE OpenStack Cloud 7:monasca-installer-20180608_12.47-12.1.noarch", "SUSE OpenStack Cloud 7:openstack-dashboard-theme-SUSE-2016.2-5.12.4.noarch", "SUSE OpenStack Cloud 7:openstack-manila-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-api-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-data-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-doc-3.0.1~dev30-4.12.3.noarch", "SUSE OpenStack Cloud 7:openstack-manila-scheduler-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-share-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-neutron-fwaas-9.0.2~dev5-4.9.3.noarch", "SUSE OpenStack Cloud 7:openstack-neutron-fwaas-doc-9.0.2~dev5-4.9.4.noarch", "SUSE OpenStack Cloud 7:openstack-nova-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-api-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-cells-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-cert-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-compute-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-conductor-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-console-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-consoleauth-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-doc-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-novncproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-placement-api-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-scheduler-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-serialproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-vncproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-tempest-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:openstack-tempest-test-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:python-Django-1.8.19-3.23.1.noarch", "SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.s390x", "SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.x86_64", "SUSE OpenStack Cloud 7:python-manila-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:python-neutron-fwaas-9.0.2~dev5-4.9.3.noarch", "SUSE OpenStack Cloud 7:python-nova-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:python-psql2mysql-0.5.0+git.1589351878.4ef877c-1.12.1.noarch", "SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.s390x", "SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.x86_64", "SUSE OpenStack Cloud 7:python-py-1.8.1-11.12.1.noarch", "SUSE OpenStack Cloud 7:python-pysaml2-4.0.2-3.17.1.noarch", "SUSE OpenStack Cloud 7:python-tempest-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.s390x", "SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.x86_64", "SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.s390x", "SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.x86_64", "SUSE OpenStack Cloud 7:release-notes-suse-openstack-cloud-7.20180803-3.18.3.noarch", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.x86_64", "SUSE OpenStack Cloud 7:zookeeper-server-3.4.10-6.1.noarch", ], }, ], threats: [ { category: "impact", date: "2020-07-29T14:31:35Z", details: "important", }, ], title: "CVE-2020-5312", }, { cve: "CVE-2020-5313", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-5313", }, ], notes: [ { category: "general", text: "libImaging/FliDecode.c in Pillow before 6.2.2 has an FLI buffer overflow.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE OpenStack Cloud 7:ansible-2.2.3.0-12.2.noarch", "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.s390x", "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.x86_64", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.s390x", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.x86_64", "SUSE OpenStack Cloud 7:crowbar-ha-4.0+git.1585316203.d6ad2c8-4.52.4.noarch", "SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1589804581.9972163f0-9.71.4.noarch", "SUSE OpenStack Cloud 7:grafana-4.6.5-1.14.1.x86_64", "SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.s390x", "SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.x86_64", "SUSE OpenStack Cloud 7:kibana-4.6.3-5.1.x86_64", "SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.s390x", "SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.x86_64", "SUSE OpenStack Cloud 7:monasca-installer-20180608_12.47-12.1.noarch", "SUSE OpenStack Cloud 7:openstack-dashboard-theme-SUSE-2016.2-5.12.4.noarch", "SUSE OpenStack Cloud 7:openstack-manila-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-api-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-data-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-doc-3.0.1~dev30-4.12.3.noarch", "SUSE OpenStack Cloud 7:openstack-manila-scheduler-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-share-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-neutron-fwaas-9.0.2~dev5-4.9.3.noarch", "SUSE OpenStack Cloud 7:openstack-neutron-fwaas-doc-9.0.2~dev5-4.9.4.noarch", "SUSE OpenStack Cloud 7:openstack-nova-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-api-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-cells-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-cert-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-compute-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-conductor-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-console-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-consoleauth-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-doc-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-novncproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-placement-api-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-scheduler-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-serialproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-vncproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-tempest-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:openstack-tempest-test-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:python-Django-1.8.19-3.23.1.noarch", "SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.s390x", "SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.x86_64", "SUSE OpenStack Cloud 7:python-manila-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:python-neutron-fwaas-9.0.2~dev5-4.9.3.noarch", "SUSE OpenStack Cloud 7:python-nova-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:python-psql2mysql-0.5.0+git.1589351878.4ef877c-1.12.1.noarch", "SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.s390x", "SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.x86_64", "SUSE OpenStack Cloud 7:python-py-1.8.1-11.12.1.noarch", "SUSE OpenStack Cloud 7:python-pysaml2-4.0.2-3.17.1.noarch", "SUSE OpenStack Cloud 7:python-tempest-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.s390x", "SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.x86_64", "SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.s390x", "SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.x86_64", "SUSE OpenStack Cloud 7:release-notes-suse-openstack-cloud-7.20180803-3.18.3.noarch", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.x86_64", "SUSE OpenStack Cloud 7:zookeeper-server-3.4.10-6.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2020-5313", url: "https://www.suse.com/security/cve/CVE-2020-5313", }, { category: "external", summary: "SUSE Bug 1160153 for CVE-2020-5313", url: "https://bugzilla.suse.com/1160153", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE OpenStack Cloud 7:ansible-2.2.3.0-12.2.noarch", "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.s390x", "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.x86_64", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.s390x", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.x86_64", "SUSE OpenStack Cloud 7:crowbar-ha-4.0+git.1585316203.d6ad2c8-4.52.4.noarch", "SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1589804581.9972163f0-9.71.4.noarch", "SUSE OpenStack Cloud 7:grafana-4.6.5-1.14.1.x86_64", "SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.s390x", "SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.x86_64", "SUSE OpenStack Cloud 7:kibana-4.6.3-5.1.x86_64", "SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.s390x", "SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.x86_64", "SUSE OpenStack Cloud 7:monasca-installer-20180608_12.47-12.1.noarch", "SUSE OpenStack Cloud 7:openstack-dashboard-theme-SUSE-2016.2-5.12.4.noarch", "SUSE OpenStack Cloud 7:openstack-manila-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-api-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-data-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-doc-3.0.1~dev30-4.12.3.noarch", "SUSE OpenStack Cloud 7:openstack-manila-scheduler-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-share-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-neutron-fwaas-9.0.2~dev5-4.9.3.noarch", "SUSE OpenStack Cloud 7:openstack-neutron-fwaas-doc-9.0.2~dev5-4.9.4.noarch", "SUSE OpenStack Cloud 7:openstack-nova-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-api-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-cells-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-cert-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-compute-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-conductor-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-console-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-consoleauth-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-doc-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-novncproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-placement-api-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-scheduler-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-serialproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-vncproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-tempest-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:openstack-tempest-test-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:python-Django-1.8.19-3.23.1.noarch", "SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.s390x", "SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.x86_64", "SUSE OpenStack Cloud 7:python-manila-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:python-neutron-fwaas-9.0.2~dev5-4.9.3.noarch", "SUSE OpenStack Cloud 7:python-nova-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:python-psql2mysql-0.5.0+git.1589351878.4ef877c-1.12.1.noarch", "SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.s390x", "SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.x86_64", "SUSE OpenStack Cloud 7:python-py-1.8.1-11.12.1.noarch", "SUSE OpenStack Cloud 7:python-pysaml2-4.0.2-3.17.1.noarch", "SUSE OpenStack Cloud 7:python-tempest-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.s390x", "SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.x86_64", "SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.s390x", "SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.x86_64", "SUSE OpenStack Cloud 7:release-notes-suse-openstack-cloud-7.20180803-3.18.3.noarch", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.x86_64", "SUSE OpenStack Cloud 7:zookeeper-server-3.4.10-6.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE OpenStack Cloud 7:ansible-2.2.3.0-12.2.noarch", "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.s390x", "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.x86_64", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.s390x", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.x86_64", "SUSE OpenStack Cloud 7:crowbar-ha-4.0+git.1585316203.d6ad2c8-4.52.4.noarch", "SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1589804581.9972163f0-9.71.4.noarch", "SUSE OpenStack Cloud 7:grafana-4.6.5-1.14.1.x86_64", "SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.s390x", "SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.x86_64", "SUSE OpenStack Cloud 7:kibana-4.6.3-5.1.x86_64", "SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.s390x", "SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.x86_64", "SUSE OpenStack Cloud 7:monasca-installer-20180608_12.47-12.1.noarch", "SUSE OpenStack Cloud 7:openstack-dashboard-theme-SUSE-2016.2-5.12.4.noarch", "SUSE OpenStack Cloud 7:openstack-manila-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-api-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-data-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-doc-3.0.1~dev30-4.12.3.noarch", "SUSE OpenStack Cloud 7:openstack-manila-scheduler-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-share-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-neutron-fwaas-9.0.2~dev5-4.9.3.noarch", "SUSE OpenStack Cloud 7:openstack-neutron-fwaas-doc-9.0.2~dev5-4.9.4.noarch", "SUSE OpenStack Cloud 7:openstack-nova-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-api-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-cells-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-cert-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-compute-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-conductor-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-console-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-consoleauth-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-doc-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-novncproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-placement-api-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-scheduler-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-serialproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-vncproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-tempest-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:openstack-tempest-test-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:python-Django-1.8.19-3.23.1.noarch", "SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.s390x", "SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.x86_64", "SUSE OpenStack Cloud 7:python-manila-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:python-neutron-fwaas-9.0.2~dev5-4.9.3.noarch", "SUSE OpenStack Cloud 7:python-nova-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:python-psql2mysql-0.5.0+git.1589351878.4ef877c-1.12.1.noarch", "SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.s390x", "SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.x86_64", "SUSE OpenStack Cloud 7:python-py-1.8.1-11.12.1.noarch", "SUSE OpenStack Cloud 7:python-pysaml2-4.0.2-3.17.1.noarch", "SUSE OpenStack Cloud 7:python-tempest-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.s390x", "SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.x86_64", "SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.s390x", "SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.x86_64", "SUSE OpenStack Cloud 7:release-notes-suse-openstack-cloud-7.20180803-3.18.3.noarch", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.x86_64", "SUSE OpenStack Cloud 7:zookeeper-server-3.4.10-6.1.noarch", ], }, ], threats: [ { category: "impact", date: "2020-07-29T14:31:35Z", details: "important", }, ], title: "CVE-2020-5313", }, { cve: "CVE-2020-5390", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-5390", }, ], notes: [ { category: "general", text: "PySAML2 before 5.0.0 does not check that the signature in a SAML document is enveloped and thus signature wrapping is effective, i.e., it is affected by XML Signature Wrapping (XSW). The signature information and the node/object that is signed can be in different places and thus the signature verification will succeed, but the wrong data will be used. This specifically affects the verification of assertion that have been signed.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE OpenStack Cloud 7:ansible-2.2.3.0-12.2.noarch", "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.s390x", "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.x86_64", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.s390x", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.x86_64", "SUSE OpenStack Cloud 7:crowbar-ha-4.0+git.1585316203.d6ad2c8-4.52.4.noarch", "SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1589804581.9972163f0-9.71.4.noarch", "SUSE OpenStack Cloud 7:grafana-4.6.5-1.14.1.x86_64", "SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.s390x", "SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.x86_64", "SUSE OpenStack Cloud 7:kibana-4.6.3-5.1.x86_64", "SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.s390x", "SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.x86_64", "SUSE OpenStack Cloud 7:monasca-installer-20180608_12.47-12.1.noarch", "SUSE OpenStack Cloud 7:openstack-dashboard-theme-SUSE-2016.2-5.12.4.noarch", "SUSE OpenStack Cloud 7:openstack-manila-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-api-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-data-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-doc-3.0.1~dev30-4.12.3.noarch", "SUSE OpenStack Cloud 7:openstack-manila-scheduler-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-share-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-neutron-fwaas-9.0.2~dev5-4.9.3.noarch", "SUSE OpenStack Cloud 7:openstack-neutron-fwaas-doc-9.0.2~dev5-4.9.4.noarch", "SUSE OpenStack Cloud 7:openstack-nova-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-api-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-cells-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-cert-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-compute-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-conductor-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-console-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-consoleauth-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-doc-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-novncproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-placement-api-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-scheduler-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-serialproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-vncproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-tempest-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:openstack-tempest-test-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:python-Django-1.8.19-3.23.1.noarch", "SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.s390x", "SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.x86_64", "SUSE OpenStack Cloud 7:python-manila-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:python-neutron-fwaas-9.0.2~dev5-4.9.3.noarch", "SUSE OpenStack Cloud 7:python-nova-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:python-psql2mysql-0.5.0+git.1589351878.4ef877c-1.12.1.noarch", "SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.s390x", "SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.x86_64", "SUSE OpenStack Cloud 7:python-py-1.8.1-11.12.1.noarch", "SUSE OpenStack Cloud 7:python-pysaml2-4.0.2-3.17.1.noarch", "SUSE OpenStack Cloud 7:python-tempest-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.s390x", "SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.x86_64", "SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.s390x", "SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.x86_64", "SUSE OpenStack Cloud 7:release-notes-suse-openstack-cloud-7.20180803-3.18.3.noarch", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.x86_64", "SUSE OpenStack Cloud 7:zookeeper-server-3.4.10-6.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2020-5390", url: "https://www.suse.com/security/cve/CVE-2020-5390", }, { category: "external", summary: "SUSE Bug 1160851 for CVE-2020-5390", url: "https://bugzilla.suse.com/1160851", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE OpenStack Cloud 7:ansible-2.2.3.0-12.2.noarch", "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.s390x", "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.x86_64", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.s390x", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.x86_64", "SUSE OpenStack Cloud 7:crowbar-ha-4.0+git.1585316203.d6ad2c8-4.52.4.noarch", "SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1589804581.9972163f0-9.71.4.noarch", "SUSE OpenStack Cloud 7:grafana-4.6.5-1.14.1.x86_64", "SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.s390x", "SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.x86_64", "SUSE OpenStack Cloud 7:kibana-4.6.3-5.1.x86_64", "SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.s390x", "SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.x86_64", "SUSE OpenStack Cloud 7:monasca-installer-20180608_12.47-12.1.noarch", "SUSE OpenStack Cloud 7:openstack-dashboard-theme-SUSE-2016.2-5.12.4.noarch", "SUSE OpenStack Cloud 7:openstack-manila-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-api-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-data-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-doc-3.0.1~dev30-4.12.3.noarch", "SUSE OpenStack Cloud 7:openstack-manila-scheduler-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-share-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-neutron-fwaas-9.0.2~dev5-4.9.3.noarch", "SUSE OpenStack Cloud 7:openstack-neutron-fwaas-doc-9.0.2~dev5-4.9.4.noarch", "SUSE OpenStack Cloud 7:openstack-nova-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-api-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-cells-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-cert-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-compute-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-conductor-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-console-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-consoleauth-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-doc-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-novncproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-placement-api-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-scheduler-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-serialproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-vncproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-tempest-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:openstack-tempest-test-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:python-Django-1.8.19-3.23.1.noarch", "SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.s390x", "SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.x86_64", "SUSE OpenStack Cloud 7:python-manila-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:python-neutron-fwaas-9.0.2~dev5-4.9.3.noarch", "SUSE OpenStack Cloud 7:python-nova-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:python-psql2mysql-0.5.0+git.1589351878.4ef877c-1.12.1.noarch", "SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.s390x", "SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.x86_64", "SUSE OpenStack Cloud 7:python-py-1.8.1-11.12.1.noarch", "SUSE OpenStack Cloud 7:python-pysaml2-4.0.2-3.17.1.noarch", "SUSE OpenStack Cloud 7:python-tempest-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.s390x", "SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.x86_64", "SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.s390x", "SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.x86_64", "SUSE OpenStack Cloud 7:release-notes-suse-openstack-cloud-7.20180803-3.18.3.noarch", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.x86_64", "SUSE OpenStack Cloud 7:zookeeper-server-3.4.10-6.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", version: "3.1", }, products: [ "SUSE OpenStack Cloud 7:ansible-2.2.3.0-12.2.noarch", "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.s390x", "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.x86_64", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.s390x", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.x86_64", "SUSE OpenStack Cloud 7:crowbar-ha-4.0+git.1585316203.d6ad2c8-4.52.4.noarch", "SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1589804581.9972163f0-9.71.4.noarch", "SUSE OpenStack Cloud 7:grafana-4.6.5-1.14.1.x86_64", "SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.s390x", "SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.x86_64", "SUSE OpenStack Cloud 7:kibana-4.6.3-5.1.x86_64", "SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.s390x", "SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.x86_64", "SUSE OpenStack Cloud 7:monasca-installer-20180608_12.47-12.1.noarch", "SUSE OpenStack Cloud 7:openstack-dashboard-theme-SUSE-2016.2-5.12.4.noarch", "SUSE OpenStack Cloud 7:openstack-manila-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-api-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-data-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-doc-3.0.1~dev30-4.12.3.noarch", "SUSE OpenStack Cloud 7:openstack-manila-scheduler-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-share-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-neutron-fwaas-9.0.2~dev5-4.9.3.noarch", "SUSE OpenStack Cloud 7:openstack-neutron-fwaas-doc-9.0.2~dev5-4.9.4.noarch", "SUSE OpenStack Cloud 7:openstack-nova-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-api-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-cells-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-cert-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-compute-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-conductor-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-console-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-consoleauth-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-doc-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-novncproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-placement-api-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-scheduler-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-serialproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-vncproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-tempest-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:openstack-tempest-test-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:python-Django-1.8.19-3.23.1.noarch", "SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.s390x", "SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.x86_64", "SUSE OpenStack Cloud 7:python-manila-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:python-neutron-fwaas-9.0.2~dev5-4.9.3.noarch", "SUSE OpenStack Cloud 7:python-nova-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:python-psql2mysql-0.5.0+git.1589351878.4ef877c-1.12.1.noarch", "SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.s390x", "SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.x86_64", "SUSE OpenStack Cloud 7:python-py-1.8.1-11.12.1.noarch", "SUSE OpenStack Cloud 7:python-pysaml2-4.0.2-3.17.1.noarch", "SUSE OpenStack Cloud 7:python-tempest-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.s390x", "SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.x86_64", "SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.s390x", "SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.x86_64", "SUSE OpenStack Cloud 7:release-notes-suse-openstack-cloud-7.20180803-3.18.3.noarch", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.x86_64", "SUSE OpenStack Cloud 7:zookeeper-server-3.4.10-6.1.noarch", ], }, ], threats: [ { category: "impact", date: "2020-07-29T14:31:35Z", details: "moderate", }, ], title: "CVE-2020-5390", }, { cve: "CVE-2020-8151", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-8151", }, ], notes: [ { category: "general", text: "There is a possible information disclosure issue in Active Resource <v5.1.1 that could allow an attacker to create specially crafted requests to access data in an unexpected way and possibly leak information.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE OpenStack Cloud 7:ansible-2.2.3.0-12.2.noarch", "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.s390x", "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.x86_64", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.s390x", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.x86_64", "SUSE OpenStack Cloud 7:crowbar-ha-4.0+git.1585316203.d6ad2c8-4.52.4.noarch", "SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1589804581.9972163f0-9.71.4.noarch", "SUSE OpenStack Cloud 7:grafana-4.6.5-1.14.1.x86_64", "SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.s390x", "SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.x86_64", "SUSE OpenStack Cloud 7:kibana-4.6.3-5.1.x86_64", "SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.s390x", "SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.x86_64", "SUSE OpenStack Cloud 7:monasca-installer-20180608_12.47-12.1.noarch", "SUSE OpenStack Cloud 7:openstack-dashboard-theme-SUSE-2016.2-5.12.4.noarch", "SUSE OpenStack Cloud 7:openstack-manila-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-api-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-data-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-doc-3.0.1~dev30-4.12.3.noarch", "SUSE OpenStack Cloud 7:openstack-manila-scheduler-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-share-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-neutron-fwaas-9.0.2~dev5-4.9.3.noarch", "SUSE OpenStack Cloud 7:openstack-neutron-fwaas-doc-9.0.2~dev5-4.9.4.noarch", "SUSE OpenStack Cloud 7:openstack-nova-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-api-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-cells-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-cert-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-compute-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-conductor-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-console-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-consoleauth-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-doc-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-novncproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-placement-api-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-scheduler-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-serialproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-vncproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-tempest-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:openstack-tempest-test-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:python-Django-1.8.19-3.23.1.noarch", "SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.s390x", "SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.x86_64", "SUSE OpenStack Cloud 7:python-manila-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:python-neutron-fwaas-9.0.2~dev5-4.9.3.noarch", "SUSE OpenStack Cloud 7:python-nova-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:python-psql2mysql-0.5.0+git.1589351878.4ef877c-1.12.1.noarch", "SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.s390x", "SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.x86_64", "SUSE OpenStack Cloud 7:python-py-1.8.1-11.12.1.noarch", "SUSE OpenStack Cloud 7:python-pysaml2-4.0.2-3.17.1.noarch", "SUSE OpenStack Cloud 7:python-tempest-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.s390x", "SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.x86_64", "SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.s390x", "SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.x86_64", "SUSE OpenStack Cloud 7:release-notes-suse-openstack-cloud-7.20180803-3.18.3.noarch", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.x86_64", "SUSE OpenStack Cloud 7:zookeeper-server-3.4.10-6.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2020-8151", url: "https://www.suse.com/security/cve/CVE-2020-8151", }, { category: "external", summary: "SUSE Bug 1171560 for CVE-2020-8151", url: "https://bugzilla.suse.com/1171560", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE OpenStack Cloud 7:ansible-2.2.3.0-12.2.noarch", "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.s390x", "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.x86_64", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.s390x", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.x86_64", "SUSE OpenStack Cloud 7:crowbar-ha-4.0+git.1585316203.d6ad2c8-4.52.4.noarch", "SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1589804581.9972163f0-9.71.4.noarch", "SUSE OpenStack Cloud 7:grafana-4.6.5-1.14.1.x86_64", "SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.s390x", "SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.x86_64", "SUSE OpenStack Cloud 7:kibana-4.6.3-5.1.x86_64", "SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.s390x", "SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.x86_64", "SUSE OpenStack Cloud 7:monasca-installer-20180608_12.47-12.1.noarch", "SUSE OpenStack Cloud 7:openstack-dashboard-theme-SUSE-2016.2-5.12.4.noarch", "SUSE OpenStack Cloud 7:openstack-manila-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-api-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-data-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-doc-3.0.1~dev30-4.12.3.noarch", "SUSE OpenStack Cloud 7:openstack-manila-scheduler-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-share-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-neutron-fwaas-9.0.2~dev5-4.9.3.noarch", "SUSE OpenStack Cloud 7:openstack-neutron-fwaas-doc-9.0.2~dev5-4.9.4.noarch", "SUSE OpenStack Cloud 7:openstack-nova-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-api-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-cells-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-cert-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-compute-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-conductor-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-console-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-consoleauth-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-doc-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-novncproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-placement-api-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-scheduler-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-serialproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-vncproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-tempest-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:openstack-tempest-test-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:python-Django-1.8.19-3.23.1.noarch", "SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.s390x", "SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.x86_64", "SUSE OpenStack Cloud 7:python-manila-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:python-neutron-fwaas-9.0.2~dev5-4.9.3.noarch", "SUSE OpenStack Cloud 7:python-nova-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:python-psql2mysql-0.5.0+git.1589351878.4ef877c-1.12.1.noarch", "SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.s390x", "SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.x86_64", "SUSE OpenStack Cloud 7:python-py-1.8.1-11.12.1.noarch", "SUSE OpenStack Cloud 7:python-pysaml2-4.0.2-3.17.1.noarch", "SUSE OpenStack Cloud 7:python-tempest-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.s390x", "SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.x86_64", "SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.s390x", "SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.x86_64", "SUSE OpenStack Cloud 7:release-notes-suse-openstack-cloud-7.20180803-3.18.3.noarch", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.x86_64", "SUSE OpenStack Cloud 7:zookeeper-server-3.4.10-6.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", version: "3.1", }, products: [ "SUSE OpenStack Cloud 7:ansible-2.2.3.0-12.2.noarch", "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.s390x", "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1580209654.1d112d31f-9.66.5.x86_64", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.s390x", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.x86_64", "SUSE OpenStack Cloud 7:crowbar-ha-4.0+git.1585316203.d6ad2c8-4.52.4.noarch", "SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1589804581.9972163f0-9.71.4.noarch", "SUSE OpenStack Cloud 7:grafana-4.6.5-1.14.1.x86_64", "SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.s390x", "SUSE OpenStack Cloud 7:keepalived-2.0.19-1.8.1.x86_64", "SUSE OpenStack Cloud 7:kibana-4.6.3-5.1.x86_64", "SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.s390x", "SUSE OpenStack Cloud 7:memcached-1.5.17-3.6.1.x86_64", "SUSE OpenStack Cloud 7:monasca-installer-20180608_12.47-12.1.noarch", "SUSE OpenStack Cloud 7:openstack-dashboard-theme-SUSE-2016.2-5.12.4.noarch", "SUSE OpenStack Cloud 7:openstack-manila-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-api-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-data-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-doc-3.0.1~dev30-4.12.3.noarch", "SUSE OpenStack Cloud 7:openstack-manila-scheduler-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-manila-share-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:openstack-neutron-fwaas-9.0.2~dev5-4.9.3.noarch", "SUSE OpenStack Cloud 7:openstack-neutron-fwaas-doc-9.0.2~dev5-4.9.4.noarch", "SUSE OpenStack Cloud 7:openstack-nova-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-api-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-cells-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-cert-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-compute-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-conductor-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-console-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-consoleauth-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-doc-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-novncproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-placement-api-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-scheduler-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-serialproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-nova-vncproxy-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:openstack-tempest-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:openstack-tempest-test-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:python-Django-1.8.19-3.23.1.noarch", "SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.s390x", "SUSE OpenStack Cloud 7:python-Pillow-2.8.1-4.12.1.x86_64", "SUSE OpenStack Cloud 7:python-manila-3.0.1~dev30-4.12.2.noarch", "SUSE OpenStack Cloud 7:python-neutron-fwaas-9.0.2~dev5-4.9.3.noarch", "SUSE OpenStack Cloud 7:python-nova-14.0.11~dev13-4.40.2.noarch", "SUSE OpenStack Cloud 7:python-psql2mysql-0.5.0+git.1589351878.4ef877c-1.12.1.noarch", "SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.s390x", "SUSE OpenStack Cloud 7:python-psutil-1.2.1-21.1.x86_64", "SUSE OpenStack Cloud 7:python-py-1.8.1-11.12.1.noarch", "SUSE OpenStack Cloud 7:python-pysaml2-4.0.2-3.17.1.noarch", "SUSE OpenStack Cloud 7:python-tempest-12.2.1~a0~dev177-4.9.1.noarch", "SUSE OpenStack Cloud 7:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.s390x", "SUSE OpenStack Cloud 7:rabbitmq-server-3.4.4-3.16.1.x86_64", "SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.s390x", "SUSE OpenStack Cloud 7:rabbitmq-server-plugins-3.4.4-3.16.1.x86_64", "SUSE OpenStack Cloud 7:release-notes-suse-openstack-cloud-7.20180803-3.18.3.noarch", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.2-7.20.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-puma-2.16.0-4.6.1.x86_64", "SUSE OpenStack Cloud 7:zookeeper-server-3.4.10-6.1.noarch", ], }, ], threats: [ { category: "impact", date: "2020-07-29T14:31:35Z", details: "moderate", }, ], title: "CVE-2020-8151", }, ], }
suse-su-2020:1919-1
Vulnerability from csaf_suse
Published
2020-07-15 08:56
Modified
2020-07-15 08:56
Summary
Security update for rubygem-puma
Notes
Title of the patch
Security update for rubygem-puma
Description of the patch
This update for rubygem-puma to version 4.3.5 fixes the following issues:
- CVE-2020-11077: Fixed a HTTP smuggling issue related to proxy usage (bsc#1172175).
- CVE-2020-11076: Fixed a HTTP smuggling issue when using an invalid transfer-encoding header (bsc#1172176).
- Disabled TLSv1.0 and TLSv1.1 (jsc#SLE-6965).
Patchnames
SUSE-2020-1919,SUSE-SLE-Product-HA-15-2020-1919,SUSE-SLE-Product-HA-15-SP1-2020-1919,SUSE-SLE-Product-HA-15-SP2-2020-1919
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "moderate", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Security update for rubygem-puma", title: "Title of the patch", }, { category: "description", text: "This update for rubygem-puma to version 4.3.5 fixes the following issues:\n\n- CVE-2020-11077: Fixed a HTTP smuggling issue related to proxy usage (bsc#1172175).\n- CVE-2020-11076: Fixed a HTTP smuggling issue when using an invalid transfer-encoding header (bsc#1172176).\n- Disabled TLSv1.0 and TLSv1.1 (jsc#SLE-6965).\n", title: "Description of the patch", }, { category: "details", text: "SUSE-2020-1919,SUSE-SLE-Product-HA-15-2020-1919,SUSE-SLE-Product-HA-15-SP1-2020-1919,SUSE-SLE-Product-HA-15-SP2-2020-1919", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2020_1919-1.json", }, { category: "self", summary: "URL for SUSE-SU-2020:1919-1", url: "https://www.suse.com/support/update/announcement/2020/suse-su-20201919-1/", }, { category: "self", summary: "E-Mail link for SUSE-SU-2020:1919-1", url: "https://lists.suse.com/pipermail/sle-security-updates/2020-July/007132.html", }, { category: "self", summary: "SUSE Bug 1172175", url: "https://bugzilla.suse.com/1172175", }, { category: "self", summary: "SUSE Bug 1172176", url: "https://bugzilla.suse.com/1172176", }, { category: "self", summary: "SUSE CVE CVE-2020-11076 page", url: "https://www.suse.com/security/cve/CVE-2020-11076/", }, { category: "self", summary: "SUSE CVE CVE-2020-11077 page", url: "https://www.suse.com/security/cve/CVE-2020-11077/", }, ], title: "Security update for rubygem-puma", tracking: { current_release_date: "2020-07-15T08:56:27Z", generator: { date: "2020-07-15T08:56:27Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "SUSE-SU-2020:1919-1", initial_release_date: "2020-07-15T08:56:27Z", revision_history: [ { date: "2020-07-15T08:56:27Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "ruby2.5-rubygem-puma-4.3.5-3.3.1.aarch64", product: { name: "ruby2.5-rubygem-puma-4.3.5-3.3.1.aarch64", product_id: "ruby2.5-rubygem-puma-4.3.5-3.3.1.aarch64", }, }, { category: "product_version", name: "ruby2.5-rubygem-puma-doc-4.3.5-3.3.1.aarch64", product: { name: "ruby2.5-rubygem-puma-doc-4.3.5-3.3.1.aarch64", product_id: "ruby2.5-rubygem-puma-doc-4.3.5-3.3.1.aarch64", }, }, ], category: "architecture", name: "aarch64", }, { branches: [ { category: "product_version", name: "ruby2.5-rubygem-puma-4.3.5-3.3.1.i586", product: { name: "ruby2.5-rubygem-puma-4.3.5-3.3.1.i586", product_id: "ruby2.5-rubygem-puma-4.3.5-3.3.1.i586", }, }, { category: "product_version", name: "ruby2.5-rubygem-puma-doc-4.3.5-3.3.1.i586", product: { name: "ruby2.5-rubygem-puma-doc-4.3.5-3.3.1.i586", product_id: "ruby2.5-rubygem-puma-doc-4.3.5-3.3.1.i586", }, }, ], category: "architecture", name: "i586", }, { branches: [ { category: "product_version", name: "ruby2.5-rubygem-puma-4.3.5-3.3.1.ppc64le", product: { name: "ruby2.5-rubygem-puma-4.3.5-3.3.1.ppc64le", product_id: "ruby2.5-rubygem-puma-4.3.5-3.3.1.ppc64le", }, }, { category: "product_version", name: "ruby2.5-rubygem-puma-doc-4.3.5-3.3.1.ppc64le", product: { name: "ruby2.5-rubygem-puma-doc-4.3.5-3.3.1.ppc64le", product_id: "ruby2.5-rubygem-puma-doc-4.3.5-3.3.1.ppc64le", }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "ruby2.5-rubygem-puma-4.3.5-3.3.1.s390x", product: { name: "ruby2.5-rubygem-puma-4.3.5-3.3.1.s390x", product_id: "ruby2.5-rubygem-puma-4.3.5-3.3.1.s390x", }, }, { category: "product_version", name: "ruby2.5-rubygem-puma-doc-4.3.5-3.3.1.s390x", product: { name: "ruby2.5-rubygem-puma-doc-4.3.5-3.3.1.s390x", product_id: "ruby2.5-rubygem-puma-doc-4.3.5-3.3.1.s390x", }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "ruby2.5-rubygem-puma-4.3.5-3.3.1.x86_64", product: { name: "ruby2.5-rubygem-puma-4.3.5-3.3.1.x86_64", product_id: "ruby2.5-rubygem-puma-4.3.5-3.3.1.x86_64", }, }, { category: "product_version", name: "ruby2.5-rubygem-puma-doc-4.3.5-3.3.1.x86_64", product: { name: "ruby2.5-rubygem-puma-doc-4.3.5-3.3.1.x86_64", product_id: "ruby2.5-rubygem-puma-doc-4.3.5-3.3.1.x86_64", }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_name", name: "SUSE Linux Enterprise High Availability Extension 15", product: { name: "SUSE Linux Enterprise High Availability Extension 15", product_id: "SUSE Linux Enterprise High Availability Extension 15", product_identification_helper: { cpe: "cpe:/o:suse:sle-ha:15", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise High Availability Extension 15 SP1", product: { name: "SUSE Linux Enterprise High Availability Extension 15 SP1", product_id: "SUSE Linux Enterprise High Availability Extension 15 SP1", product_identification_helper: { cpe: "cpe:/o:suse:sle-ha:15:sp1", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise High Availability Extension 15 SP2", product: { name: "SUSE Linux Enterprise High Availability Extension 15 SP2", product_id: "SUSE Linux Enterprise High Availability Extension 15 SP2", product_identification_helper: { cpe: "cpe:/o:suse:sle-ha:15:sp2", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "ruby2.5-rubygem-puma-4.3.5-3.3.1.aarch64 as component of SUSE Linux Enterprise High Availability Extension 15", product_id: "SUSE Linux Enterprise High Availability Extension 15:ruby2.5-rubygem-puma-4.3.5-3.3.1.aarch64", }, product_reference: "ruby2.5-rubygem-puma-4.3.5-3.3.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 15", }, { category: "default_component_of", full_product_name: { name: "ruby2.5-rubygem-puma-4.3.5-3.3.1.ppc64le as component of SUSE Linux Enterprise High Availability Extension 15", product_id: "SUSE Linux Enterprise High Availability Extension 15:ruby2.5-rubygem-puma-4.3.5-3.3.1.ppc64le", }, product_reference: "ruby2.5-rubygem-puma-4.3.5-3.3.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 15", }, { category: "default_component_of", full_product_name: { name: "ruby2.5-rubygem-puma-4.3.5-3.3.1.s390x as component of SUSE Linux Enterprise High Availability Extension 15", product_id: "SUSE Linux Enterprise High Availability Extension 15:ruby2.5-rubygem-puma-4.3.5-3.3.1.s390x", }, product_reference: "ruby2.5-rubygem-puma-4.3.5-3.3.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 15", }, { category: "default_component_of", full_product_name: { name: "ruby2.5-rubygem-puma-4.3.5-3.3.1.x86_64 as component of SUSE Linux Enterprise High Availability Extension 15", product_id: "SUSE Linux Enterprise High Availability Extension 15:ruby2.5-rubygem-puma-4.3.5-3.3.1.x86_64", }, product_reference: "ruby2.5-rubygem-puma-4.3.5-3.3.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 15", }, { category: "default_component_of", full_product_name: { name: "ruby2.5-rubygem-puma-4.3.5-3.3.1.aarch64 as component of SUSE Linux Enterprise High Availability Extension 15 SP1", product_id: "SUSE Linux Enterprise High Availability Extension 15 SP1:ruby2.5-rubygem-puma-4.3.5-3.3.1.aarch64", }, product_reference: "ruby2.5-rubygem-puma-4.3.5-3.3.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 15 SP1", }, { category: "default_component_of", full_product_name: { name: "ruby2.5-rubygem-puma-4.3.5-3.3.1.ppc64le as component of SUSE Linux Enterprise High Availability Extension 15 SP1", product_id: "SUSE Linux Enterprise High Availability Extension 15 SP1:ruby2.5-rubygem-puma-4.3.5-3.3.1.ppc64le", }, product_reference: "ruby2.5-rubygem-puma-4.3.5-3.3.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 15 SP1", }, { category: "default_component_of", full_product_name: { name: "ruby2.5-rubygem-puma-4.3.5-3.3.1.s390x as component of SUSE Linux Enterprise High Availability Extension 15 SP1", product_id: "SUSE Linux Enterprise High Availability Extension 15 SP1:ruby2.5-rubygem-puma-4.3.5-3.3.1.s390x", }, product_reference: "ruby2.5-rubygem-puma-4.3.5-3.3.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 15 SP1", }, { category: "default_component_of", full_product_name: { name: "ruby2.5-rubygem-puma-4.3.5-3.3.1.x86_64 as component of SUSE Linux Enterprise High Availability Extension 15 SP1", product_id: "SUSE Linux Enterprise High Availability Extension 15 SP1:ruby2.5-rubygem-puma-4.3.5-3.3.1.x86_64", }, product_reference: "ruby2.5-rubygem-puma-4.3.5-3.3.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 15 SP1", }, { category: "default_component_of", full_product_name: { name: "ruby2.5-rubygem-puma-4.3.5-3.3.1.aarch64 as component of SUSE Linux Enterprise High Availability Extension 15 SP2", product_id: "SUSE Linux Enterprise High Availability Extension 15 SP2:ruby2.5-rubygem-puma-4.3.5-3.3.1.aarch64", }, product_reference: "ruby2.5-rubygem-puma-4.3.5-3.3.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 15 SP2", }, { category: "default_component_of", full_product_name: { name: "ruby2.5-rubygem-puma-4.3.5-3.3.1.ppc64le as component of SUSE Linux Enterprise High Availability Extension 15 SP2", product_id: "SUSE Linux Enterprise High Availability Extension 15 SP2:ruby2.5-rubygem-puma-4.3.5-3.3.1.ppc64le", }, product_reference: "ruby2.5-rubygem-puma-4.3.5-3.3.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 15 SP2", }, { category: "default_component_of", full_product_name: { name: "ruby2.5-rubygem-puma-4.3.5-3.3.1.s390x as component of SUSE Linux Enterprise High Availability Extension 15 SP2", product_id: "SUSE Linux Enterprise High Availability Extension 15 SP2:ruby2.5-rubygem-puma-4.3.5-3.3.1.s390x", }, product_reference: "ruby2.5-rubygem-puma-4.3.5-3.3.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 15 SP2", }, { category: "default_component_of", full_product_name: { name: "ruby2.5-rubygem-puma-4.3.5-3.3.1.x86_64 as component of SUSE Linux Enterprise High Availability Extension 15 SP2", product_id: "SUSE Linux Enterprise High Availability Extension 15 SP2:ruby2.5-rubygem-puma-4.3.5-3.3.1.x86_64", }, product_reference: "ruby2.5-rubygem-puma-4.3.5-3.3.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 15 SP2", }, ], }, vulnerabilities: [ { cve: "CVE-2020-11076", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-11076", }, ], notes: [ { category: "general", text: "In Puma (RubyGem) before 4.3.4 and 3.12.5, an attacker could smuggle an HTTP response, by using an invalid transfer-encoding header. The problem has been fixed in Puma 3.12.5 and Puma 4.3.4.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise High Availability Extension 15 SP1:ruby2.5-rubygem-puma-4.3.5-3.3.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ruby2.5-rubygem-puma-4.3.5-3.3.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:ruby2.5-rubygem-puma-4.3.5-3.3.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:ruby2.5-rubygem-puma-4.3.5-3.3.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP2:ruby2.5-rubygem-puma-4.3.5-3.3.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP2:ruby2.5-rubygem-puma-4.3.5-3.3.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP2:ruby2.5-rubygem-puma-4.3.5-3.3.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP2:ruby2.5-rubygem-puma-4.3.5-3.3.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:ruby2.5-rubygem-puma-4.3.5-3.3.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:ruby2.5-rubygem-puma-4.3.5-3.3.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:ruby2.5-rubygem-puma-4.3.5-3.3.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:ruby2.5-rubygem-puma-4.3.5-3.3.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-11076", url: "https://www.suse.com/security/cve/CVE-2020-11076", }, { category: "external", summary: "SUSE Bug 1172175 for CVE-2020-11076", url: "https://bugzilla.suse.com/1172175", }, { category: "external", summary: "SUSE Bug 1172176 for CVE-2020-11076", url: "https://bugzilla.suse.com/1172176", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise High Availability Extension 15 SP1:ruby2.5-rubygem-puma-4.3.5-3.3.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ruby2.5-rubygem-puma-4.3.5-3.3.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:ruby2.5-rubygem-puma-4.3.5-3.3.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:ruby2.5-rubygem-puma-4.3.5-3.3.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP2:ruby2.5-rubygem-puma-4.3.5-3.3.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP2:ruby2.5-rubygem-puma-4.3.5-3.3.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP2:ruby2.5-rubygem-puma-4.3.5-3.3.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP2:ruby2.5-rubygem-puma-4.3.5-3.3.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:ruby2.5-rubygem-puma-4.3.5-3.3.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:ruby2.5-rubygem-puma-4.3.5-3.3.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:ruby2.5-rubygem-puma-4.3.5-3.3.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:ruby2.5-rubygem-puma-4.3.5-3.3.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.8, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N", version: "3.1", }, products: [ "SUSE Linux Enterprise High Availability Extension 15 SP1:ruby2.5-rubygem-puma-4.3.5-3.3.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ruby2.5-rubygem-puma-4.3.5-3.3.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:ruby2.5-rubygem-puma-4.3.5-3.3.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:ruby2.5-rubygem-puma-4.3.5-3.3.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP2:ruby2.5-rubygem-puma-4.3.5-3.3.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP2:ruby2.5-rubygem-puma-4.3.5-3.3.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP2:ruby2.5-rubygem-puma-4.3.5-3.3.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP2:ruby2.5-rubygem-puma-4.3.5-3.3.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:ruby2.5-rubygem-puma-4.3.5-3.3.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:ruby2.5-rubygem-puma-4.3.5-3.3.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:ruby2.5-rubygem-puma-4.3.5-3.3.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:ruby2.5-rubygem-puma-4.3.5-3.3.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2020-07-15T08:56:27Z", details: "moderate", }, ], title: "CVE-2020-11076", }, { cve: "CVE-2020-11077", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-11077", }, ], notes: [ { category: "general", text: "In Puma (RubyGem) before 4.3.5 and 3.12.6, a client could smuggle a request through a proxy, causing the proxy to send a response back to another unknown client. If the proxy uses persistent connections and the client adds another request in via HTTP pipelining, the proxy may mistake it as the first request's body. Puma, however, would see it as two requests, and when processing the second request, send back a response that the proxy does not expect. If the proxy has reused the persistent connection to Puma to send another request for a different client, the second response from the first client will be sent to the second client. This is a similar but different vulnerability from CVE-2020-11076. The problem has been fixed in Puma 3.12.6 and Puma 4.3.5.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise High Availability Extension 15 SP1:ruby2.5-rubygem-puma-4.3.5-3.3.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ruby2.5-rubygem-puma-4.3.5-3.3.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:ruby2.5-rubygem-puma-4.3.5-3.3.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:ruby2.5-rubygem-puma-4.3.5-3.3.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP2:ruby2.5-rubygem-puma-4.3.5-3.3.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP2:ruby2.5-rubygem-puma-4.3.5-3.3.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP2:ruby2.5-rubygem-puma-4.3.5-3.3.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP2:ruby2.5-rubygem-puma-4.3.5-3.3.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:ruby2.5-rubygem-puma-4.3.5-3.3.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:ruby2.5-rubygem-puma-4.3.5-3.3.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:ruby2.5-rubygem-puma-4.3.5-3.3.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:ruby2.5-rubygem-puma-4.3.5-3.3.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-11077", url: "https://www.suse.com/security/cve/CVE-2020-11077", }, { category: "external", summary: "SUSE Bug 1172175 for CVE-2020-11077", url: "https://bugzilla.suse.com/1172175", }, { category: "external", summary: "SUSE Bug 1172176 for CVE-2020-11077", url: "https://bugzilla.suse.com/1172176", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise High Availability Extension 15 SP1:ruby2.5-rubygem-puma-4.3.5-3.3.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ruby2.5-rubygem-puma-4.3.5-3.3.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:ruby2.5-rubygem-puma-4.3.5-3.3.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:ruby2.5-rubygem-puma-4.3.5-3.3.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP2:ruby2.5-rubygem-puma-4.3.5-3.3.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP2:ruby2.5-rubygem-puma-4.3.5-3.3.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP2:ruby2.5-rubygem-puma-4.3.5-3.3.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP2:ruby2.5-rubygem-puma-4.3.5-3.3.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:ruby2.5-rubygem-puma-4.3.5-3.3.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:ruby2.5-rubygem-puma-4.3.5-3.3.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:ruby2.5-rubygem-puma-4.3.5-3.3.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:ruby2.5-rubygem-puma-4.3.5-3.3.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.8, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N", version: "3.1", }, products: [ "SUSE Linux Enterprise High Availability Extension 15 SP1:ruby2.5-rubygem-puma-4.3.5-3.3.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP1:ruby2.5-rubygem-puma-4.3.5-3.3.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP1:ruby2.5-rubygem-puma-4.3.5-3.3.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP1:ruby2.5-rubygem-puma-4.3.5-3.3.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP2:ruby2.5-rubygem-puma-4.3.5-3.3.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP2:ruby2.5-rubygem-puma-4.3.5-3.3.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP2:ruby2.5-rubygem-puma-4.3.5-3.3.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP2:ruby2.5-rubygem-puma-4.3.5-3.3.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:ruby2.5-rubygem-puma-4.3.5-3.3.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:ruby2.5-rubygem-puma-4.3.5-3.3.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:ruby2.5-rubygem-puma-4.3.5-3.3.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:ruby2.5-rubygem-puma-4.3.5-3.3.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2020-07-15T08:56:27Z", details: "moderate", }, ], title: "CVE-2020-11077", }, ], }
suse-su-2020:1901-1
Vulnerability from csaf_suse
Published
2020-07-14 12:42
Modified
2020-07-14 12:42
Summary
Security update for ansible, ansible1, ardana-ansible, ardana-cluster, ardana-freezer, ardana-input-model, ardana-logging, ardana-mq, ardana-neutron, ardana-octavia, ardana-osconfig, caasp-openstack-heat-templates, crowbar-core, crowbar-openstack, documentation-suse-openstack-cloud, grafana, kibana, openstack-dashboard, openstack-dashboard-theme-HPE, openstack-heat-templates, openstack-keystone, openstack-monasca-agent, openstack-monasca-installer, openstack-neutron, openstack-octavia-amphora-image, python-Django, python-Flask, python-GitPython, python-Pillow, python-amqp, python-apicapi, python-keystoneauth1, python-oslo.messaging, python-psutil, python-pyroute2, python-pysaml2, python-tooz, python-waitress, storm
Notes
Title of the patch
Security update for ansible, ansible1, ardana-ansible, ardana-cluster, ardana-freezer, ardana-input-model, ardana-logging, ardana-mq, ardana-neutron, ardana-octavia, ardana-osconfig, caasp-openstack-heat-templates, crowbar-core, crowbar-openstack, documentation-suse-openstack-cloud, grafana, kibana, openstack-dashboard, openstack-dashboard-theme-HPE, openstack-heat-templates, openstack-keystone, openstack-monasca-agent, openstack-monasca-installer, openstack-neutron, openstack-octavia-amphora-image, python-Django, python-Flask, python-GitPython, python-Pillow, python-amqp, python-apicapi, python-keystoneauth1, python-oslo.messaging, python-psutil, python-pyroute2, python-pysaml2, python-tooz, python-waitress, storm
Description of the patch
This update for ansible, ansible1, ardana-ansible, ardana-cluster, ardana-freezer, ardana-input-model, ardana-logging, ardana-mq, ardana-neutron, ardana-octavia, ardana-osconfig, caasp-openstack-heat-templates, crowbar-core, crowbar-openstack, documentation-suse-openstack-cloud, grafana, kibana, openstack-dashboard, openstack-dashboard-theme-HPE, openstack-heat-templates, openstack-keystone, openstack-monasca-agent, openstack-monasca-installer, openstack-neutron, openstack-octavia-amphora-image, python-Django, python-Flask, python-GitPython, python-Pillow, python-amqp, python-apicapi, python-keystoneauth1, python-oslo.messaging, python-psutil, python-pyroute2, python-pysaml2, python-tooz, python-waitress, storm contains the following fixes:
The update fixes several security issues:
ansible
- CVE-2019-3828: Fixed a path traversal in the fetch module (bsc#1126503).
grafana
- CVE-2020-13379: Fixed an incorrect access control issue which could lead to information
leaks or denial of service (bsc#1172409).
- CVE-2020-12052: Fixed an cross site scripting vulnerability related to the annotation
popup (bsc#1170657).
kibana
- CVE-2020-10743: Fixed a clickjacking vulnerability (bsc#1171909).
python-Django
- CVE-2020-13254: Fixed a data leakage via malformed memcached keys. (bsc#1172167)
- CVE-2020-13596: Fixed a cross site scripting vulnerability related to the admin
parameters of the ForeignKeyRawIdWidget. (bsc#1172166)
python-Flask
- CVE-2019-1010083: Fixed a denial of service via crafted encoded JSON. (bsc#1141968)
python-Pillow
- CVE-2019-16865: Fixed a denial of service with specially crafted
image files. (bsc#1153191)
- CVE-2020-5312: Fixed a buffer overflow in the PCX P mode. (bsc#1160152)
- CVE-2020-5313: Fixed a buffer overflow related to FLI. (bsc#1160153)
- CVE-2019-19911: Fixed a denial of service in FpxImagePlugin.py. (bsc#1160192)
python-psutil
- CVE-2019-18874: Fixed a double free caused by refcount mishandling. (bsc#1156525)
python-pysaml2
- CVE-2020-5390: Fixed an issue with the verification of signatures in SAML documents.
(bsc#1160851)
- CVE-2017-1000246: Fixed an issue with weak encryption data, caused by initialization
vector reuse. (bsc#1068612)
python-waitress (to version 1.4.3)
- CVE-2019-16785: Fixed HTTP request smuggling through LF vs CRLF handling. (bsc#1161088)
- CVE-2019-16786: Fixed HTTP request smuggling through invalid Transfer-Encoding.
(bsc#1161089)
- CVE-2019-16789: Fixed HTTP Request Smuggling through Invalid whitespace characters.
(bsc#1160790)
- CVE-2019-16792: Fixed HTTP Request Smuggling through Content-Length header handling.
(bsc#1161670)
rubygem-activeresource
- CVE-2020-8151: Fixed information disclosure issue via specially crafted requests.
(bsc#1171560)
rubygem-json-1_7
- CVE-2020-10663: Fixed an unsafe object creation vulnerability. (bsc#1167244)
rubygem-puma
- CVE-2020-11077: Fixed a HTTP smuggling issue related to proxy usage. (bsc#1172175)
- CVE-2020-11076: Fixed a HTTP smuggling issue when using an invalid transfer-encoding
header. (bsc#1172176)
Other non-security fixes in in the update below:
Changes in ansible:
- Add 0001-Disallow-use-of-remote-home-directories-containing-..patch
(bsc#1126503, CVE-2019-3828)
Changes in ansible1:
- Add 0001-Disallow-use-of-remote-home-directories-containing-..patch
(bsc#1126503, CVE-2019-3828)
Changes in ardana-ansible:
- Update to version 8.0+git.1589740980.6c3bcdc:
* Reconfigure rabbitmq user permissions on update (SOC-11082)
- Update to version 8.0+git.1588953487.9bfd5cb:
* Fix incorrect prefix used to collect supportconfig files (bsc#1171273)
- Update to version 8.0+git.1585690828.81d8f45:
* Cleanup keystone-ansible (bsc#1108719)
Changes in ardana-cluster:
- Update to version 8.0+git.1585685203.3e71e49:
* Use bool filter to ensure valid boolean evaluation (SOC-11192)
Changes in ardana-freezer:
- Update to version 8.0+git.1586539529.b7d295f:
* Recovering Cloud8 using Freezer or SSH backups if upgrade fails (SOC-10137)
Changes in ardana-input-model:
- Update to version 8.0+git.1589740934.0e0ad61:
* Add default rabbitmq exchange write permissions (SOC-11082)
- Update to version 8.0+git.1586174594.2b92ec3:
* add port neutron security extension to CI models (SOC-11027)
Changes in ardana-logging:
- Update to version 8.0+git.1591194866.b7375d0:
* kibana: set x-frame-options header (bsc#1171909)
- Update to version 8.0+git.1586179244.ae61f62:
* Fix YAMLLoadWarning: calling yaml.load() without Loader (bsc#1168593)
Changes in ardana-mq:
- Update to version 8.0+git.1589715269.62ad6df:
* Don't mirror reply queues (SOC-10317)
- Update to version 8.0+git.1586784724.586343d:
* Actually fail if sync HA queues retries exceeded (SOC-11083)
Changes in ardana-neutron:
- Update to version 8.0+git.1590756744.ba84abc:
* Update L3 rootwrap filters (SOC-11306)
- Update to version 8.0+git.1587737509.4e09de3:
* Add network.target 'After' option (bsc#1169770)
- Update to version 8.0+git.1586546152.e7bc07f:
* Add neutron-common role dependencies (SOC-10875)
- Update to version 8.0+git.1586543712.62bb5a3:
* Fix neutron-ovsvapp-agent status (SOC-10637)
- Update to version 8.0+git.1586535447.55769df:
* Improve neutron service restart limit handling (SOC-8746)
- Update to version 8.0+git.1586519528.a28db53:
* Correctly setup ardana_notify_... fact (SOC-10902)
Changes in ardana-octavia:
- Update to version 8.0+git.1590100427.cf4cc8f:
* fix octavia to glance communication over internal endpoint (SOC-11294)
Changes in ardana-osconfig:
- Update to version 8.0+git.1587034587.eac37b8:
* Include SLE 12 SP3 LTSS repos in list of managed repos (SOC-11223)
Changes in caasp-openstack-heat-templates:
- Switch github URL from git@ to git:// to bypass authentication
Changes in crowbar-core:
- Update to version 5.0+git.1593156248.55bbdb26d:
* Ignore CVE-8184 (SOC-11299)
* Ignore latest ruby-related CVEs in the CI (SOC-11299)
- Update to version 5.0+git.1589804984.44a89be24:
* provisioner: Fix ssh key validation (SOC-11126)
* assign host to hostless keys (noref)
Changes in crowbar-openstack:
- Update to version 5.0+git.1593085772.64c4ab43c:
* monasca: Prevent deploying monasca-server to the node in pacemaker cluster (SOC-6354)
- Update to version 5.0+git.1591171674.1f299cd1c:
* Restore undeprecated nova dhcp_domain option (bsc#1171594)
- Update to version 5.0+git.1591104265.683d76534:
* [5.0] Fix availability zone script (bsc#1171661)
- Update to version 5.0+git.1590398068.f5cfacc12:
* nova: only create nonexistent cell1
- Update to version 5.0+git.1590150829.e86326d03:
* [5.0] Tempest: enable test_volume_boot_pattern test (SOC-10874)
- Update to version 5.0+git.1589814633.23fde86ab:
* rabbitmq: sync startup definitions.json with recipe (SOC-11077,SOC-11274)
- Update to version 5.0+git.1589647291.73c7f1cb6:
* [5.0] trove: fix rabbitmq connection URL (SOC-11286)
- Update to version 5.0+git.1589214669.8332efff3:
* Fix monasca libvirt ping checks (bsc#1107190)
- Update to version 5.0+git.1588271874.90adebc7a:
* run keystone_register on cluster founder only when HA (SOC-11248)
* nova: run keystone_register on cluster founder only (SOC-11243)
- Update to version 5.0+git.1588059034.3823515b7:
* tempest: retry openstack commands (SOC-11238)
- Update to version 5.0+git.1587403360.c43cd9905:
* tempest: disable block migration when using RBD (SOC-11176)
- Update to version 5.0+git.1586293860.901cb0f55:
* monasca: disable postgres backend monitoring by default (SOC-11190)
- Update to version 5.0+git.1585659861.c29fac257:
* magnum: Populate SSL configuration (SOC-9849)
* magnum: Add SSL support (SOC-9849)
* nova: Populate cinder SES settings early (SOC-11179)
Changes in documentation-suse-openstack-cloud:
- Update to version 8.20200527:
* Update Travis config: new container name (noref)
- Update to version 8.20200417:
* Recovering Cloud8 using Freezer or SSH backups if upgrade fails (SOC-10137)
- Update to version 8.20200326:
* Clarify wipe_disks does not affect non-OS partitions (bsc#1092420)
Changes in grafana:
- Add CVE-2020-13379.patch
* Security: fix unauthorized avatar proxying (bsc#1172409, CVE-2020-13379)
- Refresh systemd-notification.patch
- Fix declaration for LICENSE
- Add 0002-CVE-2020-12052-bsc1170657-XSS-annotation-popup-vulnerability.patch
* Security: Fix annotation popup XSS vulnerability
(bsc#1170657)
- Add CVE-2019-15043.patch (SOC-10357, CVE-2019-15043, bsc#11483483)
Changes in kibana:
- Add 0001-Configurable-custom-response-headers-for-server.patch
(bsc#1171909, CVE-2020-10743)
Changes in openstack-dashboard:
- Update to version horizon-12.0.5.dev3:
* Fix typo in publicize\_image policy name
Changes in openstack-dashboard-theme-HPE:
- Switch github URL from git@ to https:// to bypass authentication
Changes in openstack-heat-templates:
- Update to version 0.0.0+git.1582270132.8a20477:
* Drop use of git.openstack.org
* Add sample templates for Blazar
Changes in openstack-keystone:
- Update to version keystone-12.0.4.dev11:
* Fix security issues with EC2 credentials
- Update to version keystone-12.0.4.dev10:
* Check timestamp of signed EC2 token request
* Ensure OAuth1 authorized roles are respected
- Update to version keystone-12.0.4.dev6:
* Remove neutron-grenade job
Changes in openstack-keystone:
- Update to version keystone-12.0.4.dev11:
* Fix security issues with EC2 credentials
- Update to version keystone-12.0.4.dev10:
* Check timestamp of signed EC2 token request
* Ensure OAuth1 authorized roles are respected
- Update to version keystone-12.0.4.dev6:
* Remove neutron-grenade job
Changes in openstack-monasca-agent:
- update to version 2.2.6~dev4
- Add debug output for libvirt ping checks
- Lockdown /bin/ip permissions for the monasca-agent (bsc#1107190)
- add addtional arguments to /bin/ip in sudoers
- Fix missing sudo privleges (bsc#1107190)
- add /bin/ip and /usr/bin/ovs-vsctl to monasca-agent sudoers
- removed 0001-Avoid-overwriting-sys.path-ip-command.patch
- update to version 2.2.6~dev3
- Do not copy /sbin/ip to /usr/bin/monasa-agent-ip
- update to version 2.2.6~dev2
- Remove incorrect assignment of ping_cmd to 'True'
- update to version 2.2.6~dev1
- Update hacking version to 1.1.x
Changes in openstack-monasca-installer:
- Add 0001-kibana:-set-x-frame-options-header.patch (bsc#1171909,
CVE-2020-10743)
Changes in openstack-neutron:
- Update to version neutron-11.0.9.dev65:
* Revert iptables TCP checksum-fill code
- Update to version neutron-11.0.9.dev64:
* [Pike-only]: make grenade jobs non-voting
Changes in openstack-neutron:
- Update to version neutron-11.0.9.dev65:
* Revert iptables TCP checksum-fill code
- Update to version neutron-11.0.9.dev64:
* [Pike-only]: make grenade jobs non-voting
Changes in openstack-octavia-amphora-image:
- Update image to 0.1.4 to include latest changes
Changes in python-Django:
- Security fixes (bsc#1172167, bsc#1172166, CVE-2020-13254, CVE-2020-13596)
* Added patch CVE-2020-13254-1.8.19.patch
* Added patch CVE-2020-13596-1.8.19.patch
Changes in python-Flask:
- Apply patch to resolve CVE-2019-1010083 (bsc#1141968)
- 0001-detect-UTF-encodings-when-loading-json.patch
Changes in python-GitPython:
- Require git-core instead of git
Changes in python-Pillow:
- Remove decompression_bomb.gif and relevant test case to avoid
ClamAV scan alerts during build
- Add 001-Corrected-negative-seeks.patch
* From upstream, backported
* Fixes part of CVE-2019-16865, bsc#1153191
- Add 002-Added-DecompressionBombError.patch
* From upstream, backported
* Adds DecompressionBombError class
* Used by 003-Added-decompression-bomb-checks.patch
- Add 003-Added-decompression-bomb-checks.patch
* From upstream, backported
* Fixes part of CVE-2019-16865, bsc#1153191
- Add 004-Raise-error-if-dimension-is-a-string.patch
* From upstream, backported
* Fixes part of CVE-2019-16865, bsc#1153191
- Add 005-Catch-buffer-overruns.patch
* From upstream, backported
* Fixes part of CVE-2019-16865, bsc#1153191
- Add 006-Catch-PCX-P-mode-buffer-overrun.patch
* From upstream, backported
* Fixes CVE-2020-5312, bsc#1160152
- Add 007-Test-animated-FLI-file.patch
* From upstream, backported
* Adds test animated FLI file
* Used by 008-Ensure-previous-FLI-frame-is-loaded.patch
- Add 008-Ensure-previous-FLI-frame-is-loaded.patch
* From upstream, backported
* Fixes https://github.com/python-pillow/Pillow/issues/2649
* Uncovers CVE-2020-5313, bsc#1160153
- Add 009-Catch-FLI-buffer-overrun.patch
* From upstream, backported
* Fixes CVE-2020-5313, bsc#1160153
- Add 010-Invalid-number-of-bands-in-FPX-image.patch
* From upstream, backported
* Fixes CVE-2019-19911, bsc#1160192
Changes in python-amqp:
- Add python-devel as build dependecy
* Required when building against python 2.7.17
Changes in python-apicapi:
- Add python-devel as build dependecy
* Required when building against python 2.7.17
Changes in python-keystoneauth1:
- switch to tracking stable/pike tarball
- disable renderspec
- update to version 3.1.2.dev2
- Make tests pass in 2020
- OpenDev Migration Patch
- import zuul job settings from project-config into stable/pike
- Remove tox_install.sh
- import zuul job settings from project-config
- Update UPPER_CONSTRAINTS_FILE for stable/pike into stable/pike
- Update .gitreview for stable/pike into stable/pike
- Updated from global requirements
- Update UPPER_CONSTRAINTS_FILE for stable/pike
- Update .gitreview for stable/pike
Changes in python-oslo.messaging:
- added 0001-Use-default-exchange-for-direct-messaging.patch
(SOC-11082, SOC-11274, bsc#1159046)
- Add 0001-Retry-to-declare-a-queue-after-internal-error.patch (bsc#1123872)
After receiving 'AMQP internal error 541', retry to create the queue after a delay.
Changes in python-psutil:
- Add bsc1156525-CVE-2019-18874.patch (bsc#1156525, CVE-2019-18874))
Changes in python-pyroute2:
- netns: fix NetNS resource leakage (#504) (bsc#1164322)
Changes in python-pysaml2:
- Add 0001-Always-generate-a-random-IV-for-AES-operations.patch
(CVE-2017-1000246, bsc#1068612)
- Add 0001-Fix-XML-Signature-Wrapping-XSW-vulnerabilities.patch
(CVE-2020-5390, bsc#1160851)
Changes in python-tooz:
- update to version 1.58.1
- Update .gitreview for stable/pike
- import zuul job settings from project-config
- Add doc/requirements.txt
- Fix sphinx-docs job for stable branch
Changes in python-waitress:
- update to 1.4.3 to include fixes for:
* CVE-2019-16785 / bsc#1161088
* CVE-2019-16786 / bsc#1161089
* CVE-2019-16789 / bsc#1160790
* CVE-2019-16792 / bsc#1161670
- make sure UTF8 locale is used when runnning tests
* Sometimes functional tests executed in python3 failed if stdout was not
set to UTF-8. The error message was:
ValueError: underlying buffer has been detached
- %python3_only -> %python_alternative
- update to 1.4.3
* Waitress did not properly validate that the HTTP headers it received
were properly formed, thereby potentially allowing a front-end server
to treat a request different from Waitress. This could lead to HTTP
request smuggling/splitting.
- drop patch local-intersphinx-inventories.patch
* it was commented out, anyway
- update to 1.4.0:
- Waitress used to slam the door shut on HTTP pipelined requests without
setting the ``Connection: close`` header as appropriate in the response. This
is of course not very friendly. Waitress now explicitly sets the header when
responding with an internally generated error such as 400 Bad Request or 500
Internal Server Error to notify the remote client that it will be closing the
connection after the response is sent.
- Waitress no longer allows any spaces to exist between the header field-name
and the colon. While waitress did not strip the space and thereby was not
vulnerable to any potential header field-name confusion, it should have sent
back a 400 Bad Request. See https://github.com/Pylons/waitress/issues/273
- CRLR handling Security fixes
- update to 1.3.1
* Waitress won’t accidentally throw away part of the path if it
starts with a double slash
- version update to 1.3.0
Deprecations
~~~~~~~~~~~~
- The ``send_bytes`` adjustment now defaults to ``1`` and is deprecated
pending removal in a future release.
and https://github.com/Pylons/waitress/pull/246
Features
~~~~~~~~
- Add a new ``outbuf_high_watermark`` adjustment which is used to apply
backpressure on the ``app_iter`` to avoid letting it spin faster than data
can be written to the socket. This stabilizes responses that iterate quickly
with a lot of data.
See https://github.com/Pylons/waitress/pull/242
- Stop early and close the ``app_iter`` when attempting to write to a closed
socket due to a client disconnect. This should notify a long-lived streaming
response when a client hangs up.
See https://github.com/Pylons/waitress/pull/238
and https://github.com/Pylons/waitress/pull/240
and https://github.com/Pylons/waitress/pull/241
- Adjust the flush to output ``SO_SNDBUF`` bytes instead of whatever was
set in the ``send_bytes`` adjustment. ``send_bytes`` now only controls how
much waitress will buffer internally before flushing to the kernel, whereas
previously it used to also throttle how much data was sent to the kernel.
This change enables a streaming ``app_iter`` containing small chunks to
still be flushed efficiently.
See https://github.com/Pylons/waitress/pull/246
Bugfixes
~~~~~~~~
- Upon receiving a request that does not include HTTP/1.0 or HTTP/1.1 we will
no longer set the version to the string value 'None'. See
https://github.com/Pylons/waitress/pull/252 and
https://github.com/Pylons/waitress/issues/110
- When a client closes a socket unexpectedly there was potential for memory
leaks in which data was written to the buffers after they were closed,
causing them to reopen.
See https://github.com/Pylons/waitress/pull/239
- Fix the queue depth warnings to only show when all threads are busy.
See https://github.com/Pylons/waitress/pull/243
and https://github.com/Pylons/waitress/pull/247
- Trigger the ``app_iter`` to close as part of shutdown. This will only be
noticeable for users of the internal server api. In more typical operations
the server will die before benefiting from these changes.
See https://github.com/Pylons/waitress/pull/245
- Fix a bug in which a streaming ``app_iter`` may never cleanup data that has
already been sent. This would cause buffers in waitress to grow without
bounds. These buffers now properly rotate and release their data.
See https://github.com/Pylons/waitress/pull/242
- Fix a bug in which non-seekable subclasses of ``io.IOBase`` would trigger
an exception when passed to the ``wsgi.file_wrapper`` callback.
See https://github.com/Pylons/waitress/pull/249
- Trim marketing wording and other platform mentions.
- Add fetch-intersphinx-inventories.sh to sources
- Add local-intersphinx-inventories.patch for generating the docs
correctly
- update to version 1.2.1:
too many changes to list here, see:
https://github.com/Pylons/waitress/blob/master/CHANGES.txt
or even:
https://github.com/Pylons/waitress/commits/master
- Remove superfluous devel dependency for noarch package
- update to version 1.1.0:
* Features
+ Waitress now has a __main__ and thus may be called with 'python
-mwaitress'
* Bugfixes
+ Waitress no longer allows lowercase HTTP verbs. This change was
made to fall in line with most HTTP servers. See
https://github.com/Pylons/waitress/pull/170
+ When receiving non-ascii bytes in the request URL, waitress will
no longer abruptly close the connection, instead returning a 400
Bad Request. See https://github.com/Pylons/waitress/pull/162 and
https://github.com/Pylons/waitress/issues/64
- Update to 1.0.2
* Python 3.6 is now officially supported in Waitress
* Add a work-around for libc issue on Linux not following the
documented standards. If getnameinfo() fails because of DNS not
being available it should return the IP address instead of the
reverse DNS entry, however instead getnameinfo() raises. We
catch this, and ask getnameinfo() for the same information
again, explicitly asking for IP address instead of reverse
DNS hostname.
- Implement single-spec version.
- Fix source URL.
- update to 1.0.1:
- IPv6 support on Windows was broken due to missing constants in the socket
module. This has been resolved by setting the constants on Windows if they
are missing. See https://github.com/Pylons/waitress/issues/138
- A ValueError was raised on Windows when passing a string for the port, on
Windows in Python 2 using service names instead of port numbers doesn't work
with `getaddrinfo`. This has been resolved by attempting to convert the port
number to an integer, if that fails a ValueError will be raised. See
https://github.com/Pylons/waitress/issues/139
- Removed `AI_ADDRCONFIG` from the call to `getaddrinfo`, this resolves an
issue whereby `getaddrinfo` wouldn't return any addresses to `bind` to on
hosts where there is no internet connection but localhost is requested to be
bound to. See https://github.com/Pylons/waitress/issues/131 for more
information.
- disable tests. need network access.
Changes in storm:
- update to 1.1.3:
* 1.1.3:
* [STORM-3026] - Upgrade ZK instance for security
* [STORM-3027] - Make Impersonation Optional
* [STORM-3011] - Use default bin path in flight.bash if $JAVA_HOME is undefined
* [STORM-3039] - Ports of killed topologies remain in TIME_WAIT state preventing to start new topology
* [STORM-2911] - SpoutConfig is serializable but does not declare a serialVersionUID field
* [STORM-2978] - The fix for STORM-2706 is broken, and adds a transitive dependency on Zookeeper 3.5.3-beta for projects that depend on e.g. storm-kafka
* [STORM-2979] - WorkerHooks EOFException during run_worker_shutdown_hooks
* [STORM-2981] - Upgrade Curator to lastest patch version
* [STORM-2985] - Add jackson-annotations to dependency management
* [STORM-2989] - LogCleaner should preserve current worker.log.metrics
* [STORM-2994] - KafkaSpout consumes messages but doesn't commit offsets
* [STORM-3043] - NullPointerException thrown in SimpleRecordTranslator.apply()
* [STORM-3052] - Let blobs un archive
* [STORM-3059] - KafkaSpout throws NPE when hitting a null tuple if the processing guarantee is not AT_LEAST_ONCE
* [STORM-2960] - Better to stress importance of setting up proper OS account for Storm processes
* [STORM-3060] - Configuration mapping between storm-kafka & storm-kafka-client
* [STORM-2952] - Deprecate storm-kafka in 1.x
* [STORM-3005] - [DRPC] LinearDRPCTopologyBuilder shouldn't be deprecated
* [STORM-2841] - testNoAcksIfFlushFails UT fails with NullPointerException
* 1.1.2:
* [STORM-2512] - Change KafkaSpoutConfig in storm-kafka-client to make it work with flux
* [STORM-2616] - Document the built in metrics (just in time to replace them???)
* [STORM-2657] - Update SECURITY.MD
* [STORM-2663] - Backport STORM-2558 and deprecate storm.cmd on 1.x-branch
* [STORM-2712] - accept arbitrary number of rows per tuple in storm-cassandra
* [STORM-2775] - Improve KafkaPartition Metric Names
* [STORM-2807] - Integration test should shut down topologies immediately after the test
* [STORM-2862] - More flexible logging in multilang (Python, Ruby, JS)
* [STORM-2877] - Introduce an option to configure pagination in Storm UI
* [STORM-2917] - Check the config(nimbus.host) before using it to connect
* [STORM-2231] - NULL in DisruptorQueue while multi-threaded ack
* [STORM-2426] - First tuples fail after worker is respawn
* [STORM-2500] - waitUntilReady in PacemakerClient cannot be invoked
* [STORM-2525] - Fix flaky integration tests
* [STORM-2535] - test-reset-timeout is flaky. Replace with a more reliable test.
* [STORM-2541] - Manual partition assignment doesn't work
* [STORM-2607] - [kafka-client] Consumer group every time with lag 1
* [STORM-2642] - Storm-kafka-client spout cannot be serialized when using manual partition assignment
* [STORM-2660] - The Nimbus storm-local directory is relative to the working directory of the shell executing 'storm nimbus'
* [STORM-2666] - Storm-kafka-client spout can sometimes emit messages that were already committed.
* [STORM-2674] - NoNodeException when ZooKeeper tries to delete nodes
* [STORM-2677] - consider all sampled tuples which took greater than 0 ms processing time
* [STORM-2682] - Supervisor crashes with NullPointerException
* [STORM-2690] - resurrect invocation of ISupervisor.assigned() & make Supervisor.launchDaemon() accessible
* [STORM-2695] - BlobStore uncompress argument should be Boolean
* [STORM-2705] - DRPCSpout sleeps twice when idle
* [STORM-2706] - Nimbus stuck in exception and does not fail fast
* [STORM-2724] - ExecutorService in WaterMarkEventGenerator never shutdown
* [STORM-2736] - o.a.s.b.BlobStoreUtils [ERROR] Could not update the blob with key
* [STORM-2750] - fix double_checked locking
* [STORM-2751] - Remove AsyncLoggingContext from Supervisor
* [STORM-2764] - HDFSBlobStore leaks file system objects
* [STORM-2769] - Fast-fail if output stream Id is null
* [STORM-2771] - Some tests are being run twice
* [STORM-2779] - NPE on shutting down WindowedBoltExecutor
* [STORM-2786] - Ackers leak tracking info on failure and lots of other cases.
* [STORM-2810] - Storm-hdfs tests are leaking resources
* [STORM-2811] - Nimbus may throw NPE if the same topology is killed multiple times, and the integration test kills the same topology multiple times
* [STORM-2814] - Logviewer HTTP server should return 403 instead of 200 if the user is unauthorized
* [STORM-2815] - UI HTTP server should return 403 if the user is unauthorized
* [STORM-2833] - Cached Netty Connections can have different keys for the same thing.
* [STORM-2853] - Deactivated topologies cause high cpu utilization
* [STORM-2855] - Travis build doesn't work after update of Ubuntu image
* [STORM-2856] - Make Storm build work on post 2017Q4 Travis Trusty image
* [STORM-2868] - Address handling activate/deactivate in multilang module files
* [STORM-2870] - FileBasedEventLogger leaks non-daemon ExecutorService which prevents process to be finished
* [STORM-2876] - Some storm-hdfs tests fail with out of memory periodically
* [STORM-2879] - Supervisor collapse continuously when there is a expired assignment for overdue storm
* [STORM-2892] - Flux test fails to parse valid PATH environment variable
* [STORM-2894] - fix some random typos in tests
* [STORM-2912] - Tick tuple is being shared without resetting start time and incur side-effect to break metrics
* [STORM-2918] - Upgrade Netty version
* [STORM-2942] - Remove javadoc and source jars from toollib directory in binary distribution
* [STORM-2874] - Minor style improvements to backpressure code
* [STORM-2858] - Fix worker-launcher build
* 1.1.1:
* STORM-2659: Add daemon.name variable to storm.cmd to fix log4j logging
* STORM-2652: fix error in open method of JmsSpout
* STORM-2645: Update storm.py to be python3 compatible
* STORM-2621: add tuple_population metric
* STORM-2639: Kafka Spout incorrectly computes numCommittedOffsets due to voids in the topic (topic compaction)
* STORM-2544: Fixing issue in acking of tuples that hit retry limit under manual commit mode
* STORM-2618: Add TridentKafkaStateUpdater for storm-kafka-client
* STORM-2608: Remove any pending offsets that are no longer valid
* STORM-2503: Fix lgtm.com alerts on equality and comparison operations
* STORM-2478: Fix BlobStoreTest.testDeleteAfterFailedCreate on Windows
* STORM-2602: storm.zookeeper.topology.auth.payload doesn't work even you set it
* STORM-2597: Don't parse passed in class paths
* STORM-2564: We should provide a template for storm-cluster-auth.yaml
* STORM-2568: Fix getTopicsString
* STORM-2563: Remove the workaround to handle missing UGI.loginUserFromSubject
* STORM-2552: KafkaSpoutMessageId should be serializable
* STORM-2562: Use stronger key size than default for blow fish key generator and get rid of stack trace
* STORM-2557: A bug in DisruptorQueue causing severe underestimation of queue arrival rates
* STORM-2449: Ensure same key appears only once in State iterator
* STORM-2516: Fix timing issues with testPrepareLateTupleStreamWithoutBuilder
* STORM-2489: Overlap and data loss on WindowedBolt based on Duration
* STORM-2528: Bump log4j version to 2.8.2
* STORM-2527: Initialize java.sql.DriverManager earlier to avoid deadlock
* STORM-2413: Make new Kafka spout respect tuple retry limits
* STORM-2518: Handles empty name for 'USER type' ACL when normalizing ACLs
* STORM-2511: Submitting a topology with name containing unicode getting failed
* STORM-2496: Dependency artifacts should be uploaded to blobstore with READ permission for all
* STORM-2505: Spout to support topic compaction
* STORM-2498: Fix Download Full File link
* STORM-2343: New Kafka spout can stop emitting tuples if more than maxUncommittedOffsets tuples fail at once.
* STORM-2486: Prevent cd from printing target directory to avoid breaking classpath
* STORM-2488: The UI user Must be HTTP.
* STORM-2481: Upgrade Aether version to resolve Aether bug BUG-451566
* STORM-2435: Logging in storm.js inconsistent to console.log and does not support log levels
* STORM-2315: New kafka spout can't commit offset when ack is disabled
* STORM-2467: Use explicit charset when decoding from array backed buffer
* STORM-1114: Race condition in trident zookeeper zk-node create/delete
* STORM-2448: Add in Storm and JDK versions when submitting a topology
* STORM-2343: Fix new Kafka spout stopping processing if more than maxUncommittedOffsets tuples fail at once
* STORM-2431: the default blobstore.dir is storm.local.dir/blobs which is different from distcache-blobstore.md
* STORM-2429: Properly validate supervisor.scheduler.meta
* STORM-2451: windows storm.cmd does not set log4j2 config file correctly by default
* STORM-2450: Write resources into correct local director
* STORM-2440: Kill process if executor catches java.net.SocketTimeoutException
* STORM-2432: Storm-Kafka-Client Trident Spout Seeks Incorrect Offset With UNCOMMITTED_LATEST Strategy
* 1.1.0:
* STORM-2425: Storm Hive Bolt not closing open transactions
* STORM-2409: Storm-Kafka-Client KafkaSpout Support for Failed and NullTuples
* STORM-2423: Join Bolt should use explicit instead of default window anchoring for emitted tuples
* STORM-2416: Improve Release Packaging to Reduce File Size
* STORM-2414: Skip checking meta's ACL when subject has write privileges for any blobs
* STORM-2038: Disable symlinks with a config option
* STORM-2240: STORM PMML Bolt - Add Support to Load Models from Blob Store
* STORM-2412: Nimbus isLeader check while waiting for max replication
* STORM-2408: build failed if storm.kafka.client.version = 0.10.2.0
* STORM-2403: Fix KafkaBolt test failure: tick tuple should not be acked
* STORM-2361: Kafka spout - after leader change, it stops committing offsets to ZK
* STORM-2353: Replace kafka-unit by kafka_2.11 and kafka-clients to test kafka-clients:0.10.1.1
* STORM-2387: Handle tick tuples properly for Bolts in external modules
* STORM-2345: Type mismatch in ReadClusterState's ProfileAction processing Map
* STORM-2400: Upgraded Curator to 2.12.0 and made respective API changes
* STORM-2396: setting interrupted status back before throwing a RuntimeException
* STORM-1772: Adding Perf module with topologies for measuring performance
* STORM-2395: storm.cmd supervisor calls the wrong class name
* STORM-2391: Move HdfsSpoutTopology from storm-starter to storm-hdfs-examples
* STORM-2389: Avoid instantiating Event Logger when topology.eventlogger.executors=0
* STORM-2386: Fail-back Blob deletion also fails in BlobSynchronizer.syncBlobs.
* STORM-2388: JoinBolt breaks compilation against JDK 7
* STORM-2374: Storm Kafka Client Test Topologies Must be Serializable
* STORM-2372: Pacemaker client doesn't clean up heartbeats properly
* STORM-2326: Upgrade log4j and slf4j
* STORM-2334: Join Bolt implementation
* STORM-1363: TridentKafkaState should handle null values from TridentTupleToKafkaMapper.getMessageFromTuple()
* STORM-2365: Support for specifying output stream in event hubs spout
* STORM-2250: Kafka spout refactoring to increase modularity and testability
* STORM-2340: fix AutoCommitMode issue in KafkaSpout
* STORM-2344: Flux YAML File Viewer for Nimbus UI
* STORM-2350: Storm-HDFS's listFilesByModificationTime is broken
* STORM-2270 Kafka spout should consume from latest when ZK partition commit offset bigger than the latest offset
* STORM-1464: storm-hdfs support for multiple output files and partitioning
* STORM-2320: DRPC client printer class reusable for local and remote DRPC
* STORM-2281: Running Multiple Kafka Spouts (Trident) Throws Illegal State Exception
* STORM-2296: Kafka spout no dup on leader changes
* STORM-2244: Some shaded jars doesn't exclude dependency signature files
* STORM-2014: New Kafka spout duplicates checking if failed messages have reached max retries
* STORM-1443: [Storm SQL] Support customizing parallelism in StormSQL
* STORM-2148: [Storm SQL] Trident mode: back to code generate and compile Trident topology
* STORM-2331: Emitting from JavaScript should work when not anchoring.
* STORM-2225: change spout config to be simpler.
* STORM-2323: Precondition for Leader Nimbus should check all topology blobs and also corresponding dependencies
* STORM-2330: Fix storm sql code generation for UDAF with non standard sql types
* STORM-2298: Don't kill Nimbus when ClusterMetricsConsumer is failed to initialize
* STORM-2301: [storm-cassandra] upgrade cassandra driver to 3.1.2
* STORM-1446: Compile the Calcite logical plan to Storm Trident logical plan
* STORM-2303: [storm-opentsdb] Fix list invariant issue for JDK 7
* STORM-2236: storm kafka client should support manual partition management
* STORM-2295: KafkaSpoutStreamsNamedTopics should return output fields with predictable ordering
* STORM-2300: [Flux] support list of references
* STORM-2297: [storm-opentsdb] Support Flux for OpenTSDBBolt
* STORM-2294: Send activate and deactivate command to ShellSpout
* STORM-2280: Upgrade Calcite version to 1.11.0
* STORM-2278: Allow max number of disruptor queue flusher threads to be configurable
* STORM-2277: Add shaded jar for Druid connector
* STORM-2274: Support named output streams in Hdfs Spout
* STORM-2204: Adding caching capabilities in HBaseLookupBolt
* STORM-2267: Use user's local maven repo. directory to local repo.
* STORM-2254: Provide Socket time out for nimbus thrift client
* STORM-2200: [Storm SQL] Drop Aggregate & Join support on Trident mode
* STORM-2266: Close NimbusClient instances appropriately
* STORM-2203: Add a getAll method to KeyValueState interface
* STORM-1886: Extend KeyValueState iface with delete
* STORM-2022: update Fields test to match new behavior
* STORM-2020: Stop using sun internal classes
* STORM-1228: port fields_test to java
* STORM-2104: New Kafka spout crashes if partitions are reassigned while tuples are in-flight
* STORM-2257: Add built in support for sum function with different types.
* STORM-2082: add sql external module storm-sql-hdfs
* STORM-2256: storm-pmml breaks on java 1.7
* STORM-2223: PMML Bolt.
* STORM-2222: Repeated NPEs thrown in nimbus if rebalance fails
* STORM-2190: reduce contention between submission and scheduling
* STORM-2239: Handle InterruptException in new Kafka spout
* STORM-2087: Storm-kafka-client: Failed tuples are not always replayed
* STORM-2238: Add Timestamp extractor for windowed bolt
* STORM-2235: Introduce new option: 'add remote repositories' for dependency resolver
* STORM-2215: validate blobs are present before submitting
* STORM-2170: [Storm SQL] Add built-in socket datasource to runtime
* STORM-2226: Fix kafka spout offset lag ui for kerberized kafka
* STORM-2224: Exposed a method to override in computing the field from given tuple in FieldSelector
* STORM-2220: Added config support for each bolt in Cassandra bolts, fixed the bolts to be used also as sinks.
* STORM-2205: Racecondition in getting nimbus summaries while ZK connectionions are reconnected
* STORM-2182: Refactor Storm Kafka Examples Into Own Modules.
* STORM-1694: Kafka Spout Trident Implementation Using New Kafka Consumer API
* STORM-2173: [SQL] Support CSV as input / output format
* STORM-2177: [SQL] Support TSV as input / output format
* STORM-2172: [SQL] Support Avro as input / output format
* STORM-2185: Storm Supervisor doesn't delete directories properly sometimes
* STORM-2103: [SQL] Introduce new sql external module: storm-sql-mongodb
* STORM-2175: fix double close of workers
* STORM-2109: Under supervisor V2 SUPERVISOR_MEMORY_CAPACITY_MB and SUPERVISOR_CPU_CAPACITY must be Doubles
* STORM-2110: in supervisor v2 filter out empty command line args
* STORM-2117: Supervisor V2 with local mode extracts resources directory to topology root directory instead of temporary directory
* STORM-2131: Add blob command to worker-launcher, make stormdist directory not writeable by topo owner
* STORM-2018: Supervisor V2
* STORM-2139: Let ShellBolts and ShellSpouts run with scripts from blobs
* STORM-2072: Add map, flatMap with different outputs (T->V) in Trident
* STORM-2134: improving the current scheduling strategy for RAS
* STORM-2125: Use Calcite's implementation of Rex Compiler
* STORM-1546: Adding Read and Write Aggregations for Pacemaker to make it HA compatible
* STORM-1444: Support EXPLAIN statement in StormSQL
* STORM-2099: Introduce new sql external module: storm-sql-redis
* STORM-2097: Improve logging in trident core and examples
* STORM-2144: Fix Storm-sql group-by behavior in standalone mode
* STORM-2066: make error message in IsolatedPool.java more descriptive
* STORM-1870: Allow FluxShellBolt/Spout set custom 'componentConfig' via yaml
* STORM-2126: fix NPE due to race condition in compute-new-sched-assign…
* STORM-2124: show requested cpu mem for each component
* STORM-2089: Replace Consumer of ISqlTridentDataSource with SqlTridentConsumer
* STORM-2118: A few fixes for storm-sql standalone mode
* STORM-2105: Cluster/Supervisor total and available resources displayed in the UI
* STORM-2078: enable paging in worker datatable
* STORM-1664: Allow Java users to start a local cluster with a Nimbus Thrift server.
* STORM-1872: Release Jedis connection when topology shutdown
* STORM-2100: Fix Trident SQL join tests to not rely on ordering
* STORM-1837: Fix complete-topology and prevent message loss
* STORM-2098: DruidBeamBolt: Pass DruidConfig.Builder as constructor argument
* STORM-2092: optimize TridentKafkaState batch sending
* STORM-1979: Storm Druid Connector implementation.
* STORM-2057: Support JOIN statement in Storm SQL
* STORM-1970: external project examples refator
* STORM-2074: fix storm-kafka-monitor NPE bug
* STORM-1459: Allow not specifying producer properties in read-only Kafka table in StormSQL
* STORM-2052: Kafka Spout New Client API - Log Improvements and Parameter Tuning for Better Performance.
* STORM-2050: [storm-sql] Support User Defined Aggregate Function for Trident mode
* STORM-1434: Support the GROUP BY clause in StormSQL
* STORM-2016: Topology submission improvement: support adding local jars and maven artifacts on submission
* STORM-1994: Add table with per-topology & worker resource usage and components in (new) supervisor and topology pages
* STORM-2042: Nimbus client connections not closed properly causing connection leaks
* STORM-1766: A better algorithm server rack selection for RAS
* STORM-1913: Additions and Improvements for Trident RAS API
* STORM-2037: debug operation should be whitelisted in SimpleAclAuthorizer.
* STORM-2023: Add calcite-core to dependency of storm-sql-runtime
* STORM-2036: Fix minor bug in RAS Tests
* STORM-1979: Storm Druid Connector implementation.
* STORM-1839: Storm spout implementation for Amazon Kinesis Streams.
* STORM-1876: Option to build storm-kafka and storm-kafka-client with different kafka client version
* STORM-2000: Package storm-opentsdb as part of external dir in installation
* STORM-1989: X-Frame-Options support for Storm UI
* STORM-1962: support python 3 and 2 in multilang
* STORM-1964: Unexpected behavior when using count window together with timestamp extraction
* STORM-1890: ensure we refetch static resources after package build
* STORM-1988: Kafka Offset not showing due to bad classpath.
* STORM-1966: Expand metric having Map type as value into multiple metrics based on entries
* STORM-1737: storm-kafka-client has compilation errors with Apache Kafka 0.10
* STORM-1968: Storm logviewer does not work for nimbus.log in secure cluster
* STORM-1910: One topology cannot use hdfs spout to read from two locations
* STORM-1960: Add CORS support to STORM UI Rest api
* STORM-1959: Add missing license header to KafkaPartitionOffsetLag
* STORM-1950: Change response json of 'Topology Lag' REST API to keyed by spoutId, topic, partition.
* STORM-1833: Simple equi-join in storm-sql standalone mode
* STORM-1866: Update Resource Aware Scheduler Documentation
* STORM-1930: Kafka New Client API - Support for Topic Wildcards
* STORM-1924: Adding conf options for Persistent Word Count Topology
* STORM-1956: Disabling Backpressure by default
* STORM-1934: Fix race condition between sync-supervisor and sync-processes
* STORM-1919: Introduce FilterBolt on storm-redis
* STORM-1945: Fix NPE bugs on topology spout lag for storm-kafka-monitor
* STORM-1888: add description for shell command
* STORM-1902: add a simple & flexible FileNameFormat for storm-hdfs
* STORM-1914: Storm Kafka Field Topic Selector
* STORM-1907: PartitionedTridentSpoutExecutor has incompatible types that cause ClassCastException
* STORM-1925: Remove Nimbus thrift call from Nimbus itself
* STORM-1909: Update HDFS spout documentation
* STORM-1136: Command line module to return kafka spout offsets lag and display in storm ui
* STORM-1911: IClusterMetricsConsumer should use seconds to timestamp unit
* STORM-1893: Support OpenTSDB for storing timeseries data.
* STORM-1723: Introduce ClusterMetricsConsumer
* STORM-1700: Introduce 'whitelist' / 'blacklist' option to MetricsConsumer
* STORM-1698: Asynchronous MetricsConsumerBolt
* STORM-1705: Cap number of retries for a failed message
* STORM-1884: Prioritize pendingPrepare over pendingCommit
* STORM-1575: fix TwitterSampleSpout NPE on close
* STORM-1874: Update logger private permissions
* STORM-1865: update command line client document
* STORM-1771: HiveState should flushAndClose before closing old or idle Hive connections
* STORM-1882: Expose TextFileReader public
* STORM-1873: Implement alternative behaviour for late tuples
* STORM-1719: Introduce REST API: Topology metric stats for stream
* STORM-1887: Fixed help message for set_log_level command
* STORM-1878: Flux can now handle IStatefulBolts
* STORM-1864: StormSubmitter should throw respective exceptions and log respective errors forregistered submitter hook invocation
* STORM-1868: Modify TridentKafkaWordCount to run in distributed mode
* STORM-1859: Ack late tuples in windowed mode
* STORM-1851: Fix default nimbus impersonation authorizer config
* STORM-1848: Make KafkaMessageId and Partition serializable to support
* STORM-1862: Flux ShellSpout and ShellBolt can't emit to named streams
* Storm-1728: TransactionalTridentKafkaSpout error
* STORM-1850: State Checkpointing Documentation update
* STORM-1674: Idle KafkaSpout consumes more bandwidth than needed
* STORM-1842: Forward references in storm.thrift cause tooling issues
* STORM-1730: LocalCluster#shutdown() does not terminate all storm threads/thread pools.
* STORM-1709: Added group by support in storm sql standalone mode
* STORM-1720: Support GEO in storm-redis
* 1.0.6:
* [STORM-2877] - Introduce an option to configure pagination in Storm UI
* [STORM-2917] - Check the config(nimbus.host) before using it to connect
* [STORM-2451] - windows storm.cmd does not set log4j2 config file correctly by default
* [STORM-2690] - resurrect invocation of ISupervisor.assigned() & make Supervisor.launchDaemon() accessible
* [STORM-2751] - Remove AsyncLoggingContext from Supervisor
* [STORM-2764] - HDFSBlobStore leaks file system objects
* [STORM-2771] - Some tests are being run twice
* [STORM-2786] - Ackers leak tracking info on failure and lots of other cases.
* [STORM-2853] - Deactivated topologies cause high cpu utilization
* [STORM-2856] - Make Storm build work on post 2017Q4 Travis Trusty image
* [STORM-2870] - FileBasedEventLogger leaks non-daemon ExecutorService which prevents process to be finished
* [STORM-2879] - Supervisor collapse continuously when there is a expired assignment for overdue storm
* [STORM-2892] - Flux test fails to parse valid PATH environment variable
* [STORM-2894] - fix some random typos in tests
* [STORM-2912] - Tick tuple is being shared without resetting start time and incur side-effect to break metrics
* [STORM-2918] - Upgrade Netty version
* [STORM-2874] - Minor style improvements to backpressure code
* [STORM-2937] - Overwrite storm-kafka-client 1.x-branch into 1.0.x-branch
* [STORM-2858] - Fix worker-launcher build
- Use %license macro
* 1.0.5:
* [STORM-2657] - Update SECURITY.MD
* [STORM-2231] - NULL in DisruptorQueue while multi-threaded ack
* [STORM-2660] - The Nimbus storm-local directory is relative to the working directory of the shell executing 'storm nimbus'
* [STORM-2674] - NoNodeException when ZooKeeper tries to delete nodes
* [STORM-2677] - consider all sampled tuples which took greater than 0 ms processing time
* [STORM-2682] - Supervisor crashes with NullPointerException
* [STORM-2695] - BlobStore uncompress argument should be Boolean
* [STORM-2705] - DRPCSpout sleeps twice when idle
* 1.0.4:
* STORM-2627: Update docs for storm.zookeeper.topology.auth.scheme
* STORM-2597: Don't parse passed in class paths
* STORM-2524: Set Kafka client.id with storm-kafka
* STORM-2448: Add in Storm and JDK versions when submitting a topology
* STORM-2511: Submitting a topology with name containing unicode getting failed
* STORM-2498: Fix Download Full File link
* STORM-2486: Prevent cd from printing target directory to avoid breaking classpath
* STORM-1114: Race condition in trident zookeeper zk-node create/delete
* STORM-2429: Properly validate supervisor.scheduler.meta
* STORM-2194: Stop ignoring socket timeout error from executor
* STORM-2450: Write resources into correct local director
* STORM-2414: Skip checking meta's ACL when subject has write privileges for any blobs
* STORM-2038: Disable symlinks with a config option
* STORM-2038: No symlinks for local cluster
* STORM-2403: Fix KafkaBolt test failure: tick tuple should not be acked
* STORM-2361: Kafka spout - after leader change, it stops committing offsets to ZK
* STORM-2296: Kafka spout - no duplicates on leader changes
* STORM-2387: Handle tick tuples properly for Bolts in external modules
* STORM-2345: Type mismatch in ReadClusterState's ProfileAction processing Map
* STORM-2104: New Kafka spout crashes if partitions are reassigned while tuples are in-flight
* STORM-2396: setting interrupted status back before throwing a RuntimeException
* STORM-2395: storm.cmd supervisor calls the wrong class name
* STORM-2385: pacemaker_state_factory.clj does not compile on branch-1.0.x
* STORM-2389: Avoid instantiating Event Logger when topology.eventlogger.executors=0
* STORM-2386: Fail-back Blob deletion also fails in BlobSynchronizer.syncBlobs
* STORM-2360: Storm-Hive: Thrift version mismatch with storm-core
* STORM-2372: Pacemaker client doesn't clean up heartbeats properly
* STORM-2326: Upgrade log4j and slf4j
* STORM-2350: Storm-HDFS's listFilesByModificationTime is broken
* 1.0.3:
* STORM-2197: NimbusClient connectins leak due to leakage in ThriftClient
* STORM-2321: Handle blobstore zk key deletion in KeySequenceNumber.
* STORM-2324: Fix deployment failure if resources directory is missing in topology jar
* STORM-2335: Fix broken Topology visualization with empty ':transferred' in executor stats
* STORM-2336: Close Localizer and AsyncLocalizer when supervisor is shutting down
* STORM-2338: Subprocess exception handling is broken in storm.py on Windows environment
* STORM-2337: Broken documentation generation for storm-metrics-profiling-internal-actions.md and windows-users-guide.md
* STORM-2325: Logviewer doesn't consider 'storm.local.hostname'
* STORM-1742: More accurate 'complete latency'
* STORM-2176: Workers do not shutdown cleanly and worker hooks don't run when a topology is killed
* STORM-2293: hostname should only refer node's 'storm.local.hostname'
* STORM-2246: Logviewer download link has urlencoding on part of the URL
* STORM-1906: Window count/length of zero should be disallowed
* STORM-1841: Address a few minor issues in windowing and doc
* STORM-2268: Fix integration test for Travis CI build
* STORM-2283: Fix DefaultStateHandler kryo multithreading issues
* STORM-2264: OpaqueTridentKafkaSpout failing after STORM-2216
* STORM-2276: Remove twitter4j usages due to license issue (JSON.org is catalog X)
* STORM-2095: remove any remaining files when deleting blobstore directory
* STORM-2222: Repeated NPEs thrown in nimbus if rebalance fails
* STORM-2251: Integration test refers specific version of Storm which should be project version
* STORM-2234: heartBeatExecutorService in shellSpout don't work well with deactivate
* STORM-2216: Favor JSONValue.parseWithException
* STORM-2208: HDFS State Throws FileNotFoundException in Azure Data Lake Store file system (adl://)
* STORM-2213: ShellSpout has race condition when ShellSpout is being inactive longer than heartbeat timeout
* STORM-2210: remove array shuffle from ShuffleGrouping
* STORM-2052: Kafka Spout - New Client API - Performance Improvements
* storm-2205: Racecondition in getting nimbus summaries while ZK connections are reconnected
* STORM-2198: perform RotationAction when stopping HdfsBolt
* STORM-2196: A typo in RAS_Node::consumeCPU
* STORM-2189: RAS_Node::freeCPU outputs incorrect info
* STORM-2184: Don't wakeup KafkaConsumer on shutdown
* STORM-2185: Storm Supervisor doesn't delete directories properly sometimes
* STORM-2175: fix double close of workers
* STORM-2018: Supervisor V2
* STORM-2145: Leave leader nimbus's hostname to log when trying to connect leader nimbus
* STORM-2127: Storm-eventhubs should use latest amqp and eventhubs-client versions
* STORM-2040: Fix bug on assert-can-serialize
* STORM-2017: ShellBolt stops reporting task ids
* STORM-2119: bug in log message printing to stdout
* STORM-2120: Emit to _spoutConfig.outputStreamId
* STORM-2101: fixes npe in compute-executors in nimbus
* STORM-2090: Add integration test for storm windowing
* STORM-2003: Make sure config contains TOPIC before get it
* STORM-1567: in defaults.yaml 'topology.disable.loadaware' should be 'topology.disable.loadaware.messaging'
* STORM-1987: Fix TridentKafkaWordCount arg handling in distributed mode.
* STORM-1969: Modify HiveTopology to show usage of non-partition table.
* STORM-1849: HDFSFileTopology should use the 3rd argument as topologyName
* STORM-2086: use DefaultTopicSelector instead of creating a new one
* STORM-2079: Unneccessary readStormConfig operation
* STORM-2081: create external directory for storm-sql various data sources and move storm-sql-kafka to it
* STORM-2070: Fix sigar native binary download link
* STORM-2056: Bugs in logviewer
* STORM-1646: Fix ExponentialBackoffMsgRetryManager test
* STORM-2039: Backpressure refactoring in worker and executor
* STORM-2064: Add storm name and function, access result and function to log-thrift-access
* STORM-2063: Add thread name in worker logs
* STORM-2042: Nimbus client connections not closed properly causing connection leaks
* STORM-2032: removes warning in case more than one metrics tuple is received
* STORM-1594: org.apache.storm.tuple.Fields can throw NPE if given invalid field in selector
* STORM-1995: downloadChunk in nimbus.clj should close the input stream
Changes in rubygem-activeresource:
- Add bsc#1171560-CVE-2020-8151-encode-id-param.patch
Prevent possible information disclosure issue that could allow
an attacker to create specially crafted requests to access data
in an unexpected way (bsc#1171560 CVE-2020-8151))_
Changes in rubygem-crowbar-client:
- Update to 3.9.2
- Enable SES commands in Cloud8 (SOC-11122)
Changes in rubygem-json-1_7:
- Add CVE-2020-10663.patch (CVE-2020-10663, bsc#1167244)
Changes in rubygem-puma:
- Fix indentation in gem2rpm.yml_
- Add CVE-2020-11077.patch (bsc#1172175, CVE-2020-11077)
- Add chunked-request-handling.patch (needed for CVE-2020-11076.patch)
- Add CVE-2020-11076.patch (bsc#1172176, CVE-2020-11076)
- Add all patches to gem2rpm.yml
Patchnames
HPE-Helion-OpenStack-8-2020-1901,SUSE-2020-1901,SUSE-OpenStack-Cloud-8-2020-1901,SUSE-OpenStack-Cloud-Crowbar-8-2020-1901
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Security update for ansible, ansible1, ardana-ansible, ardana-cluster, ardana-freezer, ardana-input-model, ardana-logging, ardana-mq, ardana-neutron, ardana-octavia, ardana-osconfig, caasp-openstack-heat-templates, crowbar-core, crowbar-openstack, documentation-suse-openstack-cloud, grafana, kibana, openstack-dashboard, openstack-dashboard-theme-HPE, openstack-heat-templates, openstack-keystone, openstack-monasca-agent, openstack-monasca-installer, openstack-neutron, openstack-octavia-amphora-image, python-Django, python-Flask, python-GitPython, python-Pillow, python-amqp, python-apicapi, python-keystoneauth1, python-oslo.messaging, python-psutil, python-pyroute2, python-pysaml2, python-tooz, python-waitress, storm", title: "Title of the patch", }, { category: "description", text: "This update for ansible, ansible1, ardana-ansible, ardana-cluster, ardana-freezer, ardana-input-model, ardana-logging, ardana-mq, ardana-neutron, ardana-octavia, ardana-osconfig, caasp-openstack-heat-templates, crowbar-core, crowbar-openstack, documentation-suse-openstack-cloud, grafana, kibana, openstack-dashboard, openstack-dashboard-theme-HPE, openstack-heat-templates, openstack-keystone, openstack-monasca-agent, openstack-monasca-installer, openstack-neutron, openstack-octavia-amphora-image, python-Django, python-Flask, python-GitPython, python-Pillow, python-amqp, python-apicapi, python-keystoneauth1, python-oslo.messaging, python-psutil, python-pyroute2, python-pysaml2, python-tooz, python-waitress, storm contains the following fixes:\n\nThe update fixes several security issues:\n\nansible\n- CVE-2019-3828: Fixed a path traversal in the fetch module (bsc#1126503).\n\ngrafana\n- CVE-2020-13379: Fixed an incorrect access control issue which could lead to information\n leaks or denial of service (bsc#1172409).\n- CVE-2020-12052: Fixed an cross site scripting vulnerability related to the annotation\n popup (bsc#1170657).\n\nkibana\n- CVE-2020-10743: Fixed a clickjacking vulnerability (bsc#1171909).\n\npython-Django\n- CVE-2020-13254: Fixed a data leakage via malformed memcached keys. (bsc#1172167)\n- CVE-2020-13596: Fixed a cross site scripting vulnerability related to the admin\n parameters of the ForeignKeyRawIdWidget. (bsc#1172166)\n\npython-Flask\n- CVE-2019-1010083: Fixed a denial of service via crafted encoded JSON. (bsc#1141968)\n\n\npython-Pillow\n- CVE-2019-16865: Fixed a denial of service with specially crafted\nimage files. (bsc#1153191)\n- CVE-2020-5312: Fixed a buffer overflow in the PCX P mode. (bsc#1160152)\n- CVE-2020-5313: Fixed a buffer overflow related to FLI. (bsc#1160153)\n- CVE-2019-19911: Fixed a denial of service in FpxImagePlugin.py. (bsc#1160192)\n\npython-psutil\n- CVE-2019-18874: Fixed a double free caused by refcount mishandling. (bsc#1156525)\n\npython-pysaml2\n- CVE-2020-5390: Fixed an issue with the verification of signatures in SAML documents.\n (bsc#1160851)\n- CVE-2017-1000246: Fixed an issue with weak encryption data, caused by initialization\n vector reuse. (bsc#1068612)\n\npython-waitress (to version 1.4.3)\n- CVE-2019-16785: Fixed HTTP request smuggling through LF vs CRLF handling. (bsc#1161088)\n- CVE-2019-16786: Fixed HTTP request smuggling through invalid Transfer-Encoding.\n (bsc#1161089)\n- CVE-2019-16789: Fixed HTTP Request Smuggling through Invalid whitespace characters.\n (bsc#1160790)\n- CVE-2019-16792: Fixed HTTP Request Smuggling through Content-Length header handling.\n (bsc#1161670)\n\nrubygem-activeresource\n- CVE-2020-8151: Fixed information disclosure issue via specially crafted requests.\n (bsc#1171560)\n\nrubygem-json-1_7\n- CVE-2020-10663: Fixed an unsafe object creation vulnerability. (bsc#1167244)\n\nrubygem-puma\n- CVE-2020-11077: Fixed a HTTP smuggling issue related to proxy usage. (bsc#1172175)\n- CVE-2020-11076: Fixed a HTTP smuggling issue when using an invalid transfer-encoding\n header. (bsc#1172176)\n\n\n\nOther non-security fixes in in the update below:\n\nChanges in ansible:\n- Add 0001-Disallow-use-of-remote-home-directories-containing-..patch\n (bsc#1126503, CVE-2019-3828)\n\nChanges in ansible1:\n- Add 0001-Disallow-use-of-remote-home-directories-containing-..patch\n (bsc#1126503, CVE-2019-3828)\n\nChanges in ardana-ansible:\n- Update to version 8.0+git.1589740980.6c3bcdc:\n * Reconfigure rabbitmq user permissions on update (SOC-11082)\n\n- Update to version 8.0+git.1588953487.9bfd5cb:\n * Fix incorrect prefix used to collect supportconfig files (bsc#1171273)\n\n- Update to version 8.0+git.1585690828.81d8f45:\n * Cleanup keystone-ansible (bsc#1108719)\n\nChanges in ardana-cluster:\n- Update to version 8.0+git.1585685203.3e71e49:\n * Use bool filter to ensure valid boolean evaluation (SOC-11192)\n\nChanges in ardana-freezer:\n- Update to version 8.0+git.1586539529.b7d295f:\n * Recovering Cloud8 using Freezer or SSH backups if upgrade fails (SOC-10137)\n\nChanges in ardana-input-model:\n- Update to version 8.0+git.1589740934.0e0ad61:\n * Add default rabbitmq exchange write permissions (SOC-11082)\n\n- Update to version 8.0+git.1586174594.2b92ec3:\n * add port neutron security extension to CI models (SOC-11027)\n\nChanges in ardana-logging:\n- Update to version 8.0+git.1591194866.b7375d0:\n * kibana: set x-frame-options header (bsc#1171909)\n\n- Update to version 8.0+git.1586179244.ae61f62:\n * Fix YAMLLoadWarning: calling yaml.load() without Loader (bsc#1168593)\n\nChanges in ardana-mq:\n- Update to version 8.0+git.1589715269.62ad6df:\n * Don't mirror reply queues (SOC-10317)\n\n- Update to version 8.0+git.1586784724.586343d:\n * Actually fail if sync HA queues retries exceeded (SOC-11083)\n\nChanges in ardana-neutron:\n- Update to version 8.0+git.1590756744.ba84abc:\n * Update L3 rootwrap filters (SOC-11306)\n\n- Update to version 8.0+git.1587737509.4e09de3:\n * Add network.target 'After' option (bsc#1169770)\n\n- Update to version 8.0+git.1586546152.e7bc07f:\n * Add neutron-common role dependencies (SOC-10875)\n\n- Update to version 8.0+git.1586543712.62bb5a3:\n * Fix neutron-ovsvapp-agent status (SOC-10637)\n\n- Update to version 8.0+git.1586535447.55769df:\n * Improve neutron service restart limit handling (SOC-8746)\n\n- Update to version 8.0+git.1586519528.a28db53:\n * Correctly setup ardana_notify_... fact (SOC-10902)\n\nChanges in ardana-octavia:\n- Update to version 8.0+git.1590100427.cf4cc8f:\n * fix octavia to glance communication over internal endpoint (SOC-11294)\n\nChanges in ardana-osconfig:\n- Update to version 8.0+git.1587034587.eac37b8:\n * Include SLE 12 SP3 LTSS repos in list of managed repos (SOC-11223)\n\nChanges in caasp-openstack-heat-templates:\n- Switch github URL from git@ to git:// to bypass authentication\n\nChanges in crowbar-core:\n- Update to version 5.0+git.1593156248.55bbdb26d:\n * Ignore CVE-8184 (SOC-11299)\n * Ignore latest ruby-related CVEs in the CI (SOC-11299)\n\n- Update to version 5.0+git.1589804984.44a89be24:\n * provisioner: Fix ssh key validation (SOC-11126)\n * assign host to hostless keys (noref)\n\nChanges in crowbar-openstack:\n- Update to version 5.0+git.1593085772.64c4ab43c:\n * monasca: Prevent deploying monasca-server to the node in pacemaker cluster (SOC-6354)\n\n- Update to version 5.0+git.1591171674.1f299cd1c:\n * Restore undeprecated nova dhcp_domain option (bsc#1171594)\n\n- Update to version 5.0+git.1591104265.683d76534:\n * [5.0] Fix availability zone script (bsc#1171661)\n\n- Update to version 5.0+git.1590398068.f5cfacc12:\n * nova: only create nonexistent cell1\n\n- Update to version 5.0+git.1590150829.e86326d03:\n * [5.0] Tempest: enable test_volume_boot_pattern test (SOC-10874)\n\n- Update to version 5.0+git.1589814633.23fde86ab:\n * rabbitmq: sync startup definitions.json with recipe (SOC-11077,SOC-11274)\n\n- Update to version 5.0+git.1589647291.73c7f1cb6:\n * [5.0] trove: fix rabbitmq connection URL (SOC-11286)\n\n- Update to version 5.0+git.1589214669.8332efff3:\n * Fix monasca libvirt ping checks (bsc#1107190)\n\n- Update to version 5.0+git.1588271874.90adebc7a:\n * run keystone_register on cluster founder only when HA (SOC-11248)\n * nova: run keystone_register on cluster founder only (SOC-11243)\n\n- Update to version 5.0+git.1588059034.3823515b7:\n * tempest: retry openstack commands (SOC-11238)\n\n- Update to version 5.0+git.1587403360.c43cd9905:\n * tempest: disable block migration when using RBD (SOC-11176)\n\n- Update to version 5.0+git.1586293860.901cb0f55:\n * monasca: disable postgres backend monitoring by default (SOC-11190)\n\n- Update to version 5.0+git.1585659861.c29fac257:\n * magnum: Populate SSL configuration (SOC-9849)\n * magnum: Add SSL support (SOC-9849)\n * nova: Populate cinder SES settings early (SOC-11179)\n\nChanges in documentation-suse-openstack-cloud:\n- Update to version 8.20200527:\n * Update Travis config: new container name (noref)\n\n- Update to version 8.20200417:\n * Recovering Cloud8 using Freezer or SSH backups if upgrade fails (SOC-10137)\n\n- Update to version 8.20200326:\n * Clarify wipe_disks does not affect non-OS partitions (bsc#1092420)\n\nChanges in grafana:\n- Add CVE-2020-13379.patch\n * Security: fix unauthorized avatar proxying (bsc#1172409, CVE-2020-13379)\n- Refresh systemd-notification.patch\n- Fix declaration for LICENSE\n\n- Add 0002-CVE-2020-12052-bsc1170657-XSS-annotation-popup-vulnerability.patch\n * Security: Fix annotation popup XSS vulnerability\n (bsc#1170657)\n\n- Add CVE-2019-15043.patch (SOC-10357, CVE-2019-15043, bsc#11483483)\nChanges in kibana:\n- Add 0001-Configurable-custom-response-headers-for-server.patch\n (bsc#1171909, CVE-2020-10743)\n\nChanges in openstack-dashboard:\n- Update to version horizon-12.0.5.dev3:\n * Fix typo in publicize\\_image policy name\n\nChanges in openstack-dashboard-theme-HPE:\n- Switch github URL from git@ to https:// to bypass authentication\n\nChanges in openstack-heat-templates:\n- Update to version 0.0.0+git.1582270132.8a20477:\n * Drop use of git.openstack.org\n * Add sample templates for Blazar\n\nChanges in openstack-keystone:\n- Update to version keystone-12.0.4.dev11:\n * Fix security issues with EC2 credentials\n\n- Update to version keystone-12.0.4.dev10:\n * Check timestamp of signed EC2 token request\n * Ensure OAuth1 authorized roles are respected\n\n- Update to version keystone-12.0.4.dev6:\n * Remove neutron-grenade job\n\nChanges in openstack-keystone:\n- Update to version keystone-12.0.4.dev11:\n * Fix security issues with EC2 credentials\n\n- Update to version keystone-12.0.4.dev10:\n * Check timestamp of signed EC2 token request\n * Ensure OAuth1 authorized roles are respected\n\n- Update to version keystone-12.0.4.dev6:\n * Remove neutron-grenade job\n\nChanges in openstack-monasca-agent:\n- update to version 2.2.6~dev4\n - Add debug output for libvirt ping checks\n\n- Lockdown /bin/ip permissions for the monasca-agent (bsc#1107190)\n - add addtional arguments to /bin/ip in sudoers\n\n- Fix missing sudo privleges (bsc#1107190)\n - add /bin/ip and /usr/bin/ovs-vsctl to monasca-agent sudoers\n\n- removed 0001-Avoid-overwriting-sys.path-ip-command.patch\n- update to version 2.2.6~dev3\n - Do not copy /sbin/ip to /usr/bin/monasa-agent-ip\n\n- update to version 2.2.6~dev2\n - Remove incorrect assignment of ping_cmd to 'True'\n\n- update to version 2.2.6~dev1\n - Update hacking version to 1.1.x\n\nChanges in openstack-monasca-installer:\n- Add 0001-kibana:-set-x-frame-options-header.patch (bsc#1171909,\n CVE-2020-10743)\n\nChanges in openstack-neutron:\n- Update to version neutron-11.0.9.dev65:\n * Revert iptables TCP checksum-fill code\n\n- Update to version neutron-11.0.9.dev64:\n * [Pike-only]: make grenade jobs non-voting\n\nChanges in openstack-neutron:\n- Update to version neutron-11.0.9.dev65:\n * Revert iptables TCP checksum-fill code\n\n- Update to version neutron-11.0.9.dev64:\n * [Pike-only]: make grenade jobs non-voting\n\nChanges in openstack-octavia-amphora-image:\n- Update image to 0.1.4 to include latest changes\n\nChanges in python-Django:\n- Security fixes (bsc#1172167, bsc#1172166, CVE-2020-13254, CVE-2020-13596)\n * Added patch CVE-2020-13254-1.8.19.patch\n * Added patch CVE-2020-13596-1.8.19.patch\n\nChanges in python-Flask:\n- Apply patch to resolve CVE-2019-1010083 (bsc#1141968)\n - 0001-detect-UTF-encodings-when-loading-json.patch\n\nChanges in python-GitPython:\n- Require git-core instead of git\n\nChanges in python-Pillow:\n- Remove decompression_bomb.gif and relevant test case to avoid\n ClamAV scan alerts during build\n\n- Add 001-Corrected-negative-seeks.patch\n * From upstream, backported\n * Fixes part of CVE-2019-16865, bsc#1153191\n- Add 002-Added-DecompressionBombError.patch\n * From upstream, backported\n * Adds DecompressionBombError class\n * Used by 003-Added-decompression-bomb-checks.patch\n- Add 003-Added-decompression-bomb-checks.patch\n * From upstream, backported\n * Fixes part of CVE-2019-16865, bsc#1153191\n- Add 004-Raise-error-if-dimension-is-a-string.patch\n * From upstream, backported\n * Fixes part of CVE-2019-16865, bsc#1153191\n- Add 005-Catch-buffer-overruns.patch\n * From upstream, backported\n * Fixes part of CVE-2019-16865, bsc#1153191\n- Add 006-Catch-PCX-P-mode-buffer-overrun.patch\n * From upstream, backported\n * Fixes CVE-2020-5312, bsc#1160152\n- Add 007-Test-animated-FLI-file.patch\n * From upstream, backported\n * Adds test animated FLI file\n * Used by 008-Ensure-previous-FLI-frame-is-loaded.patch\n- Add 008-Ensure-previous-FLI-frame-is-loaded.patch\n * From upstream, backported\n * Fixes https://github.com/python-pillow/Pillow/issues/2649\n * Uncovers CVE-2020-5313, bsc#1160153\n- Add 009-Catch-FLI-buffer-overrun.patch\n * From upstream, backported\n * Fixes CVE-2020-5313, bsc#1160153\n- Add 010-Invalid-number-of-bands-in-FPX-image.patch\n * From upstream, backported\n * Fixes CVE-2019-19911, bsc#1160192\n\nChanges in python-amqp:\n- Add python-devel as build dependecy\n * Required when building against python 2.7.17\n\nChanges in python-apicapi:\n- Add python-devel as build dependecy\n * Required when building against python 2.7.17\n\nChanges in python-keystoneauth1:\n- switch to tracking stable/pike tarball\n- disable renderspec\n- update to version 3.1.2.dev2\n - Make tests pass in 2020\n - OpenDev Migration Patch\n - import zuul job settings from project-config into stable/pike\n - Remove tox_install.sh\n - import zuul job settings from project-config\n - Update UPPER_CONSTRAINTS_FILE for stable/pike into stable/pike\n - Update .gitreview for stable/pike into stable/pike\n - Updated from global requirements\n - Update UPPER_CONSTRAINTS_FILE for stable/pike\n - Update .gitreview for stable/pike\n\nChanges in python-oslo.messaging:\n- added 0001-Use-default-exchange-for-direct-messaging.patch\n (SOC-11082, SOC-11274, bsc#1159046)\n\n- Add 0001-Retry-to-declare-a-queue-after-internal-error.patch (bsc#1123872)\n After receiving 'AMQP internal error 541', retry to create the queue after a delay.\n\nChanges in python-psutil:\n- Add bsc1156525-CVE-2019-18874.patch (bsc#1156525, CVE-2019-18874))\n\nChanges in python-pyroute2:\n- netns: fix NetNS resource leakage (#504) (bsc#1164322)\n\nChanges in python-pysaml2:\n- Add 0001-Always-generate-a-random-IV-for-AES-operations.patch\n (CVE-2017-1000246, bsc#1068612)\n\n- Add 0001-Fix-XML-Signature-Wrapping-XSW-vulnerabilities.patch\n (CVE-2020-5390, bsc#1160851)\n\nChanges in python-tooz:\n- update to version 1.58.1\n - Update .gitreview for stable/pike\n - import zuul job settings from project-config\n - Add doc/requirements.txt\n - Fix sphinx-docs job for stable branch\n\nChanges in python-waitress:\n- update to 1.4.3 to include fixes for:\n * CVE-2019-16785 / bsc#1161088\n * CVE-2019-16786 / bsc#1161089\n * CVE-2019-16789 / bsc#1160790\n * CVE-2019-16792 / bsc#1161670\n\n- make sure UTF8 locale is used when runnning tests\n * Sometimes functional tests executed in python3 failed if stdout was not\n set to UTF-8. The error message was:\n ValueError: underlying buffer has been detached\n\n- %python3_only -> %python_alternative\n\n- update to 1.4.3\n * Waitress did not properly validate that the HTTP headers it received\n were properly formed, thereby potentially allowing a front-end server\n to treat a request different from Waitress. This could lead to HTTP\n request smuggling/splitting.\n- drop patch local-intersphinx-inventories.patch\n * it was commented out, anyway\n\n- update to 1.4.0:\n - Waitress used to slam the door shut on HTTP pipelined requests without\n setting the ``Connection: close`` header as appropriate in the response. This\n is of course not very friendly. Waitress now explicitly sets the header when\n responding with an internally generated error such as 400 Bad Request or 500\n Internal Server Error to notify the remote client that it will be closing the\n connection after the response is sent.\n - Waitress no longer allows any spaces to exist between the header field-name\n and the colon. While waitress did not strip the space and thereby was not\n vulnerable to any potential header field-name confusion, it should have sent\n back a 400 Bad Request. See https://github.com/Pylons/waitress/issues/273\n - CRLR handling Security fixes\n\n- update to 1.3.1\n * Waitress won’t accidentally throw away part of the path if it\n starts with a double slash\n\n- version update to 1.3.0\n Deprecations\n ~~~~~~~~~~~~\n - The ``send_bytes`` adjustment now defaults to ``1`` and is deprecated\n pending removal in a future release.\n and https://github.com/Pylons/waitress/pull/246\n Features\n ~~~~~~~~\n - Add a new ``outbuf_high_watermark`` adjustment which is used to apply\n backpressure on the ``app_iter`` to avoid letting it spin faster than data\n can be written to the socket. This stabilizes responses that iterate quickly\n with a lot of data.\n See https://github.com/Pylons/waitress/pull/242\n - Stop early and close the ``app_iter`` when attempting to write to a closed\n socket due to a client disconnect. This should notify a long-lived streaming\n response when a client hangs up.\n See https://github.com/Pylons/waitress/pull/238\n and https://github.com/Pylons/waitress/pull/240\n and https://github.com/Pylons/waitress/pull/241\n - Adjust the flush to output ``SO_SNDBUF`` bytes instead of whatever was\n set in the ``send_bytes`` adjustment. ``send_bytes`` now only controls how\n much waitress will buffer internally before flushing to the kernel, whereas\n previously it used to also throttle how much data was sent to the kernel.\n This change enables a streaming ``app_iter`` containing small chunks to\n still be flushed efficiently.\n See https://github.com/Pylons/waitress/pull/246\n Bugfixes\n ~~~~~~~~\n - Upon receiving a request that does not include HTTP/1.0 or HTTP/1.1 we will\n no longer set the version to the string value 'None'. See\n https://github.com/Pylons/waitress/pull/252 and\n https://github.com/Pylons/waitress/issues/110\n - When a client closes a socket unexpectedly there was potential for memory\n leaks in which data was written to the buffers after they were closed,\n causing them to reopen.\n See https://github.com/Pylons/waitress/pull/239\n - Fix the queue depth warnings to only show when all threads are busy.\n See https://github.com/Pylons/waitress/pull/243\n and https://github.com/Pylons/waitress/pull/247\n - Trigger the ``app_iter`` to close as part of shutdown. This will only be\n noticeable for users of the internal server api. In more typical operations\n the server will die before benefiting from these changes.\n See https://github.com/Pylons/waitress/pull/245\n - Fix a bug in which a streaming ``app_iter`` may never cleanup data that has\n already been sent. This would cause buffers in waitress to grow without\n bounds. These buffers now properly rotate and release their data.\n See https://github.com/Pylons/waitress/pull/242\n - Fix a bug in which non-seekable subclasses of ``io.IOBase`` would trigger\n an exception when passed to the ``wsgi.file_wrapper`` callback.\n See https://github.com/Pylons/waitress/pull/249\n\n- Trim marketing wording and other platform mentions.\n\n- Add fetch-intersphinx-inventories.sh to sources\n- Add local-intersphinx-inventories.patch for generating the docs\n correctly\n\n- update to version 1.2.1:\n too many changes to list here, see:\n https://github.com/Pylons/waitress/blob/master/CHANGES.txt\n or even:\n https://github.com/Pylons/waitress/commits/master\n\n- Remove superfluous devel dependency for noarch package\n\n- update to version 1.1.0:\n * Features\n + Waitress now has a __main__ and thus may be called with 'python\n -mwaitress'\n * Bugfixes\n + Waitress no longer allows lowercase HTTP verbs. This change was\n made to fall in line with most HTTP servers. See\n https://github.com/Pylons/waitress/pull/170\n + When receiving non-ascii bytes in the request URL, waitress will\n no longer abruptly close the connection, instead returning a 400\n Bad Request. See https://github.com/Pylons/waitress/pull/162 and\n https://github.com/Pylons/waitress/issues/64\n\n- Update to 1.0.2\n * Python 3.6 is now officially supported in Waitress\n * Add a work-around for libc issue on Linux not following the\n documented standards. If getnameinfo() fails because of DNS not\n being available it should return the IP address instead of the\n reverse DNS entry, however instead getnameinfo() raises. We\n catch this, and ask getnameinfo() for the same information\n again, explicitly asking for IP address instead of reverse\n DNS hostname.\n- Implement single-spec version.\n- Fix source URL.\n\n- update to 1.0.1:\n - IPv6 support on Windows was broken due to missing constants in the socket\n module. This has been resolved by setting the constants on Windows if they\n are missing. See https://github.com/Pylons/waitress/issues/138\n - A ValueError was raised on Windows when passing a string for the port, on\n Windows in Python 2 using service names instead of port numbers doesn't work\n with `getaddrinfo`. This has been resolved by attempting to convert the port\n number to an integer, if that fails a ValueError will be raised. See\n https://github.com/Pylons/waitress/issues/139\n - Removed `AI_ADDRCONFIG` from the call to `getaddrinfo`, this resolves an\n issue whereby `getaddrinfo` wouldn't return any addresses to `bind` to on\n hosts where there is no internet connection but localhost is requested to be\n bound to. See https://github.com/Pylons/waitress/issues/131 for more\n information.\n- disable tests. need network access.\n\nChanges in storm:\n- update to 1.1.3:\n * 1.1.3:\n * [STORM-3026] - Upgrade ZK instance for security\n * [STORM-3027] - Make Impersonation Optional\n * [STORM-3011] - Use default bin path in flight.bash if $JAVA_HOME is undefined\n * [STORM-3039] - Ports of killed topologies remain in TIME_WAIT state preventing to start new topology\n * [STORM-2911] - SpoutConfig is serializable but does not declare a serialVersionUID field\n * [STORM-2978] - The fix for STORM-2706 is broken, and adds a transitive dependency on Zookeeper 3.5.3-beta for projects that depend on e.g. storm-kafka\n * [STORM-2979] - WorkerHooks EOFException during run_worker_shutdown_hooks\n * [STORM-2981] - Upgrade Curator to lastest patch version\n * [STORM-2985] - Add jackson-annotations to dependency management\n * [STORM-2989] - LogCleaner should preserve current worker.log.metrics\n * [STORM-2994] - KafkaSpout consumes messages but doesn't commit offsets\n * [STORM-3043] - NullPointerException thrown in SimpleRecordTranslator.apply()\n * [STORM-3052] - Let blobs un archive\n * [STORM-3059] - KafkaSpout throws NPE when hitting a null tuple if the processing guarantee is not AT_LEAST_ONCE\n * [STORM-2960] - Better to stress importance of setting up proper OS account for Storm processes\n * [STORM-3060] - Configuration mapping between storm-kafka & storm-kafka-client\n * [STORM-2952] - Deprecate storm-kafka in 1.x\n * [STORM-3005] - [DRPC] LinearDRPCTopologyBuilder shouldn't be deprecated\n * [STORM-2841] - testNoAcksIfFlushFails UT fails with NullPointerException\n * 1.1.2:\n * [STORM-2512] - Change KafkaSpoutConfig in storm-kafka-client to make it work with flux\n * [STORM-2616] - Document the built in metrics (just in time to replace them???)\n * [STORM-2657] - Update SECURITY.MD\n * [STORM-2663] - Backport STORM-2558 and deprecate storm.cmd on 1.x-branch\n * [STORM-2712] - accept arbitrary number of rows per tuple in storm-cassandra\n * [STORM-2775] - Improve KafkaPartition Metric Names\n * [STORM-2807] - Integration test should shut down topologies immediately after the test\n * [STORM-2862] - More flexible logging in multilang (Python, Ruby, JS)\n * [STORM-2877] - Introduce an option to configure pagination in Storm UI\n * [STORM-2917] - Check the config(nimbus.host) before using it to connect\n * [STORM-2231] - NULL in DisruptorQueue while multi-threaded ack\n * [STORM-2426] - First tuples fail after worker is respawn\n * [STORM-2500] - waitUntilReady in PacemakerClient cannot be invoked\n * [STORM-2525] - Fix flaky integration tests\n * [STORM-2535] - test-reset-timeout is flaky. Replace with a more reliable test.\n * [STORM-2541] - Manual partition assignment doesn't work\n * [STORM-2607] - [kafka-client] Consumer group every time with lag 1\n * [STORM-2642] - Storm-kafka-client spout cannot be serialized when using manual partition assignment\n * [STORM-2660] - The Nimbus storm-local directory is relative to the working directory of the shell executing 'storm nimbus'\n * [STORM-2666] - Storm-kafka-client spout can sometimes emit messages that were already committed.\n * [STORM-2674] - NoNodeException when ZooKeeper tries to delete nodes\n * [STORM-2677] - consider all sampled tuples which took greater than 0 ms processing time\n * [STORM-2682] - Supervisor crashes with NullPointerException\n * [STORM-2690] - resurrect invocation of ISupervisor.assigned() & make Supervisor.launchDaemon() accessible\n * [STORM-2695] - BlobStore uncompress argument should be Boolean\n * [STORM-2705] - DRPCSpout sleeps twice when idle\n * [STORM-2706] - Nimbus stuck in exception and does not fail fast\n * [STORM-2724] - ExecutorService in WaterMarkEventGenerator never shutdown\n * [STORM-2736] - o.a.s.b.BlobStoreUtils [ERROR] Could not update the blob with key\n * [STORM-2750] - fix double_checked locking\n * [STORM-2751] - Remove AsyncLoggingContext from Supervisor\n * [STORM-2764] - HDFSBlobStore leaks file system objects\n * [STORM-2769] - Fast-fail if output stream Id is null\n * [STORM-2771] - Some tests are being run twice\n * [STORM-2779] - NPE on shutting down WindowedBoltExecutor\n * [STORM-2786] - Ackers leak tracking info on failure and lots of other cases.\n * [STORM-2810] - Storm-hdfs tests are leaking resources\n * [STORM-2811] - Nimbus may throw NPE if the same topology is killed multiple times, and the integration test kills the same topology multiple times\n * [STORM-2814] - Logviewer HTTP server should return 403 instead of 200 if the user is unauthorized\n * [STORM-2815] - UI HTTP server should return 403 if the user is unauthorized\n * [STORM-2833] - Cached Netty Connections can have different keys for the same thing.\n * [STORM-2853] - Deactivated topologies cause high cpu utilization\n * [STORM-2855] - Travis build doesn't work after update of Ubuntu image\n * [STORM-2856] - Make Storm build work on post 2017Q4 Travis Trusty image\n * [STORM-2868] - Address handling activate/deactivate in multilang module files\n * [STORM-2870] - FileBasedEventLogger leaks non-daemon ExecutorService which prevents process to be finished\n * [STORM-2876] - Some storm-hdfs tests fail with out of memory periodically\n * [STORM-2879] - Supervisor collapse continuously when there is a expired assignment for overdue storm\n * [STORM-2892] - Flux test fails to parse valid PATH environment variable\n * [STORM-2894] - fix some random typos in tests\n * [STORM-2912] - Tick tuple is being shared without resetting start time and incur side-effect to break metrics\n * [STORM-2918] - Upgrade Netty version\n * [STORM-2942] - Remove javadoc and source jars from toollib directory in binary distribution\n * [STORM-2874] - Minor style improvements to backpressure code\n * [STORM-2858] - Fix worker-launcher build\n * 1.1.1:\n * STORM-2659: Add daemon.name variable to storm.cmd to fix log4j logging\n * STORM-2652: fix error in open method of JmsSpout\n * STORM-2645: Update storm.py to be python3 compatible\n * STORM-2621: add tuple_population metric\n * STORM-2639: Kafka Spout incorrectly computes numCommittedOffsets due to voids in the topic (topic compaction)\n * STORM-2544: Fixing issue in acking of tuples that hit retry limit under manual commit mode\n * STORM-2618: Add TridentKafkaStateUpdater for storm-kafka-client\n * STORM-2608: Remove any pending offsets that are no longer valid\n * STORM-2503: Fix lgtm.com alerts on equality and comparison operations\n * STORM-2478: Fix BlobStoreTest.testDeleteAfterFailedCreate on Windows\n * STORM-2602: storm.zookeeper.topology.auth.payload doesn't work even you set it\n * STORM-2597: Don't parse passed in class paths\n * STORM-2564: We should provide a template for storm-cluster-auth.yaml\n * STORM-2568: Fix getTopicsString\n * STORM-2563: Remove the workaround to handle missing UGI.loginUserFromSubject\n * STORM-2552: KafkaSpoutMessageId should be serializable\n * STORM-2562: Use stronger key size than default for blow fish key generator and get rid of stack trace\n * STORM-2557: A bug in DisruptorQueue causing severe underestimation of queue arrival rates\n * STORM-2449: Ensure same key appears only once in State iterator\n * STORM-2516: Fix timing issues with testPrepareLateTupleStreamWithoutBuilder\n * STORM-2489: Overlap and data loss on WindowedBolt based on Duration\n * STORM-2528: Bump log4j version to 2.8.2\n * STORM-2527: Initialize java.sql.DriverManager earlier to avoid deadlock\n * STORM-2413: Make new Kafka spout respect tuple retry limits\n * STORM-2518: Handles empty name for 'USER type' ACL when normalizing ACLs\n * STORM-2511: Submitting a topology with name containing unicode getting failed\n * STORM-2496: Dependency artifacts should be uploaded to blobstore with READ permission for all\n * STORM-2505: Spout to support topic compaction\n * STORM-2498: Fix Download Full File link\n * STORM-2343: New Kafka spout can stop emitting tuples if more than maxUncommittedOffsets tuples fail at once.\n * STORM-2486: Prevent cd from printing target directory to avoid breaking classpath\n * STORM-2488: The UI user Must be HTTP.\n * STORM-2481: Upgrade Aether version to resolve Aether bug BUG-451566\n * STORM-2435: Logging in storm.js inconsistent to console.log and does not support log levels\n * STORM-2315: New kafka spout can't commit offset when ack is disabled\n * STORM-2467: Use explicit charset when decoding from array backed buffer\n * STORM-1114: Race condition in trident zookeeper zk-node create/delete\n * STORM-2448: Add in Storm and JDK versions when submitting a topology\n * STORM-2343: Fix new Kafka spout stopping processing if more than maxUncommittedOffsets tuples fail at once\n * STORM-2431: the default blobstore.dir is storm.local.dir/blobs which is different from distcache-blobstore.md\n * STORM-2429: Properly validate supervisor.scheduler.meta\n * STORM-2451: windows storm.cmd does not set log4j2 config file correctly by default\n * STORM-2450: Write resources into correct local director\n * STORM-2440: Kill process if executor catches java.net.SocketTimeoutException\n * STORM-2432: Storm-Kafka-Client Trident Spout Seeks Incorrect Offset With UNCOMMITTED_LATEST Strategy\n * 1.1.0:\n * STORM-2425: Storm Hive Bolt not closing open transactions\n * STORM-2409: Storm-Kafka-Client KafkaSpout Support for Failed and NullTuples\n * STORM-2423: Join Bolt should use explicit instead of default window anchoring for emitted tuples\n * STORM-2416: Improve Release Packaging to Reduce File Size\n * STORM-2414: Skip checking meta's ACL when subject has write privileges for any blobs\n * STORM-2038: Disable symlinks with a config option\n * STORM-2240: STORM PMML Bolt - Add Support to Load Models from Blob Store\n * STORM-2412: Nimbus isLeader check while waiting for max replication\n * STORM-2408: build failed if storm.kafka.client.version = 0.10.2.0\n * STORM-2403: Fix KafkaBolt test failure: tick tuple should not be acked\n * STORM-2361: Kafka spout - after leader change, it stops committing offsets to ZK\n * STORM-2353: Replace kafka-unit by kafka_2.11 and kafka-clients to test kafka-clients:0.10.1.1\n * STORM-2387: Handle tick tuples properly for Bolts in external modules\n * STORM-2345: Type mismatch in ReadClusterState's ProfileAction processing Map\n * STORM-2400: Upgraded Curator to 2.12.0 and made respective API changes\n * STORM-2396: setting interrupted status back before throwing a RuntimeException\n * STORM-1772: Adding Perf module with topologies for measuring performance\n * STORM-2395: storm.cmd supervisor calls the wrong class name\n * STORM-2391: Move HdfsSpoutTopology from storm-starter to storm-hdfs-examples\n * STORM-2389: Avoid instantiating Event Logger when topology.eventlogger.executors=0\n * STORM-2386: Fail-back Blob deletion also fails in BlobSynchronizer.syncBlobs.\n * STORM-2388: JoinBolt breaks compilation against JDK 7\n * STORM-2374: Storm Kafka Client Test Topologies Must be Serializable\n * STORM-2372: Pacemaker client doesn't clean up heartbeats properly\n * STORM-2326: Upgrade log4j and slf4j\n * STORM-2334: Join Bolt implementation\n * STORM-1363: TridentKafkaState should handle null values from TridentTupleToKafkaMapper.getMessageFromTuple()\n * STORM-2365: Support for specifying output stream in event hubs spout\n * STORM-2250: Kafka spout refactoring to increase modularity and testability\n * STORM-2340: fix AutoCommitMode issue in KafkaSpout\n * STORM-2344: Flux YAML File Viewer for Nimbus UI\n * STORM-2350: Storm-HDFS's listFilesByModificationTime is broken\n * STORM-2270 Kafka spout should consume from latest when ZK partition commit offset bigger than the latest offset\n * STORM-1464: storm-hdfs support for multiple output files and partitioning\n * STORM-2320: DRPC client printer class reusable for local and remote DRPC\n * STORM-2281: Running Multiple Kafka Spouts (Trident) Throws Illegal State Exception\n * STORM-2296: Kafka spout no dup on leader changes\n * STORM-2244: Some shaded jars doesn't exclude dependency signature files\n * STORM-2014: New Kafka spout duplicates checking if failed messages have reached max retries\n * STORM-1443: [Storm SQL] Support customizing parallelism in StormSQL\n * STORM-2148: [Storm SQL] Trident mode: back to code generate and compile Trident topology\n * STORM-2331: Emitting from JavaScript should work when not anchoring.\n * STORM-2225: change spout config to be simpler.\n * STORM-2323: Precondition for Leader Nimbus should check all topology blobs and also corresponding dependencies\n * STORM-2330: Fix storm sql code generation for UDAF with non standard sql types\n * STORM-2298: Don't kill Nimbus when ClusterMetricsConsumer is failed to initialize\n * STORM-2301: [storm-cassandra] upgrade cassandra driver to 3.1.2\n * STORM-1446: Compile the Calcite logical plan to Storm Trident logical plan\n * STORM-2303: [storm-opentsdb] Fix list invariant issue for JDK 7\n * STORM-2236: storm kafka client should support manual partition management\n * STORM-2295: KafkaSpoutStreamsNamedTopics should return output fields with predictable ordering\n * STORM-2300: [Flux] support list of references\n * STORM-2297: [storm-opentsdb] Support Flux for OpenTSDBBolt\n * STORM-2294: Send activate and deactivate command to ShellSpout\n * STORM-2280: Upgrade Calcite version to 1.11.0\n * STORM-2278: Allow max number of disruptor queue flusher threads to be configurable\n * STORM-2277: Add shaded jar for Druid connector\n * STORM-2274: Support named output streams in Hdfs Spout\n * STORM-2204: Adding caching capabilities in HBaseLookupBolt\n * STORM-2267: Use user's local maven repo. directory to local repo.\n * STORM-2254: Provide Socket time out for nimbus thrift client\n * STORM-2200: [Storm SQL] Drop Aggregate & Join support on Trident mode\n * STORM-2266: Close NimbusClient instances appropriately\n * STORM-2203: Add a getAll method to KeyValueState interface\n * STORM-1886: Extend KeyValueState iface with delete\n * STORM-2022: update Fields test to match new behavior\n * STORM-2020: Stop using sun internal classes\n * STORM-1228: port fields_test to java\n * STORM-2104: New Kafka spout crashes if partitions are reassigned while tuples are in-flight\n * STORM-2257: Add built in support for sum function with different types.\n * STORM-2082: add sql external module storm-sql-hdfs\n * STORM-2256: storm-pmml breaks on java 1.7\n * STORM-2223: PMML Bolt.\n * STORM-2222: Repeated NPEs thrown in nimbus if rebalance fails\n * STORM-2190: reduce contention between submission and scheduling\n * STORM-2239: Handle InterruptException in new Kafka spout\n * STORM-2087: Storm-kafka-client: Failed tuples are not always replayed\n * STORM-2238: Add Timestamp extractor for windowed bolt\n * STORM-2235: Introduce new option: 'add remote repositories' for dependency resolver\n * STORM-2215: validate blobs are present before submitting\n * STORM-2170: [Storm SQL] Add built-in socket datasource to runtime\n * STORM-2226: Fix kafka spout offset lag ui for kerberized kafka\n * STORM-2224: Exposed a method to override in computing the field from given tuple in FieldSelector\n * STORM-2220: Added config support for each bolt in Cassandra bolts, fixed the bolts to be used also as sinks.\n * STORM-2205: Racecondition in getting nimbus summaries while ZK connectionions are reconnected\n * STORM-2182: Refactor Storm Kafka Examples Into Own Modules.\n * STORM-1694: Kafka Spout Trident Implementation Using New Kafka Consumer API\n * STORM-2173: [SQL] Support CSV as input / output format\n * STORM-2177: [SQL] Support TSV as input / output format\n * STORM-2172: [SQL] Support Avro as input / output format\n * STORM-2185: Storm Supervisor doesn't delete directories properly sometimes\n * STORM-2103: [SQL] Introduce new sql external module: storm-sql-mongodb\n * STORM-2175: fix double close of workers\n * STORM-2109: Under supervisor V2 SUPERVISOR_MEMORY_CAPACITY_MB and SUPERVISOR_CPU_CAPACITY must be Doubles\n * STORM-2110: in supervisor v2 filter out empty command line args\n * STORM-2117: Supervisor V2 with local mode extracts resources directory to topology root directory instead of temporary directory\n * STORM-2131: Add blob command to worker-launcher, make stormdist directory not writeable by topo owner\n * STORM-2018: Supervisor V2\n * STORM-2139: Let ShellBolts and ShellSpouts run with scripts from blobs\n * STORM-2072: Add map, flatMap with different outputs (T->V) in Trident\n * STORM-2134: improving the current scheduling strategy for RAS\n * STORM-2125: Use Calcite's implementation of Rex Compiler\n * STORM-1546: Adding Read and Write Aggregations for Pacemaker to make it HA compatible\n * STORM-1444: Support EXPLAIN statement in StormSQL\n * STORM-2099: Introduce new sql external module: storm-sql-redis\n * STORM-2097: Improve logging in trident core and examples\n * STORM-2144: Fix Storm-sql group-by behavior in standalone mode\n * STORM-2066: make error message in IsolatedPool.java more descriptive\n * STORM-1870: Allow FluxShellBolt/Spout set custom 'componentConfig' via yaml\n * STORM-2126: fix NPE due to race condition in compute-new-sched-assign…\n * STORM-2124: show requested cpu mem for each component\n * STORM-2089: Replace Consumer of ISqlTridentDataSource with SqlTridentConsumer\n * STORM-2118: A few fixes for storm-sql standalone mode\n * STORM-2105: Cluster/Supervisor total and available resources displayed in the UI\n * STORM-2078: enable paging in worker datatable\n * STORM-1664: Allow Java users to start a local cluster with a Nimbus Thrift server.\n * STORM-1872: Release Jedis connection when topology shutdown\n * STORM-2100: Fix Trident SQL join tests to not rely on ordering\n * STORM-1837: Fix complete-topology and prevent message loss\n * STORM-2098: DruidBeamBolt: Pass DruidConfig.Builder as constructor argument\n * STORM-2092: optimize TridentKafkaState batch sending\n * STORM-1979: Storm Druid Connector implementation.\n * STORM-2057: Support JOIN statement in Storm SQL\n * STORM-1970: external project examples refator\n * STORM-2074: fix storm-kafka-monitor NPE bug\n * STORM-1459: Allow not specifying producer properties in read-only Kafka table in StormSQL\n * STORM-2052: Kafka Spout New Client API - Log Improvements and Parameter Tuning for Better Performance.\n * STORM-2050: [storm-sql] Support User Defined Aggregate Function for Trident mode\n * STORM-1434: Support the GROUP BY clause in StormSQL\n * STORM-2016: Topology submission improvement: support adding local jars and maven artifacts on submission\n * STORM-1994: Add table with per-topology & worker resource usage and components in (new) supervisor and topology pages\n * STORM-2042: Nimbus client connections not closed properly causing connection leaks\n * STORM-1766: A better algorithm server rack selection for RAS\n * STORM-1913: Additions and Improvements for Trident RAS API\n * STORM-2037: debug operation should be whitelisted in SimpleAclAuthorizer.\n * STORM-2023: Add calcite-core to dependency of storm-sql-runtime\n * STORM-2036: Fix minor bug in RAS Tests\n * STORM-1979: Storm Druid Connector implementation.\n * STORM-1839: Storm spout implementation for Amazon Kinesis Streams.\n * STORM-1876: Option to build storm-kafka and storm-kafka-client with different kafka client version\n * STORM-2000: Package storm-opentsdb as part of external dir in installation\n * STORM-1989: X-Frame-Options support for Storm UI\n * STORM-1962: support python 3 and 2 in multilang\n * STORM-1964: Unexpected behavior when using count window together with timestamp extraction\n * STORM-1890: ensure we refetch static resources after package build\n * STORM-1988: Kafka Offset not showing due to bad classpath.\n * STORM-1966: Expand metric having Map type as value into multiple metrics based on entries\n * STORM-1737: storm-kafka-client has compilation errors with Apache Kafka 0.10\n * STORM-1968: Storm logviewer does not work for nimbus.log in secure cluster\n * STORM-1910: One topology cannot use hdfs spout to read from two locations\n * STORM-1960: Add CORS support to STORM UI Rest api\n * STORM-1959: Add missing license header to KafkaPartitionOffsetLag\n * STORM-1950: Change response json of 'Topology Lag' REST API to keyed by spoutId, topic, partition.\n * STORM-1833: Simple equi-join in storm-sql standalone mode\n * STORM-1866: Update Resource Aware Scheduler Documentation\n * STORM-1930: Kafka New Client API - Support for Topic Wildcards\n * STORM-1924: Adding conf options for Persistent Word Count Topology\n * STORM-1956: Disabling Backpressure by default\n * STORM-1934: Fix race condition between sync-supervisor and sync-processes\n * STORM-1919: Introduce FilterBolt on storm-redis\n * STORM-1945: Fix NPE bugs on topology spout lag for storm-kafka-monitor\n * STORM-1888: add description for shell command\n * STORM-1902: add a simple & flexible FileNameFormat for storm-hdfs\n * STORM-1914: Storm Kafka Field Topic Selector\n * STORM-1907: PartitionedTridentSpoutExecutor has incompatible types that cause ClassCastException\n * STORM-1925: Remove Nimbus thrift call from Nimbus itself\n * STORM-1909: Update HDFS spout documentation\n * STORM-1136: Command line module to return kafka spout offsets lag and display in storm ui\n * STORM-1911: IClusterMetricsConsumer should use seconds to timestamp unit\n * STORM-1893: Support OpenTSDB for storing timeseries data.\n * STORM-1723: Introduce ClusterMetricsConsumer\n * STORM-1700: Introduce 'whitelist' / 'blacklist' option to MetricsConsumer\n * STORM-1698: Asynchronous MetricsConsumerBolt\n * STORM-1705: Cap number of retries for a failed message\n * STORM-1884: Prioritize pendingPrepare over pendingCommit\n * STORM-1575: fix TwitterSampleSpout NPE on close\n * STORM-1874: Update logger private permissions\n * STORM-1865: update command line client document\n * STORM-1771: HiveState should flushAndClose before closing old or idle Hive connections\n * STORM-1882: Expose TextFileReader public\n * STORM-1873: Implement alternative behaviour for late tuples\n * STORM-1719: Introduce REST API: Topology metric stats for stream\n * STORM-1887: Fixed help message for set_log_level command\n * STORM-1878: Flux can now handle IStatefulBolts\n * STORM-1864: StormSubmitter should throw respective exceptions and log respective errors forregistered submitter hook invocation\n * STORM-1868: Modify TridentKafkaWordCount to run in distributed mode\n * STORM-1859: Ack late tuples in windowed mode\n * STORM-1851: Fix default nimbus impersonation authorizer config\n * STORM-1848: Make KafkaMessageId and Partition serializable to support\n * STORM-1862: Flux ShellSpout and ShellBolt can't emit to named streams\n * Storm-1728: TransactionalTridentKafkaSpout error\n * STORM-1850: State Checkpointing Documentation update\n * STORM-1674: Idle KafkaSpout consumes more bandwidth than needed\n * STORM-1842: Forward references in storm.thrift cause tooling issues\n * STORM-1730: LocalCluster#shutdown() does not terminate all storm threads/thread pools.\n * STORM-1709: Added group by support in storm sql standalone mode\n * STORM-1720: Support GEO in storm-redis\n * 1.0.6:\n * [STORM-2877] - Introduce an option to configure pagination in Storm UI\n * [STORM-2917] - Check the config(nimbus.host) before using it to connect\n * [STORM-2451] - windows storm.cmd does not set log4j2 config file correctly by default\n * [STORM-2690] - resurrect invocation of ISupervisor.assigned() & make Supervisor.launchDaemon() accessible\n * [STORM-2751] - Remove AsyncLoggingContext from Supervisor\n * [STORM-2764] - HDFSBlobStore leaks file system objects\n * [STORM-2771] - Some tests are being run twice\n * [STORM-2786] - Ackers leak tracking info on failure and lots of other cases.\n * [STORM-2853] - Deactivated topologies cause high cpu utilization\n * [STORM-2856] - Make Storm build work on post 2017Q4 Travis Trusty image\n * [STORM-2870] - FileBasedEventLogger leaks non-daemon ExecutorService which prevents process to be finished\n * [STORM-2879] - Supervisor collapse continuously when there is a expired assignment for overdue storm\n * [STORM-2892] - Flux test fails to parse valid PATH environment variable\n * [STORM-2894] - fix some random typos in tests\n * [STORM-2912] - Tick tuple is being shared without resetting start time and incur side-effect to break metrics\n * [STORM-2918] - Upgrade Netty version\n * [STORM-2874] - Minor style improvements to backpressure code\n * [STORM-2937] - Overwrite storm-kafka-client 1.x-branch into 1.0.x-branch\n * [STORM-2858] - Fix worker-launcher build\n- Use %license macro\n\n * 1.0.5:\n * [STORM-2657] - Update SECURITY.MD\n * [STORM-2231] - NULL in DisruptorQueue while multi-threaded ack\n * [STORM-2660] - The Nimbus storm-local directory is relative to the working directory of the shell executing 'storm nimbus'\n * [STORM-2674] - NoNodeException when ZooKeeper tries to delete nodes\n * [STORM-2677] - consider all sampled tuples which took greater than 0 ms processing time\n * [STORM-2682] - Supervisor crashes with NullPointerException\n * [STORM-2695] - BlobStore uncompress argument should be Boolean\n * [STORM-2705] - DRPCSpout sleeps twice when idle\n * 1.0.4:\n * STORM-2627: Update docs for storm.zookeeper.topology.auth.scheme\n * STORM-2597: Don't parse passed in class paths\n * STORM-2524: Set Kafka client.id with storm-kafka\n * STORM-2448: Add in Storm and JDK versions when submitting a topology\n * STORM-2511: Submitting a topology with name containing unicode getting failed\n * STORM-2498: Fix Download Full File link\n * STORM-2486: Prevent cd from printing target directory to avoid breaking classpath\n * STORM-1114: Race condition in trident zookeeper zk-node create/delete\n * STORM-2429: Properly validate supervisor.scheduler.meta\n * STORM-2194: Stop ignoring socket timeout error from executor\n * STORM-2450: Write resources into correct local director\n * STORM-2414: Skip checking meta's ACL when subject has write privileges for any blobs\n * STORM-2038: Disable symlinks with a config option\n * STORM-2038: No symlinks for local cluster\n * STORM-2403: Fix KafkaBolt test failure: tick tuple should not be acked\n * STORM-2361: Kafka spout - after leader change, it stops committing offsets to ZK\n * STORM-2296: Kafka spout - no duplicates on leader changes\n * STORM-2387: Handle tick tuples properly for Bolts in external modules\n * STORM-2345: Type mismatch in ReadClusterState's ProfileAction processing Map\n * STORM-2104: New Kafka spout crashes if partitions are reassigned while tuples are in-flight\n * STORM-2396: setting interrupted status back before throwing a RuntimeException\n * STORM-2395: storm.cmd supervisor calls the wrong class name\n * STORM-2385: pacemaker_state_factory.clj does not compile on branch-1.0.x\n * STORM-2389: Avoid instantiating Event Logger when topology.eventlogger.executors=0\n * STORM-2386: Fail-back Blob deletion also fails in BlobSynchronizer.syncBlobs\n * STORM-2360: Storm-Hive: Thrift version mismatch with storm-core\n * STORM-2372: Pacemaker client doesn't clean up heartbeats properly\n * STORM-2326: Upgrade log4j and slf4j\n * STORM-2350: Storm-HDFS's listFilesByModificationTime is broken\n * 1.0.3:\n * STORM-2197: NimbusClient connectins leak due to leakage in ThriftClient\n * STORM-2321: Handle blobstore zk key deletion in KeySequenceNumber.\n * STORM-2324: Fix deployment failure if resources directory is missing in topology jar\n * STORM-2335: Fix broken Topology visualization with empty ':transferred' in executor stats\n * STORM-2336: Close Localizer and AsyncLocalizer when supervisor is shutting down\n * STORM-2338: Subprocess exception handling is broken in storm.py on Windows environment\n * STORM-2337: Broken documentation generation for storm-metrics-profiling-internal-actions.md and windows-users-guide.md\n * STORM-2325: Logviewer doesn't consider 'storm.local.hostname'\n * STORM-1742: More accurate 'complete latency'\n * STORM-2176: Workers do not shutdown cleanly and worker hooks don't run when a topology is killed\n * STORM-2293: hostname should only refer node's 'storm.local.hostname'\n * STORM-2246: Logviewer download link has urlencoding on part of the URL\n * STORM-1906: Window count/length of zero should be disallowed\n * STORM-1841: Address a few minor issues in windowing and doc\n * STORM-2268: Fix integration test for Travis CI build\n * STORM-2283: Fix DefaultStateHandler kryo multithreading issues\n * STORM-2264: OpaqueTridentKafkaSpout failing after STORM-2216\n * STORM-2276: Remove twitter4j usages due to license issue (JSON.org is catalog X)\n * STORM-2095: remove any remaining files when deleting blobstore directory\n * STORM-2222: Repeated NPEs thrown in nimbus if rebalance fails\n * STORM-2251: Integration test refers specific version of Storm which should be project version\n * STORM-2234: heartBeatExecutorService in shellSpout don't work well with deactivate\n * STORM-2216: Favor JSONValue.parseWithException\n * STORM-2208: HDFS State Throws FileNotFoundException in Azure Data Lake Store file system (adl://)\n * STORM-2213: ShellSpout has race condition when ShellSpout is being inactive longer than heartbeat timeout\n * STORM-2210: remove array shuffle from ShuffleGrouping\n * STORM-2052: Kafka Spout - New Client API - Performance Improvements\n * storm-2205: Racecondition in getting nimbus summaries while ZK connections are reconnected\n * STORM-2198: perform RotationAction when stopping HdfsBolt\n * STORM-2196: A typo in RAS_Node::consumeCPU\n * STORM-2189: RAS_Node::freeCPU outputs incorrect info\n * STORM-2184: Don't wakeup KafkaConsumer on shutdown\n * STORM-2185: Storm Supervisor doesn't delete directories properly sometimes\n * STORM-2175: fix double close of workers\n * STORM-2018: Supervisor V2\n * STORM-2145: Leave leader nimbus's hostname to log when trying to connect leader nimbus\n * STORM-2127: Storm-eventhubs should use latest amqp and eventhubs-client versions\n * STORM-2040: Fix bug on assert-can-serialize\n * STORM-2017: ShellBolt stops reporting task ids\n * STORM-2119: bug in log message printing to stdout\n * STORM-2120: Emit to _spoutConfig.outputStreamId\n * STORM-2101: fixes npe in compute-executors in nimbus\n * STORM-2090: Add integration test for storm windowing\n * STORM-2003: Make sure config contains TOPIC before get it\n * STORM-1567: in defaults.yaml 'topology.disable.loadaware' should be 'topology.disable.loadaware.messaging'\n * STORM-1987: Fix TridentKafkaWordCount arg handling in distributed mode.\n * STORM-1969: Modify HiveTopology to show usage of non-partition table.\n * STORM-1849: HDFSFileTopology should use the 3rd argument as topologyName\n * STORM-2086: use DefaultTopicSelector instead of creating a new one\n * STORM-2079: Unneccessary readStormConfig operation\n * STORM-2081: create external directory for storm-sql various data sources and move storm-sql-kafka to it\n * STORM-2070: Fix sigar native binary download link\n * STORM-2056: Bugs in logviewer\n * STORM-1646: Fix ExponentialBackoffMsgRetryManager test\n * STORM-2039: Backpressure refactoring in worker and executor\n * STORM-2064: Add storm name and function, access result and function to log-thrift-access\n * STORM-2063: Add thread name in worker logs\n * STORM-2042: Nimbus client connections not closed properly causing connection leaks\n * STORM-2032: removes warning in case more than one metrics tuple is received\n * STORM-1594: org.apache.storm.tuple.Fields can throw NPE if given invalid field in selector\n * STORM-1995: downloadChunk in nimbus.clj should close the input stream\n\nChanges in rubygem-activeresource:\n- Add bsc#1171560-CVE-2020-8151-encode-id-param.patch\n Prevent possible information disclosure issue that could allow\n an attacker to create specially crafted requests to access data\n in an unexpected way (bsc#1171560 CVE-2020-8151))_\n\nChanges in rubygem-crowbar-client:\n- Update to 3.9.2\n - Enable SES commands in Cloud8 (SOC-11122)\n\nChanges in rubygem-json-1_7:\n- Add CVE-2020-10663.patch (CVE-2020-10663, bsc#1167244)\n\nChanges in rubygem-puma:\n- Fix indentation in gem2rpm.yml_\n\n- Add CVE-2020-11077.patch (bsc#1172175, CVE-2020-11077)\n- Add chunked-request-handling.patch (needed for CVE-2020-11076.patch)\n- Add CVE-2020-11076.patch (bsc#1172176, CVE-2020-11076)\n- Add all patches to gem2rpm.yml\n\n", title: "Description of the patch", }, { category: "details", text: "HPE-Helion-OpenStack-8-2020-1901,SUSE-2020-1901,SUSE-OpenStack-Cloud-8-2020-1901,SUSE-OpenStack-Cloud-Crowbar-8-2020-1901", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2020_1901-1.json", }, { category: "self", summary: "URL for SUSE-SU-2020:1901-1", url: "https://www.suse.com/support/update/announcement/2020/suse-su-20201901-1/", }, { category: "self", summary: "E-Mail link for SUSE-SU-2020:1901-1", url: "https://lists.suse.com/pipermail/sle-security-updates/2020-July/007124.html", }, { category: "self", summary: "SUSE Bug 1068612", url: "https://bugzilla.suse.com/1068612", }, { category: "self", summary: "SUSE Bug 1092420", url: "https://bugzilla.suse.com/1092420", }, { category: "self", summary: "SUSE Bug 1107190", url: "https://bugzilla.suse.com/1107190", }, { category: "self", summary: "SUSE Bug 1108719", url: "https://bugzilla.suse.com/1108719", }, { category: "self", summary: "SUSE Bug 1123872", url: "https://bugzilla.suse.com/1123872", }, { category: "self", summary: "SUSE Bug 1126503", url: "https://bugzilla.suse.com/1126503", }, { category: "self", summary: "SUSE Bug 1141968", url: "https://bugzilla.suse.com/1141968", }, { category: "self", summary: "SUSE Bug 11483483", url: "https://bugzilla.suse.com/11483483", }, { category: "self", summary: "SUSE Bug 1148383", url: "https://bugzilla.suse.com/1148383", }, { category: "self", summary: "SUSE Bug 1153191", url: "https://bugzilla.suse.com/1153191", }, { category: "self", summary: "SUSE Bug 1156525", url: "https://bugzilla.suse.com/1156525", }, { category: "self", summary: "SUSE Bug 1159046", url: "https://bugzilla.suse.com/1159046", }, { category: "self", summary: "SUSE Bug 1160152", url: "https://bugzilla.suse.com/1160152", }, { category: "self", summary: "SUSE Bug 1160153", url: "https://bugzilla.suse.com/1160153", }, { category: "self", summary: "SUSE Bug 1160192", url: "https://bugzilla.suse.com/1160192", }, { category: "self", summary: "SUSE Bug 1160790", url: "https://bugzilla.suse.com/1160790", }, { category: "self", summary: "SUSE Bug 1160851", url: "https://bugzilla.suse.com/1160851", }, { category: "self", summary: "SUSE Bug 1161088", url: "https://bugzilla.suse.com/1161088", }, { category: "self", summary: "SUSE Bug 1161089", url: "https://bugzilla.suse.com/1161089", }, { category: "self", summary: "SUSE Bug 1161670", url: "https://bugzilla.suse.com/1161670", }, { category: "self", summary: "SUSE Bug 1164322", url: "https://bugzilla.suse.com/1164322", }, { category: "self", summary: "SUSE Bug 1167244", url: "https://bugzilla.suse.com/1167244", }, { category: "self", summary: "SUSE Bug 1168593", url: "https://bugzilla.suse.com/1168593", }, { category: "self", summary: "SUSE Bug 1169770", url: "https://bugzilla.suse.com/1169770", }, { category: "self", summary: "SUSE Bug 1170657", url: "https://bugzilla.suse.com/1170657", }, { category: "self", summary: "SUSE Bug 1171273", url: "https://bugzilla.suse.com/1171273", }, { category: "self", summary: "SUSE Bug 1171560", url: "https://bugzilla.suse.com/1171560", }, { category: "self", summary: "SUSE Bug 1171594", url: "https://bugzilla.suse.com/1171594", }, { category: "self", summary: "SUSE Bug 1171661", url: "https://bugzilla.suse.com/1171661", }, { category: "self", summary: "SUSE Bug 1171909", url: "https://bugzilla.suse.com/1171909", }, { category: "self", summary: "SUSE Bug 1172166", url: "https://bugzilla.suse.com/1172166", }, { category: "self", summary: "SUSE Bug 1172167", url: "https://bugzilla.suse.com/1172167", }, { category: "self", summary: "SUSE Bug 1172175", url: "https://bugzilla.suse.com/1172175", }, { category: "self", summary: "SUSE Bug 1172176", url: "https://bugzilla.suse.com/1172176", }, { category: "self", summary: "SUSE Bug 1172409", url: "https://bugzilla.suse.com/1172409", }, { category: "self", summary: "SUSE CVE CVE-2017-1000246 page", url: "https://www.suse.com/security/cve/CVE-2017-1000246/", }, { category: "self", summary: "SUSE CVE CVE-2019-1010083 page", url: "https://www.suse.com/security/cve/CVE-2019-1010083/", }, { category: "self", summary: "SUSE CVE CVE-2019-15043 page", url: "https://www.suse.com/security/cve/CVE-2019-15043/", }, { category: "self", summary: "SUSE CVE CVE-2019-16785 page", url: "https://www.suse.com/security/cve/CVE-2019-16785/", }, { category: "self", summary: "SUSE CVE CVE-2019-16786 page", url: "https://www.suse.com/security/cve/CVE-2019-16786/", }, { category: "self", summary: "SUSE CVE CVE-2019-16789 page", url: "https://www.suse.com/security/cve/CVE-2019-16789/", }, { category: "self", summary: "SUSE CVE CVE-2019-16792 page", url: "https://www.suse.com/security/cve/CVE-2019-16792/", }, { category: "self", summary: "SUSE CVE CVE-2019-16865 page", url: "https://www.suse.com/security/cve/CVE-2019-16865/", }, { category: "self", summary: "SUSE CVE CVE-2019-18874 page", url: "https://www.suse.com/security/cve/CVE-2019-18874/", }, { category: "self", summary: "SUSE CVE CVE-2019-19911 page", url: "https://www.suse.com/security/cve/CVE-2019-19911/", }, { category: "self", summary: "SUSE CVE CVE-2019-3828 page", url: "https://www.suse.com/security/cve/CVE-2019-3828/", }, { category: "self", summary: "SUSE CVE CVE-2020-10663 page", url: "https://www.suse.com/security/cve/CVE-2020-10663/", }, { category: "self", summary: "SUSE CVE CVE-2020-10743 page", url: "https://www.suse.com/security/cve/CVE-2020-10743/", }, { category: "self", summary: "SUSE CVE CVE-2020-11076 page", url: "https://www.suse.com/security/cve/CVE-2020-11076/", }, { category: "self", summary: "SUSE CVE CVE-2020-11077 page", url: "https://www.suse.com/security/cve/CVE-2020-11077/", }, { category: "self", summary: "SUSE CVE CVE-2020-12052 page", url: "https://www.suse.com/security/cve/CVE-2020-12052/", }, { category: "self", summary: "SUSE CVE CVE-2020-13254 page", url: "https://www.suse.com/security/cve/CVE-2020-13254/", }, { category: "self", summary: "SUSE CVE CVE-2020-13379 page", url: "https://www.suse.com/security/cve/CVE-2020-13379/", }, { category: "self", summary: "SUSE CVE CVE-2020-13596 page", url: "https://www.suse.com/security/cve/CVE-2020-13596/", }, { category: "self", summary: "SUSE CVE CVE-2020-5312 page", url: "https://www.suse.com/security/cve/CVE-2020-5312/", }, { category: "self", summary: "SUSE CVE CVE-2020-5313 page", url: "https://www.suse.com/security/cve/CVE-2020-5313/", }, { category: "self", summary: "SUSE CVE CVE-2020-5390 page", url: "https://www.suse.com/security/cve/CVE-2020-5390/", }, { category: "self", summary: "SUSE CVE CVE-2020-8151 page", url: "https://www.suse.com/security/cve/CVE-2020-8151/", }, ], title: "Security update for ansible, ansible1, ardana-ansible, ardana-cluster, ardana-freezer, ardana-input-model, ardana-logging, ardana-mq, ardana-neutron, ardana-octavia, ardana-osconfig, caasp-openstack-heat-templates, crowbar-core, crowbar-openstack, documentation-suse-openstack-cloud, grafana, kibana, openstack-dashboard, openstack-dashboard-theme-HPE, openstack-heat-templates, openstack-keystone, openstack-monasca-agent, openstack-monasca-installer, openstack-neutron, openstack-octavia-amphora-image, python-Django, python-Flask, python-GitPython, python-Pillow, python-amqp, python-apicapi, python-keystoneauth1, python-oslo.messaging, python-psutil, python-pyroute2, python-pysaml2, python-tooz, python-waitress, storm", tracking: { current_release_date: "2020-07-14T12:42:01Z", generator: { date: "2020-07-14T12:42:01Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "SUSE-SU-2020:1901-1", initial_release_date: "2020-07-14T12:42:01Z", revision_history: [ { date: "2020-07-14T12:42:01Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "crowbar-core-5.0+git.1593156248.55bbdb26d-3.41.2.aarch64", product: { name: "crowbar-core-5.0+git.1593156248.55bbdb26d-3.41.2.aarch64", product_id: "crowbar-core-5.0+git.1593156248.55bbdb26d-3.41.2.aarch64", }, }, { category: "product_version", name: "crowbar-core-branding-upstream-5.0+git.1593156248.55bbdb26d-3.41.2.aarch64", product: { name: "crowbar-core-branding-upstream-5.0+git.1593156248.55bbdb26d-3.41.2.aarch64", product_id: "crowbar-core-branding-upstream-5.0+git.1593156248.55bbdb26d-3.41.2.aarch64", }, }, { category: "product_version", name: "crowbar-core-devel-5.0+git.1593156248.55bbdb26d-3.41.2.aarch64", product: { name: "crowbar-core-devel-5.0+git.1593156248.55bbdb26d-3.41.2.aarch64", product_id: "crowbar-core-devel-5.0+git.1593156248.55bbdb26d-3.41.2.aarch64", }, }, { category: "product_version", name: "grafana-4.6.5-4.9.1.aarch64", product: { name: "grafana-4.6.5-4.9.1.aarch64", product_id: "grafana-4.6.5-4.9.1.aarch64", }, }, { category: "product_version", name: "kibana-4.6.3-3.3.1.aarch64", product: { name: "kibana-4.6.3-3.3.1.aarch64", product_id: "kibana-4.6.3-3.3.1.aarch64", }, }, { category: "product_version", name: "python-Pillow-4.2.1-3.5.1.aarch64", product: { name: "python-Pillow-4.2.1-3.5.1.aarch64", product_id: "python-Pillow-4.2.1-3.5.1.aarch64", }, }, { category: "product_version", name: "python-psutil-5.2.2-3.3.1.aarch64", product: { name: "python-psutil-5.2.2-3.3.1.aarch64", product_id: "python-psutil-5.2.2-3.3.1.aarch64", }, }, { category: "product_version", name: "python3-Pillow-4.2.1-3.5.1.aarch64", product: { name: "python3-Pillow-4.2.1-3.5.1.aarch64", product_id: "python3-Pillow-4.2.1-3.5.1.aarch64", }, }, { category: "product_version", name: "python3-psutil-5.2.2-3.3.1.aarch64", product: { name: "python3-psutil-5.2.2-3.3.1.aarch64", product_id: "python3-psutil-5.2.2-3.3.1.aarch64", }, }, { category: "product_version", name: "ruby2.1-rubygem-activeresource-4.0.0-3.3.1.aarch64", product: { name: "ruby2.1-rubygem-activeresource-4.0.0-3.3.1.aarch64", product_id: "ruby2.1-rubygem-activeresource-4.0.0-3.3.1.aarch64", }, }, { category: "product_version", name: "ruby2.1-rubygem-activeresource-doc-4.0.0-3.3.1.aarch64", product: { name: "ruby2.1-rubygem-activeresource-doc-4.0.0-3.3.1.aarch64", product_id: "ruby2.1-rubygem-activeresource-doc-4.0.0-3.3.1.aarch64", }, }, { category: "product_version", name: "ruby2.1-rubygem-crowbar-client-3.9.2-3.12.1.aarch64", product: { name: "ruby2.1-rubygem-crowbar-client-3.9.2-3.12.1.aarch64", product_id: "ruby2.1-rubygem-crowbar-client-3.9.2-3.12.1.aarch64", }, }, { category: "product_version", name: "ruby2.1-rubygem-crowbar-client-doc-3.9.2-3.12.1.aarch64", product: { name: "ruby2.1-rubygem-crowbar-client-doc-3.9.2-3.12.1.aarch64", product_id: "ruby2.1-rubygem-crowbar-client-doc-3.9.2-3.12.1.aarch64", }, }, { category: "product_version", name: "ruby2.1-rubygem-crowbar-client-testsuite-3.9.2-3.12.1.aarch64", product: { name: "ruby2.1-rubygem-crowbar-client-testsuite-3.9.2-3.12.1.aarch64", product_id: "ruby2.1-rubygem-crowbar-client-testsuite-3.9.2-3.12.1.aarch64", }, }, { category: "product_version", name: "ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.aarch64", product: { name: "ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.aarch64", product_id: "ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.aarch64", }, }, { category: "product_version", name: "ruby2.1-rubygem-puma-2.16.0-3.9.1.aarch64", product: { name: "ruby2.1-rubygem-puma-2.16.0-3.9.1.aarch64", product_id: "ruby2.1-rubygem-puma-2.16.0-3.9.1.aarch64", }, }, { category: "product_version", name: "ruby2.1-rubygem-puma-doc-2.16.0-3.9.1.aarch64", product: { name: "ruby2.1-rubygem-puma-doc-2.16.0-3.9.1.aarch64", product_id: "ruby2.1-rubygem-puma-doc-2.16.0-3.9.1.aarch64", }, }, { category: "product_version", name: "storm-1.1.3-3.3.1.aarch64", product: { name: "storm-1.1.3-3.3.1.aarch64", product_id: "storm-1.1.3-3.3.1.aarch64", }, }, { category: "product_version", name: "storm-doc-1.1.3-3.3.1.aarch64", product: { name: "storm-doc-1.1.3-3.3.1.aarch64", product_id: "storm-doc-1.1.3-3.3.1.aarch64", }, }, { category: "product_version", name: "storm-logviewer-1.1.3-3.3.1.aarch64", product: { name: "storm-logviewer-1.1.3-3.3.1.aarch64", product_id: "storm-logviewer-1.1.3-3.3.1.aarch64", }, }, { category: "product_version", name: "storm-nimbus-1.1.3-3.3.1.aarch64", product: { name: "storm-nimbus-1.1.3-3.3.1.aarch64", product_id: "storm-nimbus-1.1.3-3.3.1.aarch64", }, }, { category: "product_version", name: "storm-pacemaker-1.1.3-3.3.1.aarch64", product: { name: "storm-pacemaker-1.1.3-3.3.1.aarch64", product_id: "storm-pacemaker-1.1.3-3.3.1.aarch64", }, }, { category: "product_version", name: "storm-supervisor-1.1.3-3.3.1.aarch64", product: { name: "storm-supervisor-1.1.3-3.3.1.aarch64", product_id: "storm-supervisor-1.1.3-3.3.1.aarch64", }, }, { category: "product_version", name: "storm-ui-1.1.3-3.3.1.aarch64", product: { name: "storm-ui-1.1.3-3.3.1.aarch64", product_id: "storm-ui-1.1.3-3.3.1.aarch64", }, }, { category: "product_version", name: "storm-zookeeper-1.1.3-3.3.1.aarch64", product: { name: "storm-zookeeper-1.1.3-3.3.1.aarch64", product_id: "storm-zookeeper-1.1.3-3.3.1.aarch64", }, }, ], category: "architecture", name: "aarch64", }, { branches: [ { category: "product_version", name: "ansible-2.4.6.0-3.9.1.noarch", product: { name: "ansible-2.4.6.0-3.9.1.noarch", product_id: "ansible-2.4.6.0-3.9.1.noarch", }, }, { category: "product_version", name: "ansible1-1.9.6-7.3.1.noarch", product: { name: "ansible1-1.9.6-7.3.1.noarch", product_id: "ansible1-1.9.6-7.3.1.noarch", }, }, { category: "product_version", name: "ardana-ansible-8.0+git.1589740980.6c3bcdc-3.73.1.noarch", product: { name: "ardana-ansible-8.0+git.1589740980.6c3bcdc-3.73.1.noarch", product_id: "ardana-ansible-8.0+git.1589740980.6c3bcdc-3.73.1.noarch", }, }, { category: "product_version", name: "ardana-cluster-8.0+git.1585685203.3e71e49-3.36.1.noarch", product: { name: "ardana-cluster-8.0+git.1585685203.3e71e49-3.36.1.noarch", product_id: "ardana-cluster-8.0+git.1585685203.3e71e49-3.36.1.noarch", }, }, { category: "product_version", name: "ardana-freezer-8.0+git.1586539529.b7d295f-3.21.1.noarch", product: { name: "ardana-freezer-8.0+git.1586539529.b7d295f-3.21.1.noarch", product_id: "ardana-freezer-8.0+git.1586539529.b7d295f-3.21.1.noarch", }, }, { category: "product_version", name: "ardana-input-model-8.0+git.1589740934.0e0ad61-3.39.1.noarch", product: { name: "ardana-input-model-8.0+git.1589740934.0e0ad61-3.39.1.noarch", product_id: "ardana-input-model-8.0+git.1589740934.0e0ad61-3.39.1.noarch", }, }, { category: "product_version", name: "ardana-logging-8.0+git.1591194866.b7375d0-3.24.1.noarch", product: { name: "ardana-logging-8.0+git.1591194866.b7375d0-3.24.1.noarch", product_id: "ardana-logging-8.0+git.1591194866.b7375d0-3.24.1.noarch", }, }, { category: "product_version", name: "ardana-mq-8.0+git.1589715269.62ad6df-3.22.1.noarch", product: { name: "ardana-mq-8.0+git.1589715269.62ad6df-3.22.1.noarch", product_id: "ardana-mq-8.0+git.1589715269.62ad6df-3.22.1.noarch", }, }, { category: "product_version", name: "ardana-neutron-8.0+git.1590756744.ba84abc-3.42.1.noarch", product: { name: "ardana-neutron-8.0+git.1590756744.ba84abc-3.42.1.noarch", product_id: "ardana-neutron-8.0+git.1590756744.ba84abc-3.42.1.noarch", }, }, { category: "product_version", name: "ardana-octavia-8.0+git.1590100427.cf4cc8f-3.29.1.noarch", product: { name: "ardana-octavia-8.0+git.1590100427.cf4cc8f-3.29.1.noarch", product_id: "ardana-octavia-8.0+git.1590100427.cf4cc8f-3.29.1.noarch", }, }, { category: "product_version", name: "ardana-osconfig-8.0+git.1587034587.eac37b8-3.45.1.noarch", product: { name: "ardana-osconfig-8.0+git.1587034587.eac37b8-3.45.1.noarch", product_id: "ardana-osconfig-8.0+git.1587034587.eac37b8-3.45.1.noarch", }, }, { category: "product_version", name: "caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1.noarch", product: { name: "caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1.noarch", product_id: "caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1.noarch", }, }, { category: "product_version", name: "documentation-hpe-helion-openstack-installation-8.20200527-1.26.1.noarch", product: { name: "documentation-hpe-helion-openstack-installation-8.20200527-1.26.1.noarch", product_id: "documentation-hpe-helion-openstack-installation-8.20200527-1.26.1.noarch", }, }, { category: "product_version", name: "documentation-hpe-helion-openstack-operations-8.20200527-1.26.1.noarch", product: { name: "documentation-hpe-helion-openstack-operations-8.20200527-1.26.1.noarch", product_id: "documentation-hpe-helion-openstack-operations-8.20200527-1.26.1.noarch", }, }, { category: "product_version", name: "documentation-hpe-helion-openstack-opsconsole-8.20200527-1.26.1.noarch", product: { name: "documentation-hpe-helion-openstack-opsconsole-8.20200527-1.26.1.noarch", product_id: "documentation-hpe-helion-openstack-opsconsole-8.20200527-1.26.1.noarch", }, }, { category: "product_version", name: "documentation-hpe-helion-openstack-planning-8.20200527-1.26.1.noarch", product: { name: "documentation-hpe-helion-openstack-planning-8.20200527-1.26.1.noarch", product_id: "documentation-hpe-helion-openstack-planning-8.20200527-1.26.1.noarch", }, }, { category: "product_version", name: "documentation-hpe-helion-openstack-security-8.20200527-1.26.1.noarch", product: { name: "documentation-hpe-helion-openstack-security-8.20200527-1.26.1.noarch", product_id: "documentation-hpe-helion-openstack-security-8.20200527-1.26.1.noarch", }, }, { category: "product_version", name: "documentation-hpe-helion-openstack-user-8.20200527-1.26.1.noarch", product: { name: "documentation-hpe-helion-openstack-user-8.20200527-1.26.1.noarch", product_id: "documentation-hpe-helion-openstack-user-8.20200527-1.26.1.noarch", }, }, { category: "product_version", name: "openstack-dashboard-12.0.5~dev3-3.26.1.noarch", product: { name: "openstack-dashboard-12.0.5~dev3-3.26.1.noarch", product_id: "openstack-dashboard-12.0.5~dev3-3.26.1.noarch", }, }, { category: "product_version", name: "openstack-dashboard-theme-HPE-8+git.1523473653.6599ec8-3.3.1.noarch", product: { name: "openstack-dashboard-theme-HPE-8+git.1523473653.6599ec8-3.3.1.noarch", product_id: "openstack-dashboard-theme-HPE-8+git.1523473653.6599ec8-3.3.1.noarch", }, }, { category: "product_version", name: "openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1.noarch", product: { name: "openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1.noarch", product_id: "openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1.noarch", }, }, { category: "product_version", name: "openstack-keystone-12.0.4~dev11-5.33.2.noarch", product: { name: "openstack-keystone-12.0.4~dev11-5.33.2.noarch", product_id: "openstack-keystone-12.0.4~dev11-5.33.2.noarch", }, }, { category: "product_version", name: "openstack-keystone-doc-12.0.4~dev11-5.33.2.noarch", product: { name: "openstack-keystone-doc-12.0.4~dev11-5.33.2.noarch", product_id: "openstack-keystone-doc-12.0.4~dev11-5.33.2.noarch", }, }, { category: "product_version", name: "openstack-monasca-agent-2.2.6~dev4-3.18.1.noarch", product: { name: "openstack-monasca-agent-2.2.6~dev4-3.18.1.noarch", product_id: "openstack-monasca-agent-2.2.6~dev4-3.18.1.noarch", }, }, { category: "product_version", name: "openstack-monasca-installer-20190923_16.32-3.12.1.noarch", product: { name: "openstack-monasca-installer-20190923_16.32-3.12.1.noarch", product_id: "openstack-monasca-installer-20190923_16.32-3.12.1.noarch", }, }, { category: "product_version", name: "openstack-neutron-11.0.9~dev65-3.33.2.noarch", product: { name: "openstack-neutron-11.0.9~dev65-3.33.2.noarch", product_id: "openstack-neutron-11.0.9~dev65-3.33.2.noarch", }, }, { category: "product_version", name: "openstack-neutron-dhcp-agent-11.0.9~dev65-3.33.2.noarch", product: { name: "openstack-neutron-dhcp-agent-11.0.9~dev65-3.33.2.noarch", product_id: "openstack-neutron-dhcp-agent-11.0.9~dev65-3.33.2.noarch", }, }, { category: "product_version", name: "openstack-neutron-doc-11.0.9~dev65-3.33.2.noarch", product: { name: "openstack-neutron-doc-11.0.9~dev65-3.33.2.noarch", product_id: "openstack-neutron-doc-11.0.9~dev65-3.33.2.noarch", }, }, { category: "product_version", name: "openstack-neutron-ha-tool-11.0.9~dev65-3.33.2.noarch", product: { name: "openstack-neutron-ha-tool-11.0.9~dev65-3.33.2.noarch", product_id: "openstack-neutron-ha-tool-11.0.9~dev65-3.33.2.noarch", }, }, { category: "product_version", name: "openstack-neutron-l3-agent-11.0.9~dev65-3.33.2.noarch", product: { name: "openstack-neutron-l3-agent-11.0.9~dev65-3.33.2.noarch", product_id: "openstack-neutron-l3-agent-11.0.9~dev65-3.33.2.noarch", }, }, { category: "product_version", name: "openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33.2.noarch", product: { name: "openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33.2.noarch", product_id: "openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33.2.noarch", }, }, { category: "product_version", name: "openstack-neutron-macvtap-agent-11.0.9~dev65-3.33.2.noarch", product: { name: "openstack-neutron-macvtap-agent-11.0.9~dev65-3.33.2.noarch", product_id: "openstack-neutron-macvtap-agent-11.0.9~dev65-3.33.2.noarch", }, }, { category: "product_version", name: "openstack-neutron-metadata-agent-11.0.9~dev65-3.33.2.noarch", product: { name: "openstack-neutron-metadata-agent-11.0.9~dev65-3.33.2.noarch", product_id: "openstack-neutron-metadata-agent-11.0.9~dev65-3.33.2.noarch", }, }, { category: "product_version", name: "openstack-neutron-metering-agent-11.0.9~dev65-3.33.2.noarch", product: { name: "openstack-neutron-metering-agent-11.0.9~dev65-3.33.2.noarch", product_id: "openstack-neutron-metering-agent-11.0.9~dev65-3.33.2.noarch", }, }, { category: "product_version", name: "openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33.2.noarch", product: { name: "openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33.2.noarch", product_id: "openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33.2.noarch", }, }, { category: "product_version", name: "openstack-neutron-server-11.0.9~dev65-3.33.2.noarch", product: { name: "openstack-neutron-server-11.0.9~dev65-3.33.2.noarch", product_id: "openstack-neutron-server-11.0.9~dev65-3.33.2.noarch", }, }, { category: "product_version", name: "openstack-octavia-amphora-image-x86_64-0.1.4-3.12.2.noarch", product: { name: "openstack-octavia-amphora-image-x86_64-0.1.4-3.12.2.noarch", product_id: "openstack-octavia-amphora-image-x86_64-0.1.4-3.12.2.noarch", }, }, { category: "product_version", name: "python-Django-1.11.23-3.15.1.noarch", product: { name: "python-Django-1.11.23-3.15.1.noarch", product_id: "python-Django-1.11.23-3.15.1.noarch", }, }, { category: "product_version", name: "python-Flask-0.12.1-3.3.1.noarch", product: { name: "python-Flask-0.12.1-3.3.1.noarch", product_id: "python-Flask-0.12.1-3.3.1.noarch", }, }, { category: "product_version", name: "python-GitPython-2.1.8-3.3.1.noarch", product: { name: "python-GitPython-2.1.8-3.3.1.noarch", product_id: "python-GitPython-2.1.8-3.3.1.noarch", }, }, { category: "product_version", name: "python-amqp-2.4.2-3.12.1.noarch", product: { name: "python-amqp-2.4.2-3.12.1.noarch", product_id: "python-amqp-2.4.2-3.12.1.noarch", }, }, { category: "product_version", name: "python-apicapi-1.6.0-3.6.1.noarch", product: { name: "python-apicapi-1.6.0-3.6.1.noarch", product_id: "python-apicapi-1.6.0-3.6.1.noarch", }, }, { category: "product_version", name: "python-horizon-12.0.5~dev3-3.26.1.noarch", product: { name: "python-horizon-12.0.5~dev3-3.26.1.noarch", product_id: "python-horizon-12.0.5~dev3-3.26.1.noarch", }, }, { category: "product_version", name: "python-keystone-12.0.4~dev11-5.33.2.noarch", product: { name: "python-keystone-12.0.4~dev11-5.33.2.noarch", product_id: "python-keystone-12.0.4~dev11-5.33.2.noarch", }, }, { category: "product_version", name: "python-keystoneauth1-3.1.2~dev2-3.3.1.noarch", product: { name: "python-keystoneauth1-3.1.2~dev2-3.3.1.noarch", product_id: "python-keystoneauth1-3.1.2~dev2-3.3.1.noarch", }, }, { category: "product_version", name: "python-monasca-agent-2.2.6~dev4-3.18.1.noarch", product: { name: "python-monasca-agent-2.2.6~dev4-3.18.1.noarch", product_id: "python-monasca-agent-2.2.6~dev4-3.18.1.noarch", }, }, { category: "product_version", name: "python-neutron-11.0.9~dev65-3.33.2.noarch", product: { name: "python-neutron-11.0.9~dev65-3.33.2.noarch", product_id: "python-neutron-11.0.9~dev65-3.33.2.noarch", }, }, { category: "product_version", name: "python-oslo.messaging-5.30.8-3.11.1.noarch", product: { name: "python-oslo.messaging-5.30.8-3.11.1.noarch", product_id: "python-oslo.messaging-5.30.8-3.11.1.noarch", }, }, { category: "product_version", name: "python-pyroute2-0.4.21-3.3.1.noarch", product: { name: "python-pyroute2-0.4.21-3.3.1.noarch", product_id: "python-pyroute2-0.4.21-3.3.1.noarch", }, }, { category: "product_version", name: "python-pysaml2-4.0.2-5.6.1.noarch", product: { name: "python-pysaml2-4.0.2-5.6.1.noarch", product_id: "python-pysaml2-4.0.2-5.6.1.noarch", }, }, { category: "product_version", name: "python-tooz-1.58.1-3.3.1.noarch", product: { name: "python-tooz-1.58.1-3.3.1.noarch", product_id: "python-tooz-1.58.1-3.3.1.noarch", }, }, { category: "product_version", name: "python-waitress-1.4.3-3.3.1.noarch", product: { name: "python-waitress-1.4.3-3.3.1.noarch", product_id: "python-waitress-1.4.3-3.3.1.noarch", }, }, { category: "product_version", name: "venv-openstack-aodh-x86_64-5.1.1~dev7-12.26.2.noarch", product: { name: "venv-openstack-aodh-x86_64-5.1.1~dev7-12.26.2.noarch", product_id: "venv-openstack-aodh-x86_64-5.1.1~dev7-12.26.2.noarch", }, }, { category: "product_version", name: "venv-openstack-barbican-x86_64-5.0.2~dev3-12.27.2.noarch", product: { name: "venv-openstack-barbican-x86_64-5.0.2~dev3-12.27.2.noarch", product_id: "venv-openstack-barbican-x86_64-5.0.2~dev3-12.27.2.noarch", }, }, { category: "product_version", name: "venv-openstack-ceilometer-x86_64-9.0.8~dev7-12.24.2.noarch", product: { name: "venv-openstack-ceilometer-x86_64-9.0.8~dev7-12.24.2.noarch", product_id: "venv-openstack-ceilometer-x86_64-9.0.8~dev7-12.24.2.noarch", }, }, { category: "product_version", name: "venv-openstack-cinder-x86_64-11.2.3~dev23-14.27.2.noarch", product: { name: "venv-openstack-cinder-x86_64-11.2.3~dev23-14.27.2.noarch", product_id: "venv-openstack-cinder-x86_64-11.2.3~dev23-14.27.2.noarch", }, }, { category: "product_version", name: "venv-openstack-designate-x86_64-5.0.3~dev7-12.25.2.noarch", product: { name: "venv-openstack-designate-x86_64-5.0.3~dev7-12.25.2.noarch", product_id: "venv-openstack-designate-x86_64-5.0.3~dev7-12.25.2.noarch", }, }, { category: "product_version", name: "venv-openstack-freezer-x86_64-5.0.0.0~xrc2~dev2-10.22.1.noarch", product: { name: "venv-openstack-freezer-x86_64-5.0.0.0~xrc2~dev2-10.22.1.noarch", product_id: "venv-openstack-freezer-x86_64-5.0.0.0~xrc2~dev2-10.22.1.noarch", }, }, { category: "product_version", name: "venv-openstack-glance-x86_64-15.0.3~dev3-12.25.1.noarch", product: { name: "venv-openstack-glance-x86_64-15.0.3~dev3-12.25.1.noarch", product_id: "venv-openstack-glance-x86_64-15.0.3~dev3-12.25.1.noarch", }, }, { category: "product_version", name: "venv-openstack-heat-x86_64-9.0.8~dev22-12.27.1.noarch", product: { name: "venv-openstack-heat-x86_64-9.0.8~dev22-12.27.1.noarch", product_id: "venv-openstack-heat-x86_64-9.0.8~dev22-12.27.1.noarch", }, }, { category: "product_version", name: "venv-openstack-horizon-hpe-x86_64-12.0.5~dev3-14.30.1.noarch", product: { name: "venv-openstack-horizon-hpe-x86_64-12.0.5~dev3-14.30.1.noarch", product_id: "venv-openstack-horizon-hpe-x86_64-12.0.5~dev3-14.30.1.noarch", }, }, { category: "product_version", name: "venv-openstack-ironic-x86_64-9.1.8~dev8-12.27.2.noarch", product: { name: "venv-openstack-ironic-x86_64-9.1.8~dev8-12.27.2.noarch", product_id: "venv-openstack-ironic-x86_64-9.1.8~dev8-12.27.2.noarch", }, }, { category: "product_version", name: "venv-openstack-keystone-x86_64-12.0.4~dev11-11.28.2.noarch", product: { name: "venv-openstack-keystone-x86_64-12.0.4~dev11-11.28.2.noarch", product_id: "venv-openstack-keystone-x86_64-12.0.4~dev11-11.28.2.noarch", }, }, { category: "product_version", name: "venv-openstack-magnum-x86_64-5.0.2_5.0.2_5.0.2~dev31-11.26.2.noarch", product: { name: "venv-openstack-magnum-x86_64-5.0.2_5.0.2_5.0.2~dev31-11.26.2.noarch", product_id: "venv-openstack-magnum-x86_64-5.0.2_5.0.2_5.0.2~dev31-11.26.2.noarch", }, }, { category: "product_version", name: "venv-openstack-manila-x86_64-5.1.1~dev5-12.31.2.noarch", product: { name: "venv-openstack-manila-x86_64-5.1.1~dev5-12.31.2.noarch", product_id: "venv-openstack-manila-x86_64-5.1.1~dev5-12.31.2.noarch", }, }, { category: "product_version", name: "venv-openstack-monasca-ceilometer-x86_64-1.5.1_1.5.1_1.5.1~dev3-8.22.2.noarch", product: { name: "venv-openstack-monasca-ceilometer-x86_64-1.5.1_1.5.1_1.5.1~dev3-8.22.2.noarch", product_id: "venv-openstack-monasca-ceilometer-x86_64-1.5.1_1.5.1_1.5.1~dev3-8.22.2.noarch", }, }, { category: "product_version", name: "venv-openstack-monasca-x86_64-2.2.2~dev1-11.22.3.noarch", product: { name: "venv-openstack-monasca-x86_64-2.2.2~dev1-11.22.3.noarch", product_id: "venv-openstack-monasca-x86_64-2.2.2~dev1-11.22.3.noarch", }, }, { category: "product_version", name: "venv-openstack-murano-x86_64-4.0.2~dev2-12.22.1.noarch", product: { name: "venv-openstack-murano-x86_64-4.0.2~dev2-12.22.1.noarch", product_id: "venv-openstack-murano-x86_64-4.0.2~dev2-12.22.1.noarch", }, }, { category: "product_version", name: "venv-openstack-neutron-x86_64-11.0.9~dev65-13.30.2.noarch", product: { name: "venv-openstack-neutron-x86_64-11.0.9~dev65-13.30.2.noarch", product_id: "venv-openstack-neutron-x86_64-11.0.9~dev65-13.30.2.noarch", }, }, { category: "product_version", name: "venv-openstack-nova-x86_64-16.1.9~dev61-11.28.2.noarch", product: { name: "venv-openstack-nova-x86_64-16.1.9~dev61-11.28.2.noarch", product_id: "venv-openstack-nova-x86_64-16.1.9~dev61-11.28.2.noarch", }, }, { category: "product_version", name: "venv-openstack-octavia-x86_64-1.0.6~dev3-12.27.2.noarch", product: { name: "venv-openstack-octavia-x86_64-1.0.6~dev3-12.27.2.noarch", product_id: "venv-openstack-octavia-x86_64-1.0.6~dev3-12.27.2.noarch", }, }, { category: "product_version", name: "venv-openstack-sahara-x86_64-7.0.5~dev4-11.26.2.noarch", product: { name: "venv-openstack-sahara-x86_64-7.0.5~dev4-11.26.2.noarch", product_id: "venv-openstack-sahara-x86_64-7.0.5~dev4-11.26.2.noarch", }, }, { category: "product_version", name: "venv-openstack-swift-x86_64-2.15.2_2.15.2_2.15.2~dev32-11.18.1.noarch", product: { name: "venv-openstack-swift-x86_64-2.15.2_2.15.2_2.15.2~dev32-11.18.1.noarch", product_id: "venv-openstack-swift-x86_64-2.15.2_2.15.2_2.15.2~dev32-11.18.1.noarch", }, }, { category: "product_version", name: "venv-openstack-trove-x86_64-8.0.2~dev2-11.26.1.noarch", product: { name: "venv-openstack-trove-x86_64-8.0.2~dev2-11.26.1.noarch", product_id: "venv-openstack-trove-x86_64-8.0.2~dev2-11.26.1.noarch", }, }, { category: "product_version", name: "crowbar-openstack-5.0+git.1593085772.64c4ab43c-4.40.2.noarch", product: { name: "crowbar-openstack-5.0+git.1593085772.64c4ab43c-4.40.2.noarch", product_id: "crowbar-openstack-5.0+git.1593085772.64c4ab43c-4.40.2.noarch", }, }, { category: "product_version", name: "documentation-suse-openstack-cloud-deployment-8.20200527-1.26.1.noarch", product: { name: "documentation-suse-openstack-cloud-deployment-8.20200527-1.26.1.noarch", product_id: "documentation-suse-openstack-cloud-deployment-8.20200527-1.26.1.noarch", }, }, { category: "product_version", name: "documentation-suse-openstack-cloud-installation-8.20200527-1.26.1.noarch", product: { name: "documentation-suse-openstack-cloud-installation-8.20200527-1.26.1.noarch", product_id: "documentation-suse-openstack-cloud-installation-8.20200527-1.26.1.noarch", }, }, { category: "product_version", name: "documentation-suse-openstack-cloud-operations-8.20200527-1.26.1.noarch", product: { name: "documentation-suse-openstack-cloud-operations-8.20200527-1.26.1.noarch", product_id: "documentation-suse-openstack-cloud-operations-8.20200527-1.26.1.noarch", }, }, { category: "product_version", name: "documentation-suse-openstack-cloud-opsconsole-8.20200527-1.26.1.noarch", product: { name: "documentation-suse-openstack-cloud-opsconsole-8.20200527-1.26.1.noarch", product_id: "documentation-suse-openstack-cloud-opsconsole-8.20200527-1.26.1.noarch", }, }, { category: "product_version", name: "documentation-suse-openstack-cloud-planning-8.20200527-1.26.1.noarch", product: { name: "documentation-suse-openstack-cloud-planning-8.20200527-1.26.1.noarch", product_id: "documentation-suse-openstack-cloud-planning-8.20200527-1.26.1.noarch", }, }, { category: "product_version", name: "documentation-suse-openstack-cloud-security-8.20200527-1.26.1.noarch", product: { name: "documentation-suse-openstack-cloud-security-8.20200527-1.26.1.noarch", product_id: "documentation-suse-openstack-cloud-security-8.20200527-1.26.1.noarch", }, }, { category: "product_version", name: "documentation-suse-openstack-cloud-socmmsoperator-8.20200527-1.26.1.noarch", product: { name: "documentation-suse-openstack-cloud-socmmsoperator-8.20200527-1.26.1.noarch", product_id: "documentation-suse-openstack-cloud-socmmsoperator-8.20200527-1.26.1.noarch", }, }, { category: "product_version", name: "documentation-suse-openstack-cloud-socmosoperator-8.20200527-1.26.1.noarch", product: { name: "documentation-suse-openstack-cloud-socmosoperator-8.20200527-1.26.1.noarch", product_id: "documentation-suse-openstack-cloud-socmosoperator-8.20200527-1.26.1.noarch", }, }, { category: "product_version", name: "documentation-suse-openstack-cloud-socmoverview-8.20200527-1.26.1.noarch", product: { name: "documentation-suse-openstack-cloud-socmoverview-8.20200527-1.26.1.noarch", product_id: "documentation-suse-openstack-cloud-socmoverview-8.20200527-1.26.1.noarch", }, }, { category: "product_version", name: "documentation-suse-openstack-cloud-supplement-8.20200527-1.26.1.noarch", product: { name: "documentation-suse-openstack-cloud-supplement-8.20200527-1.26.1.noarch", product_id: "documentation-suse-openstack-cloud-supplement-8.20200527-1.26.1.noarch", }, }, { category: "product_version", name: "documentation-suse-openstack-cloud-upstream-admin-8.20200527-1.26.1.noarch", product: { name: "documentation-suse-openstack-cloud-upstream-admin-8.20200527-1.26.1.noarch", product_id: "documentation-suse-openstack-cloud-upstream-admin-8.20200527-1.26.1.noarch", }, }, { category: "product_version", name: "documentation-suse-openstack-cloud-upstream-user-8.20200527-1.26.1.noarch", product: { name: "documentation-suse-openstack-cloud-upstream-user-8.20200527-1.26.1.noarch", product_id: "documentation-suse-openstack-cloud-upstream-user-8.20200527-1.26.1.noarch", }, }, { category: "product_version", name: "documentation-suse-openstack-cloud-user-8.20200527-1.26.1.noarch", product: { name: "documentation-suse-openstack-cloud-user-8.20200527-1.26.1.noarch", product_id: "documentation-suse-openstack-cloud-user-8.20200527-1.26.1.noarch", }, }, { category: "product_version", name: "openstack-dashboard-test-12.0.5~dev3-3.26.1.noarch", product: { name: "openstack-dashboard-test-12.0.5~dev3-3.26.1.noarch", product_id: "openstack-dashboard-test-12.0.5~dev3-3.26.1.noarch", }, }, { category: "product_version", name: "openstack-keystone-test-12.0.4~dev11-5.33.2.noarch", product: { name: "openstack-keystone-test-12.0.4~dev11-5.33.2.noarch", product_id: "openstack-keystone-test-12.0.4~dev11-5.33.2.noarch", }, }, { category: "product_version", name: "openstack-neutron-test-11.0.9~dev65-3.33.2.noarch", product: { name: "openstack-neutron-test-11.0.9~dev65-3.33.2.noarch", product_id: "openstack-neutron-test-11.0.9~dev65-3.33.2.noarch", }, }, { category: "product_version", name: "python-Flask-doc-0.12.1-3.3.1.noarch", product: { name: "python-Flask-doc-0.12.1-3.3.1.noarch", product_id: "python-Flask-doc-0.12.1-3.3.1.noarch", }, }, { category: "product_version", name: "python-keystoneauth1-doc-3.1.2~dev2-3.3.1.noarch", product: { name: "python-keystoneauth1-doc-3.1.2~dev2-3.3.1.noarch", product_id: "python-keystoneauth1-doc-3.1.2~dev2-3.3.1.noarch", }, }, { category: "product_version", name: "python-oslo.messaging-doc-5.30.8-3.11.1.noarch", product: { name: "python-oslo.messaging-doc-5.30.8-3.11.1.noarch", product_id: "python-oslo.messaging-doc-5.30.8-3.11.1.noarch", }, }, { category: "product_version", name: "python-pylons-sphinx-themes-1.0.11-1.3.1.noarch", product: { name: "python-pylons-sphinx-themes-1.0.11-1.3.1.noarch", product_id: "python-pylons-sphinx-themes-1.0.11-1.3.1.noarch", }, }, { category: "product_version", name: "python-pymemcache-1.2.9-3.3.1.noarch", product: { name: "python-pymemcache-1.2.9-3.3.1.noarch", product_id: "python-pymemcache-1.2.9-3.3.1.noarch", }, }, { category: "product_version", name: "python-tooz-doc-1.58.1-3.3.1.noarch", product: { name: "python-tooz-doc-1.58.1-3.3.1.noarch", product_id: "python-tooz-doc-1.58.1-3.3.1.noarch", }, }, { category: "product_version", name: "python-waitress-doc-1.4.3-3.3.1.noarch", product: { name: "python-waitress-doc-1.4.3-3.3.1.noarch", product_id: "python-waitress-doc-1.4.3-3.3.1.noarch", }, }, { category: "product_version", name: "python3-Django-1.11.23-3.15.1.noarch", product: { name: "python3-Django-1.11.23-3.15.1.noarch", product_id: "python3-Django-1.11.23-3.15.1.noarch", }, }, { category: "product_version", name: "python3-Flask-0.12.1-3.3.1.noarch", product: { name: "python3-Flask-0.12.1-3.3.1.noarch", product_id: "python3-Flask-0.12.1-3.3.1.noarch", }, }, { category: "product_version", name: "python3-Flask-doc-0.12.1-3.3.1.noarch", product: { name: "python3-Flask-doc-0.12.1-3.3.1.noarch", product_id: "python3-Flask-doc-0.12.1-3.3.1.noarch", }, }, { category: "product_version", name: "python3-GitPython-2.1.8-3.3.1.noarch", product: { name: "python3-GitPython-2.1.8-3.3.1.noarch", product_id: "python3-GitPython-2.1.8-3.3.1.noarch", }, }, { category: "product_version", name: "python3-amqp-2.4.2-3.12.1.noarch", product: { name: "python3-amqp-2.4.2-3.12.1.noarch", product_id: "python3-amqp-2.4.2-3.12.1.noarch", }, }, { category: "product_version", name: "python3-pylons-sphinx-themes-1.0.11-1.3.1.noarch", product: { name: "python3-pylons-sphinx-themes-1.0.11-1.3.1.noarch", product_id: "python3-pylons-sphinx-themes-1.0.11-1.3.1.noarch", }, }, { category: "product_version", name: "python3-pyroute2-0.4.21-3.3.1.noarch", product: { name: "python3-pyroute2-0.4.21-3.3.1.noarch", product_id: "python3-pyroute2-0.4.21-3.3.1.noarch", }, }, { category: "product_version", name: "python3-waitress-1.4.3-3.3.1.noarch", product: { name: "python3-waitress-1.4.3-3.3.1.noarch", product_id: "python3-waitress-1.4.3-3.3.1.noarch", }, }, { category: "product_version", name: "python3-waitress-doc-1.4.3-3.3.1.noarch", product: { name: "python3-waitress-doc-1.4.3-3.3.1.noarch", product_id: "python3-waitress-doc-1.4.3-3.3.1.noarch", }, }, { category: "product_version", name: "storm-kit-1.1.3-3.3.1.noarch", product: { name: "storm-kit-1.1.3-3.3.1.noarch", product_id: "storm-kit-1.1.3-3.3.1.noarch", }, }, { category: "product_version", name: "venv-openstack-horizon-x86_64-12.0.5~dev3-14.30.1.noarch", product: { name: "venv-openstack-horizon-x86_64-12.0.5~dev3-14.30.1.noarch", product_id: "venv-openstack-horizon-x86_64-12.0.5~dev3-14.30.1.noarch", }, }, { category: "product_version", name: "venv-openstack-zaqar-x86_64-5.0.1-10.10.1.noarch", product: { name: "venv-openstack-zaqar-x86_64-5.0.1-10.10.1.noarch", product_id: "venv-openstack-zaqar-x86_64-5.0.1-10.10.1.noarch", }, }, ], category: "architecture", name: "noarch", }, { branches: [ { category: "product_version", name: "crowbar-core-5.0+git.1593156248.55bbdb26d-3.41.2.ppc64le", product: { name: "crowbar-core-5.0+git.1593156248.55bbdb26d-3.41.2.ppc64le", product_id: "crowbar-core-5.0+git.1593156248.55bbdb26d-3.41.2.ppc64le", }, }, { category: "product_version", name: "crowbar-core-branding-upstream-5.0+git.1593156248.55bbdb26d-3.41.2.ppc64le", product: { name: "crowbar-core-branding-upstream-5.0+git.1593156248.55bbdb26d-3.41.2.ppc64le", product_id: "crowbar-core-branding-upstream-5.0+git.1593156248.55bbdb26d-3.41.2.ppc64le", }, }, { category: "product_version", name: "crowbar-core-devel-5.0+git.1593156248.55bbdb26d-3.41.2.ppc64le", product: { name: "crowbar-core-devel-5.0+git.1593156248.55bbdb26d-3.41.2.ppc64le", product_id: "crowbar-core-devel-5.0+git.1593156248.55bbdb26d-3.41.2.ppc64le", }, }, { category: "product_version", name: "grafana-4.6.5-4.9.1.ppc64le", product: { name: "grafana-4.6.5-4.9.1.ppc64le", product_id: "grafana-4.6.5-4.9.1.ppc64le", }, }, { category: "product_version", name: "kibana-4.6.3-3.3.1.ppc64le", product: { name: "kibana-4.6.3-3.3.1.ppc64le", product_id: "kibana-4.6.3-3.3.1.ppc64le", }, }, { category: "product_version", name: "python-Pillow-4.2.1-3.5.1.ppc64le", product: { name: "python-Pillow-4.2.1-3.5.1.ppc64le", product_id: "python-Pillow-4.2.1-3.5.1.ppc64le", }, }, { category: "product_version", name: "python-psutil-5.2.2-3.3.1.ppc64le", product: { name: "python-psutil-5.2.2-3.3.1.ppc64le", product_id: "python-psutil-5.2.2-3.3.1.ppc64le", }, }, { category: "product_version", name: "python3-Pillow-4.2.1-3.5.1.ppc64le", product: { name: "python3-Pillow-4.2.1-3.5.1.ppc64le", product_id: "python3-Pillow-4.2.1-3.5.1.ppc64le", }, }, { category: "product_version", name: "python3-psutil-5.2.2-3.3.1.ppc64le", product: { name: "python3-psutil-5.2.2-3.3.1.ppc64le", product_id: "python3-psutil-5.2.2-3.3.1.ppc64le", }, }, { category: "product_version", name: "ruby2.1-rubygem-activeresource-4.0.0-3.3.1.ppc64le", product: { name: "ruby2.1-rubygem-activeresource-4.0.0-3.3.1.ppc64le", product_id: "ruby2.1-rubygem-activeresource-4.0.0-3.3.1.ppc64le", }, }, { category: "product_version", name: "ruby2.1-rubygem-activeresource-doc-4.0.0-3.3.1.ppc64le", product: { name: "ruby2.1-rubygem-activeresource-doc-4.0.0-3.3.1.ppc64le", product_id: "ruby2.1-rubygem-activeresource-doc-4.0.0-3.3.1.ppc64le", }, }, { category: "product_version", name: "ruby2.1-rubygem-crowbar-client-3.9.2-3.12.1.ppc64le", product: { name: "ruby2.1-rubygem-crowbar-client-3.9.2-3.12.1.ppc64le", product_id: "ruby2.1-rubygem-crowbar-client-3.9.2-3.12.1.ppc64le", }, }, { category: "product_version", name: "ruby2.1-rubygem-crowbar-client-doc-3.9.2-3.12.1.ppc64le", product: { name: "ruby2.1-rubygem-crowbar-client-doc-3.9.2-3.12.1.ppc64le", product_id: "ruby2.1-rubygem-crowbar-client-doc-3.9.2-3.12.1.ppc64le", }, }, { category: "product_version", name: "ruby2.1-rubygem-crowbar-client-testsuite-3.9.2-3.12.1.ppc64le", product: { name: "ruby2.1-rubygem-crowbar-client-testsuite-3.9.2-3.12.1.ppc64le", product_id: "ruby2.1-rubygem-crowbar-client-testsuite-3.9.2-3.12.1.ppc64le", }, }, { category: "product_version", name: "ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.ppc64le", product: { name: "ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.ppc64le", product_id: "ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.ppc64le", }, }, { category: "product_version", name: "ruby2.1-rubygem-puma-2.16.0-3.9.1.ppc64le", product: { name: "ruby2.1-rubygem-puma-2.16.0-3.9.1.ppc64le", product_id: "ruby2.1-rubygem-puma-2.16.0-3.9.1.ppc64le", }, }, { category: "product_version", name: "ruby2.1-rubygem-puma-doc-2.16.0-3.9.1.ppc64le", product: { name: "ruby2.1-rubygem-puma-doc-2.16.0-3.9.1.ppc64le", product_id: "ruby2.1-rubygem-puma-doc-2.16.0-3.9.1.ppc64le", }, }, { category: "product_version", name: "storm-1.1.3-3.3.1.ppc64le", product: { name: "storm-1.1.3-3.3.1.ppc64le", product_id: "storm-1.1.3-3.3.1.ppc64le", }, }, { category: "product_version", name: "storm-doc-1.1.3-3.3.1.ppc64le", product: { name: "storm-doc-1.1.3-3.3.1.ppc64le", product_id: "storm-doc-1.1.3-3.3.1.ppc64le", }, }, { category: "product_version", name: "storm-logviewer-1.1.3-3.3.1.ppc64le", product: { name: "storm-logviewer-1.1.3-3.3.1.ppc64le", product_id: "storm-logviewer-1.1.3-3.3.1.ppc64le", }, }, { category: "product_version", name: "storm-nimbus-1.1.3-3.3.1.ppc64le", product: { name: "storm-nimbus-1.1.3-3.3.1.ppc64le", product_id: "storm-nimbus-1.1.3-3.3.1.ppc64le", }, }, { category: "product_version", name: "storm-pacemaker-1.1.3-3.3.1.ppc64le", product: { name: "storm-pacemaker-1.1.3-3.3.1.ppc64le", product_id: "storm-pacemaker-1.1.3-3.3.1.ppc64le", }, }, { category: "product_version", name: "storm-supervisor-1.1.3-3.3.1.ppc64le", product: { name: "storm-supervisor-1.1.3-3.3.1.ppc64le", product_id: "storm-supervisor-1.1.3-3.3.1.ppc64le", }, }, { category: "product_version", name: "storm-ui-1.1.3-3.3.1.ppc64le", product: { name: "storm-ui-1.1.3-3.3.1.ppc64le", product_id: "storm-ui-1.1.3-3.3.1.ppc64le", }, }, { category: "product_version", name: "storm-zookeeper-1.1.3-3.3.1.ppc64le", product: { name: "storm-zookeeper-1.1.3-3.3.1.ppc64le", product_id: "storm-zookeeper-1.1.3-3.3.1.ppc64le", }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "crowbar-core-5.0+git.1593156248.55bbdb26d-3.41.2.s390x", product: { name: "crowbar-core-5.0+git.1593156248.55bbdb26d-3.41.2.s390x", product_id: "crowbar-core-5.0+git.1593156248.55bbdb26d-3.41.2.s390x", }, }, { category: "product_version", name: "crowbar-core-branding-upstream-5.0+git.1593156248.55bbdb26d-3.41.2.s390x", product: { name: "crowbar-core-branding-upstream-5.0+git.1593156248.55bbdb26d-3.41.2.s390x", product_id: "crowbar-core-branding-upstream-5.0+git.1593156248.55bbdb26d-3.41.2.s390x", }, }, { category: "product_version", name: "crowbar-core-devel-5.0+git.1593156248.55bbdb26d-3.41.2.s390x", product: { name: "crowbar-core-devel-5.0+git.1593156248.55bbdb26d-3.41.2.s390x", product_id: "crowbar-core-devel-5.0+git.1593156248.55bbdb26d-3.41.2.s390x", }, }, { category: "product_version", name: "grafana-4.6.5-4.9.1.s390x", product: { name: "grafana-4.6.5-4.9.1.s390x", product_id: "grafana-4.6.5-4.9.1.s390x", }, }, { category: "product_version", name: "kibana-4.6.3-3.3.1.s390x", product: { name: "kibana-4.6.3-3.3.1.s390x", product_id: "kibana-4.6.3-3.3.1.s390x", }, }, { category: "product_version", name: "python-Pillow-4.2.1-3.5.1.s390x", product: { name: "python-Pillow-4.2.1-3.5.1.s390x", product_id: "python-Pillow-4.2.1-3.5.1.s390x", }, }, { category: "product_version", name: "python-psutil-5.2.2-3.3.1.s390x", product: { name: "python-psutil-5.2.2-3.3.1.s390x", product_id: "python-psutil-5.2.2-3.3.1.s390x", }, }, { category: "product_version", name: "python3-Pillow-4.2.1-3.5.1.s390x", product: { name: "python3-Pillow-4.2.1-3.5.1.s390x", product_id: "python3-Pillow-4.2.1-3.5.1.s390x", }, }, { category: "product_version", name: "python3-psutil-5.2.2-3.3.1.s390x", product: { name: "python3-psutil-5.2.2-3.3.1.s390x", product_id: "python3-psutil-5.2.2-3.3.1.s390x", }, }, { category: "product_version", name: "ruby2.1-rubygem-activeresource-4.0.0-3.3.1.s390x", product: { name: "ruby2.1-rubygem-activeresource-4.0.0-3.3.1.s390x", product_id: "ruby2.1-rubygem-activeresource-4.0.0-3.3.1.s390x", }, }, { category: "product_version", name: "ruby2.1-rubygem-activeresource-doc-4.0.0-3.3.1.s390x", product: { name: "ruby2.1-rubygem-activeresource-doc-4.0.0-3.3.1.s390x", product_id: "ruby2.1-rubygem-activeresource-doc-4.0.0-3.3.1.s390x", }, }, { category: "product_version", name: "ruby2.1-rubygem-crowbar-client-3.9.2-3.12.1.s390x", product: { name: "ruby2.1-rubygem-crowbar-client-3.9.2-3.12.1.s390x", product_id: "ruby2.1-rubygem-crowbar-client-3.9.2-3.12.1.s390x", }, }, { category: "product_version", name: "ruby2.1-rubygem-crowbar-client-doc-3.9.2-3.12.1.s390x", product: { name: "ruby2.1-rubygem-crowbar-client-doc-3.9.2-3.12.1.s390x", product_id: "ruby2.1-rubygem-crowbar-client-doc-3.9.2-3.12.1.s390x", }, }, { category: "product_version", name: "ruby2.1-rubygem-crowbar-client-testsuite-3.9.2-3.12.1.s390x", product: { name: "ruby2.1-rubygem-crowbar-client-testsuite-3.9.2-3.12.1.s390x", product_id: "ruby2.1-rubygem-crowbar-client-testsuite-3.9.2-3.12.1.s390x", }, }, { category: "product_version", name: "ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.s390x", product: { name: "ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.s390x", product_id: "ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.s390x", }, }, { category: "product_version", name: "ruby2.1-rubygem-puma-2.16.0-3.9.1.s390x", product: { name: "ruby2.1-rubygem-puma-2.16.0-3.9.1.s390x", product_id: "ruby2.1-rubygem-puma-2.16.0-3.9.1.s390x", }, }, { category: "product_version", name: "ruby2.1-rubygem-puma-doc-2.16.0-3.9.1.s390x", product: { name: "ruby2.1-rubygem-puma-doc-2.16.0-3.9.1.s390x", product_id: "ruby2.1-rubygem-puma-doc-2.16.0-3.9.1.s390x", }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "grafana-4.6.5-4.9.1.x86_64", product: { name: "grafana-4.6.5-4.9.1.x86_64", product_id: "grafana-4.6.5-4.9.1.x86_64", }, }, { category: "product_version", name: "kibana-4.6.3-3.3.1.x86_64", product: { name: "kibana-4.6.3-3.3.1.x86_64", product_id: "kibana-4.6.3-3.3.1.x86_64", }, }, { category: "product_version", name: "python-Pillow-4.2.1-3.5.1.x86_64", product: { name: "python-Pillow-4.2.1-3.5.1.x86_64", product_id: "python-Pillow-4.2.1-3.5.1.x86_64", }, }, { category: "product_version", name: "python-psutil-5.2.2-3.3.1.x86_64", product: { name: "python-psutil-5.2.2-3.3.1.x86_64", product_id: "python-psutil-5.2.2-3.3.1.x86_64", }, }, { category: "product_version", name: "storm-1.1.3-3.3.1.x86_64", product: { name: "storm-1.1.3-3.3.1.x86_64", product_id: "storm-1.1.3-3.3.1.x86_64", }, }, { category: "product_version", name: "storm-nimbus-1.1.3-3.3.1.x86_64", product: { name: "storm-nimbus-1.1.3-3.3.1.x86_64", product_id: "storm-nimbus-1.1.3-3.3.1.x86_64", }, }, { category: "product_version", name: "storm-supervisor-1.1.3-3.3.1.x86_64", product: { name: "storm-supervisor-1.1.3-3.3.1.x86_64", product_id: "storm-supervisor-1.1.3-3.3.1.x86_64", }, }, { category: "product_version", name: "crowbar-core-5.0+git.1593156248.55bbdb26d-3.41.2.x86_64", product: { name: "crowbar-core-5.0+git.1593156248.55bbdb26d-3.41.2.x86_64", product_id: "crowbar-core-5.0+git.1593156248.55bbdb26d-3.41.2.x86_64", }, }, { category: "product_version", name: "crowbar-core-branding-upstream-5.0+git.1593156248.55bbdb26d-3.41.2.x86_64", product: { name: "crowbar-core-branding-upstream-5.0+git.1593156248.55bbdb26d-3.41.2.x86_64", product_id: "crowbar-core-branding-upstream-5.0+git.1593156248.55bbdb26d-3.41.2.x86_64", }, }, { category: "product_version", name: "crowbar-core-devel-5.0+git.1593156248.55bbdb26d-3.41.2.x86_64", product: { name: "crowbar-core-devel-5.0+git.1593156248.55bbdb26d-3.41.2.x86_64", product_id: "crowbar-core-devel-5.0+git.1593156248.55bbdb26d-3.41.2.x86_64", }, }, { category: "product_version", name: "python3-Pillow-4.2.1-3.5.1.x86_64", product: { name: "python3-Pillow-4.2.1-3.5.1.x86_64", product_id: "python3-Pillow-4.2.1-3.5.1.x86_64", }, }, { category: "product_version", name: "python3-psutil-5.2.2-3.3.1.x86_64", product: { name: "python3-psutil-5.2.2-3.3.1.x86_64", product_id: "python3-psutil-5.2.2-3.3.1.x86_64", }, }, { category: "product_version", name: "ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64", product: { name: "ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64", product_id: "ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64", }, }, { category: "product_version", name: "ruby2.1-rubygem-activeresource-doc-4.0.0-3.3.1.x86_64", product: { name: "ruby2.1-rubygem-activeresource-doc-4.0.0-3.3.1.x86_64", product_id: "ruby2.1-rubygem-activeresource-doc-4.0.0-3.3.1.x86_64", }, }, { category: "product_version", name: "ruby2.1-rubygem-crowbar-client-3.9.2-3.12.1.x86_64", product: { name: "ruby2.1-rubygem-crowbar-client-3.9.2-3.12.1.x86_64", product_id: "ruby2.1-rubygem-crowbar-client-3.9.2-3.12.1.x86_64", }, }, { category: "product_version", name: "ruby2.1-rubygem-crowbar-client-doc-3.9.2-3.12.1.x86_64", product: { name: "ruby2.1-rubygem-crowbar-client-doc-3.9.2-3.12.1.x86_64", product_id: "ruby2.1-rubygem-crowbar-client-doc-3.9.2-3.12.1.x86_64", }, }, { category: "product_version", name: "ruby2.1-rubygem-crowbar-client-testsuite-3.9.2-3.12.1.x86_64", product: { name: "ruby2.1-rubygem-crowbar-client-testsuite-3.9.2-3.12.1.x86_64", product_id: "ruby2.1-rubygem-crowbar-client-testsuite-3.9.2-3.12.1.x86_64", }, }, { category: "product_version", name: "ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64", product: { name: "ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64", product_id: "ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64", }, }, { category: "product_version", name: "ruby2.1-rubygem-puma-2.16.0-3.9.1.x86_64", product: { name: "ruby2.1-rubygem-puma-2.16.0-3.9.1.x86_64", product_id: "ruby2.1-rubygem-puma-2.16.0-3.9.1.x86_64", }, }, { category: "product_version", name: "ruby2.1-rubygem-puma-doc-2.16.0-3.9.1.x86_64", product: { name: "ruby2.1-rubygem-puma-doc-2.16.0-3.9.1.x86_64", product_id: "ruby2.1-rubygem-puma-doc-2.16.0-3.9.1.x86_64", }, }, { category: "product_version", name: "storm-doc-1.1.3-3.3.1.x86_64", product: { name: "storm-doc-1.1.3-3.3.1.x86_64", product_id: "storm-doc-1.1.3-3.3.1.x86_64", }, }, { category: "product_version", name: "storm-logviewer-1.1.3-3.3.1.x86_64", product: { name: "storm-logviewer-1.1.3-3.3.1.x86_64", product_id: "storm-logviewer-1.1.3-3.3.1.x86_64", }, }, { category: "product_version", name: "storm-pacemaker-1.1.3-3.3.1.x86_64", product: { name: "storm-pacemaker-1.1.3-3.3.1.x86_64", product_id: "storm-pacemaker-1.1.3-3.3.1.x86_64", }, }, { category: "product_version", name: "storm-ui-1.1.3-3.3.1.x86_64", product: { name: "storm-ui-1.1.3-3.3.1.x86_64", product_id: "storm-ui-1.1.3-3.3.1.x86_64", }, }, { category: "product_version", name: "storm-zookeeper-1.1.3-3.3.1.x86_64", product: { name: "storm-zookeeper-1.1.3-3.3.1.x86_64", product_id: "storm-zookeeper-1.1.3-3.3.1.x86_64", }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_name", name: "HPE Helion OpenStack 8", product: { name: "HPE Helion OpenStack 8", product_id: "HPE Helion OpenStack 8", product_identification_helper: { cpe: "cpe:/o:suse:hpe-helion-openstack:8", }, }, }, { category: "product_name", name: "SUSE OpenStack Cloud 8", product: { name: "SUSE OpenStack Cloud 8", product_id: "SUSE OpenStack Cloud 8", product_identification_helper: { cpe: "cpe:/o:suse:suse-openstack-cloud:8", }, }, }, { category: "product_name", name: "SUSE OpenStack Cloud Crowbar 8", product: { name: "SUSE OpenStack Cloud Crowbar 8", product_id: "SUSE OpenStack Cloud Crowbar 8", product_identification_helper: { cpe: "cpe:/o:suse:suse-openstack-cloud-crowbar:8", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "ansible-2.4.6.0-3.9.1.noarch as component of HPE Helion OpenStack 8", product_id: "HPE Helion OpenStack 8:ansible-2.4.6.0-3.9.1.noarch", }, product_reference: "ansible-2.4.6.0-3.9.1.noarch", relates_to_product_reference: "HPE Helion OpenStack 8", }, { category: "default_component_of", full_product_name: { name: "ansible1-1.9.6-7.3.1.noarch as component of HPE Helion OpenStack 8", product_id: "HPE Helion OpenStack 8:ansible1-1.9.6-7.3.1.noarch", }, product_reference: "ansible1-1.9.6-7.3.1.noarch", relates_to_product_reference: "HPE Helion OpenStack 8", }, { category: "default_component_of", full_product_name: { name: "ardana-ansible-8.0+git.1589740980.6c3bcdc-3.73.1.noarch as component of HPE Helion OpenStack 8", product_id: "HPE Helion OpenStack 8:ardana-ansible-8.0+git.1589740980.6c3bcdc-3.73.1.noarch", }, product_reference: "ardana-ansible-8.0+git.1589740980.6c3bcdc-3.73.1.noarch", relates_to_product_reference: "HPE Helion OpenStack 8", }, { category: "default_component_of", full_product_name: { name: "ardana-cluster-8.0+git.1585685203.3e71e49-3.36.1.noarch as component of HPE Helion OpenStack 8", product_id: "HPE Helion OpenStack 8:ardana-cluster-8.0+git.1585685203.3e71e49-3.36.1.noarch", }, product_reference: "ardana-cluster-8.0+git.1585685203.3e71e49-3.36.1.noarch", relates_to_product_reference: "HPE Helion OpenStack 8", }, { category: "default_component_of", full_product_name: { name: "ardana-freezer-8.0+git.1586539529.b7d295f-3.21.1.noarch as component of HPE Helion OpenStack 8", product_id: "HPE Helion OpenStack 8:ardana-freezer-8.0+git.1586539529.b7d295f-3.21.1.noarch", }, product_reference: "ardana-freezer-8.0+git.1586539529.b7d295f-3.21.1.noarch", relates_to_product_reference: "HPE Helion OpenStack 8", }, { category: "default_component_of", full_product_name: { name: "ardana-input-model-8.0+git.1589740934.0e0ad61-3.39.1.noarch as component of HPE Helion OpenStack 8", product_id: "HPE Helion OpenStack 8:ardana-input-model-8.0+git.1589740934.0e0ad61-3.39.1.noarch", }, product_reference: "ardana-input-model-8.0+git.1589740934.0e0ad61-3.39.1.noarch", relates_to_product_reference: "HPE Helion OpenStack 8", }, { category: "default_component_of", full_product_name: { name: "ardana-logging-8.0+git.1591194866.b7375d0-3.24.1.noarch as component of HPE Helion OpenStack 8", product_id: "HPE Helion OpenStack 8:ardana-logging-8.0+git.1591194866.b7375d0-3.24.1.noarch", }, product_reference: "ardana-logging-8.0+git.1591194866.b7375d0-3.24.1.noarch", relates_to_product_reference: "HPE Helion OpenStack 8", }, { category: "default_component_of", full_product_name: { name: "ardana-mq-8.0+git.1589715269.62ad6df-3.22.1.noarch as component of HPE Helion OpenStack 8", product_id: "HPE Helion OpenStack 8:ardana-mq-8.0+git.1589715269.62ad6df-3.22.1.noarch", }, product_reference: "ardana-mq-8.0+git.1589715269.62ad6df-3.22.1.noarch", relates_to_product_reference: "HPE Helion OpenStack 8", }, { category: "default_component_of", full_product_name: { name: "ardana-neutron-8.0+git.1590756744.ba84abc-3.42.1.noarch as component of HPE Helion OpenStack 8", product_id: "HPE Helion OpenStack 8:ardana-neutron-8.0+git.1590756744.ba84abc-3.42.1.noarch", }, product_reference: "ardana-neutron-8.0+git.1590756744.ba84abc-3.42.1.noarch", relates_to_product_reference: "HPE Helion OpenStack 8", }, { category: "default_component_of", full_product_name: { name: "ardana-octavia-8.0+git.1590100427.cf4cc8f-3.29.1.noarch as component of HPE Helion OpenStack 8", product_id: "HPE Helion OpenStack 8:ardana-octavia-8.0+git.1590100427.cf4cc8f-3.29.1.noarch", }, product_reference: "ardana-octavia-8.0+git.1590100427.cf4cc8f-3.29.1.noarch", relates_to_product_reference: "HPE Helion OpenStack 8", }, { category: "default_component_of", full_product_name: { name: "ardana-osconfig-8.0+git.1587034587.eac37b8-3.45.1.noarch as component of HPE Helion OpenStack 8", product_id: "HPE Helion OpenStack 8:ardana-osconfig-8.0+git.1587034587.eac37b8-3.45.1.noarch", }, product_reference: "ardana-osconfig-8.0+git.1587034587.eac37b8-3.45.1.noarch", relates_to_product_reference: "HPE Helion OpenStack 8", }, { category: "default_component_of", full_product_name: { name: "caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1.noarch as component of HPE Helion OpenStack 8", product_id: "HPE Helion OpenStack 8:caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1.noarch", }, product_reference: "caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1.noarch", relates_to_product_reference: "HPE Helion OpenStack 8", }, { category: "default_component_of", full_product_name: { name: "documentation-hpe-helion-openstack-installation-8.20200527-1.26.1.noarch as component of HPE Helion OpenStack 8", product_id: "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-installation-8.20200527-1.26.1.noarch", }, product_reference: "documentation-hpe-helion-openstack-installation-8.20200527-1.26.1.noarch", relates_to_product_reference: "HPE Helion OpenStack 8", }, { category: "default_component_of", full_product_name: { name: "documentation-hpe-helion-openstack-operations-8.20200527-1.26.1.noarch as component of HPE Helion OpenStack 8", product_id: "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-operations-8.20200527-1.26.1.noarch", }, product_reference: "documentation-hpe-helion-openstack-operations-8.20200527-1.26.1.noarch", relates_to_product_reference: "HPE Helion OpenStack 8", }, { category: "default_component_of", full_product_name: { name: "documentation-hpe-helion-openstack-opsconsole-8.20200527-1.26.1.noarch as component of HPE Helion OpenStack 8", product_id: "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-opsconsole-8.20200527-1.26.1.noarch", }, product_reference: "documentation-hpe-helion-openstack-opsconsole-8.20200527-1.26.1.noarch", relates_to_product_reference: "HPE Helion OpenStack 8", }, { category: "default_component_of", full_product_name: { name: "documentation-hpe-helion-openstack-planning-8.20200527-1.26.1.noarch as component of HPE Helion OpenStack 8", product_id: "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-planning-8.20200527-1.26.1.noarch", }, product_reference: "documentation-hpe-helion-openstack-planning-8.20200527-1.26.1.noarch", relates_to_product_reference: "HPE Helion OpenStack 8", }, { category: "default_component_of", full_product_name: { name: "documentation-hpe-helion-openstack-security-8.20200527-1.26.1.noarch as component of HPE Helion OpenStack 8", product_id: "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-security-8.20200527-1.26.1.noarch", }, product_reference: "documentation-hpe-helion-openstack-security-8.20200527-1.26.1.noarch", relates_to_product_reference: "HPE Helion OpenStack 8", }, { category: "default_component_of", full_product_name: { name: "documentation-hpe-helion-openstack-user-8.20200527-1.26.1.noarch as component of HPE Helion OpenStack 8", product_id: "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-user-8.20200527-1.26.1.noarch", }, product_reference: "documentation-hpe-helion-openstack-user-8.20200527-1.26.1.noarch", relates_to_product_reference: "HPE Helion OpenStack 8", }, { category: "default_component_of", full_product_name: { name: "grafana-4.6.5-4.9.1.x86_64 as component of HPE Helion OpenStack 8", product_id: "HPE Helion OpenStack 8:grafana-4.6.5-4.9.1.x86_64", }, product_reference: "grafana-4.6.5-4.9.1.x86_64", relates_to_product_reference: "HPE Helion OpenStack 8", }, { category: "default_component_of", full_product_name: { name: "kibana-4.6.3-3.3.1.x86_64 as component of HPE Helion OpenStack 8", product_id: "HPE Helion OpenStack 8:kibana-4.6.3-3.3.1.x86_64", }, product_reference: "kibana-4.6.3-3.3.1.x86_64", relates_to_product_reference: "HPE Helion OpenStack 8", }, { category: "default_component_of", full_product_name: { name: "openstack-dashboard-12.0.5~dev3-3.26.1.noarch as component of HPE Helion OpenStack 8", product_id: "HPE Helion OpenStack 8:openstack-dashboard-12.0.5~dev3-3.26.1.noarch", }, product_reference: "openstack-dashboard-12.0.5~dev3-3.26.1.noarch", relates_to_product_reference: "HPE Helion OpenStack 8", }, { category: "default_component_of", full_product_name: { name: "openstack-dashboard-theme-HPE-8+git.1523473653.6599ec8-3.3.1.noarch as component of HPE Helion OpenStack 8", product_id: "HPE Helion OpenStack 8:openstack-dashboard-theme-HPE-8+git.1523473653.6599ec8-3.3.1.noarch", }, product_reference: "openstack-dashboard-theme-HPE-8+git.1523473653.6599ec8-3.3.1.noarch", relates_to_product_reference: "HPE Helion OpenStack 8", }, { category: "default_component_of", full_product_name: { name: "openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1.noarch as component of HPE Helion OpenStack 8", product_id: "HPE Helion OpenStack 8:openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1.noarch", }, product_reference: "openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1.noarch", relates_to_product_reference: "HPE Helion OpenStack 8", }, { category: "default_component_of", full_product_name: { name: "openstack-keystone-12.0.4~dev11-5.33.2.noarch as component of HPE Helion OpenStack 8", product_id: "HPE Helion OpenStack 8:openstack-keystone-12.0.4~dev11-5.33.2.noarch", }, product_reference: "openstack-keystone-12.0.4~dev11-5.33.2.noarch", relates_to_product_reference: "HPE Helion OpenStack 8", }, { category: "default_component_of", full_product_name: { name: "openstack-keystone-doc-12.0.4~dev11-5.33.2.noarch as component of HPE Helion OpenStack 8", product_id: "HPE Helion OpenStack 8:openstack-keystone-doc-12.0.4~dev11-5.33.2.noarch", }, product_reference: "openstack-keystone-doc-12.0.4~dev11-5.33.2.noarch", relates_to_product_reference: "HPE Helion OpenStack 8", }, { category: "default_component_of", full_product_name: { name: "openstack-monasca-agent-2.2.6~dev4-3.18.1.noarch as component of HPE Helion OpenStack 8", product_id: "HPE Helion OpenStack 8:openstack-monasca-agent-2.2.6~dev4-3.18.1.noarch", }, product_reference: "openstack-monasca-agent-2.2.6~dev4-3.18.1.noarch", relates_to_product_reference: "HPE Helion OpenStack 8", }, { category: "default_component_of", full_product_name: { name: "openstack-monasca-installer-20190923_16.32-3.12.1.noarch as component of HPE Helion OpenStack 8", product_id: "HPE Helion OpenStack 8:openstack-monasca-installer-20190923_16.32-3.12.1.noarch", }, product_reference: "openstack-monasca-installer-20190923_16.32-3.12.1.noarch", relates_to_product_reference: "HPE Helion OpenStack 8", }, { category: "default_component_of", full_product_name: { name: "openstack-neutron-11.0.9~dev65-3.33.2.noarch as component of HPE Helion OpenStack 8", product_id: "HPE Helion OpenStack 8:openstack-neutron-11.0.9~dev65-3.33.2.noarch", }, product_reference: "openstack-neutron-11.0.9~dev65-3.33.2.noarch", relates_to_product_reference: "HPE Helion OpenStack 8", }, { category: "default_component_of", full_product_name: { name: "openstack-neutron-dhcp-agent-11.0.9~dev65-3.33.2.noarch as component of HPE Helion OpenStack 8", product_id: "HPE Helion OpenStack 8:openstack-neutron-dhcp-agent-11.0.9~dev65-3.33.2.noarch", }, product_reference: "openstack-neutron-dhcp-agent-11.0.9~dev65-3.33.2.noarch", relates_to_product_reference: "HPE Helion OpenStack 8", }, { category: "default_component_of", full_product_name: { name: "openstack-neutron-doc-11.0.9~dev65-3.33.2.noarch as component of HPE Helion OpenStack 8", product_id: "HPE Helion OpenStack 8:openstack-neutron-doc-11.0.9~dev65-3.33.2.noarch", }, product_reference: "openstack-neutron-doc-11.0.9~dev65-3.33.2.noarch", relates_to_product_reference: "HPE Helion OpenStack 8", }, { category: "default_component_of", full_product_name: { name: "openstack-neutron-ha-tool-11.0.9~dev65-3.33.2.noarch as component of HPE Helion OpenStack 8", product_id: "HPE Helion OpenStack 8:openstack-neutron-ha-tool-11.0.9~dev65-3.33.2.noarch", }, product_reference: "openstack-neutron-ha-tool-11.0.9~dev65-3.33.2.noarch", relates_to_product_reference: "HPE Helion OpenStack 8", }, { category: "default_component_of", full_product_name: { name: "openstack-neutron-l3-agent-11.0.9~dev65-3.33.2.noarch as component of HPE Helion OpenStack 8", product_id: "HPE Helion OpenStack 8:openstack-neutron-l3-agent-11.0.9~dev65-3.33.2.noarch", }, product_reference: "openstack-neutron-l3-agent-11.0.9~dev65-3.33.2.noarch", relates_to_product_reference: "HPE Helion OpenStack 8", }, { category: "default_component_of", full_product_name: { name: "openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33.2.noarch as component of HPE Helion OpenStack 8", product_id: "HPE Helion OpenStack 8:openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33.2.noarch", }, product_reference: "openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33.2.noarch", relates_to_product_reference: "HPE Helion OpenStack 8", }, { category: "default_component_of", full_product_name: { name: "openstack-neutron-macvtap-agent-11.0.9~dev65-3.33.2.noarch as component of HPE Helion OpenStack 8", product_id: "HPE Helion OpenStack 8:openstack-neutron-macvtap-agent-11.0.9~dev65-3.33.2.noarch", }, product_reference: "openstack-neutron-macvtap-agent-11.0.9~dev65-3.33.2.noarch", relates_to_product_reference: "HPE Helion OpenStack 8", }, { category: "default_component_of", full_product_name: { name: "openstack-neutron-metadata-agent-11.0.9~dev65-3.33.2.noarch as component of HPE Helion OpenStack 8", product_id: "HPE Helion OpenStack 8:openstack-neutron-metadata-agent-11.0.9~dev65-3.33.2.noarch", }, product_reference: "openstack-neutron-metadata-agent-11.0.9~dev65-3.33.2.noarch", relates_to_product_reference: "HPE Helion OpenStack 8", }, { category: "default_component_of", full_product_name: { name: "openstack-neutron-metering-agent-11.0.9~dev65-3.33.2.noarch as component of HPE Helion OpenStack 8", product_id: "HPE Helion OpenStack 8:openstack-neutron-metering-agent-11.0.9~dev65-3.33.2.noarch", }, product_reference: "openstack-neutron-metering-agent-11.0.9~dev65-3.33.2.noarch", relates_to_product_reference: "HPE Helion OpenStack 8", }, { category: "default_component_of", full_product_name: { name: "openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33.2.noarch as component of HPE Helion OpenStack 8", product_id: "HPE Helion OpenStack 8:openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33.2.noarch", }, product_reference: "openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33.2.noarch", relates_to_product_reference: "HPE Helion OpenStack 8", }, { category: "default_component_of", full_product_name: { name: "openstack-neutron-server-11.0.9~dev65-3.33.2.noarch as component of HPE Helion OpenStack 8", product_id: "HPE Helion OpenStack 8:openstack-neutron-server-11.0.9~dev65-3.33.2.noarch", }, product_reference: "openstack-neutron-server-11.0.9~dev65-3.33.2.noarch", relates_to_product_reference: "HPE Helion OpenStack 8", }, { category: "default_component_of", full_product_name: { name: "openstack-octavia-amphora-image-x86_64-0.1.4-3.12.2.noarch as component of HPE Helion OpenStack 8", product_id: "HPE Helion OpenStack 8:openstack-octavia-amphora-image-x86_64-0.1.4-3.12.2.noarch", }, product_reference: "openstack-octavia-amphora-image-x86_64-0.1.4-3.12.2.noarch", relates_to_product_reference: "HPE Helion OpenStack 8", }, { category: "default_component_of", full_product_name: { name: "python-Django-1.11.23-3.15.1.noarch as component of HPE Helion OpenStack 8", product_id: "HPE Helion OpenStack 8:python-Django-1.11.23-3.15.1.noarch", }, product_reference: "python-Django-1.11.23-3.15.1.noarch", relates_to_product_reference: "HPE Helion OpenStack 8", }, { category: "default_component_of", full_product_name: { name: "python-Flask-0.12.1-3.3.1.noarch as component of HPE Helion OpenStack 8", product_id: "HPE Helion OpenStack 8:python-Flask-0.12.1-3.3.1.noarch", }, product_reference: "python-Flask-0.12.1-3.3.1.noarch", relates_to_product_reference: "HPE Helion OpenStack 8", }, { category: "default_component_of", full_product_name: { name: "python-GitPython-2.1.8-3.3.1.noarch as component of HPE Helion OpenStack 8", product_id: "HPE Helion OpenStack 8:python-GitPython-2.1.8-3.3.1.noarch", }, product_reference: "python-GitPython-2.1.8-3.3.1.noarch", relates_to_product_reference: "HPE Helion OpenStack 8", }, { category: "default_component_of", full_product_name: { name: "python-Pillow-4.2.1-3.5.1.x86_64 as component of HPE Helion OpenStack 8", product_id: "HPE Helion OpenStack 8:python-Pillow-4.2.1-3.5.1.x86_64", }, product_reference: "python-Pillow-4.2.1-3.5.1.x86_64", relates_to_product_reference: "HPE Helion OpenStack 8", }, { category: "default_component_of", full_product_name: { name: "python-amqp-2.4.2-3.12.1.noarch as component of HPE Helion OpenStack 8", product_id: "HPE Helion OpenStack 8:python-amqp-2.4.2-3.12.1.noarch", }, product_reference: "python-amqp-2.4.2-3.12.1.noarch", relates_to_product_reference: "HPE Helion OpenStack 8", }, { category: "default_component_of", full_product_name: { name: "python-apicapi-1.6.0-3.6.1.noarch as component of HPE Helion OpenStack 8", product_id: "HPE Helion OpenStack 8:python-apicapi-1.6.0-3.6.1.noarch", }, product_reference: "python-apicapi-1.6.0-3.6.1.noarch", relates_to_product_reference: "HPE Helion OpenStack 8", }, { category: "default_component_of", full_product_name: { name: "python-horizon-12.0.5~dev3-3.26.1.noarch as component of HPE Helion OpenStack 8", product_id: "HPE Helion OpenStack 8:python-horizon-12.0.5~dev3-3.26.1.noarch", }, product_reference: "python-horizon-12.0.5~dev3-3.26.1.noarch", relates_to_product_reference: "HPE Helion OpenStack 8", }, { category: "default_component_of", full_product_name: { name: "python-keystone-12.0.4~dev11-5.33.2.noarch as component of HPE Helion OpenStack 8", product_id: "HPE Helion OpenStack 8:python-keystone-12.0.4~dev11-5.33.2.noarch", }, product_reference: "python-keystone-12.0.4~dev11-5.33.2.noarch", relates_to_product_reference: "HPE Helion OpenStack 8", }, { category: "default_component_of", full_product_name: { name: "python-keystoneauth1-3.1.2~dev2-3.3.1.noarch as component of HPE Helion OpenStack 8", product_id: "HPE Helion OpenStack 8:python-keystoneauth1-3.1.2~dev2-3.3.1.noarch", }, product_reference: "python-keystoneauth1-3.1.2~dev2-3.3.1.noarch", relates_to_product_reference: "HPE Helion OpenStack 8", }, { category: "default_component_of", full_product_name: { name: "python-monasca-agent-2.2.6~dev4-3.18.1.noarch as component of HPE Helion OpenStack 8", product_id: "HPE Helion OpenStack 8:python-monasca-agent-2.2.6~dev4-3.18.1.noarch", }, product_reference: "python-monasca-agent-2.2.6~dev4-3.18.1.noarch", relates_to_product_reference: "HPE Helion OpenStack 8", }, { category: "default_component_of", full_product_name: { name: "python-neutron-11.0.9~dev65-3.33.2.noarch as component of HPE Helion OpenStack 8", product_id: "HPE Helion OpenStack 8:python-neutron-11.0.9~dev65-3.33.2.noarch", }, product_reference: "python-neutron-11.0.9~dev65-3.33.2.noarch", relates_to_product_reference: "HPE Helion OpenStack 8", }, { category: "default_component_of", full_product_name: { name: "python-oslo.messaging-5.30.8-3.11.1.noarch as component of HPE Helion OpenStack 8", product_id: "HPE Helion OpenStack 8:python-oslo.messaging-5.30.8-3.11.1.noarch", }, product_reference: "python-oslo.messaging-5.30.8-3.11.1.noarch", relates_to_product_reference: "HPE Helion OpenStack 8", }, { category: "default_component_of", full_product_name: { name: "python-psutil-5.2.2-3.3.1.x86_64 as component of HPE Helion OpenStack 8", product_id: "HPE Helion OpenStack 8:python-psutil-5.2.2-3.3.1.x86_64", }, product_reference: "python-psutil-5.2.2-3.3.1.x86_64", relates_to_product_reference: "HPE Helion OpenStack 8", }, { category: "default_component_of", full_product_name: { name: "python-pyroute2-0.4.21-3.3.1.noarch as component of HPE Helion OpenStack 8", product_id: "HPE Helion OpenStack 8:python-pyroute2-0.4.21-3.3.1.noarch", }, product_reference: "python-pyroute2-0.4.21-3.3.1.noarch", relates_to_product_reference: "HPE Helion OpenStack 8", }, { category: "default_component_of", full_product_name: { name: "python-pysaml2-4.0.2-5.6.1.noarch as component of HPE Helion OpenStack 8", product_id: "HPE Helion OpenStack 8:python-pysaml2-4.0.2-5.6.1.noarch", }, product_reference: "python-pysaml2-4.0.2-5.6.1.noarch", relates_to_product_reference: "HPE Helion OpenStack 8", }, { category: "default_component_of", full_product_name: { name: "python-tooz-1.58.1-3.3.1.noarch as component of HPE Helion OpenStack 8", product_id: "HPE Helion OpenStack 8:python-tooz-1.58.1-3.3.1.noarch", }, product_reference: "python-tooz-1.58.1-3.3.1.noarch", relates_to_product_reference: "HPE Helion OpenStack 8", }, { category: "default_component_of", full_product_name: { name: "python-waitress-1.4.3-3.3.1.noarch as component of HPE Helion OpenStack 8", product_id: "HPE Helion OpenStack 8:python-waitress-1.4.3-3.3.1.noarch", }, product_reference: "python-waitress-1.4.3-3.3.1.noarch", relates_to_product_reference: "HPE Helion OpenStack 8", }, { category: "default_component_of", full_product_name: { name: "storm-1.1.3-3.3.1.x86_64 as component of HPE Helion OpenStack 8", product_id: "HPE Helion OpenStack 8:storm-1.1.3-3.3.1.x86_64", }, product_reference: "storm-1.1.3-3.3.1.x86_64", relates_to_product_reference: "HPE Helion OpenStack 8", }, { category: "default_component_of", full_product_name: { name: "storm-nimbus-1.1.3-3.3.1.x86_64 as component of HPE Helion OpenStack 8", product_id: "HPE Helion OpenStack 8:storm-nimbus-1.1.3-3.3.1.x86_64", }, product_reference: "storm-nimbus-1.1.3-3.3.1.x86_64", relates_to_product_reference: "HPE Helion OpenStack 8", }, { category: "default_component_of", full_product_name: { name: "storm-supervisor-1.1.3-3.3.1.x86_64 as component of HPE Helion OpenStack 8", product_id: "HPE Helion OpenStack 8:storm-supervisor-1.1.3-3.3.1.x86_64", }, product_reference: "storm-supervisor-1.1.3-3.3.1.x86_64", relates_to_product_reference: "HPE Helion OpenStack 8", }, { category: "default_component_of", full_product_name: { name: "venv-openstack-aodh-x86_64-5.1.1~dev7-12.26.2.noarch as component of HPE Helion OpenStack 8", product_id: "HPE Helion OpenStack 8:venv-openstack-aodh-x86_64-5.1.1~dev7-12.26.2.noarch", }, product_reference: "venv-openstack-aodh-x86_64-5.1.1~dev7-12.26.2.noarch", relates_to_product_reference: "HPE Helion OpenStack 8", }, { category: "default_component_of", full_product_name: { name: "venv-openstack-barbican-x86_64-5.0.2~dev3-12.27.2.noarch as component of HPE Helion OpenStack 8", product_id: "HPE Helion OpenStack 8:venv-openstack-barbican-x86_64-5.0.2~dev3-12.27.2.noarch", }, product_reference: "venv-openstack-barbican-x86_64-5.0.2~dev3-12.27.2.noarch", relates_to_product_reference: "HPE Helion OpenStack 8", }, { category: "default_component_of", full_product_name: { name: "venv-openstack-ceilometer-x86_64-9.0.8~dev7-12.24.2.noarch as component of HPE Helion OpenStack 8", product_id: "HPE Helion OpenStack 8:venv-openstack-ceilometer-x86_64-9.0.8~dev7-12.24.2.noarch", }, product_reference: "venv-openstack-ceilometer-x86_64-9.0.8~dev7-12.24.2.noarch", relates_to_product_reference: "HPE Helion OpenStack 8", }, { category: "default_component_of", full_product_name: { name: "venv-openstack-cinder-x86_64-11.2.3~dev23-14.27.2.noarch as component of HPE Helion OpenStack 8", product_id: "HPE Helion OpenStack 8:venv-openstack-cinder-x86_64-11.2.3~dev23-14.27.2.noarch", }, product_reference: "venv-openstack-cinder-x86_64-11.2.3~dev23-14.27.2.noarch", relates_to_product_reference: "HPE Helion OpenStack 8", }, { category: "default_component_of", full_product_name: { name: "venv-openstack-designate-x86_64-5.0.3~dev7-12.25.2.noarch as component of HPE Helion OpenStack 8", product_id: "HPE Helion OpenStack 8:venv-openstack-designate-x86_64-5.0.3~dev7-12.25.2.noarch", }, product_reference: "venv-openstack-designate-x86_64-5.0.3~dev7-12.25.2.noarch", relates_to_product_reference: "HPE Helion OpenStack 8", }, { category: "default_component_of", full_product_name: { name: "venv-openstack-freezer-x86_64-5.0.0.0~xrc2~dev2-10.22.1.noarch as component of HPE Helion OpenStack 8", product_id: "HPE Helion OpenStack 8:venv-openstack-freezer-x86_64-5.0.0.0~xrc2~dev2-10.22.1.noarch", }, product_reference: "venv-openstack-freezer-x86_64-5.0.0.0~xrc2~dev2-10.22.1.noarch", relates_to_product_reference: "HPE Helion OpenStack 8", }, { category: "default_component_of", full_product_name: { name: "venv-openstack-glance-x86_64-15.0.3~dev3-12.25.1.noarch as component of HPE Helion OpenStack 8", product_id: "HPE Helion OpenStack 8:venv-openstack-glance-x86_64-15.0.3~dev3-12.25.1.noarch", }, product_reference: "venv-openstack-glance-x86_64-15.0.3~dev3-12.25.1.noarch", relates_to_product_reference: "HPE Helion OpenStack 8", }, { category: "default_component_of", full_product_name: { name: "venv-openstack-heat-x86_64-9.0.8~dev22-12.27.1.noarch as component of HPE Helion OpenStack 8", product_id: "HPE Helion OpenStack 8:venv-openstack-heat-x86_64-9.0.8~dev22-12.27.1.noarch", }, product_reference: "venv-openstack-heat-x86_64-9.0.8~dev22-12.27.1.noarch", relates_to_product_reference: "HPE Helion OpenStack 8", }, { category: "default_component_of", full_product_name: { name: "venv-openstack-horizon-hpe-x86_64-12.0.5~dev3-14.30.1.noarch as component of HPE Helion OpenStack 8", product_id: "HPE Helion OpenStack 8:venv-openstack-horizon-hpe-x86_64-12.0.5~dev3-14.30.1.noarch", }, product_reference: "venv-openstack-horizon-hpe-x86_64-12.0.5~dev3-14.30.1.noarch", relates_to_product_reference: "HPE Helion OpenStack 8", }, { category: "default_component_of", full_product_name: { name: "venv-openstack-ironic-x86_64-9.1.8~dev8-12.27.2.noarch as component of HPE Helion OpenStack 8", product_id: "HPE Helion OpenStack 8:venv-openstack-ironic-x86_64-9.1.8~dev8-12.27.2.noarch", }, product_reference: "venv-openstack-ironic-x86_64-9.1.8~dev8-12.27.2.noarch", relates_to_product_reference: "HPE Helion OpenStack 8", }, { category: "default_component_of", full_product_name: { name: "venv-openstack-keystone-x86_64-12.0.4~dev11-11.28.2.noarch as component of HPE Helion OpenStack 8", product_id: "HPE Helion OpenStack 8:venv-openstack-keystone-x86_64-12.0.4~dev11-11.28.2.noarch", }, product_reference: "venv-openstack-keystone-x86_64-12.0.4~dev11-11.28.2.noarch", relates_to_product_reference: "HPE Helion OpenStack 8", }, { category: "default_component_of", full_product_name: { name: "venv-openstack-magnum-x86_64-5.0.2_5.0.2_5.0.2~dev31-11.26.2.noarch as component of HPE Helion OpenStack 8", product_id: "HPE Helion OpenStack 8:venv-openstack-magnum-x86_64-5.0.2_5.0.2_5.0.2~dev31-11.26.2.noarch", }, product_reference: "venv-openstack-magnum-x86_64-5.0.2_5.0.2_5.0.2~dev31-11.26.2.noarch", relates_to_product_reference: "HPE Helion OpenStack 8", }, { category: "default_component_of", full_product_name: { name: "venv-openstack-manila-x86_64-5.1.1~dev5-12.31.2.noarch as component of HPE Helion OpenStack 8", product_id: "HPE Helion OpenStack 8:venv-openstack-manila-x86_64-5.1.1~dev5-12.31.2.noarch", }, product_reference: "venv-openstack-manila-x86_64-5.1.1~dev5-12.31.2.noarch", relates_to_product_reference: "HPE Helion OpenStack 8", }, { category: "default_component_of", full_product_name: { name: "venv-openstack-monasca-ceilometer-x86_64-1.5.1_1.5.1_1.5.1~dev3-8.22.2.noarch as component of HPE Helion OpenStack 8", product_id: "HPE Helion OpenStack 8:venv-openstack-monasca-ceilometer-x86_64-1.5.1_1.5.1_1.5.1~dev3-8.22.2.noarch", }, product_reference: "venv-openstack-monasca-ceilometer-x86_64-1.5.1_1.5.1_1.5.1~dev3-8.22.2.noarch", relates_to_product_reference: "HPE Helion OpenStack 8", }, { category: "default_component_of", full_product_name: { name: "venv-openstack-monasca-x86_64-2.2.2~dev1-11.22.3.noarch as component of HPE Helion OpenStack 8", product_id: "HPE Helion OpenStack 8:venv-openstack-monasca-x86_64-2.2.2~dev1-11.22.3.noarch", }, product_reference: "venv-openstack-monasca-x86_64-2.2.2~dev1-11.22.3.noarch", relates_to_product_reference: "HPE Helion OpenStack 8", }, { category: "default_component_of", full_product_name: { name: "venv-openstack-murano-x86_64-4.0.2~dev2-12.22.1.noarch as component of HPE Helion OpenStack 8", product_id: "HPE Helion OpenStack 8:venv-openstack-murano-x86_64-4.0.2~dev2-12.22.1.noarch", }, product_reference: "venv-openstack-murano-x86_64-4.0.2~dev2-12.22.1.noarch", relates_to_product_reference: "HPE Helion OpenStack 8", }, { category: "default_component_of", full_product_name: { name: "venv-openstack-neutron-x86_64-11.0.9~dev65-13.30.2.noarch as component of HPE Helion OpenStack 8", product_id: "HPE Helion OpenStack 8:venv-openstack-neutron-x86_64-11.0.9~dev65-13.30.2.noarch", }, product_reference: "venv-openstack-neutron-x86_64-11.0.9~dev65-13.30.2.noarch", relates_to_product_reference: "HPE Helion OpenStack 8", }, { category: "default_component_of", full_product_name: { name: "venv-openstack-nova-x86_64-16.1.9~dev61-11.28.2.noarch as component of HPE Helion OpenStack 8", product_id: "HPE Helion OpenStack 8:venv-openstack-nova-x86_64-16.1.9~dev61-11.28.2.noarch", }, product_reference: "venv-openstack-nova-x86_64-16.1.9~dev61-11.28.2.noarch", relates_to_product_reference: "HPE Helion OpenStack 8", }, { category: "default_component_of", full_product_name: { name: "venv-openstack-octavia-x86_64-1.0.6~dev3-12.27.2.noarch as component of HPE Helion OpenStack 8", product_id: "HPE Helion OpenStack 8:venv-openstack-octavia-x86_64-1.0.6~dev3-12.27.2.noarch", }, product_reference: "venv-openstack-octavia-x86_64-1.0.6~dev3-12.27.2.noarch", relates_to_product_reference: "HPE Helion OpenStack 8", }, { category: "default_component_of", full_product_name: { name: "venv-openstack-sahara-x86_64-7.0.5~dev4-11.26.2.noarch as component of HPE Helion OpenStack 8", product_id: "HPE Helion OpenStack 8:venv-openstack-sahara-x86_64-7.0.5~dev4-11.26.2.noarch", }, product_reference: "venv-openstack-sahara-x86_64-7.0.5~dev4-11.26.2.noarch", relates_to_product_reference: "HPE Helion OpenStack 8", }, { category: "default_component_of", full_product_name: { name: "venv-openstack-swift-x86_64-2.15.2_2.15.2_2.15.2~dev32-11.18.1.noarch as component of HPE Helion OpenStack 8", product_id: "HPE Helion OpenStack 8:venv-openstack-swift-x86_64-2.15.2_2.15.2_2.15.2~dev32-11.18.1.noarch", }, product_reference: "venv-openstack-swift-x86_64-2.15.2_2.15.2_2.15.2~dev32-11.18.1.noarch", relates_to_product_reference: "HPE Helion OpenStack 8", }, { category: "default_component_of", full_product_name: { name: "venv-openstack-trove-x86_64-8.0.2~dev2-11.26.1.noarch as component of HPE Helion OpenStack 8", product_id: "HPE Helion OpenStack 8:venv-openstack-trove-x86_64-8.0.2~dev2-11.26.1.noarch", }, product_reference: "venv-openstack-trove-x86_64-8.0.2~dev2-11.26.1.noarch", relates_to_product_reference: "HPE Helion OpenStack 8", }, { category: "default_component_of", full_product_name: { name: "ansible-2.4.6.0-3.9.1.noarch as component of SUSE OpenStack Cloud 8", product_id: "SUSE OpenStack Cloud 8:ansible-2.4.6.0-3.9.1.noarch", }, product_reference: "ansible-2.4.6.0-3.9.1.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 8", }, { category: "default_component_of", full_product_name: { name: "ansible1-1.9.6-7.3.1.noarch as component of SUSE OpenStack Cloud 8", product_id: "SUSE OpenStack Cloud 8:ansible1-1.9.6-7.3.1.noarch", }, product_reference: "ansible1-1.9.6-7.3.1.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 8", }, { category: "default_component_of", full_product_name: { name: "ardana-ansible-8.0+git.1589740980.6c3bcdc-3.73.1.noarch as component of SUSE OpenStack Cloud 8", product_id: "SUSE OpenStack Cloud 8:ardana-ansible-8.0+git.1589740980.6c3bcdc-3.73.1.noarch", }, product_reference: "ardana-ansible-8.0+git.1589740980.6c3bcdc-3.73.1.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 8", }, { category: "default_component_of", full_product_name: { name: "ardana-cluster-8.0+git.1585685203.3e71e49-3.36.1.noarch as component of SUSE OpenStack Cloud 8", product_id: "SUSE OpenStack Cloud 8:ardana-cluster-8.0+git.1585685203.3e71e49-3.36.1.noarch", }, product_reference: "ardana-cluster-8.0+git.1585685203.3e71e49-3.36.1.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 8", }, { category: "default_component_of", full_product_name: { name: "ardana-freezer-8.0+git.1586539529.b7d295f-3.21.1.noarch as component of SUSE OpenStack Cloud 8", product_id: "SUSE OpenStack Cloud 8:ardana-freezer-8.0+git.1586539529.b7d295f-3.21.1.noarch", }, product_reference: "ardana-freezer-8.0+git.1586539529.b7d295f-3.21.1.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 8", }, { category: "default_component_of", full_product_name: { name: "ardana-input-model-8.0+git.1589740934.0e0ad61-3.39.1.noarch as component of SUSE OpenStack Cloud 8", product_id: "SUSE OpenStack Cloud 8:ardana-input-model-8.0+git.1589740934.0e0ad61-3.39.1.noarch", }, product_reference: "ardana-input-model-8.0+git.1589740934.0e0ad61-3.39.1.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 8", }, { category: "default_component_of", full_product_name: { name: "ardana-logging-8.0+git.1591194866.b7375d0-3.24.1.noarch as component of SUSE OpenStack Cloud 8", product_id: "SUSE OpenStack Cloud 8:ardana-logging-8.0+git.1591194866.b7375d0-3.24.1.noarch", }, product_reference: "ardana-logging-8.0+git.1591194866.b7375d0-3.24.1.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 8", }, { category: "default_component_of", full_product_name: { name: "ardana-mq-8.0+git.1589715269.62ad6df-3.22.1.noarch as component of SUSE OpenStack Cloud 8", product_id: "SUSE OpenStack Cloud 8:ardana-mq-8.0+git.1589715269.62ad6df-3.22.1.noarch", }, product_reference: "ardana-mq-8.0+git.1589715269.62ad6df-3.22.1.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 8", }, { category: "default_component_of", full_product_name: { name: "ardana-neutron-8.0+git.1590756744.ba84abc-3.42.1.noarch as component of SUSE OpenStack Cloud 8", product_id: "SUSE OpenStack Cloud 8:ardana-neutron-8.0+git.1590756744.ba84abc-3.42.1.noarch", }, product_reference: "ardana-neutron-8.0+git.1590756744.ba84abc-3.42.1.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 8", }, { category: "default_component_of", full_product_name: { name: "ardana-octavia-8.0+git.1590100427.cf4cc8f-3.29.1.noarch as component of SUSE OpenStack Cloud 8", product_id: "SUSE OpenStack Cloud 8:ardana-octavia-8.0+git.1590100427.cf4cc8f-3.29.1.noarch", }, product_reference: "ardana-octavia-8.0+git.1590100427.cf4cc8f-3.29.1.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 8", }, { category: "default_component_of", full_product_name: { name: "ardana-osconfig-8.0+git.1587034587.eac37b8-3.45.1.noarch as component of SUSE OpenStack Cloud 8", product_id: "SUSE OpenStack Cloud 8:ardana-osconfig-8.0+git.1587034587.eac37b8-3.45.1.noarch", }, product_reference: "ardana-osconfig-8.0+git.1587034587.eac37b8-3.45.1.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 8", }, { category: "default_component_of", full_product_name: { name: "caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1.noarch as component of SUSE OpenStack Cloud 8", product_id: "SUSE OpenStack Cloud 8:caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1.noarch", }, product_reference: "caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 8", }, { category: "default_component_of", full_product_name: { name: "documentation-suse-openstack-cloud-installation-8.20200527-1.26.1.noarch as component of SUSE OpenStack Cloud 8", product_id: "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-installation-8.20200527-1.26.1.noarch", }, product_reference: "documentation-suse-openstack-cloud-installation-8.20200527-1.26.1.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 8", }, { category: "default_component_of", full_product_name: { name: "documentation-suse-openstack-cloud-operations-8.20200527-1.26.1.noarch as component of SUSE OpenStack Cloud 8", product_id: "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-operations-8.20200527-1.26.1.noarch", }, product_reference: "documentation-suse-openstack-cloud-operations-8.20200527-1.26.1.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 8", }, { category: "default_component_of", full_product_name: { name: "documentation-suse-openstack-cloud-opsconsole-8.20200527-1.26.1.noarch as component of SUSE OpenStack Cloud 8", product_id: "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-opsconsole-8.20200527-1.26.1.noarch", }, product_reference: "documentation-suse-openstack-cloud-opsconsole-8.20200527-1.26.1.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 8", }, { category: "default_component_of", full_product_name: { name: "documentation-suse-openstack-cloud-planning-8.20200527-1.26.1.noarch as component of SUSE OpenStack Cloud 8", product_id: "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-planning-8.20200527-1.26.1.noarch", }, product_reference: "documentation-suse-openstack-cloud-planning-8.20200527-1.26.1.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 8", }, { category: "default_component_of", full_product_name: { name: "documentation-suse-openstack-cloud-security-8.20200527-1.26.1.noarch as component of SUSE OpenStack Cloud 8", product_id: "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-security-8.20200527-1.26.1.noarch", }, product_reference: "documentation-suse-openstack-cloud-security-8.20200527-1.26.1.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 8", }, { category: "default_component_of", full_product_name: { name: "documentation-suse-openstack-cloud-supplement-8.20200527-1.26.1.noarch as component of SUSE OpenStack Cloud 8", product_id: "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-supplement-8.20200527-1.26.1.noarch", }, product_reference: "documentation-suse-openstack-cloud-supplement-8.20200527-1.26.1.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 8", }, { category: "default_component_of", full_product_name: { name: "documentation-suse-openstack-cloud-upstream-admin-8.20200527-1.26.1.noarch as component of SUSE OpenStack Cloud 8", product_id: "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-upstream-admin-8.20200527-1.26.1.noarch", }, product_reference: "documentation-suse-openstack-cloud-upstream-admin-8.20200527-1.26.1.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 8", }, { category: "default_component_of", full_product_name: { name: "documentation-suse-openstack-cloud-upstream-user-8.20200527-1.26.1.noarch as component of SUSE OpenStack Cloud 8", product_id: "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-upstream-user-8.20200527-1.26.1.noarch", }, product_reference: "documentation-suse-openstack-cloud-upstream-user-8.20200527-1.26.1.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 8", }, { category: "default_component_of", full_product_name: { name: "documentation-suse-openstack-cloud-user-8.20200527-1.26.1.noarch as component of SUSE OpenStack Cloud 8", product_id: "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-user-8.20200527-1.26.1.noarch", }, product_reference: "documentation-suse-openstack-cloud-user-8.20200527-1.26.1.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 8", }, { category: "default_component_of", full_product_name: { name: "grafana-4.6.5-4.9.1.x86_64 as component of SUSE OpenStack Cloud 8", product_id: "SUSE OpenStack Cloud 8:grafana-4.6.5-4.9.1.x86_64", }, product_reference: "grafana-4.6.5-4.9.1.x86_64", relates_to_product_reference: "SUSE OpenStack Cloud 8", }, { category: "default_component_of", full_product_name: { name: "kibana-4.6.3-3.3.1.x86_64 as component of SUSE OpenStack Cloud 8", product_id: "SUSE OpenStack Cloud 8:kibana-4.6.3-3.3.1.x86_64", }, product_reference: "kibana-4.6.3-3.3.1.x86_64", relates_to_product_reference: "SUSE OpenStack Cloud 8", }, { category: "default_component_of", full_product_name: { name: "openstack-dashboard-12.0.5~dev3-3.26.1.noarch as component of SUSE OpenStack Cloud 8", product_id: "SUSE OpenStack Cloud 8:openstack-dashboard-12.0.5~dev3-3.26.1.noarch", }, product_reference: "openstack-dashboard-12.0.5~dev3-3.26.1.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 8", }, { category: "default_component_of", full_product_name: { name: "openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1.noarch as component of SUSE OpenStack Cloud 8", product_id: "SUSE OpenStack Cloud 8:openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1.noarch", }, product_reference: "openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 8", }, { category: "default_component_of", full_product_name: { name: "openstack-keystone-12.0.4~dev11-5.33.2.noarch as component of SUSE OpenStack Cloud 8", product_id: "SUSE OpenStack Cloud 8:openstack-keystone-12.0.4~dev11-5.33.2.noarch", }, product_reference: "openstack-keystone-12.0.4~dev11-5.33.2.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 8", }, { category: "default_component_of", full_product_name: { name: "openstack-keystone-doc-12.0.4~dev11-5.33.2.noarch as component of SUSE OpenStack Cloud 8", product_id: "SUSE OpenStack Cloud 8:openstack-keystone-doc-12.0.4~dev11-5.33.2.noarch", }, product_reference: "openstack-keystone-doc-12.0.4~dev11-5.33.2.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 8", }, { category: "default_component_of", full_product_name: { name: "openstack-monasca-agent-2.2.6~dev4-3.18.1.noarch as component of SUSE OpenStack Cloud 8", product_id: "SUSE OpenStack Cloud 8:openstack-monasca-agent-2.2.6~dev4-3.18.1.noarch", }, product_reference: "openstack-monasca-agent-2.2.6~dev4-3.18.1.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 8", }, { category: "default_component_of", full_product_name: { name: "openstack-monasca-installer-20190923_16.32-3.12.1.noarch as component of SUSE OpenStack Cloud 8", product_id: "SUSE OpenStack Cloud 8:openstack-monasca-installer-20190923_16.32-3.12.1.noarch", }, product_reference: "openstack-monasca-installer-20190923_16.32-3.12.1.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 8", }, { category: "default_component_of", full_product_name: { name: "openstack-neutron-11.0.9~dev65-3.33.2.noarch as component of SUSE OpenStack Cloud 8", product_id: "SUSE OpenStack Cloud 8:openstack-neutron-11.0.9~dev65-3.33.2.noarch", }, product_reference: "openstack-neutron-11.0.9~dev65-3.33.2.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 8", }, { category: "default_component_of", full_product_name: { name: "openstack-neutron-dhcp-agent-11.0.9~dev65-3.33.2.noarch as component of SUSE OpenStack Cloud 8", product_id: "SUSE OpenStack Cloud 8:openstack-neutron-dhcp-agent-11.0.9~dev65-3.33.2.noarch", }, product_reference: "openstack-neutron-dhcp-agent-11.0.9~dev65-3.33.2.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 8", }, { category: "default_component_of", full_product_name: { name: "openstack-neutron-doc-11.0.9~dev65-3.33.2.noarch as component of SUSE OpenStack Cloud 8", product_id: "SUSE OpenStack Cloud 8:openstack-neutron-doc-11.0.9~dev65-3.33.2.noarch", }, product_reference: "openstack-neutron-doc-11.0.9~dev65-3.33.2.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 8", }, { category: "default_component_of", full_product_name: { name: "openstack-neutron-ha-tool-11.0.9~dev65-3.33.2.noarch as component of SUSE OpenStack Cloud 8", product_id: "SUSE OpenStack Cloud 8:openstack-neutron-ha-tool-11.0.9~dev65-3.33.2.noarch", }, product_reference: "openstack-neutron-ha-tool-11.0.9~dev65-3.33.2.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 8", }, { category: "default_component_of", full_product_name: { name: "openstack-neutron-l3-agent-11.0.9~dev65-3.33.2.noarch as component of SUSE OpenStack Cloud 8", product_id: "SUSE OpenStack Cloud 8:openstack-neutron-l3-agent-11.0.9~dev65-3.33.2.noarch", }, product_reference: "openstack-neutron-l3-agent-11.0.9~dev65-3.33.2.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 8", }, { category: "default_component_of", full_product_name: { name: "openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33.2.noarch as component of SUSE OpenStack Cloud 8", product_id: "SUSE OpenStack Cloud 8:openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33.2.noarch", }, product_reference: "openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33.2.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 8", }, { category: "default_component_of", full_product_name: { name: "openstack-neutron-macvtap-agent-11.0.9~dev65-3.33.2.noarch as component of SUSE OpenStack Cloud 8", product_id: "SUSE OpenStack Cloud 8:openstack-neutron-macvtap-agent-11.0.9~dev65-3.33.2.noarch", }, product_reference: "openstack-neutron-macvtap-agent-11.0.9~dev65-3.33.2.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 8", }, { category: "default_component_of", full_product_name: { name: "openstack-neutron-metadata-agent-11.0.9~dev65-3.33.2.noarch as component of SUSE OpenStack Cloud 8", product_id: "SUSE OpenStack Cloud 8:openstack-neutron-metadata-agent-11.0.9~dev65-3.33.2.noarch", }, product_reference: "openstack-neutron-metadata-agent-11.0.9~dev65-3.33.2.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 8", }, { category: "default_component_of", full_product_name: { name: "openstack-neutron-metering-agent-11.0.9~dev65-3.33.2.noarch as component of SUSE OpenStack Cloud 8", product_id: "SUSE OpenStack Cloud 8:openstack-neutron-metering-agent-11.0.9~dev65-3.33.2.noarch", }, product_reference: "openstack-neutron-metering-agent-11.0.9~dev65-3.33.2.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 8", }, { category: "default_component_of", full_product_name: { name: "openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33.2.noarch as component of SUSE OpenStack Cloud 8", product_id: "SUSE OpenStack Cloud 8:openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33.2.noarch", }, product_reference: "openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33.2.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 8", }, { category: "default_component_of", full_product_name: { name: "openstack-neutron-server-11.0.9~dev65-3.33.2.noarch as component of SUSE OpenStack Cloud 8", product_id: "SUSE OpenStack Cloud 8:openstack-neutron-server-11.0.9~dev65-3.33.2.noarch", }, product_reference: "openstack-neutron-server-11.0.9~dev65-3.33.2.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 8", }, { category: "default_component_of", full_product_name: { name: "openstack-octavia-amphora-image-x86_64-0.1.4-3.12.2.noarch as component of SUSE OpenStack Cloud 8", product_id: "SUSE OpenStack Cloud 8:openstack-octavia-amphora-image-x86_64-0.1.4-3.12.2.noarch", }, product_reference: "openstack-octavia-amphora-image-x86_64-0.1.4-3.12.2.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 8", }, { category: "default_component_of", full_product_name: { name: "python-Django-1.11.23-3.15.1.noarch as component of SUSE OpenStack Cloud 8", product_id: "SUSE OpenStack Cloud 8:python-Django-1.11.23-3.15.1.noarch", }, product_reference: "python-Django-1.11.23-3.15.1.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 8", }, { category: "default_component_of", full_product_name: { name: "python-Flask-0.12.1-3.3.1.noarch as component of SUSE OpenStack Cloud 8", product_id: "SUSE OpenStack Cloud 8:python-Flask-0.12.1-3.3.1.noarch", }, product_reference: "python-Flask-0.12.1-3.3.1.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 8", }, { category: "default_component_of", full_product_name: { name: "python-GitPython-2.1.8-3.3.1.noarch as component of SUSE OpenStack Cloud 8", product_id: "SUSE OpenStack Cloud 8:python-GitPython-2.1.8-3.3.1.noarch", }, product_reference: "python-GitPython-2.1.8-3.3.1.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 8", }, { category: "default_component_of", full_product_name: { name: "python-Pillow-4.2.1-3.5.1.x86_64 as component of SUSE OpenStack Cloud 8", product_id: "SUSE OpenStack Cloud 8:python-Pillow-4.2.1-3.5.1.x86_64", }, product_reference: "python-Pillow-4.2.1-3.5.1.x86_64", relates_to_product_reference: "SUSE OpenStack Cloud 8", }, { category: "default_component_of", full_product_name: { name: "python-amqp-2.4.2-3.12.1.noarch as component of SUSE OpenStack Cloud 8", product_id: "SUSE OpenStack Cloud 8:python-amqp-2.4.2-3.12.1.noarch", }, product_reference: "python-amqp-2.4.2-3.12.1.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 8", }, { category: "default_component_of", full_product_name: { name: "python-apicapi-1.6.0-3.6.1.noarch as component of SUSE OpenStack Cloud 8", product_id: "SUSE OpenStack Cloud 8:python-apicapi-1.6.0-3.6.1.noarch", }, product_reference: "python-apicapi-1.6.0-3.6.1.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 8", }, { category: "default_component_of", full_product_name: { name: "python-horizon-12.0.5~dev3-3.26.1.noarch as component of SUSE OpenStack Cloud 8", product_id: "SUSE OpenStack Cloud 8:python-horizon-12.0.5~dev3-3.26.1.noarch", }, product_reference: "python-horizon-12.0.5~dev3-3.26.1.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 8", }, { category: "default_component_of", full_product_name: { name: "python-keystone-12.0.4~dev11-5.33.2.noarch as component of SUSE OpenStack Cloud 8", product_id: "SUSE OpenStack Cloud 8:python-keystone-12.0.4~dev11-5.33.2.noarch", }, product_reference: "python-keystone-12.0.4~dev11-5.33.2.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 8", }, { category: "default_component_of", full_product_name: { name: "python-keystoneauth1-3.1.2~dev2-3.3.1.noarch as component of SUSE OpenStack Cloud 8", product_id: "SUSE OpenStack Cloud 8:python-keystoneauth1-3.1.2~dev2-3.3.1.noarch", }, product_reference: "python-keystoneauth1-3.1.2~dev2-3.3.1.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 8", }, { category: "default_component_of", full_product_name: { name: "python-monasca-agent-2.2.6~dev4-3.18.1.noarch as component of SUSE OpenStack Cloud 8", product_id: "SUSE OpenStack Cloud 8:python-monasca-agent-2.2.6~dev4-3.18.1.noarch", }, product_reference: "python-monasca-agent-2.2.6~dev4-3.18.1.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 8", }, { category: "default_component_of", full_product_name: { name: "python-neutron-11.0.9~dev65-3.33.2.noarch as component of SUSE OpenStack Cloud 8", product_id: "SUSE OpenStack Cloud 8:python-neutron-11.0.9~dev65-3.33.2.noarch", }, product_reference: "python-neutron-11.0.9~dev65-3.33.2.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 8", }, { category: "default_component_of", full_product_name: { name: "python-oslo.messaging-5.30.8-3.11.1.noarch as component of SUSE OpenStack Cloud 8", product_id: "SUSE OpenStack Cloud 8:python-oslo.messaging-5.30.8-3.11.1.noarch", }, product_reference: "python-oslo.messaging-5.30.8-3.11.1.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 8", }, { category: "default_component_of", full_product_name: { name: "python-psutil-5.2.2-3.3.1.x86_64 as component of SUSE OpenStack Cloud 8", product_id: "SUSE OpenStack Cloud 8:python-psutil-5.2.2-3.3.1.x86_64", }, product_reference: "python-psutil-5.2.2-3.3.1.x86_64", relates_to_product_reference: "SUSE OpenStack Cloud 8", }, { category: "default_component_of", full_product_name: { name: "python-pyroute2-0.4.21-3.3.1.noarch as component of SUSE OpenStack Cloud 8", product_id: "SUSE OpenStack Cloud 8:python-pyroute2-0.4.21-3.3.1.noarch", }, product_reference: "python-pyroute2-0.4.21-3.3.1.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 8", }, { category: "default_component_of", full_product_name: { name: "python-pysaml2-4.0.2-5.6.1.noarch as component of SUSE OpenStack Cloud 8", product_id: "SUSE OpenStack Cloud 8:python-pysaml2-4.0.2-5.6.1.noarch", }, product_reference: "python-pysaml2-4.0.2-5.6.1.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 8", }, { category: "default_component_of", full_product_name: { name: "python-tooz-1.58.1-3.3.1.noarch as component of SUSE OpenStack Cloud 8", product_id: "SUSE OpenStack Cloud 8:python-tooz-1.58.1-3.3.1.noarch", }, product_reference: "python-tooz-1.58.1-3.3.1.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 8", }, { category: "default_component_of", full_product_name: { name: "python-waitress-1.4.3-3.3.1.noarch as component of SUSE OpenStack Cloud 8", product_id: "SUSE OpenStack Cloud 8:python-waitress-1.4.3-3.3.1.noarch", }, product_reference: "python-waitress-1.4.3-3.3.1.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 8", }, { category: "default_component_of", full_product_name: { name: "storm-1.1.3-3.3.1.x86_64 as component of SUSE OpenStack Cloud 8", product_id: "SUSE OpenStack Cloud 8:storm-1.1.3-3.3.1.x86_64", }, product_reference: "storm-1.1.3-3.3.1.x86_64", relates_to_product_reference: "SUSE OpenStack Cloud 8", }, { category: "default_component_of", full_product_name: { name: "storm-nimbus-1.1.3-3.3.1.x86_64 as component of SUSE OpenStack Cloud 8", product_id: "SUSE OpenStack Cloud 8:storm-nimbus-1.1.3-3.3.1.x86_64", }, product_reference: "storm-nimbus-1.1.3-3.3.1.x86_64", relates_to_product_reference: "SUSE OpenStack Cloud 8", }, { category: "default_component_of", full_product_name: { name: "storm-supervisor-1.1.3-3.3.1.x86_64 as component of SUSE OpenStack Cloud 8", product_id: "SUSE OpenStack Cloud 8:storm-supervisor-1.1.3-3.3.1.x86_64", }, product_reference: "storm-supervisor-1.1.3-3.3.1.x86_64", relates_to_product_reference: "SUSE OpenStack Cloud 8", }, { category: "default_component_of", full_product_name: { name: "venv-openstack-aodh-x86_64-5.1.1~dev7-12.26.2.noarch as component of SUSE OpenStack Cloud 8", product_id: "SUSE OpenStack Cloud 8:venv-openstack-aodh-x86_64-5.1.1~dev7-12.26.2.noarch", }, product_reference: "venv-openstack-aodh-x86_64-5.1.1~dev7-12.26.2.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 8", }, { category: "default_component_of", full_product_name: { name: "venv-openstack-barbican-x86_64-5.0.2~dev3-12.27.2.noarch as component of SUSE OpenStack Cloud 8", product_id: "SUSE OpenStack Cloud 8:venv-openstack-barbican-x86_64-5.0.2~dev3-12.27.2.noarch", }, product_reference: "venv-openstack-barbican-x86_64-5.0.2~dev3-12.27.2.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 8", }, { category: "default_component_of", full_product_name: { name: "venv-openstack-ceilometer-x86_64-9.0.8~dev7-12.24.2.noarch as component of SUSE OpenStack Cloud 8", product_id: "SUSE OpenStack Cloud 8:venv-openstack-ceilometer-x86_64-9.0.8~dev7-12.24.2.noarch", }, product_reference: "venv-openstack-ceilometer-x86_64-9.0.8~dev7-12.24.2.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 8", }, { category: "default_component_of", full_product_name: { name: "venv-openstack-cinder-x86_64-11.2.3~dev23-14.27.2.noarch as component of SUSE OpenStack Cloud 8", product_id: "SUSE OpenStack Cloud 8:venv-openstack-cinder-x86_64-11.2.3~dev23-14.27.2.noarch", }, product_reference: "venv-openstack-cinder-x86_64-11.2.3~dev23-14.27.2.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 8", }, { category: "default_component_of", full_product_name: { name: "venv-openstack-designate-x86_64-5.0.3~dev7-12.25.2.noarch as component of SUSE OpenStack Cloud 8", product_id: "SUSE OpenStack Cloud 8:venv-openstack-designate-x86_64-5.0.3~dev7-12.25.2.noarch", }, product_reference: "venv-openstack-designate-x86_64-5.0.3~dev7-12.25.2.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 8", }, { category: "default_component_of", full_product_name: { name: "venv-openstack-freezer-x86_64-5.0.0.0~xrc2~dev2-10.22.1.noarch as component of SUSE OpenStack Cloud 8", product_id: "SUSE OpenStack Cloud 8:venv-openstack-freezer-x86_64-5.0.0.0~xrc2~dev2-10.22.1.noarch", }, product_reference: "venv-openstack-freezer-x86_64-5.0.0.0~xrc2~dev2-10.22.1.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 8", }, { category: "default_component_of", full_product_name: { name: "venv-openstack-glance-x86_64-15.0.3~dev3-12.25.1.noarch as component of SUSE OpenStack Cloud 8", product_id: "SUSE OpenStack Cloud 8:venv-openstack-glance-x86_64-15.0.3~dev3-12.25.1.noarch", }, product_reference: "venv-openstack-glance-x86_64-15.0.3~dev3-12.25.1.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 8", }, { category: "default_component_of", full_product_name: { name: "venv-openstack-heat-x86_64-9.0.8~dev22-12.27.1.noarch as component of SUSE OpenStack Cloud 8", product_id: "SUSE OpenStack Cloud 8:venv-openstack-heat-x86_64-9.0.8~dev22-12.27.1.noarch", }, product_reference: "venv-openstack-heat-x86_64-9.0.8~dev22-12.27.1.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 8", }, { category: "default_component_of", full_product_name: { name: "venv-openstack-horizon-x86_64-12.0.5~dev3-14.30.1.noarch as component of SUSE OpenStack Cloud 8", product_id: "SUSE OpenStack Cloud 8:venv-openstack-horizon-x86_64-12.0.5~dev3-14.30.1.noarch", }, product_reference: "venv-openstack-horizon-x86_64-12.0.5~dev3-14.30.1.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 8", }, { category: "default_component_of", full_product_name: { name: "venv-openstack-ironic-x86_64-9.1.8~dev8-12.27.2.noarch as component of SUSE OpenStack Cloud 8", product_id: "SUSE OpenStack Cloud 8:venv-openstack-ironic-x86_64-9.1.8~dev8-12.27.2.noarch", }, product_reference: "venv-openstack-ironic-x86_64-9.1.8~dev8-12.27.2.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 8", }, { category: "default_component_of", full_product_name: { name: "venv-openstack-keystone-x86_64-12.0.4~dev11-11.28.2.noarch as component of SUSE OpenStack Cloud 8", product_id: "SUSE OpenStack Cloud 8:venv-openstack-keystone-x86_64-12.0.4~dev11-11.28.2.noarch", }, product_reference: "venv-openstack-keystone-x86_64-12.0.4~dev11-11.28.2.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 8", }, { category: "default_component_of", full_product_name: { name: "venv-openstack-magnum-x86_64-5.0.2_5.0.2_5.0.2~dev31-11.26.2.noarch as component of SUSE OpenStack Cloud 8", product_id: "SUSE OpenStack Cloud 8:venv-openstack-magnum-x86_64-5.0.2_5.0.2_5.0.2~dev31-11.26.2.noarch", }, product_reference: "venv-openstack-magnum-x86_64-5.0.2_5.0.2_5.0.2~dev31-11.26.2.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 8", }, { category: "default_component_of", full_product_name: { name: "venv-openstack-manila-x86_64-5.1.1~dev5-12.31.2.noarch as component of SUSE OpenStack Cloud 8", product_id: "SUSE OpenStack Cloud 8:venv-openstack-manila-x86_64-5.1.1~dev5-12.31.2.noarch", }, product_reference: "venv-openstack-manila-x86_64-5.1.1~dev5-12.31.2.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 8", }, { category: "default_component_of", full_product_name: { name: "venv-openstack-monasca-ceilometer-x86_64-1.5.1_1.5.1_1.5.1~dev3-8.22.2.noarch as component of SUSE OpenStack Cloud 8", product_id: "SUSE OpenStack Cloud 8:venv-openstack-monasca-ceilometer-x86_64-1.5.1_1.5.1_1.5.1~dev3-8.22.2.noarch", }, product_reference: "venv-openstack-monasca-ceilometer-x86_64-1.5.1_1.5.1_1.5.1~dev3-8.22.2.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 8", }, { category: "default_component_of", full_product_name: { name: "venv-openstack-monasca-x86_64-2.2.2~dev1-11.22.3.noarch as component of SUSE OpenStack Cloud 8", product_id: "SUSE OpenStack Cloud 8:venv-openstack-monasca-x86_64-2.2.2~dev1-11.22.3.noarch", }, product_reference: "venv-openstack-monasca-x86_64-2.2.2~dev1-11.22.3.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 8", }, { category: "default_component_of", full_product_name: { name: "venv-openstack-murano-x86_64-4.0.2~dev2-12.22.1.noarch as component of SUSE OpenStack Cloud 8", product_id: "SUSE OpenStack Cloud 8:venv-openstack-murano-x86_64-4.0.2~dev2-12.22.1.noarch", }, product_reference: "venv-openstack-murano-x86_64-4.0.2~dev2-12.22.1.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 8", }, { category: "default_component_of", full_product_name: { name: "venv-openstack-neutron-x86_64-11.0.9~dev65-13.30.2.noarch as component of SUSE OpenStack Cloud 8", product_id: "SUSE OpenStack Cloud 8:venv-openstack-neutron-x86_64-11.0.9~dev65-13.30.2.noarch", }, product_reference: "venv-openstack-neutron-x86_64-11.0.9~dev65-13.30.2.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 8", }, { category: "default_component_of", full_product_name: { name: "venv-openstack-nova-x86_64-16.1.9~dev61-11.28.2.noarch as component of SUSE OpenStack Cloud 8", product_id: "SUSE OpenStack Cloud 8:venv-openstack-nova-x86_64-16.1.9~dev61-11.28.2.noarch", }, product_reference: "venv-openstack-nova-x86_64-16.1.9~dev61-11.28.2.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 8", }, { category: "default_component_of", full_product_name: { name: "venv-openstack-octavia-x86_64-1.0.6~dev3-12.27.2.noarch as component of SUSE OpenStack Cloud 8", product_id: "SUSE OpenStack Cloud 8:venv-openstack-octavia-x86_64-1.0.6~dev3-12.27.2.noarch", }, product_reference: "venv-openstack-octavia-x86_64-1.0.6~dev3-12.27.2.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 8", }, { category: "default_component_of", full_product_name: { name: "venv-openstack-sahara-x86_64-7.0.5~dev4-11.26.2.noarch as component of SUSE OpenStack Cloud 8", product_id: "SUSE OpenStack Cloud 8:venv-openstack-sahara-x86_64-7.0.5~dev4-11.26.2.noarch", }, product_reference: "venv-openstack-sahara-x86_64-7.0.5~dev4-11.26.2.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 8", }, { category: "default_component_of", full_product_name: { name: "venv-openstack-swift-x86_64-2.15.2_2.15.2_2.15.2~dev32-11.18.1.noarch as component of SUSE OpenStack Cloud 8", product_id: "SUSE OpenStack Cloud 8:venv-openstack-swift-x86_64-2.15.2_2.15.2_2.15.2~dev32-11.18.1.noarch", }, product_reference: "venv-openstack-swift-x86_64-2.15.2_2.15.2_2.15.2~dev32-11.18.1.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 8", }, { category: "default_component_of", full_product_name: { name: "venv-openstack-trove-x86_64-8.0.2~dev2-11.26.1.noarch as component of SUSE OpenStack Cloud 8", product_id: "SUSE OpenStack Cloud 8:venv-openstack-trove-x86_64-8.0.2~dev2-11.26.1.noarch", }, product_reference: "venv-openstack-trove-x86_64-8.0.2~dev2-11.26.1.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 8", }, { category: "default_component_of", full_product_name: { name: "ansible-2.4.6.0-3.9.1.noarch as component of SUSE OpenStack Cloud Crowbar 8", product_id: "SUSE OpenStack Cloud Crowbar 8:ansible-2.4.6.0-3.9.1.noarch", }, product_reference: "ansible-2.4.6.0-3.9.1.noarch", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 8", }, { category: "default_component_of", full_product_name: { name: "caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1.noarch as component of SUSE OpenStack Cloud Crowbar 8", product_id: "SUSE OpenStack Cloud Crowbar 8:caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1.noarch", }, product_reference: "caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1.noarch", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 8", }, { category: "default_component_of", full_product_name: { name: "crowbar-core-5.0+git.1593156248.55bbdb26d-3.41.2.x86_64 as component of SUSE OpenStack Cloud Crowbar 8", product_id: "SUSE OpenStack Cloud Crowbar 8:crowbar-core-5.0+git.1593156248.55bbdb26d-3.41.2.x86_64", }, product_reference: "crowbar-core-5.0+git.1593156248.55bbdb26d-3.41.2.x86_64", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 8", }, { category: "default_component_of", full_product_name: { name: "crowbar-core-branding-upstream-5.0+git.1593156248.55bbdb26d-3.41.2.x86_64 as component of SUSE OpenStack Cloud Crowbar 8", product_id: "SUSE OpenStack Cloud Crowbar 8:crowbar-core-branding-upstream-5.0+git.1593156248.55bbdb26d-3.41.2.x86_64", }, product_reference: "crowbar-core-branding-upstream-5.0+git.1593156248.55bbdb26d-3.41.2.x86_64", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 8", }, { category: "default_component_of", full_product_name: { name: "crowbar-openstack-5.0+git.1593085772.64c4ab43c-4.40.2.noarch as component of SUSE OpenStack Cloud Crowbar 8", product_id: "SUSE OpenStack Cloud Crowbar 8:crowbar-openstack-5.0+git.1593085772.64c4ab43c-4.40.2.noarch", }, product_reference: "crowbar-openstack-5.0+git.1593085772.64c4ab43c-4.40.2.noarch", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 8", }, { category: "default_component_of", full_product_name: { name: "documentation-suse-openstack-cloud-deployment-8.20200527-1.26.1.noarch as component of SUSE OpenStack Cloud Crowbar 8", product_id: "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-deployment-8.20200527-1.26.1.noarch", }, product_reference: "documentation-suse-openstack-cloud-deployment-8.20200527-1.26.1.noarch", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 8", }, { category: "default_component_of", full_product_name: { name: "documentation-suse-openstack-cloud-supplement-8.20200527-1.26.1.noarch as component of SUSE OpenStack Cloud Crowbar 8", product_id: "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-supplement-8.20200527-1.26.1.noarch", }, product_reference: "documentation-suse-openstack-cloud-supplement-8.20200527-1.26.1.noarch", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 8", }, { category: "default_component_of", full_product_name: { name: "documentation-suse-openstack-cloud-upstream-admin-8.20200527-1.26.1.noarch as component of SUSE OpenStack Cloud Crowbar 8", product_id: "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-upstream-admin-8.20200527-1.26.1.noarch", }, product_reference: "documentation-suse-openstack-cloud-upstream-admin-8.20200527-1.26.1.noarch", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 8", }, { category: "default_component_of", full_product_name: { name: "documentation-suse-openstack-cloud-upstream-user-8.20200527-1.26.1.noarch as component of SUSE OpenStack Cloud Crowbar 8", product_id: "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-upstream-user-8.20200527-1.26.1.noarch", }, product_reference: "documentation-suse-openstack-cloud-upstream-user-8.20200527-1.26.1.noarch", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 8", }, { category: "default_component_of", full_product_name: { name: "grafana-4.6.5-4.9.1.x86_64 as component of SUSE OpenStack Cloud Crowbar 8", product_id: "SUSE OpenStack Cloud Crowbar 8:grafana-4.6.5-4.9.1.x86_64", }, product_reference: "grafana-4.6.5-4.9.1.x86_64", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 8", }, { category: "default_component_of", full_product_name: { name: "kibana-4.6.3-3.3.1.x86_64 as component of SUSE OpenStack Cloud Crowbar 8", product_id: "SUSE OpenStack Cloud Crowbar 8:kibana-4.6.3-3.3.1.x86_64", }, product_reference: "kibana-4.6.3-3.3.1.x86_64", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 8", }, { category: "default_component_of", full_product_name: { name: "openstack-dashboard-12.0.5~dev3-3.26.1.noarch as component of SUSE OpenStack Cloud Crowbar 8", product_id: "SUSE OpenStack Cloud Crowbar 8:openstack-dashboard-12.0.5~dev3-3.26.1.noarch", }, product_reference: "openstack-dashboard-12.0.5~dev3-3.26.1.noarch", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 8", }, { category: "default_component_of", full_product_name: { name: "openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1.noarch as component of SUSE OpenStack Cloud Crowbar 8", product_id: "SUSE OpenStack Cloud Crowbar 8:openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1.noarch", }, product_reference: "openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1.noarch", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 8", }, { category: "default_component_of", full_product_name: { name: "openstack-keystone-12.0.4~dev11-5.33.2.noarch as component of SUSE OpenStack Cloud Crowbar 8", product_id: "SUSE OpenStack Cloud Crowbar 8:openstack-keystone-12.0.4~dev11-5.33.2.noarch", }, product_reference: "openstack-keystone-12.0.4~dev11-5.33.2.noarch", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 8", }, { category: "default_component_of", full_product_name: { name: "openstack-keystone-doc-12.0.4~dev11-5.33.2.noarch as component of SUSE OpenStack Cloud Crowbar 8", product_id: "SUSE OpenStack Cloud Crowbar 8:openstack-keystone-doc-12.0.4~dev11-5.33.2.noarch", }, product_reference: "openstack-keystone-doc-12.0.4~dev11-5.33.2.noarch", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 8", }, { category: "default_component_of", full_product_name: { name: "openstack-monasca-agent-2.2.6~dev4-3.18.1.noarch as component of SUSE OpenStack Cloud Crowbar 8", product_id: "SUSE OpenStack Cloud Crowbar 8:openstack-monasca-agent-2.2.6~dev4-3.18.1.noarch", }, product_reference: "openstack-monasca-agent-2.2.6~dev4-3.18.1.noarch", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 8", }, { category: "default_component_of", full_product_name: { name: "openstack-monasca-installer-20190923_16.32-3.12.1.noarch as component of SUSE OpenStack Cloud Crowbar 8", product_id: "SUSE OpenStack Cloud Crowbar 8:openstack-monasca-installer-20190923_16.32-3.12.1.noarch", }, product_reference: "openstack-monasca-installer-20190923_16.32-3.12.1.noarch", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 8", }, { category: "default_component_of", full_product_name: { name: "openstack-neutron-11.0.9~dev65-3.33.2.noarch as component of SUSE OpenStack Cloud Crowbar 8", product_id: "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-11.0.9~dev65-3.33.2.noarch", }, product_reference: "openstack-neutron-11.0.9~dev65-3.33.2.noarch", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 8", }, { category: "default_component_of", full_product_name: { name: "openstack-neutron-dhcp-agent-11.0.9~dev65-3.33.2.noarch as component of SUSE OpenStack Cloud Crowbar 8", product_id: "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-dhcp-agent-11.0.9~dev65-3.33.2.noarch", }, product_reference: "openstack-neutron-dhcp-agent-11.0.9~dev65-3.33.2.noarch", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 8", }, { category: "default_component_of", full_product_name: { name: "openstack-neutron-doc-11.0.9~dev65-3.33.2.noarch as component of SUSE OpenStack Cloud Crowbar 8", product_id: "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-doc-11.0.9~dev65-3.33.2.noarch", }, product_reference: "openstack-neutron-doc-11.0.9~dev65-3.33.2.noarch", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 8", }, { category: "default_component_of", full_product_name: { name: "openstack-neutron-ha-tool-11.0.9~dev65-3.33.2.noarch as component of SUSE OpenStack Cloud Crowbar 8", product_id: "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-ha-tool-11.0.9~dev65-3.33.2.noarch", }, product_reference: "openstack-neutron-ha-tool-11.0.9~dev65-3.33.2.noarch", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 8", }, { category: "default_component_of", full_product_name: { name: "openstack-neutron-l3-agent-11.0.9~dev65-3.33.2.noarch as component of SUSE OpenStack Cloud Crowbar 8", product_id: "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-l3-agent-11.0.9~dev65-3.33.2.noarch", }, product_reference: "openstack-neutron-l3-agent-11.0.9~dev65-3.33.2.noarch", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 8", }, { category: "default_component_of", full_product_name: { name: "openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33.2.noarch as component of SUSE OpenStack Cloud Crowbar 8", product_id: "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33.2.noarch", }, product_reference: "openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33.2.noarch", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 8", }, { category: "default_component_of", full_product_name: { name: "openstack-neutron-macvtap-agent-11.0.9~dev65-3.33.2.noarch as component of SUSE OpenStack Cloud Crowbar 8", product_id: "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-macvtap-agent-11.0.9~dev65-3.33.2.noarch", }, product_reference: "openstack-neutron-macvtap-agent-11.0.9~dev65-3.33.2.noarch", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 8", }, { category: "default_component_of", full_product_name: { name: "openstack-neutron-metadata-agent-11.0.9~dev65-3.33.2.noarch as component of SUSE OpenStack Cloud Crowbar 8", product_id: "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-metadata-agent-11.0.9~dev65-3.33.2.noarch", }, product_reference: "openstack-neutron-metadata-agent-11.0.9~dev65-3.33.2.noarch", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 8", }, { category: "default_component_of", full_product_name: { name: "openstack-neutron-metering-agent-11.0.9~dev65-3.33.2.noarch as component of SUSE OpenStack Cloud Crowbar 8", product_id: "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-metering-agent-11.0.9~dev65-3.33.2.noarch", }, product_reference: "openstack-neutron-metering-agent-11.0.9~dev65-3.33.2.noarch", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 8", }, { category: "default_component_of", full_product_name: { name: "openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33.2.noarch as component of SUSE OpenStack Cloud Crowbar 8", product_id: "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33.2.noarch", }, product_reference: "openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33.2.noarch", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 8", }, { category: "default_component_of", full_product_name: { name: "openstack-neutron-server-11.0.9~dev65-3.33.2.noarch as component of SUSE OpenStack Cloud Crowbar 8", product_id: "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-server-11.0.9~dev65-3.33.2.noarch", }, product_reference: "openstack-neutron-server-11.0.9~dev65-3.33.2.noarch", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 8", }, { category: "default_component_of", full_product_name: { name: "openstack-octavia-amphora-image-x86_64-0.1.4-3.12.2.noarch as component of SUSE OpenStack Cloud Crowbar 8", product_id: "SUSE OpenStack Cloud Crowbar 8:openstack-octavia-amphora-image-x86_64-0.1.4-3.12.2.noarch", }, product_reference: "openstack-octavia-amphora-image-x86_64-0.1.4-3.12.2.noarch", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 8", }, { category: "default_component_of", full_product_name: { name: "python-Django-1.11.23-3.15.1.noarch as component of SUSE OpenStack Cloud Crowbar 8", product_id: "SUSE OpenStack Cloud Crowbar 8:python-Django-1.11.23-3.15.1.noarch", }, product_reference: "python-Django-1.11.23-3.15.1.noarch", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 8", }, { category: "default_component_of", full_product_name: { name: "python-Flask-0.12.1-3.3.1.noarch as component of SUSE OpenStack Cloud Crowbar 8", product_id: "SUSE OpenStack Cloud Crowbar 8:python-Flask-0.12.1-3.3.1.noarch", }, product_reference: "python-Flask-0.12.1-3.3.1.noarch", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 8", }, { category: "default_component_of", full_product_name: { name: "python-Pillow-4.2.1-3.5.1.x86_64 as component of SUSE OpenStack Cloud Crowbar 8", product_id: "SUSE OpenStack Cloud Crowbar 8:python-Pillow-4.2.1-3.5.1.x86_64", }, product_reference: "python-Pillow-4.2.1-3.5.1.x86_64", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 8", }, { category: "default_component_of", full_product_name: { name: "python-amqp-2.4.2-3.12.1.noarch as component of SUSE OpenStack Cloud Crowbar 8", product_id: "SUSE OpenStack Cloud Crowbar 8:python-amqp-2.4.2-3.12.1.noarch", }, product_reference: "python-amqp-2.4.2-3.12.1.noarch", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 8", }, { category: "default_component_of", full_product_name: { name: "python-apicapi-1.6.0-3.6.1.noarch as component of SUSE OpenStack Cloud Crowbar 8", product_id: "SUSE OpenStack Cloud Crowbar 8:python-apicapi-1.6.0-3.6.1.noarch", }, product_reference: "python-apicapi-1.6.0-3.6.1.noarch", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 8", }, { category: "default_component_of", full_product_name: { name: "python-horizon-12.0.5~dev3-3.26.1.noarch as component of SUSE OpenStack Cloud Crowbar 8", product_id: "SUSE OpenStack Cloud Crowbar 8:python-horizon-12.0.5~dev3-3.26.1.noarch", }, product_reference: "python-horizon-12.0.5~dev3-3.26.1.noarch", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 8", }, { category: "default_component_of", full_product_name: { name: "python-keystone-12.0.4~dev11-5.33.2.noarch as component of SUSE OpenStack Cloud Crowbar 8", product_id: "SUSE OpenStack Cloud Crowbar 8:python-keystone-12.0.4~dev11-5.33.2.noarch", }, product_reference: "python-keystone-12.0.4~dev11-5.33.2.noarch", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 8", }, { category: "default_component_of", full_product_name: { name: "python-keystoneauth1-3.1.2~dev2-3.3.1.noarch as component of SUSE OpenStack Cloud Crowbar 8", product_id: "SUSE OpenStack Cloud Crowbar 8:python-keystoneauth1-3.1.2~dev2-3.3.1.noarch", }, product_reference: "python-keystoneauth1-3.1.2~dev2-3.3.1.noarch", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 8", }, { category: "default_component_of", full_product_name: { name: "python-monasca-agent-2.2.6~dev4-3.18.1.noarch as component of SUSE OpenStack Cloud Crowbar 8", product_id: "SUSE OpenStack Cloud Crowbar 8:python-monasca-agent-2.2.6~dev4-3.18.1.noarch", }, product_reference: "python-monasca-agent-2.2.6~dev4-3.18.1.noarch", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 8", }, { category: "default_component_of", full_product_name: { name: "python-neutron-11.0.9~dev65-3.33.2.noarch as component of SUSE OpenStack Cloud Crowbar 8", product_id: "SUSE OpenStack Cloud Crowbar 8:python-neutron-11.0.9~dev65-3.33.2.noarch", }, product_reference: "python-neutron-11.0.9~dev65-3.33.2.noarch", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 8", }, { category: "default_component_of", full_product_name: { name: "python-oslo.messaging-5.30.8-3.11.1.noarch as component of SUSE OpenStack Cloud Crowbar 8", product_id: "SUSE OpenStack Cloud Crowbar 8:python-oslo.messaging-5.30.8-3.11.1.noarch", }, product_reference: "python-oslo.messaging-5.30.8-3.11.1.noarch", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 8", }, { category: "default_component_of", full_product_name: { name: "python-psutil-5.2.2-3.3.1.x86_64 as component of SUSE OpenStack Cloud Crowbar 8", product_id: "SUSE OpenStack Cloud Crowbar 8:python-psutil-5.2.2-3.3.1.x86_64", }, product_reference: "python-psutil-5.2.2-3.3.1.x86_64", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 8", }, { category: "default_component_of", full_product_name: { name: "python-pyroute2-0.4.21-3.3.1.noarch as component of SUSE OpenStack Cloud Crowbar 8", product_id: "SUSE OpenStack Cloud Crowbar 8:python-pyroute2-0.4.21-3.3.1.noarch", }, product_reference: "python-pyroute2-0.4.21-3.3.1.noarch", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 8", }, { category: "default_component_of", full_product_name: { name: "python-pysaml2-4.0.2-5.6.1.noarch as component of SUSE OpenStack Cloud Crowbar 8", product_id: "SUSE OpenStack Cloud Crowbar 8:python-pysaml2-4.0.2-5.6.1.noarch", }, product_reference: "python-pysaml2-4.0.2-5.6.1.noarch", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 8", }, { category: "default_component_of", full_product_name: { name: "python-tooz-1.58.1-3.3.1.noarch as component of SUSE OpenStack Cloud Crowbar 8", product_id: "SUSE OpenStack Cloud Crowbar 8:python-tooz-1.58.1-3.3.1.noarch", }, product_reference: "python-tooz-1.58.1-3.3.1.noarch", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 8", }, { category: "default_component_of", full_product_name: { name: "python-waitress-1.4.3-3.3.1.noarch as component of SUSE OpenStack Cloud Crowbar 8", product_id: "SUSE OpenStack Cloud Crowbar 8:python-waitress-1.4.3-3.3.1.noarch", }, product_reference: "python-waitress-1.4.3-3.3.1.noarch", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 8", }, { category: "default_component_of", full_product_name: { name: "ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64 as component of SUSE OpenStack Cloud Crowbar 8", product_id: "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64", }, product_reference: "ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 8", }, { category: "default_component_of", full_product_name: { name: "ruby2.1-rubygem-crowbar-client-3.9.2-3.12.1.x86_64 as component of SUSE OpenStack Cloud Crowbar 8", product_id: "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-crowbar-client-3.9.2-3.12.1.x86_64", }, product_reference: "ruby2.1-rubygem-crowbar-client-3.9.2-3.12.1.x86_64", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 8", }, { category: "default_component_of", full_product_name: { name: "ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64 as component of SUSE OpenStack Cloud Crowbar 8", product_id: "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64", }, product_reference: "ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 8", }, { category: "default_component_of", full_product_name: { name: "ruby2.1-rubygem-puma-2.16.0-3.9.1.x86_64 as component of SUSE OpenStack Cloud Crowbar 8", product_id: "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-puma-2.16.0-3.9.1.x86_64", }, product_reference: "ruby2.1-rubygem-puma-2.16.0-3.9.1.x86_64", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 8", }, { category: "default_component_of", full_product_name: { name: "storm-1.1.3-3.3.1.x86_64 as component of SUSE OpenStack Cloud Crowbar 8", product_id: "SUSE OpenStack Cloud Crowbar 8:storm-1.1.3-3.3.1.x86_64", }, product_reference: "storm-1.1.3-3.3.1.x86_64", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 8", }, { category: "default_component_of", full_product_name: { name: "storm-nimbus-1.1.3-3.3.1.x86_64 as component of SUSE OpenStack Cloud Crowbar 8", product_id: "SUSE OpenStack Cloud Crowbar 8:storm-nimbus-1.1.3-3.3.1.x86_64", }, product_reference: "storm-nimbus-1.1.3-3.3.1.x86_64", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 8", }, { category: "default_component_of", full_product_name: { name: "storm-supervisor-1.1.3-3.3.1.x86_64 as component of SUSE OpenStack Cloud Crowbar 8", product_id: "SUSE OpenStack Cloud Crowbar 8:storm-supervisor-1.1.3-3.3.1.x86_64", }, product_reference: "storm-supervisor-1.1.3-3.3.1.x86_64", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 8", }, ], }, vulnerabilities: [ { cve: "CVE-2017-1000246", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-1000246", }, ], notes: [ { category: "general", text: "Python package pysaml2 version 4.4.0 and earlier reuses the initialization vector across encryptions in the IDP server, resulting in weak encryption of data.", title: "CVE description", }, ], product_status: { recommended: [ "HPE Helion OpenStack 8:ansible-2.4.6.0-3.9.1.noarch", "HPE Helion OpenStack 8:ansible1-1.9.6-7.3.1.noarch", "HPE Helion OpenStack 8:ardana-ansible-8.0+git.1589740980.6c3bcdc-3.73.1.noarch", "HPE Helion OpenStack 8:ardana-cluster-8.0+git.1585685203.3e71e49-3.36.1.noarch", "HPE Helion OpenStack 8:ardana-freezer-8.0+git.1586539529.b7d295f-3.21.1.noarch", "HPE Helion OpenStack 8:ardana-input-model-8.0+git.1589740934.0e0ad61-3.39.1.noarch", "HPE Helion OpenStack 8:ardana-logging-8.0+git.1591194866.b7375d0-3.24.1.noarch", "HPE Helion OpenStack 8:ardana-mq-8.0+git.1589715269.62ad6df-3.22.1.noarch", "HPE Helion OpenStack 8:ardana-neutron-8.0+git.1590756744.ba84abc-3.42.1.noarch", "HPE Helion OpenStack 8:ardana-octavia-8.0+git.1590100427.cf4cc8f-3.29.1.noarch", "HPE Helion OpenStack 8:ardana-osconfig-8.0+git.1587034587.eac37b8-3.45.1.noarch", "HPE Helion OpenStack 8:caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-installation-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-operations-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-opsconsole-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-planning-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-security-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-user-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:grafana-4.6.5-4.9.1.x86_64", "HPE Helion OpenStack 8:kibana-4.6.3-3.3.1.x86_64", "HPE Helion OpenStack 8:openstack-dashboard-12.0.5~dev3-3.26.1.noarch", "HPE Helion OpenStack 8:openstack-dashboard-theme-HPE-8+git.1523473653.6599ec8-3.3.1.noarch", "HPE Helion OpenStack 8:openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1.noarch", "HPE Helion OpenStack 8:openstack-keystone-12.0.4~dev11-5.33.2.noarch", "HPE Helion OpenStack 8:openstack-keystone-doc-12.0.4~dev11-5.33.2.noarch", "HPE Helion OpenStack 8:openstack-monasca-agent-2.2.6~dev4-3.18.1.noarch", "HPE Helion OpenStack 8:openstack-monasca-installer-20190923_16.32-3.12.1.noarch", "HPE Helion OpenStack 8:openstack-neutron-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-dhcp-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-doc-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-ha-tool-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-l3-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-macvtap-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-metadata-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-metering-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-server-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-octavia-amphora-image-x86_64-0.1.4-3.12.2.noarch", "HPE Helion OpenStack 8:python-Django-1.11.23-3.15.1.noarch", "HPE Helion OpenStack 8:python-Flask-0.12.1-3.3.1.noarch", "HPE Helion OpenStack 8:python-GitPython-2.1.8-3.3.1.noarch", "HPE Helion OpenStack 8:python-Pillow-4.2.1-3.5.1.x86_64", "HPE Helion OpenStack 8:python-amqp-2.4.2-3.12.1.noarch", "HPE Helion OpenStack 8:python-apicapi-1.6.0-3.6.1.noarch", "HPE Helion OpenStack 8:python-horizon-12.0.5~dev3-3.26.1.noarch", "HPE Helion OpenStack 8:python-keystone-12.0.4~dev11-5.33.2.noarch", "HPE Helion OpenStack 8:python-keystoneauth1-3.1.2~dev2-3.3.1.noarch", "HPE Helion OpenStack 8:python-monasca-agent-2.2.6~dev4-3.18.1.noarch", "HPE Helion OpenStack 8:python-neutron-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:python-oslo.messaging-5.30.8-3.11.1.noarch", "HPE Helion OpenStack 8:python-psutil-5.2.2-3.3.1.x86_64", "HPE Helion OpenStack 8:python-pyroute2-0.4.21-3.3.1.noarch", "HPE Helion OpenStack 8:python-pysaml2-4.0.2-5.6.1.noarch", "HPE Helion OpenStack 8:python-tooz-1.58.1-3.3.1.noarch", "HPE Helion OpenStack 8:python-waitress-1.4.3-3.3.1.noarch", "HPE Helion OpenStack 8:storm-1.1.3-3.3.1.x86_64", "HPE Helion OpenStack 8:storm-nimbus-1.1.3-3.3.1.x86_64", "HPE Helion OpenStack 8:storm-supervisor-1.1.3-3.3.1.x86_64", "HPE Helion OpenStack 8:venv-openstack-aodh-x86_64-5.1.1~dev7-12.26.2.noarch", "HPE Helion OpenStack 8:venv-openstack-barbican-x86_64-5.0.2~dev3-12.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-ceilometer-x86_64-9.0.8~dev7-12.24.2.noarch", "HPE Helion OpenStack 8:venv-openstack-cinder-x86_64-11.2.3~dev23-14.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-designate-x86_64-5.0.3~dev7-12.25.2.noarch", "HPE Helion OpenStack 8:venv-openstack-freezer-x86_64-5.0.0.0~xrc2~dev2-10.22.1.noarch", "HPE Helion OpenStack 8:venv-openstack-glance-x86_64-15.0.3~dev3-12.25.1.noarch", "HPE Helion OpenStack 8:venv-openstack-heat-x86_64-9.0.8~dev22-12.27.1.noarch", "HPE Helion OpenStack 8:venv-openstack-horizon-hpe-x86_64-12.0.5~dev3-14.30.1.noarch", "HPE Helion OpenStack 8:venv-openstack-ironic-x86_64-9.1.8~dev8-12.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-keystone-x86_64-12.0.4~dev11-11.28.2.noarch", "HPE Helion OpenStack 8:venv-openstack-magnum-x86_64-5.0.2_5.0.2_5.0.2~dev31-11.26.2.noarch", "HPE Helion OpenStack 8:venv-openstack-manila-x86_64-5.1.1~dev5-12.31.2.noarch", "HPE Helion OpenStack 8:venv-openstack-monasca-ceilometer-x86_64-1.5.1_1.5.1_1.5.1~dev3-8.22.2.noarch", "HPE Helion OpenStack 8:venv-openstack-monasca-x86_64-2.2.2~dev1-11.22.3.noarch", "HPE Helion OpenStack 8:venv-openstack-murano-x86_64-4.0.2~dev2-12.22.1.noarch", "HPE Helion OpenStack 8:venv-openstack-neutron-x86_64-11.0.9~dev65-13.30.2.noarch", "HPE Helion OpenStack 8:venv-openstack-nova-x86_64-16.1.9~dev61-11.28.2.noarch", "HPE Helion OpenStack 8:venv-openstack-octavia-x86_64-1.0.6~dev3-12.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-sahara-x86_64-7.0.5~dev4-11.26.2.noarch", "HPE Helion OpenStack 8:venv-openstack-swift-x86_64-2.15.2_2.15.2_2.15.2~dev32-11.18.1.noarch", "HPE Helion OpenStack 8:venv-openstack-trove-x86_64-8.0.2~dev2-11.26.1.noarch", "SUSE OpenStack Cloud 8:ansible-2.4.6.0-3.9.1.noarch", "SUSE OpenStack Cloud 8:ansible1-1.9.6-7.3.1.noarch", "SUSE OpenStack Cloud 8:ardana-ansible-8.0+git.1589740980.6c3bcdc-3.73.1.noarch", "SUSE OpenStack Cloud 8:ardana-cluster-8.0+git.1585685203.3e71e49-3.36.1.noarch", "SUSE OpenStack Cloud 8:ardana-freezer-8.0+git.1586539529.b7d295f-3.21.1.noarch", "SUSE OpenStack Cloud 8:ardana-input-model-8.0+git.1589740934.0e0ad61-3.39.1.noarch", "SUSE OpenStack Cloud 8:ardana-logging-8.0+git.1591194866.b7375d0-3.24.1.noarch", "SUSE OpenStack Cloud 8:ardana-mq-8.0+git.1589715269.62ad6df-3.22.1.noarch", "SUSE OpenStack Cloud 8:ardana-neutron-8.0+git.1590756744.ba84abc-3.42.1.noarch", "SUSE OpenStack Cloud 8:ardana-octavia-8.0+git.1590100427.cf4cc8f-3.29.1.noarch", "SUSE OpenStack Cloud 8:ardana-osconfig-8.0+git.1587034587.eac37b8-3.45.1.noarch", "SUSE OpenStack Cloud 8:caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-installation-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-operations-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-opsconsole-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-planning-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-security-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-supplement-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-upstream-admin-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-upstream-user-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-user-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:grafana-4.6.5-4.9.1.x86_64", "SUSE OpenStack Cloud 8:kibana-4.6.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:openstack-dashboard-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud 8:openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1.noarch", "SUSE OpenStack Cloud 8:openstack-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-keystone-doc-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud 8:openstack-monasca-installer-20190923_16.32-3.12.1.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-dhcp-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-doc-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-ha-tool-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-l3-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-macvtap-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-metadata-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-metering-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-server-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-octavia-amphora-image-x86_64-0.1.4-3.12.2.noarch", "SUSE OpenStack Cloud 8:python-Django-1.11.23-3.15.1.noarch", "SUSE OpenStack Cloud 8:python-Flask-0.12.1-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-GitPython-2.1.8-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-Pillow-4.2.1-3.5.1.x86_64", "SUSE OpenStack Cloud 8:python-amqp-2.4.2-3.12.1.noarch", "SUSE OpenStack Cloud 8:python-apicapi-1.6.0-3.6.1.noarch", "SUSE OpenStack Cloud 8:python-horizon-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud 8:python-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud 8:python-keystoneauth1-3.1.2~dev2-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud 8:python-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:python-oslo.messaging-5.30.8-3.11.1.noarch", "SUSE OpenStack Cloud 8:python-psutil-5.2.2-3.3.1.x86_64", "SUSE OpenStack Cloud 8:python-pyroute2-0.4.21-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-pysaml2-4.0.2-5.6.1.noarch", "SUSE OpenStack Cloud 8:python-tooz-1.58.1-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud 8:storm-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:storm-nimbus-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:storm-supervisor-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:venv-openstack-aodh-x86_64-5.1.1~dev7-12.26.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-barbican-x86_64-5.0.2~dev3-12.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-ceilometer-x86_64-9.0.8~dev7-12.24.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-cinder-x86_64-11.2.3~dev23-14.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-designate-x86_64-5.0.3~dev7-12.25.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-freezer-x86_64-5.0.0.0~xrc2~dev2-10.22.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-glance-x86_64-15.0.3~dev3-12.25.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-heat-x86_64-9.0.8~dev22-12.27.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-horizon-x86_64-12.0.5~dev3-14.30.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-ironic-x86_64-9.1.8~dev8-12.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-keystone-x86_64-12.0.4~dev11-11.28.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-magnum-x86_64-5.0.2_5.0.2_5.0.2~dev31-11.26.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-manila-x86_64-5.1.1~dev5-12.31.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-monasca-ceilometer-x86_64-1.5.1_1.5.1_1.5.1~dev3-8.22.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-monasca-x86_64-2.2.2~dev1-11.22.3.noarch", "SUSE OpenStack Cloud 8:venv-openstack-murano-x86_64-4.0.2~dev2-12.22.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-neutron-x86_64-11.0.9~dev65-13.30.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-nova-x86_64-16.1.9~dev61-11.28.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-octavia-x86_64-1.0.6~dev3-12.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-sahara-x86_64-7.0.5~dev4-11.26.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-swift-x86_64-2.15.2_2.15.2_2.15.2~dev32-11.18.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-trove-x86_64-8.0.2~dev2-11.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:ansible-2.4.6.0-3.9.1.noarch", "SUSE OpenStack Cloud Crowbar 8:caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1.noarch", "SUSE OpenStack Cloud Crowbar 8:crowbar-core-5.0+git.1593156248.55bbdb26d-3.41.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:crowbar-core-branding-upstream-5.0+git.1593156248.55bbdb26d-3.41.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:crowbar-openstack-5.0+git.1593085772.64c4ab43c-4.40.2.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-deployment-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-supplement-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-upstream-admin-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-upstream-user-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:grafana-4.6.5-4.9.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kibana-4.6.3-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:openstack-dashboard-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-keystone-doc-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-monasca-installer-20190923_16.32-3.12.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-dhcp-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-doc-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-ha-tool-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-l3-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-macvtap-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-metadata-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-metering-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-server-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-octavia-amphora-image-x86_64-0.1.4-3.12.2.noarch", "SUSE OpenStack Cloud Crowbar 8:python-Django-1.11.23-3.15.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-Flask-0.12.1-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-Pillow-4.2.1-3.5.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:python-amqp-2.4.2-3.12.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-apicapi-1.6.0-3.6.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-horizon-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:python-keystoneauth1-3.1.2~dev2-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:python-oslo.messaging-5.30.8-3.11.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-psutil-5.2.2-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:python-pyroute2-0.4.21-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-pysaml2-4.0.2-5.6.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-tooz-1.58.1-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-crowbar-client-3.9.2-3.12.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-puma-2.16.0-3.9.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:storm-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:storm-nimbus-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:storm-supervisor-1.1.3-3.3.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-1000246", url: "https://www.suse.com/security/cve/CVE-2017-1000246", }, { category: "external", summary: "SUSE Bug 1068612 for CVE-2017-1000246", url: "https://bugzilla.suse.com/1068612", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "HPE Helion OpenStack 8:ansible-2.4.6.0-3.9.1.noarch", "HPE Helion OpenStack 8:ansible1-1.9.6-7.3.1.noarch", "HPE Helion OpenStack 8:ardana-ansible-8.0+git.1589740980.6c3bcdc-3.73.1.noarch", "HPE Helion OpenStack 8:ardana-cluster-8.0+git.1585685203.3e71e49-3.36.1.noarch", "HPE Helion OpenStack 8:ardana-freezer-8.0+git.1586539529.b7d295f-3.21.1.noarch", "HPE Helion OpenStack 8:ardana-input-model-8.0+git.1589740934.0e0ad61-3.39.1.noarch", "HPE Helion OpenStack 8:ardana-logging-8.0+git.1591194866.b7375d0-3.24.1.noarch", "HPE Helion OpenStack 8:ardana-mq-8.0+git.1589715269.62ad6df-3.22.1.noarch", "HPE Helion OpenStack 8:ardana-neutron-8.0+git.1590756744.ba84abc-3.42.1.noarch", "HPE Helion OpenStack 8:ardana-octavia-8.0+git.1590100427.cf4cc8f-3.29.1.noarch", "HPE Helion OpenStack 8:ardana-osconfig-8.0+git.1587034587.eac37b8-3.45.1.noarch", "HPE Helion OpenStack 8:caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-installation-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-operations-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-opsconsole-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-planning-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-security-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-user-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:grafana-4.6.5-4.9.1.x86_64", "HPE Helion OpenStack 8:kibana-4.6.3-3.3.1.x86_64", "HPE Helion OpenStack 8:openstack-dashboard-12.0.5~dev3-3.26.1.noarch", "HPE Helion OpenStack 8:openstack-dashboard-theme-HPE-8+git.1523473653.6599ec8-3.3.1.noarch", "HPE Helion OpenStack 8:openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1.noarch", "HPE Helion OpenStack 8:openstack-keystone-12.0.4~dev11-5.33.2.noarch", "HPE Helion OpenStack 8:openstack-keystone-doc-12.0.4~dev11-5.33.2.noarch", "HPE Helion OpenStack 8:openstack-monasca-agent-2.2.6~dev4-3.18.1.noarch", "HPE Helion OpenStack 8:openstack-monasca-installer-20190923_16.32-3.12.1.noarch", "HPE Helion OpenStack 8:openstack-neutron-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-dhcp-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-doc-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-ha-tool-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-l3-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-macvtap-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-metadata-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-metering-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-server-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-octavia-amphora-image-x86_64-0.1.4-3.12.2.noarch", "HPE Helion OpenStack 8:python-Django-1.11.23-3.15.1.noarch", "HPE Helion OpenStack 8:python-Flask-0.12.1-3.3.1.noarch", "HPE Helion OpenStack 8:python-GitPython-2.1.8-3.3.1.noarch", "HPE Helion OpenStack 8:python-Pillow-4.2.1-3.5.1.x86_64", "HPE Helion OpenStack 8:python-amqp-2.4.2-3.12.1.noarch", "HPE Helion OpenStack 8:python-apicapi-1.6.0-3.6.1.noarch", "HPE Helion OpenStack 8:python-horizon-12.0.5~dev3-3.26.1.noarch", "HPE Helion OpenStack 8:python-keystone-12.0.4~dev11-5.33.2.noarch", "HPE Helion OpenStack 8:python-keystoneauth1-3.1.2~dev2-3.3.1.noarch", "HPE Helion OpenStack 8:python-monasca-agent-2.2.6~dev4-3.18.1.noarch", "HPE Helion OpenStack 8:python-neutron-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:python-oslo.messaging-5.30.8-3.11.1.noarch", "HPE Helion OpenStack 8:python-psutil-5.2.2-3.3.1.x86_64", "HPE Helion OpenStack 8:python-pyroute2-0.4.21-3.3.1.noarch", "HPE Helion OpenStack 8:python-pysaml2-4.0.2-5.6.1.noarch", "HPE Helion OpenStack 8:python-tooz-1.58.1-3.3.1.noarch", "HPE Helion OpenStack 8:python-waitress-1.4.3-3.3.1.noarch", "HPE Helion OpenStack 8:storm-1.1.3-3.3.1.x86_64", "HPE Helion OpenStack 8:storm-nimbus-1.1.3-3.3.1.x86_64", "HPE Helion OpenStack 8:storm-supervisor-1.1.3-3.3.1.x86_64", "HPE Helion OpenStack 8:venv-openstack-aodh-x86_64-5.1.1~dev7-12.26.2.noarch", "HPE Helion OpenStack 8:venv-openstack-barbican-x86_64-5.0.2~dev3-12.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-ceilometer-x86_64-9.0.8~dev7-12.24.2.noarch", "HPE Helion OpenStack 8:venv-openstack-cinder-x86_64-11.2.3~dev23-14.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-designate-x86_64-5.0.3~dev7-12.25.2.noarch", "HPE Helion OpenStack 8:venv-openstack-freezer-x86_64-5.0.0.0~xrc2~dev2-10.22.1.noarch", "HPE Helion OpenStack 8:venv-openstack-glance-x86_64-15.0.3~dev3-12.25.1.noarch", "HPE Helion OpenStack 8:venv-openstack-heat-x86_64-9.0.8~dev22-12.27.1.noarch", "HPE Helion OpenStack 8:venv-openstack-horizon-hpe-x86_64-12.0.5~dev3-14.30.1.noarch", "HPE Helion OpenStack 8:venv-openstack-ironic-x86_64-9.1.8~dev8-12.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-keystone-x86_64-12.0.4~dev11-11.28.2.noarch", "HPE Helion OpenStack 8:venv-openstack-magnum-x86_64-5.0.2_5.0.2_5.0.2~dev31-11.26.2.noarch", "HPE Helion OpenStack 8:venv-openstack-manila-x86_64-5.1.1~dev5-12.31.2.noarch", "HPE Helion OpenStack 8:venv-openstack-monasca-ceilometer-x86_64-1.5.1_1.5.1_1.5.1~dev3-8.22.2.noarch", "HPE Helion OpenStack 8:venv-openstack-monasca-x86_64-2.2.2~dev1-11.22.3.noarch", "HPE Helion OpenStack 8:venv-openstack-murano-x86_64-4.0.2~dev2-12.22.1.noarch", "HPE Helion OpenStack 8:venv-openstack-neutron-x86_64-11.0.9~dev65-13.30.2.noarch", "HPE Helion OpenStack 8:venv-openstack-nova-x86_64-16.1.9~dev61-11.28.2.noarch", "HPE Helion OpenStack 8:venv-openstack-octavia-x86_64-1.0.6~dev3-12.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-sahara-x86_64-7.0.5~dev4-11.26.2.noarch", "HPE Helion OpenStack 8:venv-openstack-swift-x86_64-2.15.2_2.15.2_2.15.2~dev32-11.18.1.noarch", "HPE Helion OpenStack 8:venv-openstack-trove-x86_64-8.0.2~dev2-11.26.1.noarch", "SUSE OpenStack Cloud 8:ansible-2.4.6.0-3.9.1.noarch", "SUSE OpenStack Cloud 8:ansible1-1.9.6-7.3.1.noarch", "SUSE OpenStack Cloud 8:ardana-ansible-8.0+git.1589740980.6c3bcdc-3.73.1.noarch", "SUSE OpenStack Cloud 8:ardana-cluster-8.0+git.1585685203.3e71e49-3.36.1.noarch", "SUSE OpenStack Cloud 8:ardana-freezer-8.0+git.1586539529.b7d295f-3.21.1.noarch", "SUSE OpenStack Cloud 8:ardana-input-model-8.0+git.1589740934.0e0ad61-3.39.1.noarch", "SUSE OpenStack Cloud 8:ardana-logging-8.0+git.1591194866.b7375d0-3.24.1.noarch", "SUSE OpenStack Cloud 8:ardana-mq-8.0+git.1589715269.62ad6df-3.22.1.noarch", "SUSE OpenStack Cloud 8:ardana-neutron-8.0+git.1590756744.ba84abc-3.42.1.noarch", "SUSE OpenStack Cloud 8:ardana-octavia-8.0+git.1590100427.cf4cc8f-3.29.1.noarch", "SUSE OpenStack Cloud 8:ardana-osconfig-8.0+git.1587034587.eac37b8-3.45.1.noarch", "SUSE OpenStack Cloud 8:caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-installation-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-operations-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-opsconsole-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-planning-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-security-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-supplement-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-upstream-admin-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-upstream-user-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-user-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:grafana-4.6.5-4.9.1.x86_64", "SUSE OpenStack Cloud 8:kibana-4.6.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:openstack-dashboard-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud 8:openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1.noarch", "SUSE OpenStack Cloud 8:openstack-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-keystone-doc-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud 8:openstack-monasca-installer-20190923_16.32-3.12.1.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-dhcp-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-doc-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-ha-tool-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-l3-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-macvtap-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-metadata-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-metering-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-server-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-octavia-amphora-image-x86_64-0.1.4-3.12.2.noarch", "SUSE OpenStack Cloud 8:python-Django-1.11.23-3.15.1.noarch", "SUSE OpenStack Cloud 8:python-Flask-0.12.1-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-GitPython-2.1.8-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-Pillow-4.2.1-3.5.1.x86_64", "SUSE OpenStack Cloud 8:python-amqp-2.4.2-3.12.1.noarch", "SUSE OpenStack Cloud 8:python-apicapi-1.6.0-3.6.1.noarch", "SUSE OpenStack Cloud 8:python-horizon-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud 8:python-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud 8:python-keystoneauth1-3.1.2~dev2-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud 8:python-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:python-oslo.messaging-5.30.8-3.11.1.noarch", "SUSE OpenStack Cloud 8:python-psutil-5.2.2-3.3.1.x86_64", "SUSE OpenStack Cloud 8:python-pyroute2-0.4.21-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-pysaml2-4.0.2-5.6.1.noarch", "SUSE OpenStack Cloud 8:python-tooz-1.58.1-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud 8:storm-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:storm-nimbus-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:storm-supervisor-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:venv-openstack-aodh-x86_64-5.1.1~dev7-12.26.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-barbican-x86_64-5.0.2~dev3-12.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-ceilometer-x86_64-9.0.8~dev7-12.24.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-cinder-x86_64-11.2.3~dev23-14.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-designate-x86_64-5.0.3~dev7-12.25.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-freezer-x86_64-5.0.0.0~xrc2~dev2-10.22.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-glance-x86_64-15.0.3~dev3-12.25.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-heat-x86_64-9.0.8~dev22-12.27.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-horizon-x86_64-12.0.5~dev3-14.30.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-ironic-x86_64-9.1.8~dev8-12.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-keystone-x86_64-12.0.4~dev11-11.28.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-magnum-x86_64-5.0.2_5.0.2_5.0.2~dev31-11.26.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-manila-x86_64-5.1.1~dev5-12.31.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-monasca-ceilometer-x86_64-1.5.1_1.5.1_1.5.1~dev3-8.22.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-monasca-x86_64-2.2.2~dev1-11.22.3.noarch", "SUSE OpenStack Cloud 8:venv-openstack-murano-x86_64-4.0.2~dev2-12.22.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-neutron-x86_64-11.0.9~dev65-13.30.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-nova-x86_64-16.1.9~dev61-11.28.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-octavia-x86_64-1.0.6~dev3-12.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-sahara-x86_64-7.0.5~dev4-11.26.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-swift-x86_64-2.15.2_2.15.2_2.15.2~dev32-11.18.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-trove-x86_64-8.0.2~dev2-11.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:ansible-2.4.6.0-3.9.1.noarch", "SUSE OpenStack Cloud Crowbar 8:caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1.noarch", "SUSE OpenStack Cloud Crowbar 8:crowbar-core-5.0+git.1593156248.55bbdb26d-3.41.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:crowbar-core-branding-upstream-5.0+git.1593156248.55bbdb26d-3.41.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:crowbar-openstack-5.0+git.1593085772.64c4ab43c-4.40.2.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-deployment-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-supplement-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-upstream-admin-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-upstream-user-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:grafana-4.6.5-4.9.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kibana-4.6.3-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:openstack-dashboard-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-keystone-doc-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-monasca-installer-20190923_16.32-3.12.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-dhcp-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-doc-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-ha-tool-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-l3-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-macvtap-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-metadata-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-metering-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-server-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-octavia-amphora-image-x86_64-0.1.4-3.12.2.noarch", "SUSE OpenStack Cloud Crowbar 8:python-Django-1.11.23-3.15.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-Flask-0.12.1-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-Pillow-4.2.1-3.5.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:python-amqp-2.4.2-3.12.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-apicapi-1.6.0-3.6.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-horizon-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:python-keystoneauth1-3.1.2~dev2-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:python-oslo.messaging-5.30.8-3.11.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-psutil-5.2.2-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:python-pyroute2-0.4.21-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-pysaml2-4.0.2-5.6.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-tooz-1.58.1-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-crowbar-client-3.9.2-3.12.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-puma-2.16.0-3.9.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:storm-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:storm-nimbus-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:storm-supervisor-1.1.3-3.3.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 3.7, baseSeverity: "LOW", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N", version: "3.0", }, products: [ "HPE Helion OpenStack 8:ansible-2.4.6.0-3.9.1.noarch", "HPE Helion OpenStack 8:ansible1-1.9.6-7.3.1.noarch", "HPE Helion OpenStack 8:ardana-ansible-8.0+git.1589740980.6c3bcdc-3.73.1.noarch", "HPE Helion OpenStack 8:ardana-cluster-8.0+git.1585685203.3e71e49-3.36.1.noarch", "HPE Helion OpenStack 8:ardana-freezer-8.0+git.1586539529.b7d295f-3.21.1.noarch", "HPE Helion OpenStack 8:ardana-input-model-8.0+git.1589740934.0e0ad61-3.39.1.noarch", "HPE Helion OpenStack 8:ardana-logging-8.0+git.1591194866.b7375d0-3.24.1.noarch", "HPE Helion OpenStack 8:ardana-mq-8.0+git.1589715269.62ad6df-3.22.1.noarch", "HPE Helion OpenStack 8:ardana-neutron-8.0+git.1590756744.ba84abc-3.42.1.noarch", "HPE Helion OpenStack 8:ardana-octavia-8.0+git.1590100427.cf4cc8f-3.29.1.noarch", "HPE Helion OpenStack 8:ardana-osconfig-8.0+git.1587034587.eac37b8-3.45.1.noarch", "HPE Helion OpenStack 8:caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-installation-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-operations-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-opsconsole-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-planning-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-security-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-user-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:grafana-4.6.5-4.9.1.x86_64", "HPE Helion OpenStack 8:kibana-4.6.3-3.3.1.x86_64", "HPE Helion OpenStack 8:openstack-dashboard-12.0.5~dev3-3.26.1.noarch", "HPE Helion OpenStack 8:openstack-dashboard-theme-HPE-8+git.1523473653.6599ec8-3.3.1.noarch", "HPE Helion OpenStack 8:openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1.noarch", "HPE Helion OpenStack 8:openstack-keystone-12.0.4~dev11-5.33.2.noarch", "HPE Helion OpenStack 8:openstack-keystone-doc-12.0.4~dev11-5.33.2.noarch", "HPE Helion OpenStack 8:openstack-monasca-agent-2.2.6~dev4-3.18.1.noarch", "HPE Helion OpenStack 8:openstack-monasca-installer-20190923_16.32-3.12.1.noarch", "HPE Helion OpenStack 8:openstack-neutron-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-dhcp-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-doc-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-ha-tool-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-l3-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-macvtap-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-metadata-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-metering-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-server-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-octavia-amphora-image-x86_64-0.1.4-3.12.2.noarch", "HPE Helion OpenStack 8:python-Django-1.11.23-3.15.1.noarch", "HPE Helion OpenStack 8:python-Flask-0.12.1-3.3.1.noarch", "HPE Helion OpenStack 8:python-GitPython-2.1.8-3.3.1.noarch", "HPE Helion OpenStack 8:python-Pillow-4.2.1-3.5.1.x86_64", "HPE Helion OpenStack 8:python-amqp-2.4.2-3.12.1.noarch", "HPE Helion OpenStack 8:python-apicapi-1.6.0-3.6.1.noarch", "HPE Helion OpenStack 8:python-horizon-12.0.5~dev3-3.26.1.noarch", "HPE Helion OpenStack 8:python-keystone-12.0.4~dev11-5.33.2.noarch", "HPE Helion OpenStack 8:python-keystoneauth1-3.1.2~dev2-3.3.1.noarch", "HPE Helion OpenStack 8:python-monasca-agent-2.2.6~dev4-3.18.1.noarch", "HPE Helion OpenStack 8:python-neutron-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:python-oslo.messaging-5.30.8-3.11.1.noarch", "HPE Helion OpenStack 8:python-psutil-5.2.2-3.3.1.x86_64", "HPE Helion OpenStack 8:python-pyroute2-0.4.21-3.3.1.noarch", "HPE Helion OpenStack 8:python-pysaml2-4.0.2-5.6.1.noarch", "HPE Helion OpenStack 8:python-tooz-1.58.1-3.3.1.noarch", "HPE Helion OpenStack 8:python-waitress-1.4.3-3.3.1.noarch", "HPE Helion OpenStack 8:storm-1.1.3-3.3.1.x86_64", "HPE Helion OpenStack 8:storm-nimbus-1.1.3-3.3.1.x86_64", "HPE Helion OpenStack 8:storm-supervisor-1.1.3-3.3.1.x86_64", "HPE Helion OpenStack 8:venv-openstack-aodh-x86_64-5.1.1~dev7-12.26.2.noarch", "HPE Helion OpenStack 8:venv-openstack-barbican-x86_64-5.0.2~dev3-12.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-ceilometer-x86_64-9.0.8~dev7-12.24.2.noarch", "HPE Helion OpenStack 8:venv-openstack-cinder-x86_64-11.2.3~dev23-14.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-designate-x86_64-5.0.3~dev7-12.25.2.noarch", "HPE Helion OpenStack 8:venv-openstack-freezer-x86_64-5.0.0.0~xrc2~dev2-10.22.1.noarch", "HPE Helion OpenStack 8:venv-openstack-glance-x86_64-15.0.3~dev3-12.25.1.noarch", "HPE Helion OpenStack 8:venv-openstack-heat-x86_64-9.0.8~dev22-12.27.1.noarch", "HPE Helion OpenStack 8:venv-openstack-horizon-hpe-x86_64-12.0.5~dev3-14.30.1.noarch", "HPE Helion OpenStack 8:venv-openstack-ironic-x86_64-9.1.8~dev8-12.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-keystone-x86_64-12.0.4~dev11-11.28.2.noarch", "HPE Helion OpenStack 8:venv-openstack-magnum-x86_64-5.0.2_5.0.2_5.0.2~dev31-11.26.2.noarch", "HPE Helion OpenStack 8:venv-openstack-manila-x86_64-5.1.1~dev5-12.31.2.noarch", "HPE Helion OpenStack 8:venv-openstack-monasca-ceilometer-x86_64-1.5.1_1.5.1_1.5.1~dev3-8.22.2.noarch", "HPE Helion OpenStack 8:venv-openstack-monasca-x86_64-2.2.2~dev1-11.22.3.noarch", "HPE Helion OpenStack 8:venv-openstack-murano-x86_64-4.0.2~dev2-12.22.1.noarch", "HPE Helion OpenStack 8:venv-openstack-neutron-x86_64-11.0.9~dev65-13.30.2.noarch", "HPE Helion OpenStack 8:venv-openstack-nova-x86_64-16.1.9~dev61-11.28.2.noarch", "HPE Helion OpenStack 8:venv-openstack-octavia-x86_64-1.0.6~dev3-12.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-sahara-x86_64-7.0.5~dev4-11.26.2.noarch", "HPE Helion OpenStack 8:venv-openstack-swift-x86_64-2.15.2_2.15.2_2.15.2~dev32-11.18.1.noarch", "HPE Helion OpenStack 8:venv-openstack-trove-x86_64-8.0.2~dev2-11.26.1.noarch", "SUSE OpenStack Cloud 8:ansible-2.4.6.0-3.9.1.noarch", "SUSE OpenStack Cloud 8:ansible1-1.9.6-7.3.1.noarch", "SUSE OpenStack Cloud 8:ardana-ansible-8.0+git.1589740980.6c3bcdc-3.73.1.noarch", "SUSE OpenStack Cloud 8:ardana-cluster-8.0+git.1585685203.3e71e49-3.36.1.noarch", "SUSE OpenStack Cloud 8:ardana-freezer-8.0+git.1586539529.b7d295f-3.21.1.noarch", "SUSE OpenStack Cloud 8:ardana-input-model-8.0+git.1589740934.0e0ad61-3.39.1.noarch", "SUSE OpenStack Cloud 8:ardana-logging-8.0+git.1591194866.b7375d0-3.24.1.noarch", "SUSE OpenStack Cloud 8:ardana-mq-8.0+git.1589715269.62ad6df-3.22.1.noarch", "SUSE OpenStack Cloud 8:ardana-neutron-8.0+git.1590756744.ba84abc-3.42.1.noarch", "SUSE OpenStack Cloud 8:ardana-octavia-8.0+git.1590100427.cf4cc8f-3.29.1.noarch", "SUSE OpenStack Cloud 8:ardana-osconfig-8.0+git.1587034587.eac37b8-3.45.1.noarch", "SUSE OpenStack Cloud 8:caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-installation-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-operations-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-opsconsole-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-planning-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-security-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-supplement-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-upstream-admin-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-upstream-user-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-user-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:grafana-4.6.5-4.9.1.x86_64", "SUSE OpenStack Cloud 8:kibana-4.6.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:openstack-dashboard-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud 8:openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1.noarch", "SUSE OpenStack Cloud 8:openstack-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-keystone-doc-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud 8:openstack-monasca-installer-20190923_16.32-3.12.1.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-dhcp-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-doc-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-ha-tool-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-l3-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-macvtap-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-metadata-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-metering-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-server-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-octavia-amphora-image-x86_64-0.1.4-3.12.2.noarch", "SUSE OpenStack Cloud 8:python-Django-1.11.23-3.15.1.noarch", "SUSE OpenStack Cloud 8:python-Flask-0.12.1-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-GitPython-2.1.8-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-Pillow-4.2.1-3.5.1.x86_64", "SUSE OpenStack Cloud 8:python-amqp-2.4.2-3.12.1.noarch", "SUSE OpenStack Cloud 8:python-apicapi-1.6.0-3.6.1.noarch", "SUSE OpenStack Cloud 8:python-horizon-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud 8:python-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud 8:python-keystoneauth1-3.1.2~dev2-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud 8:python-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:python-oslo.messaging-5.30.8-3.11.1.noarch", "SUSE OpenStack Cloud 8:python-psutil-5.2.2-3.3.1.x86_64", "SUSE OpenStack Cloud 8:python-pyroute2-0.4.21-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-pysaml2-4.0.2-5.6.1.noarch", "SUSE OpenStack Cloud 8:python-tooz-1.58.1-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud 8:storm-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:storm-nimbus-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:storm-supervisor-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:venv-openstack-aodh-x86_64-5.1.1~dev7-12.26.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-barbican-x86_64-5.0.2~dev3-12.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-ceilometer-x86_64-9.0.8~dev7-12.24.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-cinder-x86_64-11.2.3~dev23-14.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-designate-x86_64-5.0.3~dev7-12.25.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-freezer-x86_64-5.0.0.0~xrc2~dev2-10.22.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-glance-x86_64-15.0.3~dev3-12.25.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-heat-x86_64-9.0.8~dev22-12.27.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-horizon-x86_64-12.0.5~dev3-14.30.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-ironic-x86_64-9.1.8~dev8-12.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-keystone-x86_64-12.0.4~dev11-11.28.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-magnum-x86_64-5.0.2_5.0.2_5.0.2~dev31-11.26.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-manila-x86_64-5.1.1~dev5-12.31.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-monasca-ceilometer-x86_64-1.5.1_1.5.1_1.5.1~dev3-8.22.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-monasca-x86_64-2.2.2~dev1-11.22.3.noarch", "SUSE OpenStack Cloud 8:venv-openstack-murano-x86_64-4.0.2~dev2-12.22.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-neutron-x86_64-11.0.9~dev65-13.30.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-nova-x86_64-16.1.9~dev61-11.28.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-octavia-x86_64-1.0.6~dev3-12.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-sahara-x86_64-7.0.5~dev4-11.26.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-swift-x86_64-2.15.2_2.15.2_2.15.2~dev32-11.18.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-trove-x86_64-8.0.2~dev2-11.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:ansible-2.4.6.0-3.9.1.noarch", "SUSE OpenStack Cloud Crowbar 8:caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1.noarch", "SUSE OpenStack Cloud Crowbar 8:crowbar-core-5.0+git.1593156248.55bbdb26d-3.41.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:crowbar-core-branding-upstream-5.0+git.1593156248.55bbdb26d-3.41.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:crowbar-openstack-5.0+git.1593085772.64c4ab43c-4.40.2.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-deployment-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-supplement-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-upstream-admin-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-upstream-user-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:grafana-4.6.5-4.9.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kibana-4.6.3-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:openstack-dashboard-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-keystone-doc-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-monasca-installer-20190923_16.32-3.12.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-dhcp-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-doc-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-ha-tool-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-l3-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-macvtap-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-metadata-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-metering-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-server-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-octavia-amphora-image-x86_64-0.1.4-3.12.2.noarch", "SUSE OpenStack Cloud Crowbar 8:python-Django-1.11.23-3.15.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-Flask-0.12.1-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-Pillow-4.2.1-3.5.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:python-amqp-2.4.2-3.12.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-apicapi-1.6.0-3.6.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-horizon-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:python-keystoneauth1-3.1.2~dev2-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:python-oslo.messaging-5.30.8-3.11.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-psutil-5.2.2-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:python-pyroute2-0.4.21-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-pysaml2-4.0.2-5.6.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-tooz-1.58.1-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-crowbar-client-3.9.2-3.12.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-puma-2.16.0-3.9.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:storm-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:storm-nimbus-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:storm-supervisor-1.1.3-3.3.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2020-07-14T12:42:01Z", details: "low", }, ], title: "CVE-2017-1000246", }, { cve: "CVE-2019-1010083", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-1010083", }, ], notes: [ { category: "general", text: "The Pallets Project Flask before 1.0 is affected by: unexpected memory usage. The impact is: denial of service. The attack vector is: crafted encoded JSON data. The fixed version is: 1. NOTE: this may overlap CVE-2018-1000656.", title: "CVE description", }, ], product_status: { recommended: [ "HPE Helion OpenStack 8:ansible-2.4.6.0-3.9.1.noarch", "HPE Helion OpenStack 8:ansible1-1.9.6-7.3.1.noarch", "HPE Helion OpenStack 8:ardana-ansible-8.0+git.1589740980.6c3bcdc-3.73.1.noarch", "HPE Helion OpenStack 8:ardana-cluster-8.0+git.1585685203.3e71e49-3.36.1.noarch", "HPE Helion OpenStack 8:ardana-freezer-8.0+git.1586539529.b7d295f-3.21.1.noarch", "HPE Helion OpenStack 8:ardana-input-model-8.0+git.1589740934.0e0ad61-3.39.1.noarch", "HPE Helion OpenStack 8:ardana-logging-8.0+git.1591194866.b7375d0-3.24.1.noarch", "HPE Helion OpenStack 8:ardana-mq-8.0+git.1589715269.62ad6df-3.22.1.noarch", "HPE Helion OpenStack 8:ardana-neutron-8.0+git.1590756744.ba84abc-3.42.1.noarch", "HPE Helion OpenStack 8:ardana-octavia-8.0+git.1590100427.cf4cc8f-3.29.1.noarch", "HPE Helion OpenStack 8:ardana-osconfig-8.0+git.1587034587.eac37b8-3.45.1.noarch", "HPE Helion OpenStack 8:caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-installation-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-operations-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-opsconsole-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-planning-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-security-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-user-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:grafana-4.6.5-4.9.1.x86_64", "HPE Helion OpenStack 8:kibana-4.6.3-3.3.1.x86_64", "HPE Helion OpenStack 8:openstack-dashboard-12.0.5~dev3-3.26.1.noarch", "HPE Helion OpenStack 8:openstack-dashboard-theme-HPE-8+git.1523473653.6599ec8-3.3.1.noarch", "HPE Helion OpenStack 8:openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1.noarch", "HPE Helion OpenStack 8:openstack-keystone-12.0.4~dev11-5.33.2.noarch", "HPE Helion OpenStack 8:openstack-keystone-doc-12.0.4~dev11-5.33.2.noarch", "HPE Helion OpenStack 8:openstack-monasca-agent-2.2.6~dev4-3.18.1.noarch", "HPE Helion OpenStack 8:openstack-monasca-installer-20190923_16.32-3.12.1.noarch", "HPE Helion OpenStack 8:openstack-neutron-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-dhcp-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-doc-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-ha-tool-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-l3-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-macvtap-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-metadata-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-metering-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-server-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-octavia-amphora-image-x86_64-0.1.4-3.12.2.noarch", "HPE Helion OpenStack 8:python-Django-1.11.23-3.15.1.noarch", "HPE Helion OpenStack 8:python-Flask-0.12.1-3.3.1.noarch", "HPE Helion OpenStack 8:python-GitPython-2.1.8-3.3.1.noarch", "HPE Helion OpenStack 8:python-Pillow-4.2.1-3.5.1.x86_64", "HPE Helion OpenStack 8:python-amqp-2.4.2-3.12.1.noarch", "HPE Helion OpenStack 8:python-apicapi-1.6.0-3.6.1.noarch", "HPE Helion OpenStack 8:python-horizon-12.0.5~dev3-3.26.1.noarch", "HPE Helion OpenStack 8:python-keystone-12.0.4~dev11-5.33.2.noarch", "HPE Helion OpenStack 8:python-keystoneauth1-3.1.2~dev2-3.3.1.noarch", "HPE Helion OpenStack 8:python-monasca-agent-2.2.6~dev4-3.18.1.noarch", "HPE Helion OpenStack 8:python-neutron-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:python-oslo.messaging-5.30.8-3.11.1.noarch", "HPE Helion OpenStack 8:python-psutil-5.2.2-3.3.1.x86_64", "HPE Helion OpenStack 8:python-pyroute2-0.4.21-3.3.1.noarch", "HPE Helion OpenStack 8:python-pysaml2-4.0.2-5.6.1.noarch", "HPE Helion OpenStack 8:python-tooz-1.58.1-3.3.1.noarch", "HPE Helion OpenStack 8:python-waitress-1.4.3-3.3.1.noarch", "HPE Helion OpenStack 8:storm-1.1.3-3.3.1.x86_64", "HPE Helion OpenStack 8:storm-nimbus-1.1.3-3.3.1.x86_64", "HPE Helion OpenStack 8:storm-supervisor-1.1.3-3.3.1.x86_64", "HPE Helion OpenStack 8:venv-openstack-aodh-x86_64-5.1.1~dev7-12.26.2.noarch", "HPE Helion OpenStack 8:venv-openstack-barbican-x86_64-5.0.2~dev3-12.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-ceilometer-x86_64-9.0.8~dev7-12.24.2.noarch", "HPE Helion OpenStack 8:venv-openstack-cinder-x86_64-11.2.3~dev23-14.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-designate-x86_64-5.0.3~dev7-12.25.2.noarch", "HPE Helion OpenStack 8:venv-openstack-freezer-x86_64-5.0.0.0~xrc2~dev2-10.22.1.noarch", "HPE Helion OpenStack 8:venv-openstack-glance-x86_64-15.0.3~dev3-12.25.1.noarch", "HPE Helion OpenStack 8:venv-openstack-heat-x86_64-9.0.8~dev22-12.27.1.noarch", "HPE Helion OpenStack 8:venv-openstack-horizon-hpe-x86_64-12.0.5~dev3-14.30.1.noarch", "HPE Helion OpenStack 8:venv-openstack-ironic-x86_64-9.1.8~dev8-12.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-keystone-x86_64-12.0.4~dev11-11.28.2.noarch", "HPE Helion OpenStack 8:venv-openstack-magnum-x86_64-5.0.2_5.0.2_5.0.2~dev31-11.26.2.noarch", "HPE Helion OpenStack 8:venv-openstack-manila-x86_64-5.1.1~dev5-12.31.2.noarch", "HPE Helion OpenStack 8:venv-openstack-monasca-ceilometer-x86_64-1.5.1_1.5.1_1.5.1~dev3-8.22.2.noarch", "HPE Helion OpenStack 8:venv-openstack-monasca-x86_64-2.2.2~dev1-11.22.3.noarch", "HPE Helion OpenStack 8:venv-openstack-murano-x86_64-4.0.2~dev2-12.22.1.noarch", "HPE Helion OpenStack 8:venv-openstack-neutron-x86_64-11.0.9~dev65-13.30.2.noarch", "HPE Helion OpenStack 8:venv-openstack-nova-x86_64-16.1.9~dev61-11.28.2.noarch", "HPE Helion OpenStack 8:venv-openstack-octavia-x86_64-1.0.6~dev3-12.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-sahara-x86_64-7.0.5~dev4-11.26.2.noarch", "HPE Helion OpenStack 8:venv-openstack-swift-x86_64-2.15.2_2.15.2_2.15.2~dev32-11.18.1.noarch", "HPE Helion OpenStack 8:venv-openstack-trove-x86_64-8.0.2~dev2-11.26.1.noarch", "SUSE OpenStack Cloud 8:ansible-2.4.6.0-3.9.1.noarch", "SUSE OpenStack Cloud 8:ansible1-1.9.6-7.3.1.noarch", "SUSE OpenStack Cloud 8:ardana-ansible-8.0+git.1589740980.6c3bcdc-3.73.1.noarch", "SUSE OpenStack Cloud 8:ardana-cluster-8.0+git.1585685203.3e71e49-3.36.1.noarch", "SUSE OpenStack Cloud 8:ardana-freezer-8.0+git.1586539529.b7d295f-3.21.1.noarch", "SUSE OpenStack Cloud 8:ardana-input-model-8.0+git.1589740934.0e0ad61-3.39.1.noarch", "SUSE OpenStack Cloud 8:ardana-logging-8.0+git.1591194866.b7375d0-3.24.1.noarch", "SUSE OpenStack Cloud 8:ardana-mq-8.0+git.1589715269.62ad6df-3.22.1.noarch", "SUSE OpenStack Cloud 8:ardana-neutron-8.0+git.1590756744.ba84abc-3.42.1.noarch", "SUSE OpenStack Cloud 8:ardana-octavia-8.0+git.1590100427.cf4cc8f-3.29.1.noarch", "SUSE OpenStack Cloud 8:ardana-osconfig-8.0+git.1587034587.eac37b8-3.45.1.noarch", "SUSE OpenStack Cloud 8:caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-installation-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-operations-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-opsconsole-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-planning-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-security-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-supplement-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-upstream-admin-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-upstream-user-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-user-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:grafana-4.6.5-4.9.1.x86_64", "SUSE OpenStack Cloud 8:kibana-4.6.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:openstack-dashboard-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud 8:openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1.noarch", "SUSE OpenStack Cloud 8:openstack-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-keystone-doc-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud 8:openstack-monasca-installer-20190923_16.32-3.12.1.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-dhcp-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-doc-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-ha-tool-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-l3-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-macvtap-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-metadata-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-metering-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-server-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-octavia-amphora-image-x86_64-0.1.4-3.12.2.noarch", "SUSE OpenStack Cloud 8:python-Django-1.11.23-3.15.1.noarch", "SUSE OpenStack Cloud 8:python-Flask-0.12.1-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-GitPython-2.1.8-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-Pillow-4.2.1-3.5.1.x86_64", "SUSE OpenStack Cloud 8:python-amqp-2.4.2-3.12.1.noarch", "SUSE OpenStack Cloud 8:python-apicapi-1.6.0-3.6.1.noarch", "SUSE OpenStack Cloud 8:python-horizon-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud 8:python-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud 8:python-keystoneauth1-3.1.2~dev2-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud 8:python-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:python-oslo.messaging-5.30.8-3.11.1.noarch", "SUSE OpenStack Cloud 8:python-psutil-5.2.2-3.3.1.x86_64", "SUSE OpenStack Cloud 8:python-pyroute2-0.4.21-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-pysaml2-4.0.2-5.6.1.noarch", "SUSE OpenStack Cloud 8:python-tooz-1.58.1-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud 8:storm-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:storm-nimbus-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:storm-supervisor-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:venv-openstack-aodh-x86_64-5.1.1~dev7-12.26.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-barbican-x86_64-5.0.2~dev3-12.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-ceilometer-x86_64-9.0.8~dev7-12.24.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-cinder-x86_64-11.2.3~dev23-14.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-designate-x86_64-5.0.3~dev7-12.25.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-freezer-x86_64-5.0.0.0~xrc2~dev2-10.22.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-glance-x86_64-15.0.3~dev3-12.25.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-heat-x86_64-9.0.8~dev22-12.27.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-horizon-x86_64-12.0.5~dev3-14.30.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-ironic-x86_64-9.1.8~dev8-12.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-keystone-x86_64-12.0.4~dev11-11.28.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-magnum-x86_64-5.0.2_5.0.2_5.0.2~dev31-11.26.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-manila-x86_64-5.1.1~dev5-12.31.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-monasca-ceilometer-x86_64-1.5.1_1.5.1_1.5.1~dev3-8.22.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-monasca-x86_64-2.2.2~dev1-11.22.3.noarch", "SUSE OpenStack Cloud 8:venv-openstack-murano-x86_64-4.0.2~dev2-12.22.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-neutron-x86_64-11.0.9~dev65-13.30.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-nova-x86_64-16.1.9~dev61-11.28.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-octavia-x86_64-1.0.6~dev3-12.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-sahara-x86_64-7.0.5~dev4-11.26.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-swift-x86_64-2.15.2_2.15.2_2.15.2~dev32-11.18.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-trove-x86_64-8.0.2~dev2-11.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:ansible-2.4.6.0-3.9.1.noarch", "SUSE OpenStack Cloud Crowbar 8:caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1.noarch", "SUSE OpenStack Cloud Crowbar 8:crowbar-core-5.0+git.1593156248.55bbdb26d-3.41.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:crowbar-core-branding-upstream-5.0+git.1593156248.55bbdb26d-3.41.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:crowbar-openstack-5.0+git.1593085772.64c4ab43c-4.40.2.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-deployment-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-supplement-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-upstream-admin-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-upstream-user-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:grafana-4.6.5-4.9.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kibana-4.6.3-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:openstack-dashboard-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-keystone-doc-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-monasca-installer-20190923_16.32-3.12.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-dhcp-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-doc-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-ha-tool-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-l3-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-macvtap-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-metadata-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-metering-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-server-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-octavia-amphora-image-x86_64-0.1.4-3.12.2.noarch", "SUSE OpenStack Cloud Crowbar 8:python-Django-1.11.23-3.15.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-Flask-0.12.1-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-Pillow-4.2.1-3.5.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:python-amqp-2.4.2-3.12.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-apicapi-1.6.0-3.6.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-horizon-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:python-keystoneauth1-3.1.2~dev2-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:python-oslo.messaging-5.30.8-3.11.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-psutil-5.2.2-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:python-pyroute2-0.4.21-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-pysaml2-4.0.2-5.6.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-tooz-1.58.1-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-crowbar-client-3.9.2-3.12.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-puma-2.16.0-3.9.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:storm-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:storm-nimbus-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:storm-supervisor-1.1.3-3.3.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-1010083", url: "https://www.suse.com/security/cve/CVE-2019-1010083", }, { category: "external", summary: "SUSE Bug 1141968 for CVE-2019-1010083", url: "https://bugzilla.suse.com/1141968", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "HPE Helion OpenStack 8:ansible-2.4.6.0-3.9.1.noarch", "HPE Helion OpenStack 8:ansible1-1.9.6-7.3.1.noarch", "HPE Helion OpenStack 8:ardana-ansible-8.0+git.1589740980.6c3bcdc-3.73.1.noarch", "HPE Helion OpenStack 8:ardana-cluster-8.0+git.1585685203.3e71e49-3.36.1.noarch", "HPE Helion OpenStack 8:ardana-freezer-8.0+git.1586539529.b7d295f-3.21.1.noarch", "HPE Helion OpenStack 8:ardana-input-model-8.0+git.1589740934.0e0ad61-3.39.1.noarch", "HPE Helion OpenStack 8:ardana-logging-8.0+git.1591194866.b7375d0-3.24.1.noarch", "HPE Helion OpenStack 8:ardana-mq-8.0+git.1589715269.62ad6df-3.22.1.noarch", "HPE Helion OpenStack 8:ardana-neutron-8.0+git.1590756744.ba84abc-3.42.1.noarch", "HPE Helion OpenStack 8:ardana-octavia-8.0+git.1590100427.cf4cc8f-3.29.1.noarch", "HPE Helion OpenStack 8:ardana-osconfig-8.0+git.1587034587.eac37b8-3.45.1.noarch", "HPE Helion OpenStack 8:caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-installation-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-operations-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-opsconsole-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-planning-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-security-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-user-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:grafana-4.6.5-4.9.1.x86_64", "HPE Helion OpenStack 8:kibana-4.6.3-3.3.1.x86_64", "HPE Helion OpenStack 8:openstack-dashboard-12.0.5~dev3-3.26.1.noarch", "HPE Helion OpenStack 8:openstack-dashboard-theme-HPE-8+git.1523473653.6599ec8-3.3.1.noarch", "HPE Helion OpenStack 8:openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1.noarch", "HPE Helion OpenStack 8:openstack-keystone-12.0.4~dev11-5.33.2.noarch", "HPE Helion OpenStack 8:openstack-keystone-doc-12.0.4~dev11-5.33.2.noarch", "HPE Helion OpenStack 8:openstack-monasca-agent-2.2.6~dev4-3.18.1.noarch", "HPE Helion OpenStack 8:openstack-monasca-installer-20190923_16.32-3.12.1.noarch", "HPE Helion OpenStack 8:openstack-neutron-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-dhcp-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-doc-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-ha-tool-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-l3-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-macvtap-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-metadata-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-metering-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-server-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-octavia-amphora-image-x86_64-0.1.4-3.12.2.noarch", "HPE Helion OpenStack 8:python-Django-1.11.23-3.15.1.noarch", "HPE Helion OpenStack 8:python-Flask-0.12.1-3.3.1.noarch", "HPE Helion OpenStack 8:python-GitPython-2.1.8-3.3.1.noarch", "HPE Helion OpenStack 8:python-Pillow-4.2.1-3.5.1.x86_64", "HPE Helion OpenStack 8:python-amqp-2.4.2-3.12.1.noarch", "HPE Helion OpenStack 8:python-apicapi-1.6.0-3.6.1.noarch", "HPE Helion OpenStack 8:python-horizon-12.0.5~dev3-3.26.1.noarch", "HPE Helion OpenStack 8:python-keystone-12.0.4~dev11-5.33.2.noarch", "HPE Helion OpenStack 8:python-keystoneauth1-3.1.2~dev2-3.3.1.noarch", "HPE Helion OpenStack 8:python-monasca-agent-2.2.6~dev4-3.18.1.noarch", "HPE Helion OpenStack 8:python-neutron-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:python-oslo.messaging-5.30.8-3.11.1.noarch", "HPE Helion OpenStack 8:python-psutil-5.2.2-3.3.1.x86_64", "HPE Helion OpenStack 8:python-pyroute2-0.4.21-3.3.1.noarch", "HPE Helion OpenStack 8:python-pysaml2-4.0.2-5.6.1.noarch", "HPE Helion OpenStack 8:python-tooz-1.58.1-3.3.1.noarch", "HPE Helion OpenStack 8:python-waitress-1.4.3-3.3.1.noarch", "HPE Helion OpenStack 8:storm-1.1.3-3.3.1.x86_64", "HPE Helion OpenStack 8:storm-nimbus-1.1.3-3.3.1.x86_64", "HPE Helion OpenStack 8:storm-supervisor-1.1.3-3.3.1.x86_64", "HPE Helion OpenStack 8:venv-openstack-aodh-x86_64-5.1.1~dev7-12.26.2.noarch", "HPE Helion OpenStack 8:venv-openstack-barbican-x86_64-5.0.2~dev3-12.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-ceilometer-x86_64-9.0.8~dev7-12.24.2.noarch", "HPE Helion OpenStack 8:venv-openstack-cinder-x86_64-11.2.3~dev23-14.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-designate-x86_64-5.0.3~dev7-12.25.2.noarch", "HPE Helion OpenStack 8:venv-openstack-freezer-x86_64-5.0.0.0~xrc2~dev2-10.22.1.noarch", "HPE Helion OpenStack 8:venv-openstack-glance-x86_64-15.0.3~dev3-12.25.1.noarch", "HPE Helion OpenStack 8:venv-openstack-heat-x86_64-9.0.8~dev22-12.27.1.noarch", "HPE Helion OpenStack 8:venv-openstack-horizon-hpe-x86_64-12.0.5~dev3-14.30.1.noarch", "HPE Helion OpenStack 8:venv-openstack-ironic-x86_64-9.1.8~dev8-12.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-keystone-x86_64-12.0.4~dev11-11.28.2.noarch", "HPE Helion OpenStack 8:venv-openstack-magnum-x86_64-5.0.2_5.0.2_5.0.2~dev31-11.26.2.noarch", "HPE Helion OpenStack 8:venv-openstack-manila-x86_64-5.1.1~dev5-12.31.2.noarch", "HPE Helion OpenStack 8:venv-openstack-monasca-ceilometer-x86_64-1.5.1_1.5.1_1.5.1~dev3-8.22.2.noarch", "HPE Helion OpenStack 8:venv-openstack-monasca-x86_64-2.2.2~dev1-11.22.3.noarch", "HPE Helion OpenStack 8:venv-openstack-murano-x86_64-4.0.2~dev2-12.22.1.noarch", "HPE Helion OpenStack 8:venv-openstack-neutron-x86_64-11.0.9~dev65-13.30.2.noarch", "HPE Helion OpenStack 8:venv-openstack-nova-x86_64-16.1.9~dev61-11.28.2.noarch", "HPE Helion OpenStack 8:venv-openstack-octavia-x86_64-1.0.6~dev3-12.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-sahara-x86_64-7.0.5~dev4-11.26.2.noarch", "HPE Helion OpenStack 8:venv-openstack-swift-x86_64-2.15.2_2.15.2_2.15.2~dev32-11.18.1.noarch", "HPE Helion OpenStack 8:venv-openstack-trove-x86_64-8.0.2~dev2-11.26.1.noarch", "SUSE OpenStack Cloud 8:ansible-2.4.6.0-3.9.1.noarch", "SUSE OpenStack Cloud 8:ansible1-1.9.6-7.3.1.noarch", "SUSE OpenStack Cloud 8:ardana-ansible-8.0+git.1589740980.6c3bcdc-3.73.1.noarch", "SUSE OpenStack Cloud 8:ardana-cluster-8.0+git.1585685203.3e71e49-3.36.1.noarch", "SUSE OpenStack Cloud 8:ardana-freezer-8.0+git.1586539529.b7d295f-3.21.1.noarch", "SUSE OpenStack Cloud 8:ardana-input-model-8.0+git.1589740934.0e0ad61-3.39.1.noarch", "SUSE OpenStack Cloud 8:ardana-logging-8.0+git.1591194866.b7375d0-3.24.1.noarch", "SUSE OpenStack Cloud 8:ardana-mq-8.0+git.1589715269.62ad6df-3.22.1.noarch", "SUSE OpenStack Cloud 8:ardana-neutron-8.0+git.1590756744.ba84abc-3.42.1.noarch", "SUSE OpenStack Cloud 8:ardana-octavia-8.0+git.1590100427.cf4cc8f-3.29.1.noarch", "SUSE OpenStack Cloud 8:ardana-osconfig-8.0+git.1587034587.eac37b8-3.45.1.noarch", "SUSE OpenStack Cloud 8:caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-installation-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-operations-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-opsconsole-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-planning-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-security-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-supplement-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-upstream-admin-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-upstream-user-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-user-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:grafana-4.6.5-4.9.1.x86_64", "SUSE OpenStack Cloud 8:kibana-4.6.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:openstack-dashboard-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud 8:openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1.noarch", "SUSE OpenStack Cloud 8:openstack-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-keystone-doc-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud 8:openstack-monasca-installer-20190923_16.32-3.12.1.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-dhcp-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-doc-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-ha-tool-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-l3-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-macvtap-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-metadata-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-metering-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-server-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-octavia-amphora-image-x86_64-0.1.4-3.12.2.noarch", "SUSE OpenStack Cloud 8:python-Django-1.11.23-3.15.1.noarch", "SUSE OpenStack Cloud 8:python-Flask-0.12.1-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-GitPython-2.1.8-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-Pillow-4.2.1-3.5.1.x86_64", "SUSE OpenStack Cloud 8:python-amqp-2.4.2-3.12.1.noarch", "SUSE OpenStack Cloud 8:python-apicapi-1.6.0-3.6.1.noarch", "SUSE OpenStack Cloud 8:python-horizon-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud 8:python-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud 8:python-keystoneauth1-3.1.2~dev2-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud 8:python-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:python-oslo.messaging-5.30.8-3.11.1.noarch", "SUSE OpenStack Cloud 8:python-psutil-5.2.2-3.3.1.x86_64", "SUSE OpenStack Cloud 8:python-pyroute2-0.4.21-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-pysaml2-4.0.2-5.6.1.noarch", "SUSE OpenStack Cloud 8:python-tooz-1.58.1-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud 8:storm-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:storm-nimbus-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:storm-supervisor-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:venv-openstack-aodh-x86_64-5.1.1~dev7-12.26.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-barbican-x86_64-5.0.2~dev3-12.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-ceilometer-x86_64-9.0.8~dev7-12.24.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-cinder-x86_64-11.2.3~dev23-14.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-designate-x86_64-5.0.3~dev7-12.25.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-freezer-x86_64-5.0.0.0~xrc2~dev2-10.22.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-glance-x86_64-15.0.3~dev3-12.25.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-heat-x86_64-9.0.8~dev22-12.27.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-horizon-x86_64-12.0.5~dev3-14.30.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-ironic-x86_64-9.1.8~dev8-12.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-keystone-x86_64-12.0.4~dev11-11.28.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-magnum-x86_64-5.0.2_5.0.2_5.0.2~dev31-11.26.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-manila-x86_64-5.1.1~dev5-12.31.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-monasca-ceilometer-x86_64-1.5.1_1.5.1_1.5.1~dev3-8.22.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-monasca-x86_64-2.2.2~dev1-11.22.3.noarch", "SUSE OpenStack Cloud 8:venv-openstack-murano-x86_64-4.0.2~dev2-12.22.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-neutron-x86_64-11.0.9~dev65-13.30.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-nova-x86_64-16.1.9~dev61-11.28.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-octavia-x86_64-1.0.6~dev3-12.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-sahara-x86_64-7.0.5~dev4-11.26.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-swift-x86_64-2.15.2_2.15.2_2.15.2~dev32-11.18.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-trove-x86_64-8.0.2~dev2-11.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:ansible-2.4.6.0-3.9.1.noarch", "SUSE OpenStack Cloud Crowbar 8:caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1.noarch", "SUSE OpenStack Cloud Crowbar 8:crowbar-core-5.0+git.1593156248.55bbdb26d-3.41.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:crowbar-core-branding-upstream-5.0+git.1593156248.55bbdb26d-3.41.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:crowbar-openstack-5.0+git.1593085772.64c4ab43c-4.40.2.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-deployment-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-supplement-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-upstream-admin-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-upstream-user-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:grafana-4.6.5-4.9.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kibana-4.6.3-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:openstack-dashboard-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-keystone-doc-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-monasca-installer-20190923_16.32-3.12.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-dhcp-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-doc-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-ha-tool-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-l3-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-macvtap-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-metadata-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-metering-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-server-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-octavia-amphora-image-x86_64-0.1.4-3.12.2.noarch", "SUSE OpenStack Cloud Crowbar 8:python-Django-1.11.23-3.15.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-Flask-0.12.1-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-Pillow-4.2.1-3.5.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:python-amqp-2.4.2-3.12.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-apicapi-1.6.0-3.6.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-horizon-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:python-keystoneauth1-3.1.2~dev2-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:python-oslo.messaging-5.30.8-3.11.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-psutil-5.2.2-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:python-pyroute2-0.4.21-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-pysaml2-4.0.2-5.6.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-tooz-1.58.1-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-crowbar-client-3.9.2-3.12.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-puma-2.16.0-3.9.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:storm-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:storm-nimbus-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:storm-supervisor-1.1.3-3.3.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "HPE Helion OpenStack 8:ansible-2.4.6.0-3.9.1.noarch", "HPE Helion OpenStack 8:ansible1-1.9.6-7.3.1.noarch", "HPE Helion OpenStack 8:ardana-ansible-8.0+git.1589740980.6c3bcdc-3.73.1.noarch", "HPE Helion OpenStack 8:ardana-cluster-8.0+git.1585685203.3e71e49-3.36.1.noarch", "HPE Helion OpenStack 8:ardana-freezer-8.0+git.1586539529.b7d295f-3.21.1.noarch", "HPE Helion OpenStack 8:ardana-input-model-8.0+git.1589740934.0e0ad61-3.39.1.noarch", "HPE Helion OpenStack 8:ardana-logging-8.0+git.1591194866.b7375d0-3.24.1.noarch", "HPE Helion OpenStack 8:ardana-mq-8.0+git.1589715269.62ad6df-3.22.1.noarch", "HPE Helion OpenStack 8:ardana-neutron-8.0+git.1590756744.ba84abc-3.42.1.noarch", "HPE Helion OpenStack 8:ardana-octavia-8.0+git.1590100427.cf4cc8f-3.29.1.noarch", "HPE Helion OpenStack 8:ardana-osconfig-8.0+git.1587034587.eac37b8-3.45.1.noarch", "HPE Helion OpenStack 8:caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-installation-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-operations-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-opsconsole-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-planning-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-security-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-user-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:grafana-4.6.5-4.9.1.x86_64", "HPE Helion OpenStack 8:kibana-4.6.3-3.3.1.x86_64", "HPE Helion OpenStack 8:openstack-dashboard-12.0.5~dev3-3.26.1.noarch", "HPE Helion OpenStack 8:openstack-dashboard-theme-HPE-8+git.1523473653.6599ec8-3.3.1.noarch", "HPE Helion OpenStack 8:openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1.noarch", "HPE Helion OpenStack 8:openstack-keystone-12.0.4~dev11-5.33.2.noarch", "HPE Helion OpenStack 8:openstack-keystone-doc-12.0.4~dev11-5.33.2.noarch", "HPE Helion OpenStack 8:openstack-monasca-agent-2.2.6~dev4-3.18.1.noarch", "HPE Helion OpenStack 8:openstack-monasca-installer-20190923_16.32-3.12.1.noarch", "HPE Helion OpenStack 8:openstack-neutron-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-dhcp-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-doc-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-ha-tool-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-l3-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-macvtap-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-metadata-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-metering-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-server-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-octavia-amphora-image-x86_64-0.1.4-3.12.2.noarch", "HPE Helion OpenStack 8:python-Django-1.11.23-3.15.1.noarch", "HPE Helion OpenStack 8:python-Flask-0.12.1-3.3.1.noarch", "HPE Helion OpenStack 8:python-GitPython-2.1.8-3.3.1.noarch", "HPE Helion OpenStack 8:python-Pillow-4.2.1-3.5.1.x86_64", "HPE Helion OpenStack 8:python-amqp-2.4.2-3.12.1.noarch", "HPE Helion OpenStack 8:python-apicapi-1.6.0-3.6.1.noarch", "HPE Helion OpenStack 8:python-horizon-12.0.5~dev3-3.26.1.noarch", "HPE Helion OpenStack 8:python-keystone-12.0.4~dev11-5.33.2.noarch", "HPE Helion OpenStack 8:python-keystoneauth1-3.1.2~dev2-3.3.1.noarch", "HPE Helion OpenStack 8:python-monasca-agent-2.2.6~dev4-3.18.1.noarch", "HPE Helion OpenStack 8:python-neutron-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:python-oslo.messaging-5.30.8-3.11.1.noarch", "HPE Helion OpenStack 8:python-psutil-5.2.2-3.3.1.x86_64", "HPE Helion OpenStack 8:python-pyroute2-0.4.21-3.3.1.noarch", "HPE Helion OpenStack 8:python-pysaml2-4.0.2-5.6.1.noarch", "HPE Helion OpenStack 8:python-tooz-1.58.1-3.3.1.noarch", "HPE Helion OpenStack 8:python-waitress-1.4.3-3.3.1.noarch", "HPE Helion OpenStack 8:storm-1.1.3-3.3.1.x86_64", "HPE Helion OpenStack 8:storm-nimbus-1.1.3-3.3.1.x86_64", "HPE Helion OpenStack 8:storm-supervisor-1.1.3-3.3.1.x86_64", "HPE Helion OpenStack 8:venv-openstack-aodh-x86_64-5.1.1~dev7-12.26.2.noarch", "HPE Helion OpenStack 8:venv-openstack-barbican-x86_64-5.0.2~dev3-12.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-ceilometer-x86_64-9.0.8~dev7-12.24.2.noarch", "HPE Helion OpenStack 8:venv-openstack-cinder-x86_64-11.2.3~dev23-14.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-designate-x86_64-5.0.3~dev7-12.25.2.noarch", "HPE Helion OpenStack 8:venv-openstack-freezer-x86_64-5.0.0.0~xrc2~dev2-10.22.1.noarch", "HPE Helion OpenStack 8:venv-openstack-glance-x86_64-15.0.3~dev3-12.25.1.noarch", "HPE Helion OpenStack 8:venv-openstack-heat-x86_64-9.0.8~dev22-12.27.1.noarch", "HPE Helion OpenStack 8:venv-openstack-horizon-hpe-x86_64-12.0.5~dev3-14.30.1.noarch", "HPE Helion OpenStack 8:venv-openstack-ironic-x86_64-9.1.8~dev8-12.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-keystone-x86_64-12.0.4~dev11-11.28.2.noarch", "HPE Helion OpenStack 8:venv-openstack-magnum-x86_64-5.0.2_5.0.2_5.0.2~dev31-11.26.2.noarch", "HPE Helion OpenStack 8:venv-openstack-manila-x86_64-5.1.1~dev5-12.31.2.noarch", "HPE Helion OpenStack 8:venv-openstack-monasca-ceilometer-x86_64-1.5.1_1.5.1_1.5.1~dev3-8.22.2.noarch", "HPE Helion OpenStack 8:venv-openstack-monasca-x86_64-2.2.2~dev1-11.22.3.noarch", "HPE Helion OpenStack 8:venv-openstack-murano-x86_64-4.0.2~dev2-12.22.1.noarch", "HPE Helion OpenStack 8:venv-openstack-neutron-x86_64-11.0.9~dev65-13.30.2.noarch", "HPE Helion OpenStack 8:venv-openstack-nova-x86_64-16.1.9~dev61-11.28.2.noarch", "HPE Helion OpenStack 8:venv-openstack-octavia-x86_64-1.0.6~dev3-12.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-sahara-x86_64-7.0.5~dev4-11.26.2.noarch", "HPE Helion OpenStack 8:venv-openstack-swift-x86_64-2.15.2_2.15.2_2.15.2~dev32-11.18.1.noarch", "HPE Helion OpenStack 8:venv-openstack-trove-x86_64-8.0.2~dev2-11.26.1.noarch", "SUSE OpenStack Cloud 8:ansible-2.4.6.0-3.9.1.noarch", "SUSE OpenStack Cloud 8:ansible1-1.9.6-7.3.1.noarch", "SUSE OpenStack Cloud 8:ardana-ansible-8.0+git.1589740980.6c3bcdc-3.73.1.noarch", "SUSE OpenStack Cloud 8:ardana-cluster-8.0+git.1585685203.3e71e49-3.36.1.noarch", "SUSE OpenStack Cloud 8:ardana-freezer-8.0+git.1586539529.b7d295f-3.21.1.noarch", "SUSE OpenStack Cloud 8:ardana-input-model-8.0+git.1589740934.0e0ad61-3.39.1.noarch", "SUSE OpenStack Cloud 8:ardana-logging-8.0+git.1591194866.b7375d0-3.24.1.noarch", "SUSE OpenStack Cloud 8:ardana-mq-8.0+git.1589715269.62ad6df-3.22.1.noarch", "SUSE OpenStack Cloud 8:ardana-neutron-8.0+git.1590756744.ba84abc-3.42.1.noarch", "SUSE OpenStack Cloud 8:ardana-octavia-8.0+git.1590100427.cf4cc8f-3.29.1.noarch", "SUSE OpenStack Cloud 8:ardana-osconfig-8.0+git.1587034587.eac37b8-3.45.1.noarch", "SUSE OpenStack Cloud 8:caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-installation-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-operations-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-opsconsole-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-planning-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-security-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-supplement-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-upstream-admin-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-upstream-user-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-user-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:grafana-4.6.5-4.9.1.x86_64", "SUSE OpenStack Cloud 8:kibana-4.6.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:openstack-dashboard-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud 8:openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1.noarch", "SUSE OpenStack Cloud 8:openstack-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-keystone-doc-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud 8:openstack-monasca-installer-20190923_16.32-3.12.1.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-dhcp-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-doc-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-ha-tool-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-l3-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-macvtap-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-metadata-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-metering-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-server-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-octavia-amphora-image-x86_64-0.1.4-3.12.2.noarch", "SUSE OpenStack Cloud 8:python-Django-1.11.23-3.15.1.noarch", "SUSE OpenStack Cloud 8:python-Flask-0.12.1-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-GitPython-2.1.8-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-Pillow-4.2.1-3.5.1.x86_64", "SUSE OpenStack Cloud 8:python-amqp-2.4.2-3.12.1.noarch", "SUSE OpenStack Cloud 8:python-apicapi-1.6.0-3.6.1.noarch", "SUSE OpenStack Cloud 8:python-horizon-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud 8:python-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud 8:python-keystoneauth1-3.1.2~dev2-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud 8:python-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:python-oslo.messaging-5.30.8-3.11.1.noarch", "SUSE OpenStack Cloud 8:python-psutil-5.2.2-3.3.1.x86_64", "SUSE OpenStack Cloud 8:python-pyroute2-0.4.21-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-pysaml2-4.0.2-5.6.1.noarch", "SUSE OpenStack Cloud 8:python-tooz-1.58.1-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud 8:storm-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:storm-nimbus-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:storm-supervisor-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:venv-openstack-aodh-x86_64-5.1.1~dev7-12.26.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-barbican-x86_64-5.0.2~dev3-12.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-ceilometer-x86_64-9.0.8~dev7-12.24.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-cinder-x86_64-11.2.3~dev23-14.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-designate-x86_64-5.0.3~dev7-12.25.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-freezer-x86_64-5.0.0.0~xrc2~dev2-10.22.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-glance-x86_64-15.0.3~dev3-12.25.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-heat-x86_64-9.0.8~dev22-12.27.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-horizon-x86_64-12.0.5~dev3-14.30.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-ironic-x86_64-9.1.8~dev8-12.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-keystone-x86_64-12.0.4~dev11-11.28.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-magnum-x86_64-5.0.2_5.0.2_5.0.2~dev31-11.26.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-manila-x86_64-5.1.1~dev5-12.31.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-monasca-ceilometer-x86_64-1.5.1_1.5.1_1.5.1~dev3-8.22.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-monasca-x86_64-2.2.2~dev1-11.22.3.noarch", "SUSE OpenStack Cloud 8:venv-openstack-murano-x86_64-4.0.2~dev2-12.22.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-neutron-x86_64-11.0.9~dev65-13.30.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-nova-x86_64-16.1.9~dev61-11.28.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-octavia-x86_64-1.0.6~dev3-12.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-sahara-x86_64-7.0.5~dev4-11.26.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-swift-x86_64-2.15.2_2.15.2_2.15.2~dev32-11.18.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-trove-x86_64-8.0.2~dev2-11.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:ansible-2.4.6.0-3.9.1.noarch", "SUSE OpenStack Cloud Crowbar 8:caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1.noarch", "SUSE OpenStack Cloud Crowbar 8:crowbar-core-5.0+git.1593156248.55bbdb26d-3.41.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:crowbar-core-branding-upstream-5.0+git.1593156248.55bbdb26d-3.41.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:crowbar-openstack-5.0+git.1593085772.64c4ab43c-4.40.2.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-deployment-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-supplement-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-upstream-admin-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-upstream-user-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:grafana-4.6.5-4.9.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kibana-4.6.3-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:openstack-dashboard-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-keystone-doc-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-monasca-installer-20190923_16.32-3.12.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-dhcp-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-doc-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-ha-tool-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-l3-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-macvtap-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-metadata-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-metering-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-server-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-octavia-amphora-image-x86_64-0.1.4-3.12.2.noarch", "SUSE OpenStack Cloud Crowbar 8:python-Django-1.11.23-3.15.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-Flask-0.12.1-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-Pillow-4.2.1-3.5.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:python-amqp-2.4.2-3.12.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-apicapi-1.6.0-3.6.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-horizon-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:python-keystoneauth1-3.1.2~dev2-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:python-oslo.messaging-5.30.8-3.11.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-psutil-5.2.2-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:python-pyroute2-0.4.21-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-pysaml2-4.0.2-5.6.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-tooz-1.58.1-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-crowbar-client-3.9.2-3.12.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-puma-2.16.0-3.9.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:storm-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:storm-nimbus-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:storm-supervisor-1.1.3-3.3.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2020-07-14T12:42:01Z", details: "important", }, ], title: "CVE-2019-1010083", }, { cve: "CVE-2019-15043", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-15043", }, ], notes: [ { category: "general", text: "In Grafana 2.x through 6.x before 6.3.4, parts of the HTTP API allow unauthenticated use. This makes it possible to run a denial of service attack against the server running Grafana.", title: "CVE description", }, ], product_status: { recommended: [ "HPE Helion OpenStack 8:ansible-2.4.6.0-3.9.1.noarch", "HPE Helion OpenStack 8:ansible1-1.9.6-7.3.1.noarch", "HPE Helion OpenStack 8:ardana-ansible-8.0+git.1589740980.6c3bcdc-3.73.1.noarch", "HPE Helion OpenStack 8:ardana-cluster-8.0+git.1585685203.3e71e49-3.36.1.noarch", "HPE Helion OpenStack 8:ardana-freezer-8.0+git.1586539529.b7d295f-3.21.1.noarch", "HPE Helion OpenStack 8:ardana-input-model-8.0+git.1589740934.0e0ad61-3.39.1.noarch", "HPE Helion OpenStack 8:ardana-logging-8.0+git.1591194866.b7375d0-3.24.1.noarch", "HPE Helion OpenStack 8:ardana-mq-8.0+git.1589715269.62ad6df-3.22.1.noarch", "HPE Helion OpenStack 8:ardana-neutron-8.0+git.1590756744.ba84abc-3.42.1.noarch", "HPE Helion OpenStack 8:ardana-octavia-8.0+git.1590100427.cf4cc8f-3.29.1.noarch", "HPE Helion OpenStack 8:ardana-osconfig-8.0+git.1587034587.eac37b8-3.45.1.noarch", "HPE Helion OpenStack 8:caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-installation-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-operations-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-opsconsole-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-planning-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-security-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-user-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:grafana-4.6.5-4.9.1.x86_64", "HPE Helion OpenStack 8:kibana-4.6.3-3.3.1.x86_64", "HPE Helion OpenStack 8:openstack-dashboard-12.0.5~dev3-3.26.1.noarch", "HPE Helion OpenStack 8:openstack-dashboard-theme-HPE-8+git.1523473653.6599ec8-3.3.1.noarch", "HPE Helion OpenStack 8:openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1.noarch", "HPE Helion OpenStack 8:openstack-keystone-12.0.4~dev11-5.33.2.noarch", "HPE Helion OpenStack 8:openstack-keystone-doc-12.0.4~dev11-5.33.2.noarch", "HPE Helion OpenStack 8:openstack-monasca-agent-2.2.6~dev4-3.18.1.noarch", "HPE Helion OpenStack 8:openstack-monasca-installer-20190923_16.32-3.12.1.noarch", "HPE Helion OpenStack 8:openstack-neutron-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-dhcp-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-doc-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-ha-tool-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-l3-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-macvtap-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-metadata-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-metering-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-server-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-octavia-amphora-image-x86_64-0.1.4-3.12.2.noarch", "HPE Helion OpenStack 8:python-Django-1.11.23-3.15.1.noarch", "HPE Helion OpenStack 8:python-Flask-0.12.1-3.3.1.noarch", "HPE Helion OpenStack 8:python-GitPython-2.1.8-3.3.1.noarch", "HPE Helion OpenStack 8:python-Pillow-4.2.1-3.5.1.x86_64", "HPE Helion OpenStack 8:python-amqp-2.4.2-3.12.1.noarch", "HPE Helion OpenStack 8:python-apicapi-1.6.0-3.6.1.noarch", "HPE Helion OpenStack 8:python-horizon-12.0.5~dev3-3.26.1.noarch", "HPE Helion OpenStack 8:python-keystone-12.0.4~dev11-5.33.2.noarch", "HPE Helion OpenStack 8:python-keystoneauth1-3.1.2~dev2-3.3.1.noarch", "HPE Helion OpenStack 8:python-monasca-agent-2.2.6~dev4-3.18.1.noarch", "HPE Helion OpenStack 8:python-neutron-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:python-oslo.messaging-5.30.8-3.11.1.noarch", "HPE Helion OpenStack 8:python-psutil-5.2.2-3.3.1.x86_64", "HPE Helion OpenStack 8:python-pyroute2-0.4.21-3.3.1.noarch", "HPE Helion OpenStack 8:python-pysaml2-4.0.2-5.6.1.noarch", "HPE Helion OpenStack 8:python-tooz-1.58.1-3.3.1.noarch", "HPE Helion OpenStack 8:python-waitress-1.4.3-3.3.1.noarch", "HPE Helion OpenStack 8:storm-1.1.3-3.3.1.x86_64", "HPE Helion OpenStack 8:storm-nimbus-1.1.3-3.3.1.x86_64", "HPE Helion OpenStack 8:storm-supervisor-1.1.3-3.3.1.x86_64", "HPE Helion OpenStack 8:venv-openstack-aodh-x86_64-5.1.1~dev7-12.26.2.noarch", "HPE Helion OpenStack 8:venv-openstack-barbican-x86_64-5.0.2~dev3-12.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-ceilometer-x86_64-9.0.8~dev7-12.24.2.noarch", "HPE Helion OpenStack 8:venv-openstack-cinder-x86_64-11.2.3~dev23-14.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-designate-x86_64-5.0.3~dev7-12.25.2.noarch", "HPE Helion OpenStack 8:venv-openstack-freezer-x86_64-5.0.0.0~xrc2~dev2-10.22.1.noarch", "HPE Helion OpenStack 8:venv-openstack-glance-x86_64-15.0.3~dev3-12.25.1.noarch", "HPE Helion OpenStack 8:venv-openstack-heat-x86_64-9.0.8~dev22-12.27.1.noarch", "HPE Helion OpenStack 8:venv-openstack-horizon-hpe-x86_64-12.0.5~dev3-14.30.1.noarch", "HPE Helion OpenStack 8:venv-openstack-ironic-x86_64-9.1.8~dev8-12.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-keystone-x86_64-12.0.4~dev11-11.28.2.noarch", "HPE Helion OpenStack 8:venv-openstack-magnum-x86_64-5.0.2_5.0.2_5.0.2~dev31-11.26.2.noarch", "HPE Helion OpenStack 8:venv-openstack-manila-x86_64-5.1.1~dev5-12.31.2.noarch", "HPE Helion OpenStack 8:venv-openstack-monasca-ceilometer-x86_64-1.5.1_1.5.1_1.5.1~dev3-8.22.2.noarch", "HPE Helion OpenStack 8:venv-openstack-monasca-x86_64-2.2.2~dev1-11.22.3.noarch", "HPE Helion OpenStack 8:venv-openstack-murano-x86_64-4.0.2~dev2-12.22.1.noarch", "HPE Helion OpenStack 8:venv-openstack-neutron-x86_64-11.0.9~dev65-13.30.2.noarch", "HPE Helion OpenStack 8:venv-openstack-nova-x86_64-16.1.9~dev61-11.28.2.noarch", "HPE Helion OpenStack 8:venv-openstack-octavia-x86_64-1.0.6~dev3-12.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-sahara-x86_64-7.0.5~dev4-11.26.2.noarch", "HPE Helion OpenStack 8:venv-openstack-swift-x86_64-2.15.2_2.15.2_2.15.2~dev32-11.18.1.noarch", "HPE Helion OpenStack 8:venv-openstack-trove-x86_64-8.0.2~dev2-11.26.1.noarch", "SUSE OpenStack Cloud 8:ansible-2.4.6.0-3.9.1.noarch", "SUSE OpenStack Cloud 8:ansible1-1.9.6-7.3.1.noarch", "SUSE OpenStack Cloud 8:ardana-ansible-8.0+git.1589740980.6c3bcdc-3.73.1.noarch", "SUSE OpenStack Cloud 8:ardana-cluster-8.0+git.1585685203.3e71e49-3.36.1.noarch", "SUSE OpenStack Cloud 8:ardana-freezer-8.0+git.1586539529.b7d295f-3.21.1.noarch", "SUSE OpenStack Cloud 8:ardana-input-model-8.0+git.1589740934.0e0ad61-3.39.1.noarch", "SUSE OpenStack Cloud 8:ardana-logging-8.0+git.1591194866.b7375d0-3.24.1.noarch", "SUSE OpenStack Cloud 8:ardana-mq-8.0+git.1589715269.62ad6df-3.22.1.noarch", "SUSE OpenStack Cloud 8:ardana-neutron-8.0+git.1590756744.ba84abc-3.42.1.noarch", "SUSE OpenStack Cloud 8:ardana-octavia-8.0+git.1590100427.cf4cc8f-3.29.1.noarch", "SUSE OpenStack Cloud 8:ardana-osconfig-8.0+git.1587034587.eac37b8-3.45.1.noarch", "SUSE OpenStack Cloud 8:caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-installation-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-operations-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-opsconsole-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-planning-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-security-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-supplement-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-upstream-admin-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-upstream-user-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-user-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:grafana-4.6.5-4.9.1.x86_64", "SUSE OpenStack Cloud 8:kibana-4.6.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:openstack-dashboard-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud 8:openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1.noarch", "SUSE OpenStack Cloud 8:openstack-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-keystone-doc-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud 8:openstack-monasca-installer-20190923_16.32-3.12.1.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-dhcp-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-doc-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-ha-tool-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-l3-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-macvtap-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-metadata-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-metering-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-server-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-octavia-amphora-image-x86_64-0.1.4-3.12.2.noarch", "SUSE OpenStack Cloud 8:python-Django-1.11.23-3.15.1.noarch", "SUSE OpenStack Cloud 8:python-Flask-0.12.1-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-GitPython-2.1.8-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-Pillow-4.2.1-3.5.1.x86_64", "SUSE OpenStack Cloud 8:python-amqp-2.4.2-3.12.1.noarch", "SUSE OpenStack Cloud 8:python-apicapi-1.6.0-3.6.1.noarch", "SUSE OpenStack Cloud 8:python-horizon-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud 8:python-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud 8:python-keystoneauth1-3.1.2~dev2-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud 8:python-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:python-oslo.messaging-5.30.8-3.11.1.noarch", "SUSE OpenStack Cloud 8:python-psutil-5.2.2-3.3.1.x86_64", "SUSE OpenStack Cloud 8:python-pyroute2-0.4.21-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-pysaml2-4.0.2-5.6.1.noarch", "SUSE OpenStack Cloud 8:python-tooz-1.58.1-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud 8:storm-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:storm-nimbus-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:storm-supervisor-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:venv-openstack-aodh-x86_64-5.1.1~dev7-12.26.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-barbican-x86_64-5.0.2~dev3-12.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-ceilometer-x86_64-9.0.8~dev7-12.24.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-cinder-x86_64-11.2.3~dev23-14.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-designate-x86_64-5.0.3~dev7-12.25.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-freezer-x86_64-5.0.0.0~xrc2~dev2-10.22.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-glance-x86_64-15.0.3~dev3-12.25.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-heat-x86_64-9.0.8~dev22-12.27.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-horizon-x86_64-12.0.5~dev3-14.30.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-ironic-x86_64-9.1.8~dev8-12.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-keystone-x86_64-12.0.4~dev11-11.28.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-magnum-x86_64-5.0.2_5.0.2_5.0.2~dev31-11.26.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-manila-x86_64-5.1.1~dev5-12.31.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-monasca-ceilometer-x86_64-1.5.1_1.5.1_1.5.1~dev3-8.22.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-monasca-x86_64-2.2.2~dev1-11.22.3.noarch", "SUSE OpenStack Cloud 8:venv-openstack-murano-x86_64-4.0.2~dev2-12.22.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-neutron-x86_64-11.0.9~dev65-13.30.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-nova-x86_64-16.1.9~dev61-11.28.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-octavia-x86_64-1.0.6~dev3-12.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-sahara-x86_64-7.0.5~dev4-11.26.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-swift-x86_64-2.15.2_2.15.2_2.15.2~dev32-11.18.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-trove-x86_64-8.0.2~dev2-11.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:ansible-2.4.6.0-3.9.1.noarch", "SUSE OpenStack Cloud Crowbar 8:caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1.noarch", "SUSE OpenStack Cloud Crowbar 8:crowbar-core-5.0+git.1593156248.55bbdb26d-3.41.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:crowbar-core-branding-upstream-5.0+git.1593156248.55bbdb26d-3.41.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:crowbar-openstack-5.0+git.1593085772.64c4ab43c-4.40.2.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-deployment-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-supplement-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-upstream-admin-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-upstream-user-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:grafana-4.6.5-4.9.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kibana-4.6.3-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:openstack-dashboard-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-keystone-doc-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-monasca-installer-20190923_16.32-3.12.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-dhcp-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-doc-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-ha-tool-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-l3-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-macvtap-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-metadata-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-metering-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-server-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-octavia-amphora-image-x86_64-0.1.4-3.12.2.noarch", "SUSE OpenStack Cloud Crowbar 8:python-Django-1.11.23-3.15.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-Flask-0.12.1-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-Pillow-4.2.1-3.5.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:python-amqp-2.4.2-3.12.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-apicapi-1.6.0-3.6.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-horizon-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:python-keystoneauth1-3.1.2~dev2-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:python-oslo.messaging-5.30.8-3.11.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-psutil-5.2.2-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:python-pyroute2-0.4.21-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-pysaml2-4.0.2-5.6.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-tooz-1.58.1-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-crowbar-client-3.9.2-3.12.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-puma-2.16.0-3.9.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:storm-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:storm-nimbus-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:storm-supervisor-1.1.3-3.3.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-15043", url: "https://www.suse.com/security/cve/CVE-2019-15043", }, { category: "external", summary: "SUSE Bug 1148383 for CVE-2019-15043", url: "https://bugzilla.suse.com/1148383", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "HPE Helion OpenStack 8:ansible-2.4.6.0-3.9.1.noarch", "HPE Helion OpenStack 8:ansible1-1.9.6-7.3.1.noarch", "HPE Helion OpenStack 8:ardana-ansible-8.0+git.1589740980.6c3bcdc-3.73.1.noarch", "HPE Helion OpenStack 8:ardana-cluster-8.0+git.1585685203.3e71e49-3.36.1.noarch", "HPE Helion OpenStack 8:ardana-freezer-8.0+git.1586539529.b7d295f-3.21.1.noarch", "HPE Helion OpenStack 8:ardana-input-model-8.0+git.1589740934.0e0ad61-3.39.1.noarch", "HPE Helion OpenStack 8:ardana-logging-8.0+git.1591194866.b7375d0-3.24.1.noarch", "HPE Helion OpenStack 8:ardana-mq-8.0+git.1589715269.62ad6df-3.22.1.noarch", "HPE Helion OpenStack 8:ardana-neutron-8.0+git.1590756744.ba84abc-3.42.1.noarch", "HPE Helion OpenStack 8:ardana-octavia-8.0+git.1590100427.cf4cc8f-3.29.1.noarch", "HPE Helion OpenStack 8:ardana-osconfig-8.0+git.1587034587.eac37b8-3.45.1.noarch", "HPE Helion OpenStack 8:caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-installation-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-operations-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-opsconsole-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-planning-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-security-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-user-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:grafana-4.6.5-4.9.1.x86_64", "HPE Helion OpenStack 8:kibana-4.6.3-3.3.1.x86_64", "HPE Helion OpenStack 8:openstack-dashboard-12.0.5~dev3-3.26.1.noarch", "HPE Helion OpenStack 8:openstack-dashboard-theme-HPE-8+git.1523473653.6599ec8-3.3.1.noarch", "HPE Helion OpenStack 8:openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1.noarch", "HPE Helion OpenStack 8:openstack-keystone-12.0.4~dev11-5.33.2.noarch", "HPE Helion OpenStack 8:openstack-keystone-doc-12.0.4~dev11-5.33.2.noarch", "HPE Helion OpenStack 8:openstack-monasca-agent-2.2.6~dev4-3.18.1.noarch", "HPE Helion OpenStack 8:openstack-monasca-installer-20190923_16.32-3.12.1.noarch", "HPE Helion OpenStack 8:openstack-neutron-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-dhcp-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-doc-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-ha-tool-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-l3-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-macvtap-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-metadata-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-metering-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-server-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-octavia-amphora-image-x86_64-0.1.4-3.12.2.noarch", "HPE Helion OpenStack 8:python-Django-1.11.23-3.15.1.noarch", "HPE Helion OpenStack 8:python-Flask-0.12.1-3.3.1.noarch", "HPE Helion OpenStack 8:python-GitPython-2.1.8-3.3.1.noarch", "HPE Helion OpenStack 8:python-Pillow-4.2.1-3.5.1.x86_64", "HPE Helion OpenStack 8:python-amqp-2.4.2-3.12.1.noarch", "HPE Helion OpenStack 8:python-apicapi-1.6.0-3.6.1.noarch", "HPE Helion OpenStack 8:python-horizon-12.0.5~dev3-3.26.1.noarch", "HPE Helion OpenStack 8:python-keystone-12.0.4~dev11-5.33.2.noarch", "HPE Helion OpenStack 8:python-keystoneauth1-3.1.2~dev2-3.3.1.noarch", "HPE Helion OpenStack 8:python-monasca-agent-2.2.6~dev4-3.18.1.noarch", "HPE Helion OpenStack 8:python-neutron-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:python-oslo.messaging-5.30.8-3.11.1.noarch", "HPE Helion OpenStack 8:python-psutil-5.2.2-3.3.1.x86_64", "HPE Helion OpenStack 8:python-pyroute2-0.4.21-3.3.1.noarch", "HPE Helion OpenStack 8:python-pysaml2-4.0.2-5.6.1.noarch", "HPE Helion OpenStack 8:python-tooz-1.58.1-3.3.1.noarch", "HPE Helion OpenStack 8:python-waitress-1.4.3-3.3.1.noarch", "HPE Helion OpenStack 8:storm-1.1.3-3.3.1.x86_64", "HPE Helion OpenStack 8:storm-nimbus-1.1.3-3.3.1.x86_64", "HPE Helion OpenStack 8:storm-supervisor-1.1.3-3.3.1.x86_64", "HPE Helion OpenStack 8:venv-openstack-aodh-x86_64-5.1.1~dev7-12.26.2.noarch", "HPE Helion OpenStack 8:venv-openstack-barbican-x86_64-5.0.2~dev3-12.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-ceilometer-x86_64-9.0.8~dev7-12.24.2.noarch", "HPE Helion OpenStack 8:venv-openstack-cinder-x86_64-11.2.3~dev23-14.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-designate-x86_64-5.0.3~dev7-12.25.2.noarch", "HPE Helion OpenStack 8:venv-openstack-freezer-x86_64-5.0.0.0~xrc2~dev2-10.22.1.noarch", "HPE Helion OpenStack 8:venv-openstack-glance-x86_64-15.0.3~dev3-12.25.1.noarch", "HPE Helion OpenStack 8:venv-openstack-heat-x86_64-9.0.8~dev22-12.27.1.noarch", "HPE Helion OpenStack 8:venv-openstack-horizon-hpe-x86_64-12.0.5~dev3-14.30.1.noarch", "HPE Helion OpenStack 8:venv-openstack-ironic-x86_64-9.1.8~dev8-12.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-keystone-x86_64-12.0.4~dev11-11.28.2.noarch", "HPE Helion OpenStack 8:venv-openstack-magnum-x86_64-5.0.2_5.0.2_5.0.2~dev31-11.26.2.noarch", "HPE Helion OpenStack 8:venv-openstack-manila-x86_64-5.1.1~dev5-12.31.2.noarch", "HPE Helion OpenStack 8:venv-openstack-monasca-ceilometer-x86_64-1.5.1_1.5.1_1.5.1~dev3-8.22.2.noarch", "HPE Helion OpenStack 8:venv-openstack-monasca-x86_64-2.2.2~dev1-11.22.3.noarch", "HPE Helion OpenStack 8:venv-openstack-murano-x86_64-4.0.2~dev2-12.22.1.noarch", "HPE Helion OpenStack 8:venv-openstack-neutron-x86_64-11.0.9~dev65-13.30.2.noarch", "HPE Helion OpenStack 8:venv-openstack-nova-x86_64-16.1.9~dev61-11.28.2.noarch", "HPE Helion OpenStack 8:venv-openstack-octavia-x86_64-1.0.6~dev3-12.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-sahara-x86_64-7.0.5~dev4-11.26.2.noarch", "HPE Helion OpenStack 8:venv-openstack-swift-x86_64-2.15.2_2.15.2_2.15.2~dev32-11.18.1.noarch", "HPE Helion OpenStack 8:venv-openstack-trove-x86_64-8.0.2~dev2-11.26.1.noarch", "SUSE OpenStack Cloud 8:ansible-2.4.6.0-3.9.1.noarch", "SUSE OpenStack Cloud 8:ansible1-1.9.6-7.3.1.noarch", "SUSE OpenStack Cloud 8:ardana-ansible-8.0+git.1589740980.6c3bcdc-3.73.1.noarch", "SUSE OpenStack Cloud 8:ardana-cluster-8.0+git.1585685203.3e71e49-3.36.1.noarch", "SUSE OpenStack Cloud 8:ardana-freezer-8.0+git.1586539529.b7d295f-3.21.1.noarch", "SUSE OpenStack Cloud 8:ardana-input-model-8.0+git.1589740934.0e0ad61-3.39.1.noarch", "SUSE OpenStack Cloud 8:ardana-logging-8.0+git.1591194866.b7375d0-3.24.1.noarch", "SUSE OpenStack Cloud 8:ardana-mq-8.0+git.1589715269.62ad6df-3.22.1.noarch", "SUSE OpenStack Cloud 8:ardana-neutron-8.0+git.1590756744.ba84abc-3.42.1.noarch", "SUSE OpenStack Cloud 8:ardana-octavia-8.0+git.1590100427.cf4cc8f-3.29.1.noarch", "SUSE OpenStack Cloud 8:ardana-osconfig-8.0+git.1587034587.eac37b8-3.45.1.noarch", "SUSE OpenStack Cloud 8:caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-installation-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-operations-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-opsconsole-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-planning-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-security-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-supplement-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-upstream-admin-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-upstream-user-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-user-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:grafana-4.6.5-4.9.1.x86_64", "SUSE OpenStack Cloud 8:kibana-4.6.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:openstack-dashboard-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud 8:openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1.noarch", "SUSE OpenStack Cloud 8:openstack-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-keystone-doc-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud 8:openstack-monasca-installer-20190923_16.32-3.12.1.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-dhcp-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-doc-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-ha-tool-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-l3-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-macvtap-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-metadata-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-metering-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-server-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-octavia-amphora-image-x86_64-0.1.4-3.12.2.noarch", "SUSE OpenStack Cloud 8:python-Django-1.11.23-3.15.1.noarch", "SUSE OpenStack Cloud 8:python-Flask-0.12.1-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-GitPython-2.1.8-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-Pillow-4.2.1-3.5.1.x86_64", "SUSE OpenStack Cloud 8:python-amqp-2.4.2-3.12.1.noarch", "SUSE OpenStack Cloud 8:python-apicapi-1.6.0-3.6.1.noarch", "SUSE OpenStack Cloud 8:python-horizon-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud 8:python-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud 8:python-keystoneauth1-3.1.2~dev2-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud 8:python-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:python-oslo.messaging-5.30.8-3.11.1.noarch", "SUSE OpenStack Cloud 8:python-psutil-5.2.2-3.3.1.x86_64", "SUSE OpenStack Cloud 8:python-pyroute2-0.4.21-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-pysaml2-4.0.2-5.6.1.noarch", "SUSE OpenStack Cloud 8:python-tooz-1.58.1-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud 8:storm-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:storm-nimbus-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:storm-supervisor-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:venv-openstack-aodh-x86_64-5.1.1~dev7-12.26.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-barbican-x86_64-5.0.2~dev3-12.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-ceilometer-x86_64-9.0.8~dev7-12.24.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-cinder-x86_64-11.2.3~dev23-14.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-designate-x86_64-5.0.3~dev7-12.25.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-freezer-x86_64-5.0.0.0~xrc2~dev2-10.22.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-glance-x86_64-15.0.3~dev3-12.25.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-heat-x86_64-9.0.8~dev22-12.27.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-horizon-x86_64-12.0.5~dev3-14.30.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-ironic-x86_64-9.1.8~dev8-12.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-keystone-x86_64-12.0.4~dev11-11.28.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-magnum-x86_64-5.0.2_5.0.2_5.0.2~dev31-11.26.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-manila-x86_64-5.1.1~dev5-12.31.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-monasca-ceilometer-x86_64-1.5.1_1.5.1_1.5.1~dev3-8.22.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-monasca-x86_64-2.2.2~dev1-11.22.3.noarch", "SUSE OpenStack Cloud 8:venv-openstack-murano-x86_64-4.0.2~dev2-12.22.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-neutron-x86_64-11.0.9~dev65-13.30.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-nova-x86_64-16.1.9~dev61-11.28.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-octavia-x86_64-1.0.6~dev3-12.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-sahara-x86_64-7.0.5~dev4-11.26.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-swift-x86_64-2.15.2_2.15.2_2.15.2~dev32-11.18.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-trove-x86_64-8.0.2~dev2-11.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:ansible-2.4.6.0-3.9.1.noarch", "SUSE OpenStack Cloud Crowbar 8:caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1.noarch", "SUSE OpenStack Cloud Crowbar 8:crowbar-core-5.0+git.1593156248.55bbdb26d-3.41.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:crowbar-core-branding-upstream-5.0+git.1593156248.55bbdb26d-3.41.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:crowbar-openstack-5.0+git.1593085772.64c4ab43c-4.40.2.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-deployment-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-supplement-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-upstream-admin-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-upstream-user-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:grafana-4.6.5-4.9.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kibana-4.6.3-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:openstack-dashboard-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-keystone-doc-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-monasca-installer-20190923_16.32-3.12.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-dhcp-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-doc-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-ha-tool-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-l3-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-macvtap-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-metadata-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-metering-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-server-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-octavia-amphora-image-x86_64-0.1.4-3.12.2.noarch", "SUSE OpenStack Cloud Crowbar 8:python-Django-1.11.23-3.15.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-Flask-0.12.1-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-Pillow-4.2.1-3.5.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:python-amqp-2.4.2-3.12.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-apicapi-1.6.0-3.6.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-horizon-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:python-keystoneauth1-3.1.2~dev2-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:python-oslo.messaging-5.30.8-3.11.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-psutil-5.2.2-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:python-pyroute2-0.4.21-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-pysaml2-4.0.2-5.6.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-tooz-1.58.1-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-crowbar-client-3.9.2-3.12.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-puma-2.16.0-3.9.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:storm-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:storm-nimbus-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:storm-supervisor-1.1.3-3.3.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.1, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H", version: "3.1", }, products: [ "HPE Helion OpenStack 8:ansible-2.4.6.0-3.9.1.noarch", "HPE Helion OpenStack 8:ansible1-1.9.6-7.3.1.noarch", "HPE Helion OpenStack 8:ardana-ansible-8.0+git.1589740980.6c3bcdc-3.73.1.noarch", "HPE Helion OpenStack 8:ardana-cluster-8.0+git.1585685203.3e71e49-3.36.1.noarch", "HPE Helion OpenStack 8:ardana-freezer-8.0+git.1586539529.b7d295f-3.21.1.noarch", "HPE Helion OpenStack 8:ardana-input-model-8.0+git.1589740934.0e0ad61-3.39.1.noarch", "HPE Helion OpenStack 8:ardana-logging-8.0+git.1591194866.b7375d0-3.24.1.noarch", "HPE Helion OpenStack 8:ardana-mq-8.0+git.1589715269.62ad6df-3.22.1.noarch", "HPE Helion OpenStack 8:ardana-neutron-8.0+git.1590756744.ba84abc-3.42.1.noarch", "HPE Helion OpenStack 8:ardana-octavia-8.0+git.1590100427.cf4cc8f-3.29.1.noarch", "HPE Helion OpenStack 8:ardana-osconfig-8.0+git.1587034587.eac37b8-3.45.1.noarch", "HPE Helion OpenStack 8:caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-installation-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-operations-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-opsconsole-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-planning-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-security-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-user-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:grafana-4.6.5-4.9.1.x86_64", "HPE Helion OpenStack 8:kibana-4.6.3-3.3.1.x86_64", "HPE Helion OpenStack 8:openstack-dashboard-12.0.5~dev3-3.26.1.noarch", "HPE Helion OpenStack 8:openstack-dashboard-theme-HPE-8+git.1523473653.6599ec8-3.3.1.noarch", "HPE Helion OpenStack 8:openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1.noarch", "HPE Helion OpenStack 8:openstack-keystone-12.0.4~dev11-5.33.2.noarch", "HPE Helion OpenStack 8:openstack-keystone-doc-12.0.4~dev11-5.33.2.noarch", "HPE Helion OpenStack 8:openstack-monasca-agent-2.2.6~dev4-3.18.1.noarch", "HPE Helion OpenStack 8:openstack-monasca-installer-20190923_16.32-3.12.1.noarch", "HPE Helion OpenStack 8:openstack-neutron-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-dhcp-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-doc-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-ha-tool-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-l3-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-macvtap-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-metadata-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-metering-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-server-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-octavia-amphora-image-x86_64-0.1.4-3.12.2.noarch", "HPE Helion OpenStack 8:python-Django-1.11.23-3.15.1.noarch", "HPE Helion OpenStack 8:python-Flask-0.12.1-3.3.1.noarch", "HPE Helion OpenStack 8:python-GitPython-2.1.8-3.3.1.noarch", "HPE Helion OpenStack 8:python-Pillow-4.2.1-3.5.1.x86_64", "HPE Helion OpenStack 8:python-amqp-2.4.2-3.12.1.noarch", "HPE Helion OpenStack 8:python-apicapi-1.6.0-3.6.1.noarch", "HPE Helion OpenStack 8:python-horizon-12.0.5~dev3-3.26.1.noarch", "HPE Helion OpenStack 8:python-keystone-12.0.4~dev11-5.33.2.noarch", "HPE Helion OpenStack 8:python-keystoneauth1-3.1.2~dev2-3.3.1.noarch", "HPE Helion OpenStack 8:python-monasca-agent-2.2.6~dev4-3.18.1.noarch", "HPE Helion OpenStack 8:python-neutron-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:python-oslo.messaging-5.30.8-3.11.1.noarch", "HPE Helion OpenStack 8:python-psutil-5.2.2-3.3.1.x86_64", "HPE Helion OpenStack 8:python-pyroute2-0.4.21-3.3.1.noarch", "HPE Helion OpenStack 8:python-pysaml2-4.0.2-5.6.1.noarch", "HPE Helion OpenStack 8:python-tooz-1.58.1-3.3.1.noarch", "HPE Helion OpenStack 8:python-waitress-1.4.3-3.3.1.noarch", "HPE Helion OpenStack 8:storm-1.1.3-3.3.1.x86_64", "HPE Helion OpenStack 8:storm-nimbus-1.1.3-3.3.1.x86_64", "HPE Helion OpenStack 8:storm-supervisor-1.1.3-3.3.1.x86_64", "HPE Helion OpenStack 8:venv-openstack-aodh-x86_64-5.1.1~dev7-12.26.2.noarch", "HPE Helion OpenStack 8:venv-openstack-barbican-x86_64-5.0.2~dev3-12.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-ceilometer-x86_64-9.0.8~dev7-12.24.2.noarch", "HPE Helion OpenStack 8:venv-openstack-cinder-x86_64-11.2.3~dev23-14.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-designate-x86_64-5.0.3~dev7-12.25.2.noarch", "HPE Helion OpenStack 8:venv-openstack-freezer-x86_64-5.0.0.0~xrc2~dev2-10.22.1.noarch", "HPE Helion OpenStack 8:venv-openstack-glance-x86_64-15.0.3~dev3-12.25.1.noarch", "HPE Helion OpenStack 8:venv-openstack-heat-x86_64-9.0.8~dev22-12.27.1.noarch", "HPE Helion OpenStack 8:venv-openstack-horizon-hpe-x86_64-12.0.5~dev3-14.30.1.noarch", "HPE Helion OpenStack 8:venv-openstack-ironic-x86_64-9.1.8~dev8-12.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-keystone-x86_64-12.0.4~dev11-11.28.2.noarch", "HPE Helion OpenStack 8:venv-openstack-magnum-x86_64-5.0.2_5.0.2_5.0.2~dev31-11.26.2.noarch", "HPE Helion OpenStack 8:venv-openstack-manila-x86_64-5.1.1~dev5-12.31.2.noarch", "HPE Helion OpenStack 8:venv-openstack-monasca-ceilometer-x86_64-1.5.1_1.5.1_1.5.1~dev3-8.22.2.noarch", "HPE Helion OpenStack 8:venv-openstack-monasca-x86_64-2.2.2~dev1-11.22.3.noarch", "HPE Helion OpenStack 8:venv-openstack-murano-x86_64-4.0.2~dev2-12.22.1.noarch", "HPE Helion OpenStack 8:venv-openstack-neutron-x86_64-11.0.9~dev65-13.30.2.noarch", "HPE Helion OpenStack 8:venv-openstack-nova-x86_64-16.1.9~dev61-11.28.2.noarch", "HPE Helion OpenStack 8:venv-openstack-octavia-x86_64-1.0.6~dev3-12.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-sahara-x86_64-7.0.5~dev4-11.26.2.noarch", "HPE Helion OpenStack 8:venv-openstack-swift-x86_64-2.15.2_2.15.2_2.15.2~dev32-11.18.1.noarch", "HPE Helion OpenStack 8:venv-openstack-trove-x86_64-8.0.2~dev2-11.26.1.noarch", "SUSE OpenStack Cloud 8:ansible-2.4.6.0-3.9.1.noarch", "SUSE OpenStack Cloud 8:ansible1-1.9.6-7.3.1.noarch", "SUSE OpenStack Cloud 8:ardana-ansible-8.0+git.1589740980.6c3bcdc-3.73.1.noarch", "SUSE OpenStack Cloud 8:ardana-cluster-8.0+git.1585685203.3e71e49-3.36.1.noarch", "SUSE OpenStack Cloud 8:ardana-freezer-8.0+git.1586539529.b7d295f-3.21.1.noarch", "SUSE OpenStack Cloud 8:ardana-input-model-8.0+git.1589740934.0e0ad61-3.39.1.noarch", "SUSE OpenStack Cloud 8:ardana-logging-8.0+git.1591194866.b7375d0-3.24.1.noarch", "SUSE OpenStack Cloud 8:ardana-mq-8.0+git.1589715269.62ad6df-3.22.1.noarch", "SUSE OpenStack Cloud 8:ardana-neutron-8.0+git.1590756744.ba84abc-3.42.1.noarch", "SUSE OpenStack Cloud 8:ardana-octavia-8.0+git.1590100427.cf4cc8f-3.29.1.noarch", "SUSE OpenStack Cloud 8:ardana-osconfig-8.0+git.1587034587.eac37b8-3.45.1.noarch", "SUSE OpenStack Cloud 8:caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-installation-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-operations-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-opsconsole-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-planning-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-security-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-supplement-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-upstream-admin-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-upstream-user-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-user-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:grafana-4.6.5-4.9.1.x86_64", "SUSE OpenStack Cloud 8:kibana-4.6.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:openstack-dashboard-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud 8:openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1.noarch", "SUSE OpenStack Cloud 8:openstack-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-keystone-doc-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud 8:openstack-monasca-installer-20190923_16.32-3.12.1.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-dhcp-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-doc-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-ha-tool-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-l3-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-macvtap-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-metadata-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-metering-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-server-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-octavia-amphora-image-x86_64-0.1.4-3.12.2.noarch", "SUSE OpenStack Cloud 8:python-Django-1.11.23-3.15.1.noarch", "SUSE OpenStack Cloud 8:python-Flask-0.12.1-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-GitPython-2.1.8-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-Pillow-4.2.1-3.5.1.x86_64", "SUSE OpenStack Cloud 8:python-amqp-2.4.2-3.12.1.noarch", "SUSE OpenStack Cloud 8:python-apicapi-1.6.0-3.6.1.noarch", "SUSE OpenStack Cloud 8:python-horizon-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud 8:python-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud 8:python-keystoneauth1-3.1.2~dev2-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud 8:python-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:python-oslo.messaging-5.30.8-3.11.1.noarch", "SUSE OpenStack Cloud 8:python-psutil-5.2.2-3.3.1.x86_64", "SUSE OpenStack Cloud 8:python-pyroute2-0.4.21-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-pysaml2-4.0.2-5.6.1.noarch", "SUSE OpenStack Cloud 8:python-tooz-1.58.1-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud 8:storm-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:storm-nimbus-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:storm-supervisor-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:venv-openstack-aodh-x86_64-5.1.1~dev7-12.26.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-barbican-x86_64-5.0.2~dev3-12.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-ceilometer-x86_64-9.0.8~dev7-12.24.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-cinder-x86_64-11.2.3~dev23-14.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-designate-x86_64-5.0.3~dev7-12.25.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-freezer-x86_64-5.0.0.0~xrc2~dev2-10.22.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-glance-x86_64-15.0.3~dev3-12.25.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-heat-x86_64-9.0.8~dev22-12.27.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-horizon-x86_64-12.0.5~dev3-14.30.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-ironic-x86_64-9.1.8~dev8-12.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-keystone-x86_64-12.0.4~dev11-11.28.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-magnum-x86_64-5.0.2_5.0.2_5.0.2~dev31-11.26.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-manila-x86_64-5.1.1~dev5-12.31.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-monasca-ceilometer-x86_64-1.5.1_1.5.1_1.5.1~dev3-8.22.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-monasca-x86_64-2.2.2~dev1-11.22.3.noarch", "SUSE OpenStack Cloud 8:venv-openstack-murano-x86_64-4.0.2~dev2-12.22.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-neutron-x86_64-11.0.9~dev65-13.30.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-nova-x86_64-16.1.9~dev61-11.28.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-octavia-x86_64-1.0.6~dev3-12.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-sahara-x86_64-7.0.5~dev4-11.26.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-swift-x86_64-2.15.2_2.15.2_2.15.2~dev32-11.18.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-trove-x86_64-8.0.2~dev2-11.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:ansible-2.4.6.0-3.9.1.noarch", "SUSE OpenStack Cloud Crowbar 8:caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1.noarch", "SUSE OpenStack Cloud Crowbar 8:crowbar-core-5.0+git.1593156248.55bbdb26d-3.41.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:crowbar-core-branding-upstream-5.0+git.1593156248.55bbdb26d-3.41.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:crowbar-openstack-5.0+git.1593085772.64c4ab43c-4.40.2.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-deployment-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-supplement-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-upstream-admin-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-upstream-user-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:grafana-4.6.5-4.9.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kibana-4.6.3-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:openstack-dashboard-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-keystone-doc-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-monasca-installer-20190923_16.32-3.12.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-dhcp-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-doc-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-ha-tool-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-l3-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-macvtap-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-metadata-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-metering-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-server-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-octavia-amphora-image-x86_64-0.1.4-3.12.2.noarch", "SUSE OpenStack Cloud Crowbar 8:python-Django-1.11.23-3.15.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-Flask-0.12.1-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-Pillow-4.2.1-3.5.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:python-amqp-2.4.2-3.12.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-apicapi-1.6.0-3.6.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-horizon-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:python-keystoneauth1-3.1.2~dev2-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:python-oslo.messaging-5.30.8-3.11.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-psutil-5.2.2-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:python-pyroute2-0.4.21-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-pysaml2-4.0.2-5.6.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-tooz-1.58.1-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-crowbar-client-3.9.2-3.12.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-puma-2.16.0-3.9.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:storm-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:storm-nimbus-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:storm-supervisor-1.1.3-3.3.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2020-07-14T12:42:01Z", details: "important", }, ], title: "CVE-2019-15043", }, { cve: "CVE-2019-16785", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-16785", }, ], notes: [ { category: "general", text: "Waitress through version 1.3.1 implemented a \"MAY\" part of the RFC7230 which states: \"Although the line terminator for the start-line and header fields is the sequence CRLF, a recipient MAY recognize a single LF as a line terminator and ignore any preceding CR.\" Unfortunately if a front-end server does not parse header fields with an LF the same way as it does those with a CRLF it can lead to the front-end and the back-end server parsing the same HTTP message in two different ways. This can lead to a potential for HTTP request smuggling/splitting whereby Waitress may see two requests while the front-end server only sees a single HTTP message. This issue is fixed in Waitress 1.4.0.", title: "CVE description", }, ], product_status: { recommended: [ "HPE Helion OpenStack 8:ansible-2.4.6.0-3.9.1.noarch", "HPE Helion OpenStack 8:ansible1-1.9.6-7.3.1.noarch", "HPE Helion OpenStack 8:ardana-ansible-8.0+git.1589740980.6c3bcdc-3.73.1.noarch", "HPE Helion OpenStack 8:ardana-cluster-8.0+git.1585685203.3e71e49-3.36.1.noarch", "HPE Helion OpenStack 8:ardana-freezer-8.0+git.1586539529.b7d295f-3.21.1.noarch", "HPE Helion OpenStack 8:ardana-input-model-8.0+git.1589740934.0e0ad61-3.39.1.noarch", "HPE Helion OpenStack 8:ardana-logging-8.0+git.1591194866.b7375d0-3.24.1.noarch", "HPE Helion OpenStack 8:ardana-mq-8.0+git.1589715269.62ad6df-3.22.1.noarch", "HPE Helion OpenStack 8:ardana-neutron-8.0+git.1590756744.ba84abc-3.42.1.noarch", "HPE Helion OpenStack 8:ardana-octavia-8.0+git.1590100427.cf4cc8f-3.29.1.noarch", "HPE Helion OpenStack 8:ardana-osconfig-8.0+git.1587034587.eac37b8-3.45.1.noarch", "HPE Helion OpenStack 8:caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-installation-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-operations-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-opsconsole-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-planning-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-security-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-user-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:grafana-4.6.5-4.9.1.x86_64", "HPE Helion OpenStack 8:kibana-4.6.3-3.3.1.x86_64", "HPE Helion OpenStack 8:openstack-dashboard-12.0.5~dev3-3.26.1.noarch", "HPE Helion OpenStack 8:openstack-dashboard-theme-HPE-8+git.1523473653.6599ec8-3.3.1.noarch", "HPE Helion OpenStack 8:openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1.noarch", "HPE Helion OpenStack 8:openstack-keystone-12.0.4~dev11-5.33.2.noarch", "HPE Helion OpenStack 8:openstack-keystone-doc-12.0.4~dev11-5.33.2.noarch", "HPE Helion OpenStack 8:openstack-monasca-agent-2.2.6~dev4-3.18.1.noarch", "HPE Helion OpenStack 8:openstack-monasca-installer-20190923_16.32-3.12.1.noarch", "HPE Helion OpenStack 8:openstack-neutron-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-dhcp-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-doc-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-ha-tool-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-l3-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-macvtap-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-metadata-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-metering-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-server-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-octavia-amphora-image-x86_64-0.1.4-3.12.2.noarch", "HPE Helion OpenStack 8:python-Django-1.11.23-3.15.1.noarch", "HPE Helion OpenStack 8:python-Flask-0.12.1-3.3.1.noarch", "HPE Helion OpenStack 8:python-GitPython-2.1.8-3.3.1.noarch", "HPE Helion OpenStack 8:python-Pillow-4.2.1-3.5.1.x86_64", "HPE Helion OpenStack 8:python-amqp-2.4.2-3.12.1.noarch", "HPE Helion OpenStack 8:python-apicapi-1.6.0-3.6.1.noarch", "HPE Helion OpenStack 8:python-horizon-12.0.5~dev3-3.26.1.noarch", "HPE Helion OpenStack 8:python-keystone-12.0.4~dev11-5.33.2.noarch", "HPE Helion OpenStack 8:python-keystoneauth1-3.1.2~dev2-3.3.1.noarch", "HPE Helion OpenStack 8:python-monasca-agent-2.2.6~dev4-3.18.1.noarch", "HPE Helion OpenStack 8:python-neutron-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:python-oslo.messaging-5.30.8-3.11.1.noarch", "HPE Helion OpenStack 8:python-psutil-5.2.2-3.3.1.x86_64", "HPE Helion OpenStack 8:python-pyroute2-0.4.21-3.3.1.noarch", "HPE Helion OpenStack 8:python-pysaml2-4.0.2-5.6.1.noarch", "HPE Helion OpenStack 8:python-tooz-1.58.1-3.3.1.noarch", "HPE Helion OpenStack 8:python-waitress-1.4.3-3.3.1.noarch", "HPE Helion OpenStack 8:storm-1.1.3-3.3.1.x86_64", "HPE Helion OpenStack 8:storm-nimbus-1.1.3-3.3.1.x86_64", "HPE Helion OpenStack 8:storm-supervisor-1.1.3-3.3.1.x86_64", "HPE Helion OpenStack 8:venv-openstack-aodh-x86_64-5.1.1~dev7-12.26.2.noarch", "HPE Helion OpenStack 8:venv-openstack-barbican-x86_64-5.0.2~dev3-12.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-ceilometer-x86_64-9.0.8~dev7-12.24.2.noarch", "HPE Helion OpenStack 8:venv-openstack-cinder-x86_64-11.2.3~dev23-14.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-designate-x86_64-5.0.3~dev7-12.25.2.noarch", "HPE Helion OpenStack 8:venv-openstack-freezer-x86_64-5.0.0.0~xrc2~dev2-10.22.1.noarch", "HPE Helion OpenStack 8:venv-openstack-glance-x86_64-15.0.3~dev3-12.25.1.noarch", "HPE Helion OpenStack 8:venv-openstack-heat-x86_64-9.0.8~dev22-12.27.1.noarch", "HPE Helion OpenStack 8:venv-openstack-horizon-hpe-x86_64-12.0.5~dev3-14.30.1.noarch", "HPE Helion OpenStack 8:venv-openstack-ironic-x86_64-9.1.8~dev8-12.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-keystone-x86_64-12.0.4~dev11-11.28.2.noarch", "HPE Helion OpenStack 8:venv-openstack-magnum-x86_64-5.0.2_5.0.2_5.0.2~dev31-11.26.2.noarch", "HPE Helion OpenStack 8:venv-openstack-manila-x86_64-5.1.1~dev5-12.31.2.noarch", "HPE Helion OpenStack 8:venv-openstack-monasca-ceilometer-x86_64-1.5.1_1.5.1_1.5.1~dev3-8.22.2.noarch", "HPE Helion OpenStack 8:venv-openstack-monasca-x86_64-2.2.2~dev1-11.22.3.noarch", "HPE Helion OpenStack 8:venv-openstack-murano-x86_64-4.0.2~dev2-12.22.1.noarch", "HPE Helion OpenStack 8:venv-openstack-neutron-x86_64-11.0.9~dev65-13.30.2.noarch", "HPE Helion OpenStack 8:venv-openstack-nova-x86_64-16.1.9~dev61-11.28.2.noarch", "HPE Helion OpenStack 8:venv-openstack-octavia-x86_64-1.0.6~dev3-12.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-sahara-x86_64-7.0.5~dev4-11.26.2.noarch", "HPE Helion OpenStack 8:venv-openstack-swift-x86_64-2.15.2_2.15.2_2.15.2~dev32-11.18.1.noarch", "HPE Helion OpenStack 8:venv-openstack-trove-x86_64-8.0.2~dev2-11.26.1.noarch", "SUSE OpenStack Cloud 8:ansible-2.4.6.0-3.9.1.noarch", "SUSE OpenStack Cloud 8:ansible1-1.9.6-7.3.1.noarch", "SUSE OpenStack Cloud 8:ardana-ansible-8.0+git.1589740980.6c3bcdc-3.73.1.noarch", "SUSE OpenStack Cloud 8:ardana-cluster-8.0+git.1585685203.3e71e49-3.36.1.noarch", "SUSE OpenStack Cloud 8:ardana-freezer-8.0+git.1586539529.b7d295f-3.21.1.noarch", "SUSE OpenStack Cloud 8:ardana-input-model-8.0+git.1589740934.0e0ad61-3.39.1.noarch", "SUSE OpenStack Cloud 8:ardana-logging-8.0+git.1591194866.b7375d0-3.24.1.noarch", "SUSE OpenStack Cloud 8:ardana-mq-8.0+git.1589715269.62ad6df-3.22.1.noarch", "SUSE OpenStack Cloud 8:ardana-neutron-8.0+git.1590756744.ba84abc-3.42.1.noarch", "SUSE OpenStack Cloud 8:ardana-octavia-8.0+git.1590100427.cf4cc8f-3.29.1.noarch", "SUSE OpenStack Cloud 8:ardana-osconfig-8.0+git.1587034587.eac37b8-3.45.1.noarch", "SUSE OpenStack Cloud 8:caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-installation-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-operations-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-opsconsole-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-planning-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-security-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-supplement-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-upstream-admin-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-upstream-user-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-user-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:grafana-4.6.5-4.9.1.x86_64", "SUSE OpenStack Cloud 8:kibana-4.6.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:openstack-dashboard-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud 8:openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1.noarch", "SUSE OpenStack Cloud 8:openstack-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-keystone-doc-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud 8:openstack-monasca-installer-20190923_16.32-3.12.1.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-dhcp-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-doc-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-ha-tool-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-l3-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-macvtap-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-metadata-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-metering-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-server-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-octavia-amphora-image-x86_64-0.1.4-3.12.2.noarch", "SUSE OpenStack Cloud 8:python-Django-1.11.23-3.15.1.noarch", "SUSE OpenStack Cloud 8:python-Flask-0.12.1-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-GitPython-2.1.8-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-Pillow-4.2.1-3.5.1.x86_64", "SUSE OpenStack Cloud 8:python-amqp-2.4.2-3.12.1.noarch", "SUSE OpenStack Cloud 8:python-apicapi-1.6.0-3.6.1.noarch", "SUSE OpenStack Cloud 8:python-horizon-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud 8:python-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud 8:python-keystoneauth1-3.1.2~dev2-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud 8:python-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:python-oslo.messaging-5.30.8-3.11.1.noarch", "SUSE OpenStack Cloud 8:python-psutil-5.2.2-3.3.1.x86_64", "SUSE OpenStack Cloud 8:python-pyroute2-0.4.21-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-pysaml2-4.0.2-5.6.1.noarch", "SUSE OpenStack Cloud 8:python-tooz-1.58.1-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud 8:storm-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:storm-nimbus-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:storm-supervisor-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:venv-openstack-aodh-x86_64-5.1.1~dev7-12.26.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-barbican-x86_64-5.0.2~dev3-12.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-ceilometer-x86_64-9.0.8~dev7-12.24.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-cinder-x86_64-11.2.3~dev23-14.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-designate-x86_64-5.0.3~dev7-12.25.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-freezer-x86_64-5.0.0.0~xrc2~dev2-10.22.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-glance-x86_64-15.0.3~dev3-12.25.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-heat-x86_64-9.0.8~dev22-12.27.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-horizon-x86_64-12.0.5~dev3-14.30.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-ironic-x86_64-9.1.8~dev8-12.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-keystone-x86_64-12.0.4~dev11-11.28.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-magnum-x86_64-5.0.2_5.0.2_5.0.2~dev31-11.26.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-manila-x86_64-5.1.1~dev5-12.31.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-monasca-ceilometer-x86_64-1.5.1_1.5.1_1.5.1~dev3-8.22.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-monasca-x86_64-2.2.2~dev1-11.22.3.noarch", "SUSE OpenStack Cloud 8:venv-openstack-murano-x86_64-4.0.2~dev2-12.22.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-neutron-x86_64-11.0.9~dev65-13.30.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-nova-x86_64-16.1.9~dev61-11.28.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-octavia-x86_64-1.0.6~dev3-12.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-sahara-x86_64-7.0.5~dev4-11.26.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-swift-x86_64-2.15.2_2.15.2_2.15.2~dev32-11.18.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-trove-x86_64-8.0.2~dev2-11.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:ansible-2.4.6.0-3.9.1.noarch", "SUSE OpenStack Cloud Crowbar 8:caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1.noarch", "SUSE OpenStack Cloud Crowbar 8:crowbar-core-5.0+git.1593156248.55bbdb26d-3.41.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:crowbar-core-branding-upstream-5.0+git.1593156248.55bbdb26d-3.41.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:crowbar-openstack-5.0+git.1593085772.64c4ab43c-4.40.2.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-deployment-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-supplement-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-upstream-admin-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-upstream-user-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:grafana-4.6.5-4.9.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kibana-4.6.3-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:openstack-dashboard-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-keystone-doc-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-monasca-installer-20190923_16.32-3.12.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-dhcp-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-doc-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-ha-tool-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-l3-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-macvtap-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-metadata-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-metering-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-server-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-octavia-amphora-image-x86_64-0.1.4-3.12.2.noarch", "SUSE OpenStack Cloud Crowbar 8:python-Django-1.11.23-3.15.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-Flask-0.12.1-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-Pillow-4.2.1-3.5.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:python-amqp-2.4.2-3.12.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-apicapi-1.6.0-3.6.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-horizon-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:python-keystoneauth1-3.1.2~dev2-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:python-oslo.messaging-5.30.8-3.11.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-psutil-5.2.2-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:python-pyroute2-0.4.21-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-pysaml2-4.0.2-5.6.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-tooz-1.58.1-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-crowbar-client-3.9.2-3.12.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-puma-2.16.0-3.9.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:storm-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:storm-nimbus-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:storm-supervisor-1.1.3-3.3.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-16785", url: "https://www.suse.com/security/cve/CVE-2019-16785", }, { category: "external", summary: "SUSE Bug 1161088 for CVE-2019-16785", url: "https://bugzilla.suse.com/1161088", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "HPE Helion OpenStack 8:ansible-2.4.6.0-3.9.1.noarch", "HPE Helion OpenStack 8:ansible1-1.9.6-7.3.1.noarch", "HPE Helion OpenStack 8:ardana-ansible-8.0+git.1589740980.6c3bcdc-3.73.1.noarch", "HPE Helion OpenStack 8:ardana-cluster-8.0+git.1585685203.3e71e49-3.36.1.noarch", "HPE Helion OpenStack 8:ardana-freezer-8.0+git.1586539529.b7d295f-3.21.1.noarch", "HPE Helion OpenStack 8:ardana-input-model-8.0+git.1589740934.0e0ad61-3.39.1.noarch", "HPE Helion OpenStack 8:ardana-logging-8.0+git.1591194866.b7375d0-3.24.1.noarch", "HPE Helion OpenStack 8:ardana-mq-8.0+git.1589715269.62ad6df-3.22.1.noarch", "HPE Helion OpenStack 8:ardana-neutron-8.0+git.1590756744.ba84abc-3.42.1.noarch", "HPE Helion OpenStack 8:ardana-octavia-8.0+git.1590100427.cf4cc8f-3.29.1.noarch", "HPE Helion OpenStack 8:ardana-osconfig-8.0+git.1587034587.eac37b8-3.45.1.noarch", "HPE Helion OpenStack 8:caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-installation-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-operations-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-opsconsole-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-planning-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-security-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-user-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:grafana-4.6.5-4.9.1.x86_64", "HPE Helion OpenStack 8:kibana-4.6.3-3.3.1.x86_64", "HPE Helion OpenStack 8:openstack-dashboard-12.0.5~dev3-3.26.1.noarch", "HPE Helion OpenStack 8:openstack-dashboard-theme-HPE-8+git.1523473653.6599ec8-3.3.1.noarch", "HPE Helion OpenStack 8:openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1.noarch", "HPE Helion OpenStack 8:openstack-keystone-12.0.4~dev11-5.33.2.noarch", "HPE Helion OpenStack 8:openstack-keystone-doc-12.0.4~dev11-5.33.2.noarch", "HPE Helion OpenStack 8:openstack-monasca-agent-2.2.6~dev4-3.18.1.noarch", "HPE Helion OpenStack 8:openstack-monasca-installer-20190923_16.32-3.12.1.noarch", "HPE Helion OpenStack 8:openstack-neutron-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-dhcp-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-doc-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-ha-tool-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-l3-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-macvtap-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-metadata-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-metering-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-server-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-octavia-amphora-image-x86_64-0.1.4-3.12.2.noarch", "HPE Helion OpenStack 8:python-Django-1.11.23-3.15.1.noarch", "HPE Helion OpenStack 8:python-Flask-0.12.1-3.3.1.noarch", "HPE Helion OpenStack 8:python-GitPython-2.1.8-3.3.1.noarch", "HPE Helion OpenStack 8:python-Pillow-4.2.1-3.5.1.x86_64", "HPE Helion OpenStack 8:python-amqp-2.4.2-3.12.1.noarch", "HPE Helion OpenStack 8:python-apicapi-1.6.0-3.6.1.noarch", "HPE Helion OpenStack 8:python-horizon-12.0.5~dev3-3.26.1.noarch", "HPE Helion OpenStack 8:python-keystone-12.0.4~dev11-5.33.2.noarch", "HPE Helion OpenStack 8:python-keystoneauth1-3.1.2~dev2-3.3.1.noarch", "HPE Helion OpenStack 8:python-monasca-agent-2.2.6~dev4-3.18.1.noarch", "HPE Helion OpenStack 8:python-neutron-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:python-oslo.messaging-5.30.8-3.11.1.noarch", "HPE Helion OpenStack 8:python-psutil-5.2.2-3.3.1.x86_64", "HPE Helion OpenStack 8:python-pyroute2-0.4.21-3.3.1.noarch", "HPE Helion OpenStack 8:python-pysaml2-4.0.2-5.6.1.noarch", "HPE Helion OpenStack 8:python-tooz-1.58.1-3.3.1.noarch", "HPE Helion OpenStack 8:python-waitress-1.4.3-3.3.1.noarch", "HPE Helion OpenStack 8:storm-1.1.3-3.3.1.x86_64", "HPE Helion OpenStack 8:storm-nimbus-1.1.3-3.3.1.x86_64", "HPE Helion OpenStack 8:storm-supervisor-1.1.3-3.3.1.x86_64", "HPE Helion OpenStack 8:venv-openstack-aodh-x86_64-5.1.1~dev7-12.26.2.noarch", "HPE Helion OpenStack 8:venv-openstack-barbican-x86_64-5.0.2~dev3-12.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-ceilometer-x86_64-9.0.8~dev7-12.24.2.noarch", "HPE Helion OpenStack 8:venv-openstack-cinder-x86_64-11.2.3~dev23-14.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-designate-x86_64-5.0.3~dev7-12.25.2.noarch", "HPE Helion OpenStack 8:venv-openstack-freezer-x86_64-5.0.0.0~xrc2~dev2-10.22.1.noarch", "HPE Helion OpenStack 8:venv-openstack-glance-x86_64-15.0.3~dev3-12.25.1.noarch", "HPE Helion OpenStack 8:venv-openstack-heat-x86_64-9.0.8~dev22-12.27.1.noarch", "HPE Helion OpenStack 8:venv-openstack-horizon-hpe-x86_64-12.0.5~dev3-14.30.1.noarch", "HPE Helion OpenStack 8:venv-openstack-ironic-x86_64-9.1.8~dev8-12.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-keystone-x86_64-12.0.4~dev11-11.28.2.noarch", "HPE Helion OpenStack 8:venv-openstack-magnum-x86_64-5.0.2_5.0.2_5.0.2~dev31-11.26.2.noarch", "HPE Helion OpenStack 8:venv-openstack-manila-x86_64-5.1.1~dev5-12.31.2.noarch", "HPE Helion OpenStack 8:venv-openstack-monasca-ceilometer-x86_64-1.5.1_1.5.1_1.5.1~dev3-8.22.2.noarch", "HPE Helion OpenStack 8:venv-openstack-monasca-x86_64-2.2.2~dev1-11.22.3.noarch", "HPE Helion OpenStack 8:venv-openstack-murano-x86_64-4.0.2~dev2-12.22.1.noarch", "HPE Helion OpenStack 8:venv-openstack-neutron-x86_64-11.0.9~dev65-13.30.2.noarch", "HPE Helion OpenStack 8:venv-openstack-nova-x86_64-16.1.9~dev61-11.28.2.noarch", "HPE Helion OpenStack 8:venv-openstack-octavia-x86_64-1.0.6~dev3-12.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-sahara-x86_64-7.0.5~dev4-11.26.2.noarch", "HPE Helion OpenStack 8:venv-openstack-swift-x86_64-2.15.2_2.15.2_2.15.2~dev32-11.18.1.noarch", "HPE Helion OpenStack 8:venv-openstack-trove-x86_64-8.0.2~dev2-11.26.1.noarch", "SUSE OpenStack Cloud 8:ansible-2.4.6.0-3.9.1.noarch", "SUSE OpenStack Cloud 8:ansible1-1.9.6-7.3.1.noarch", "SUSE OpenStack Cloud 8:ardana-ansible-8.0+git.1589740980.6c3bcdc-3.73.1.noarch", "SUSE OpenStack Cloud 8:ardana-cluster-8.0+git.1585685203.3e71e49-3.36.1.noarch", "SUSE OpenStack Cloud 8:ardana-freezer-8.0+git.1586539529.b7d295f-3.21.1.noarch", "SUSE OpenStack Cloud 8:ardana-input-model-8.0+git.1589740934.0e0ad61-3.39.1.noarch", "SUSE OpenStack Cloud 8:ardana-logging-8.0+git.1591194866.b7375d0-3.24.1.noarch", "SUSE OpenStack Cloud 8:ardana-mq-8.0+git.1589715269.62ad6df-3.22.1.noarch", "SUSE OpenStack Cloud 8:ardana-neutron-8.0+git.1590756744.ba84abc-3.42.1.noarch", "SUSE OpenStack Cloud 8:ardana-octavia-8.0+git.1590100427.cf4cc8f-3.29.1.noarch", "SUSE OpenStack Cloud 8:ardana-osconfig-8.0+git.1587034587.eac37b8-3.45.1.noarch", "SUSE OpenStack Cloud 8:caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-installation-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-operations-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-opsconsole-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-planning-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-security-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-supplement-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-upstream-admin-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-upstream-user-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-user-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:grafana-4.6.5-4.9.1.x86_64", "SUSE OpenStack Cloud 8:kibana-4.6.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:openstack-dashboard-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud 8:openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1.noarch", "SUSE OpenStack Cloud 8:openstack-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-keystone-doc-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud 8:openstack-monasca-installer-20190923_16.32-3.12.1.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-dhcp-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-doc-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-ha-tool-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-l3-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-macvtap-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-metadata-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-metering-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-server-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-octavia-amphora-image-x86_64-0.1.4-3.12.2.noarch", "SUSE OpenStack Cloud 8:python-Django-1.11.23-3.15.1.noarch", "SUSE OpenStack Cloud 8:python-Flask-0.12.1-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-GitPython-2.1.8-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-Pillow-4.2.1-3.5.1.x86_64", "SUSE OpenStack Cloud 8:python-amqp-2.4.2-3.12.1.noarch", "SUSE OpenStack Cloud 8:python-apicapi-1.6.0-3.6.1.noarch", "SUSE OpenStack Cloud 8:python-horizon-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud 8:python-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud 8:python-keystoneauth1-3.1.2~dev2-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud 8:python-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:python-oslo.messaging-5.30.8-3.11.1.noarch", "SUSE OpenStack Cloud 8:python-psutil-5.2.2-3.3.1.x86_64", "SUSE OpenStack Cloud 8:python-pyroute2-0.4.21-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-pysaml2-4.0.2-5.6.1.noarch", "SUSE OpenStack Cloud 8:python-tooz-1.58.1-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud 8:storm-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:storm-nimbus-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:storm-supervisor-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:venv-openstack-aodh-x86_64-5.1.1~dev7-12.26.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-barbican-x86_64-5.0.2~dev3-12.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-ceilometer-x86_64-9.0.8~dev7-12.24.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-cinder-x86_64-11.2.3~dev23-14.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-designate-x86_64-5.0.3~dev7-12.25.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-freezer-x86_64-5.0.0.0~xrc2~dev2-10.22.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-glance-x86_64-15.0.3~dev3-12.25.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-heat-x86_64-9.0.8~dev22-12.27.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-horizon-x86_64-12.0.5~dev3-14.30.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-ironic-x86_64-9.1.8~dev8-12.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-keystone-x86_64-12.0.4~dev11-11.28.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-magnum-x86_64-5.0.2_5.0.2_5.0.2~dev31-11.26.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-manila-x86_64-5.1.1~dev5-12.31.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-monasca-ceilometer-x86_64-1.5.1_1.5.1_1.5.1~dev3-8.22.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-monasca-x86_64-2.2.2~dev1-11.22.3.noarch", "SUSE OpenStack Cloud 8:venv-openstack-murano-x86_64-4.0.2~dev2-12.22.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-neutron-x86_64-11.0.9~dev65-13.30.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-nova-x86_64-16.1.9~dev61-11.28.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-octavia-x86_64-1.0.6~dev3-12.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-sahara-x86_64-7.0.5~dev4-11.26.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-swift-x86_64-2.15.2_2.15.2_2.15.2~dev32-11.18.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-trove-x86_64-8.0.2~dev2-11.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:ansible-2.4.6.0-3.9.1.noarch", "SUSE OpenStack Cloud Crowbar 8:caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1.noarch", "SUSE OpenStack Cloud Crowbar 8:crowbar-core-5.0+git.1593156248.55bbdb26d-3.41.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:crowbar-core-branding-upstream-5.0+git.1593156248.55bbdb26d-3.41.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:crowbar-openstack-5.0+git.1593085772.64c4ab43c-4.40.2.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-deployment-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-supplement-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-upstream-admin-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-upstream-user-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:grafana-4.6.5-4.9.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kibana-4.6.3-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:openstack-dashboard-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-keystone-doc-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-monasca-installer-20190923_16.32-3.12.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-dhcp-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-doc-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-ha-tool-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-l3-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-macvtap-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-metadata-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-metering-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-server-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-octavia-amphora-image-x86_64-0.1.4-3.12.2.noarch", "SUSE OpenStack Cloud Crowbar 8:python-Django-1.11.23-3.15.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-Flask-0.12.1-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-Pillow-4.2.1-3.5.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:python-amqp-2.4.2-3.12.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-apicapi-1.6.0-3.6.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-horizon-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:python-keystoneauth1-3.1.2~dev2-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:python-oslo.messaging-5.30.8-3.11.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-psutil-5.2.2-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:python-pyroute2-0.4.21-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-pysaml2-4.0.2-5.6.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-tooz-1.58.1-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-crowbar-client-3.9.2-3.12.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-puma-2.16.0-3.9.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:storm-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:storm-nimbus-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:storm-supervisor-1.1.3-3.3.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", version: "3.1", }, products: [ "HPE Helion OpenStack 8:ansible-2.4.6.0-3.9.1.noarch", "HPE Helion OpenStack 8:ansible1-1.9.6-7.3.1.noarch", "HPE Helion OpenStack 8:ardana-ansible-8.0+git.1589740980.6c3bcdc-3.73.1.noarch", "HPE Helion OpenStack 8:ardana-cluster-8.0+git.1585685203.3e71e49-3.36.1.noarch", "HPE Helion OpenStack 8:ardana-freezer-8.0+git.1586539529.b7d295f-3.21.1.noarch", "HPE Helion OpenStack 8:ardana-input-model-8.0+git.1589740934.0e0ad61-3.39.1.noarch", "HPE Helion OpenStack 8:ardana-logging-8.0+git.1591194866.b7375d0-3.24.1.noarch", "HPE Helion OpenStack 8:ardana-mq-8.0+git.1589715269.62ad6df-3.22.1.noarch", "HPE Helion OpenStack 8:ardana-neutron-8.0+git.1590756744.ba84abc-3.42.1.noarch", "HPE Helion OpenStack 8:ardana-octavia-8.0+git.1590100427.cf4cc8f-3.29.1.noarch", "HPE Helion OpenStack 8:ardana-osconfig-8.0+git.1587034587.eac37b8-3.45.1.noarch", "HPE Helion OpenStack 8:caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-installation-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-operations-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-opsconsole-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-planning-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-security-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-user-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:grafana-4.6.5-4.9.1.x86_64", "HPE Helion OpenStack 8:kibana-4.6.3-3.3.1.x86_64", "HPE Helion OpenStack 8:openstack-dashboard-12.0.5~dev3-3.26.1.noarch", "HPE Helion OpenStack 8:openstack-dashboard-theme-HPE-8+git.1523473653.6599ec8-3.3.1.noarch", "HPE Helion OpenStack 8:openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1.noarch", "HPE Helion OpenStack 8:openstack-keystone-12.0.4~dev11-5.33.2.noarch", "HPE Helion OpenStack 8:openstack-keystone-doc-12.0.4~dev11-5.33.2.noarch", "HPE Helion OpenStack 8:openstack-monasca-agent-2.2.6~dev4-3.18.1.noarch", "HPE Helion OpenStack 8:openstack-monasca-installer-20190923_16.32-3.12.1.noarch", "HPE Helion OpenStack 8:openstack-neutron-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-dhcp-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-doc-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-ha-tool-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-l3-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-macvtap-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-metadata-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-metering-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-server-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-octavia-amphora-image-x86_64-0.1.4-3.12.2.noarch", "HPE Helion OpenStack 8:python-Django-1.11.23-3.15.1.noarch", "HPE Helion OpenStack 8:python-Flask-0.12.1-3.3.1.noarch", "HPE Helion OpenStack 8:python-GitPython-2.1.8-3.3.1.noarch", "HPE Helion OpenStack 8:python-Pillow-4.2.1-3.5.1.x86_64", "HPE Helion OpenStack 8:python-amqp-2.4.2-3.12.1.noarch", "HPE Helion OpenStack 8:python-apicapi-1.6.0-3.6.1.noarch", "HPE Helion OpenStack 8:python-horizon-12.0.5~dev3-3.26.1.noarch", "HPE Helion OpenStack 8:python-keystone-12.0.4~dev11-5.33.2.noarch", "HPE Helion OpenStack 8:python-keystoneauth1-3.1.2~dev2-3.3.1.noarch", "HPE Helion OpenStack 8:python-monasca-agent-2.2.6~dev4-3.18.1.noarch", "HPE Helion OpenStack 8:python-neutron-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:python-oslo.messaging-5.30.8-3.11.1.noarch", "HPE Helion OpenStack 8:python-psutil-5.2.2-3.3.1.x86_64", "HPE Helion OpenStack 8:python-pyroute2-0.4.21-3.3.1.noarch", "HPE Helion OpenStack 8:python-pysaml2-4.0.2-5.6.1.noarch", "HPE Helion OpenStack 8:python-tooz-1.58.1-3.3.1.noarch", "HPE Helion OpenStack 8:python-waitress-1.4.3-3.3.1.noarch", "HPE Helion OpenStack 8:storm-1.1.3-3.3.1.x86_64", "HPE Helion OpenStack 8:storm-nimbus-1.1.3-3.3.1.x86_64", "HPE Helion OpenStack 8:storm-supervisor-1.1.3-3.3.1.x86_64", "HPE Helion OpenStack 8:venv-openstack-aodh-x86_64-5.1.1~dev7-12.26.2.noarch", "HPE Helion OpenStack 8:venv-openstack-barbican-x86_64-5.0.2~dev3-12.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-ceilometer-x86_64-9.0.8~dev7-12.24.2.noarch", "HPE Helion OpenStack 8:venv-openstack-cinder-x86_64-11.2.3~dev23-14.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-designate-x86_64-5.0.3~dev7-12.25.2.noarch", "HPE Helion OpenStack 8:venv-openstack-freezer-x86_64-5.0.0.0~xrc2~dev2-10.22.1.noarch", "HPE Helion OpenStack 8:venv-openstack-glance-x86_64-15.0.3~dev3-12.25.1.noarch", "HPE Helion OpenStack 8:venv-openstack-heat-x86_64-9.0.8~dev22-12.27.1.noarch", "HPE Helion OpenStack 8:venv-openstack-horizon-hpe-x86_64-12.0.5~dev3-14.30.1.noarch", "HPE Helion OpenStack 8:venv-openstack-ironic-x86_64-9.1.8~dev8-12.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-keystone-x86_64-12.0.4~dev11-11.28.2.noarch", "HPE Helion OpenStack 8:venv-openstack-magnum-x86_64-5.0.2_5.0.2_5.0.2~dev31-11.26.2.noarch", "HPE Helion OpenStack 8:venv-openstack-manila-x86_64-5.1.1~dev5-12.31.2.noarch", "HPE Helion OpenStack 8:venv-openstack-monasca-ceilometer-x86_64-1.5.1_1.5.1_1.5.1~dev3-8.22.2.noarch", "HPE Helion OpenStack 8:venv-openstack-monasca-x86_64-2.2.2~dev1-11.22.3.noarch", "HPE Helion OpenStack 8:venv-openstack-murano-x86_64-4.0.2~dev2-12.22.1.noarch", "HPE Helion OpenStack 8:venv-openstack-neutron-x86_64-11.0.9~dev65-13.30.2.noarch", "HPE Helion OpenStack 8:venv-openstack-nova-x86_64-16.1.9~dev61-11.28.2.noarch", "HPE Helion OpenStack 8:venv-openstack-octavia-x86_64-1.0.6~dev3-12.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-sahara-x86_64-7.0.5~dev4-11.26.2.noarch", "HPE Helion OpenStack 8:venv-openstack-swift-x86_64-2.15.2_2.15.2_2.15.2~dev32-11.18.1.noarch", "HPE Helion OpenStack 8:venv-openstack-trove-x86_64-8.0.2~dev2-11.26.1.noarch", "SUSE OpenStack Cloud 8:ansible-2.4.6.0-3.9.1.noarch", "SUSE OpenStack Cloud 8:ansible1-1.9.6-7.3.1.noarch", "SUSE OpenStack Cloud 8:ardana-ansible-8.0+git.1589740980.6c3bcdc-3.73.1.noarch", "SUSE OpenStack Cloud 8:ardana-cluster-8.0+git.1585685203.3e71e49-3.36.1.noarch", "SUSE OpenStack Cloud 8:ardana-freezer-8.0+git.1586539529.b7d295f-3.21.1.noarch", "SUSE OpenStack Cloud 8:ardana-input-model-8.0+git.1589740934.0e0ad61-3.39.1.noarch", "SUSE OpenStack Cloud 8:ardana-logging-8.0+git.1591194866.b7375d0-3.24.1.noarch", "SUSE OpenStack Cloud 8:ardana-mq-8.0+git.1589715269.62ad6df-3.22.1.noarch", "SUSE OpenStack Cloud 8:ardana-neutron-8.0+git.1590756744.ba84abc-3.42.1.noarch", "SUSE OpenStack Cloud 8:ardana-octavia-8.0+git.1590100427.cf4cc8f-3.29.1.noarch", "SUSE OpenStack Cloud 8:ardana-osconfig-8.0+git.1587034587.eac37b8-3.45.1.noarch", "SUSE OpenStack Cloud 8:caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-installation-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-operations-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-opsconsole-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-planning-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-security-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-supplement-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-upstream-admin-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-upstream-user-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-user-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:grafana-4.6.5-4.9.1.x86_64", "SUSE OpenStack Cloud 8:kibana-4.6.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:openstack-dashboard-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud 8:openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1.noarch", "SUSE OpenStack Cloud 8:openstack-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-keystone-doc-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud 8:openstack-monasca-installer-20190923_16.32-3.12.1.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-dhcp-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-doc-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-ha-tool-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-l3-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-macvtap-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-metadata-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-metering-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-server-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-octavia-amphora-image-x86_64-0.1.4-3.12.2.noarch", "SUSE OpenStack Cloud 8:python-Django-1.11.23-3.15.1.noarch", "SUSE OpenStack Cloud 8:python-Flask-0.12.1-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-GitPython-2.1.8-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-Pillow-4.2.1-3.5.1.x86_64", "SUSE OpenStack Cloud 8:python-amqp-2.4.2-3.12.1.noarch", "SUSE OpenStack Cloud 8:python-apicapi-1.6.0-3.6.1.noarch", "SUSE OpenStack Cloud 8:python-horizon-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud 8:python-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud 8:python-keystoneauth1-3.1.2~dev2-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud 8:python-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:python-oslo.messaging-5.30.8-3.11.1.noarch", "SUSE OpenStack Cloud 8:python-psutil-5.2.2-3.3.1.x86_64", "SUSE OpenStack Cloud 8:python-pyroute2-0.4.21-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-pysaml2-4.0.2-5.6.1.noarch", "SUSE OpenStack Cloud 8:python-tooz-1.58.1-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud 8:storm-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:storm-nimbus-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:storm-supervisor-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:venv-openstack-aodh-x86_64-5.1.1~dev7-12.26.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-barbican-x86_64-5.0.2~dev3-12.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-ceilometer-x86_64-9.0.8~dev7-12.24.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-cinder-x86_64-11.2.3~dev23-14.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-designate-x86_64-5.0.3~dev7-12.25.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-freezer-x86_64-5.0.0.0~xrc2~dev2-10.22.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-glance-x86_64-15.0.3~dev3-12.25.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-heat-x86_64-9.0.8~dev22-12.27.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-horizon-x86_64-12.0.5~dev3-14.30.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-ironic-x86_64-9.1.8~dev8-12.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-keystone-x86_64-12.0.4~dev11-11.28.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-magnum-x86_64-5.0.2_5.0.2_5.0.2~dev31-11.26.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-manila-x86_64-5.1.1~dev5-12.31.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-monasca-ceilometer-x86_64-1.5.1_1.5.1_1.5.1~dev3-8.22.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-monasca-x86_64-2.2.2~dev1-11.22.3.noarch", "SUSE OpenStack Cloud 8:venv-openstack-murano-x86_64-4.0.2~dev2-12.22.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-neutron-x86_64-11.0.9~dev65-13.30.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-nova-x86_64-16.1.9~dev61-11.28.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-octavia-x86_64-1.0.6~dev3-12.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-sahara-x86_64-7.0.5~dev4-11.26.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-swift-x86_64-2.15.2_2.15.2_2.15.2~dev32-11.18.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-trove-x86_64-8.0.2~dev2-11.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:ansible-2.4.6.0-3.9.1.noarch", "SUSE OpenStack Cloud Crowbar 8:caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1.noarch", "SUSE OpenStack Cloud Crowbar 8:crowbar-core-5.0+git.1593156248.55bbdb26d-3.41.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:crowbar-core-branding-upstream-5.0+git.1593156248.55bbdb26d-3.41.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:crowbar-openstack-5.0+git.1593085772.64c4ab43c-4.40.2.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-deployment-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-supplement-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-upstream-admin-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-upstream-user-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:grafana-4.6.5-4.9.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kibana-4.6.3-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:openstack-dashboard-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-keystone-doc-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-monasca-installer-20190923_16.32-3.12.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-dhcp-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-doc-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-ha-tool-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-l3-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-macvtap-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-metadata-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-metering-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-server-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-octavia-amphora-image-x86_64-0.1.4-3.12.2.noarch", "SUSE OpenStack Cloud Crowbar 8:python-Django-1.11.23-3.15.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-Flask-0.12.1-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-Pillow-4.2.1-3.5.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:python-amqp-2.4.2-3.12.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-apicapi-1.6.0-3.6.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-horizon-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:python-keystoneauth1-3.1.2~dev2-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:python-oslo.messaging-5.30.8-3.11.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-psutil-5.2.2-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:python-pyroute2-0.4.21-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-pysaml2-4.0.2-5.6.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-tooz-1.58.1-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-crowbar-client-3.9.2-3.12.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-puma-2.16.0-3.9.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:storm-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:storm-nimbus-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:storm-supervisor-1.1.3-3.3.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2020-07-14T12:42:01Z", details: "important", }, ], title: "CVE-2019-16785", }, { cve: "CVE-2019-16786", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-16786", }, ], notes: [ { category: "general", text: "Waitress through version 1.3.1 would parse the Transfer-Encoding header and only look for a single string value, if that value was not chunked it would fall through and use the Content-Length header instead. According to the HTTP standard Transfer-Encoding should be a comma separated list, with the inner-most encoding first, followed by any further transfer codings, ending with chunked. Requests sent with: \"Transfer-Encoding: gzip, chunked\" would incorrectly get ignored, and the request would use a Content-Length header instead to determine the body size of the HTTP message. This could allow for Waitress to treat a single request as multiple requests in the case of HTTP pipelining. This issue is fixed in Waitress 1.4.0.", title: "CVE description", }, ], product_status: { recommended: [ "HPE Helion OpenStack 8:ansible-2.4.6.0-3.9.1.noarch", "HPE Helion OpenStack 8:ansible1-1.9.6-7.3.1.noarch", "HPE Helion OpenStack 8:ardana-ansible-8.0+git.1589740980.6c3bcdc-3.73.1.noarch", "HPE Helion OpenStack 8:ardana-cluster-8.0+git.1585685203.3e71e49-3.36.1.noarch", "HPE Helion OpenStack 8:ardana-freezer-8.0+git.1586539529.b7d295f-3.21.1.noarch", "HPE Helion OpenStack 8:ardana-input-model-8.0+git.1589740934.0e0ad61-3.39.1.noarch", "HPE Helion OpenStack 8:ardana-logging-8.0+git.1591194866.b7375d0-3.24.1.noarch", "HPE Helion OpenStack 8:ardana-mq-8.0+git.1589715269.62ad6df-3.22.1.noarch", "HPE Helion OpenStack 8:ardana-neutron-8.0+git.1590756744.ba84abc-3.42.1.noarch", "HPE Helion OpenStack 8:ardana-octavia-8.0+git.1590100427.cf4cc8f-3.29.1.noarch", "HPE Helion OpenStack 8:ardana-osconfig-8.0+git.1587034587.eac37b8-3.45.1.noarch", "HPE Helion OpenStack 8:caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-installation-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-operations-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-opsconsole-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-planning-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-security-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-user-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:grafana-4.6.5-4.9.1.x86_64", "HPE Helion OpenStack 8:kibana-4.6.3-3.3.1.x86_64", "HPE Helion OpenStack 8:openstack-dashboard-12.0.5~dev3-3.26.1.noarch", "HPE Helion OpenStack 8:openstack-dashboard-theme-HPE-8+git.1523473653.6599ec8-3.3.1.noarch", "HPE Helion OpenStack 8:openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1.noarch", "HPE Helion OpenStack 8:openstack-keystone-12.0.4~dev11-5.33.2.noarch", "HPE Helion OpenStack 8:openstack-keystone-doc-12.0.4~dev11-5.33.2.noarch", "HPE Helion OpenStack 8:openstack-monasca-agent-2.2.6~dev4-3.18.1.noarch", "HPE Helion OpenStack 8:openstack-monasca-installer-20190923_16.32-3.12.1.noarch", "HPE Helion OpenStack 8:openstack-neutron-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-dhcp-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-doc-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-ha-tool-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-l3-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-macvtap-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-metadata-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-metering-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-server-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-octavia-amphora-image-x86_64-0.1.4-3.12.2.noarch", "HPE Helion OpenStack 8:python-Django-1.11.23-3.15.1.noarch", "HPE Helion OpenStack 8:python-Flask-0.12.1-3.3.1.noarch", "HPE Helion OpenStack 8:python-GitPython-2.1.8-3.3.1.noarch", "HPE Helion OpenStack 8:python-Pillow-4.2.1-3.5.1.x86_64", "HPE Helion OpenStack 8:python-amqp-2.4.2-3.12.1.noarch", "HPE Helion OpenStack 8:python-apicapi-1.6.0-3.6.1.noarch", "HPE Helion OpenStack 8:python-horizon-12.0.5~dev3-3.26.1.noarch", "HPE Helion OpenStack 8:python-keystone-12.0.4~dev11-5.33.2.noarch", "HPE Helion OpenStack 8:python-keystoneauth1-3.1.2~dev2-3.3.1.noarch", "HPE Helion OpenStack 8:python-monasca-agent-2.2.6~dev4-3.18.1.noarch", "HPE Helion OpenStack 8:python-neutron-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:python-oslo.messaging-5.30.8-3.11.1.noarch", "HPE Helion OpenStack 8:python-psutil-5.2.2-3.3.1.x86_64", "HPE Helion OpenStack 8:python-pyroute2-0.4.21-3.3.1.noarch", "HPE Helion OpenStack 8:python-pysaml2-4.0.2-5.6.1.noarch", "HPE Helion OpenStack 8:python-tooz-1.58.1-3.3.1.noarch", "HPE Helion OpenStack 8:python-waitress-1.4.3-3.3.1.noarch", "HPE Helion OpenStack 8:storm-1.1.3-3.3.1.x86_64", "HPE Helion OpenStack 8:storm-nimbus-1.1.3-3.3.1.x86_64", "HPE Helion OpenStack 8:storm-supervisor-1.1.3-3.3.1.x86_64", "HPE Helion OpenStack 8:venv-openstack-aodh-x86_64-5.1.1~dev7-12.26.2.noarch", "HPE Helion OpenStack 8:venv-openstack-barbican-x86_64-5.0.2~dev3-12.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-ceilometer-x86_64-9.0.8~dev7-12.24.2.noarch", "HPE Helion OpenStack 8:venv-openstack-cinder-x86_64-11.2.3~dev23-14.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-designate-x86_64-5.0.3~dev7-12.25.2.noarch", "HPE Helion OpenStack 8:venv-openstack-freezer-x86_64-5.0.0.0~xrc2~dev2-10.22.1.noarch", "HPE Helion OpenStack 8:venv-openstack-glance-x86_64-15.0.3~dev3-12.25.1.noarch", "HPE Helion OpenStack 8:venv-openstack-heat-x86_64-9.0.8~dev22-12.27.1.noarch", "HPE Helion OpenStack 8:venv-openstack-horizon-hpe-x86_64-12.0.5~dev3-14.30.1.noarch", "HPE Helion OpenStack 8:venv-openstack-ironic-x86_64-9.1.8~dev8-12.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-keystone-x86_64-12.0.4~dev11-11.28.2.noarch", "HPE Helion OpenStack 8:venv-openstack-magnum-x86_64-5.0.2_5.0.2_5.0.2~dev31-11.26.2.noarch", "HPE Helion OpenStack 8:venv-openstack-manila-x86_64-5.1.1~dev5-12.31.2.noarch", "HPE Helion OpenStack 8:venv-openstack-monasca-ceilometer-x86_64-1.5.1_1.5.1_1.5.1~dev3-8.22.2.noarch", "HPE Helion OpenStack 8:venv-openstack-monasca-x86_64-2.2.2~dev1-11.22.3.noarch", "HPE Helion OpenStack 8:venv-openstack-murano-x86_64-4.0.2~dev2-12.22.1.noarch", "HPE Helion OpenStack 8:venv-openstack-neutron-x86_64-11.0.9~dev65-13.30.2.noarch", "HPE Helion OpenStack 8:venv-openstack-nova-x86_64-16.1.9~dev61-11.28.2.noarch", "HPE Helion OpenStack 8:venv-openstack-octavia-x86_64-1.0.6~dev3-12.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-sahara-x86_64-7.0.5~dev4-11.26.2.noarch", "HPE Helion OpenStack 8:venv-openstack-swift-x86_64-2.15.2_2.15.2_2.15.2~dev32-11.18.1.noarch", "HPE Helion OpenStack 8:venv-openstack-trove-x86_64-8.0.2~dev2-11.26.1.noarch", "SUSE OpenStack Cloud 8:ansible-2.4.6.0-3.9.1.noarch", "SUSE OpenStack Cloud 8:ansible1-1.9.6-7.3.1.noarch", "SUSE OpenStack Cloud 8:ardana-ansible-8.0+git.1589740980.6c3bcdc-3.73.1.noarch", "SUSE OpenStack Cloud 8:ardana-cluster-8.0+git.1585685203.3e71e49-3.36.1.noarch", "SUSE OpenStack Cloud 8:ardana-freezer-8.0+git.1586539529.b7d295f-3.21.1.noarch", "SUSE OpenStack Cloud 8:ardana-input-model-8.0+git.1589740934.0e0ad61-3.39.1.noarch", "SUSE OpenStack Cloud 8:ardana-logging-8.0+git.1591194866.b7375d0-3.24.1.noarch", "SUSE OpenStack Cloud 8:ardana-mq-8.0+git.1589715269.62ad6df-3.22.1.noarch", "SUSE OpenStack Cloud 8:ardana-neutron-8.0+git.1590756744.ba84abc-3.42.1.noarch", "SUSE OpenStack Cloud 8:ardana-octavia-8.0+git.1590100427.cf4cc8f-3.29.1.noarch", "SUSE OpenStack Cloud 8:ardana-osconfig-8.0+git.1587034587.eac37b8-3.45.1.noarch", "SUSE OpenStack Cloud 8:caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-installation-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-operations-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-opsconsole-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-planning-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-security-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-supplement-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-upstream-admin-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-upstream-user-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-user-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:grafana-4.6.5-4.9.1.x86_64", "SUSE OpenStack Cloud 8:kibana-4.6.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:openstack-dashboard-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud 8:openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1.noarch", "SUSE OpenStack Cloud 8:openstack-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-keystone-doc-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud 8:openstack-monasca-installer-20190923_16.32-3.12.1.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-dhcp-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-doc-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-ha-tool-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-l3-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-macvtap-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-metadata-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-metering-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-server-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-octavia-amphora-image-x86_64-0.1.4-3.12.2.noarch", "SUSE OpenStack Cloud 8:python-Django-1.11.23-3.15.1.noarch", "SUSE OpenStack Cloud 8:python-Flask-0.12.1-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-GitPython-2.1.8-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-Pillow-4.2.1-3.5.1.x86_64", "SUSE OpenStack Cloud 8:python-amqp-2.4.2-3.12.1.noarch", "SUSE OpenStack Cloud 8:python-apicapi-1.6.0-3.6.1.noarch", "SUSE OpenStack Cloud 8:python-horizon-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud 8:python-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud 8:python-keystoneauth1-3.1.2~dev2-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud 8:python-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:python-oslo.messaging-5.30.8-3.11.1.noarch", "SUSE OpenStack Cloud 8:python-psutil-5.2.2-3.3.1.x86_64", "SUSE OpenStack Cloud 8:python-pyroute2-0.4.21-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-pysaml2-4.0.2-5.6.1.noarch", "SUSE OpenStack Cloud 8:python-tooz-1.58.1-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud 8:storm-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:storm-nimbus-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:storm-supervisor-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:venv-openstack-aodh-x86_64-5.1.1~dev7-12.26.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-barbican-x86_64-5.0.2~dev3-12.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-ceilometer-x86_64-9.0.8~dev7-12.24.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-cinder-x86_64-11.2.3~dev23-14.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-designate-x86_64-5.0.3~dev7-12.25.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-freezer-x86_64-5.0.0.0~xrc2~dev2-10.22.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-glance-x86_64-15.0.3~dev3-12.25.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-heat-x86_64-9.0.8~dev22-12.27.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-horizon-x86_64-12.0.5~dev3-14.30.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-ironic-x86_64-9.1.8~dev8-12.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-keystone-x86_64-12.0.4~dev11-11.28.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-magnum-x86_64-5.0.2_5.0.2_5.0.2~dev31-11.26.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-manila-x86_64-5.1.1~dev5-12.31.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-monasca-ceilometer-x86_64-1.5.1_1.5.1_1.5.1~dev3-8.22.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-monasca-x86_64-2.2.2~dev1-11.22.3.noarch", "SUSE OpenStack Cloud 8:venv-openstack-murano-x86_64-4.0.2~dev2-12.22.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-neutron-x86_64-11.0.9~dev65-13.30.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-nova-x86_64-16.1.9~dev61-11.28.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-octavia-x86_64-1.0.6~dev3-12.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-sahara-x86_64-7.0.5~dev4-11.26.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-swift-x86_64-2.15.2_2.15.2_2.15.2~dev32-11.18.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-trove-x86_64-8.0.2~dev2-11.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:ansible-2.4.6.0-3.9.1.noarch", "SUSE OpenStack Cloud Crowbar 8:caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1.noarch", "SUSE OpenStack Cloud Crowbar 8:crowbar-core-5.0+git.1593156248.55bbdb26d-3.41.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:crowbar-core-branding-upstream-5.0+git.1593156248.55bbdb26d-3.41.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:crowbar-openstack-5.0+git.1593085772.64c4ab43c-4.40.2.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-deployment-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-supplement-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-upstream-admin-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-upstream-user-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:grafana-4.6.5-4.9.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kibana-4.6.3-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:openstack-dashboard-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-keystone-doc-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-monasca-installer-20190923_16.32-3.12.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-dhcp-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-doc-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-ha-tool-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-l3-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-macvtap-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-metadata-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-metering-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-server-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-octavia-amphora-image-x86_64-0.1.4-3.12.2.noarch", "SUSE OpenStack Cloud Crowbar 8:python-Django-1.11.23-3.15.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-Flask-0.12.1-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-Pillow-4.2.1-3.5.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:python-amqp-2.4.2-3.12.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-apicapi-1.6.0-3.6.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-horizon-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:python-keystoneauth1-3.1.2~dev2-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:python-oslo.messaging-5.30.8-3.11.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-psutil-5.2.2-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:python-pyroute2-0.4.21-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-pysaml2-4.0.2-5.6.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-tooz-1.58.1-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-crowbar-client-3.9.2-3.12.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-puma-2.16.0-3.9.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:storm-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:storm-nimbus-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:storm-supervisor-1.1.3-3.3.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-16786", url: "https://www.suse.com/security/cve/CVE-2019-16786", }, { category: "external", summary: "SUSE Bug 1161089 for CVE-2019-16786", url: "https://bugzilla.suse.com/1161089", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "HPE Helion OpenStack 8:ansible-2.4.6.0-3.9.1.noarch", "HPE Helion OpenStack 8:ansible1-1.9.6-7.3.1.noarch", "HPE Helion OpenStack 8:ardana-ansible-8.0+git.1589740980.6c3bcdc-3.73.1.noarch", "HPE Helion OpenStack 8:ardana-cluster-8.0+git.1585685203.3e71e49-3.36.1.noarch", "HPE Helion OpenStack 8:ardana-freezer-8.0+git.1586539529.b7d295f-3.21.1.noarch", "HPE Helion OpenStack 8:ardana-input-model-8.0+git.1589740934.0e0ad61-3.39.1.noarch", "HPE Helion OpenStack 8:ardana-logging-8.0+git.1591194866.b7375d0-3.24.1.noarch", "HPE Helion OpenStack 8:ardana-mq-8.0+git.1589715269.62ad6df-3.22.1.noarch", "HPE Helion OpenStack 8:ardana-neutron-8.0+git.1590756744.ba84abc-3.42.1.noarch", "HPE Helion OpenStack 8:ardana-octavia-8.0+git.1590100427.cf4cc8f-3.29.1.noarch", "HPE Helion OpenStack 8:ardana-osconfig-8.0+git.1587034587.eac37b8-3.45.1.noarch", "HPE Helion OpenStack 8:caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-installation-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-operations-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-opsconsole-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-planning-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-security-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-user-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:grafana-4.6.5-4.9.1.x86_64", "HPE Helion OpenStack 8:kibana-4.6.3-3.3.1.x86_64", "HPE Helion OpenStack 8:openstack-dashboard-12.0.5~dev3-3.26.1.noarch", "HPE Helion OpenStack 8:openstack-dashboard-theme-HPE-8+git.1523473653.6599ec8-3.3.1.noarch", "HPE Helion OpenStack 8:openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1.noarch", "HPE Helion OpenStack 8:openstack-keystone-12.0.4~dev11-5.33.2.noarch", "HPE Helion OpenStack 8:openstack-keystone-doc-12.0.4~dev11-5.33.2.noarch", "HPE Helion OpenStack 8:openstack-monasca-agent-2.2.6~dev4-3.18.1.noarch", "HPE Helion OpenStack 8:openstack-monasca-installer-20190923_16.32-3.12.1.noarch", "HPE Helion OpenStack 8:openstack-neutron-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-dhcp-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-doc-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-ha-tool-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-l3-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-macvtap-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-metadata-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-metering-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-server-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-octavia-amphora-image-x86_64-0.1.4-3.12.2.noarch", "HPE Helion OpenStack 8:python-Django-1.11.23-3.15.1.noarch", "HPE Helion OpenStack 8:python-Flask-0.12.1-3.3.1.noarch", "HPE Helion OpenStack 8:python-GitPython-2.1.8-3.3.1.noarch", "HPE Helion OpenStack 8:python-Pillow-4.2.1-3.5.1.x86_64", "HPE Helion OpenStack 8:python-amqp-2.4.2-3.12.1.noarch", "HPE Helion OpenStack 8:python-apicapi-1.6.0-3.6.1.noarch", "HPE Helion OpenStack 8:python-horizon-12.0.5~dev3-3.26.1.noarch", "HPE Helion OpenStack 8:python-keystone-12.0.4~dev11-5.33.2.noarch", "HPE Helion OpenStack 8:python-keystoneauth1-3.1.2~dev2-3.3.1.noarch", "HPE Helion OpenStack 8:python-monasca-agent-2.2.6~dev4-3.18.1.noarch", "HPE Helion OpenStack 8:python-neutron-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:python-oslo.messaging-5.30.8-3.11.1.noarch", "HPE Helion OpenStack 8:python-psutil-5.2.2-3.3.1.x86_64", "HPE Helion OpenStack 8:python-pyroute2-0.4.21-3.3.1.noarch", "HPE Helion OpenStack 8:python-pysaml2-4.0.2-5.6.1.noarch", "HPE Helion OpenStack 8:python-tooz-1.58.1-3.3.1.noarch", "HPE Helion OpenStack 8:python-waitress-1.4.3-3.3.1.noarch", "HPE Helion OpenStack 8:storm-1.1.3-3.3.1.x86_64", "HPE Helion OpenStack 8:storm-nimbus-1.1.3-3.3.1.x86_64", "HPE Helion OpenStack 8:storm-supervisor-1.1.3-3.3.1.x86_64", "HPE Helion OpenStack 8:venv-openstack-aodh-x86_64-5.1.1~dev7-12.26.2.noarch", "HPE Helion OpenStack 8:venv-openstack-barbican-x86_64-5.0.2~dev3-12.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-ceilometer-x86_64-9.0.8~dev7-12.24.2.noarch", "HPE Helion OpenStack 8:venv-openstack-cinder-x86_64-11.2.3~dev23-14.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-designate-x86_64-5.0.3~dev7-12.25.2.noarch", "HPE Helion OpenStack 8:venv-openstack-freezer-x86_64-5.0.0.0~xrc2~dev2-10.22.1.noarch", "HPE Helion OpenStack 8:venv-openstack-glance-x86_64-15.0.3~dev3-12.25.1.noarch", "HPE Helion OpenStack 8:venv-openstack-heat-x86_64-9.0.8~dev22-12.27.1.noarch", "HPE Helion OpenStack 8:venv-openstack-horizon-hpe-x86_64-12.0.5~dev3-14.30.1.noarch", "HPE Helion OpenStack 8:venv-openstack-ironic-x86_64-9.1.8~dev8-12.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-keystone-x86_64-12.0.4~dev11-11.28.2.noarch", "HPE Helion OpenStack 8:venv-openstack-magnum-x86_64-5.0.2_5.0.2_5.0.2~dev31-11.26.2.noarch", "HPE Helion OpenStack 8:venv-openstack-manila-x86_64-5.1.1~dev5-12.31.2.noarch", "HPE Helion OpenStack 8:venv-openstack-monasca-ceilometer-x86_64-1.5.1_1.5.1_1.5.1~dev3-8.22.2.noarch", "HPE Helion OpenStack 8:venv-openstack-monasca-x86_64-2.2.2~dev1-11.22.3.noarch", "HPE Helion OpenStack 8:venv-openstack-murano-x86_64-4.0.2~dev2-12.22.1.noarch", "HPE Helion OpenStack 8:venv-openstack-neutron-x86_64-11.0.9~dev65-13.30.2.noarch", "HPE Helion OpenStack 8:venv-openstack-nova-x86_64-16.1.9~dev61-11.28.2.noarch", "HPE Helion OpenStack 8:venv-openstack-octavia-x86_64-1.0.6~dev3-12.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-sahara-x86_64-7.0.5~dev4-11.26.2.noarch", "HPE Helion OpenStack 8:venv-openstack-swift-x86_64-2.15.2_2.15.2_2.15.2~dev32-11.18.1.noarch", "HPE Helion OpenStack 8:venv-openstack-trove-x86_64-8.0.2~dev2-11.26.1.noarch", "SUSE OpenStack Cloud 8:ansible-2.4.6.0-3.9.1.noarch", "SUSE OpenStack Cloud 8:ansible1-1.9.6-7.3.1.noarch", "SUSE OpenStack Cloud 8:ardana-ansible-8.0+git.1589740980.6c3bcdc-3.73.1.noarch", "SUSE OpenStack Cloud 8:ardana-cluster-8.0+git.1585685203.3e71e49-3.36.1.noarch", "SUSE OpenStack Cloud 8:ardana-freezer-8.0+git.1586539529.b7d295f-3.21.1.noarch", "SUSE OpenStack Cloud 8:ardana-input-model-8.0+git.1589740934.0e0ad61-3.39.1.noarch", "SUSE OpenStack Cloud 8:ardana-logging-8.0+git.1591194866.b7375d0-3.24.1.noarch", "SUSE OpenStack Cloud 8:ardana-mq-8.0+git.1589715269.62ad6df-3.22.1.noarch", "SUSE OpenStack Cloud 8:ardana-neutron-8.0+git.1590756744.ba84abc-3.42.1.noarch", "SUSE OpenStack Cloud 8:ardana-octavia-8.0+git.1590100427.cf4cc8f-3.29.1.noarch", "SUSE OpenStack Cloud 8:ardana-osconfig-8.0+git.1587034587.eac37b8-3.45.1.noarch", "SUSE OpenStack Cloud 8:caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-installation-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-operations-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-opsconsole-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-planning-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-security-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-supplement-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-upstream-admin-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-upstream-user-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-user-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:grafana-4.6.5-4.9.1.x86_64", "SUSE OpenStack Cloud 8:kibana-4.6.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:openstack-dashboard-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud 8:openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1.noarch", "SUSE OpenStack Cloud 8:openstack-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-keystone-doc-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud 8:openstack-monasca-installer-20190923_16.32-3.12.1.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-dhcp-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-doc-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-ha-tool-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-l3-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-macvtap-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-metadata-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-metering-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-server-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-octavia-amphora-image-x86_64-0.1.4-3.12.2.noarch", "SUSE OpenStack Cloud 8:python-Django-1.11.23-3.15.1.noarch", "SUSE OpenStack Cloud 8:python-Flask-0.12.1-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-GitPython-2.1.8-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-Pillow-4.2.1-3.5.1.x86_64", "SUSE OpenStack Cloud 8:python-amqp-2.4.2-3.12.1.noarch", "SUSE OpenStack Cloud 8:python-apicapi-1.6.0-3.6.1.noarch", "SUSE OpenStack Cloud 8:python-horizon-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud 8:python-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud 8:python-keystoneauth1-3.1.2~dev2-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud 8:python-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:python-oslo.messaging-5.30.8-3.11.1.noarch", "SUSE OpenStack Cloud 8:python-psutil-5.2.2-3.3.1.x86_64", "SUSE OpenStack Cloud 8:python-pyroute2-0.4.21-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-pysaml2-4.0.2-5.6.1.noarch", "SUSE OpenStack Cloud 8:python-tooz-1.58.1-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud 8:storm-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:storm-nimbus-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:storm-supervisor-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:venv-openstack-aodh-x86_64-5.1.1~dev7-12.26.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-barbican-x86_64-5.0.2~dev3-12.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-ceilometer-x86_64-9.0.8~dev7-12.24.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-cinder-x86_64-11.2.3~dev23-14.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-designate-x86_64-5.0.3~dev7-12.25.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-freezer-x86_64-5.0.0.0~xrc2~dev2-10.22.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-glance-x86_64-15.0.3~dev3-12.25.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-heat-x86_64-9.0.8~dev22-12.27.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-horizon-x86_64-12.0.5~dev3-14.30.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-ironic-x86_64-9.1.8~dev8-12.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-keystone-x86_64-12.0.4~dev11-11.28.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-magnum-x86_64-5.0.2_5.0.2_5.0.2~dev31-11.26.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-manila-x86_64-5.1.1~dev5-12.31.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-monasca-ceilometer-x86_64-1.5.1_1.5.1_1.5.1~dev3-8.22.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-monasca-x86_64-2.2.2~dev1-11.22.3.noarch", "SUSE OpenStack Cloud 8:venv-openstack-murano-x86_64-4.0.2~dev2-12.22.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-neutron-x86_64-11.0.9~dev65-13.30.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-nova-x86_64-16.1.9~dev61-11.28.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-octavia-x86_64-1.0.6~dev3-12.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-sahara-x86_64-7.0.5~dev4-11.26.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-swift-x86_64-2.15.2_2.15.2_2.15.2~dev32-11.18.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-trove-x86_64-8.0.2~dev2-11.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:ansible-2.4.6.0-3.9.1.noarch", "SUSE OpenStack Cloud Crowbar 8:caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1.noarch", "SUSE OpenStack Cloud Crowbar 8:crowbar-core-5.0+git.1593156248.55bbdb26d-3.41.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:crowbar-core-branding-upstream-5.0+git.1593156248.55bbdb26d-3.41.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:crowbar-openstack-5.0+git.1593085772.64c4ab43c-4.40.2.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-deployment-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-supplement-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-upstream-admin-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-upstream-user-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:grafana-4.6.5-4.9.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kibana-4.6.3-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:openstack-dashboard-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-keystone-doc-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-monasca-installer-20190923_16.32-3.12.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-dhcp-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-doc-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-ha-tool-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-l3-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-macvtap-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-metadata-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-metering-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-server-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-octavia-amphora-image-x86_64-0.1.4-3.12.2.noarch", "SUSE OpenStack Cloud Crowbar 8:python-Django-1.11.23-3.15.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-Flask-0.12.1-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-Pillow-4.2.1-3.5.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:python-amqp-2.4.2-3.12.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-apicapi-1.6.0-3.6.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-horizon-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:python-keystoneauth1-3.1.2~dev2-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:python-oslo.messaging-5.30.8-3.11.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-psutil-5.2.2-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:python-pyroute2-0.4.21-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-pysaml2-4.0.2-5.6.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-tooz-1.58.1-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-crowbar-client-3.9.2-3.12.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-puma-2.16.0-3.9.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:storm-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:storm-nimbus-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:storm-supervisor-1.1.3-3.3.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", version: "3.1", }, products: [ "HPE Helion OpenStack 8:ansible-2.4.6.0-3.9.1.noarch", "HPE Helion OpenStack 8:ansible1-1.9.6-7.3.1.noarch", "HPE Helion OpenStack 8:ardana-ansible-8.0+git.1589740980.6c3bcdc-3.73.1.noarch", "HPE Helion OpenStack 8:ardana-cluster-8.0+git.1585685203.3e71e49-3.36.1.noarch", "HPE Helion OpenStack 8:ardana-freezer-8.0+git.1586539529.b7d295f-3.21.1.noarch", "HPE Helion OpenStack 8:ardana-input-model-8.0+git.1589740934.0e0ad61-3.39.1.noarch", "HPE Helion OpenStack 8:ardana-logging-8.0+git.1591194866.b7375d0-3.24.1.noarch", "HPE Helion OpenStack 8:ardana-mq-8.0+git.1589715269.62ad6df-3.22.1.noarch", "HPE Helion OpenStack 8:ardana-neutron-8.0+git.1590756744.ba84abc-3.42.1.noarch", "HPE Helion OpenStack 8:ardana-octavia-8.0+git.1590100427.cf4cc8f-3.29.1.noarch", "HPE Helion OpenStack 8:ardana-osconfig-8.0+git.1587034587.eac37b8-3.45.1.noarch", "HPE Helion OpenStack 8:caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-installation-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-operations-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-opsconsole-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-planning-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-security-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-user-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:grafana-4.6.5-4.9.1.x86_64", "HPE Helion OpenStack 8:kibana-4.6.3-3.3.1.x86_64", "HPE Helion OpenStack 8:openstack-dashboard-12.0.5~dev3-3.26.1.noarch", "HPE Helion OpenStack 8:openstack-dashboard-theme-HPE-8+git.1523473653.6599ec8-3.3.1.noarch", "HPE Helion OpenStack 8:openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1.noarch", "HPE Helion OpenStack 8:openstack-keystone-12.0.4~dev11-5.33.2.noarch", "HPE Helion OpenStack 8:openstack-keystone-doc-12.0.4~dev11-5.33.2.noarch", "HPE Helion OpenStack 8:openstack-monasca-agent-2.2.6~dev4-3.18.1.noarch", "HPE Helion OpenStack 8:openstack-monasca-installer-20190923_16.32-3.12.1.noarch", "HPE Helion OpenStack 8:openstack-neutron-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-dhcp-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-doc-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-ha-tool-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-l3-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-macvtap-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-metadata-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-metering-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-server-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-octavia-amphora-image-x86_64-0.1.4-3.12.2.noarch", "HPE Helion OpenStack 8:python-Django-1.11.23-3.15.1.noarch", "HPE Helion OpenStack 8:python-Flask-0.12.1-3.3.1.noarch", "HPE Helion OpenStack 8:python-GitPython-2.1.8-3.3.1.noarch", "HPE Helion OpenStack 8:python-Pillow-4.2.1-3.5.1.x86_64", "HPE Helion OpenStack 8:python-amqp-2.4.2-3.12.1.noarch", "HPE Helion OpenStack 8:python-apicapi-1.6.0-3.6.1.noarch", "HPE Helion OpenStack 8:python-horizon-12.0.5~dev3-3.26.1.noarch", "HPE Helion OpenStack 8:python-keystone-12.0.4~dev11-5.33.2.noarch", "HPE Helion OpenStack 8:python-keystoneauth1-3.1.2~dev2-3.3.1.noarch", "HPE Helion OpenStack 8:python-monasca-agent-2.2.6~dev4-3.18.1.noarch", "HPE Helion OpenStack 8:python-neutron-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:python-oslo.messaging-5.30.8-3.11.1.noarch", "HPE Helion OpenStack 8:python-psutil-5.2.2-3.3.1.x86_64", "HPE Helion OpenStack 8:python-pyroute2-0.4.21-3.3.1.noarch", "HPE Helion OpenStack 8:python-pysaml2-4.0.2-5.6.1.noarch", "HPE Helion OpenStack 8:python-tooz-1.58.1-3.3.1.noarch", "HPE Helion OpenStack 8:python-waitress-1.4.3-3.3.1.noarch", "HPE Helion OpenStack 8:storm-1.1.3-3.3.1.x86_64", "HPE Helion OpenStack 8:storm-nimbus-1.1.3-3.3.1.x86_64", "HPE Helion OpenStack 8:storm-supervisor-1.1.3-3.3.1.x86_64", "HPE Helion OpenStack 8:venv-openstack-aodh-x86_64-5.1.1~dev7-12.26.2.noarch", "HPE Helion OpenStack 8:venv-openstack-barbican-x86_64-5.0.2~dev3-12.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-ceilometer-x86_64-9.0.8~dev7-12.24.2.noarch", "HPE Helion OpenStack 8:venv-openstack-cinder-x86_64-11.2.3~dev23-14.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-designate-x86_64-5.0.3~dev7-12.25.2.noarch", "HPE Helion OpenStack 8:venv-openstack-freezer-x86_64-5.0.0.0~xrc2~dev2-10.22.1.noarch", "HPE Helion OpenStack 8:venv-openstack-glance-x86_64-15.0.3~dev3-12.25.1.noarch", "HPE Helion OpenStack 8:venv-openstack-heat-x86_64-9.0.8~dev22-12.27.1.noarch", "HPE Helion OpenStack 8:venv-openstack-horizon-hpe-x86_64-12.0.5~dev3-14.30.1.noarch", "HPE Helion OpenStack 8:venv-openstack-ironic-x86_64-9.1.8~dev8-12.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-keystone-x86_64-12.0.4~dev11-11.28.2.noarch", "HPE Helion OpenStack 8:venv-openstack-magnum-x86_64-5.0.2_5.0.2_5.0.2~dev31-11.26.2.noarch", "HPE Helion OpenStack 8:venv-openstack-manila-x86_64-5.1.1~dev5-12.31.2.noarch", "HPE Helion OpenStack 8:venv-openstack-monasca-ceilometer-x86_64-1.5.1_1.5.1_1.5.1~dev3-8.22.2.noarch", "HPE Helion OpenStack 8:venv-openstack-monasca-x86_64-2.2.2~dev1-11.22.3.noarch", "HPE Helion OpenStack 8:venv-openstack-murano-x86_64-4.0.2~dev2-12.22.1.noarch", "HPE Helion OpenStack 8:venv-openstack-neutron-x86_64-11.0.9~dev65-13.30.2.noarch", "HPE Helion OpenStack 8:venv-openstack-nova-x86_64-16.1.9~dev61-11.28.2.noarch", "HPE Helion OpenStack 8:venv-openstack-octavia-x86_64-1.0.6~dev3-12.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-sahara-x86_64-7.0.5~dev4-11.26.2.noarch", "HPE Helion OpenStack 8:venv-openstack-swift-x86_64-2.15.2_2.15.2_2.15.2~dev32-11.18.1.noarch", "HPE Helion OpenStack 8:venv-openstack-trove-x86_64-8.0.2~dev2-11.26.1.noarch", "SUSE OpenStack Cloud 8:ansible-2.4.6.0-3.9.1.noarch", "SUSE OpenStack Cloud 8:ansible1-1.9.6-7.3.1.noarch", "SUSE OpenStack Cloud 8:ardana-ansible-8.0+git.1589740980.6c3bcdc-3.73.1.noarch", "SUSE OpenStack Cloud 8:ardana-cluster-8.0+git.1585685203.3e71e49-3.36.1.noarch", "SUSE OpenStack Cloud 8:ardana-freezer-8.0+git.1586539529.b7d295f-3.21.1.noarch", "SUSE OpenStack Cloud 8:ardana-input-model-8.0+git.1589740934.0e0ad61-3.39.1.noarch", "SUSE OpenStack Cloud 8:ardana-logging-8.0+git.1591194866.b7375d0-3.24.1.noarch", "SUSE OpenStack Cloud 8:ardana-mq-8.0+git.1589715269.62ad6df-3.22.1.noarch", "SUSE OpenStack Cloud 8:ardana-neutron-8.0+git.1590756744.ba84abc-3.42.1.noarch", "SUSE OpenStack Cloud 8:ardana-octavia-8.0+git.1590100427.cf4cc8f-3.29.1.noarch", "SUSE OpenStack Cloud 8:ardana-osconfig-8.0+git.1587034587.eac37b8-3.45.1.noarch", "SUSE OpenStack Cloud 8:caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-installation-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-operations-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-opsconsole-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-planning-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-security-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-supplement-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-upstream-admin-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-upstream-user-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-user-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:grafana-4.6.5-4.9.1.x86_64", "SUSE OpenStack Cloud 8:kibana-4.6.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:openstack-dashboard-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud 8:openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1.noarch", "SUSE OpenStack Cloud 8:openstack-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-keystone-doc-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud 8:openstack-monasca-installer-20190923_16.32-3.12.1.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-dhcp-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-doc-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-ha-tool-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-l3-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-macvtap-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-metadata-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-metering-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-server-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-octavia-amphora-image-x86_64-0.1.4-3.12.2.noarch", "SUSE OpenStack Cloud 8:python-Django-1.11.23-3.15.1.noarch", "SUSE OpenStack Cloud 8:python-Flask-0.12.1-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-GitPython-2.1.8-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-Pillow-4.2.1-3.5.1.x86_64", "SUSE OpenStack Cloud 8:python-amqp-2.4.2-3.12.1.noarch", "SUSE OpenStack Cloud 8:python-apicapi-1.6.0-3.6.1.noarch", "SUSE OpenStack Cloud 8:python-horizon-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud 8:python-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud 8:python-keystoneauth1-3.1.2~dev2-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud 8:python-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:python-oslo.messaging-5.30.8-3.11.1.noarch", "SUSE OpenStack Cloud 8:python-psutil-5.2.2-3.3.1.x86_64", "SUSE OpenStack Cloud 8:python-pyroute2-0.4.21-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-pysaml2-4.0.2-5.6.1.noarch", "SUSE OpenStack Cloud 8:python-tooz-1.58.1-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud 8:storm-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:storm-nimbus-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:storm-supervisor-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:venv-openstack-aodh-x86_64-5.1.1~dev7-12.26.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-barbican-x86_64-5.0.2~dev3-12.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-ceilometer-x86_64-9.0.8~dev7-12.24.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-cinder-x86_64-11.2.3~dev23-14.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-designate-x86_64-5.0.3~dev7-12.25.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-freezer-x86_64-5.0.0.0~xrc2~dev2-10.22.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-glance-x86_64-15.0.3~dev3-12.25.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-heat-x86_64-9.0.8~dev22-12.27.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-horizon-x86_64-12.0.5~dev3-14.30.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-ironic-x86_64-9.1.8~dev8-12.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-keystone-x86_64-12.0.4~dev11-11.28.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-magnum-x86_64-5.0.2_5.0.2_5.0.2~dev31-11.26.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-manila-x86_64-5.1.1~dev5-12.31.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-monasca-ceilometer-x86_64-1.5.1_1.5.1_1.5.1~dev3-8.22.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-monasca-x86_64-2.2.2~dev1-11.22.3.noarch", "SUSE OpenStack Cloud 8:venv-openstack-murano-x86_64-4.0.2~dev2-12.22.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-neutron-x86_64-11.0.9~dev65-13.30.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-nova-x86_64-16.1.9~dev61-11.28.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-octavia-x86_64-1.0.6~dev3-12.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-sahara-x86_64-7.0.5~dev4-11.26.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-swift-x86_64-2.15.2_2.15.2_2.15.2~dev32-11.18.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-trove-x86_64-8.0.2~dev2-11.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:ansible-2.4.6.0-3.9.1.noarch", "SUSE OpenStack Cloud Crowbar 8:caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1.noarch", "SUSE OpenStack Cloud Crowbar 8:crowbar-core-5.0+git.1593156248.55bbdb26d-3.41.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:crowbar-core-branding-upstream-5.0+git.1593156248.55bbdb26d-3.41.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:crowbar-openstack-5.0+git.1593085772.64c4ab43c-4.40.2.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-deployment-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-supplement-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-upstream-admin-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-upstream-user-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:grafana-4.6.5-4.9.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kibana-4.6.3-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:openstack-dashboard-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-keystone-doc-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-monasca-installer-20190923_16.32-3.12.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-dhcp-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-doc-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-ha-tool-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-l3-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-macvtap-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-metadata-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-metering-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-server-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-octavia-amphora-image-x86_64-0.1.4-3.12.2.noarch", "SUSE OpenStack Cloud Crowbar 8:python-Django-1.11.23-3.15.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-Flask-0.12.1-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-Pillow-4.2.1-3.5.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:python-amqp-2.4.2-3.12.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-apicapi-1.6.0-3.6.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-horizon-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:python-keystoneauth1-3.1.2~dev2-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:python-oslo.messaging-5.30.8-3.11.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-psutil-5.2.2-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:python-pyroute2-0.4.21-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-pysaml2-4.0.2-5.6.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-tooz-1.58.1-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-crowbar-client-3.9.2-3.12.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-puma-2.16.0-3.9.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:storm-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:storm-nimbus-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:storm-supervisor-1.1.3-3.3.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2020-07-14T12:42:01Z", details: "important", }, ], title: "CVE-2019-16786", }, { cve: "CVE-2019-16789", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-16789", }, ], notes: [ { category: "general", text: "In Waitress through version 1.4.0, if a proxy server is used in front of waitress, an invalid request may be sent by an attacker that bypasses the front-end and is parsed differently by waitress leading to a potential for HTTP request smuggling. Specially crafted requests containing special whitespace characters in the Transfer-Encoding header would get parsed by Waitress as being a chunked request, but a front-end server would use the Content-Length instead as the Transfer-Encoding header is considered invalid due to containing invalid characters. If a front-end server does HTTP pipelining to a backend Waitress server this could lead to HTTP request splitting which may lead to potential cache poisoning or unexpected information disclosure. This issue is fixed in Waitress 1.4.1 through more strict HTTP field validation.", title: "CVE description", }, ], product_status: { recommended: [ "HPE Helion OpenStack 8:ansible-2.4.6.0-3.9.1.noarch", "HPE Helion OpenStack 8:ansible1-1.9.6-7.3.1.noarch", "HPE Helion OpenStack 8:ardana-ansible-8.0+git.1589740980.6c3bcdc-3.73.1.noarch", "HPE Helion OpenStack 8:ardana-cluster-8.0+git.1585685203.3e71e49-3.36.1.noarch", "HPE Helion OpenStack 8:ardana-freezer-8.0+git.1586539529.b7d295f-3.21.1.noarch", "HPE Helion OpenStack 8:ardana-input-model-8.0+git.1589740934.0e0ad61-3.39.1.noarch", "HPE Helion OpenStack 8:ardana-logging-8.0+git.1591194866.b7375d0-3.24.1.noarch", "HPE Helion OpenStack 8:ardana-mq-8.0+git.1589715269.62ad6df-3.22.1.noarch", "HPE Helion OpenStack 8:ardana-neutron-8.0+git.1590756744.ba84abc-3.42.1.noarch", "HPE Helion OpenStack 8:ardana-octavia-8.0+git.1590100427.cf4cc8f-3.29.1.noarch", "HPE Helion OpenStack 8:ardana-osconfig-8.0+git.1587034587.eac37b8-3.45.1.noarch", "HPE Helion OpenStack 8:caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-installation-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-operations-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-opsconsole-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-planning-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-security-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-user-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:grafana-4.6.5-4.9.1.x86_64", "HPE Helion OpenStack 8:kibana-4.6.3-3.3.1.x86_64", "HPE Helion OpenStack 8:openstack-dashboard-12.0.5~dev3-3.26.1.noarch", "HPE Helion OpenStack 8:openstack-dashboard-theme-HPE-8+git.1523473653.6599ec8-3.3.1.noarch", "HPE Helion OpenStack 8:openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1.noarch", "HPE Helion OpenStack 8:openstack-keystone-12.0.4~dev11-5.33.2.noarch", "HPE Helion OpenStack 8:openstack-keystone-doc-12.0.4~dev11-5.33.2.noarch", "HPE Helion OpenStack 8:openstack-monasca-agent-2.2.6~dev4-3.18.1.noarch", "HPE Helion OpenStack 8:openstack-monasca-installer-20190923_16.32-3.12.1.noarch", "HPE Helion OpenStack 8:openstack-neutron-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-dhcp-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-doc-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-ha-tool-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-l3-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-macvtap-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-metadata-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-metering-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-server-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-octavia-amphora-image-x86_64-0.1.4-3.12.2.noarch", "HPE Helion OpenStack 8:python-Django-1.11.23-3.15.1.noarch", "HPE Helion OpenStack 8:python-Flask-0.12.1-3.3.1.noarch", "HPE Helion OpenStack 8:python-GitPython-2.1.8-3.3.1.noarch", "HPE Helion OpenStack 8:python-Pillow-4.2.1-3.5.1.x86_64", "HPE Helion OpenStack 8:python-amqp-2.4.2-3.12.1.noarch", "HPE Helion OpenStack 8:python-apicapi-1.6.0-3.6.1.noarch", "HPE Helion OpenStack 8:python-horizon-12.0.5~dev3-3.26.1.noarch", "HPE Helion OpenStack 8:python-keystone-12.0.4~dev11-5.33.2.noarch", "HPE Helion OpenStack 8:python-keystoneauth1-3.1.2~dev2-3.3.1.noarch", "HPE Helion OpenStack 8:python-monasca-agent-2.2.6~dev4-3.18.1.noarch", "HPE Helion OpenStack 8:python-neutron-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:python-oslo.messaging-5.30.8-3.11.1.noarch", "HPE Helion OpenStack 8:python-psutil-5.2.2-3.3.1.x86_64", "HPE Helion OpenStack 8:python-pyroute2-0.4.21-3.3.1.noarch", "HPE Helion OpenStack 8:python-pysaml2-4.0.2-5.6.1.noarch", "HPE Helion OpenStack 8:python-tooz-1.58.1-3.3.1.noarch", "HPE Helion OpenStack 8:python-waitress-1.4.3-3.3.1.noarch", "HPE Helion OpenStack 8:storm-1.1.3-3.3.1.x86_64", "HPE Helion OpenStack 8:storm-nimbus-1.1.3-3.3.1.x86_64", "HPE Helion OpenStack 8:storm-supervisor-1.1.3-3.3.1.x86_64", "HPE Helion OpenStack 8:venv-openstack-aodh-x86_64-5.1.1~dev7-12.26.2.noarch", "HPE Helion OpenStack 8:venv-openstack-barbican-x86_64-5.0.2~dev3-12.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-ceilometer-x86_64-9.0.8~dev7-12.24.2.noarch", "HPE Helion OpenStack 8:venv-openstack-cinder-x86_64-11.2.3~dev23-14.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-designate-x86_64-5.0.3~dev7-12.25.2.noarch", "HPE Helion OpenStack 8:venv-openstack-freezer-x86_64-5.0.0.0~xrc2~dev2-10.22.1.noarch", "HPE Helion OpenStack 8:venv-openstack-glance-x86_64-15.0.3~dev3-12.25.1.noarch", "HPE Helion OpenStack 8:venv-openstack-heat-x86_64-9.0.8~dev22-12.27.1.noarch", "HPE Helion OpenStack 8:venv-openstack-horizon-hpe-x86_64-12.0.5~dev3-14.30.1.noarch", "HPE Helion OpenStack 8:venv-openstack-ironic-x86_64-9.1.8~dev8-12.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-keystone-x86_64-12.0.4~dev11-11.28.2.noarch", "HPE Helion OpenStack 8:venv-openstack-magnum-x86_64-5.0.2_5.0.2_5.0.2~dev31-11.26.2.noarch", "HPE Helion OpenStack 8:venv-openstack-manila-x86_64-5.1.1~dev5-12.31.2.noarch", "HPE Helion OpenStack 8:venv-openstack-monasca-ceilometer-x86_64-1.5.1_1.5.1_1.5.1~dev3-8.22.2.noarch", "HPE Helion OpenStack 8:venv-openstack-monasca-x86_64-2.2.2~dev1-11.22.3.noarch", "HPE Helion OpenStack 8:venv-openstack-murano-x86_64-4.0.2~dev2-12.22.1.noarch", "HPE Helion OpenStack 8:venv-openstack-neutron-x86_64-11.0.9~dev65-13.30.2.noarch", "HPE Helion OpenStack 8:venv-openstack-nova-x86_64-16.1.9~dev61-11.28.2.noarch", "HPE Helion OpenStack 8:venv-openstack-octavia-x86_64-1.0.6~dev3-12.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-sahara-x86_64-7.0.5~dev4-11.26.2.noarch", "HPE Helion OpenStack 8:venv-openstack-swift-x86_64-2.15.2_2.15.2_2.15.2~dev32-11.18.1.noarch", "HPE Helion OpenStack 8:venv-openstack-trove-x86_64-8.0.2~dev2-11.26.1.noarch", "SUSE OpenStack Cloud 8:ansible-2.4.6.0-3.9.1.noarch", "SUSE OpenStack Cloud 8:ansible1-1.9.6-7.3.1.noarch", "SUSE OpenStack Cloud 8:ardana-ansible-8.0+git.1589740980.6c3bcdc-3.73.1.noarch", "SUSE OpenStack Cloud 8:ardana-cluster-8.0+git.1585685203.3e71e49-3.36.1.noarch", "SUSE OpenStack Cloud 8:ardana-freezer-8.0+git.1586539529.b7d295f-3.21.1.noarch", "SUSE OpenStack Cloud 8:ardana-input-model-8.0+git.1589740934.0e0ad61-3.39.1.noarch", "SUSE OpenStack Cloud 8:ardana-logging-8.0+git.1591194866.b7375d0-3.24.1.noarch", "SUSE OpenStack Cloud 8:ardana-mq-8.0+git.1589715269.62ad6df-3.22.1.noarch", "SUSE OpenStack Cloud 8:ardana-neutron-8.0+git.1590756744.ba84abc-3.42.1.noarch", "SUSE OpenStack Cloud 8:ardana-octavia-8.0+git.1590100427.cf4cc8f-3.29.1.noarch", "SUSE OpenStack Cloud 8:ardana-osconfig-8.0+git.1587034587.eac37b8-3.45.1.noarch", "SUSE OpenStack Cloud 8:caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-installation-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-operations-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-opsconsole-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-planning-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-security-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-supplement-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-upstream-admin-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-upstream-user-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-user-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:grafana-4.6.5-4.9.1.x86_64", "SUSE OpenStack Cloud 8:kibana-4.6.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:openstack-dashboard-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud 8:openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1.noarch", "SUSE OpenStack Cloud 8:openstack-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-keystone-doc-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud 8:openstack-monasca-installer-20190923_16.32-3.12.1.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-dhcp-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-doc-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-ha-tool-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-l3-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-macvtap-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-metadata-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-metering-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-server-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-octavia-amphora-image-x86_64-0.1.4-3.12.2.noarch", "SUSE OpenStack Cloud 8:python-Django-1.11.23-3.15.1.noarch", "SUSE OpenStack Cloud 8:python-Flask-0.12.1-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-GitPython-2.1.8-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-Pillow-4.2.1-3.5.1.x86_64", "SUSE OpenStack Cloud 8:python-amqp-2.4.2-3.12.1.noarch", "SUSE OpenStack Cloud 8:python-apicapi-1.6.0-3.6.1.noarch", "SUSE OpenStack Cloud 8:python-horizon-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud 8:python-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud 8:python-keystoneauth1-3.1.2~dev2-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud 8:python-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:python-oslo.messaging-5.30.8-3.11.1.noarch", "SUSE OpenStack Cloud 8:python-psutil-5.2.2-3.3.1.x86_64", "SUSE OpenStack Cloud 8:python-pyroute2-0.4.21-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-pysaml2-4.0.2-5.6.1.noarch", "SUSE OpenStack Cloud 8:python-tooz-1.58.1-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud 8:storm-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:storm-nimbus-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:storm-supervisor-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:venv-openstack-aodh-x86_64-5.1.1~dev7-12.26.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-barbican-x86_64-5.0.2~dev3-12.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-ceilometer-x86_64-9.0.8~dev7-12.24.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-cinder-x86_64-11.2.3~dev23-14.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-designate-x86_64-5.0.3~dev7-12.25.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-freezer-x86_64-5.0.0.0~xrc2~dev2-10.22.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-glance-x86_64-15.0.3~dev3-12.25.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-heat-x86_64-9.0.8~dev22-12.27.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-horizon-x86_64-12.0.5~dev3-14.30.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-ironic-x86_64-9.1.8~dev8-12.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-keystone-x86_64-12.0.4~dev11-11.28.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-magnum-x86_64-5.0.2_5.0.2_5.0.2~dev31-11.26.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-manila-x86_64-5.1.1~dev5-12.31.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-monasca-ceilometer-x86_64-1.5.1_1.5.1_1.5.1~dev3-8.22.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-monasca-x86_64-2.2.2~dev1-11.22.3.noarch", "SUSE OpenStack Cloud 8:venv-openstack-murano-x86_64-4.0.2~dev2-12.22.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-neutron-x86_64-11.0.9~dev65-13.30.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-nova-x86_64-16.1.9~dev61-11.28.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-octavia-x86_64-1.0.6~dev3-12.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-sahara-x86_64-7.0.5~dev4-11.26.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-swift-x86_64-2.15.2_2.15.2_2.15.2~dev32-11.18.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-trove-x86_64-8.0.2~dev2-11.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:ansible-2.4.6.0-3.9.1.noarch", "SUSE OpenStack Cloud Crowbar 8:caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1.noarch", "SUSE OpenStack Cloud Crowbar 8:crowbar-core-5.0+git.1593156248.55bbdb26d-3.41.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:crowbar-core-branding-upstream-5.0+git.1593156248.55bbdb26d-3.41.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:crowbar-openstack-5.0+git.1593085772.64c4ab43c-4.40.2.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-deployment-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-supplement-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-upstream-admin-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-upstream-user-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:grafana-4.6.5-4.9.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kibana-4.6.3-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:openstack-dashboard-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-keystone-doc-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-monasca-installer-20190923_16.32-3.12.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-dhcp-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-doc-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-ha-tool-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-l3-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-macvtap-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-metadata-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-metering-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-server-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-octavia-amphora-image-x86_64-0.1.4-3.12.2.noarch", "SUSE OpenStack Cloud Crowbar 8:python-Django-1.11.23-3.15.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-Flask-0.12.1-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-Pillow-4.2.1-3.5.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:python-amqp-2.4.2-3.12.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-apicapi-1.6.0-3.6.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-horizon-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:python-keystoneauth1-3.1.2~dev2-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:python-oslo.messaging-5.30.8-3.11.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-psutil-5.2.2-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:python-pyroute2-0.4.21-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-pysaml2-4.0.2-5.6.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-tooz-1.58.1-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-crowbar-client-3.9.2-3.12.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-puma-2.16.0-3.9.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:storm-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:storm-nimbus-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:storm-supervisor-1.1.3-3.3.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-16789", url: "https://www.suse.com/security/cve/CVE-2019-16789", }, { category: "external", summary: "SUSE Bug 1160790 for CVE-2019-16789", url: "https://bugzilla.suse.com/1160790", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "HPE Helion OpenStack 8:ansible-2.4.6.0-3.9.1.noarch", "HPE Helion OpenStack 8:ansible1-1.9.6-7.3.1.noarch", "HPE Helion OpenStack 8:ardana-ansible-8.0+git.1589740980.6c3bcdc-3.73.1.noarch", "HPE Helion OpenStack 8:ardana-cluster-8.0+git.1585685203.3e71e49-3.36.1.noarch", "HPE Helion OpenStack 8:ardana-freezer-8.0+git.1586539529.b7d295f-3.21.1.noarch", "HPE Helion OpenStack 8:ardana-input-model-8.0+git.1589740934.0e0ad61-3.39.1.noarch", "HPE Helion OpenStack 8:ardana-logging-8.0+git.1591194866.b7375d0-3.24.1.noarch", "HPE Helion OpenStack 8:ardana-mq-8.0+git.1589715269.62ad6df-3.22.1.noarch", "HPE Helion OpenStack 8:ardana-neutron-8.0+git.1590756744.ba84abc-3.42.1.noarch", "HPE Helion OpenStack 8:ardana-octavia-8.0+git.1590100427.cf4cc8f-3.29.1.noarch", "HPE Helion OpenStack 8:ardana-osconfig-8.0+git.1587034587.eac37b8-3.45.1.noarch", "HPE Helion OpenStack 8:caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-installation-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-operations-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-opsconsole-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-planning-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-security-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-user-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:grafana-4.6.5-4.9.1.x86_64", "HPE Helion OpenStack 8:kibana-4.6.3-3.3.1.x86_64", "HPE Helion OpenStack 8:openstack-dashboard-12.0.5~dev3-3.26.1.noarch", "HPE Helion OpenStack 8:openstack-dashboard-theme-HPE-8+git.1523473653.6599ec8-3.3.1.noarch", "HPE Helion OpenStack 8:openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1.noarch", "HPE Helion OpenStack 8:openstack-keystone-12.0.4~dev11-5.33.2.noarch", "HPE Helion OpenStack 8:openstack-keystone-doc-12.0.4~dev11-5.33.2.noarch", "HPE Helion OpenStack 8:openstack-monasca-agent-2.2.6~dev4-3.18.1.noarch", "HPE Helion OpenStack 8:openstack-monasca-installer-20190923_16.32-3.12.1.noarch", "HPE Helion OpenStack 8:openstack-neutron-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-dhcp-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-doc-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-ha-tool-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-l3-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-macvtap-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-metadata-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-metering-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-server-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-octavia-amphora-image-x86_64-0.1.4-3.12.2.noarch", "HPE Helion OpenStack 8:python-Django-1.11.23-3.15.1.noarch", "HPE Helion OpenStack 8:python-Flask-0.12.1-3.3.1.noarch", "HPE Helion OpenStack 8:python-GitPython-2.1.8-3.3.1.noarch", "HPE Helion OpenStack 8:python-Pillow-4.2.1-3.5.1.x86_64", "HPE Helion OpenStack 8:python-amqp-2.4.2-3.12.1.noarch", "HPE Helion OpenStack 8:python-apicapi-1.6.0-3.6.1.noarch", "HPE Helion OpenStack 8:python-horizon-12.0.5~dev3-3.26.1.noarch", "HPE Helion OpenStack 8:python-keystone-12.0.4~dev11-5.33.2.noarch", "HPE Helion OpenStack 8:python-keystoneauth1-3.1.2~dev2-3.3.1.noarch", "HPE Helion OpenStack 8:python-monasca-agent-2.2.6~dev4-3.18.1.noarch", "HPE Helion OpenStack 8:python-neutron-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:python-oslo.messaging-5.30.8-3.11.1.noarch", "HPE Helion OpenStack 8:python-psutil-5.2.2-3.3.1.x86_64", "HPE Helion OpenStack 8:python-pyroute2-0.4.21-3.3.1.noarch", "HPE Helion OpenStack 8:python-pysaml2-4.0.2-5.6.1.noarch", "HPE Helion OpenStack 8:python-tooz-1.58.1-3.3.1.noarch", "HPE Helion OpenStack 8:python-waitress-1.4.3-3.3.1.noarch", "HPE Helion OpenStack 8:storm-1.1.3-3.3.1.x86_64", "HPE Helion OpenStack 8:storm-nimbus-1.1.3-3.3.1.x86_64", "HPE Helion OpenStack 8:storm-supervisor-1.1.3-3.3.1.x86_64", "HPE Helion OpenStack 8:venv-openstack-aodh-x86_64-5.1.1~dev7-12.26.2.noarch", "HPE Helion OpenStack 8:venv-openstack-barbican-x86_64-5.0.2~dev3-12.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-ceilometer-x86_64-9.0.8~dev7-12.24.2.noarch", "HPE Helion OpenStack 8:venv-openstack-cinder-x86_64-11.2.3~dev23-14.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-designate-x86_64-5.0.3~dev7-12.25.2.noarch", "HPE Helion OpenStack 8:venv-openstack-freezer-x86_64-5.0.0.0~xrc2~dev2-10.22.1.noarch", "HPE Helion OpenStack 8:venv-openstack-glance-x86_64-15.0.3~dev3-12.25.1.noarch", "HPE Helion OpenStack 8:venv-openstack-heat-x86_64-9.0.8~dev22-12.27.1.noarch", "HPE Helion OpenStack 8:venv-openstack-horizon-hpe-x86_64-12.0.5~dev3-14.30.1.noarch", "HPE Helion OpenStack 8:venv-openstack-ironic-x86_64-9.1.8~dev8-12.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-keystone-x86_64-12.0.4~dev11-11.28.2.noarch", "HPE Helion OpenStack 8:venv-openstack-magnum-x86_64-5.0.2_5.0.2_5.0.2~dev31-11.26.2.noarch", "HPE Helion OpenStack 8:venv-openstack-manila-x86_64-5.1.1~dev5-12.31.2.noarch", "HPE Helion OpenStack 8:venv-openstack-monasca-ceilometer-x86_64-1.5.1_1.5.1_1.5.1~dev3-8.22.2.noarch", "HPE Helion OpenStack 8:venv-openstack-monasca-x86_64-2.2.2~dev1-11.22.3.noarch", "HPE Helion OpenStack 8:venv-openstack-murano-x86_64-4.0.2~dev2-12.22.1.noarch", "HPE Helion OpenStack 8:venv-openstack-neutron-x86_64-11.0.9~dev65-13.30.2.noarch", "HPE Helion OpenStack 8:venv-openstack-nova-x86_64-16.1.9~dev61-11.28.2.noarch", "HPE Helion OpenStack 8:venv-openstack-octavia-x86_64-1.0.6~dev3-12.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-sahara-x86_64-7.0.5~dev4-11.26.2.noarch", "HPE Helion OpenStack 8:venv-openstack-swift-x86_64-2.15.2_2.15.2_2.15.2~dev32-11.18.1.noarch", "HPE Helion OpenStack 8:venv-openstack-trove-x86_64-8.0.2~dev2-11.26.1.noarch", "SUSE OpenStack Cloud 8:ansible-2.4.6.0-3.9.1.noarch", "SUSE OpenStack Cloud 8:ansible1-1.9.6-7.3.1.noarch", "SUSE OpenStack Cloud 8:ardana-ansible-8.0+git.1589740980.6c3bcdc-3.73.1.noarch", "SUSE OpenStack Cloud 8:ardana-cluster-8.0+git.1585685203.3e71e49-3.36.1.noarch", "SUSE OpenStack Cloud 8:ardana-freezer-8.0+git.1586539529.b7d295f-3.21.1.noarch", "SUSE OpenStack Cloud 8:ardana-input-model-8.0+git.1589740934.0e0ad61-3.39.1.noarch", "SUSE OpenStack Cloud 8:ardana-logging-8.0+git.1591194866.b7375d0-3.24.1.noarch", "SUSE OpenStack Cloud 8:ardana-mq-8.0+git.1589715269.62ad6df-3.22.1.noarch", "SUSE OpenStack Cloud 8:ardana-neutron-8.0+git.1590756744.ba84abc-3.42.1.noarch", "SUSE OpenStack Cloud 8:ardana-octavia-8.0+git.1590100427.cf4cc8f-3.29.1.noarch", "SUSE OpenStack Cloud 8:ardana-osconfig-8.0+git.1587034587.eac37b8-3.45.1.noarch", "SUSE OpenStack Cloud 8:caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-installation-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-operations-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-opsconsole-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-planning-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-security-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-supplement-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-upstream-admin-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-upstream-user-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-user-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:grafana-4.6.5-4.9.1.x86_64", "SUSE OpenStack Cloud 8:kibana-4.6.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:openstack-dashboard-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud 8:openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1.noarch", "SUSE OpenStack Cloud 8:openstack-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-keystone-doc-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud 8:openstack-monasca-installer-20190923_16.32-3.12.1.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-dhcp-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-doc-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-ha-tool-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-l3-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-macvtap-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-metadata-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-metering-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-server-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-octavia-amphora-image-x86_64-0.1.4-3.12.2.noarch", "SUSE OpenStack Cloud 8:python-Django-1.11.23-3.15.1.noarch", "SUSE OpenStack Cloud 8:python-Flask-0.12.1-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-GitPython-2.1.8-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-Pillow-4.2.1-3.5.1.x86_64", "SUSE OpenStack Cloud 8:python-amqp-2.4.2-3.12.1.noarch", "SUSE OpenStack Cloud 8:python-apicapi-1.6.0-3.6.1.noarch", "SUSE OpenStack Cloud 8:python-horizon-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud 8:python-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud 8:python-keystoneauth1-3.1.2~dev2-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud 8:python-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:python-oslo.messaging-5.30.8-3.11.1.noarch", "SUSE OpenStack Cloud 8:python-psutil-5.2.2-3.3.1.x86_64", "SUSE OpenStack Cloud 8:python-pyroute2-0.4.21-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-pysaml2-4.0.2-5.6.1.noarch", "SUSE OpenStack Cloud 8:python-tooz-1.58.1-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud 8:storm-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:storm-nimbus-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:storm-supervisor-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:venv-openstack-aodh-x86_64-5.1.1~dev7-12.26.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-barbican-x86_64-5.0.2~dev3-12.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-ceilometer-x86_64-9.0.8~dev7-12.24.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-cinder-x86_64-11.2.3~dev23-14.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-designate-x86_64-5.0.3~dev7-12.25.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-freezer-x86_64-5.0.0.0~xrc2~dev2-10.22.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-glance-x86_64-15.0.3~dev3-12.25.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-heat-x86_64-9.0.8~dev22-12.27.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-horizon-x86_64-12.0.5~dev3-14.30.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-ironic-x86_64-9.1.8~dev8-12.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-keystone-x86_64-12.0.4~dev11-11.28.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-magnum-x86_64-5.0.2_5.0.2_5.0.2~dev31-11.26.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-manila-x86_64-5.1.1~dev5-12.31.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-monasca-ceilometer-x86_64-1.5.1_1.5.1_1.5.1~dev3-8.22.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-monasca-x86_64-2.2.2~dev1-11.22.3.noarch", "SUSE OpenStack Cloud 8:venv-openstack-murano-x86_64-4.0.2~dev2-12.22.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-neutron-x86_64-11.0.9~dev65-13.30.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-nova-x86_64-16.1.9~dev61-11.28.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-octavia-x86_64-1.0.6~dev3-12.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-sahara-x86_64-7.0.5~dev4-11.26.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-swift-x86_64-2.15.2_2.15.2_2.15.2~dev32-11.18.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-trove-x86_64-8.0.2~dev2-11.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:ansible-2.4.6.0-3.9.1.noarch", "SUSE OpenStack Cloud Crowbar 8:caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1.noarch", "SUSE OpenStack Cloud Crowbar 8:crowbar-core-5.0+git.1593156248.55bbdb26d-3.41.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:crowbar-core-branding-upstream-5.0+git.1593156248.55bbdb26d-3.41.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:crowbar-openstack-5.0+git.1593085772.64c4ab43c-4.40.2.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-deployment-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-supplement-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-upstream-admin-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-upstream-user-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:grafana-4.6.5-4.9.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kibana-4.6.3-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:openstack-dashboard-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-keystone-doc-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-monasca-installer-20190923_16.32-3.12.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-dhcp-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-doc-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-ha-tool-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-l3-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-macvtap-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-metadata-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-metering-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-server-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-octavia-amphora-image-x86_64-0.1.4-3.12.2.noarch", "SUSE OpenStack Cloud Crowbar 8:python-Django-1.11.23-3.15.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-Flask-0.12.1-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-Pillow-4.2.1-3.5.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:python-amqp-2.4.2-3.12.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-apicapi-1.6.0-3.6.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-horizon-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:python-keystoneauth1-3.1.2~dev2-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:python-oslo.messaging-5.30.8-3.11.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-psutil-5.2.2-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:python-pyroute2-0.4.21-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-pysaml2-4.0.2-5.6.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-tooz-1.58.1-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-crowbar-client-3.9.2-3.12.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-puma-2.16.0-3.9.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:storm-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:storm-nimbus-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:storm-supervisor-1.1.3-3.3.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.1, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N", version: "3.1", }, products: [ "HPE Helion OpenStack 8:ansible-2.4.6.0-3.9.1.noarch", "HPE Helion OpenStack 8:ansible1-1.9.6-7.3.1.noarch", "HPE Helion OpenStack 8:ardana-ansible-8.0+git.1589740980.6c3bcdc-3.73.1.noarch", "HPE Helion OpenStack 8:ardana-cluster-8.0+git.1585685203.3e71e49-3.36.1.noarch", "HPE Helion OpenStack 8:ardana-freezer-8.0+git.1586539529.b7d295f-3.21.1.noarch", "HPE Helion OpenStack 8:ardana-input-model-8.0+git.1589740934.0e0ad61-3.39.1.noarch", "HPE Helion OpenStack 8:ardana-logging-8.0+git.1591194866.b7375d0-3.24.1.noarch", "HPE Helion OpenStack 8:ardana-mq-8.0+git.1589715269.62ad6df-3.22.1.noarch", "HPE Helion OpenStack 8:ardana-neutron-8.0+git.1590756744.ba84abc-3.42.1.noarch", "HPE Helion OpenStack 8:ardana-octavia-8.0+git.1590100427.cf4cc8f-3.29.1.noarch", "HPE Helion OpenStack 8:ardana-osconfig-8.0+git.1587034587.eac37b8-3.45.1.noarch", "HPE Helion OpenStack 8:caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-installation-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-operations-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-opsconsole-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-planning-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-security-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-user-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:grafana-4.6.5-4.9.1.x86_64", "HPE Helion OpenStack 8:kibana-4.6.3-3.3.1.x86_64", "HPE Helion OpenStack 8:openstack-dashboard-12.0.5~dev3-3.26.1.noarch", "HPE Helion OpenStack 8:openstack-dashboard-theme-HPE-8+git.1523473653.6599ec8-3.3.1.noarch", "HPE Helion OpenStack 8:openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1.noarch", "HPE Helion OpenStack 8:openstack-keystone-12.0.4~dev11-5.33.2.noarch", "HPE Helion OpenStack 8:openstack-keystone-doc-12.0.4~dev11-5.33.2.noarch", "HPE Helion OpenStack 8:openstack-monasca-agent-2.2.6~dev4-3.18.1.noarch", "HPE Helion OpenStack 8:openstack-monasca-installer-20190923_16.32-3.12.1.noarch", "HPE Helion OpenStack 8:openstack-neutron-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-dhcp-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-doc-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-ha-tool-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-l3-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-macvtap-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-metadata-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-metering-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-server-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-octavia-amphora-image-x86_64-0.1.4-3.12.2.noarch", "HPE Helion OpenStack 8:python-Django-1.11.23-3.15.1.noarch", "HPE Helion OpenStack 8:python-Flask-0.12.1-3.3.1.noarch", "HPE Helion OpenStack 8:python-GitPython-2.1.8-3.3.1.noarch", "HPE Helion OpenStack 8:python-Pillow-4.2.1-3.5.1.x86_64", "HPE Helion OpenStack 8:python-amqp-2.4.2-3.12.1.noarch", "HPE Helion OpenStack 8:python-apicapi-1.6.0-3.6.1.noarch", "HPE Helion OpenStack 8:python-horizon-12.0.5~dev3-3.26.1.noarch", "HPE Helion OpenStack 8:python-keystone-12.0.4~dev11-5.33.2.noarch", "HPE Helion OpenStack 8:python-keystoneauth1-3.1.2~dev2-3.3.1.noarch", "HPE Helion OpenStack 8:python-monasca-agent-2.2.6~dev4-3.18.1.noarch", "HPE Helion OpenStack 8:python-neutron-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:python-oslo.messaging-5.30.8-3.11.1.noarch", "HPE Helion OpenStack 8:python-psutil-5.2.2-3.3.1.x86_64", "HPE Helion OpenStack 8:python-pyroute2-0.4.21-3.3.1.noarch", "HPE Helion OpenStack 8:python-pysaml2-4.0.2-5.6.1.noarch", "HPE Helion OpenStack 8:python-tooz-1.58.1-3.3.1.noarch", "HPE Helion OpenStack 8:python-waitress-1.4.3-3.3.1.noarch", "HPE Helion OpenStack 8:storm-1.1.3-3.3.1.x86_64", "HPE Helion OpenStack 8:storm-nimbus-1.1.3-3.3.1.x86_64", "HPE Helion OpenStack 8:storm-supervisor-1.1.3-3.3.1.x86_64", "HPE Helion OpenStack 8:venv-openstack-aodh-x86_64-5.1.1~dev7-12.26.2.noarch", "HPE Helion OpenStack 8:venv-openstack-barbican-x86_64-5.0.2~dev3-12.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-ceilometer-x86_64-9.0.8~dev7-12.24.2.noarch", "HPE Helion OpenStack 8:venv-openstack-cinder-x86_64-11.2.3~dev23-14.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-designate-x86_64-5.0.3~dev7-12.25.2.noarch", "HPE Helion OpenStack 8:venv-openstack-freezer-x86_64-5.0.0.0~xrc2~dev2-10.22.1.noarch", "HPE Helion OpenStack 8:venv-openstack-glance-x86_64-15.0.3~dev3-12.25.1.noarch", "HPE Helion OpenStack 8:venv-openstack-heat-x86_64-9.0.8~dev22-12.27.1.noarch", "HPE Helion OpenStack 8:venv-openstack-horizon-hpe-x86_64-12.0.5~dev3-14.30.1.noarch", "HPE Helion OpenStack 8:venv-openstack-ironic-x86_64-9.1.8~dev8-12.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-keystone-x86_64-12.0.4~dev11-11.28.2.noarch", "HPE Helion OpenStack 8:venv-openstack-magnum-x86_64-5.0.2_5.0.2_5.0.2~dev31-11.26.2.noarch", "HPE Helion OpenStack 8:venv-openstack-manila-x86_64-5.1.1~dev5-12.31.2.noarch", "HPE Helion OpenStack 8:venv-openstack-monasca-ceilometer-x86_64-1.5.1_1.5.1_1.5.1~dev3-8.22.2.noarch", "HPE Helion OpenStack 8:venv-openstack-monasca-x86_64-2.2.2~dev1-11.22.3.noarch", "HPE Helion OpenStack 8:venv-openstack-murano-x86_64-4.0.2~dev2-12.22.1.noarch", "HPE Helion OpenStack 8:venv-openstack-neutron-x86_64-11.0.9~dev65-13.30.2.noarch", "HPE Helion OpenStack 8:venv-openstack-nova-x86_64-16.1.9~dev61-11.28.2.noarch", "HPE Helion OpenStack 8:venv-openstack-octavia-x86_64-1.0.6~dev3-12.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-sahara-x86_64-7.0.5~dev4-11.26.2.noarch", "HPE Helion OpenStack 8:venv-openstack-swift-x86_64-2.15.2_2.15.2_2.15.2~dev32-11.18.1.noarch", "HPE Helion OpenStack 8:venv-openstack-trove-x86_64-8.0.2~dev2-11.26.1.noarch", "SUSE OpenStack Cloud 8:ansible-2.4.6.0-3.9.1.noarch", "SUSE OpenStack Cloud 8:ansible1-1.9.6-7.3.1.noarch", "SUSE OpenStack Cloud 8:ardana-ansible-8.0+git.1589740980.6c3bcdc-3.73.1.noarch", "SUSE OpenStack Cloud 8:ardana-cluster-8.0+git.1585685203.3e71e49-3.36.1.noarch", "SUSE OpenStack Cloud 8:ardana-freezer-8.0+git.1586539529.b7d295f-3.21.1.noarch", "SUSE OpenStack Cloud 8:ardana-input-model-8.0+git.1589740934.0e0ad61-3.39.1.noarch", "SUSE OpenStack Cloud 8:ardana-logging-8.0+git.1591194866.b7375d0-3.24.1.noarch", "SUSE OpenStack Cloud 8:ardana-mq-8.0+git.1589715269.62ad6df-3.22.1.noarch", "SUSE OpenStack Cloud 8:ardana-neutron-8.0+git.1590756744.ba84abc-3.42.1.noarch", "SUSE OpenStack Cloud 8:ardana-octavia-8.0+git.1590100427.cf4cc8f-3.29.1.noarch", "SUSE OpenStack Cloud 8:ardana-osconfig-8.0+git.1587034587.eac37b8-3.45.1.noarch", "SUSE OpenStack Cloud 8:caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-installation-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-operations-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-opsconsole-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-planning-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-security-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-supplement-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-upstream-admin-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-upstream-user-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-user-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:grafana-4.6.5-4.9.1.x86_64", "SUSE OpenStack Cloud 8:kibana-4.6.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:openstack-dashboard-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud 8:openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1.noarch", "SUSE OpenStack Cloud 8:openstack-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-keystone-doc-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud 8:openstack-monasca-installer-20190923_16.32-3.12.1.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-dhcp-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-doc-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-ha-tool-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-l3-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-macvtap-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-metadata-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-metering-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-server-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-octavia-amphora-image-x86_64-0.1.4-3.12.2.noarch", "SUSE OpenStack Cloud 8:python-Django-1.11.23-3.15.1.noarch", "SUSE OpenStack Cloud 8:python-Flask-0.12.1-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-GitPython-2.1.8-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-Pillow-4.2.1-3.5.1.x86_64", "SUSE OpenStack Cloud 8:python-amqp-2.4.2-3.12.1.noarch", "SUSE OpenStack Cloud 8:python-apicapi-1.6.0-3.6.1.noarch", "SUSE OpenStack Cloud 8:python-horizon-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud 8:python-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud 8:python-keystoneauth1-3.1.2~dev2-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud 8:python-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:python-oslo.messaging-5.30.8-3.11.1.noarch", "SUSE OpenStack Cloud 8:python-psutil-5.2.2-3.3.1.x86_64", "SUSE OpenStack Cloud 8:python-pyroute2-0.4.21-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-pysaml2-4.0.2-5.6.1.noarch", "SUSE OpenStack Cloud 8:python-tooz-1.58.1-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud 8:storm-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:storm-nimbus-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:storm-supervisor-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:venv-openstack-aodh-x86_64-5.1.1~dev7-12.26.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-barbican-x86_64-5.0.2~dev3-12.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-ceilometer-x86_64-9.0.8~dev7-12.24.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-cinder-x86_64-11.2.3~dev23-14.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-designate-x86_64-5.0.3~dev7-12.25.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-freezer-x86_64-5.0.0.0~xrc2~dev2-10.22.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-glance-x86_64-15.0.3~dev3-12.25.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-heat-x86_64-9.0.8~dev22-12.27.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-horizon-x86_64-12.0.5~dev3-14.30.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-ironic-x86_64-9.1.8~dev8-12.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-keystone-x86_64-12.0.4~dev11-11.28.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-magnum-x86_64-5.0.2_5.0.2_5.0.2~dev31-11.26.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-manila-x86_64-5.1.1~dev5-12.31.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-monasca-ceilometer-x86_64-1.5.1_1.5.1_1.5.1~dev3-8.22.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-monasca-x86_64-2.2.2~dev1-11.22.3.noarch", "SUSE OpenStack Cloud 8:venv-openstack-murano-x86_64-4.0.2~dev2-12.22.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-neutron-x86_64-11.0.9~dev65-13.30.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-nova-x86_64-16.1.9~dev61-11.28.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-octavia-x86_64-1.0.6~dev3-12.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-sahara-x86_64-7.0.5~dev4-11.26.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-swift-x86_64-2.15.2_2.15.2_2.15.2~dev32-11.18.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-trove-x86_64-8.0.2~dev2-11.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:ansible-2.4.6.0-3.9.1.noarch", "SUSE OpenStack Cloud Crowbar 8:caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1.noarch", "SUSE OpenStack Cloud Crowbar 8:crowbar-core-5.0+git.1593156248.55bbdb26d-3.41.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:crowbar-core-branding-upstream-5.0+git.1593156248.55bbdb26d-3.41.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:crowbar-openstack-5.0+git.1593085772.64c4ab43c-4.40.2.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-deployment-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-supplement-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-upstream-admin-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-upstream-user-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:grafana-4.6.5-4.9.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kibana-4.6.3-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:openstack-dashboard-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-keystone-doc-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-monasca-installer-20190923_16.32-3.12.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-dhcp-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-doc-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-ha-tool-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-l3-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-macvtap-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-metadata-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-metering-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-server-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-octavia-amphora-image-x86_64-0.1.4-3.12.2.noarch", "SUSE OpenStack Cloud Crowbar 8:python-Django-1.11.23-3.15.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-Flask-0.12.1-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-Pillow-4.2.1-3.5.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:python-amqp-2.4.2-3.12.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-apicapi-1.6.0-3.6.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-horizon-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:python-keystoneauth1-3.1.2~dev2-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:python-oslo.messaging-5.30.8-3.11.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-psutil-5.2.2-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:python-pyroute2-0.4.21-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-pysaml2-4.0.2-5.6.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-tooz-1.58.1-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-crowbar-client-3.9.2-3.12.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-puma-2.16.0-3.9.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:storm-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:storm-nimbus-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:storm-supervisor-1.1.3-3.3.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2020-07-14T12:42:01Z", details: "important", }, ], title: "CVE-2019-16789", }, { cve: "CVE-2019-16792", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-16792", }, ], notes: [ { category: "general", text: "Waitress through version 1.3.1 allows request smuggling by sending the Content-Length header twice. Waitress would header fold a double Content-Length header and due to being unable to cast the now comma separated value to an integer would set the Content-Length to 0 internally. If two Content-Length headers are sent in a single request, Waitress would treat the request as having no body, thereby treating the body of the request as a new request in HTTP pipelining. This issue is fixed in Waitress 1.4.0.", title: "CVE description", }, ], product_status: { recommended: [ "HPE Helion OpenStack 8:ansible-2.4.6.0-3.9.1.noarch", "HPE Helion OpenStack 8:ansible1-1.9.6-7.3.1.noarch", "HPE Helion OpenStack 8:ardana-ansible-8.0+git.1589740980.6c3bcdc-3.73.1.noarch", "HPE Helion OpenStack 8:ardana-cluster-8.0+git.1585685203.3e71e49-3.36.1.noarch", "HPE Helion OpenStack 8:ardana-freezer-8.0+git.1586539529.b7d295f-3.21.1.noarch", "HPE Helion OpenStack 8:ardana-input-model-8.0+git.1589740934.0e0ad61-3.39.1.noarch", "HPE Helion OpenStack 8:ardana-logging-8.0+git.1591194866.b7375d0-3.24.1.noarch", "HPE Helion OpenStack 8:ardana-mq-8.0+git.1589715269.62ad6df-3.22.1.noarch", "HPE Helion OpenStack 8:ardana-neutron-8.0+git.1590756744.ba84abc-3.42.1.noarch", "HPE Helion OpenStack 8:ardana-octavia-8.0+git.1590100427.cf4cc8f-3.29.1.noarch", "HPE Helion OpenStack 8:ardana-osconfig-8.0+git.1587034587.eac37b8-3.45.1.noarch", "HPE Helion OpenStack 8:caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-installation-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-operations-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-opsconsole-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-planning-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-security-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-user-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:grafana-4.6.5-4.9.1.x86_64", "HPE Helion OpenStack 8:kibana-4.6.3-3.3.1.x86_64", "HPE Helion OpenStack 8:openstack-dashboard-12.0.5~dev3-3.26.1.noarch", "HPE Helion OpenStack 8:openstack-dashboard-theme-HPE-8+git.1523473653.6599ec8-3.3.1.noarch", "HPE Helion OpenStack 8:openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1.noarch", "HPE Helion OpenStack 8:openstack-keystone-12.0.4~dev11-5.33.2.noarch", "HPE Helion OpenStack 8:openstack-keystone-doc-12.0.4~dev11-5.33.2.noarch", "HPE Helion OpenStack 8:openstack-monasca-agent-2.2.6~dev4-3.18.1.noarch", "HPE Helion OpenStack 8:openstack-monasca-installer-20190923_16.32-3.12.1.noarch", "HPE Helion OpenStack 8:openstack-neutron-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-dhcp-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-doc-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-ha-tool-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-l3-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-macvtap-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-metadata-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-metering-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-server-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-octavia-amphora-image-x86_64-0.1.4-3.12.2.noarch", "HPE Helion OpenStack 8:python-Django-1.11.23-3.15.1.noarch", "HPE Helion OpenStack 8:python-Flask-0.12.1-3.3.1.noarch", "HPE Helion OpenStack 8:python-GitPython-2.1.8-3.3.1.noarch", "HPE Helion OpenStack 8:python-Pillow-4.2.1-3.5.1.x86_64", "HPE Helion OpenStack 8:python-amqp-2.4.2-3.12.1.noarch", "HPE Helion OpenStack 8:python-apicapi-1.6.0-3.6.1.noarch", "HPE Helion OpenStack 8:python-horizon-12.0.5~dev3-3.26.1.noarch", "HPE Helion OpenStack 8:python-keystone-12.0.4~dev11-5.33.2.noarch", "HPE Helion OpenStack 8:python-keystoneauth1-3.1.2~dev2-3.3.1.noarch", "HPE Helion OpenStack 8:python-monasca-agent-2.2.6~dev4-3.18.1.noarch", "HPE Helion OpenStack 8:python-neutron-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:python-oslo.messaging-5.30.8-3.11.1.noarch", "HPE Helion OpenStack 8:python-psutil-5.2.2-3.3.1.x86_64", "HPE Helion OpenStack 8:python-pyroute2-0.4.21-3.3.1.noarch", "HPE Helion OpenStack 8:python-pysaml2-4.0.2-5.6.1.noarch", "HPE Helion OpenStack 8:python-tooz-1.58.1-3.3.1.noarch", "HPE Helion OpenStack 8:python-waitress-1.4.3-3.3.1.noarch", "HPE Helion OpenStack 8:storm-1.1.3-3.3.1.x86_64", "HPE Helion OpenStack 8:storm-nimbus-1.1.3-3.3.1.x86_64", "HPE Helion OpenStack 8:storm-supervisor-1.1.3-3.3.1.x86_64", "HPE Helion OpenStack 8:venv-openstack-aodh-x86_64-5.1.1~dev7-12.26.2.noarch", "HPE Helion OpenStack 8:venv-openstack-barbican-x86_64-5.0.2~dev3-12.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-ceilometer-x86_64-9.0.8~dev7-12.24.2.noarch", "HPE Helion OpenStack 8:venv-openstack-cinder-x86_64-11.2.3~dev23-14.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-designate-x86_64-5.0.3~dev7-12.25.2.noarch", "HPE Helion OpenStack 8:venv-openstack-freezer-x86_64-5.0.0.0~xrc2~dev2-10.22.1.noarch", "HPE Helion OpenStack 8:venv-openstack-glance-x86_64-15.0.3~dev3-12.25.1.noarch", "HPE Helion OpenStack 8:venv-openstack-heat-x86_64-9.0.8~dev22-12.27.1.noarch", "HPE Helion OpenStack 8:venv-openstack-horizon-hpe-x86_64-12.0.5~dev3-14.30.1.noarch", "HPE Helion OpenStack 8:venv-openstack-ironic-x86_64-9.1.8~dev8-12.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-keystone-x86_64-12.0.4~dev11-11.28.2.noarch", "HPE Helion OpenStack 8:venv-openstack-magnum-x86_64-5.0.2_5.0.2_5.0.2~dev31-11.26.2.noarch", "HPE Helion OpenStack 8:venv-openstack-manila-x86_64-5.1.1~dev5-12.31.2.noarch", "HPE Helion OpenStack 8:venv-openstack-monasca-ceilometer-x86_64-1.5.1_1.5.1_1.5.1~dev3-8.22.2.noarch", "HPE Helion OpenStack 8:venv-openstack-monasca-x86_64-2.2.2~dev1-11.22.3.noarch", "HPE Helion OpenStack 8:venv-openstack-murano-x86_64-4.0.2~dev2-12.22.1.noarch", "HPE Helion OpenStack 8:venv-openstack-neutron-x86_64-11.0.9~dev65-13.30.2.noarch", "HPE Helion OpenStack 8:venv-openstack-nova-x86_64-16.1.9~dev61-11.28.2.noarch", "HPE Helion OpenStack 8:venv-openstack-octavia-x86_64-1.0.6~dev3-12.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-sahara-x86_64-7.0.5~dev4-11.26.2.noarch", "HPE Helion OpenStack 8:venv-openstack-swift-x86_64-2.15.2_2.15.2_2.15.2~dev32-11.18.1.noarch", "HPE Helion OpenStack 8:venv-openstack-trove-x86_64-8.0.2~dev2-11.26.1.noarch", "SUSE OpenStack Cloud 8:ansible-2.4.6.0-3.9.1.noarch", "SUSE OpenStack Cloud 8:ansible1-1.9.6-7.3.1.noarch", "SUSE OpenStack Cloud 8:ardana-ansible-8.0+git.1589740980.6c3bcdc-3.73.1.noarch", "SUSE OpenStack Cloud 8:ardana-cluster-8.0+git.1585685203.3e71e49-3.36.1.noarch", "SUSE OpenStack Cloud 8:ardana-freezer-8.0+git.1586539529.b7d295f-3.21.1.noarch", "SUSE OpenStack Cloud 8:ardana-input-model-8.0+git.1589740934.0e0ad61-3.39.1.noarch", "SUSE OpenStack Cloud 8:ardana-logging-8.0+git.1591194866.b7375d0-3.24.1.noarch", "SUSE OpenStack Cloud 8:ardana-mq-8.0+git.1589715269.62ad6df-3.22.1.noarch", "SUSE OpenStack Cloud 8:ardana-neutron-8.0+git.1590756744.ba84abc-3.42.1.noarch", "SUSE OpenStack Cloud 8:ardana-octavia-8.0+git.1590100427.cf4cc8f-3.29.1.noarch", "SUSE OpenStack Cloud 8:ardana-osconfig-8.0+git.1587034587.eac37b8-3.45.1.noarch", "SUSE OpenStack Cloud 8:caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-installation-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-operations-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-opsconsole-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-planning-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-security-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-supplement-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-upstream-admin-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-upstream-user-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-user-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:grafana-4.6.5-4.9.1.x86_64", "SUSE OpenStack Cloud 8:kibana-4.6.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:openstack-dashboard-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud 8:openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1.noarch", "SUSE OpenStack Cloud 8:openstack-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-keystone-doc-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud 8:openstack-monasca-installer-20190923_16.32-3.12.1.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-dhcp-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-doc-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-ha-tool-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-l3-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-macvtap-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-metadata-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-metering-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-server-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-octavia-amphora-image-x86_64-0.1.4-3.12.2.noarch", "SUSE OpenStack Cloud 8:python-Django-1.11.23-3.15.1.noarch", "SUSE OpenStack Cloud 8:python-Flask-0.12.1-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-GitPython-2.1.8-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-Pillow-4.2.1-3.5.1.x86_64", "SUSE OpenStack Cloud 8:python-amqp-2.4.2-3.12.1.noarch", "SUSE OpenStack Cloud 8:python-apicapi-1.6.0-3.6.1.noarch", "SUSE OpenStack Cloud 8:python-horizon-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud 8:python-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud 8:python-keystoneauth1-3.1.2~dev2-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud 8:python-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:python-oslo.messaging-5.30.8-3.11.1.noarch", "SUSE OpenStack Cloud 8:python-psutil-5.2.2-3.3.1.x86_64", "SUSE OpenStack Cloud 8:python-pyroute2-0.4.21-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-pysaml2-4.0.2-5.6.1.noarch", "SUSE OpenStack Cloud 8:python-tooz-1.58.1-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud 8:storm-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:storm-nimbus-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:storm-supervisor-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:venv-openstack-aodh-x86_64-5.1.1~dev7-12.26.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-barbican-x86_64-5.0.2~dev3-12.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-ceilometer-x86_64-9.0.8~dev7-12.24.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-cinder-x86_64-11.2.3~dev23-14.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-designate-x86_64-5.0.3~dev7-12.25.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-freezer-x86_64-5.0.0.0~xrc2~dev2-10.22.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-glance-x86_64-15.0.3~dev3-12.25.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-heat-x86_64-9.0.8~dev22-12.27.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-horizon-x86_64-12.0.5~dev3-14.30.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-ironic-x86_64-9.1.8~dev8-12.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-keystone-x86_64-12.0.4~dev11-11.28.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-magnum-x86_64-5.0.2_5.0.2_5.0.2~dev31-11.26.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-manila-x86_64-5.1.1~dev5-12.31.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-monasca-ceilometer-x86_64-1.5.1_1.5.1_1.5.1~dev3-8.22.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-monasca-x86_64-2.2.2~dev1-11.22.3.noarch", "SUSE OpenStack Cloud 8:venv-openstack-murano-x86_64-4.0.2~dev2-12.22.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-neutron-x86_64-11.0.9~dev65-13.30.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-nova-x86_64-16.1.9~dev61-11.28.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-octavia-x86_64-1.0.6~dev3-12.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-sahara-x86_64-7.0.5~dev4-11.26.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-swift-x86_64-2.15.2_2.15.2_2.15.2~dev32-11.18.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-trove-x86_64-8.0.2~dev2-11.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:ansible-2.4.6.0-3.9.1.noarch", "SUSE OpenStack Cloud Crowbar 8:caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1.noarch", "SUSE OpenStack Cloud Crowbar 8:crowbar-core-5.0+git.1593156248.55bbdb26d-3.41.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:crowbar-core-branding-upstream-5.0+git.1593156248.55bbdb26d-3.41.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:crowbar-openstack-5.0+git.1593085772.64c4ab43c-4.40.2.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-deployment-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-supplement-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-upstream-admin-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-upstream-user-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:grafana-4.6.5-4.9.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kibana-4.6.3-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:openstack-dashboard-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-keystone-doc-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-monasca-installer-20190923_16.32-3.12.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-dhcp-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-doc-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-ha-tool-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-l3-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-macvtap-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-metadata-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-metering-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-server-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-octavia-amphora-image-x86_64-0.1.4-3.12.2.noarch", "SUSE OpenStack Cloud Crowbar 8:python-Django-1.11.23-3.15.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-Flask-0.12.1-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-Pillow-4.2.1-3.5.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:python-amqp-2.4.2-3.12.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-apicapi-1.6.0-3.6.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-horizon-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:python-keystoneauth1-3.1.2~dev2-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:python-oslo.messaging-5.30.8-3.11.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-psutil-5.2.2-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:python-pyroute2-0.4.21-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-pysaml2-4.0.2-5.6.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-tooz-1.58.1-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-crowbar-client-3.9.2-3.12.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-puma-2.16.0-3.9.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:storm-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:storm-nimbus-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:storm-supervisor-1.1.3-3.3.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-16792", url: "https://www.suse.com/security/cve/CVE-2019-16792", }, { category: "external", summary: "SUSE Bug 1161670 for CVE-2019-16792", url: "https://bugzilla.suse.com/1161670", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "HPE Helion OpenStack 8:ansible-2.4.6.0-3.9.1.noarch", "HPE Helion OpenStack 8:ansible1-1.9.6-7.3.1.noarch", "HPE Helion OpenStack 8:ardana-ansible-8.0+git.1589740980.6c3bcdc-3.73.1.noarch", "HPE Helion OpenStack 8:ardana-cluster-8.0+git.1585685203.3e71e49-3.36.1.noarch", "HPE Helion OpenStack 8:ardana-freezer-8.0+git.1586539529.b7d295f-3.21.1.noarch", "HPE Helion OpenStack 8:ardana-input-model-8.0+git.1589740934.0e0ad61-3.39.1.noarch", "HPE Helion OpenStack 8:ardana-logging-8.0+git.1591194866.b7375d0-3.24.1.noarch", "HPE Helion OpenStack 8:ardana-mq-8.0+git.1589715269.62ad6df-3.22.1.noarch", "HPE Helion OpenStack 8:ardana-neutron-8.0+git.1590756744.ba84abc-3.42.1.noarch", "HPE Helion OpenStack 8:ardana-octavia-8.0+git.1590100427.cf4cc8f-3.29.1.noarch", "HPE Helion OpenStack 8:ardana-osconfig-8.0+git.1587034587.eac37b8-3.45.1.noarch", "HPE Helion OpenStack 8:caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-installation-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-operations-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-opsconsole-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-planning-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-security-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-user-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:grafana-4.6.5-4.9.1.x86_64", "HPE Helion OpenStack 8:kibana-4.6.3-3.3.1.x86_64", "HPE Helion OpenStack 8:openstack-dashboard-12.0.5~dev3-3.26.1.noarch", "HPE Helion OpenStack 8:openstack-dashboard-theme-HPE-8+git.1523473653.6599ec8-3.3.1.noarch", "HPE Helion OpenStack 8:openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1.noarch", "HPE Helion OpenStack 8:openstack-keystone-12.0.4~dev11-5.33.2.noarch", "HPE Helion OpenStack 8:openstack-keystone-doc-12.0.4~dev11-5.33.2.noarch", "HPE Helion OpenStack 8:openstack-monasca-agent-2.2.6~dev4-3.18.1.noarch", "HPE Helion OpenStack 8:openstack-monasca-installer-20190923_16.32-3.12.1.noarch", "HPE Helion OpenStack 8:openstack-neutron-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-dhcp-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-doc-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-ha-tool-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-l3-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-macvtap-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-metadata-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-metering-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-server-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-octavia-amphora-image-x86_64-0.1.4-3.12.2.noarch", "HPE Helion OpenStack 8:python-Django-1.11.23-3.15.1.noarch", "HPE Helion OpenStack 8:python-Flask-0.12.1-3.3.1.noarch", "HPE Helion OpenStack 8:python-GitPython-2.1.8-3.3.1.noarch", "HPE Helion OpenStack 8:python-Pillow-4.2.1-3.5.1.x86_64", "HPE Helion OpenStack 8:python-amqp-2.4.2-3.12.1.noarch", "HPE Helion OpenStack 8:python-apicapi-1.6.0-3.6.1.noarch", "HPE Helion OpenStack 8:python-horizon-12.0.5~dev3-3.26.1.noarch", "HPE Helion OpenStack 8:python-keystone-12.0.4~dev11-5.33.2.noarch", "HPE Helion OpenStack 8:python-keystoneauth1-3.1.2~dev2-3.3.1.noarch", "HPE Helion OpenStack 8:python-monasca-agent-2.2.6~dev4-3.18.1.noarch", "HPE Helion OpenStack 8:python-neutron-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:python-oslo.messaging-5.30.8-3.11.1.noarch", "HPE Helion OpenStack 8:python-psutil-5.2.2-3.3.1.x86_64", "HPE Helion OpenStack 8:python-pyroute2-0.4.21-3.3.1.noarch", "HPE Helion OpenStack 8:python-pysaml2-4.0.2-5.6.1.noarch", "HPE Helion OpenStack 8:python-tooz-1.58.1-3.3.1.noarch", "HPE Helion OpenStack 8:python-waitress-1.4.3-3.3.1.noarch", "HPE Helion OpenStack 8:storm-1.1.3-3.3.1.x86_64", "HPE Helion OpenStack 8:storm-nimbus-1.1.3-3.3.1.x86_64", "HPE Helion OpenStack 8:storm-supervisor-1.1.3-3.3.1.x86_64", "HPE Helion OpenStack 8:venv-openstack-aodh-x86_64-5.1.1~dev7-12.26.2.noarch", "HPE Helion OpenStack 8:venv-openstack-barbican-x86_64-5.0.2~dev3-12.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-ceilometer-x86_64-9.0.8~dev7-12.24.2.noarch", "HPE Helion OpenStack 8:venv-openstack-cinder-x86_64-11.2.3~dev23-14.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-designate-x86_64-5.0.3~dev7-12.25.2.noarch", "HPE Helion OpenStack 8:venv-openstack-freezer-x86_64-5.0.0.0~xrc2~dev2-10.22.1.noarch", "HPE Helion OpenStack 8:venv-openstack-glance-x86_64-15.0.3~dev3-12.25.1.noarch", "HPE Helion OpenStack 8:venv-openstack-heat-x86_64-9.0.8~dev22-12.27.1.noarch", "HPE Helion OpenStack 8:venv-openstack-horizon-hpe-x86_64-12.0.5~dev3-14.30.1.noarch", "HPE Helion OpenStack 8:venv-openstack-ironic-x86_64-9.1.8~dev8-12.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-keystone-x86_64-12.0.4~dev11-11.28.2.noarch", "HPE Helion OpenStack 8:venv-openstack-magnum-x86_64-5.0.2_5.0.2_5.0.2~dev31-11.26.2.noarch", "HPE Helion OpenStack 8:venv-openstack-manila-x86_64-5.1.1~dev5-12.31.2.noarch", "HPE Helion OpenStack 8:venv-openstack-monasca-ceilometer-x86_64-1.5.1_1.5.1_1.5.1~dev3-8.22.2.noarch", "HPE Helion OpenStack 8:venv-openstack-monasca-x86_64-2.2.2~dev1-11.22.3.noarch", "HPE Helion OpenStack 8:venv-openstack-murano-x86_64-4.0.2~dev2-12.22.1.noarch", "HPE Helion OpenStack 8:venv-openstack-neutron-x86_64-11.0.9~dev65-13.30.2.noarch", "HPE Helion OpenStack 8:venv-openstack-nova-x86_64-16.1.9~dev61-11.28.2.noarch", "HPE Helion OpenStack 8:venv-openstack-octavia-x86_64-1.0.6~dev3-12.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-sahara-x86_64-7.0.5~dev4-11.26.2.noarch", "HPE Helion OpenStack 8:venv-openstack-swift-x86_64-2.15.2_2.15.2_2.15.2~dev32-11.18.1.noarch", "HPE Helion OpenStack 8:venv-openstack-trove-x86_64-8.0.2~dev2-11.26.1.noarch", "SUSE OpenStack Cloud 8:ansible-2.4.6.0-3.9.1.noarch", "SUSE OpenStack Cloud 8:ansible1-1.9.6-7.3.1.noarch", "SUSE OpenStack Cloud 8:ardana-ansible-8.0+git.1589740980.6c3bcdc-3.73.1.noarch", "SUSE OpenStack Cloud 8:ardana-cluster-8.0+git.1585685203.3e71e49-3.36.1.noarch", "SUSE OpenStack Cloud 8:ardana-freezer-8.0+git.1586539529.b7d295f-3.21.1.noarch", "SUSE OpenStack Cloud 8:ardana-input-model-8.0+git.1589740934.0e0ad61-3.39.1.noarch", "SUSE OpenStack Cloud 8:ardana-logging-8.0+git.1591194866.b7375d0-3.24.1.noarch", "SUSE OpenStack Cloud 8:ardana-mq-8.0+git.1589715269.62ad6df-3.22.1.noarch", "SUSE OpenStack Cloud 8:ardana-neutron-8.0+git.1590756744.ba84abc-3.42.1.noarch", "SUSE OpenStack Cloud 8:ardana-octavia-8.0+git.1590100427.cf4cc8f-3.29.1.noarch", "SUSE OpenStack Cloud 8:ardana-osconfig-8.0+git.1587034587.eac37b8-3.45.1.noarch", "SUSE OpenStack Cloud 8:caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-installation-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-operations-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-opsconsole-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-planning-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-security-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-supplement-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-upstream-admin-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-upstream-user-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-user-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:grafana-4.6.5-4.9.1.x86_64", "SUSE OpenStack Cloud 8:kibana-4.6.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:openstack-dashboard-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud 8:openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1.noarch", "SUSE OpenStack Cloud 8:openstack-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-keystone-doc-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud 8:openstack-monasca-installer-20190923_16.32-3.12.1.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-dhcp-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-doc-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-ha-tool-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-l3-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-macvtap-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-metadata-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-metering-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-server-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-octavia-amphora-image-x86_64-0.1.4-3.12.2.noarch", "SUSE OpenStack Cloud 8:python-Django-1.11.23-3.15.1.noarch", "SUSE OpenStack Cloud 8:python-Flask-0.12.1-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-GitPython-2.1.8-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-Pillow-4.2.1-3.5.1.x86_64", "SUSE OpenStack Cloud 8:python-amqp-2.4.2-3.12.1.noarch", "SUSE OpenStack Cloud 8:python-apicapi-1.6.0-3.6.1.noarch", "SUSE OpenStack Cloud 8:python-horizon-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud 8:python-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud 8:python-keystoneauth1-3.1.2~dev2-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud 8:python-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:python-oslo.messaging-5.30.8-3.11.1.noarch", "SUSE OpenStack Cloud 8:python-psutil-5.2.2-3.3.1.x86_64", "SUSE OpenStack Cloud 8:python-pyroute2-0.4.21-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-pysaml2-4.0.2-5.6.1.noarch", "SUSE OpenStack Cloud 8:python-tooz-1.58.1-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud 8:storm-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:storm-nimbus-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:storm-supervisor-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:venv-openstack-aodh-x86_64-5.1.1~dev7-12.26.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-barbican-x86_64-5.0.2~dev3-12.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-ceilometer-x86_64-9.0.8~dev7-12.24.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-cinder-x86_64-11.2.3~dev23-14.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-designate-x86_64-5.0.3~dev7-12.25.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-freezer-x86_64-5.0.0.0~xrc2~dev2-10.22.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-glance-x86_64-15.0.3~dev3-12.25.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-heat-x86_64-9.0.8~dev22-12.27.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-horizon-x86_64-12.0.5~dev3-14.30.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-ironic-x86_64-9.1.8~dev8-12.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-keystone-x86_64-12.0.4~dev11-11.28.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-magnum-x86_64-5.0.2_5.0.2_5.0.2~dev31-11.26.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-manila-x86_64-5.1.1~dev5-12.31.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-monasca-ceilometer-x86_64-1.5.1_1.5.1_1.5.1~dev3-8.22.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-monasca-x86_64-2.2.2~dev1-11.22.3.noarch", "SUSE OpenStack Cloud 8:venv-openstack-murano-x86_64-4.0.2~dev2-12.22.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-neutron-x86_64-11.0.9~dev65-13.30.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-nova-x86_64-16.1.9~dev61-11.28.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-octavia-x86_64-1.0.6~dev3-12.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-sahara-x86_64-7.0.5~dev4-11.26.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-swift-x86_64-2.15.2_2.15.2_2.15.2~dev32-11.18.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-trove-x86_64-8.0.2~dev2-11.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:ansible-2.4.6.0-3.9.1.noarch", "SUSE OpenStack Cloud Crowbar 8:caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1.noarch", "SUSE OpenStack Cloud Crowbar 8:crowbar-core-5.0+git.1593156248.55bbdb26d-3.41.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:crowbar-core-branding-upstream-5.0+git.1593156248.55bbdb26d-3.41.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:crowbar-openstack-5.0+git.1593085772.64c4ab43c-4.40.2.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-deployment-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-supplement-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-upstream-admin-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-upstream-user-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:grafana-4.6.5-4.9.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kibana-4.6.3-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:openstack-dashboard-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-keystone-doc-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-monasca-installer-20190923_16.32-3.12.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-dhcp-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-doc-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-ha-tool-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-l3-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-macvtap-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-metadata-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-metering-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-server-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-octavia-amphora-image-x86_64-0.1.4-3.12.2.noarch", "SUSE OpenStack Cloud Crowbar 8:python-Django-1.11.23-3.15.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-Flask-0.12.1-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-Pillow-4.2.1-3.5.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:python-amqp-2.4.2-3.12.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-apicapi-1.6.0-3.6.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-horizon-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:python-keystoneauth1-3.1.2~dev2-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:python-oslo.messaging-5.30.8-3.11.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-psutil-5.2.2-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:python-pyroute2-0.4.21-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-pysaml2-4.0.2-5.6.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-tooz-1.58.1-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-crowbar-client-3.9.2-3.12.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-puma-2.16.0-3.9.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:storm-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:storm-nimbus-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:storm-supervisor-1.1.3-3.3.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N", version: "3.1", }, products: [ "HPE Helion OpenStack 8:ansible-2.4.6.0-3.9.1.noarch", "HPE Helion OpenStack 8:ansible1-1.9.6-7.3.1.noarch", "HPE Helion OpenStack 8:ardana-ansible-8.0+git.1589740980.6c3bcdc-3.73.1.noarch", "HPE Helion OpenStack 8:ardana-cluster-8.0+git.1585685203.3e71e49-3.36.1.noarch", "HPE Helion OpenStack 8:ardana-freezer-8.0+git.1586539529.b7d295f-3.21.1.noarch", "HPE Helion OpenStack 8:ardana-input-model-8.0+git.1589740934.0e0ad61-3.39.1.noarch", "HPE Helion OpenStack 8:ardana-logging-8.0+git.1591194866.b7375d0-3.24.1.noarch", "HPE Helion OpenStack 8:ardana-mq-8.0+git.1589715269.62ad6df-3.22.1.noarch", "HPE Helion OpenStack 8:ardana-neutron-8.0+git.1590756744.ba84abc-3.42.1.noarch", "HPE Helion OpenStack 8:ardana-octavia-8.0+git.1590100427.cf4cc8f-3.29.1.noarch", "HPE Helion OpenStack 8:ardana-osconfig-8.0+git.1587034587.eac37b8-3.45.1.noarch", "HPE Helion OpenStack 8:caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-installation-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-operations-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-opsconsole-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-planning-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-security-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-user-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:grafana-4.6.5-4.9.1.x86_64", "HPE Helion OpenStack 8:kibana-4.6.3-3.3.1.x86_64", "HPE Helion OpenStack 8:openstack-dashboard-12.0.5~dev3-3.26.1.noarch", "HPE Helion OpenStack 8:openstack-dashboard-theme-HPE-8+git.1523473653.6599ec8-3.3.1.noarch", "HPE Helion OpenStack 8:openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1.noarch", "HPE Helion OpenStack 8:openstack-keystone-12.0.4~dev11-5.33.2.noarch", "HPE Helion OpenStack 8:openstack-keystone-doc-12.0.4~dev11-5.33.2.noarch", "HPE Helion OpenStack 8:openstack-monasca-agent-2.2.6~dev4-3.18.1.noarch", "HPE Helion OpenStack 8:openstack-monasca-installer-20190923_16.32-3.12.1.noarch", "HPE Helion OpenStack 8:openstack-neutron-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-dhcp-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-doc-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-ha-tool-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-l3-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-macvtap-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-metadata-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-metering-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-server-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-octavia-amphora-image-x86_64-0.1.4-3.12.2.noarch", "HPE Helion OpenStack 8:python-Django-1.11.23-3.15.1.noarch", "HPE Helion OpenStack 8:python-Flask-0.12.1-3.3.1.noarch", "HPE Helion OpenStack 8:python-GitPython-2.1.8-3.3.1.noarch", "HPE Helion OpenStack 8:python-Pillow-4.2.1-3.5.1.x86_64", "HPE Helion OpenStack 8:python-amqp-2.4.2-3.12.1.noarch", "HPE Helion OpenStack 8:python-apicapi-1.6.0-3.6.1.noarch", "HPE Helion OpenStack 8:python-horizon-12.0.5~dev3-3.26.1.noarch", "HPE Helion OpenStack 8:python-keystone-12.0.4~dev11-5.33.2.noarch", "HPE Helion OpenStack 8:python-keystoneauth1-3.1.2~dev2-3.3.1.noarch", "HPE Helion OpenStack 8:python-monasca-agent-2.2.6~dev4-3.18.1.noarch", "HPE Helion OpenStack 8:python-neutron-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:python-oslo.messaging-5.30.8-3.11.1.noarch", "HPE Helion OpenStack 8:python-psutil-5.2.2-3.3.1.x86_64", "HPE Helion OpenStack 8:python-pyroute2-0.4.21-3.3.1.noarch", "HPE Helion OpenStack 8:python-pysaml2-4.0.2-5.6.1.noarch", "HPE Helion OpenStack 8:python-tooz-1.58.1-3.3.1.noarch", "HPE Helion OpenStack 8:python-waitress-1.4.3-3.3.1.noarch", "HPE Helion OpenStack 8:storm-1.1.3-3.3.1.x86_64", "HPE Helion OpenStack 8:storm-nimbus-1.1.3-3.3.1.x86_64", "HPE Helion OpenStack 8:storm-supervisor-1.1.3-3.3.1.x86_64", "HPE Helion OpenStack 8:venv-openstack-aodh-x86_64-5.1.1~dev7-12.26.2.noarch", "HPE Helion OpenStack 8:venv-openstack-barbican-x86_64-5.0.2~dev3-12.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-ceilometer-x86_64-9.0.8~dev7-12.24.2.noarch", "HPE Helion OpenStack 8:venv-openstack-cinder-x86_64-11.2.3~dev23-14.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-designate-x86_64-5.0.3~dev7-12.25.2.noarch", "HPE Helion OpenStack 8:venv-openstack-freezer-x86_64-5.0.0.0~xrc2~dev2-10.22.1.noarch", "HPE Helion OpenStack 8:venv-openstack-glance-x86_64-15.0.3~dev3-12.25.1.noarch", "HPE Helion OpenStack 8:venv-openstack-heat-x86_64-9.0.8~dev22-12.27.1.noarch", "HPE Helion OpenStack 8:venv-openstack-horizon-hpe-x86_64-12.0.5~dev3-14.30.1.noarch", "HPE Helion OpenStack 8:venv-openstack-ironic-x86_64-9.1.8~dev8-12.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-keystone-x86_64-12.0.4~dev11-11.28.2.noarch", "HPE Helion OpenStack 8:venv-openstack-magnum-x86_64-5.0.2_5.0.2_5.0.2~dev31-11.26.2.noarch", "HPE Helion OpenStack 8:venv-openstack-manila-x86_64-5.1.1~dev5-12.31.2.noarch", "HPE Helion OpenStack 8:venv-openstack-monasca-ceilometer-x86_64-1.5.1_1.5.1_1.5.1~dev3-8.22.2.noarch", "HPE Helion OpenStack 8:venv-openstack-monasca-x86_64-2.2.2~dev1-11.22.3.noarch", "HPE Helion OpenStack 8:venv-openstack-murano-x86_64-4.0.2~dev2-12.22.1.noarch", "HPE Helion OpenStack 8:venv-openstack-neutron-x86_64-11.0.9~dev65-13.30.2.noarch", "HPE Helion OpenStack 8:venv-openstack-nova-x86_64-16.1.9~dev61-11.28.2.noarch", "HPE Helion OpenStack 8:venv-openstack-octavia-x86_64-1.0.6~dev3-12.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-sahara-x86_64-7.0.5~dev4-11.26.2.noarch", "HPE Helion OpenStack 8:venv-openstack-swift-x86_64-2.15.2_2.15.2_2.15.2~dev32-11.18.1.noarch", "HPE Helion OpenStack 8:venv-openstack-trove-x86_64-8.0.2~dev2-11.26.1.noarch", "SUSE OpenStack Cloud 8:ansible-2.4.6.0-3.9.1.noarch", "SUSE OpenStack Cloud 8:ansible1-1.9.6-7.3.1.noarch", "SUSE OpenStack Cloud 8:ardana-ansible-8.0+git.1589740980.6c3bcdc-3.73.1.noarch", "SUSE OpenStack Cloud 8:ardana-cluster-8.0+git.1585685203.3e71e49-3.36.1.noarch", "SUSE OpenStack Cloud 8:ardana-freezer-8.0+git.1586539529.b7d295f-3.21.1.noarch", "SUSE OpenStack Cloud 8:ardana-input-model-8.0+git.1589740934.0e0ad61-3.39.1.noarch", "SUSE OpenStack Cloud 8:ardana-logging-8.0+git.1591194866.b7375d0-3.24.1.noarch", "SUSE OpenStack Cloud 8:ardana-mq-8.0+git.1589715269.62ad6df-3.22.1.noarch", "SUSE OpenStack Cloud 8:ardana-neutron-8.0+git.1590756744.ba84abc-3.42.1.noarch", "SUSE OpenStack Cloud 8:ardana-octavia-8.0+git.1590100427.cf4cc8f-3.29.1.noarch", "SUSE OpenStack Cloud 8:ardana-osconfig-8.0+git.1587034587.eac37b8-3.45.1.noarch", "SUSE OpenStack Cloud 8:caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-installation-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-operations-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-opsconsole-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-planning-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-security-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-supplement-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-upstream-admin-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-upstream-user-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-user-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:grafana-4.6.5-4.9.1.x86_64", "SUSE OpenStack Cloud 8:kibana-4.6.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:openstack-dashboard-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud 8:openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1.noarch", "SUSE OpenStack Cloud 8:openstack-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-keystone-doc-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud 8:openstack-monasca-installer-20190923_16.32-3.12.1.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-dhcp-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-doc-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-ha-tool-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-l3-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-macvtap-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-metadata-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-metering-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-server-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-octavia-amphora-image-x86_64-0.1.4-3.12.2.noarch", "SUSE OpenStack Cloud 8:python-Django-1.11.23-3.15.1.noarch", "SUSE OpenStack Cloud 8:python-Flask-0.12.1-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-GitPython-2.1.8-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-Pillow-4.2.1-3.5.1.x86_64", "SUSE OpenStack Cloud 8:python-amqp-2.4.2-3.12.1.noarch", "SUSE OpenStack Cloud 8:python-apicapi-1.6.0-3.6.1.noarch", "SUSE OpenStack Cloud 8:python-horizon-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud 8:python-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud 8:python-keystoneauth1-3.1.2~dev2-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud 8:python-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:python-oslo.messaging-5.30.8-3.11.1.noarch", "SUSE OpenStack Cloud 8:python-psutil-5.2.2-3.3.1.x86_64", "SUSE OpenStack Cloud 8:python-pyroute2-0.4.21-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-pysaml2-4.0.2-5.6.1.noarch", "SUSE OpenStack Cloud 8:python-tooz-1.58.1-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud 8:storm-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:storm-nimbus-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:storm-supervisor-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:venv-openstack-aodh-x86_64-5.1.1~dev7-12.26.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-barbican-x86_64-5.0.2~dev3-12.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-ceilometer-x86_64-9.0.8~dev7-12.24.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-cinder-x86_64-11.2.3~dev23-14.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-designate-x86_64-5.0.3~dev7-12.25.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-freezer-x86_64-5.0.0.0~xrc2~dev2-10.22.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-glance-x86_64-15.0.3~dev3-12.25.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-heat-x86_64-9.0.8~dev22-12.27.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-horizon-x86_64-12.0.5~dev3-14.30.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-ironic-x86_64-9.1.8~dev8-12.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-keystone-x86_64-12.0.4~dev11-11.28.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-magnum-x86_64-5.0.2_5.0.2_5.0.2~dev31-11.26.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-manila-x86_64-5.1.1~dev5-12.31.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-monasca-ceilometer-x86_64-1.5.1_1.5.1_1.5.1~dev3-8.22.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-monasca-x86_64-2.2.2~dev1-11.22.3.noarch", "SUSE OpenStack Cloud 8:venv-openstack-murano-x86_64-4.0.2~dev2-12.22.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-neutron-x86_64-11.0.9~dev65-13.30.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-nova-x86_64-16.1.9~dev61-11.28.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-octavia-x86_64-1.0.6~dev3-12.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-sahara-x86_64-7.0.5~dev4-11.26.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-swift-x86_64-2.15.2_2.15.2_2.15.2~dev32-11.18.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-trove-x86_64-8.0.2~dev2-11.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:ansible-2.4.6.0-3.9.1.noarch", "SUSE OpenStack Cloud Crowbar 8:caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1.noarch", "SUSE OpenStack Cloud Crowbar 8:crowbar-core-5.0+git.1593156248.55bbdb26d-3.41.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:crowbar-core-branding-upstream-5.0+git.1593156248.55bbdb26d-3.41.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:crowbar-openstack-5.0+git.1593085772.64c4ab43c-4.40.2.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-deployment-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-supplement-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-upstream-admin-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-upstream-user-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:grafana-4.6.5-4.9.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kibana-4.6.3-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:openstack-dashboard-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-keystone-doc-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-monasca-installer-20190923_16.32-3.12.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-dhcp-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-doc-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-ha-tool-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-l3-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-macvtap-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-metadata-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-metering-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-server-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-octavia-amphora-image-x86_64-0.1.4-3.12.2.noarch", "SUSE OpenStack Cloud Crowbar 8:python-Django-1.11.23-3.15.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-Flask-0.12.1-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-Pillow-4.2.1-3.5.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:python-amqp-2.4.2-3.12.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-apicapi-1.6.0-3.6.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-horizon-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:python-keystoneauth1-3.1.2~dev2-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:python-oslo.messaging-5.30.8-3.11.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-psutil-5.2.2-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:python-pyroute2-0.4.21-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-pysaml2-4.0.2-5.6.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-tooz-1.58.1-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-crowbar-client-3.9.2-3.12.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-puma-2.16.0-3.9.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:storm-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:storm-nimbus-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:storm-supervisor-1.1.3-3.3.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2020-07-14T12:42:01Z", details: "moderate", }, ], title: "CVE-2019-16792", }, { cve: "CVE-2019-16865", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-16865", }, ], notes: [ { category: "general", text: "An issue was discovered in Pillow before 6.2.0. When reading specially crafted invalid image files, the library can either allocate very large amounts of memory or take an extremely long period of time to process the image.", title: "CVE description", }, ], product_status: { recommended: [ "HPE Helion OpenStack 8:ansible-2.4.6.0-3.9.1.noarch", "HPE Helion OpenStack 8:ansible1-1.9.6-7.3.1.noarch", "HPE Helion OpenStack 8:ardana-ansible-8.0+git.1589740980.6c3bcdc-3.73.1.noarch", "HPE Helion OpenStack 8:ardana-cluster-8.0+git.1585685203.3e71e49-3.36.1.noarch", "HPE Helion OpenStack 8:ardana-freezer-8.0+git.1586539529.b7d295f-3.21.1.noarch", "HPE Helion OpenStack 8:ardana-input-model-8.0+git.1589740934.0e0ad61-3.39.1.noarch", "HPE Helion OpenStack 8:ardana-logging-8.0+git.1591194866.b7375d0-3.24.1.noarch", "HPE Helion OpenStack 8:ardana-mq-8.0+git.1589715269.62ad6df-3.22.1.noarch", "HPE Helion OpenStack 8:ardana-neutron-8.0+git.1590756744.ba84abc-3.42.1.noarch", "HPE Helion OpenStack 8:ardana-octavia-8.0+git.1590100427.cf4cc8f-3.29.1.noarch", "HPE Helion OpenStack 8:ardana-osconfig-8.0+git.1587034587.eac37b8-3.45.1.noarch", "HPE Helion OpenStack 8:caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-installation-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-operations-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-opsconsole-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-planning-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-security-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-user-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:grafana-4.6.5-4.9.1.x86_64", "HPE Helion OpenStack 8:kibana-4.6.3-3.3.1.x86_64", "HPE Helion OpenStack 8:openstack-dashboard-12.0.5~dev3-3.26.1.noarch", "HPE Helion OpenStack 8:openstack-dashboard-theme-HPE-8+git.1523473653.6599ec8-3.3.1.noarch", "HPE Helion OpenStack 8:openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1.noarch", "HPE Helion OpenStack 8:openstack-keystone-12.0.4~dev11-5.33.2.noarch", "HPE Helion OpenStack 8:openstack-keystone-doc-12.0.4~dev11-5.33.2.noarch", "HPE Helion OpenStack 8:openstack-monasca-agent-2.2.6~dev4-3.18.1.noarch", "HPE Helion OpenStack 8:openstack-monasca-installer-20190923_16.32-3.12.1.noarch", "HPE Helion OpenStack 8:openstack-neutron-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-dhcp-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-doc-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-ha-tool-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-l3-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-macvtap-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-metadata-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-metering-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-server-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-octavia-amphora-image-x86_64-0.1.4-3.12.2.noarch", "HPE Helion OpenStack 8:python-Django-1.11.23-3.15.1.noarch", "HPE Helion OpenStack 8:python-Flask-0.12.1-3.3.1.noarch", "HPE Helion OpenStack 8:python-GitPython-2.1.8-3.3.1.noarch", "HPE Helion OpenStack 8:python-Pillow-4.2.1-3.5.1.x86_64", "HPE Helion OpenStack 8:python-amqp-2.4.2-3.12.1.noarch", "HPE Helion OpenStack 8:python-apicapi-1.6.0-3.6.1.noarch", "HPE Helion OpenStack 8:python-horizon-12.0.5~dev3-3.26.1.noarch", "HPE Helion OpenStack 8:python-keystone-12.0.4~dev11-5.33.2.noarch", "HPE Helion OpenStack 8:python-keystoneauth1-3.1.2~dev2-3.3.1.noarch", "HPE Helion OpenStack 8:python-monasca-agent-2.2.6~dev4-3.18.1.noarch", "HPE Helion OpenStack 8:python-neutron-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:python-oslo.messaging-5.30.8-3.11.1.noarch", "HPE Helion OpenStack 8:python-psutil-5.2.2-3.3.1.x86_64", "HPE Helion OpenStack 8:python-pyroute2-0.4.21-3.3.1.noarch", "HPE Helion OpenStack 8:python-pysaml2-4.0.2-5.6.1.noarch", "HPE Helion OpenStack 8:python-tooz-1.58.1-3.3.1.noarch", "HPE Helion OpenStack 8:python-waitress-1.4.3-3.3.1.noarch", "HPE Helion OpenStack 8:storm-1.1.3-3.3.1.x86_64", "HPE Helion OpenStack 8:storm-nimbus-1.1.3-3.3.1.x86_64", "HPE Helion OpenStack 8:storm-supervisor-1.1.3-3.3.1.x86_64", "HPE Helion OpenStack 8:venv-openstack-aodh-x86_64-5.1.1~dev7-12.26.2.noarch", "HPE Helion OpenStack 8:venv-openstack-barbican-x86_64-5.0.2~dev3-12.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-ceilometer-x86_64-9.0.8~dev7-12.24.2.noarch", "HPE Helion OpenStack 8:venv-openstack-cinder-x86_64-11.2.3~dev23-14.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-designate-x86_64-5.0.3~dev7-12.25.2.noarch", "HPE Helion OpenStack 8:venv-openstack-freezer-x86_64-5.0.0.0~xrc2~dev2-10.22.1.noarch", "HPE Helion OpenStack 8:venv-openstack-glance-x86_64-15.0.3~dev3-12.25.1.noarch", "HPE Helion OpenStack 8:venv-openstack-heat-x86_64-9.0.8~dev22-12.27.1.noarch", "HPE Helion OpenStack 8:venv-openstack-horizon-hpe-x86_64-12.0.5~dev3-14.30.1.noarch", "HPE Helion OpenStack 8:venv-openstack-ironic-x86_64-9.1.8~dev8-12.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-keystone-x86_64-12.0.4~dev11-11.28.2.noarch", "HPE Helion OpenStack 8:venv-openstack-magnum-x86_64-5.0.2_5.0.2_5.0.2~dev31-11.26.2.noarch", "HPE Helion OpenStack 8:venv-openstack-manila-x86_64-5.1.1~dev5-12.31.2.noarch", "HPE Helion OpenStack 8:venv-openstack-monasca-ceilometer-x86_64-1.5.1_1.5.1_1.5.1~dev3-8.22.2.noarch", "HPE Helion OpenStack 8:venv-openstack-monasca-x86_64-2.2.2~dev1-11.22.3.noarch", "HPE Helion OpenStack 8:venv-openstack-murano-x86_64-4.0.2~dev2-12.22.1.noarch", "HPE Helion OpenStack 8:venv-openstack-neutron-x86_64-11.0.9~dev65-13.30.2.noarch", "HPE Helion OpenStack 8:venv-openstack-nova-x86_64-16.1.9~dev61-11.28.2.noarch", "HPE Helion OpenStack 8:venv-openstack-octavia-x86_64-1.0.6~dev3-12.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-sahara-x86_64-7.0.5~dev4-11.26.2.noarch", "HPE Helion OpenStack 8:venv-openstack-swift-x86_64-2.15.2_2.15.2_2.15.2~dev32-11.18.1.noarch", "HPE Helion OpenStack 8:venv-openstack-trove-x86_64-8.0.2~dev2-11.26.1.noarch", "SUSE OpenStack Cloud 8:ansible-2.4.6.0-3.9.1.noarch", "SUSE OpenStack Cloud 8:ansible1-1.9.6-7.3.1.noarch", "SUSE OpenStack Cloud 8:ardana-ansible-8.0+git.1589740980.6c3bcdc-3.73.1.noarch", "SUSE OpenStack Cloud 8:ardana-cluster-8.0+git.1585685203.3e71e49-3.36.1.noarch", "SUSE OpenStack Cloud 8:ardana-freezer-8.0+git.1586539529.b7d295f-3.21.1.noarch", "SUSE OpenStack Cloud 8:ardana-input-model-8.0+git.1589740934.0e0ad61-3.39.1.noarch", "SUSE OpenStack Cloud 8:ardana-logging-8.0+git.1591194866.b7375d0-3.24.1.noarch", "SUSE OpenStack Cloud 8:ardana-mq-8.0+git.1589715269.62ad6df-3.22.1.noarch", "SUSE OpenStack Cloud 8:ardana-neutron-8.0+git.1590756744.ba84abc-3.42.1.noarch", "SUSE OpenStack Cloud 8:ardana-octavia-8.0+git.1590100427.cf4cc8f-3.29.1.noarch", "SUSE OpenStack Cloud 8:ardana-osconfig-8.0+git.1587034587.eac37b8-3.45.1.noarch", "SUSE OpenStack Cloud 8:caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-installation-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-operations-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-opsconsole-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-planning-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-security-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-supplement-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-upstream-admin-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-upstream-user-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-user-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:grafana-4.6.5-4.9.1.x86_64", "SUSE OpenStack Cloud 8:kibana-4.6.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:openstack-dashboard-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud 8:openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1.noarch", "SUSE OpenStack Cloud 8:openstack-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-keystone-doc-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud 8:openstack-monasca-installer-20190923_16.32-3.12.1.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-dhcp-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-doc-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-ha-tool-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-l3-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-macvtap-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-metadata-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-metering-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-server-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-octavia-amphora-image-x86_64-0.1.4-3.12.2.noarch", "SUSE OpenStack Cloud 8:python-Django-1.11.23-3.15.1.noarch", "SUSE OpenStack Cloud 8:python-Flask-0.12.1-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-GitPython-2.1.8-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-Pillow-4.2.1-3.5.1.x86_64", "SUSE OpenStack Cloud 8:python-amqp-2.4.2-3.12.1.noarch", "SUSE OpenStack Cloud 8:python-apicapi-1.6.0-3.6.1.noarch", "SUSE OpenStack Cloud 8:python-horizon-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud 8:python-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud 8:python-keystoneauth1-3.1.2~dev2-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud 8:python-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:python-oslo.messaging-5.30.8-3.11.1.noarch", "SUSE OpenStack Cloud 8:python-psutil-5.2.2-3.3.1.x86_64", "SUSE OpenStack Cloud 8:python-pyroute2-0.4.21-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-pysaml2-4.0.2-5.6.1.noarch", "SUSE OpenStack Cloud 8:python-tooz-1.58.1-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud 8:storm-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:storm-nimbus-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:storm-supervisor-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:venv-openstack-aodh-x86_64-5.1.1~dev7-12.26.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-barbican-x86_64-5.0.2~dev3-12.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-ceilometer-x86_64-9.0.8~dev7-12.24.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-cinder-x86_64-11.2.3~dev23-14.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-designate-x86_64-5.0.3~dev7-12.25.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-freezer-x86_64-5.0.0.0~xrc2~dev2-10.22.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-glance-x86_64-15.0.3~dev3-12.25.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-heat-x86_64-9.0.8~dev22-12.27.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-horizon-x86_64-12.0.5~dev3-14.30.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-ironic-x86_64-9.1.8~dev8-12.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-keystone-x86_64-12.0.4~dev11-11.28.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-magnum-x86_64-5.0.2_5.0.2_5.0.2~dev31-11.26.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-manila-x86_64-5.1.1~dev5-12.31.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-monasca-ceilometer-x86_64-1.5.1_1.5.1_1.5.1~dev3-8.22.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-monasca-x86_64-2.2.2~dev1-11.22.3.noarch", "SUSE OpenStack Cloud 8:venv-openstack-murano-x86_64-4.0.2~dev2-12.22.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-neutron-x86_64-11.0.9~dev65-13.30.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-nova-x86_64-16.1.9~dev61-11.28.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-octavia-x86_64-1.0.6~dev3-12.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-sahara-x86_64-7.0.5~dev4-11.26.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-swift-x86_64-2.15.2_2.15.2_2.15.2~dev32-11.18.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-trove-x86_64-8.0.2~dev2-11.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:ansible-2.4.6.0-3.9.1.noarch", "SUSE OpenStack Cloud Crowbar 8:caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1.noarch", "SUSE OpenStack Cloud Crowbar 8:crowbar-core-5.0+git.1593156248.55bbdb26d-3.41.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:crowbar-core-branding-upstream-5.0+git.1593156248.55bbdb26d-3.41.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:crowbar-openstack-5.0+git.1593085772.64c4ab43c-4.40.2.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-deployment-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-supplement-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-upstream-admin-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-upstream-user-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:grafana-4.6.5-4.9.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kibana-4.6.3-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:openstack-dashboard-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-keystone-doc-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-monasca-installer-20190923_16.32-3.12.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-dhcp-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-doc-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-ha-tool-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-l3-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-macvtap-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-metadata-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-metering-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-server-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-octavia-amphora-image-x86_64-0.1.4-3.12.2.noarch", "SUSE OpenStack Cloud Crowbar 8:python-Django-1.11.23-3.15.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-Flask-0.12.1-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-Pillow-4.2.1-3.5.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:python-amqp-2.4.2-3.12.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-apicapi-1.6.0-3.6.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-horizon-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:python-keystoneauth1-3.1.2~dev2-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:python-oslo.messaging-5.30.8-3.11.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-psutil-5.2.2-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:python-pyroute2-0.4.21-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-pysaml2-4.0.2-5.6.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-tooz-1.58.1-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-crowbar-client-3.9.2-3.12.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-puma-2.16.0-3.9.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:storm-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:storm-nimbus-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:storm-supervisor-1.1.3-3.3.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-16865", url: "https://www.suse.com/security/cve/CVE-2019-16865", }, { category: "external", summary: "SUSE Bug 1153191 for CVE-2019-16865", url: "https://bugzilla.suse.com/1153191", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "HPE Helion OpenStack 8:ansible-2.4.6.0-3.9.1.noarch", "HPE Helion OpenStack 8:ansible1-1.9.6-7.3.1.noarch", "HPE Helion OpenStack 8:ardana-ansible-8.0+git.1589740980.6c3bcdc-3.73.1.noarch", "HPE Helion OpenStack 8:ardana-cluster-8.0+git.1585685203.3e71e49-3.36.1.noarch", "HPE Helion OpenStack 8:ardana-freezer-8.0+git.1586539529.b7d295f-3.21.1.noarch", "HPE Helion OpenStack 8:ardana-input-model-8.0+git.1589740934.0e0ad61-3.39.1.noarch", "HPE Helion OpenStack 8:ardana-logging-8.0+git.1591194866.b7375d0-3.24.1.noarch", "HPE Helion OpenStack 8:ardana-mq-8.0+git.1589715269.62ad6df-3.22.1.noarch", "HPE Helion OpenStack 8:ardana-neutron-8.0+git.1590756744.ba84abc-3.42.1.noarch", "HPE Helion OpenStack 8:ardana-octavia-8.0+git.1590100427.cf4cc8f-3.29.1.noarch", "HPE Helion OpenStack 8:ardana-osconfig-8.0+git.1587034587.eac37b8-3.45.1.noarch", "HPE Helion OpenStack 8:caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-installation-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-operations-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-opsconsole-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-planning-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-security-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-user-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:grafana-4.6.5-4.9.1.x86_64", "HPE Helion OpenStack 8:kibana-4.6.3-3.3.1.x86_64", "HPE Helion OpenStack 8:openstack-dashboard-12.0.5~dev3-3.26.1.noarch", "HPE Helion OpenStack 8:openstack-dashboard-theme-HPE-8+git.1523473653.6599ec8-3.3.1.noarch", "HPE Helion OpenStack 8:openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1.noarch", "HPE Helion OpenStack 8:openstack-keystone-12.0.4~dev11-5.33.2.noarch", "HPE Helion OpenStack 8:openstack-keystone-doc-12.0.4~dev11-5.33.2.noarch", "HPE Helion OpenStack 8:openstack-monasca-agent-2.2.6~dev4-3.18.1.noarch", "HPE Helion OpenStack 8:openstack-monasca-installer-20190923_16.32-3.12.1.noarch", "HPE Helion OpenStack 8:openstack-neutron-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-dhcp-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-doc-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-ha-tool-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-l3-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-macvtap-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-metadata-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-metering-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-server-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-octavia-amphora-image-x86_64-0.1.4-3.12.2.noarch", "HPE Helion OpenStack 8:python-Django-1.11.23-3.15.1.noarch", "HPE Helion OpenStack 8:python-Flask-0.12.1-3.3.1.noarch", "HPE Helion OpenStack 8:python-GitPython-2.1.8-3.3.1.noarch", "HPE Helion OpenStack 8:python-Pillow-4.2.1-3.5.1.x86_64", "HPE Helion OpenStack 8:python-amqp-2.4.2-3.12.1.noarch", "HPE Helion OpenStack 8:python-apicapi-1.6.0-3.6.1.noarch", "HPE Helion OpenStack 8:python-horizon-12.0.5~dev3-3.26.1.noarch", "HPE Helion OpenStack 8:python-keystone-12.0.4~dev11-5.33.2.noarch", "HPE Helion OpenStack 8:python-keystoneauth1-3.1.2~dev2-3.3.1.noarch", "HPE Helion OpenStack 8:python-monasca-agent-2.2.6~dev4-3.18.1.noarch", "HPE Helion OpenStack 8:python-neutron-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:python-oslo.messaging-5.30.8-3.11.1.noarch", "HPE Helion OpenStack 8:python-psutil-5.2.2-3.3.1.x86_64", "HPE Helion OpenStack 8:python-pyroute2-0.4.21-3.3.1.noarch", "HPE Helion OpenStack 8:python-pysaml2-4.0.2-5.6.1.noarch", "HPE Helion OpenStack 8:python-tooz-1.58.1-3.3.1.noarch", "HPE Helion OpenStack 8:python-waitress-1.4.3-3.3.1.noarch", "HPE Helion OpenStack 8:storm-1.1.3-3.3.1.x86_64", "HPE Helion OpenStack 8:storm-nimbus-1.1.3-3.3.1.x86_64", "HPE Helion OpenStack 8:storm-supervisor-1.1.3-3.3.1.x86_64", "HPE Helion OpenStack 8:venv-openstack-aodh-x86_64-5.1.1~dev7-12.26.2.noarch", "HPE Helion OpenStack 8:venv-openstack-barbican-x86_64-5.0.2~dev3-12.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-ceilometer-x86_64-9.0.8~dev7-12.24.2.noarch", "HPE Helion OpenStack 8:venv-openstack-cinder-x86_64-11.2.3~dev23-14.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-designate-x86_64-5.0.3~dev7-12.25.2.noarch", "HPE Helion OpenStack 8:venv-openstack-freezer-x86_64-5.0.0.0~xrc2~dev2-10.22.1.noarch", "HPE Helion OpenStack 8:venv-openstack-glance-x86_64-15.0.3~dev3-12.25.1.noarch", "HPE Helion OpenStack 8:venv-openstack-heat-x86_64-9.0.8~dev22-12.27.1.noarch", "HPE Helion OpenStack 8:venv-openstack-horizon-hpe-x86_64-12.0.5~dev3-14.30.1.noarch", "HPE Helion OpenStack 8:venv-openstack-ironic-x86_64-9.1.8~dev8-12.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-keystone-x86_64-12.0.4~dev11-11.28.2.noarch", "HPE Helion OpenStack 8:venv-openstack-magnum-x86_64-5.0.2_5.0.2_5.0.2~dev31-11.26.2.noarch", "HPE Helion OpenStack 8:venv-openstack-manila-x86_64-5.1.1~dev5-12.31.2.noarch", "HPE Helion OpenStack 8:venv-openstack-monasca-ceilometer-x86_64-1.5.1_1.5.1_1.5.1~dev3-8.22.2.noarch", "HPE Helion OpenStack 8:venv-openstack-monasca-x86_64-2.2.2~dev1-11.22.3.noarch", "HPE Helion OpenStack 8:venv-openstack-murano-x86_64-4.0.2~dev2-12.22.1.noarch", "HPE Helion OpenStack 8:venv-openstack-neutron-x86_64-11.0.9~dev65-13.30.2.noarch", "HPE Helion OpenStack 8:venv-openstack-nova-x86_64-16.1.9~dev61-11.28.2.noarch", "HPE Helion OpenStack 8:venv-openstack-octavia-x86_64-1.0.6~dev3-12.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-sahara-x86_64-7.0.5~dev4-11.26.2.noarch", "HPE Helion OpenStack 8:venv-openstack-swift-x86_64-2.15.2_2.15.2_2.15.2~dev32-11.18.1.noarch", "HPE Helion OpenStack 8:venv-openstack-trove-x86_64-8.0.2~dev2-11.26.1.noarch", "SUSE OpenStack Cloud 8:ansible-2.4.6.0-3.9.1.noarch", "SUSE OpenStack Cloud 8:ansible1-1.9.6-7.3.1.noarch", "SUSE OpenStack Cloud 8:ardana-ansible-8.0+git.1589740980.6c3bcdc-3.73.1.noarch", "SUSE OpenStack Cloud 8:ardana-cluster-8.0+git.1585685203.3e71e49-3.36.1.noarch", "SUSE OpenStack Cloud 8:ardana-freezer-8.0+git.1586539529.b7d295f-3.21.1.noarch", "SUSE OpenStack Cloud 8:ardana-input-model-8.0+git.1589740934.0e0ad61-3.39.1.noarch", "SUSE OpenStack Cloud 8:ardana-logging-8.0+git.1591194866.b7375d0-3.24.1.noarch", "SUSE OpenStack Cloud 8:ardana-mq-8.0+git.1589715269.62ad6df-3.22.1.noarch", "SUSE OpenStack Cloud 8:ardana-neutron-8.0+git.1590756744.ba84abc-3.42.1.noarch", "SUSE OpenStack Cloud 8:ardana-octavia-8.0+git.1590100427.cf4cc8f-3.29.1.noarch", "SUSE OpenStack Cloud 8:ardana-osconfig-8.0+git.1587034587.eac37b8-3.45.1.noarch", "SUSE OpenStack Cloud 8:caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-installation-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-operations-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-opsconsole-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-planning-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-security-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-supplement-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-upstream-admin-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-upstream-user-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-user-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:grafana-4.6.5-4.9.1.x86_64", "SUSE OpenStack Cloud 8:kibana-4.6.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:openstack-dashboard-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud 8:openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1.noarch", "SUSE OpenStack Cloud 8:openstack-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-keystone-doc-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud 8:openstack-monasca-installer-20190923_16.32-3.12.1.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-dhcp-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-doc-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-ha-tool-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-l3-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-macvtap-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-metadata-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-metering-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-server-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-octavia-amphora-image-x86_64-0.1.4-3.12.2.noarch", "SUSE OpenStack Cloud 8:python-Django-1.11.23-3.15.1.noarch", "SUSE OpenStack Cloud 8:python-Flask-0.12.1-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-GitPython-2.1.8-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-Pillow-4.2.1-3.5.1.x86_64", "SUSE OpenStack Cloud 8:python-amqp-2.4.2-3.12.1.noarch", "SUSE OpenStack Cloud 8:python-apicapi-1.6.0-3.6.1.noarch", "SUSE OpenStack Cloud 8:python-horizon-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud 8:python-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud 8:python-keystoneauth1-3.1.2~dev2-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud 8:python-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:python-oslo.messaging-5.30.8-3.11.1.noarch", "SUSE OpenStack Cloud 8:python-psutil-5.2.2-3.3.1.x86_64", "SUSE OpenStack Cloud 8:python-pyroute2-0.4.21-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-pysaml2-4.0.2-5.6.1.noarch", "SUSE OpenStack Cloud 8:python-tooz-1.58.1-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud 8:storm-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:storm-nimbus-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:storm-supervisor-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:venv-openstack-aodh-x86_64-5.1.1~dev7-12.26.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-barbican-x86_64-5.0.2~dev3-12.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-ceilometer-x86_64-9.0.8~dev7-12.24.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-cinder-x86_64-11.2.3~dev23-14.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-designate-x86_64-5.0.3~dev7-12.25.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-freezer-x86_64-5.0.0.0~xrc2~dev2-10.22.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-glance-x86_64-15.0.3~dev3-12.25.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-heat-x86_64-9.0.8~dev22-12.27.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-horizon-x86_64-12.0.5~dev3-14.30.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-ironic-x86_64-9.1.8~dev8-12.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-keystone-x86_64-12.0.4~dev11-11.28.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-magnum-x86_64-5.0.2_5.0.2_5.0.2~dev31-11.26.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-manila-x86_64-5.1.1~dev5-12.31.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-monasca-ceilometer-x86_64-1.5.1_1.5.1_1.5.1~dev3-8.22.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-monasca-x86_64-2.2.2~dev1-11.22.3.noarch", "SUSE OpenStack Cloud 8:venv-openstack-murano-x86_64-4.0.2~dev2-12.22.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-neutron-x86_64-11.0.9~dev65-13.30.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-nova-x86_64-16.1.9~dev61-11.28.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-octavia-x86_64-1.0.6~dev3-12.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-sahara-x86_64-7.0.5~dev4-11.26.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-swift-x86_64-2.15.2_2.15.2_2.15.2~dev32-11.18.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-trove-x86_64-8.0.2~dev2-11.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:ansible-2.4.6.0-3.9.1.noarch", "SUSE OpenStack Cloud Crowbar 8:caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1.noarch", "SUSE OpenStack Cloud Crowbar 8:crowbar-core-5.0+git.1593156248.55bbdb26d-3.41.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:crowbar-core-branding-upstream-5.0+git.1593156248.55bbdb26d-3.41.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:crowbar-openstack-5.0+git.1593085772.64c4ab43c-4.40.2.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-deployment-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-supplement-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-upstream-admin-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-upstream-user-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:grafana-4.6.5-4.9.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kibana-4.6.3-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:openstack-dashboard-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-keystone-doc-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-monasca-installer-20190923_16.32-3.12.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-dhcp-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-doc-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-ha-tool-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-l3-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-macvtap-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-metadata-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-metering-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-server-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-octavia-amphora-image-x86_64-0.1.4-3.12.2.noarch", "SUSE OpenStack Cloud Crowbar 8:python-Django-1.11.23-3.15.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-Flask-0.12.1-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-Pillow-4.2.1-3.5.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:python-amqp-2.4.2-3.12.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-apicapi-1.6.0-3.6.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-horizon-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:python-keystoneauth1-3.1.2~dev2-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:python-oslo.messaging-5.30.8-3.11.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-psutil-5.2.2-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:python-pyroute2-0.4.21-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-pysaml2-4.0.2-5.6.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-tooz-1.58.1-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-crowbar-client-3.9.2-3.12.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-puma-2.16.0-3.9.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:storm-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:storm-nimbus-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:storm-supervisor-1.1.3-3.3.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "HPE Helion OpenStack 8:ansible-2.4.6.0-3.9.1.noarch", "HPE Helion OpenStack 8:ansible1-1.9.6-7.3.1.noarch", "HPE Helion OpenStack 8:ardana-ansible-8.0+git.1589740980.6c3bcdc-3.73.1.noarch", "HPE Helion OpenStack 8:ardana-cluster-8.0+git.1585685203.3e71e49-3.36.1.noarch", "HPE Helion OpenStack 8:ardana-freezer-8.0+git.1586539529.b7d295f-3.21.1.noarch", "HPE Helion OpenStack 8:ardana-input-model-8.0+git.1589740934.0e0ad61-3.39.1.noarch", "HPE Helion OpenStack 8:ardana-logging-8.0+git.1591194866.b7375d0-3.24.1.noarch", "HPE Helion OpenStack 8:ardana-mq-8.0+git.1589715269.62ad6df-3.22.1.noarch", "HPE Helion OpenStack 8:ardana-neutron-8.0+git.1590756744.ba84abc-3.42.1.noarch", "HPE Helion OpenStack 8:ardana-octavia-8.0+git.1590100427.cf4cc8f-3.29.1.noarch", "HPE Helion OpenStack 8:ardana-osconfig-8.0+git.1587034587.eac37b8-3.45.1.noarch", "HPE Helion OpenStack 8:caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-installation-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-operations-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-opsconsole-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-planning-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-security-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-user-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:grafana-4.6.5-4.9.1.x86_64", "HPE Helion OpenStack 8:kibana-4.6.3-3.3.1.x86_64", "HPE Helion OpenStack 8:openstack-dashboard-12.0.5~dev3-3.26.1.noarch", "HPE Helion OpenStack 8:openstack-dashboard-theme-HPE-8+git.1523473653.6599ec8-3.3.1.noarch", "HPE Helion OpenStack 8:openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1.noarch", "HPE Helion OpenStack 8:openstack-keystone-12.0.4~dev11-5.33.2.noarch", "HPE Helion OpenStack 8:openstack-keystone-doc-12.0.4~dev11-5.33.2.noarch", "HPE Helion OpenStack 8:openstack-monasca-agent-2.2.6~dev4-3.18.1.noarch", "HPE Helion OpenStack 8:openstack-monasca-installer-20190923_16.32-3.12.1.noarch", "HPE Helion OpenStack 8:openstack-neutron-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-dhcp-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-doc-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-ha-tool-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-l3-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-macvtap-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-metadata-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-metering-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-server-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-octavia-amphora-image-x86_64-0.1.4-3.12.2.noarch", "HPE Helion OpenStack 8:python-Django-1.11.23-3.15.1.noarch", "HPE Helion OpenStack 8:python-Flask-0.12.1-3.3.1.noarch", "HPE Helion OpenStack 8:python-GitPython-2.1.8-3.3.1.noarch", "HPE Helion OpenStack 8:python-Pillow-4.2.1-3.5.1.x86_64", "HPE Helion OpenStack 8:python-amqp-2.4.2-3.12.1.noarch", "HPE Helion OpenStack 8:python-apicapi-1.6.0-3.6.1.noarch", "HPE Helion OpenStack 8:python-horizon-12.0.5~dev3-3.26.1.noarch", "HPE Helion OpenStack 8:python-keystone-12.0.4~dev11-5.33.2.noarch", "HPE Helion OpenStack 8:python-keystoneauth1-3.1.2~dev2-3.3.1.noarch", "HPE Helion OpenStack 8:python-monasca-agent-2.2.6~dev4-3.18.1.noarch", "HPE Helion OpenStack 8:python-neutron-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:python-oslo.messaging-5.30.8-3.11.1.noarch", "HPE Helion OpenStack 8:python-psutil-5.2.2-3.3.1.x86_64", "HPE Helion OpenStack 8:python-pyroute2-0.4.21-3.3.1.noarch", "HPE Helion OpenStack 8:python-pysaml2-4.0.2-5.6.1.noarch", "HPE Helion OpenStack 8:python-tooz-1.58.1-3.3.1.noarch", "HPE Helion OpenStack 8:python-waitress-1.4.3-3.3.1.noarch", "HPE Helion OpenStack 8:storm-1.1.3-3.3.1.x86_64", "HPE Helion OpenStack 8:storm-nimbus-1.1.3-3.3.1.x86_64", "HPE Helion OpenStack 8:storm-supervisor-1.1.3-3.3.1.x86_64", "HPE Helion OpenStack 8:venv-openstack-aodh-x86_64-5.1.1~dev7-12.26.2.noarch", "HPE Helion OpenStack 8:venv-openstack-barbican-x86_64-5.0.2~dev3-12.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-ceilometer-x86_64-9.0.8~dev7-12.24.2.noarch", "HPE Helion OpenStack 8:venv-openstack-cinder-x86_64-11.2.3~dev23-14.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-designate-x86_64-5.0.3~dev7-12.25.2.noarch", "HPE Helion OpenStack 8:venv-openstack-freezer-x86_64-5.0.0.0~xrc2~dev2-10.22.1.noarch", "HPE Helion OpenStack 8:venv-openstack-glance-x86_64-15.0.3~dev3-12.25.1.noarch", "HPE Helion OpenStack 8:venv-openstack-heat-x86_64-9.0.8~dev22-12.27.1.noarch", "HPE Helion OpenStack 8:venv-openstack-horizon-hpe-x86_64-12.0.5~dev3-14.30.1.noarch", "HPE Helion OpenStack 8:venv-openstack-ironic-x86_64-9.1.8~dev8-12.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-keystone-x86_64-12.0.4~dev11-11.28.2.noarch", "HPE Helion OpenStack 8:venv-openstack-magnum-x86_64-5.0.2_5.0.2_5.0.2~dev31-11.26.2.noarch", "HPE Helion OpenStack 8:venv-openstack-manila-x86_64-5.1.1~dev5-12.31.2.noarch", "HPE Helion OpenStack 8:venv-openstack-monasca-ceilometer-x86_64-1.5.1_1.5.1_1.5.1~dev3-8.22.2.noarch", "HPE Helion OpenStack 8:venv-openstack-monasca-x86_64-2.2.2~dev1-11.22.3.noarch", "HPE Helion OpenStack 8:venv-openstack-murano-x86_64-4.0.2~dev2-12.22.1.noarch", "HPE Helion OpenStack 8:venv-openstack-neutron-x86_64-11.0.9~dev65-13.30.2.noarch", "HPE Helion OpenStack 8:venv-openstack-nova-x86_64-16.1.9~dev61-11.28.2.noarch", "HPE Helion OpenStack 8:venv-openstack-octavia-x86_64-1.0.6~dev3-12.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-sahara-x86_64-7.0.5~dev4-11.26.2.noarch", "HPE Helion OpenStack 8:venv-openstack-swift-x86_64-2.15.2_2.15.2_2.15.2~dev32-11.18.1.noarch", "HPE Helion OpenStack 8:venv-openstack-trove-x86_64-8.0.2~dev2-11.26.1.noarch", "SUSE OpenStack Cloud 8:ansible-2.4.6.0-3.9.1.noarch", "SUSE OpenStack Cloud 8:ansible1-1.9.6-7.3.1.noarch", "SUSE OpenStack Cloud 8:ardana-ansible-8.0+git.1589740980.6c3bcdc-3.73.1.noarch", "SUSE OpenStack Cloud 8:ardana-cluster-8.0+git.1585685203.3e71e49-3.36.1.noarch", "SUSE OpenStack Cloud 8:ardana-freezer-8.0+git.1586539529.b7d295f-3.21.1.noarch", "SUSE OpenStack Cloud 8:ardana-input-model-8.0+git.1589740934.0e0ad61-3.39.1.noarch", "SUSE OpenStack Cloud 8:ardana-logging-8.0+git.1591194866.b7375d0-3.24.1.noarch", "SUSE OpenStack Cloud 8:ardana-mq-8.0+git.1589715269.62ad6df-3.22.1.noarch", "SUSE OpenStack Cloud 8:ardana-neutron-8.0+git.1590756744.ba84abc-3.42.1.noarch", "SUSE OpenStack Cloud 8:ardana-octavia-8.0+git.1590100427.cf4cc8f-3.29.1.noarch", "SUSE OpenStack Cloud 8:ardana-osconfig-8.0+git.1587034587.eac37b8-3.45.1.noarch", "SUSE OpenStack Cloud 8:caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-installation-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-operations-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-opsconsole-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-planning-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-security-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-supplement-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-upstream-admin-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-upstream-user-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-user-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:grafana-4.6.5-4.9.1.x86_64", "SUSE OpenStack Cloud 8:kibana-4.6.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:openstack-dashboard-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud 8:openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1.noarch", "SUSE OpenStack Cloud 8:openstack-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-keystone-doc-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud 8:openstack-monasca-installer-20190923_16.32-3.12.1.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-dhcp-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-doc-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-ha-tool-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-l3-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-macvtap-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-metadata-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-metering-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-server-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-octavia-amphora-image-x86_64-0.1.4-3.12.2.noarch", "SUSE OpenStack Cloud 8:python-Django-1.11.23-3.15.1.noarch", "SUSE OpenStack Cloud 8:python-Flask-0.12.1-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-GitPython-2.1.8-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-Pillow-4.2.1-3.5.1.x86_64", "SUSE OpenStack Cloud 8:python-amqp-2.4.2-3.12.1.noarch", "SUSE OpenStack Cloud 8:python-apicapi-1.6.0-3.6.1.noarch", "SUSE OpenStack Cloud 8:python-horizon-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud 8:python-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud 8:python-keystoneauth1-3.1.2~dev2-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud 8:python-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:python-oslo.messaging-5.30.8-3.11.1.noarch", "SUSE OpenStack Cloud 8:python-psutil-5.2.2-3.3.1.x86_64", "SUSE OpenStack Cloud 8:python-pyroute2-0.4.21-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-pysaml2-4.0.2-5.6.1.noarch", "SUSE OpenStack Cloud 8:python-tooz-1.58.1-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud 8:storm-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:storm-nimbus-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:storm-supervisor-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:venv-openstack-aodh-x86_64-5.1.1~dev7-12.26.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-barbican-x86_64-5.0.2~dev3-12.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-ceilometer-x86_64-9.0.8~dev7-12.24.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-cinder-x86_64-11.2.3~dev23-14.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-designate-x86_64-5.0.3~dev7-12.25.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-freezer-x86_64-5.0.0.0~xrc2~dev2-10.22.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-glance-x86_64-15.0.3~dev3-12.25.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-heat-x86_64-9.0.8~dev22-12.27.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-horizon-x86_64-12.0.5~dev3-14.30.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-ironic-x86_64-9.1.8~dev8-12.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-keystone-x86_64-12.0.4~dev11-11.28.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-magnum-x86_64-5.0.2_5.0.2_5.0.2~dev31-11.26.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-manila-x86_64-5.1.1~dev5-12.31.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-monasca-ceilometer-x86_64-1.5.1_1.5.1_1.5.1~dev3-8.22.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-monasca-x86_64-2.2.2~dev1-11.22.3.noarch", "SUSE OpenStack Cloud 8:venv-openstack-murano-x86_64-4.0.2~dev2-12.22.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-neutron-x86_64-11.0.9~dev65-13.30.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-nova-x86_64-16.1.9~dev61-11.28.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-octavia-x86_64-1.0.6~dev3-12.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-sahara-x86_64-7.0.5~dev4-11.26.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-swift-x86_64-2.15.2_2.15.2_2.15.2~dev32-11.18.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-trove-x86_64-8.0.2~dev2-11.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:ansible-2.4.6.0-3.9.1.noarch", "SUSE OpenStack Cloud Crowbar 8:caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1.noarch", "SUSE OpenStack Cloud Crowbar 8:crowbar-core-5.0+git.1593156248.55bbdb26d-3.41.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:crowbar-core-branding-upstream-5.0+git.1593156248.55bbdb26d-3.41.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:crowbar-openstack-5.0+git.1593085772.64c4ab43c-4.40.2.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-deployment-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-supplement-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-upstream-admin-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-upstream-user-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:grafana-4.6.5-4.9.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kibana-4.6.3-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:openstack-dashboard-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-keystone-doc-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-monasca-installer-20190923_16.32-3.12.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-dhcp-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-doc-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-ha-tool-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-l3-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-macvtap-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-metadata-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-metering-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-server-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-octavia-amphora-image-x86_64-0.1.4-3.12.2.noarch", "SUSE OpenStack Cloud Crowbar 8:python-Django-1.11.23-3.15.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-Flask-0.12.1-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-Pillow-4.2.1-3.5.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:python-amqp-2.4.2-3.12.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-apicapi-1.6.0-3.6.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-horizon-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:python-keystoneauth1-3.1.2~dev2-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:python-oslo.messaging-5.30.8-3.11.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-psutil-5.2.2-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:python-pyroute2-0.4.21-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-pysaml2-4.0.2-5.6.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-tooz-1.58.1-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-crowbar-client-3.9.2-3.12.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-puma-2.16.0-3.9.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:storm-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:storm-nimbus-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:storm-supervisor-1.1.3-3.3.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2020-07-14T12:42:01Z", details: "low", }, ], title: "CVE-2019-16865", }, { cve: "CVE-2019-18874", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-18874", }, ], notes: [ { category: "general", text: "psutil (aka python-psutil) through 5.6.5 can have a double free. This occurs because of refcount mishandling within a while or for loop that converts system data into a Python object.", title: "CVE description", }, ], product_status: { recommended: [ "HPE Helion OpenStack 8:ansible-2.4.6.0-3.9.1.noarch", "HPE Helion OpenStack 8:ansible1-1.9.6-7.3.1.noarch", "HPE Helion OpenStack 8:ardana-ansible-8.0+git.1589740980.6c3bcdc-3.73.1.noarch", "HPE Helion OpenStack 8:ardana-cluster-8.0+git.1585685203.3e71e49-3.36.1.noarch", "HPE Helion OpenStack 8:ardana-freezer-8.0+git.1586539529.b7d295f-3.21.1.noarch", "HPE Helion OpenStack 8:ardana-input-model-8.0+git.1589740934.0e0ad61-3.39.1.noarch", "HPE Helion OpenStack 8:ardana-logging-8.0+git.1591194866.b7375d0-3.24.1.noarch", "HPE Helion OpenStack 8:ardana-mq-8.0+git.1589715269.62ad6df-3.22.1.noarch", "HPE Helion OpenStack 8:ardana-neutron-8.0+git.1590756744.ba84abc-3.42.1.noarch", "HPE Helion OpenStack 8:ardana-octavia-8.0+git.1590100427.cf4cc8f-3.29.1.noarch", "HPE Helion OpenStack 8:ardana-osconfig-8.0+git.1587034587.eac37b8-3.45.1.noarch", "HPE Helion OpenStack 8:caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-installation-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-operations-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-opsconsole-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-planning-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-security-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-user-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:grafana-4.6.5-4.9.1.x86_64", "HPE Helion OpenStack 8:kibana-4.6.3-3.3.1.x86_64", "HPE Helion OpenStack 8:openstack-dashboard-12.0.5~dev3-3.26.1.noarch", "HPE Helion OpenStack 8:openstack-dashboard-theme-HPE-8+git.1523473653.6599ec8-3.3.1.noarch", "HPE Helion OpenStack 8:openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1.noarch", "HPE Helion OpenStack 8:openstack-keystone-12.0.4~dev11-5.33.2.noarch", "HPE Helion OpenStack 8:openstack-keystone-doc-12.0.4~dev11-5.33.2.noarch", "HPE Helion OpenStack 8:openstack-monasca-agent-2.2.6~dev4-3.18.1.noarch", "HPE Helion OpenStack 8:openstack-monasca-installer-20190923_16.32-3.12.1.noarch", "HPE Helion OpenStack 8:openstack-neutron-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-dhcp-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-doc-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-ha-tool-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-l3-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-macvtap-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-metadata-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-metering-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-server-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-octavia-amphora-image-x86_64-0.1.4-3.12.2.noarch", "HPE Helion OpenStack 8:python-Django-1.11.23-3.15.1.noarch", "HPE Helion OpenStack 8:python-Flask-0.12.1-3.3.1.noarch", "HPE Helion OpenStack 8:python-GitPython-2.1.8-3.3.1.noarch", "HPE Helion OpenStack 8:python-Pillow-4.2.1-3.5.1.x86_64", "HPE Helion OpenStack 8:python-amqp-2.4.2-3.12.1.noarch", "HPE Helion OpenStack 8:python-apicapi-1.6.0-3.6.1.noarch", "HPE Helion OpenStack 8:python-horizon-12.0.5~dev3-3.26.1.noarch", "HPE Helion OpenStack 8:python-keystone-12.0.4~dev11-5.33.2.noarch", "HPE Helion OpenStack 8:python-keystoneauth1-3.1.2~dev2-3.3.1.noarch", "HPE Helion OpenStack 8:python-monasca-agent-2.2.6~dev4-3.18.1.noarch", "HPE Helion OpenStack 8:python-neutron-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:python-oslo.messaging-5.30.8-3.11.1.noarch", "HPE Helion OpenStack 8:python-psutil-5.2.2-3.3.1.x86_64", "HPE Helion OpenStack 8:python-pyroute2-0.4.21-3.3.1.noarch", "HPE Helion OpenStack 8:python-pysaml2-4.0.2-5.6.1.noarch", "HPE Helion OpenStack 8:python-tooz-1.58.1-3.3.1.noarch", "HPE Helion OpenStack 8:python-waitress-1.4.3-3.3.1.noarch", "HPE Helion OpenStack 8:storm-1.1.3-3.3.1.x86_64", "HPE Helion OpenStack 8:storm-nimbus-1.1.3-3.3.1.x86_64", "HPE Helion OpenStack 8:storm-supervisor-1.1.3-3.3.1.x86_64", "HPE Helion OpenStack 8:venv-openstack-aodh-x86_64-5.1.1~dev7-12.26.2.noarch", "HPE Helion OpenStack 8:venv-openstack-barbican-x86_64-5.0.2~dev3-12.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-ceilometer-x86_64-9.0.8~dev7-12.24.2.noarch", "HPE Helion OpenStack 8:venv-openstack-cinder-x86_64-11.2.3~dev23-14.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-designate-x86_64-5.0.3~dev7-12.25.2.noarch", "HPE Helion OpenStack 8:venv-openstack-freezer-x86_64-5.0.0.0~xrc2~dev2-10.22.1.noarch", "HPE Helion OpenStack 8:venv-openstack-glance-x86_64-15.0.3~dev3-12.25.1.noarch", "HPE Helion OpenStack 8:venv-openstack-heat-x86_64-9.0.8~dev22-12.27.1.noarch", "HPE Helion OpenStack 8:venv-openstack-horizon-hpe-x86_64-12.0.5~dev3-14.30.1.noarch", "HPE Helion OpenStack 8:venv-openstack-ironic-x86_64-9.1.8~dev8-12.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-keystone-x86_64-12.0.4~dev11-11.28.2.noarch", "HPE Helion OpenStack 8:venv-openstack-magnum-x86_64-5.0.2_5.0.2_5.0.2~dev31-11.26.2.noarch", "HPE Helion OpenStack 8:venv-openstack-manila-x86_64-5.1.1~dev5-12.31.2.noarch", "HPE Helion OpenStack 8:venv-openstack-monasca-ceilometer-x86_64-1.5.1_1.5.1_1.5.1~dev3-8.22.2.noarch", "HPE Helion OpenStack 8:venv-openstack-monasca-x86_64-2.2.2~dev1-11.22.3.noarch", "HPE Helion OpenStack 8:venv-openstack-murano-x86_64-4.0.2~dev2-12.22.1.noarch", "HPE Helion OpenStack 8:venv-openstack-neutron-x86_64-11.0.9~dev65-13.30.2.noarch", "HPE Helion OpenStack 8:venv-openstack-nova-x86_64-16.1.9~dev61-11.28.2.noarch", "HPE Helion OpenStack 8:venv-openstack-octavia-x86_64-1.0.6~dev3-12.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-sahara-x86_64-7.0.5~dev4-11.26.2.noarch", "HPE Helion OpenStack 8:venv-openstack-swift-x86_64-2.15.2_2.15.2_2.15.2~dev32-11.18.1.noarch", "HPE Helion OpenStack 8:venv-openstack-trove-x86_64-8.0.2~dev2-11.26.1.noarch", "SUSE OpenStack Cloud 8:ansible-2.4.6.0-3.9.1.noarch", "SUSE OpenStack Cloud 8:ansible1-1.9.6-7.3.1.noarch", "SUSE OpenStack Cloud 8:ardana-ansible-8.0+git.1589740980.6c3bcdc-3.73.1.noarch", "SUSE OpenStack Cloud 8:ardana-cluster-8.0+git.1585685203.3e71e49-3.36.1.noarch", "SUSE OpenStack Cloud 8:ardana-freezer-8.0+git.1586539529.b7d295f-3.21.1.noarch", "SUSE OpenStack Cloud 8:ardana-input-model-8.0+git.1589740934.0e0ad61-3.39.1.noarch", "SUSE OpenStack Cloud 8:ardana-logging-8.0+git.1591194866.b7375d0-3.24.1.noarch", "SUSE OpenStack Cloud 8:ardana-mq-8.0+git.1589715269.62ad6df-3.22.1.noarch", "SUSE OpenStack Cloud 8:ardana-neutron-8.0+git.1590756744.ba84abc-3.42.1.noarch", "SUSE OpenStack Cloud 8:ardana-octavia-8.0+git.1590100427.cf4cc8f-3.29.1.noarch", "SUSE OpenStack Cloud 8:ardana-osconfig-8.0+git.1587034587.eac37b8-3.45.1.noarch", "SUSE OpenStack Cloud 8:caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-installation-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-operations-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-opsconsole-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-planning-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-security-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-supplement-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-upstream-admin-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-upstream-user-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-user-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:grafana-4.6.5-4.9.1.x86_64", "SUSE OpenStack Cloud 8:kibana-4.6.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:openstack-dashboard-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud 8:openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1.noarch", "SUSE OpenStack Cloud 8:openstack-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-keystone-doc-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud 8:openstack-monasca-installer-20190923_16.32-3.12.1.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-dhcp-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-doc-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-ha-tool-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-l3-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-macvtap-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-metadata-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-metering-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-server-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-octavia-amphora-image-x86_64-0.1.4-3.12.2.noarch", "SUSE OpenStack Cloud 8:python-Django-1.11.23-3.15.1.noarch", "SUSE OpenStack Cloud 8:python-Flask-0.12.1-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-GitPython-2.1.8-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-Pillow-4.2.1-3.5.1.x86_64", "SUSE OpenStack Cloud 8:python-amqp-2.4.2-3.12.1.noarch", "SUSE OpenStack Cloud 8:python-apicapi-1.6.0-3.6.1.noarch", "SUSE OpenStack Cloud 8:python-horizon-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud 8:python-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud 8:python-keystoneauth1-3.1.2~dev2-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud 8:python-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:python-oslo.messaging-5.30.8-3.11.1.noarch", "SUSE OpenStack Cloud 8:python-psutil-5.2.2-3.3.1.x86_64", "SUSE OpenStack Cloud 8:python-pyroute2-0.4.21-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-pysaml2-4.0.2-5.6.1.noarch", "SUSE OpenStack Cloud 8:python-tooz-1.58.1-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud 8:storm-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:storm-nimbus-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:storm-supervisor-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:venv-openstack-aodh-x86_64-5.1.1~dev7-12.26.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-barbican-x86_64-5.0.2~dev3-12.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-ceilometer-x86_64-9.0.8~dev7-12.24.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-cinder-x86_64-11.2.3~dev23-14.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-designate-x86_64-5.0.3~dev7-12.25.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-freezer-x86_64-5.0.0.0~xrc2~dev2-10.22.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-glance-x86_64-15.0.3~dev3-12.25.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-heat-x86_64-9.0.8~dev22-12.27.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-horizon-x86_64-12.0.5~dev3-14.30.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-ironic-x86_64-9.1.8~dev8-12.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-keystone-x86_64-12.0.4~dev11-11.28.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-magnum-x86_64-5.0.2_5.0.2_5.0.2~dev31-11.26.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-manila-x86_64-5.1.1~dev5-12.31.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-monasca-ceilometer-x86_64-1.5.1_1.5.1_1.5.1~dev3-8.22.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-monasca-x86_64-2.2.2~dev1-11.22.3.noarch", "SUSE OpenStack Cloud 8:venv-openstack-murano-x86_64-4.0.2~dev2-12.22.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-neutron-x86_64-11.0.9~dev65-13.30.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-nova-x86_64-16.1.9~dev61-11.28.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-octavia-x86_64-1.0.6~dev3-12.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-sahara-x86_64-7.0.5~dev4-11.26.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-swift-x86_64-2.15.2_2.15.2_2.15.2~dev32-11.18.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-trove-x86_64-8.0.2~dev2-11.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:ansible-2.4.6.0-3.9.1.noarch", "SUSE OpenStack Cloud Crowbar 8:caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1.noarch", "SUSE OpenStack Cloud Crowbar 8:crowbar-core-5.0+git.1593156248.55bbdb26d-3.41.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:crowbar-core-branding-upstream-5.0+git.1593156248.55bbdb26d-3.41.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:crowbar-openstack-5.0+git.1593085772.64c4ab43c-4.40.2.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-deployment-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-supplement-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-upstream-admin-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-upstream-user-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:grafana-4.6.5-4.9.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kibana-4.6.3-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:openstack-dashboard-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-keystone-doc-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-monasca-installer-20190923_16.32-3.12.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-dhcp-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-doc-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-ha-tool-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-l3-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-macvtap-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-metadata-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-metering-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-server-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-octavia-amphora-image-x86_64-0.1.4-3.12.2.noarch", "SUSE OpenStack Cloud Crowbar 8:python-Django-1.11.23-3.15.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-Flask-0.12.1-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-Pillow-4.2.1-3.5.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:python-amqp-2.4.2-3.12.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-apicapi-1.6.0-3.6.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-horizon-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:python-keystoneauth1-3.1.2~dev2-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:python-oslo.messaging-5.30.8-3.11.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-psutil-5.2.2-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:python-pyroute2-0.4.21-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-pysaml2-4.0.2-5.6.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-tooz-1.58.1-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-crowbar-client-3.9.2-3.12.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-puma-2.16.0-3.9.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:storm-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:storm-nimbus-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:storm-supervisor-1.1.3-3.3.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-18874", url: "https://www.suse.com/security/cve/CVE-2019-18874", }, { category: "external", summary: "SUSE Bug 1156525 for CVE-2019-18874", url: "https://bugzilla.suse.com/1156525", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "HPE Helion OpenStack 8:ansible-2.4.6.0-3.9.1.noarch", "HPE Helion OpenStack 8:ansible1-1.9.6-7.3.1.noarch", "HPE Helion OpenStack 8:ardana-ansible-8.0+git.1589740980.6c3bcdc-3.73.1.noarch", "HPE Helion OpenStack 8:ardana-cluster-8.0+git.1585685203.3e71e49-3.36.1.noarch", "HPE Helion OpenStack 8:ardana-freezer-8.0+git.1586539529.b7d295f-3.21.1.noarch", "HPE Helion OpenStack 8:ardana-input-model-8.0+git.1589740934.0e0ad61-3.39.1.noarch", "HPE Helion OpenStack 8:ardana-logging-8.0+git.1591194866.b7375d0-3.24.1.noarch", "HPE Helion OpenStack 8:ardana-mq-8.0+git.1589715269.62ad6df-3.22.1.noarch", "HPE Helion OpenStack 8:ardana-neutron-8.0+git.1590756744.ba84abc-3.42.1.noarch", "HPE Helion OpenStack 8:ardana-octavia-8.0+git.1590100427.cf4cc8f-3.29.1.noarch", "HPE Helion OpenStack 8:ardana-osconfig-8.0+git.1587034587.eac37b8-3.45.1.noarch", "HPE Helion OpenStack 8:caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-installation-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-operations-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-opsconsole-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-planning-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-security-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-user-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:grafana-4.6.5-4.9.1.x86_64", "HPE Helion OpenStack 8:kibana-4.6.3-3.3.1.x86_64", "HPE Helion OpenStack 8:openstack-dashboard-12.0.5~dev3-3.26.1.noarch", "HPE Helion OpenStack 8:openstack-dashboard-theme-HPE-8+git.1523473653.6599ec8-3.3.1.noarch", "HPE Helion OpenStack 8:openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1.noarch", "HPE Helion OpenStack 8:openstack-keystone-12.0.4~dev11-5.33.2.noarch", "HPE Helion OpenStack 8:openstack-keystone-doc-12.0.4~dev11-5.33.2.noarch", "HPE Helion OpenStack 8:openstack-monasca-agent-2.2.6~dev4-3.18.1.noarch", "HPE Helion OpenStack 8:openstack-monasca-installer-20190923_16.32-3.12.1.noarch", "HPE Helion OpenStack 8:openstack-neutron-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-dhcp-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-doc-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-ha-tool-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-l3-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-macvtap-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-metadata-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-metering-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-server-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-octavia-amphora-image-x86_64-0.1.4-3.12.2.noarch", "HPE Helion OpenStack 8:python-Django-1.11.23-3.15.1.noarch", "HPE Helion OpenStack 8:python-Flask-0.12.1-3.3.1.noarch", "HPE Helion OpenStack 8:python-GitPython-2.1.8-3.3.1.noarch", "HPE Helion OpenStack 8:python-Pillow-4.2.1-3.5.1.x86_64", "HPE Helion OpenStack 8:python-amqp-2.4.2-3.12.1.noarch", "HPE Helion OpenStack 8:python-apicapi-1.6.0-3.6.1.noarch", "HPE Helion OpenStack 8:python-horizon-12.0.5~dev3-3.26.1.noarch", "HPE Helion OpenStack 8:python-keystone-12.0.4~dev11-5.33.2.noarch", "HPE Helion OpenStack 8:python-keystoneauth1-3.1.2~dev2-3.3.1.noarch", "HPE Helion OpenStack 8:python-monasca-agent-2.2.6~dev4-3.18.1.noarch", "HPE Helion OpenStack 8:python-neutron-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:python-oslo.messaging-5.30.8-3.11.1.noarch", "HPE Helion OpenStack 8:python-psutil-5.2.2-3.3.1.x86_64", "HPE Helion OpenStack 8:python-pyroute2-0.4.21-3.3.1.noarch", "HPE Helion OpenStack 8:python-pysaml2-4.0.2-5.6.1.noarch", "HPE Helion OpenStack 8:python-tooz-1.58.1-3.3.1.noarch", "HPE Helion OpenStack 8:python-waitress-1.4.3-3.3.1.noarch", "HPE Helion OpenStack 8:storm-1.1.3-3.3.1.x86_64", "HPE Helion OpenStack 8:storm-nimbus-1.1.3-3.3.1.x86_64", "HPE Helion OpenStack 8:storm-supervisor-1.1.3-3.3.1.x86_64", "HPE Helion OpenStack 8:venv-openstack-aodh-x86_64-5.1.1~dev7-12.26.2.noarch", "HPE Helion OpenStack 8:venv-openstack-barbican-x86_64-5.0.2~dev3-12.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-ceilometer-x86_64-9.0.8~dev7-12.24.2.noarch", "HPE Helion OpenStack 8:venv-openstack-cinder-x86_64-11.2.3~dev23-14.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-designate-x86_64-5.0.3~dev7-12.25.2.noarch", "HPE Helion OpenStack 8:venv-openstack-freezer-x86_64-5.0.0.0~xrc2~dev2-10.22.1.noarch", "HPE Helion OpenStack 8:venv-openstack-glance-x86_64-15.0.3~dev3-12.25.1.noarch", "HPE Helion OpenStack 8:venv-openstack-heat-x86_64-9.0.8~dev22-12.27.1.noarch", "HPE Helion OpenStack 8:venv-openstack-horizon-hpe-x86_64-12.0.5~dev3-14.30.1.noarch", "HPE Helion OpenStack 8:venv-openstack-ironic-x86_64-9.1.8~dev8-12.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-keystone-x86_64-12.0.4~dev11-11.28.2.noarch", "HPE Helion OpenStack 8:venv-openstack-magnum-x86_64-5.0.2_5.0.2_5.0.2~dev31-11.26.2.noarch", "HPE Helion OpenStack 8:venv-openstack-manila-x86_64-5.1.1~dev5-12.31.2.noarch", "HPE Helion OpenStack 8:venv-openstack-monasca-ceilometer-x86_64-1.5.1_1.5.1_1.5.1~dev3-8.22.2.noarch", "HPE Helion OpenStack 8:venv-openstack-monasca-x86_64-2.2.2~dev1-11.22.3.noarch", "HPE Helion OpenStack 8:venv-openstack-murano-x86_64-4.0.2~dev2-12.22.1.noarch", "HPE Helion OpenStack 8:venv-openstack-neutron-x86_64-11.0.9~dev65-13.30.2.noarch", "HPE Helion OpenStack 8:venv-openstack-nova-x86_64-16.1.9~dev61-11.28.2.noarch", "HPE Helion OpenStack 8:venv-openstack-octavia-x86_64-1.0.6~dev3-12.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-sahara-x86_64-7.0.5~dev4-11.26.2.noarch", "HPE Helion OpenStack 8:venv-openstack-swift-x86_64-2.15.2_2.15.2_2.15.2~dev32-11.18.1.noarch", "HPE Helion OpenStack 8:venv-openstack-trove-x86_64-8.0.2~dev2-11.26.1.noarch", "SUSE OpenStack Cloud 8:ansible-2.4.6.0-3.9.1.noarch", "SUSE OpenStack Cloud 8:ansible1-1.9.6-7.3.1.noarch", "SUSE OpenStack Cloud 8:ardana-ansible-8.0+git.1589740980.6c3bcdc-3.73.1.noarch", "SUSE OpenStack Cloud 8:ardana-cluster-8.0+git.1585685203.3e71e49-3.36.1.noarch", "SUSE OpenStack Cloud 8:ardana-freezer-8.0+git.1586539529.b7d295f-3.21.1.noarch", "SUSE OpenStack Cloud 8:ardana-input-model-8.0+git.1589740934.0e0ad61-3.39.1.noarch", "SUSE OpenStack Cloud 8:ardana-logging-8.0+git.1591194866.b7375d0-3.24.1.noarch", "SUSE OpenStack Cloud 8:ardana-mq-8.0+git.1589715269.62ad6df-3.22.1.noarch", "SUSE OpenStack Cloud 8:ardana-neutron-8.0+git.1590756744.ba84abc-3.42.1.noarch", "SUSE OpenStack Cloud 8:ardana-octavia-8.0+git.1590100427.cf4cc8f-3.29.1.noarch", "SUSE OpenStack Cloud 8:ardana-osconfig-8.0+git.1587034587.eac37b8-3.45.1.noarch", "SUSE OpenStack Cloud 8:caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-installation-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-operations-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-opsconsole-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-planning-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-security-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-supplement-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-upstream-admin-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-upstream-user-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-user-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:grafana-4.6.5-4.9.1.x86_64", "SUSE OpenStack Cloud 8:kibana-4.6.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:openstack-dashboard-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud 8:openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1.noarch", "SUSE OpenStack Cloud 8:openstack-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-keystone-doc-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud 8:openstack-monasca-installer-20190923_16.32-3.12.1.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-dhcp-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-doc-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-ha-tool-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-l3-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-macvtap-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-metadata-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-metering-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-server-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-octavia-amphora-image-x86_64-0.1.4-3.12.2.noarch", "SUSE OpenStack Cloud 8:python-Django-1.11.23-3.15.1.noarch", "SUSE OpenStack Cloud 8:python-Flask-0.12.1-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-GitPython-2.1.8-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-Pillow-4.2.1-3.5.1.x86_64", "SUSE OpenStack Cloud 8:python-amqp-2.4.2-3.12.1.noarch", "SUSE OpenStack Cloud 8:python-apicapi-1.6.0-3.6.1.noarch", "SUSE OpenStack Cloud 8:python-horizon-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud 8:python-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud 8:python-keystoneauth1-3.1.2~dev2-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud 8:python-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:python-oslo.messaging-5.30.8-3.11.1.noarch", "SUSE OpenStack Cloud 8:python-psutil-5.2.2-3.3.1.x86_64", "SUSE OpenStack Cloud 8:python-pyroute2-0.4.21-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-pysaml2-4.0.2-5.6.1.noarch", "SUSE OpenStack Cloud 8:python-tooz-1.58.1-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud 8:storm-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:storm-nimbus-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:storm-supervisor-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:venv-openstack-aodh-x86_64-5.1.1~dev7-12.26.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-barbican-x86_64-5.0.2~dev3-12.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-ceilometer-x86_64-9.0.8~dev7-12.24.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-cinder-x86_64-11.2.3~dev23-14.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-designate-x86_64-5.0.3~dev7-12.25.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-freezer-x86_64-5.0.0.0~xrc2~dev2-10.22.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-glance-x86_64-15.0.3~dev3-12.25.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-heat-x86_64-9.0.8~dev22-12.27.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-horizon-x86_64-12.0.5~dev3-14.30.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-ironic-x86_64-9.1.8~dev8-12.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-keystone-x86_64-12.0.4~dev11-11.28.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-magnum-x86_64-5.0.2_5.0.2_5.0.2~dev31-11.26.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-manila-x86_64-5.1.1~dev5-12.31.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-monasca-ceilometer-x86_64-1.5.1_1.5.1_1.5.1~dev3-8.22.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-monasca-x86_64-2.2.2~dev1-11.22.3.noarch", "SUSE OpenStack Cloud 8:venv-openstack-murano-x86_64-4.0.2~dev2-12.22.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-neutron-x86_64-11.0.9~dev65-13.30.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-nova-x86_64-16.1.9~dev61-11.28.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-octavia-x86_64-1.0.6~dev3-12.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-sahara-x86_64-7.0.5~dev4-11.26.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-swift-x86_64-2.15.2_2.15.2_2.15.2~dev32-11.18.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-trove-x86_64-8.0.2~dev2-11.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:ansible-2.4.6.0-3.9.1.noarch", "SUSE OpenStack Cloud Crowbar 8:caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1.noarch", "SUSE OpenStack Cloud Crowbar 8:crowbar-core-5.0+git.1593156248.55bbdb26d-3.41.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:crowbar-core-branding-upstream-5.0+git.1593156248.55bbdb26d-3.41.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:crowbar-openstack-5.0+git.1593085772.64c4ab43c-4.40.2.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-deployment-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-supplement-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-upstream-admin-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-upstream-user-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:grafana-4.6.5-4.9.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kibana-4.6.3-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:openstack-dashboard-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-keystone-doc-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-monasca-installer-20190923_16.32-3.12.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-dhcp-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-doc-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-ha-tool-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-l3-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-macvtap-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-metadata-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-metering-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-server-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-octavia-amphora-image-x86_64-0.1.4-3.12.2.noarch", "SUSE OpenStack Cloud Crowbar 8:python-Django-1.11.23-3.15.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-Flask-0.12.1-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-Pillow-4.2.1-3.5.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:python-amqp-2.4.2-3.12.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-apicapi-1.6.0-3.6.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-horizon-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:python-keystoneauth1-3.1.2~dev2-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:python-oslo.messaging-5.30.8-3.11.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-psutil-5.2.2-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:python-pyroute2-0.4.21-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-pysaml2-4.0.2-5.6.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-tooz-1.58.1-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-crowbar-client-3.9.2-3.12.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-puma-2.16.0-3.9.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:storm-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:storm-nimbus-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:storm-supervisor-1.1.3-3.3.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "HPE Helion OpenStack 8:ansible-2.4.6.0-3.9.1.noarch", "HPE Helion OpenStack 8:ansible1-1.9.6-7.3.1.noarch", "HPE Helion OpenStack 8:ardana-ansible-8.0+git.1589740980.6c3bcdc-3.73.1.noarch", "HPE Helion OpenStack 8:ardana-cluster-8.0+git.1585685203.3e71e49-3.36.1.noarch", "HPE Helion OpenStack 8:ardana-freezer-8.0+git.1586539529.b7d295f-3.21.1.noarch", "HPE Helion OpenStack 8:ardana-input-model-8.0+git.1589740934.0e0ad61-3.39.1.noarch", "HPE Helion OpenStack 8:ardana-logging-8.0+git.1591194866.b7375d0-3.24.1.noarch", "HPE Helion OpenStack 8:ardana-mq-8.0+git.1589715269.62ad6df-3.22.1.noarch", "HPE Helion OpenStack 8:ardana-neutron-8.0+git.1590756744.ba84abc-3.42.1.noarch", "HPE Helion OpenStack 8:ardana-octavia-8.0+git.1590100427.cf4cc8f-3.29.1.noarch", "HPE Helion OpenStack 8:ardana-osconfig-8.0+git.1587034587.eac37b8-3.45.1.noarch", "HPE Helion OpenStack 8:caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-installation-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-operations-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-opsconsole-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-planning-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-security-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-user-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:grafana-4.6.5-4.9.1.x86_64", "HPE Helion OpenStack 8:kibana-4.6.3-3.3.1.x86_64", "HPE Helion OpenStack 8:openstack-dashboard-12.0.5~dev3-3.26.1.noarch", "HPE Helion OpenStack 8:openstack-dashboard-theme-HPE-8+git.1523473653.6599ec8-3.3.1.noarch", "HPE Helion OpenStack 8:openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1.noarch", "HPE Helion OpenStack 8:openstack-keystone-12.0.4~dev11-5.33.2.noarch", "HPE Helion OpenStack 8:openstack-keystone-doc-12.0.4~dev11-5.33.2.noarch", "HPE Helion OpenStack 8:openstack-monasca-agent-2.2.6~dev4-3.18.1.noarch", "HPE Helion OpenStack 8:openstack-monasca-installer-20190923_16.32-3.12.1.noarch", "HPE Helion OpenStack 8:openstack-neutron-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-dhcp-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-doc-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-ha-tool-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-l3-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-macvtap-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-metadata-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-metering-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-server-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-octavia-amphora-image-x86_64-0.1.4-3.12.2.noarch", "HPE Helion OpenStack 8:python-Django-1.11.23-3.15.1.noarch", "HPE Helion OpenStack 8:python-Flask-0.12.1-3.3.1.noarch", "HPE Helion OpenStack 8:python-GitPython-2.1.8-3.3.1.noarch", "HPE Helion OpenStack 8:python-Pillow-4.2.1-3.5.1.x86_64", "HPE Helion OpenStack 8:python-amqp-2.4.2-3.12.1.noarch", "HPE Helion OpenStack 8:python-apicapi-1.6.0-3.6.1.noarch", "HPE Helion OpenStack 8:python-horizon-12.0.5~dev3-3.26.1.noarch", "HPE Helion OpenStack 8:python-keystone-12.0.4~dev11-5.33.2.noarch", "HPE Helion OpenStack 8:python-keystoneauth1-3.1.2~dev2-3.3.1.noarch", "HPE Helion OpenStack 8:python-monasca-agent-2.2.6~dev4-3.18.1.noarch", "HPE Helion OpenStack 8:python-neutron-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:python-oslo.messaging-5.30.8-3.11.1.noarch", "HPE Helion OpenStack 8:python-psutil-5.2.2-3.3.1.x86_64", "HPE Helion OpenStack 8:python-pyroute2-0.4.21-3.3.1.noarch", "HPE Helion OpenStack 8:python-pysaml2-4.0.2-5.6.1.noarch", "HPE Helion OpenStack 8:python-tooz-1.58.1-3.3.1.noarch", "HPE Helion OpenStack 8:python-waitress-1.4.3-3.3.1.noarch", "HPE Helion OpenStack 8:storm-1.1.3-3.3.1.x86_64", "HPE Helion OpenStack 8:storm-nimbus-1.1.3-3.3.1.x86_64", "HPE Helion OpenStack 8:storm-supervisor-1.1.3-3.3.1.x86_64", "HPE Helion OpenStack 8:venv-openstack-aodh-x86_64-5.1.1~dev7-12.26.2.noarch", "HPE Helion OpenStack 8:venv-openstack-barbican-x86_64-5.0.2~dev3-12.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-ceilometer-x86_64-9.0.8~dev7-12.24.2.noarch", "HPE Helion OpenStack 8:venv-openstack-cinder-x86_64-11.2.3~dev23-14.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-designate-x86_64-5.0.3~dev7-12.25.2.noarch", "HPE Helion OpenStack 8:venv-openstack-freezer-x86_64-5.0.0.0~xrc2~dev2-10.22.1.noarch", "HPE Helion OpenStack 8:venv-openstack-glance-x86_64-15.0.3~dev3-12.25.1.noarch", "HPE Helion OpenStack 8:venv-openstack-heat-x86_64-9.0.8~dev22-12.27.1.noarch", "HPE Helion OpenStack 8:venv-openstack-horizon-hpe-x86_64-12.0.5~dev3-14.30.1.noarch", "HPE Helion OpenStack 8:venv-openstack-ironic-x86_64-9.1.8~dev8-12.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-keystone-x86_64-12.0.4~dev11-11.28.2.noarch", "HPE Helion OpenStack 8:venv-openstack-magnum-x86_64-5.0.2_5.0.2_5.0.2~dev31-11.26.2.noarch", "HPE Helion OpenStack 8:venv-openstack-manila-x86_64-5.1.1~dev5-12.31.2.noarch", "HPE Helion OpenStack 8:venv-openstack-monasca-ceilometer-x86_64-1.5.1_1.5.1_1.5.1~dev3-8.22.2.noarch", "HPE Helion OpenStack 8:venv-openstack-monasca-x86_64-2.2.2~dev1-11.22.3.noarch", "HPE Helion OpenStack 8:venv-openstack-murano-x86_64-4.0.2~dev2-12.22.1.noarch", "HPE Helion OpenStack 8:venv-openstack-neutron-x86_64-11.0.9~dev65-13.30.2.noarch", "HPE Helion OpenStack 8:venv-openstack-nova-x86_64-16.1.9~dev61-11.28.2.noarch", "HPE Helion OpenStack 8:venv-openstack-octavia-x86_64-1.0.6~dev3-12.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-sahara-x86_64-7.0.5~dev4-11.26.2.noarch", "HPE Helion OpenStack 8:venv-openstack-swift-x86_64-2.15.2_2.15.2_2.15.2~dev32-11.18.1.noarch", "HPE Helion OpenStack 8:venv-openstack-trove-x86_64-8.0.2~dev2-11.26.1.noarch", "SUSE OpenStack Cloud 8:ansible-2.4.6.0-3.9.1.noarch", "SUSE OpenStack Cloud 8:ansible1-1.9.6-7.3.1.noarch", "SUSE OpenStack Cloud 8:ardana-ansible-8.0+git.1589740980.6c3bcdc-3.73.1.noarch", "SUSE OpenStack Cloud 8:ardana-cluster-8.0+git.1585685203.3e71e49-3.36.1.noarch", "SUSE OpenStack Cloud 8:ardana-freezer-8.0+git.1586539529.b7d295f-3.21.1.noarch", "SUSE OpenStack Cloud 8:ardana-input-model-8.0+git.1589740934.0e0ad61-3.39.1.noarch", "SUSE OpenStack Cloud 8:ardana-logging-8.0+git.1591194866.b7375d0-3.24.1.noarch", "SUSE OpenStack Cloud 8:ardana-mq-8.0+git.1589715269.62ad6df-3.22.1.noarch", "SUSE OpenStack Cloud 8:ardana-neutron-8.0+git.1590756744.ba84abc-3.42.1.noarch", "SUSE OpenStack Cloud 8:ardana-octavia-8.0+git.1590100427.cf4cc8f-3.29.1.noarch", "SUSE OpenStack Cloud 8:ardana-osconfig-8.0+git.1587034587.eac37b8-3.45.1.noarch", "SUSE OpenStack Cloud 8:caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-installation-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-operations-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-opsconsole-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-planning-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-security-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-supplement-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-upstream-admin-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-upstream-user-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-user-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:grafana-4.6.5-4.9.1.x86_64", "SUSE OpenStack Cloud 8:kibana-4.6.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:openstack-dashboard-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud 8:openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1.noarch", "SUSE OpenStack Cloud 8:openstack-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-keystone-doc-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud 8:openstack-monasca-installer-20190923_16.32-3.12.1.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-dhcp-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-doc-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-ha-tool-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-l3-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-macvtap-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-metadata-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-metering-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-server-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-octavia-amphora-image-x86_64-0.1.4-3.12.2.noarch", "SUSE OpenStack Cloud 8:python-Django-1.11.23-3.15.1.noarch", "SUSE OpenStack Cloud 8:python-Flask-0.12.1-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-GitPython-2.1.8-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-Pillow-4.2.1-3.5.1.x86_64", "SUSE OpenStack Cloud 8:python-amqp-2.4.2-3.12.1.noarch", "SUSE OpenStack Cloud 8:python-apicapi-1.6.0-3.6.1.noarch", "SUSE OpenStack Cloud 8:python-horizon-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud 8:python-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud 8:python-keystoneauth1-3.1.2~dev2-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud 8:python-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:python-oslo.messaging-5.30.8-3.11.1.noarch", "SUSE OpenStack Cloud 8:python-psutil-5.2.2-3.3.1.x86_64", "SUSE OpenStack Cloud 8:python-pyroute2-0.4.21-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-pysaml2-4.0.2-5.6.1.noarch", "SUSE OpenStack Cloud 8:python-tooz-1.58.1-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud 8:storm-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:storm-nimbus-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:storm-supervisor-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:venv-openstack-aodh-x86_64-5.1.1~dev7-12.26.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-barbican-x86_64-5.0.2~dev3-12.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-ceilometer-x86_64-9.0.8~dev7-12.24.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-cinder-x86_64-11.2.3~dev23-14.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-designate-x86_64-5.0.3~dev7-12.25.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-freezer-x86_64-5.0.0.0~xrc2~dev2-10.22.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-glance-x86_64-15.0.3~dev3-12.25.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-heat-x86_64-9.0.8~dev22-12.27.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-horizon-x86_64-12.0.5~dev3-14.30.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-ironic-x86_64-9.1.8~dev8-12.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-keystone-x86_64-12.0.4~dev11-11.28.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-magnum-x86_64-5.0.2_5.0.2_5.0.2~dev31-11.26.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-manila-x86_64-5.1.1~dev5-12.31.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-monasca-ceilometer-x86_64-1.5.1_1.5.1_1.5.1~dev3-8.22.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-monasca-x86_64-2.2.2~dev1-11.22.3.noarch", "SUSE OpenStack Cloud 8:venv-openstack-murano-x86_64-4.0.2~dev2-12.22.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-neutron-x86_64-11.0.9~dev65-13.30.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-nova-x86_64-16.1.9~dev61-11.28.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-octavia-x86_64-1.0.6~dev3-12.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-sahara-x86_64-7.0.5~dev4-11.26.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-swift-x86_64-2.15.2_2.15.2_2.15.2~dev32-11.18.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-trove-x86_64-8.0.2~dev2-11.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:ansible-2.4.6.0-3.9.1.noarch", "SUSE OpenStack Cloud Crowbar 8:caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1.noarch", "SUSE OpenStack Cloud Crowbar 8:crowbar-core-5.0+git.1593156248.55bbdb26d-3.41.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:crowbar-core-branding-upstream-5.0+git.1593156248.55bbdb26d-3.41.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:crowbar-openstack-5.0+git.1593085772.64c4ab43c-4.40.2.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-deployment-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-supplement-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-upstream-admin-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-upstream-user-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:grafana-4.6.5-4.9.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kibana-4.6.3-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:openstack-dashboard-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-keystone-doc-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-monasca-installer-20190923_16.32-3.12.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-dhcp-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-doc-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-ha-tool-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-l3-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-macvtap-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-metadata-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-metering-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-server-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-octavia-amphora-image-x86_64-0.1.4-3.12.2.noarch", "SUSE OpenStack Cloud Crowbar 8:python-Django-1.11.23-3.15.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-Flask-0.12.1-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-Pillow-4.2.1-3.5.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:python-amqp-2.4.2-3.12.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-apicapi-1.6.0-3.6.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-horizon-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:python-keystoneauth1-3.1.2~dev2-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:python-oslo.messaging-5.30.8-3.11.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-psutil-5.2.2-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:python-pyroute2-0.4.21-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-pysaml2-4.0.2-5.6.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-tooz-1.58.1-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-crowbar-client-3.9.2-3.12.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-puma-2.16.0-3.9.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:storm-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:storm-nimbus-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:storm-supervisor-1.1.3-3.3.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2020-07-14T12:42:01Z", details: "low", }, ], title: "CVE-2019-18874", }, { cve: "CVE-2019-19911", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-19911", }, ], notes: [ { category: "general", text: "There is a DoS vulnerability in Pillow before 6.2.2 caused by FpxImagePlugin.py calling the range function on an unvalidated 32-bit integer if the number of bands is large. On Windows running 32-bit Python, this results in an OverflowError or MemoryError due to the 2 GB limit. However, on Linux running 64-bit Python this results in the process being terminated by the OOM killer.", title: "CVE description", }, ], product_status: { recommended: [ "HPE Helion OpenStack 8:ansible-2.4.6.0-3.9.1.noarch", "HPE Helion OpenStack 8:ansible1-1.9.6-7.3.1.noarch", "HPE Helion OpenStack 8:ardana-ansible-8.0+git.1589740980.6c3bcdc-3.73.1.noarch", "HPE Helion OpenStack 8:ardana-cluster-8.0+git.1585685203.3e71e49-3.36.1.noarch", "HPE Helion OpenStack 8:ardana-freezer-8.0+git.1586539529.b7d295f-3.21.1.noarch", "HPE Helion OpenStack 8:ardana-input-model-8.0+git.1589740934.0e0ad61-3.39.1.noarch", "HPE Helion OpenStack 8:ardana-logging-8.0+git.1591194866.b7375d0-3.24.1.noarch", "HPE Helion OpenStack 8:ardana-mq-8.0+git.1589715269.62ad6df-3.22.1.noarch", "HPE Helion OpenStack 8:ardana-neutron-8.0+git.1590756744.ba84abc-3.42.1.noarch", "HPE Helion OpenStack 8:ardana-octavia-8.0+git.1590100427.cf4cc8f-3.29.1.noarch", "HPE Helion OpenStack 8:ardana-osconfig-8.0+git.1587034587.eac37b8-3.45.1.noarch", "HPE Helion OpenStack 8:caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-installation-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-operations-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-opsconsole-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-planning-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-security-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-user-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:grafana-4.6.5-4.9.1.x86_64", "HPE Helion OpenStack 8:kibana-4.6.3-3.3.1.x86_64", "HPE Helion OpenStack 8:openstack-dashboard-12.0.5~dev3-3.26.1.noarch", "HPE Helion OpenStack 8:openstack-dashboard-theme-HPE-8+git.1523473653.6599ec8-3.3.1.noarch", "HPE Helion OpenStack 8:openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1.noarch", "HPE Helion OpenStack 8:openstack-keystone-12.0.4~dev11-5.33.2.noarch", "HPE Helion OpenStack 8:openstack-keystone-doc-12.0.4~dev11-5.33.2.noarch", "HPE Helion OpenStack 8:openstack-monasca-agent-2.2.6~dev4-3.18.1.noarch", "HPE Helion OpenStack 8:openstack-monasca-installer-20190923_16.32-3.12.1.noarch", "HPE Helion OpenStack 8:openstack-neutron-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-dhcp-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-doc-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-ha-tool-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-l3-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-macvtap-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-metadata-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-metering-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-server-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-octavia-amphora-image-x86_64-0.1.4-3.12.2.noarch", "HPE Helion OpenStack 8:python-Django-1.11.23-3.15.1.noarch", "HPE Helion OpenStack 8:python-Flask-0.12.1-3.3.1.noarch", "HPE Helion OpenStack 8:python-GitPython-2.1.8-3.3.1.noarch", "HPE Helion OpenStack 8:python-Pillow-4.2.1-3.5.1.x86_64", "HPE Helion OpenStack 8:python-amqp-2.4.2-3.12.1.noarch", "HPE Helion OpenStack 8:python-apicapi-1.6.0-3.6.1.noarch", "HPE Helion OpenStack 8:python-horizon-12.0.5~dev3-3.26.1.noarch", "HPE Helion OpenStack 8:python-keystone-12.0.4~dev11-5.33.2.noarch", "HPE Helion OpenStack 8:python-keystoneauth1-3.1.2~dev2-3.3.1.noarch", "HPE Helion OpenStack 8:python-monasca-agent-2.2.6~dev4-3.18.1.noarch", "HPE Helion OpenStack 8:python-neutron-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:python-oslo.messaging-5.30.8-3.11.1.noarch", "HPE Helion OpenStack 8:python-psutil-5.2.2-3.3.1.x86_64", "HPE Helion OpenStack 8:python-pyroute2-0.4.21-3.3.1.noarch", "HPE Helion OpenStack 8:python-pysaml2-4.0.2-5.6.1.noarch", "HPE Helion OpenStack 8:python-tooz-1.58.1-3.3.1.noarch", "HPE Helion OpenStack 8:python-waitress-1.4.3-3.3.1.noarch", "HPE Helion OpenStack 8:storm-1.1.3-3.3.1.x86_64", "HPE Helion OpenStack 8:storm-nimbus-1.1.3-3.3.1.x86_64", "HPE Helion OpenStack 8:storm-supervisor-1.1.3-3.3.1.x86_64", "HPE Helion OpenStack 8:venv-openstack-aodh-x86_64-5.1.1~dev7-12.26.2.noarch", "HPE Helion OpenStack 8:venv-openstack-barbican-x86_64-5.0.2~dev3-12.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-ceilometer-x86_64-9.0.8~dev7-12.24.2.noarch", "HPE Helion OpenStack 8:venv-openstack-cinder-x86_64-11.2.3~dev23-14.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-designate-x86_64-5.0.3~dev7-12.25.2.noarch", "HPE Helion OpenStack 8:venv-openstack-freezer-x86_64-5.0.0.0~xrc2~dev2-10.22.1.noarch", "HPE Helion OpenStack 8:venv-openstack-glance-x86_64-15.0.3~dev3-12.25.1.noarch", "HPE Helion OpenStack 8:venv-openstack-heat-x86_64-9.0.8~dev22-12.27.1.noarch", "HPE Helion OpenStack 8:venv-openstack-horizon-hpe-x86_64-12.0.5~dev3-14.30.1.noarch", "HPE Helion OpenStack 8:venv-openstack-ironic-x86_64-9.1.8~dev8-12.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-keystone-x86_64-12.0.4~dev11-11.28.2.noarch", "HPE Helion OpenStack 8:venv-openstack-magnum-x86_64-5.0.2_5.0.2_5.0.2~dev31-11.26.2.noarch", "HPE Helion OpenStack 8:venv-openstack-manila-x86_64-5.1.1~dev5-12.31.2.noarch", "HPE Helion OpenStack 8:venv-openstack-monasca-ceilometer-x86_64-1.5.1_1.5.1_1.5.1~dev3-8.22.2.noarch", "HPE Helion OpenStack 8:venv-openstack-monasca-x86_64-2.2.2~dev1-11.22.3.noarch", "HPE Helion OpenStack 8:venv-openstack-murano-x86_64-4.0.2~dev2-12.22.1.noarch", "HPE Helion OpenStack 8:venv-openstack-neutron-x86_64-11.0.9~dev65-13.30.2.noarch", "HPE Helion OpenStack 8:venv-openstack-nova-x86_64-16.1.9~dev61-11.28.2.noarch", "HPE Helion OpenStack 8:venv-openstack-octavia-x86_64-1.0.6~dev3-12.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-sahara-x86_64-7.0.5~dev4-11.26.2.noarch", "HPE Helion OpenStack 8:venv-openstack-swift-x86_64-2.15.2_2.15.2_2.15.2~dev32-11.18.1.noarch", "HPE Helion OpenStack 8:venv-openstack-trove-x86_64-8.0.2~dev2-11.26.1.noarch", "SUSE OpenStack Cloud 8:ansible-2.4.6.0-3.9.1.noarch", "SUSE OpenStack Cloud 8:ansible1-1.9.6-7.3.1.noarch", "SUSE OpenStack Cloud 8:ardana-ansible-8.0+git.1589740980.6c3bcdc-3.73.1.noarch", "SUSE OpenStack Cloud 8:ardana-cluster-8.0+git.1585685203.3e71e49-3.36.1.noarch", "SUSE OpenStack Cloud 8:ardana-freezer-8.0+git.1586539529.b7d295f-3.21.1.noarch", "SUSE OpenStack Cloud 8:ardana-input-model-8.0+git.1589740934.0e0ad61-3.39.1.noarch", "SUSE OpenStack Cloud 8:ardana-logging-8.0+git.1591194866.b7375d0-3.24.1.noarch", "SUSE OpenStack Cloud 8:ardana-mq-8.0+git.1589715269.62ad6df-3.22.1.noarch", "SUSE OpenStack Cloud 8:ardana-neutron-8.0+git.1590756744.ba84abc-3.42.1.noarch", "SUSE OpenStack Cloud 8:ardana-octavia-8.0+git.1590100427.cf4cc8f-3.29.1.noarch", "SUSE OpenStack Cloud 8:ardana-osconfig-8.0+git.1587034587.eac37b8-3.45.1.noarch", "SUSE OpenStack Cloud 8:caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-installation-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-operations-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-opsconsole-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-planning-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-security-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-supplement-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-upstream-admin-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-upstream-user-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-user-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:grafana-4.6.5-4.9.1.x86_64", "SUSE OpenStack Cloud 8:kibana-4.6.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:openstack-dashboard-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud 8:openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1.noarch", "SUSE OpenStack Cloud 8:openstack-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-keystone-doc-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud 8:openstack-monasca-installer-20190923_16.32-3.12.1.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-dhcp-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-doc-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-ha-tool-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-l3-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-macvtap-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-metadata-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-metering-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-server-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-octavia-amphora-image-x86_64-0.1.4-3.12.2.noarch", "SUSE OpenStack Cloud 8:python-Django-1.11.23-3.15.1.noarch", "SUSE OpenStack Cloud 8:python-Flask-0.12.1-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-GitPython-2.1.8-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-Pillow-4.2.1-3.5.1.x86_64", "SUSE OpenStack Cloud 8:python-amqp-2.4.2-3.12.1.noarch", "SUSE OpenStack Cloud 8:python-apicapi-1.6.0-3.6.1.noarch", "SUSE OpenStack Cloud 8:python-horizon-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud 8:python-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud 8:python-keystoneauth1-3.1.2~dev2-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud 8:python-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:python-oslo.messaging-5.30.8-3.11.1.noarch", "SUSE OpenStack Cloud 8:python-psutil-5.2.2-3.3.1.x86_64", "SUSE OpenStack Cloud 8:python-pyroute2-0.4.21-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-pysaml2-4.0.2-5.6.1.noarch", "SUSE OpenStack Cloud 8:python-tooz-1.58.1-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud 8:storm-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:storm-nimbus-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:storm-supervisor-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:venv-openstack-aodh-x86_64-5.1.1~dev7-12.26.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-barbican-x86_64-5.0.2~dev3-12.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-ceilometer-x86_64-9.0.8~dev7-12.24.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-cinder-x86_64-11.2.3~dev23-14.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-designate-x86_64-5.0.3~dev7-12.25.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-freezer-x86_64-5.0.0.0~xrc2~dev2-10.22.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-glance-x86_64-15.0.3~dev3-12.25.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-heat-x86_64-9.0.8~dev22-12.27.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-horizon-x86_64-12.0.5~dev3-14.30.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-ironic-x86_64-9.1.8~dev8-12.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-keystone-x86_64-12.0.4~dev11-11.28.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-magnum-x86_64-5.0.2_5.0.2_5.0.2~dev31-11.26.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-manila-x86_64-5.1.1~dev5-12.31.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-monasca-ceilometer-x86_64-1.5.1_1.5.1_1.5.1~dev3-8.22.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-monasca-x86_64-2.2.2~dev1-11.22.3.noarch", "SUSE OpenStack Cloud 8:venv-openstack-murano-x86_64-4.0.2~dev2-12.22.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-neutron-x86_64-11.0.9~dev65-13.30.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-nova-x86_64-16.1.9~dev61-11.28.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-octavia-x86_64-1.0.6~dev3-12.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-sahara-x86_64-7.0.5~dev4-11.26.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-swift-x86_64-2.15.2_2.15.2_2.15.2~dev32-11.18.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-trove-x86_64-8.0.2~dev2-11.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:ansible-2.4.6.0-3.9.1.noarch", "SUSE OpenStack Cloud Crowbar 8:caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1.noarch", "SUSE OpenStack Cloud Crowbar 8:crowbar-core-5.0+git.1593156248.55bbdb26d-3.41.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:crowbar-core-branding-upstream-5.0+git.1593156248.55bbdb26d-3.41.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:crowbar-openstack-5.0+git.1593085772.64c4ab43c-4.40.2.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-deployment-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-supplement-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-upstream-admin-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-upstream-user-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:grafana-4.6.5-4.9.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kibana-4.6.3-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:openstack-dashboard-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-keystone-doc-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-monasca-installer-20190923_16.32-3.12.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-dhcp-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-doc-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-ha-tool-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-l3-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-macvtap-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-metadata-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-metering-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-server-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-octavia-amphora-image-x86_64-0.1.4-3.12.2.noarch", "SUSE OpenStack Cloud Crowbar 8:python-Django-1.11.23-3.15.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-Flask-0.12.1-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-Pillow-4.2.1-3.5.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:python-amqp-2.4.2-3.12.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-apicapi-1.6.0-3.6.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-horizon-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:python-keystoneauth1-3.1.2~dev2-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:python-oslo.messaging-5.30.8-3.11.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-psutil-5.2.2-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:python-pyroute2-0.4.21-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-pysaml2-4.0.2-5.6.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-tooz-1.58.1-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-crowbar-client-3.9.2-3.12.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-puma-2.16.0-3.9.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:storm-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:storm-nimbus-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:storm-supervisor-1.1.3-3.3.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-19911", url: "https://www.suse.com/security/cve/CVE-2019-19911", }, { category: "external", summary: "SUSE Bug 1160192 for CVE-2019-19911", url: "https://bugzilla.suse.com/1160192", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "HPE Helion OpenStack 8:ansible-2.4.6.0-3.9.1.noarch", "HPE Helion OpenStack 8:ansible1-1.9.6-7.3.1.noarch", "HPE Helion OpenStack 8:ardana-ansible-8.0+git.1589740980.6c3bcdc-3.73.1.noarch", "HPE Helion OpenStack 8:ardana-cluster-8.0+git.1585685203.3e71e49-3.36.1.noarch", "HPE Helion OpenStack 8:ardana-freezer-8.0+git.1586539529.b7d295f-3.21.1.noarch", "HPE Helion OpenStack 8:ardana-input-model-8.0+git.1589740934.0e0ad61-3.39.1.noarch", "HPE Helion OpenStack 8:ardana-logging-8.0+git.1591194866.b7375d0-3.24.1.noarch", "HPE Helion OpenStack 8:ardana-mq-8.0+git.1589715269.62ad6df-3.22.1.noarch", "HPE Helion OpenStack 8:ardana-neutron-8.0+git.1590756744.ba84abc-3.42.1.noarch", "HPE Helion OpenStack 8:ardana-octavia-8.0+git.1590100427.cf4cc8f-3.29.1.noarch", "HPE Helion OpenStack 8:ardana-osconfig-8.0+git.1587034587.eac37b8-3.45.1.noarch", "HPE Helion OpenStack 8:caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-installation-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-operations-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-opsconsole-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-planning-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-security-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-user-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:grafana-4.6.5-4.9.1.x86_64", "HPE Helion OpenStack 8:kibana-4.6.3-3.3.1.x86_64", "HPE Helion OpenStack 8:openstack-dashboard-12.0.5~dev3-3.26.1.noarch", "HPE Helion OpenStack 8:openstack-dashboard-theme-HPE-8+git.1523473653.6599ec8-3.3.1.noarch", "HPE Helion OpenStack 8:openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1.noarch", "HPE Helion OpenStack 8:openstack-keystone-12.0.4~dev11-5.33.2.noarch", "HPE Helion OpenStack 8:openstack-keystone-doc-12.0.4~dev11-5.33.2.noarch", "HPE Helion OpenStack 8:openstack-monasca-agent-2.2.6~dev4-3.18.1.noarch", "HPE Helion OpenStack 8:openstack-monasca-installer-20190923_16.32-3.12.1.noarch", "HPE Helion OpenStack 8:openstack-neutron-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-dhcp-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-doc-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-ha-tool-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-l3-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-macvtap-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-metadata-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-metering-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-server-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-octavia-amphora-image-x86_64-0.1.4-3.12.2.noarch", "HPE Helion OpenStack 8:python-Django-1.11.23-3.15.1.noarch", "HPE Helion OpenStack 8:python-Flask-0.12.1-3.3.1.noarch", "HPE Helion OpenStack 8:python-GitPython-2.1.8-3.3.1.noarch", "HPE Helion OpenStack 8:python-Pillow-4.2.1-3.5.1.x86_64", "HPE Helion OpenStack 8:python-amqp-2.4.2-3.12.1.noarch", "HPE Helion OpenStack 8:python-apicapi-1.6.0-3.6.1.noarch", "HPE Helion OpenStack 8:python-horizon-12.0.5~dev3-3.26.1.noarch", "HPE Helion OpenStack 8:python-keystone-12.0.4~dev11-5.33.2.noarch", "HPE Helion OpenStack 8:python-keystoneauth1-3.1.2~dev2-3.3.1.noarch", "HPE Helion OpenStack 8:python-monasca-agent-2.2.6~dev4-3.18.1.noarch", "HPE Helion OpenStack 8:python-neutron-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:python-oslo.messaging-5.30.8-3.11.1.noarch", "HPE Helion OpenStack 8:python-psutil-5.2.2-3.3.1.x86_64", "HPE Helion OpenStack 8:python-pyroute2-0.4.21-3.3.1.noarch", "HPE Helion OpenStack 8:python-pysaml2-4.0.2-5.6.1.noarch", "HPE Helion OpenStack 8:python-tooz-1.58.1-3.3.1.noarch", "HPE Helion OpenStack 8:python-waitress-1.4.3-3.3.1.noarch", "HPE Helion OpenStack 8:storm-1.1.3-3.3.1.x86_64", "HPE Helion OpenStack 8:storm-nimbus-1.1.3-3.3.1.x86_64", "HPE Helion OpenStack 8:storm-supervisor-1.1.3-3.3.1.x86_64", "HPE Helion OpenStack 8:venv-openstack-aodh-x86_64-5.1.1~dev7-12.26.2.noarch", "HPE Helion OpenStack 8:venv-openstack-barbican-x86_64-5.0.2~dev3-12.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-ceilometer-x86_64-9.0.8~dev7-12.24.2.noarch", "HPE Helion OpenStack 8:venv-openstack-cinder-x86_64-11.2.3~dev23-14.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-designate-x86_64-5.0.3~dev7-12.25.2.noarch", "HPE Helion OpenStack 8:venv-openstack-freezer-x86_64-5.0.0.0~xrc2~dev2-10.22.1.noarch", "HPE Helion OpenStack 8:venv-openstack-glance-x86_64-15.0.3~dev3-12.25.1.noarch", "HPE Helion OpenStack 8:venv-openstack-heat-x86_64-9.0.8~dev22-12.27.1.noarch", "HPE Helion OpenStack 8:venv-openstack-horizon-hpe-x86_64-12.0.5~dev3-14.30.1.noarch", "HPE Helion OpenStack 8:venv-openstack-ironic-x86_64-9.1.8~dev8-12.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-keystone-x86_64-12.0.4~dev11-11.28.2.noarch", "HPE Helion OpenStack 8:venv-openstack-magnum-x86_64-5.0.2_5.0.2_5.0.2~dev31-11.26.2.noarch", "HPE Helion OpenStack 8:venv-openstack-manila-x86_64-5.1.1~dev5-12.31.2.noarch", "HPE Helion OpenStack 8:venv-openstack-monasca-ceilometer-x86_64-1.5.1_1.5.1_1.5.1~dev3-8.22.2.noarch", "HPE Helion OpenStack 8:venv-openstack-monasca-x86_64-2.2.2~dev1-11.22.3.noarch", "HPE Helion OpenStack 8:venv-openstack-murano-x86_64-4.0.2~dev2-12.22.1.noarch", "HPE Helion OpenStack 8:venv-openstack-neutron-x86_64-11.0.9~dev65-13.30.2.noarch", "HPE Helion OpenStack 8:venv-openstack-nova-x86_64-16.1.9~dev61-11.28.2.noarch", "HPE Helion OpenStack 8:venv-openstack-octavia-x86_64-1.0.6~dev3-12.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-sahara-x86_64-7.0.5~dev4-11.26.2.noarch", "HPE Helion OpenStack 8:venv-openstack-swift-x86_64-2.15.2_2.15.2_2.15.2~dev32-11.18.1.noarch", "HPE Helion OpenStack 8:venv-openstack-trove-x86_64-8.0.2~dev2-11.26.1.noarch", "SUSE OpenStack Cloud 8:ansible-2.4.6.0-3.9.1.noarch", "SUSE OpenStack Cloud 8:ansible1-1.9.6-7.3.1.noarch", "SUSE OpenStack Cloud 8:ardana-ansible-8.0+git.1589740980.6c3bcdc-3.73.1.noarch", "SUSE OpenStack Cloud 8:ardana-cluster-8.0+git.1585685203.3e71e49-3.36.1.noarch", "SUSE OpenStack Cloud 8:ardana-freezer-8.0+git.1586539529.b7d295f-3.21.1.noarch", "SUSE OpenStack Cloud 8:ardana-input-model-8.0+git.1589740934.0e0ad61-3.39.1.noarch", "SUSE OpenStack Cloud 8:ardana-logging-8.0+git.1591194866.b7375d0-3.24.1.noarch", "SUSE OpenStack Cloud 8:ardana-mq-8.0+git.1589715269.62ad6df-3.22.1.noarch", "SUSE OpenStack Cloud 8:ardana-neutron-8.0+git.1590756744.ba84abc-3.42.1.noarch", "SUSE OpenStack Cloud 8:ardana-octavia-8.0+git.1590100427.cf4cc8f-3.29.1.noarch", "SUSE OpenStack Cloud 8:ardana-osconfig-8.0+git.1587034587.eac37b8-3.45.1.noarch", "SUSE OpenStack Cloud 8:caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-installation-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-operations-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-opsconsole-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-planning-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-security-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-supplement-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-upstream-admin-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-upstream-user-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-user-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:grafana-4.6.5-4.9.1.x86_64", "SUSE OpenStack Cloud 8:kibana-4.6.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:openstack-dashboard-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud 8:openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1.noarch", "SUSE OpenStack Cloud 8:openstack-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-keystone-doc-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud 8:openstack-monasca-installer-20190923_16.32-3.12.1.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-dhcp-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-doc-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-ha-tool-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-l3-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-macvtap-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-metadata-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-metering-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-server-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-octavia-amphora-image-x86_64-0.1.4-3.12.2.noarch", "SUSE OpenStack Cloud 8:python-Django-1.11.23-3.15.1.noarch", "SUSE OpenStack Cloud 8:python-Flask-0.12.1-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-GitPython-2.1.8-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-Pillow-4.2.1-3.5.1.x86_64", "SUSE OpenStack Cloud 8:python-amqp-2.4.2-3.12.1.noarch", "SUSE OpenStack Cloud 8:python-apicapi-1.6.0-3.6.1.noarch", "SUSE OpenStack Cloud 8:python-horizon-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud 8:python-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud 8:python-keystoneauth1-3.1.2~dev2-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud 8:python-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:python-oslo.messaging-5.30.8-3.11.1.noarch", "SUSE OpenStack Cloud 8:python-psutil-5.2.2-3.3.1.x86_64", "SUSE OpenStack Cloud 8:python-pyroute2-0.4.21-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-pysaml2-4.0.2-5.6.1.noarch", "SUSE OpenStack Cloud 8:python-tooz-1.58.1-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud 8:storm-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:storm-nimbus-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:storm-supervisor-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:venv-openstack-aodh-x86_64-5.1.1~dev7-12.26.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-barbican-x86_64-5.0.2~dev3-12.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-ceilometer-x86_64-9.0.8~dev7-12.24.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-cinder-x86_64-11.2.3~dev23-14.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-designate-x86_64-5.0.3~dev7-12.25.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-freezer-x86_64-5.0.0.0~xrc2~dev2-10.22.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-glance-x86_64-15.0.3~dev3-12.25.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-heat-x86_64-9.0.8~dev22-12.27.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-horizon-x86_64-12.0.5~dev3-14.30.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-ironic-x86_64-9.1.8~dev8-12.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-keystone-x86_64-12.0.4~dev11-11.28.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-magnum-x86_64-5.0.2_5.0.2_5.0.2~dev31-11.26.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-manila-x86_64-5.1.1~dev5-12.31.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-monasca-ceilometer-x86_64-1.5.1_1.5.1_1.5.1~dev3-8.22.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-monasca-x86_64-2.2.2~dev1-11.22.3.noarch", "SUSE OpenStack Cloud 8:venv-openstack-murano-x86_64-4.0.2~dev2-12.22.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-neutron-x86_64-11.0.9~dev65-13.30.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-nova-x86_64-16.1.9~dev61-11.28.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-octavia-x86_64-1.0.6~dev3-12.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-sahara-x86_64-7.0.5~dev4-11.26.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-swift-x86_64-2.15.2_2.15.2_2.15.2~dev32-11.18.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-trove-x86_64-8.0.2~dev2-11.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:ansible-2.4.6.0-3.9.1.noarch", "SUSE OpenStack Cloud Crowbar 8:caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1.noarch", "SUSE OpenStack Cloud Crowbar 8:crowbar-core-5.0+git.1593156248.55bbdb26d-3.41.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:crowbar-core-branding-upstream-5.0+git.1593156248.55bbdb26d-3.41.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:crowbar-openstack-5.0+git.1593085772.64c4ab43c-4.40.2.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-deployment-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-supplement-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-upstream-admin-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-upstream-user-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:grafana-4.6.5-4.9.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kibana-4.6.3-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:openstack-dashboard-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-keystone-doc-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-monasca-installer-20190923_16.32-3.12.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-dhcp-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-doc-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-ha-tool-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-l3-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-macvtap-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-metadata-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-metering-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-server-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-octavia-amphora-image-x86_64-0.1.4-3.12.2.noarch", "SUSE OpenStack Cloud Crowbar 8:python-Django-1.11.23-3.15.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-Flask-0.12.1-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-Pillow-4.2.1-3.5.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:python-amqp-2.4.2-3.12.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-apicapi-1.6.0-3.6.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-horizon-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:python-keystoneauth1-3.1.2~dev2-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:python-oslo.messaging-5.30.8-3.11.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-psutil-5.2.2-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:python-pyroute2-0.4.21-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-pysaml2-4.0.2-5.6.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-tooz-1.58.1-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-crowbar-client-3.9.2-3.12.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-puma-2.16.0-3.9.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:storm-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:storm-nimbus-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:storm-supervisor-1.1.3-3.3.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "HPE Helion OpenStack 8:ansible-2.4.6.0-3.9.1.noarch", "HPE Helion OpenStack 8:ansible1-1.9.6-7.3.1.noarch", "HPE Helion OpenStack 8:ardana-ansible-8.0+git.1589740980.6c3bcdc-3.73.1.noarch", "HPE Helion OpenStack 8:ardana-cluster-8.0+git.1585685203.3e71e49-3.36.1.noarch", "HPE Helion OpenStack 8:ardana-freezer-8.0+git.1586539529.b7d295f-3.21.1.noarch", "HPE Helion OpenStack 8:ardana-input-model-8.0+git.1589740934.0e0ad61-3.39.1.noarch", "HPE Helion OpenStack 8:ardana-logging-8.0+git.1591194866.b7375d0-3.24.1.noarch", "HPE Helion OpenStack 8:ardana-mq-8.0+git.1589715269.62ad6df-3.22.1.noarch", "HPE Helion OpenStack 8:ardana-neutron-8.0+git.1590756744.ba84abc-3.42.1.noarch", "HPE Helion OpenStack 8:ardana-octavia-8.0+git.1590100427.cf4cc8f-3.29.1.noarch", "HPE Helion OpenStack 8:ardana-osconfig-8.0+git.1587034587.eac37b8-3.45.1.noarch", "HPE Helion OpenStack 8:caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-installation-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-operations-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-opsconsole-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-planning-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-security-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-user-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:grafana-4.6.5-4.9.1.x86_64", "HPE Helion OpenStack 8:kibana-4.6.3-3.3.1.x86_64", "HPE Helion OpenStack 8:openstack-dashboard-12.0.5~dev3-3.26.1.noarch", "HPE Helion OpenStack 8:openstack-dashboard-theme-HPE-8+git.1523473653.6599ec8-3.3.1.noarch", "HPE Helion OpenStack 8:openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1.noarch", "HPE Helion OpenStack 8:openstack-keystone-12.0.4~dev11-5.33.2.noarch", "HPE Helion OpenStack 8:openstack-keystone-doc-12.0.4~dev11-5.33.2.noarch", "HPE Helion OpenStack 8:openstack-monasca-agent-2.2.6~dev4-3.18.1.noarch", "HPE Helion OpenStack 8:openstack-monasca-installer-20190923_16.32-3.12.1.noarch", "HPE Helion OpenStack 8:openstack-neutron-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-dhcp-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-doc-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-ha-tool-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-l3-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-macvtap-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-metadata-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-metering-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-server-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-octavia-amphora-image-x86_64-0.1.4-3.12.2.noarch", "HPE Helion OpenStack 8:python-Django-1.11.23-3.15.1.noarch", "HPE Helion OpenStack 8:python-Flask-0.12.1-3.3.1.noarch", "HPE Helion OpenStack 8:python-GitPython-2.1.8-3.3.1.noarch", "HPE Helion OpenStack 8:python-Pillow-4.2.1-3.5.1.x86_64", "HPE Helion OpenStack 8:python-amqp-2.4.2-3.12.1.noarch", "HPE Helion OpenStack 8:python-apicapi-1.6.0-3.6.1.noarch", "HPE Helion OpenStack 8:python-horizon-12.0.5~dev3-3.26.1.noarch", "HPE Helion OpenStack 8:python-keystone-12.0.4~dev11-5.33.2.noarch", "HPE Helion OpenStack 8:python-keystoneauth1-3.1.2~dev2-3.3.1.noarch", "HPE Helion OpenStack 8:python-monasca-agent-2.2.6~dev4-3.18.1.noarch", "HPE Helion OpenStack 8:python-neutron-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:python-oslo.messaging-5.30.8-3.11.1.noarch", "HPE Helion OpenStack 8:python-psutil-5.2.2-3.3.1.x86_64", "HPE Helion OpenStack 8:python-pyroute2-0.4.21-3.3.1.noarch", "HPE Helion OpenStack 8:python-pysaml2-4.0.2-5.6.1.noarch", "HPE Helion OpenStack 8:python-tooz-1.58.1-3.3.1.noarch", "HPE Helion OpenStack 8:python-waitress-1.4.3-3.3.1.noarch", "HPE Helion OpenStack 8:storm-1.1.3-3.3.1.x86_64", "HPE Helion OpenStack 8:storm-nimbus-1.1.3-3.3.1.x86_64", "HPE Helion OpenStack 8:storm-supervisor-1.1.3-3.3.1.x86_64", "HPE Helion OpenStack 8:venv-openstack-aodh-x86_64-5.1.1~dev7-12.26.2.noarch", "HPE Helion OpenStack 8:venv-openstack-barbican-x86_64-5.0.2~dev3-12.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-ceilometer-x86_64-9.0.8~dev7-12.24.2.noarch", "HPE Helion OpenStack 8:venv-openstack-cinder-x86_64-11.2.3~dev23-14.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-designate-x86_64-5.0.3~dev7-12.25.2.noarch", "HPE Helion OpenStack 8:venv-openstack-freezer-x86_64-5.0.0.0~xrc2~dev2-10.22.1.noarch", "HPE Helion OpenStack 8:venv-openstack-glance-x86_64-15.0.3~dev3-12.25.1.noarch", "HPE Helion OpenStack 8:venv-openstack-heat-x86_64-9.0.8~dev22-12.27.1.noarch", "HPE Helion OpenStack 8:venv-openstack-horizon-hpe-x86_64-12.0.5~dev3-14.30.1.noarch", "HPE Helion OpenStack 8:venv-openstack-ironic-x86_64-9.1.8~dev8-12.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-keystone-x86_64-12.0.4~dev11-11.28.2.noarch", "HPE Helion OpenStack 8:venv-openstack-magnum-x86_64-5.0.2_5.0.2_5.0.2~dev31-11.26.2.noarch", "HPE Helion OpenStack 8:venv-openstack-manila-x86_64-5.1.1~dev5-12.31.2.noarch", "HPE Helion OpenStack 8:venv-openstack-monasca-ceilometer-x86_64-1.5.1_1.5.1_1.5.1~dev3-8.22.2.noarch", "HPE Helion OpenStack 8:venv-openstack-monasca-x86_64-2.2.2~dev1-11.22.3.noarch", "HPE Helion OpenStack 8:venv-openstack-murano-x86_64-4.0.2~dev2-12.22.1.noarch", "HPE Helion OpenStack 8:venv-openstack-neutron-x86_64-11.0.9~dev65-13.30.2.noarch", "HPE Helion OpenStack 8:venv-openstack-nova-x86_64-16.1.9~dev61-11.28.2.noarch", "HPE Helion OpenStack 8:venv-openstack-octavia-x86_64-1.0.6~dev3-12.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-sahara-x86_64-7.0.5~dev4-11.26.2.noarch", "HPE Helion OpenStack 8:venv-openstack-swift-x86_64-2.15.2_2.15.2_2.15.2~dev32-11.18.1.noarch", "HPE Helion OpenStack 8:venv-openstack-trove-x86_64-8.0.2~dev2-11.26.1.noarch", "SUSE OpenStack Cloud 8:ansible-2.4.6.0-3.9.1.noarch", "SUSE OpenStack Cloud 8:ansible1-1.9.6-7.3.1.noarch", "SUSE OpenStack Cloud 8:ardana-ansible-8.0+git.1589740980.6c3bcdc-3.73.1.noarch", "SUSE OpenStack Cloud 8:ardana-cluster-8.0+git.1585685203.3e71e49-3.36.1.noarch", "SUSE OpenStack Cloud 8:ardana-freezer-8.0+git.1586539529.b7d295f-3.21.1.noarch", "SUSE OpenStack Cloud 8:ardana-input-model-8.0+git.1589740934.0e0ad61-3.39.1.noarch", "SUSE OpenStack Cloud 8:ardana-logging-8.0+git.1591194866.b7375d0-3.24.1.noarch", "SUSE OpenStack Cloud 8:ardana-mq-8.0+git.1589715269.62ad6df-3.22.1.noarch", "SUSE OpenStack Cloud 8:ardana-neutron-8.0+git.1590756744.ba84abc-3.42.1.noarch", "SUSE OpenStack Cloud 8:ardana-octavia-8.0+git.1590100427.cf4cc8f-3.29.1.noarch", "SUSE OpenStack Cloud 8:ardana-osconfig-8.0+git.1587034587.eac37b8-3.45.1.noarch", "SUSE OpenStack Cloud 8:caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-installation-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-operations-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-opsconsole-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-planning-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-security-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-supplement-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-upstream-admin-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-upstream-user-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-user-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:grafana-4.6.5-4.9.1.x86_64", "SUSE OpenStack Cloud 8:kibana-4.6.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:openstack-dashboard-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud 8:openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1.noarch", "SUSE OpenStack Cloud 8:openstack-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-keystone-doc-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud 8:openstack-monasca-installer-20190923_16.32-3.12.1.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-dhcp-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-doc-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-ha-tool-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-l3-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-macvtap-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-metadata-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-metering-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-server-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-octavia-amphora-image-x86_64-0.1.4-3.12.2.noarch", "SUSE OpenStack Cloud 8:python-Django-1.11.23-3.15.1.noarch", "SUSE OpenStack Cloud 8:python-Flask-0.12.1-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-GitPython-2.1.8-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-Pillow-4.2.1-3.5.1.x86_64", "SUSE OpenStack Cloud 8:python-amqp-2.4.2-3.12.1.noarch", "SUSE OpenStack Cloud 8:python-apicapi-1.6.0-3.6.1.noarch", "SUSE OpenStack Cloud 8:python-horizon-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud 8:python-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud 8:python-keystoneauth1-3.1.2~dev2-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud 8:python-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:python-oslo.messaging-5.30.8-3.11.1.noarch", "SUSE OpenStack Cloud 8:python-psutil-5.2.2-3.3.1.x86_64", "SUSE OpenStack Cloud 8:python-pyroute2-0.4.21-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-pysaml2-4.0.2-5.6.1.noarch", "SUSE OpenStack Cloud 8:python-tooz-1.58.1-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud 8:storm-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:storm-nimbus-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:storm-supervisor-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:venv-openstack-aodh-x86_64-5.1.1~dev7-12.26.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-barbican-x86_64-5.0.2~dev3-12.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-ceilometer-x86_64-9.0.8~dev7-12.24.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-cinder-x86_64-11.2.3~dev23-14.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-designate-x86_64-5.0.3~dev7-12.25.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-freezer-x86_64-5.0.0.0~xrc2~dev2-10.22.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-glance-x86_64-15.0.3~dev3-12.25.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-heat-x86_64-9.0.8~dev22-12.27.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-horizon-x86_64-12.0.5~dev3-14.30.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-ironic-x86_64-9.1.8~dev8-12.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-keystone-x86_64-12.0.4~dev11-11.28.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-magnum-x86_64-5.0.2_5.0.2_5.0.2~dev31-11.26.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-manila-x86_64-5.1.1~dev5-12.31.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-monasca-ceilometer-x86_64-1.5.1_1.5.1_1.5.1~dev3-8.22.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-monasca-x86_64-2.2.2~dev1-11.22.3.noarch", "SUSE OpenStack Cloud 8:venv-openstack-murano-x86_64-4.0.2~dev2-12.22.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-neutron-x86_64-11.0.9~dev65-13.30.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-nova-x86_64-16.1.9~dev61-11.28.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-octavia-x86_64-1.0.6~dev3-12.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-sahara-x86_64-7.0.5~dev4-11.26.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-swift-x86_64-2.15.2_2.15.2_2.15.2~dev32-11.18.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-trove-x86_64-8.0.2~dev2-11.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:ansible-2.4.6.0-3.9.1.noarch", "SUSE OpenStack Cloud Crowbar 8:caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1.noarch", "SUSE OpenStack Cloud Crowbar 8:crowbar-core-5.0+git.1593156248.55bbdb26d-3.41.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:crowbar-core-branding-upstream-5.0+git.1593156248.55bbdb26d-3.41.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:crowbar-openstack-5.0+git.1593085772.64c4ab43c-4.40.2.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-deployment-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-supplement-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-upstream-admin-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-upstream-user-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:grafana-4.6.5-4.9.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kibana-4.6.3-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:openstack-dashboard-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-keystone-doc-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-monasca-installer-20190923_16.32-3.12.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-dhcp-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-doc-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-ha-tool-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-l3-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-macvtap-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-metadata-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-metering-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-server-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-octavia-amphora-image-x86_64-0.1.4-3.12.2.noarch", "SUSE OpenStack Cloud Crowbar 8:python-Django-1.11.23-3.15.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-Flask-0.12.1-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-Pillow-4.2.1-3.5.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:python-amqp-2.4.2-3.12.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-apicapi-1.6.0-3.6.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-horizon-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:python-keystoneauth1-3.1.2~dev2-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:python-oslo.messaging-5.30.8-3.11.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-psutil-5.2.2-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:python-pyroute2-0.4.21-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-pysaml2-4.0.2-5.6.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-tooz-1.58.1-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-crowbar-client-3.9.2-3.12.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-puma-2.16.0-3.9.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:storm-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:storm-nimbus-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:storm-supervisor-1.1.3-3.3.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2020-07-14T12:42:01Z", details: "important", }, ], title: "CVE-2019-19911", }, { cve: "CVE-2019-3828", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-3828", }, ], notes: [ { category: "general", text: "Ansible fetch module before versions 2.5.15, 2.6.14, 2.7.8 has a path traversal vulnerability which allows copying and overwriting files outside of the specified destination in the local ansible controller host, by not restricting an absolute path.", title: "CVE description", }, ], product_status: { recommended: [ "HPE Helion OpenStack 8:ansible-2.4.6.0-3.9.1.noarch", "HPE Helion OpenStack 8:ansible1-1.9.6-7.3.1.noarch", "HPE Helion OpenStack 8:ardana-ansible-8.0+git.1589740980.6c3bcdc-3.73.1.noarch", "HPE Helion OpenStack 8:ardana-cluster-8.0+git.1585685203.3e71e49-3.36.1.noarch", "HPE Helion OpenStack 8:ardana-freezer-8.0+git.1586539529.b7d295f-3.21.1.noarch", "HPE Helion OpenStack 8:ardana-input-model-8.0+git.1589740934.0e0ad61-3.39.1.noarch", "HPE Helion OpenStack 8:ardana-logging-8.0+git.1591194866.b7375d0-3.24.1.noarch", "HPE Helion OpenStack 8:ardana-mq-8.0+git.1589715269.62ad6df-3.22.1.noarch", "HPE Helion OpenStack 8:ardana-neutron-8.0+git.1590756744.ba84abc-3.42.1.noarch", "HPE Helion OpenStack 8:ardana-octavia-8.0+git.1590100427.cf4cc8f-3.29.1.noarch", "HPE Helion OpenStack 8:ardana-osconfig-8.0+git.1587034587.eac37b8-3.45.1.noarch", "HPE Helion OpenStack 8:caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-installation-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-operations-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-opsconsole-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-planning-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-security-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-user-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:grafana-4.6.5-4.9.1.x86_64", "HPE Helion OpenStack 8:kibana-4.6.3-3.3.1.x86_64", "HPE Helion OpenStack 8:openstack-dashboard-12.0.5~dev3-3.26.1.noarch", "HPE Helion OpenStack 8:openstack-dashboard-theme-HPE-8+git.1523473653.6599ec8-3.3.1.noarch", "HPE Helion OpenStack 8:openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1.noarch", "HPE Helion OpenStack 8:openstack-keystone-12.0.4~dev11-5.33.2.noarch", "HPE Helion OpenStack 8:openstack-keystone-doc-12.0.4~dev11-5.33.2.noarch", "HPE Helion OpenStack 8:openstack-monasca-agent-2.2.6~dev4-3.18.1.noarch", "HPE Helion OpenStack 8:openstack-monasca-installer-20190923_16.32-3.12.1.noarch", "HPE Helion OpenStack 8:openstack-neutron-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-dhcp-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-doc-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-ha-tool-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-l3-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-macvtap-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-metadata-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-metering-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-server-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-octavia-amphora-image-x86_64-0.1.4-3.12.2.noarch", "HPE Helion OpenStack 8:python-Django-1.11.23-3.15.1.noarch", "HPE Helion OpenStack 8:python-Flask-0.12.1-3.3.1.noarch", "HPE Helion OpenStack 8:python-GitPython-2.1.8-3.3.1.noarch", "HPE Helion OpenStack 8:python-Pillow-4.2.1-3.5.1.x86_64", "HPE Helion OpenStack 8:python-amqp-2.4.2-3.12.1.noarch", "HPE Helion OpenStack 8:python-apicapi-1.6.0-3.6.1.noarch", "HPE Helion OpenStack 8:python-horizon-12.0.5~dev3-3.26.1.noarch", "HPE Helion OpenStack 8:python-keystone-12.0.4~dev11-5.33.2.noarch", "HPE Helion OpenStack 8:python-keystoneauth1-3.1.2~dev2-3.3.1.noarch", "HPE Helion OpenStack 8:python-monasca-agent-2.2.6~dev4-3.18.1.noarch", "HPE Helion OpenStack 8:python-neutron-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:python-oslo.messaging-5.30.8-3.11.1.noarch", "HPE Helion OpenStack 8:python-psutil-5.2.2-3.3.1.x86_64", "HPE Helion OpenStack 8:python-pyroute2-0.4.21-3.3.1.noarch", "HPE Helion OpenStack 8:python-pysaml2-4.0.2-5.6.1.noarch", "HPE Helion OpenStack 8:python-tooz-1.58.1-3.3.1.noarch", "HPE Helion OpenStack 8:python-waitress-1.4.3-3.3.1.noarch", "HPE Helion OpenStack 8:storm-1.1.3-3.3.1.x86_64", "HPE Helion OpenStack 8:storm-nimbus-1.1.3-3.3.1.x86_64", "HPE Helion OpenStack 8:storm-supervisor-1.1.3-3.3.1.x86_64", "HPE Helion OpenStack 8:venv-openstack-aodh-x86_64-5.1.1~dev7-12.26.2.noarch", "HPE Helion OpenStack 8:venv-openstack-barbican-x86_64-5.0.2~dev3-12.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-ceilometer-x86_64-9.0.8~dev7-12.24.2.noarch", "HPE Helion OpenStack 8:venv-openstack-cinder-x86_64-11.2.3~dev23-14.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-designate-x86_64-5.0.3~dev7-12.25.2.noarch", "HPE Helion OpenStack 8:venv-openstack-freezer-x86_64-5.0.0.0~xrc2~dev2-10.22.1.noarch", "HPE Helion OpenStack 8:venv-openstack-glance-x86_64-15.0.3~dev3-12.25.1.noarch", "HPE Helion OpenStack 8:venv-openstack-heat-x86_64-9.0.8~dev22-12.27.1.noarch", "HPE Helion OpenStack 8:venv-openstack-horizon-hpe-x86_64-12.0.5~dev3-14.30.1.noarch", "HPE Helion OpenStack 8:venv-openstack-ironic-x86_64-9.1.8~dev8-12.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-keystone-x86_64-12.0.4~dev11-11.28.2.noarch", "HPE Helion OpenStack 8:venv-openstack-magnum-x86_64-5.0.2_5.0.2_5.0.2~dev31-11.26.2.noarch", "HPE Helion OpenStack 8:venv-openstack-manila-x86_64-5.1.1~dev5-12.31.2.noarch", "HPE Helion OpenStack 8:venv-openstack-monasca-ceilometer-x86_64-1.5.1_1.5.1_1.5.1~dev3-8.22.2.noarch", "HPE Helion OpenStack 8:venv-openstack-monasca-x86_64-2.2.2~dev1-11.22.3.noarch", "HPE Helion OpenStack 8:venv-openstack-murano-x86_64-4.0.2~dev2-12.22.1.noarch", "HPE Helion OpenStack 8:venv-openstack-neutron-x86_64-11.0.9~dev65-13.30.2.noarch", "HPE Helion OpenStack 8:venv-openstack-nova-x86_64-16.1.9~dev61-11.28.2.noarch", "HPE Helion OpenStack 8:venv-openstack-octavia-x86_64-1.0.6~dev3-12.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-sahara-x86_64-7.0.5~dev4-11.26.2.noarch", "HPE Helion OpenStack 8:venv-openstack-swift-x86_64-2.15.2_2.15.2_2.15.2~dev32-11.18.1.noarch", "HPE Helion OpenStack 8:venv-openstack-trove-x86_64-8.0.2~dev2-11.26.1.noarch", "SUSE OpenStack Cloud 8:ansible-2.4.6.0-3.9.1.noarch", "SUSE OpenStack Cloud 8:ansible1-1.9.6-7.3.1.noarch", "SUSE OpenStack Cloud 8:ardana-ansible-8.0+git.1589740980.6c3bcdc-3.73.1.noarch", "SUSE OpenStack Cloud 8:ardana-cluster-8.0+git.1585685203.3e71e49-3.36.1.noarch", "SUSE OpenStack Cloud 8:ardana-freezer-8.0+git.1586539529.b7d295f-3.21.1.noarch", "SUSE OpenStack Cloud 8:ardana-input-model-8.0+git.1589740934.0e0ad61-3.39.1.noarch", "SUSE OpenStack Cloud 8:ardana-logging-8.0+git.1591194866.b7375d0-3.24.1.noarch", "SUSE OpenStack Cloud 8:ardana-mq-8.0+git.1589715269.62ad6df-3.22.1.noarch", "SUSE OpenStack Cloud 8:ardana-neutron-8.0+git.1590756744.ba84abc-3.42.1.noarch", "SUSE OpenStack Cloud 8:ardana-octavia-8.0+git.1590100427.cf4cc8f-3.29.1.noarch", "SUSE OpenStack Cloud 8:ardana-osconfig-8.0+git.1587034587.eac37b8-3.45.1.noarch", "SUSE OpenStack Cloud 8:caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-installation-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-operations-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-opsconsole-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-planning-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-security-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-supplement-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-upstream-admin-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-upstream-user-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-user-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:grafana-4.6.5-4.9.1.x86_64", "SUSE OpenStack Cloud 8:kibana-4.6.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:openstack-dashboard-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud 8:openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1.noarch", "SUSE OpenStack Cloud 8:openstack-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-keystone-doc-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud 8:openstack-monasca-installer-20190923_16.32-3.12.1.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-dhcp-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-doc-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-ha-tool-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-l3-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-macvtap-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-metadata-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-metering-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-server-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-octavia-amphora-image-x86_64-0.1.4-3.12.2.noarch", "SUSE OpenStack Cloud 8:python-Django-1.11.23-3.15.1.noarch", "SUSE OpenStack Cloud 8:python-Flask-0.12.1-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-GitPython-2.1.8-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-Pillow-4.2.1-3.5.1.x86_64", "SUSE OpenStack Cloud 8:python-amqp-2.4.2-3.12.1.noarch", "SUSE OpenStack Cloud 8:python-apicapi-1.6.0-3.6.1.noarch", "SUSE OpenStack Cloud 8:python-horizon-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud 8:python-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud 8:python-keystoneauth1-3.1.2~dev2-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud 8:python-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:python-oslo.messaging-5.30.8-3.11.1.noarch", "SUSE OpenStack Cloud 8:python-psutil-5.2.2-3.3.1.x86_64", "SUSE OpenStack Cloud 8:python-pyroute2-0.4.21-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-pysaml2-4.0.2-5.6.1.noarch", "SUSE OpenStack Cloud 8:python-tooz-1.58.1-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud 8:storm-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:storm-nimbus-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:storm-supervisor-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:venv-openstack-aodh-x86_64-5.1.1~dev7-12.26.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-barbican-x86_64-5.0.2~dev3-12.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-ceilometer-x86_64-9.0.8~dev7-12.24.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-cinder-x86_64-11.2.3~dev23-14.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-designate-x86_64-5.0.3~dev7-12.25.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-freezer-x86_64-5.0.0.0~xrc2~dev2-10.22.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-glance-x86_64-15.0.3~dev3-12.25.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-heat-x86_64-9.0.8~dev22-12.27.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-horizon-x86_64-12.0.5~dev3-14.30.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-ironic-x86_64-9.1.8~dev8-12.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-keystone-x86_64-12.0.4~dev11-11.28.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-magnum-x86_64-5.0.2_5.0.2_5.0.2~dev31-11.26.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-manila-x86_64-5.1.1~dev5-12.31.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-monasca-ceilometer-x86_64-1.5.1_1.5.1_1.5.1~dev3-8.22.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-monasca-x86_64-2.2.2~dev1-11.22.3.noarch", "SUSE OpenStack Cloud 8:venv-openstack-murano-x86_64-4.0.2~dev2-12.22.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-neutron-x86_64-11.0.9~dev65-13.30.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-nova-x86_64-16.1.9~dev61-11.28.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-octavia-x86_64-1.0.6~dev3-12.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-sahara-x86_64-7.0.5~dev4-11.26.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-swift-x86_64-2.15.2_2.15.2_2.15.2~dev32-11.18.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-trove-x86_64-8.0.2~dev2-11.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:ansible-2.4.6.0-3.9.1.noarch", "SUSE OpenStack Cloud Crowbar 8:caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1.noarch", "SUSE OpenStack Cloud Crowbar 8:crowbar-core-5.0+git.1593156248.55bbdb26d-3.41.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:crowbar-core-branding-upstream-5.0+git.1593156248.55bbdb26d-3.41.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:crowbar-openstack-5.0+git.1593085772.64c4ab43c-4.40.2.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-deployment-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-supplement-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-upstream-admin-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-upstream-user-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:grafana-4.6.5-4.9.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kibana-4.6.3-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:openstack-dashboard-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-keystone-doc-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-monasca-installer-20190923_16.32-3.12.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-dhcp-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-doc-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-ha-tool-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-l3-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-macvtap-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-metadata-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-metering-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-server-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-octavia-amphora-image-x86_64-0.1.4-3.12.2.noarch", "SUSE OpenStack Cloud Crowbar 8:python-Django-1.11.23-3.15.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-Flask-0.12.1-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-Pillow-4.2.1-3.5.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:python-amqp-2.4.2-3.12.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-apicapi-1.6.0-3.6.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-horizon-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:python-keystoneauth1-3.1.2~dev2-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:python-oslo.messaging-5.30.8-3.11.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-psutil-5.2.2-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:python-pyroute2-0.4.21-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-pysaml2-4.0.2-5.6.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-tooz-1.58.1-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-crowbar-client-3.9.2-3.12.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-puma-2.16.0-3.9.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:storm-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:storm-nimbus-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:storm-supervisor-1.1.3-3.3.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-3828", url: "https://www.suse.com/security/cve/CVE-2019-3828", }, { category: "external", summary: "SUSE Bug 1126503 for CVE-2019-3828", url: "https://bugzilla.suse.com/1126503", }, { category: "external", summary: "SUSE Bug 1164137 for CVE-2019-3828", url: "https://bugzilla.suse.com/1164137", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "HPE Helion OpenStack 8:ansible-2.4.6.0-3.9.1.noarch", "HPE Helion OpenStack 8:ansible1-1.9.6-7.3.1.noarch", "HPE Helion OpenStack 8:ardana-ansible-8.0+git.1589740980.6c3bcdc-3.73.1.noarch", "HPE Helion OpenStack 8:ardana-cluster-8.0+git.1585685203.3e71e49-3.36.1.noarch", "HPE Helion OpenStack 8:ardana-freezer-8.0+git.1586539529.b7d295f-3.21.1.noarch", "HPE Helion OpenStack 8:ardana-input-model-8.0+git.1589740934.0e0ad61-3.39.1.noarch", "HPE Helion OpenStack 8:ardana-logging-8.0+git.1591194866.b7375d0-3.24.1.noarch", "HPE Helion OpenStack 8:ardana-mq-8.0+git.1589715269.62ad6df-3.22.1.noarch", "HPE Helion OpenStack 8:ardana-neutron-8.0+git.1590756744.ba84abc-3.42.1.noarch", "HPE Helion OpenStack 8:ardana-octavia-8.0+git.1590100427.cf4cc8f-3.29.1.noarch", "HPE Helion OpenStack 8:ardana-osconfig-8.0+git.1587034587.eac37b8-3.45.1.noarch", "HPE Helion OpenStack 8:caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-installation-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-operations-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-opsconsole-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-planning-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-security-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-user-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:grafana-4.6.5-4.9.1.x86_64", "HPE Helion OpenStack 8:kibana-4.6.3-3.3.1.x86_64", "HPE Helion OpenStack 8:openstack-dashboard-12.0.5~dev3-3.26.1.noarch", "HPE Helion OpenStack 8:openstack-dashboard-theme-HPE-8+git.1523473653.6599ec8-3.3.1.noarch", "HPE Helion OpenStack 8:openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1.noarch", "HPE Helion OpenStack 8:openstack-keystone-12.0.4~dev11-5.33.2.noarch", "HPE Helion OpenStack 8:openstack-keystone-doc-12.0.4~dev11-5.33.2.noarch", "HPE Helion OpenStack 8:openstack-monasca-agent-2.2.6~dev4-3.18.1.noarch", "HPE Helion OpenStack 8:openstack-monasca-installer-20190923_16.32-3.12.1.noarch", "HPE Helion OpenStack 8:openstack-neutron-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-dhcp-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-doc-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-ha-tool-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-l3-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-macvtap-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-metadata-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-metering-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-server-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-octavia-amphora-image-x86_64-0.1.4-3.12.2.noarch", "HPE Helion OpenStack 8:python-Django-1.11.23-3.15.1.noarch", "HPE Helion OpenStack 8:python-Flask-0.12.1-3.3.1.noarch", "HPE Helion OpenStack 8:python-GitPython-2.1.8-3.3.1.noarch", "HPE Helion OpenStack 8:python-Pillow-4.2.1-3.5.1.x86_64", "HPE Helion OpenStack 8:python-amqp-2.4.2-3.12.1.noarch", "HPE Helion OpenStack 8:python-apicapi-1.6.0-3.6.1.noarch", "HPE Helion OpenStack 8:python-horizon-12.0.5~dev3-3.26.1.noarch", "HPE Helion OpenStack 8:python-keystone-12.0.4~dev11-5.33.2.noarch", "HPE Helion OpenStack 8:python-keystoneauth1-3.1.2~dev2-3.3.1.noarch", "HPE Helion OpenStack 8:python-monasca-agent-2.2.6~dev4-3.18.1.noarch", "HPE Helion OpenStack 8:python-neutron-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:python-oslo.messaging-5.30.8-3.11.1.noarch", "HPE Helion OpenStack 8:python-psutil-5.2.2-3.3.1.x86_64", "HPE Helion OpenStack 8:python-pyroute2-0.4.21-3.3.1.noarch", "HPE Helion OpenStack 8:python-pysaml2-4.0.2-5.6.1.noarch", "HPE Helion OpenStack 8:python-tooz-1.58.1-3.3.1.noarch", "HPE Helion OpenStack 8:python-waitress-1.4.3-3.3.1.noarch", "HPE Helion OpenStack 8:storm-1.1.3-3.3.1.x86_64", "HPE Helion OpenStack 8:storm-nimbus-1.1.3-3.3.1.x86_64", "HPE Helion OpenStack 8:storm-supervisor-1.1.3-3.3.1.x86_64", "HPE Helion OpenStack 8:venv-openstack-aodh-x86_64-5.1.1~dev7-12.26.2.noarch", "HPE Helion OpenStack 8:venv-openstack-barbican-x86_64-5.0.2~dev3-12.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-ceilometer-x86_64-9.0.8~dev7-12.24.2.noarch", "HPE Helion OpenStack 8:venv-openstack-cinder-x86_64-11.2.3~dev23-14.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-designate-x86_64-5.0.3~dev7-12.25.2.noarch", "HPE Helion OpenStack 8:venv-openstack-freezer-x86_64-5.0.0.0~xrc2~dev2-10.22.1.noarch", "HPE Helion OpenStack 8:venv-openstack-glance-x86_64-15.0.3~dev3-12.25.1.noarch", "HPE Helion OpenStack 8:venv-openstack-heat-x86_64-9.0.8~dev22-12.27.1.noarch", "HPE Helion OpenStack 8:venv-openstack-horizon-hpe-x86_64-12.0.5~dev3-14.30.1.noarch", "HPE Helion OpenStack 8:venv-openstack-ironic-x86_64-9.1.8~dev8-12.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-keystone-x86_64-12.0.4~dev11-11.28.2.noarch", "HPE Helion OpenStack 8:venv-openstack-magnum-x86_64-5.0.2_5.0.2_5.0.2~dev31-11.26.2.noarch", "HPE Helion OpenStack 8:venv-openstack-manila-x86_64-5.1.1~dev5-12.31.2.noarch", "HPE Helion OpenStack 8:venv-openstack-monasca-ceilometer-x86_64-1.5.1_1.5.1_1.5.1~dev3-8.22.2.noarch", "HPE Helion OpenStack 8:venv-openstack-monasca-x86_64-2.2.2~dev1-11.22.3.noarch", "HPE Helion OpenStack 8:venv-openstack-murano-x86_64-4.0.2~dev2-12.22.1.noarch", "HPE Helion OpenStack 8:venv-openstack-neutron-x86_64-11.0.9~dev65-13.30.2.noarch", "HPE Helion OpenStack 8:venv-openstack-nova-x86_64-16.1.9~dev61-11.28.2.noarch", "HPE Helion OpenStack 8:venv-openstack-octavia-x86_64-1.0.6~dev3-12.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-sahara-x86_64-7.0.5~dev4-11.26.2.noarch", "HPE Helion OpenStack 8:venv-openstack-swift-x86_64-2.15.2_2.15.2_2.15.2~dev32-11.18.1.noarch", "HPE Helion OpenStack 8:venv-openstack-trove-x86_64-8.0.2~dev2-11.26.1.noarch", "SUSE OpenStack Cloud 8:ansible-2.4.6.0-3.9.1.noarch", "SUSE OpenStack Cloud 8:ansible1-1.9.6-7.3.1.noarch", "SUSE OpenStack Cloud 8:ardana-ansible-8.0+git.1589740980.6c3bcdc-3.73.1.noarch", "SUSE OpenStack Cloud 8:ardana-cluster-8.0+git.1585685203.3e71e49-3.36.1.noarch", "SUSE OpenStack Cloud 8:ardana-freezer-8.0+git.1586539529.b7d295f-3.21.1.noarch", "SUSE OpenStack Cloud 8:ardana-input-model-8.0+git.1589740934.0e0ad61-3.39.1.noarch", "SUSE OpenStack Cloud 8:ardana-logging-8.0+git.1591194866.b7375d0-3.24.1.noarch", "SUSE OpenStack Cloud 8:ardana-mq-8.0+git.1589715269.62ad6df-3.22.1.noarch", "SUSE OpenStack Cloud 8:ardana-neutron-8.0+git.1590756744.ba84abc-3.42.1.noarch", "SUSE OpenStack Cloud 8:ardana-octavia-8.0+git.1590100427.cf4cc8f-3.29.1.noarch", "SUSE OpenStack Cloud 8:ardana-osconfig-8.0+git.1587034587.eac37b8-3.45.1.noarch", "SUSE OpenStack Cloud 8:caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-installation-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-operations-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-opsconsole-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-planning-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-security-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-supplement-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-upstream-admin-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-upstream-user-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-user-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:grafana-4.6.5-4.9.1.x86_64", "SUSE OpenStack Cloud 8:kibana-4.6.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:openstack-dashboard-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud 8:openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1.noarch", "SUSE OpenStack Cloud 8:openstack-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-keystone-doc-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud 8:openstack-monasca-installer-20190923_16.32-3.12.1.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-dhcp-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-doc-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-ha-tool-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-l3-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-macvtap-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-metadata-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-metering-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-server-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-octavia-amphora-image-x86_64-0.1.4-3.12.2.noarch", "SUSE OpenStack Cloud 8:python-Django-1.11.23-3.15.1.noarch", "SUSE OpenStack Cloud 8:python-Flask-0.12.1-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-GitPython-2.1.8-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-Pillow-4.2.1-3.5.1.x86_64", "SUSE OpenStack Cloud 8:python-amqp-2.4.2-3.12.1.noarch", "SUSE OpenStack Cloud 8:python-apicapi-1.6.0-3.6.1.noarch", "SUSE OpenStack Cloud 8:python-horizon-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud 8:python-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud 8:python-keystoneauth1-3.1.2~dev2-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud 8:python-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:python-oslo.messaging-5.30.8-3.11.1.noarch", "SUSE OpenStack Cloud 8:python-psutil-5.2.2-3.3.1.x86_64", "SUSE OpenStack Cloud 8:python-pyroute2-0.4.21-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-pysaml2-4.0.2-5.6.1.noarch", "SUSE OpenStack Cloud 8:python-tooz-1.58.1-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud 8:storm-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:storm-nimbus-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:storm-supervisor-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:venv-openstack-aodh-x86_64-5.1.1~dev7-12.26.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-barbican-x86_64-5.0.2~dev3-12.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-ceilometer-x86_64-9.0.8~dev7-12.24.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-cinder-x86_64-11.2.3~dev23-14.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-designate-x86_64-5.0.3~dev7-12.25.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-freezer-x86_64-5.0.0.0~xrc2~dev2-10.22.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-glance-x86_64-15.0.3~dev3-12.25.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-heat-x86_64-9.0.8~dev22-12.27.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-horizon-x86_64-12.0.5~dev3-14.30.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-ironic-x86_64-9.1.8~dev8-12.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-keystone-x86_64-12.0.4~dev11-11.28.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-magnum-x86_64-5.0.2_5.0.2_5.0.2~dev31-11.26.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-manila-x86_64-5.1.1~dev5-12.31.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-monasca-ceilometer-x86_64-1.5.1_1.5.1_1.5.1~dev3-8.22.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-monasca-x86_64-2.2.2~dev1-11.22.3.noarch", "SUSE OpenStack Cloud 8:venv-openstack-murano-x86_64-4.0.2~dev2-12.22.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-neutron-x86_64-11.0.9~dev65-13.30.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-nova-x86_64-16.1.9~dev61-11.28.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-octavia-x86_64-1.0.6~dev3-12.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-sahara-x86_64-7.0.5~dev4-11.26.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-swift-x86_64-2.15.2_2.15.2_2.15.2~dev32-11.18.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-trove-x86_64-8.0.2~dev2-11.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:ansible-2.4.6.0-3.9.1.noarch", "SUSE OpenStack Cloud Crowbar 8:caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1.noarch", "SUSE OpenStack Cloud Crowbar 8:crowbar-core-5.0+git.1593156248.55bbdb26d-3.41.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:crowbar-core-branding-upstream-5.0+git.1593156248.55bbdb26d-3.41.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:crowbar-openstack-5.0+git.1593085772.64c4ab43c-4.40.2.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-deployment-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-supplement-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-upstream-admin-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-upstream-user-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:grafana-4.6.5-4.9.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kibana-4.6.3-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:openstack-dashboard-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-keystone-doc-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-monasca-installer-20190923_16.32-3.12.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-dhcp-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-doc-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-ha-tool-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-l3-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-macvtap-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-metadata-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-metering-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-server-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-octavia-amphora-image-x86_64-0.1.4-3.12.2.noarch", "SUSE OpenStack Cloud Crowbar 8:python-Django-1.11.23-3.15.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-Flask-0.12.1-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-Pillow-4.2.1-3.5.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:python-amqp-2.4.2-3.12.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-apicapi-1.6.0-3.6.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-horizon-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:python-keystoneauth1-3.1.2~dev2-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:python-oslo.messaging-5.30.8-3.11.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-psutil-5.2.2-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:python-pyroute2-0.4.21-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-pysaml2-4.0.2-5.6.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-tooz-1.58.1-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-crowbar-client-3.9.2-3.12.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-puma-2.16.0-3.9.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:storm-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:storm-nimbus-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:storm-supervisor-1.1.3-3.3.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.2, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", version: "3.0", }, products: [ "HPE Helion OpenStack 8:ansible-2.4.6.0-3.9.1.noarch", "HPE Helion OpenStack 8:ansible1-1.9.6-7.3.1.noarch", "HPE Helion OpenStack 8:ardana-ansible-8.0+git.1589740980.6c3bcdc-3.73.1.noarch", "HPE Helion OpenStack 8:ardana-cluster-8.0+git.1585685203.3e71e49-3.36.1.noarch", "HPE Helion OpenStack 8:ardana-freezer-8.0+git.1586539529.b7d295f-3.21.1.noarch", "HPE Helion OpenStack 8:ardana-input-model-8.0+git.1589740934.0e0ad61-3.39.1.noarch", "HPE Helion OpenStack 8:ardana-logging-8.0+git.1591194866.b7375d0-3.24.1.noarch", "HPE Helion OpenStack 8:ardana-mq-8.0+git.1589715269.62ad6df-3.22.1.noarch", "HPE Helion OpenStack 8:ardana-neutron-8.0+git.1590756744.ba84abc-3.42.1.noarch", "HPE Helion OpenStack 8:ardana-octavia-8.0+git.1590100427.cf4cc8f-3.29.1.noarch", "HPE Helion OpenStack 8:ardana-osconfig-8.0+git.1587034587.eac37b8-3.45.1.noarch", "HPE Helion OpenStack 8:caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-installation-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-operations-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-opsconsole-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-planning-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-security-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-user-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:grafana-4.6.5-4.9.1.x86_64", "HPE Helion OpenStack 8:kibana-4.6.3-3.3.1.x86_64", "HPE Helion OpenStack 8:openstack-dashboard-12.0.5~dev3-3.26.1.noarch", "HPE Helion OpenStack 8:openstack-dashboard-theme-HPE-8+git.1523473653.6599ec8-3.3.1.noarch", "HPE Helion OpenStack 8:openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1.noarch", "HPE Helion OpenStack 8:openstack-keystone-12.0.4~dev11-5.33.2.noarch", "HPE Helion OpenStack 8:openstack-keystone-doc-12.0.4~dev11-5.33.2.noarch", "HPE Helion OpenStack 8:openstack-monasca-agent-2.2.6~dev4-3.18.1.noarch", "HPE Helion OpenStack 8:openstack-monasca-installer-20190923_16.32-3.12.1.noarch", "HPE Helion OpenStack 8:openstack-neutron-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-dhcp-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-doc-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-ha-tool-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-l3-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-macvtap-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-metadata-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-metering-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-server-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-octavia-amphora-image-x86_64-0.1.4-3.12.2.noarch", "HPE Helion OpenStack 8:python-Django-1.11.23-3.15.1.noarch", "HPE Helion OpenStack 8:python-Flask-0.12.1-3.3.1.noarch", "HPE Helion OpenStack 8:python-GitPython-2.1.8-3.3.1.noarch", "HPE Helion OpenStack 8:python-Pillow-4.2.1-3.5.1.x86_64", "HPE Helion OpenStack 8:python-amqp-2.4.2-3.12.1.noarch", "HPE Helion OpenStack 8:python-apicapi-1.6.0-3.6.1.noarch", "HPE Helion OpenStack 8:python-horizon-12.0.5~dev3-3.26.1.noarch", "HPE Helion OpenStack 8:python-keystone-12.0.4~dev11-5.33.2.noarch", "HPE Helion OpenStack 8:python-keystoneauth1-3.1.2~dev2-3.3.1.noarch", "HPE Helion OpenStack 8:python-monasca-agent-2.2.6~dev4-3.18.1.noarch", "HPE Helion OpenStack 8:python-neutron-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:python-oslo.messaging-5.30.8-3.11.1.noarch", "HPE Helion OpenStack 8:python-psutil-5.2.2-3.3.1.x86_64", "HPE Helion OpenStack 8:python-pyroute2-0.4.21-3.3.1.noarch", "HPE Helion OpenStack 8:python-pysaml2-4.0.2-5.6.1.noarch", "HPE Helion OpenStack 8:python-tooz-1.58.1-3.3.1.noarch", "HPE Helion OpenStack 8:python-waitress-1.4.3-3.3.1.noarch", "HPE Helion OpenStack 8:storm-1.1.3-3.3.1.x86_64", "HPE Helion OpenStack 8:storm-nimbus-1.1.3-3.3.1.x86_64", "HPE Helion OpenStack 8:storm-supervisor-1.1.3-3.3.1.x86_64", "HPE Helion OpenStack 8:venv-openstack-aodh-x86_64-5.1.1~dev7-12.26.2.noarch", "HPE Helion OpenStack 8:venv-openstack-barbican-x86_64-5.0.2~dev3-12.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-ceilometer-x86_64-9.0.8~dev7-12.24.2.noarch", "HPE Helion OpenStack 8:venv-openstack-cinder-x86_64-11.2.3~dev23-14.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-designate-x86_64-5.0.3~dev7-12.25.2.noarch", "HPE Helion OpenStack 8:venv-openstack-freezer-x86_64-5.0.0.0~xrc2~dev2-10.22.1.noarch", "HPE Helion OpenStack 8:venv-openstack-glance-x86_64-15.0.3~dev3-12.25.1.noarch", "HPE Helion OpenStack 8:venv-openstack-heat-x86_64-9.0.8~dev22-12.27.1.noarch", "HPE Helion OpenStack 8:venv-openstack-horizon-hpe-x86_64-12.0.5~dev3-14.30.1.noarch", "HPE Helion OpenStack 8:venv-openstack-ironic-x86_64-9.1.8~dev8-12.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-keystone-x86_64-12.0.4~dev11-11.28.2.noarch", "HPE Helion OpenStack 8:venv-openstack-magnum-x86_64-5.0.2_5.0.2_5.0.2~dev31-11.26.2.noarch", "HPE Helion OpenStack 8:venv-openstack-manila-x86_64-5.1.1~dev5-12.31.2.noarch", "HPE Helion OpenStack 8:venv-openstack-monasca-ceilometer-x86_64-1.5.1_1.5.1_1.5.1~dev3-8.22.2.noarch", "HPE Helion OpenStack 8:venv-openstack-monasca-x86_64-2.2.2~dev1-11.22.3.noarch", "HPE Helion OpenStack 8:venv-openstack-murano-x86_64-4.0.2~dev2-12.22.1.noarch", "HPE Helion OpenStack 8:venv-openstack-neutron-x86_64-11.0.9~dev65-13.30.2.noarch", "HPE Helion OpenStack 8:venv-openstack-nova-x86_64-16.1.9~dev61-11.28.2.noarch", "HPE Helion OpenStack 8:venv-openstack-octavia-x86_64-1.0.6~dev3-12.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-sahara-x86_64-7.0.5~dev4-11.26.2.noarch", "HPE Helion OpenStack 8:venv-openstack-swift-x86_64-2.15.2_2.15.2_2.15.2~dev32-11.18.1.noarch", "HPE Helion OpenStack 8:venv-openstack-trove-x86_64-8.0.2~dev2-11.26.1.noarch", "SUSE OpenStack Cloud 8:ansible-2.4.6.0-3.9.1.noarch", "SUSE OpenStack Cloud 8:ansible1-1.9.6-7.3.1.noarch", "SUSE OpenStack Cloud 8:ardana-ansible-8.0+git.1589740980.6c3bcdc-3.73.1.noarch", "SUSE OpenStack Cloud 8:ardana-cluster-8.0+git.1585685203.3e71e49-3.36.1.noarch", "SUSE OpenStack Cloud 8:ardana-freezer-8.0+git.1586539529.b7d295f-3.21.1.noarch", "SUSE OpenStack Cloud 8:ardana-input-model-8.0+git.1589740934.0e0ad61-3.39.1.noarch", "SUSE OpenStack Cloud 8:ardana-logging-8.0+git.1591194866.b7375d0-3.24.1.noarch", "SUSE OpenStack Cloud 8:ardana-mq-8.0+git.1589715269.62ad6df-3.22.1.noarch", "SUSE OpenStack Cloud 8:ardana-neutron-8.0+git.1590756744.ba84abc-3.42.1.noarch", "SUSE OpenStack Cloud 8:ardana-octavia-8.0+git.1590100427.cf4cc8f-3.29.1.noarch", "SUSE OpenStack Cloud 8:ardana-osconfig-8.0+git.1587034587.eac37b8-3.45.1.noarch", "SUSE OpenStack Cloud 8:caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-installation-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-operations-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-opsconsole-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-planning-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-security-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-supplement-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-upstream-admin-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-upstream-user-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-user-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:grafana-4.6.5-4.9.1.x86_64", "SUSE OpenStack Cloud 8:kibana-4.6.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:openstack-dashboard-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud 8:openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1.noarch", "SUSE OpenStack Cloud 8:openstack-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-keystone-doc-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud 8:openstack-monasca-installer-20190923_16.32-3.12.1.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-dhcp-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-doc-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-ha-tool-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-l3-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-macvtap-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-metadata-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-metering-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-server-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-octavia-amphora-image-x86_64-0.1.4-3.12.2.noarch", "SUSE OpenStack Cloud 8:python-Django-1.11.23-3.15.1.noarch", "SUSE OpenStack Cloud 8:python-Flask-0.12.1-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-GitPython-2.1.8-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-Pillow-4.2.1-3.5.1.x86_64", "SUSE OpenStack Cloud 8:python-amqp-2.4.2-3.12.1.noarch", "SUSE OpenStack Cloud 8:python-apicapi-1.6.0-3.6.1.noarch", "SUSE OpenStack Cloud 8:python-horizon-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud 8:python-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud 8:python-keystoneauth1-3.1.2~dev2-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud 8:python-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:python-oslo.messaging-5.30.8-3.11.1.noarch", "SUSE OpenStack Cloud 8:python-psutil-5.2.2-3.3.1.x86_64", "SUSE OpenStack Cloud 8:python-pyroute2-0.4.21-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-pysaml2-4.0.2-5.6.1.noarch", "SUSE OpenStack Cloud 8:python-tooz-1.58.1-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud 8:storm-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:storm-nimbus-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:storm-supervisor-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:venv-openstack-aodh-x86_64-5.1.1~dev7-12.26.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-barbican-x86_64-5.0.2~dev3-12.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-ceilometer-x86_64-9.0.8~dev7-12.24.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-cinder-x86_64-11.2.3~dev23-14.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-designate-x86_64-5.0.3~dev7-12.25.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-freezer-x86_64-5.0.0.0~xrc2~dev2-10.22.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-glance-x86_64-15.0.3~dev3-12.25.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-heat-x86_64-9.0.8~dev22-12.27.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-horizon-x86_64-12.0.5~dev3-14.30.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-ironic-x86_64-9.1.8~dev8-12.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-keystone-x86_64-12.0.4~dev11-11.28.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-magnum-x86_64-5.0.2_5.0.2_5.0.2~dev31-11.26.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-manila-x86_64-5.1.1~dev5-12.31.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-monasca-ceilometer-x86_64-1.5.1_1.5.1_1.5.1~dev3-8.22.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-monasca-x86_64-2.2.2~dev1-11.22.3.noarch", "SUSE OpenStack Cloud 8:venv-openstack-murano-x86_64-4.0.2~dev2-12.22.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-neutron-x86_64-11.0.9~dev65-13.30.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-nova-x86_64-16.1.9~dev61-11.28.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-octavia-x86_64-1.0.6~dev3-12.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-sahara-x86_64-7.0.5~dev4-11.26.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-swift-x86_64-2.15.2_2.15.2_2.15.2~dev32-11.18.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-trove-x86_64-8.0.2~dev2-11.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:ansible-2.4.6.0-3.9.1.noarch", "SUSE OpenStack Cloud Crowbar 8:caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1.noarch", "SUSE OpenStack Cloud Crowbar 8:crowbar-core-5.0+git.1593156248.55bbdb26d-3.41.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:crowbar-core-branding-upstream-5.0+git.1593156248.55bbdb26d-3.41.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:crowbar-openstack-5.0+git.1593085772.64c4ab43c-4.40.2.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-deployment-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-supplement-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-upstream-admin-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-upstream-user-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:grafana-4.6.5-4.9.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kibana-4.6.3-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:openstack-dashboard-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-keystone-doc-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-monasca-installer-20190923_16.32-3.12.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-dhcp-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-doc-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-ha-tool-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-l3-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-macvtap-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-metadata-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-metering-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-server-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-octavia-amphora-image-x86_64-0.1.4-3.12.2.noarch", "SUSE OpenStack Cloud Crowbar 8:python-Django-1.11.23-3.15.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-Flask-0.12.1-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-Pillow-4.2.1-3.5.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:python-amqp-2.4.2-3.12.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-apicapi-1.6.0-3.6.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-horizon-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:python-keystoneauth1-3.1.2~dev2-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:python-oslo.messaging-5.30.8-3.11.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-psutil-5.2.2-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:python-pyroute2-0.4.21-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-pysaml2-4.0.2-5.6.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-tooz-1.58.1-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-crowbar-client-3.9.2-3.12.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-puma-2.16.0-3.9.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:storm-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:storm-nimbus-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:storm-supervisor-1.1.3-3.3.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2020-07-14T12:42:01Z", details: "moderate", }, ], title: "CVE-2019-3828", }, { cve: "CVE-2020-10663", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-10663", }, ], notes: [ { category: "general", text: "The JSON gem through 2.2.0 for Ruby, as used in Ruby 2.4 through 2.4.9, 2.5 through 2.5.7, and 2.6 through 2.6.5, has an Unsafe Object Creation Vulnerability. This is quite similar to CVE-2013-0269, but does not rely on poor garbage-collection behavior within Ruby. Specifically, use of JSON parsing methods can lead to creation of a malicious object within the interpreter, with adverse effects that are application-dependent.", title: "CVE description", }, ], product_status: { recommended: [ "HPE Helion OpenStack 8:ansible-2.4.6.0-3.9.1.noarch", "HPE Helion OpenStack 8:ansible1-1.9.6-7.3.1.noarch", "HPE Helion OpenStack 8:ardana-ansible-8.0+git.1589740980.6c3bcdc-3.73.1.noarch", "HPE Helion OpenStack 8:ardana-cluster-8.0+git.1585685203.3e71e49-3.36.1.noarch", "HPE Helion OpenStack 8:ardana-freezer-8.0+git.1586539529.b7d295f-3.21.1.noarch", "HPE Helion OpenStack 8:ardana-input-model-8.0+git.1589740934.0e0ad61-3.39.1.noarch", "HPE Helion OpenStack 8:ardana-logging-8.0+git.1591194866.b7375d0-3.24.1.noarch", "HPE Helion OpenStack 8:ardana-mq-8.0+git.1589715269.62ad6df-3.22.1.noarch", "HPE Helion OpenStack 8:ardana-neutron-8.0+git.1590756744.ba84abc-3.42.1.noarch", "HPE Helion OpenStack 8:ardana-octavia-8.0+git.1590100427.cf4cc8f-3.29.1.noarch", "HPE Helion OpenStack 8:ardana-osconfig-8.0+git.1587034587.eac37b8-3.45.1.noarch", "HPE Helion OpenStack 8:caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-installation-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-operations-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-opsconsole-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-planning-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-security-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-user-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:grafana-4.6.5-4.9.1.x86_64", "HPE Helion OpenStack 8:kibana-4.6.3-3.3.1.x86_64", "HPE Helion OpenStack 8:openstack-dashboard-12.0.5~dev3-3.26.1.noarch", "HPE Helion OpenStack 8:openstack-dashboard-theme-HPE-8+git.1523473653.6599ec8-3.3.1.noarch", "HPE Helion OpenStack 8:openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1.noarch", "HPE Helion OpenStack 8:openstack-keystone-12.0.4~dev11-5.33.2.noarch", "HPE Helion OpenStack 8:openstack-keystone-doc-12.0.4~dev11-5.33.2.noarch", "HPE Helion OpenStack 8:openstack-monasca-agent-2.2.6~dev4-3.18.1.noarch", "HPE Helion OpenStack 8:openstack-monasca-installer-20190923_16.32-3.12.1.noarch", "HPE Helion OpenStack 8:openstack-neutron-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-dhcp-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-doc-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-ha-tool-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-l3-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-macvtap-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-metadata-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-metering-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-server-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-octavia-amphora-image-x86_64-0.1.4-3.12.2.noarch", "HPE Helion OpenStack 8:python-Django-1.11.23-3.15.1.noarch", "HPE Helion OpenStack 8:python-Flask-0.12.1-3.3.1.noarch", "HPE Helion OpenStack 8:python-GitPython-2.1.8-3.3.1.noarch", "HPE Helion OpenStack 8:python-Pillow-4.2.1-3.5.1.x86_64", "HPE Helion OpenStack 8:python-amqp-2.4.2-3.12.1.noarch", "HPE Helion OpenStack 8:python-apicapi-1.6.0-3.6.1.noarch", "HPE Helion OpenStack 8:python-horizon-12.0.5~dev3-3.26.1.noarch", "HPE Helion OpenStack 8:python-keystone-12.0.4~dev11-5.33.2.noarch", "HPE Helion OpenStack 8:python-keystoneauth1-3.1.2~dev2-3.3.1.noarch", "HPE Helion OpenStack 8:python-monasca-agent-2.2.6~dev4-3.18.1.noarch", "HPE Helion OpenStack 8:python-neutron-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:python-oslo.messaging-5.30.8-3.11.1.noarch", "HPE Helion OpenStack 8:python-psutil-5.2.2-3.3.1.x86_64", "HPE Helion OpenStack 8:python-pyroute2-0.4.21-3.3.1.noarch", "HPE Helion OpenStack 8:python-pysaml2-4.0.2-5.6.1.noarch", "HPE Helion OpenStack 8:python-tooz-1.58.1-3.3.1.noarch", "HPE Helion OpenStack 8:python-waitress-1.4.3-3.3.1.noarch", "HPE Helion OpenStack 8:storm-1.1.3-3.3.1.x86_64", "HPE Helion OpenStack 8:storm-nimbus-1.1.3-3.3.1.x86_64", "HPE Helion OpenStack 8:storm-supervisor-1.1.3-3.3.1.x86_64", "HPE Helion OpenStack 8:venv-openstack-aodh-x86_64-5.1.1~dev7-12.26.2.noarch", "HPE Helion OpenStack 8:venv-openstack-barbican-x86_64-5.0.2~dev3-12.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-ceilometer-x86_64-9.0.8~dev7-12.24.2.noarch", "HPE Helion OpenStack 8:venv-openstack-cinder-x86_64-11.2.3~dev23-14.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-designate-x86_64-5.0.3~dev7-12.25.2.noarch", "HPE Helion OpenStack 8:venv-openstack-freezer-x86_64-5.0.0.0~xrc2~dev2-10.22.1.noarch", "HPE Helion OpenStack 8:venv-openstack-glance-x86_64-15.0.3~dev3-12.25.1.noarch", "HPE Helion OpenStack 8:venv-openstack-heat-x86_64-9.0.8~dev22-12.27.1.noarch", "HPE Helion OpenStack 8:venv-openstack-horizon-hpe-x86_64-12.0.5~dev3-14.30.1.noarch", "HPE Helion OpenStack 8:venv-openstack-ironic-x86_64-9.1.8~dev8-12.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-keystone-x86_64-12.0.4~dev11-11.28.2.noarch", "HPE Helion OpenStack 8:venv-openstack-magnum-x86_64-5.0.2_5.0.2_5.0.2~dev31-11.26.2.noarch", "HPE Helion OpenStack 8:venv-openstack-manila-x86_64-5.1.1~dev5-12.31.2.noarch", "HPE Helion OpenStack 8:venv-openstack-monasca-ceilometer-x86_64-1.5.1_1.5.1_1.5.1~dev3-8.22.2.noarch", "HPE Helion OpenStack 8:venv-openstack-monasca-x86_64-2.2.2~dev1-11.22.3.noarch", "HPE Helion OpenStack 8:venv-openstack-murano-x86_64-4.0.2~dev2-12.22.1.noarch", "HPE Helion OpenStack 8:venv-openstack-neutron-x86_64-11.0.9~dev65-13.30.2.noarch", "HPE Helion OpenStack 8:venv-openstack-nova-x86_64-16.1.9~dev61-11.28.2.noarch", "HPE Helion OpenStack 8:venv-openstack-octavia-x86_64-1.0.6~dev3-12.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-sahara-x86_64-7.0.5~dev4-11.26.2.noarch", "HPE Helion OpenStack 8:venv-openstack-swift-x86_64-2.15.2_2.15.2_2.15.2~dev32-11.18.1.noarch", "HPE Helion OpenStack 8:venv-openstack-trove-x86_64-8.0.2~dev2-11.26.1.noarch", "SUSE OpenStack Cloud 8:ansible-2.4.6.0-3.9.1.noarch", "SUSE OpenStack Cloud 8:ansible1-1.9.6-7.3.1.noarch", "SUSE OpenStack Cloud 8:ardana-ansible-8.0+git.1589740980.6c3bcdc-3.73.1.noarch", "SUSE OpenStack Cloud 8:ardana-cluster-8.0+git.1585685203.3e71e49-3.36.1.noarch", "SUSE OpenStack Cloud 8:ardana-freezer-8.0+git.1586539529.b7d295f-3.21.1.noarch", "SUSE OpenStack Cloud 8:ardana-input-model-8.0+git.1589740934.0e0ad61-3.39.1.noarch", "SUSE OpenStack Cloud 8:ardana-logging-8.0+git.1591194866.b7375d0-3.24.1.noarch", "SUSE OpenStack Cloud 8:ardana-mq-8.0+git.1589715269.62ad6df-3.22.1.noarch", "SUSE OpenStack Cloud 8:ardana-neutron-8.0+git.1590756744.ba84abc-3.42.1.noarch", "SUSE OpenStack Cloud 8:ardana-octavia-8.0+git.1590100427.cf4cc8f-3.29.1.noarch", "SUSE OpenStack Cloud 8:ardana-osconfig-8.0+git.1587034587.eac37b8-3.45.1.noarch", "SUSE OpenStack Cloud 8:caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-installation-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-operations-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-opsconsole-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-planning-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-security-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-supplement-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-upstream-admin-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-upstream-user-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-user-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:grafana-4.6.5-4.9.1.x86_64", "SUSE OpenStack Cloud 8:kibana-4.6.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:openstack-dashboard-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud 8:openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1.noarch", "SUSE OpenStack Cloud 8:openstack-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-keystone-doc-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud 8:openstack-monasca-installer-20190923_16.32-3.12.1.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-dhcp-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-doc-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-ha-tool-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-l3-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-macvtap-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-metadata-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-metering-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-server-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-octavia-amphora-image-x86_64-0.1.4-3.12.2.noarch", "SUSE OpenStack Cloud 8:python-Django-1.11.23-3.15.1.noarch", "SUSE OpenStack Cloud 8:python-Flask-0.12.1-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-GitPython-2.1.8-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-Pillow-4.2.1-3.5.1.x86_64", "SUSE OpenStack Cloud 8:python-amqp-2.4.2-3.12.1.noarch", "SUSE OpenStack Cloud 8:python-apicapi-1.6.0-3.6.1.noarch", "SUSE OpenStack Cloud 8:python-horizon-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud 8:python-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud 8:python-keystoneauth1-3.1.2~dev2-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud 8:python-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:python-oslo.messaging-5.30.8-3.11.1.noarch", "SUSE OpenStack Cloud 8:python-psutil-5.2.2-3.3.1.x86_64", "SUSE OpenStack Cloud 8:python-pyroute2-0.4.21-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-pysaml2-4.0.2-5.6.1.noarch", "SUSE OpenStack Cloud 8:python-tooz-1.58.1-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud 8:storm-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:storm-nimbus-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:storm-supervisor-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:venv-openstack-aodh-x86_64-5.1.1~dev7-12.26.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-barbican-x86_64-5.0.2~dev3-12.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-ceilometer-x86_64-9.0.8~dev7-12.24.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-cinder-x86_64-11.2.3~dev23-14.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-designate-x86_64-5.0.3~dev7-12.25.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-freezer-x86_64-5.0.0.0~xrc2~dev2-10.22.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-glance-x86_64-15.0.3~dev3-12.25.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-heat-x86_64-9.0.8~dev22-12.27.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-horizon-x86_64-12.0.5~dev3-14.30.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-ironic-x86_64-9.1.8~dev8-12.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-keystone-x86_64-12.0.4~dev11-11.28.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-magnum-x86_64-5.0.2_5.0.2_5.0.2~dev31-11.26.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-manila-x86_64-5.1.1~dev5-12.31.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-monasca-ceilometer-x86_64-1.5.1_1.5.1_1.5.1~dev3-8.22.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-monasca-x86_64-2.2.2~dev1-11.22.3.noarch", "SUSE OpenStack Cloud 8:venv-openstack-murano-x86_64-4.0.2~dev2-12.22.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-neutron-x86_64-11.0.9~dev65-13.30.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-nova-x86_64-16.1.9~dev61-11.28.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-octavia-x86_64-1.0.6~dev3-12.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-sahara-x86_64-7.0.5~dev4-11.26.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-swift-x86_64-2.15.2_2.15.2_2.15.2~dev32-11.18.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-trove-x86_64-8.0.2~dev2-11.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:ansible-2.4.6.0-3.9.1.noarch", "SUSE OpenStack Cloud Crowbar 8:caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1.noarch", "SUSE OpenStack Cloud Crowbar 8:crowbar-core-5.0+git.1593156248.55bbdb26d-3.41.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:crowbar-core-branding-upstream-5.0+git.1593156248.55bbdb26d-3.41.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:crowbar-openstack-5.0+git.1593085772.64c4ab43c-4.40.2.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-deployment-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-supplement-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-upstream-admin-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-upstream-user-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:grafana-4.6.5-4.9.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kibana-4.6.3-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:openstack-dashboard-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-keystone-doc-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-monasca-installer-20190923_16.32-3.12.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-dhcp-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-doc-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-ha-tool-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-l3-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-macvtap-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-metadata-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-metering-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-server-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-octavia-amphora-image-x86_64-0.1.4-3.12.2.noarch", "SUSE OpenStack Cloud Crowbar 8:python-Django-1.11.23-3.15.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-Flask-0.12.1-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-Pillow-4.2.1-3.5.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:python-amqp-2.4.2-3.12.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-apicapi-1.6.0-3.6.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-horizon-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:python-keystoneauth1-3.1.2~dev2-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:python-oslo.messaging-5.30.8-3.11.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-psutil-5.2.2-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:python-pyroute2-0.4.21-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-pysaml2-4.0.2-5.6.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-tooz-1.58.1-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-crowbar-client-3.9.2-3.12.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-puma-2.16.0-3.9.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:storm-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:storm-nimbus-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:storm-supervisor-1.1.3-3.3.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-10663", url: "https://www.suse.com/security/cve/CVE-2020-10663", }, { category: "external", summary: "SUSE Bug 1167244 for CVE-2020-10663", url: "https://bugzilla.suse.com/1167244", }, { category: "external", summary: "SUSE Bug 1171517 for CVE-2020-10663", url: "https://bugzilla.suse.com/1171517", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "HPE Helion OpenStack 8:ansible-2.4.6.0-3.9.1.noarch", "HPE Helion OpenStack 8:ansible1-1.9.6-7.3.1.noarch", "HPE Helion OpenStack 8:ardana-ansible-8.0+git.1589740980.6c3bcdc-3.73.1.noarch", "HPE Helion OpenStack 8:ardana-cluster-8.0+git.1585685203.3e71e49-3.36.1.noarch", "HPE Helion OpenStack 8:ardana-freezer-8.0+git.1586539529.b7d295f-3.21.1.noarch", "HPE Helion OpenStack 8:ardana-input-model-8.0+git.1589740934.0e0ad61-3.39.1.noarch", "HPE Helion OpenStack 8:ardana-logging-8.0+git.1591194866.b7375d0-3.24.1.noarch", "HPE Helion OpenStack 8:ardana-mq-8.0+git.1589715269.62ad6df-3.22.1.noarch", "HPE Helion OpenStack 8:ardana-neutron-8.0+git.1590756744.ba84abc-3.42.1.noarch", "HPE Helion OpenStack 8:ardana-octavia-8.0+git.1590100427.cf4cc8f-3.29.1.noarch", "HPE Helion OpenStack 8:ardana-osconfig-8.0+git.1587034587.eac37b8-3.45.1.noarch", "HPE Helion OpenStack 8:caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-installation-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-operations-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-opsconsole-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-planning-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-security-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-user-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:grafana-4.6.5-4.9.1.x86_64", "HPE Helion OpenStack 8:kibana-4.6.3-3.3.1.x86_64", "HPE Helion OpenStack 8:openstack-dashboard-12.0.5~dev3-3.26.1.noarch", "HPE Helion OpenStack 8:openstack-dashboard-theme-HPE-8+git.1523473653.6599ec8-3.3.1.noarch", "HPE Helion OpenStack 8:openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1.noarch", "HPE Helion OpenStack 8:openstack-keystone-12.0.4~dev11-5.33.2.noarch", "HPE Helion OpenStack 8:openstack-keystone-doc-12.0.4~dev11-5.33.2.noarch", "HPE Helion OpenStack 8:openstack-monasca-agent-2.2.6~dev4-3.18.1.noarch", "HPE Helion OpenStack 8:openstack-monasca-installer-20190923_16.32-3.12.1.noarch", "HPE Helion OpenStack 8:openstack-neutron-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-dhcp-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-doc-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-ha-tool-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-l3-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-macvtap-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-metadata-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-metering-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-server-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-octavia-amphora-image-x86_64-0.1.4-3.12.2.noarch", "HPE Helion OpenStack 8:python-Django-1.11.23-3.15.1.noarch", "HPE Helion OpenStack 8:python-Flask-0.12.1-3.3.1.noarch", "HPE Helion OpenStack 8:python-GitPython-2.1.8-3.3.1.noarch", "HPE Helion OpenStack 8:python-Pillow-4.2.1-3.5.1.x86_64", "HPE Helion OpenStack 8:python-amqp-2.4.2-3.12.1.noarch", "HPE Helion OpenStack 8:python-apicapi-1.6.0-3.6.1.noarch", "HPE Helion OpenStack 8:python-horizon-12.0.5~dev3-3.26.1.noarch", "HPE Helion OpenStack 8:python-keystone-12.0.4~dev11-5.33.2.noarch", "HPE Helion OpenStack 8:python-keystoneauth1-3.1.2~dev2-3.3.1.noarch", "HPE Helion OpenStack 8:python-monasca-agent-2.2.6~dev4-3.18.1.noarch", "HPE Helion OpenStack 8:python-neutron-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:python-oslo.messaging-5.30.8-3.11.1.noarch", "HPE Helion OpenStack 8:python-psutil-5.2.2-3.3.1.x86_64", "HPE Helion OpenStack 8:python-pyroute2-0.4.21-3.3.1.noarch", "HPE Helion OpenStack 8:python-pysaml2-4.0.2-5.6.1.noarch", "HPE Helion OpenStack 8:python-tooz-1.58.1-3.3.1.noarch", "HPE Helion OpenStack 8:python-waitress-1.4.3-3.3.1.noarch", "HPE Helion OpenStack 8:storm-1.1.3-3.3.1.x86_64", "HPE Helion OpenStack 8:storm-nimbus-1.1.3-3.3.1.x86_64", "HPE Helion OpenStack 8:storm-supervisor-1.1.3-3.3.1.x86_64", "HPE Helion OpenStack 8:venv-openstack-aodh-x86_64-5.1.1~dev7-12.26.2.noarch", "HPE Helion OpenStack 8:venv-openstack-barbican-x86_64-5.0.2~dev3-12.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-ceilometer-x86_64-9.0.8~dev7-12.24.2.noarch", "HPE Helion OpenStack 8:venv-openstack-cinder-x86_64-11.2.3~dev23-14.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-designate-x86_64-5.0.3~dev7-12.25.2.noarch", "HPE Helion OpenStack 8:venv-openstack-freezer-x86_64-5.0.0.0~xrc2~dev2-10.22.1.noarch", "HPE Helion OpenStack 8:venv-openstack-glance-x86_64-15.0.3~dev3-12.25.1.noarch", "HPE Helion OpenStack 8:venv-openstack-heat-x86_64-9.0.8~dev22-12.27.1.noarch", "HPE Helion OpenStack 8:venv-openstack-horizon-hpe-x86_64-12.0.5~dev3-14.30.1.noarch", "HPE Helion OpenStack 8:venv-openstack-ironic-x86_64-9.1.8~dev8-12.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-keystone-x86_64-12.0.4~dev11-11.28.2.noarch", "HPE Helion OpenStack 8:venv-openstack-magnum-x86_64-5.0.2_5.0.2_5.0.2~dev31-11.26.2.noarch", "HPE Helion OpenStack 8:venv-openstack-manila-x86_64-5.1.1~dev5-12.31.2.noarch", "HPE Helion OpenStack 8:venv-openstack-monasca-ceilometer-x86_64-1.5.1_1.5.1_1.5.1~dev3-8.22.2.noarch", "HPE Helion OpenStack 8:venv-openstack-monasca-x86_64-2.2.2~dev1-11.22.3.noarch", "HPE Helion OpenStack 8:venv-openstack-murano-x86_64-4.0.2~dev2-12.22.1.noarch", "HPE Helion OpenStack 8:venv-openstack-neutron-x86_64-11.0.9~dev65-13.30.2.noarch", "HPE Helion OpenStack 8:venv-openstack-nova-x86_64-16.1.9~dev61-11.28.2.noarch", "HPE Helion OpenStack 8:venv-openstack-octavia-x86_64-1.0.6~dev3-12.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-sahara-x86_64-7.0.5~dev4-11.26.2.noarch", "HPE Helion OpenStack 8:venv-openstack-swift-x86_64-2.15.2_2.15.2_2.15.2~dev32-11.18.1.noarch", "HPE Helion OpenStack 8:venv-openstack-trove-x86_64-8.0.2~dev2-11.26.1.noarch", "SUSE OpenStack Cloud 8:ansible-2.4.6.0-3.9.1.noarch", "SUSE OpenStack Cloud 8:ansible1-1.9.6-7.3.1.noarch", "SUSE OpenStack Cloud 8:ardana-ansible-8.0+git.1589740980.6c3bcdc-3.73.1.noarch", "SUSE OpenStack Cloud 8:ardana-cluster-8.0+git.1585685203.3e71e49-3.36.1.noarch", "SUSE OpenStack Cloud 8:ardana-freezer-8.0+git.1586539529.b7d295f-3.21.1.noarch", "SUSE OpenStack Cloud 8:ardana-input-model-8.0+git.1589740934.0e0ad61-3.39.1.noarch", "SUSE OpenStack Cloud 8:ardana-logging-8.0+git.1591194866.b7375d0-3.24.1.noarch", "SUSE OpenStack Cloud 8:ardana-mq-8.0+git.1589715269.62ad6df-3.22.1.noarch", "SUSE OpenStack Cloud 8:ardana-neutron-8.0+git.1590756744.ba84abc-3.42.1.noarch", "SUSE OpenStack Cloud 8:ardana-octavia-8.0+git.1590100427.cf4cc8f-3.29.1.noarch", "SUSE OpenStack Cloud 8:ardana-osconfig-8.0+git.1587034587.eac37b8-3.45.1.noarch", "SUSE OpenStack Cloud 8:caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-installation-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-operations-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-opsconsole-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-planning-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-security-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-supplement-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-upstream-admin-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-upstream-user-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-user-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:grafana-4.6.5-4.9.1.x86_64", "SUSE OpenStack Cloud 8:kibana-4.6.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:openstack-dashboard-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud 8:openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1.noarch", "SUSE OpenStack Cloud 8:openstack-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-keystone-doc-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud 8:openstack-monasca-installer-20190923_16.32-3.12.1.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-dhcp-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-doc-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-ha-tool-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-l3-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-macvtap-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-metadata-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-metering-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-server-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-octavia-amphora-image-x86_64-0.1.4-3.12.2.noarch", "SUSE OpenStack Cloud 8:python-Django-1.11.23-3.15.1.noarch", "SUSE OpenStack Cloud 8:python-Flask-0.12.1-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-GitPython-2.1.8-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-Pillow-4.2.1-3.5.1.x86_64", "SUSE OpenStack Cloud 8:python-amqp-2.4.2-3.12.1.noarch", "SUSE OpenStack Cloud 8:python-apicapi-1.6.0-3.6.1.noarch", "SUSE OpenStack Cloud 8:python-horizon-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud 8:python-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud 8:python-keystoneauth1-3.1.2~dev2-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud 8:python-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:python-oslo.messaging-5.30.8-3.11.1.noarch", "SUSE OpenStack Cloud 8:python-psutil-5.2.2-3.3.1.x86_64", "SUSE OpenStack Cloud 8:python-pyroute2-0.4.21-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-pysaml2-4.0.2-5.6.1.noarch", "SUSE OpenStack Cloud 8:python-tooz-1.58.1-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud 8:storm-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:storm-nimbus-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:storm-supervisor-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:venv-openstack-aodh-x86_64-5.1.1~dev7-12.26.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-barbican-x86_64-5.0.2~dev3-12.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-ceilometer-x86_64-9.0.8~dev7-12.24.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-cinder-x86_64-11.2.3~dev23-14.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-designate-x86_64-5.0.3~dev7-12.25.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-freezer-x86_64-5.0.0.0~xrc2~dev2-10.22.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-glance-x86_64-15.0.3~dev3-12.25.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-heat-x86_64-9.0.8~dev22-12.27.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-horizon-x86_64-12.0.5~dev3-14.30.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-ironic-x86_64-9.1.8~dev8-12.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-keystone-x86_64-12.0.4~dev11-11.28.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-magnum-x86_64-5.0.2_5.0.2_5.0.2~dev31-11.26.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-manila-x86_64-5.1.1~dev5-12.31.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-monasca-ceilometer-x86_64-1.5.1_1.5.1_1.5.1~dev3-8.22.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-monasca-x86_64-2.2.2~dev1-11.22.3.noarch", "SUSE OpenStack Cloud 8:venv-openstack-murano-x86_64-4.0.2~dev2-12.22.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-neutron-x86_64-11.0.9~dev65-13.30.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-nova-x86_64-16.1.9~dev61-11.28.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-octavia-x86_64-1.0.6~dev3-12.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-sahara-x86_64-7.0.5~dev4-11.26.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-swift-x86_64-2.15.2_2.15.2_2.15.2~dev32-11.18.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-trove-x86_64-8.0.2~dev2-11.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:ansible-2.4.6.0-3.9.1.noarch", "SUSE OpenStack Cloud Crowbar 8:caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1.noarch", "SUSE OpenStack Cloud Crowbar 8:crowbar-core-5.0+git.1593156248.55bbdb26d-3.41.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:crowbar-core-branding-upstream-5.0+git.1593156248.55bbdb26d-3.41.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:crowbar-openstack-5.0+git.1593085772.64c4ab43c-4.40.2.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-deployment-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-supplement-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-upstream-admin-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-upstream-user-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:grafana-4.6.5-4.9.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kibana-4.6.3-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:openstack-dashboard-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-keystone-doc-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-monasca-installer-20190923_16.32-3.12.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-dhcp-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-doc-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-ha-tool-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-l3-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-macvtap-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-metadata-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-metering-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-server-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-octavia-amphora-image-x86_64-0.1.4-3.12.2.noarch", "SUSE OpenStack Cloud Crowbar 8:python-Django-1.11.23-3.15.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-Flask-0.12.1-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-Pillow-4.2.1-3.5.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:python-amqp-2.4.2-3.12.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-apicapi-1.6.0-3.6.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-horizon-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:python-keystoneauth1-3.1.2~dev2-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:python-oslo.messaging-5.30.8-3.11.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-psutil-5.2.2-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:python-pyroute2-0.4.21-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-pysaml2-4.0.2-5.6.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-tooz-1.58.1-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-crowbar-client-3.9.2-3.12.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-puma-2.16.0-3.9.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:storm-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:storm-nimbus-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:storm-supervisor-1.1.3-3.3.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "HPE Helion OpenStack 8:ansible-2.4.6.0-3.9.1.noarch", "HPE Helion OpenStack 8:ansible1-1.9.6-7.3.1.noarch", "HPE Helion OpenStack 8:ardana-ansible-8.0+git.1589740980.6c3bcdc-3.73.1.noarch", "HPE Helion OpenStack 8:ardana-cluster-8.0+git.1585685203.3e71e49-3.36.1.noarch", "HPE Helion OpenStack 8:ardana-freezer-8.0+git.1586539529.b7d295f-3.21.1.noarch", "HPE Helion OpenStack 8:ardana-input-model-8.0+git.1589740934.0e0ad61-3.39.1.noarch", "HPE Helion OpenStack 8:ardana-logging-8.0+git.1591194866.b7375d0-3.24.1.noarch", "HPE Helion OpenStack 8:ardana-mq-8.0+git.1589715269.62ad6df-3.22.1.noarch", "HPE Helion OpenStack 8:ardana-neutron-8.0+git.1590756744.ba84abc-3.42.1.noarch", "HPE Helion OpenStack 8:ardana-octavia-8.0+git.1590100427.cf4cc8f-3.29.1.noarch", "HPE Helion OpenStack 8:ardana-osconfig-8.0+git.1587034587.eac37b8-3.45.1.noarch", "HPE Helion OpenStack 8:caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-installation-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-operations-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-opsconsole-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-planning-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-security-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-user-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:grafana-4.6.5-4.9.1.x86_64", "HPE Helion OpenStack 8:kibana-4.6.3-3.3.1.x86_64", "HPE Helion OpenStack 8:openstack-dashboard-12.0.5~dev3-3.26.1.noarch", "HPE Helion OpenStack 8:openstack-dashboard-theme-HPE-8+git.1523473653.6599ec8-3.3.1.noarch", "HPE Helion OpenStack 8:openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1.noarch", "HPE Helion OpenStack 8:openstack-keystone-12.0.4~dev11-5.33.2.noarch", "HPE Helion OpenStack 8:openstack-keystone-doc-12.0.4~dev11-5.33.2.noarch", "HPE Helion OpenStack 8:openstack-monasca-agent-2.2.6~dev4-3.18.1.noarch", "HPE Helion OpenStack 8:openstack-monasca-installer-20190923_16.32-3.12.1.noarch", "HPE Helion OpenStack 8:openstack-neutron-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-dhcp-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-doc-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-ha-tool-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-l3-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-macvtap-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-metadata-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-metering-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-server-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-octavia-amphora-image-x86_64-0.1.4-3.12.2.noarch", "HPE Helion OpenStack 8:python-Django-1.11.23-3.15.1.noarch", "HPE Helion OpenStack 8:python-Flask-0.12.1-3.3.1.noarch", "HPE Helion OpenStack 8:python-GitPython-2.1.8-3.3.1.noarch", "HPE Helion OpenStack 8:python-Pillow-4.2.1-3.5.1.x86_64", "HPE Helion OpenStack 8:python-amqp-2.4.2-3.12.1.noarch", "HPE Helion OpenStack 8:python-apicapi-1.6.0-3.6.1.noarch", "HPE Helion OpenStack 8:python-horizon-12.0.5~dev3-3.26.1.noarch", "HPE Helion OpenStack 8:python-keystone-12.0.4~dev11-5.33.2.noarch", "HPE Helion OpenStack 8:python-keystoneauth1-3.1.2~dev2-3.3.1.noarch", "HPE Helion OpenStack 8:python-monasca-agent-2.2.6~dev4-3.18.1.noarch", "HPE Helion OpenStack 8:python-neutron-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:python-oslo.messaging-5.30.8-3.11.1.noarch", "HPE Helion OpenStack 8:python-psutil-5.2.2-3.3.1.x86_64", "HPE Helion OpenStack 8:python-pyroute2-0.4.21-3.3.1.noarch", "HPE Helion OpenStack 8:python-pysaml2-4.0.2-5.6.1.noarch", "HPE Helion OpenStack 8:python-tooz-1.58.1-3.3.1.noarch", "HPE Helion OpenStack 8:python-waitress-1.4.3-3.3.1.noarch", "HPE Helion OpenStack 8:storm-1.1.3-3.3.1.x86_64", "HPE Helion OpenStack 8:storm-nimbus-1.1.3-3.3.1.x86_64", "HPE Helion OpenStack 8:storm-supervisor-1.1.3-3.3.1.x86_64", "HPE Helion OpenStack 8:venv-openstack-aodh-x86_64-5.1.1~dev7-12.26.2.noarch", "HPE Helion OpenStack 8:venv-openstack-barbican-x86_64-5.0.2~dev3-12.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-ceilometer-x86_64-9.0.8~dev7-12.24.2.noarch", "HPE Helion OpenStack 8:venv-openstack-cinder-x86_64-11.2.3~dev23-14.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-designate-x86_64-5.0.3~dev7-12.25.2.noarch", "HPE Helion OpenStack 8:venv-openstack-freezer-x86_64-5.0.0.0~xrc2~dev2-10.22.1.noarch", "HPE Helion OpenStack 8:venv-openstack-glance-x86_64-15.0.3~dev3-12.25.1.noarch", "HPE Helion OpenStack 8:venv-openstack-heat-x86_64-9.0.8~dev22-12.27.1.noarch", "HPE Helion OpenStack 8:venv-openstack-horizon-hpe-x86_64-12.0.5~dev3-14.30.1.noarch", "HPE Helion OpenStack 8:venv-openstack-ironic-x86_64-9.1.8~dev8-12.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-keystone-x86_64-12.0.4~dev11-11.28.2.noarch", "HPE Helion OpenStack 8:venv-openstack-magnum-x86_64-5.0.2_5.0.2_5.0.2~dev31-11.26.2.noarch", "HPE Helion OpenStack 8:venv-openstack-manila-x86_64-5.1.1~dev5-12.31.2.noarch", "HPE Helion OpenStack 8:venv-openstack-monasca-ceilometer-x86_64-1.5.1_1.5.1_1.5.1~dev3-8.22.2.noarch", "HPE Helion OpenStack 8:venv-openstack-monasca-x86_64-2.2.2~dev1-11.22.3.noarch", "HPE Helion OpenStack 8:venv-openstack-murano-x86_64-4.0.2~dev2-12.22.1.noarch", "HPE Helion OpenStack 8:venv-openstack-neutron-x86_64-11.0.9~dev65-13.30.2.noarch", "HPE Helion OpenStack 8:venv-openstack-nova-x86_64-16.1.9~dev61-11.28.2.noarch", "HPE Helion OpenStack 8:venv-openstack-octavia-x86_64-1.0.6~dev3-12.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-sahara-x86_64-7.0.5~dev4-11.26.2.noarch", "HPE Helion OpenStack 8:venv-openstack-swift-x86_64-2.15.2_2.15.2_2.15.2~dev32-11.18.1.noarch", "HPE Helion OpenStack 8:venv-openstack-trove-x86_64-8.0.2~dev2-11.26.1.noarch", "SUSE OpenStack Cloud 8:ansible-2.4.6.0-3.9.1.noarch", "SUSE OpenStack Cloud 8:ansible1-1.9.6-7.3.1.noarch", "SUSE OpenStack Cloud 8:ardana-ansible-8.0+git.1589740980.6c3bcdc-3.73.1.noarch", "SUSE OpenStack Cloud 8:ardana-cluster-8.0+git.1585685203.3e71e49-3.36.1.noarch", "SUSE OpenStack Cloud 8:ardana-freezer-8.0+git.1586539529.b7d295f-3.21.1.noarch", "SUSE OpenStack Cloud 8:ardana-input-model-8.0+git.1589740934.0e0ad61-3.39.1.noarch", "SUSE OpenStack Cloud 8:ardana-logging-8.0+git.1591194866.b7375d0-3.24.1.noarch", "SUSE OpenStack Cloud 8:ardana-mq-8.0+git.1589715269.62ad6df-3.22.1.noarch", "SUSE OpenStack Cloud 8:ardana-neutron-8.0+git.1590756744.ba84abc-3.42.1.noarch", "SUSE OpenStack Cloud 8:ardana-octavia-8.0+git.1590100427.cf4cc8f-3.29.1.noarch", "SUSE OpenStack Cloud 8:ardana-osconfig-8.0+git.1587034587.eac37b8-3.45.1.noarch", "SUSE OpenStack Cloud 8:caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-installation-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-operations-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-opsconsole-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-planning-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-security-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-supplement-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-upstream-admin-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-upstream-user-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-user-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:grafana-4.6.5-4.9.1.x86_64", "SUSE OpenStack Cloud 8:kibana-4.6.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:openstack-dashboard-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud 8:openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1.noarch", "SUSE OpenStack Cloud 8:openstack-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-keystone-doc-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud 8:openstack-monasca-installer-20190923_16.32-3.12.1.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-dhcp-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-doc-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-ha-tool-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-l3-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-macvtap-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-metadata-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-metering-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-server-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-octavia-amphora-image-x86_64-0.1.4-3.12.2.noarch", "SUSE OpenStack Cloud 8:python-Django-1.11.23-3.15.1.noarch", "SUSE OpenStack Cloud 8:python-Flask-0.12.1-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-GitPython-2.1.8-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-Pillow-4.2.1-3.5.1.x86_64", "SUSE OpenStack Cloud 8:python-amqp-2.4.2-3.12.1.noarch", "SUSE OpenStack Cloud 8:python-apicapi-1.6.0-3.6.1.noarch", "SUSE OpenStack Cloud 8:python-horizon-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud 8:python-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud 8:python-keystoneauth1-3.1.2~dev2-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud 8:python-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:python-oslo.messaging-5.30.8-3.11.1.noarch", "SUSE OpenStack Cloud 8:python-psutil-5.2.2-3.3.1.x86_64", "SUSE OpenStack Cloud 8:python-pyroute2-0.4.21-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-pysaml2-4.0.2-5.6.1.noarch", "SUSE OpenStack Cloud 8:python-tooz-1.58.1-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud 8:storm-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:storm-nimbus-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:storm-supervisor-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:venv-openstack-aodh-x86_64-5.1.1~dev7-12.26.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-barbican-x86_64-5.0.2~dev3-12.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-ceilometer-x86_64-9.0.8~dev7-12.24.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-cinder-x86_64-11.2.3~dev23-14.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-designate-x86_64-5.0.3~dev7-12.25.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-freezer-x86_64-5.0.0.0~xrc2~dev2-10.22.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-glance-x86_64-15.0.3~dev3-12.25.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-heat-x86_64-9.0.8~dev22-12.27.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-horizon-x86_64-12.0.5~dev3-14.30.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-ironic-x86_64-9.1.8~dev8-12.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-keystone-x86_64-12.0.4~dev11-11.28.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-magnum-x86_64-5.0.2_5.0.2_5.0.2~dev31-11.26.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-manila-x86_64-5.1.1~dev5-12.31.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-monasca-ceilometer-x86_64-1.5.1_1.5.1_1.5.1~dev3-8.22.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-monasca-x86_64-2.2.2~dev1-11.22.3.noarch", "SUSE OpenStack Cloud 8:venv-openstack-murano-x86_64-4.0.2~dev2-12.22.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-neutron-x86_64-11.0.9~dev65-13.30.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-nova-x86_64-16.1.9~dev61-11.28.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-octavia-x86_64-1.0.6~dev3-12.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-sahara-x86_64-7.0.5~dev4-11.26.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-swift-x86_64-2.15.2_2.15.2_2.15.2~dev32-11.18.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-trove-x86_64-8.0.2~dev2-11.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:ansible-2.4.6.0-3.9.1.noarch", "SUSE OpenStack Cloud Crowbar 8:caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1.noarch", "SUSE OpenStack Cloud Crowbar 8:crowbar-core-5.0+git.1593156248.55bbdb26d-3.41.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:crowbar-core-branding-upstream-5.0+git.1593156248.55bbdb26d-3.41.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:crowbar-openstack-5.0+git.1593085772.64c4ab43c-4.40.2.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-deployment-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-supplement-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-upstream-admin-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-upstream-user-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:grafana-4.6.5-4.9.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kibana-4.6.3-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:openstack-dashboard-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-keystone-doc-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-monasca-installer-20190923_16.32-3.12.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-dhcp-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-doc-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-ha-tool-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-l3-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-macvtap-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-metadata-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-metering-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-server-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-octavia-amphora-image-x86_64-0.1.4-3.12.2.noarch", "SUSE OpenStack Cloud Crowbar 8:python-Django-1.11.23-3.15.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-Flask-0.12.1-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-Pillow-4.2.1-3.5.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:python-amqp-2.4.2-3.12.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-apicapi-1.6.0-3.6.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-horizon-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:python-keystoneauth1-3.1.2~dev2-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:python-oslo.messaging-5.30.8-3.11.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-psutil-5.2.2-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:python-pyroute2-0.4.21-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-pysaml2-4.0.2-5.6.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-tooz-1.58.1-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-crowbar-client-3.9.2-3.12.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-puma-2.16.0-3.9.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:storm-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:storm-nimbus-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:storm-supervisor-1.1.3-3.3.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2020-07-14T12:42:01Z", details: "important", }, ], title: "CVE-2020-10663", }, { cve: "CVE-2020-10743", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-10743", }, ], notes: [ { category: "general", text: "It was discovered that OpenShift Container Platform's (OCP) distribution of Kibana could open in an iframe, which made it possible to intercept and manipulate requests. This flaw allows an attacker to trick a user into performing arbitrary actions in OCP's distribution of Kibana, such as clickjacking.", title: "CVE description", }, ], product_status: { recommended: [ "HPE Helion OpenStack 8:ansible-2.4.6.0-3.9.1.noarch", "HPE Helion OpenStack 8:ansible1-1.9.6-7.3.1.noarch", "HPE Helion OpenStack 8:ardana-ansible-8.0+git.1589740980.6c3bcdc-3.73.1.noarch", "HPE Helion OpenStack 8:ardana-cluster-8.0+git.1585685203.3e71e49-3.36.1.noarch", "HPE Helion OpenStack 8:ardana-freezer-8.0+git.1586539529.b7d295f-3.21.1.noarch", "HPE Helion OpenStack 8:ardana-input-model-8.0+git.1589740934.0e0ad61-3.39.1.noarch", "HPE Helion OpenStack 8:ardana-logging-8.0+git.1591194866.b7375d0-3.24.1.noarch", "HPE Helion OpenStack 8:ardana-mq-8.0+git.1589715269.62ad6df-3.22.1.noarch", "HPE Helion OpenStack 8:ardana-neutron-8.0+git.1590756744.ba84abc-3.42.1.noarch", "HPE Helion OpenStack 8:ardana-octavia-8.0+git.1590100427.cf4cc8f-3.29.1.noarch", "HPE Helion OpenStack 8:ardana-osconfig-8.0+git.1587034587.eac37b8-3.45.1.noarch", "HPE Helion OpenStack 8:caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-installation-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-operations-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-opsconsole-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-planning-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-security-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-user-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:grafana-4.6.5-4.9.1.x86_64", "HPE Helion OpenStack 8:kibana-4.6.3-3.3.1.x86_64", "HPE Helion OpenStack 8:openstack-dashboard-12.0.5~dev3-3.26.1.noarch", "HPE Helion OpenStack 8:openstack-dashboard-theme-HPE-8+git.1523473653.6599ec8-3.3.1.noarch", "HPE Helion OpenStack 8:openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1.noarch", "HPE Helion OpenStack 8:openstack-keystone-12.0.4~dev11-5.33.2.noarch", "HPE Helion OpenStack 8:openstack-keystone-doc-12.0.4~dev11-5.33.2.noarch", "HPE Helion OpenStack 8:openstack-monasca-agent-2.2.6~dev4-3.18.1.noarch", "HPE Helion OpenStack 8:openstack-monasca-installer-20190923_16.32-3.12.1.noarch", "HPE Helion OpenStack 8:openstack-neutron-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-dhcp-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-doc-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-ha-tool-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-l3-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-macvtap-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-metadata-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-metering-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-server-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-octavia-amphora-image-x86_64-0.1.4-3.12.2.noarch", "HPE Helion OpenStack 8:python-Django-1.11.23-3.15.1.noarch", "HPE Helion OpenStack 8:python-Flask-0.12.1-3.3.1.noarch", "HPE Helion OpenStack 8:python-GitPython-2.1.8-3.3.1.noarch", "HPE Helion OpenStack 8:python-Pillow-4.2.1-3.5.1.x86_64", "HPE Helion OpenStack 8:python-amqp-2.4.2-3.12.1.noarch", "HPE Helion OpenStack 8:python-apicapi-1.6.0-3.6.1.noarch", "HPE Helion OpenStack 8:python-horizon-12.0.5~dev3-3.26.1.noarch", "HPE Helion OpenStack 8:python-keystone-12.0.4~dev11-5.33.2.noarch", "HPE Helion OpenStack 8:python-keystoneauth1-3.1.2~dev2-3.3.1.noarch", "HPE Helion OpenStack 8:python-monasca-agent-2.2.6~dev4-3.18.1.noarch", "HPE Helion OpenStack 8:python-neutron-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:python-oslo.messaging-5.30.8-3.11.1.noarch", "HPE Helion OpenStack 8:python-psutil-5.2.2-3.3.1.x86_64", "HPE Helion OpenStack 8:python-pyroute2-0.4.21-3.3.1.noarch", "HPE Helion OpenStack 8:python-pysaml2-4.0.2-5.6.1.noarch", "HPE Helion OpenStack 8:python-tooz-1.58.1-3.3.1.noarch", "HPE Helion OpenStack 8:python-waitress-1.4.3-3.3.1.noarch", "HPE Helion OpenStack 8:storm-1.1.3-3.3.1.x86_64", "HPE Helion OpenStack 8:storm-nimbus-1.1.3-3.3.1.x86_64", "HPE Helion OpenStack 8:storm-supervisor-1.1.3-3.3.1.x86_64", "HPE Helion OpenStack 8:venv-openstack-aodh-x86_64-5.1.1~dev7-12.26.2.noarch", "HPE Helion OpenStack 8:venv-openstack-barbican-x86_64-5.0.2~dev3-12.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-ceilometer-x86_64-9.0.8~dev7-12.24.2.noarch", "HPE Helion OpenStack 8:venv-openstack-cinder-x86_64-11.2.3~dev23-14.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-designate-x86_64-5.0.3~dev7-12.25.2.noarch", "HPE Helion OpenStack 8:venv-openstack-freezer-x86_64-5.0.0.0~xrc2~dev2-10.22.1.noarch", "HPE Helion OpenStack 8:venv-openstack-glance-x86_64-15.0.3~dev3-12.25.1.noarch", "HPE Helion OpenStack 8:venv-openstack-heat-x86_64-9.0.8~dev22-12.27.1.noarch", "HPE Helion OpenStack 8:venv-openstack-horizon-hpe-x86_64-12.0.5~dev3-14.30.1.noarch", "HPE Helion OpenStack 8:venv-openstack-ironic-x86_64-9.1.8~dev8-12.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-keystone-x86_64-12.0.4~dev11-11.28.2.noarch", "HPE Helion OpenStack 8:venv-openstack-magnum-x86_64-5.0.2_5.0.2_5.0.2~dev31-11.26.2.noarch", "HPE Helion OpenStack 8:venv-openstack-manila-x86_64-5.1.1~dev5-12.31.2.noarch", "HPE Helion OpenStack 8:venv-openstack-monasca-ceilometer-x86_64-1.5.1_1.5.1_1.5.1~dev3-8.22.2.noarch", "HPE Helion OpenStack 8:venv-openstack-monasca-x86_64-2.2.2~dev1-11.22.3.noarch", "HPE Helion OpenStack 8:venv-openstack-murano-x86_64-4.0.2~dev2-12.22.1.noarch", "HPE Helion OpenStack 8:venv-openstack-neutron-x86_64-11.0.9~dev65-13.30.2.noarch", "HPE Helion OpenStack 8:venv-openstack-nova-x86_64-16.1.9~dev61-11.28.2.noarch", "HPE Helion OpenStack 8:venv-openstack-octavia-x86_64-1.0.6~dev3-12.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-sahara-x86_64-7.0.5~dev4-11.26.2.noarch", "HPE Helion OpenStack 8:venv-openstack-swift-x86_64-2.15.2_2.15.2_2.15.2~dev32-11.18.1.noarch", "HPE Helion OpenStack 8:venv-openstack-trove-x86_64-8.0.2~dev2-11.26.1.noarch", "SUSE OpenStack Cloud 8:ansible-2.4.6.0-3.9.1.noarch", "SUSE OpenStack Cloud 8:ansible1-1.9.6-7.3.1.noarch", "SUSE OpenStack Cloud 8:ardana-ansible-8.0+git.1589740980.6c3bcdc-3.73.1.noarch", "SUSE OpenStack Cloud 8:ardana-cluster-8.0+git.1585685203.3e71e49-3.36.1.noarch", "SUSE OpenStack Cloud 8:ardana-freezer-8.0+git.1586539529.b7d295f-3.21.1.noarch", "SUSE OpenStack Cloud 8:ardana-input-model-8.0+git.1589740934.0e0ad61-3.39.1.noarch", "SUSE OpenStack Cloud 8:ardana-logging-8.0+git.1591194866.b7375d0-3.24.1.noarch", "SUSE OpenStack Cloud 8:ardana-mq-8.0+git.1589715269.62ad6df-3.22.1.noarch", "SUSE OpenStack Cloud 8:ardana-neutron-8.0+git.1590756744.ba84abc-3.42.1.noarch", "SUSE OpenStack Cloud 8:ardana-octavia-8.0+git.1590100427.cf4cc8f-3.29.1.noarch", "SUSE OpenStack Cloud 8:ardana-osconfig-8.0+git.1587034587.eac37b8-3.45.1.noarch", "SUSE OpenStack Cloud 8:caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-installation-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-operations-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-opsconsole-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-planning-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-security-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-supplement-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-upstream-admin-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-upstream-user-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-user-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:grafana-4.6.5-4.9.1.x86_64", "SUSE OpenStack Cloud 8:kibana-4.6.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:openstack-dashboard-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud 8:openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1.noarch", "SUSE OpenStack Cloud 8:openstack-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-keystone-doc-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud 8:openstack-monasca-installer-20190923_16.32-3.12.1.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-dhcp-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-doc-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-ha-tool-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-l3-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-macvtap-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-metadata-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-metering-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-server-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-octavia-amphora-image-x86_64-0.1.4-3.12.2.noarch", "SUSE OpenStack Cloud 8:python-Django-1.11.23-3.15.1.noarch", "SUSE OpenStack Cloud 8:python-Flask-0.12.1-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-GitPython-2.1.8-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-Pillow-4.2.1-3.5.1.x86_64", "SUSE OpenStack Cloud 8:python-amqp-2.4.2-3.12.1.noarch", "SUSE OpenStack Cloud 8:python-apicapi-1.6.0-3.6.1.noarch", "SUSE OpenStack Cloud 8:python-horizon-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud 8:python-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud 8:python-keystoneauth1-3.1.2~dev2-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud 8:python-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:python-oslo.messaging-5.30.8-3.11.1.noarch", "SUSE OpenStack Cloud 8:python-psutil-5.2.2-3.3.1.x86_64", "SUSE OpenStack Cloud 8:python-pyroute2-0.4.21-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-pysaml2-4.0.2-5.6.1.noarch", "SUSE OpenStack Cloud 8:python-tooz-1.58.1-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud 8:storm-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:storm-nimbus-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:storm-supervisor-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:venv-openstack-aodh-x86_64-5.1.1~dev7-12.26.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-barbican-x86_64-5.0.2~dev3-12.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-ceilometer-x86_64-9.0.8~dev7-12.24.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-cinder-x86_64-11.2.3~dev23-14.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-designate-x86_64-5.0.3~dev7-12.25.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-freezer-x86_64-5.0.0.0~xrc2~dev2-10.22.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-glance-x86_64-15.0.3~dev3-12.25.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-heat-x86_64-9.0.8~dev22-12.27.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-horizon-x86_64-12.0.5~dev3-14.30.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-ironic-x86_64-9.1.8~dev8-12.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-keystone-x86_64-12.0.4~dev11-11.28.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-magnum-x86_64-5.0.2_5.0.2_5.0.2~dev31-11.26.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-manila-x86_64-5.1.1~dev5-12.31.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-monasca-ceilometer-x86_64-1.5.1_1.5.1_1.5.1~dev3-8.22.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-monasca-x86_64-2.2.2~dev1-11.22.3.noarch", "SUSE OpenStack Cloud 8:venv-openstack-murano-x86_64-4.0.2~dev2-12.22.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-neutron-x86_64-11.0.9~dev65-13.30.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-nova-x86_64-16.1.9~dev61-11.28.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-octavia-x86_64-1.0.6~dev3-12.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-sahara-x86_64-7.0.5~dev4-11.26.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-swift-x86_64-2.15.2_2.15.2_2.15.2~dev32-11.18.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-trove-x86_64-8.0.2~dev2-11.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:ansible-2.4.6.0-3.9.1.noarch", "SUSE OpenStack Cloud Crowbar 8:caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1.noarch", "SUSE OpenStack Cloud Crowbar 8:crowbar-core-5.0+git.1593156248.55bbdb26d-3.41.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:crowbar-core-branding-upstream-5.0+git.1593156248.55bbdb26d-3.41.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:crowbar-openstack-5.0+git.1593085772.64c4ab43c-4.40.2.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-deployment-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-supplement-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-upstream-admin-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-upstream-user-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:grafana-4.6.5-4.9.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kibana-4.6.3-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:openstack-dashboard-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-keystone-doc-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-monasca-installer-20190923_16.32-3.12.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-dhcp-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-doc-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-ha-tool-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-l3-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-macvtap-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-metadata-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-metering-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-server-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-octavia-amphora-image-x86_64-0.1.4-3.12.2.noarch", "SUSE OpenStack Cloud Crowbar 8:python-Django-1.11.23-3.15.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-Flask-0.12.1-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-Pillow-4.2.1-3.5.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:python-amqp-2.4.2-3.12.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-apicapi-1.6.0-3.6.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-horizon-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:python-keystoneauth1-3.1.2~dev2-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:python-oslo.messaging-5.30.8-3.11.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-psutil-5.2.2-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:python-pyroute2-0.4.21-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-pysaml2-4.0.2-5.6.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-tooz-1.58.1-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-crowbar-client-3.9.2-3.12.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-puma-2.16.0-3.9.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:storm-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:storm-nimbus-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:storm-supervisor-1.1.3-3.3.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-10743", url: "https://www.suse.com/security/cve/CVE-2020-10743", }, { category: "external", summary: "SUSE Bug 1171909 for CVE-2020-10743", url: "https://bugzilla.suse.com/1171909", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "HPE Helion OpenStack 8:ansible-2.4.6.0-3.9.1.noarch", "HPE Helion OpenStack 8:ansible1-1.9.6-7.3.1.noarch", "HPE Helion OpenStack 8:ardana-ansible-8.0+git.1589740980.6c3bcdc-3.73.1.noarch", "HPE Helion OpenStack 8:ardana-cluster-8.0+git.1585685203.3e71e49-3.36.1.noarch", "HPE Helion OpenStack 8:ardana-freezer-8.0+git.1586539529.b7d295f-3.21.1.noarch", "HPE Helion OpenStack 8:ardana-input-model-8.0+git.1589740934.0e0ad61-3.39.1.noarch", "HPE Helion OpenStack 8:ardana-logging-8.0+git.1591194866.b7375d0-3.24.1.noarch", "HPE Helion OpenStack 8:ardana-mq-8.0+git.1589715269.62ad6df-3.22.1.noarch", "HPE Helion OpenStack 8:ardana-neutron-8.0+git.1590756744.ba84abc-3.42.1.noarch", "HPE Helion OpenStack 8:ardana-octavia-8.0+git.1590100427.cf4cc8f-3.29.1.noarch", "HPE Helion OpenStack 8:ardana-osconfig-8.0+git.1587034587.eac37b8-3.45.1.noarch", "HPE Helion OpenStack 8:caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-installation-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-operations-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-opsconsole-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-planning-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-security-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-user-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:grafana-4.6.5-4.9.1.x86_64", "HPE Helion OpenStack 8:kibana-4.6.3-3.3.1.x86_64", "HPE Helion OpenStack 8:openstack-dashboard-12.0.5~dev3-3.26.1.noarch", "HPE Helion OpenStack 8:openstack-dashboard-theme-HPE-8+git.1523473653.6599ec8-3.3.1.noarch", "HPE Helion OpenStack 8:openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1.noarch", "HPE Helion OpenStack 8:openstack-keystone-12.0.4~dev11-5.33.2.noarch", "HPE Helion OpenStack 8:openstack-keystone-doc-12.0.4~dev11-5.33.2.noarch", "HPE Helion OpenStack 8:openstack-monasca-agent-2.2.6~dev4-3.18.1.noarch", "HPE Helion OpenStack 8:openstack-monasca-installer-20190923_16.32-3.12.1.noarch", "HPE Helion OpenStack 8:openstack-neutron-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-dhcp-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-doc-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-ha-tool-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-l3-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-macvtap-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-metadata-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-metering-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-server-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-octavia-amphora-image-x86_64-0.1.4-3.12.2.noarch", "HPE Helion OpenStack 8:python-Django-1.11.23-3.15.1.noarch", "HPE Helion OpenStack 8:python-Flask-0.12.1-3.3.1.noarch", "HPE Helion OpenStack 8:python-GitPython-2.1.8-3.3.1.noarch", "HPE Helion OpenStack 8:python-Pillow-4.2.1-3.5.1.x86_64", "HPE Helion OpenStack 8:python-amqp-2.4.2-3.12.1.noarch", "HPE Helion OpenStack 8:python-apicapi-1.6.0-3.6.1.noarch", "HPE Helion OpenStack 8:python-horizon-12.0.5~dev3-3.26.1.noarch", "HPE Helion OpenStack 8:python-keystone-12.0.4~dev11-5.33.2.noarch", "HPE Helion OpenStack 8:python-keystoneauth1-3.1.2~dev2-3.3.1.noarch", "HPE Helion OpenStack 8:python-monasca-agent-2.2.6~dev4-3.18.1.noarch", "HPE Helion OpenStack 8:python-neutron-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:python-oslo.messaging-5.30.8-3.11.1.noarch", "HPE Helion OpenStack 8:python-psutil-5.2.2-3.3.1.x86_64", "HPE Helion OpenStack 8:python-pyroute2-0.4.21-3.3.1.noarch", "HPE Helion OpenStack 8:python-pysaml2-4.0.2-5.6.1.noarch", "HPE Helion OpenStack 8:python-tooz-1.58.1-3.3.1.noarch", "HPE Helion OpenStack 8:python-waitress-1.4.3-3.3.1.noarch", "HPE Helion OpenStack 8:storm-1.1.3-3.3.1.x86_64", "HPE Helion OpenStack 8:storm-nimbus-1.1.3-3.3.1.x86_64", "HPE Helion OpenStack 8:storm-supervisor-1.1.3-3.3.1.x86_64", "HPE Helion OpenStack 8:venv-openstack-aodh-x86_64-5.1.1~dev7-12.26.2.noarch", "HPE Helion OpenStack 8:venv-openstack-barbican-x86_64-5.0.2~dev3-12.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-ceilometer-x86_64-9.0.8~dev7-12.24.2.noarch", "HPE Helion OpenStack 8:venv-openstack-cinder-x86_64-11.2.3~dev23-14.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-designate-x86_64-5.0.3~dev7-12.25.2.noarch", "HPE Helion OpenStack 8:venv-openstack-freezer-x86_64-5.0.0.0~xrc2~dev2-10.22.1.noarch", "HPE Helion OpenStack 8:venv-openstack-glance-x86_64-15.0.3~dev3-12.25.1.noarch", "HPE Helion OpenStack 8:venv-openstack-heat-x86_64-9.0.8~dev22-12.27.1.noarch", "HPE Helion OpenStack 8:venv-openstack-horizon-hpe-x86_64-12.0.5~dev3-14.30.1.noarch", "HPE Helion OpenStack 8:venv-openstack-ironic-x86_64-9.1.8~dev8-12.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-keystone-x86_64-12.0.4~dev11-11.28.2.noarch", "HPE Helion OpenStack 8:venv-openstack-magnum-x86_64-5.0.2_5.0.2_5.0.2~dev31-11.26.2.noarch", "HPE Helion OpenStack 8:venv-openstack-manila-x86_64-5.1.1~dev5-12.31.2.noarch", "HPE Helion OpenStack 8:venv-openstack-monasca-ceilometer-x86_64-1.5.1_1.5.1_1.5.1~dev3-8.22.2.noarch", "HPE Helion OpenStack 8:venv-openstack-monasca-x86_64-2.2.2~dev1-11.22.3.noarch", "HPE Helion OpenStack 8:venv-openstack-murano-x86_64-4.0.2~dev2-12.22.1.noarch", "HPE Helion OpenStack 8:venv-openstack-neutron-x86_64-11.0.9~dev65-13.30.2.noarch", "HPE Helion OpenStack 8:venv-openstack-nova-x86_64-16.1.9~dev61-11.28.2.noarch", "HPE Helion OpenStack 8:venv-openstack-octavia-x86_64-1.0.6~dev3-12.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-sahara-x86_64-7.0.5~dev4-11.26.2.noarch", "HPE Helion OpenStack 8:venv-openstack-swift-x86_64-2.15.2_2.15.2_2.15.2~dev32-11.18.1.noarch", "HPE Helion OpenStack 8:venv-openstack-trove-x86_64-8.0.2~dev2-11.26.1.noarch", "SUSE OpenStack Cloud 8:ansible-2.4.6.0-3.9.1.noarch", "SUSE OpenStack Cloud 8:ansible1-1.9.6-7.3.1.noarch", "SUSE OpenStack Cloud 8:ardana-ansible-8.0+git.1589740980.6c3bcdc-3.73.1.noarch", "SUSE OpenStack Cloud 8:ardana-cluster-8.0+git.1585685203.3e71e49-3.36.1.noarch", "SUSE OpenStack Cloud 8:ardana-freezer-8.0+git.1586539529.b7d295f-3.21.1.noarch", "SUSE OpenStack Cloud 8:ardana-input-model-8.0+git.1589740934.0e0ad61-3.39.1.noarch", "SUSE OpenStack Cloud 8:ardana-logging-8.0+git.1591194866.b7375d0-3.24.1.noarch", "SUSE OpenStack Cloud 8:ardana-mq-8.0+git.1589715269.62ad6df-3.22.1.noarch", "SUSE OpenStack Cloud 8:ardana-neutron-8.0+git.1590756744.ba84abc-3.42.1.noarch", "SUSE OpenStack Cloud 8:ardana-octavia-8.0+git.1590100427.cf4cc8f-3.29.1.noarch", "SUSE OpenStack Cloud 8:ardana-osconfig-8.0+git.1587034587.eac37b8-3.45.1.noarch", "SUSE OpenStack Cloud 8:caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-installation-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-operations-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-opsconsole-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-planning-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-security-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-supplement-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-upstream-admin-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-upstream-user-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-user-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:grafana-4.6.5-4.9.1.x86_64", "SUSE OpenStack Cloud 8:kibana-4.6.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:openstack-dashboard-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud 8:openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1.noarch", "SUSE OpenStack Cloud 8:openstack-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-keystone-doc-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud 8:openstack-monasca-installer-20190923_16.32-3.12.1.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-dhcp-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-doc-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-ha-tool-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-l3-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-macvtap-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-metadata-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-metering-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-server-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-octavia-amphora-image-x86_64-0.1.4-3.12.2.noarch", "SUSE OpenStack Cloud 8:python-Django-1.11.23-3.15.1.noarch", "SUSE OpenStack Cloud 8:python-Flask-0.12.1-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-GitPython-2.1.8-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-Pillow-4.2.1-3.5.1.x86_64", "SUSE OpenStack Cloud 8:python-amqp-2.4.2-3.12.1.noarch", "SUSE OpenStack Cloud 8:python-apicapi-1.6.0-3.6.1.noarch", "SUSE OpenStack Cloud 8:python-horizon-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud 8:python-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud 8:python-keystoneauth1-3.1.2~dev2-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud 8:python-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:python-oslo.messaging-5.30.8-3.11.1.noarch", "SUSE OpenStack Cloud 8:python-psutil-5.2.2-3.3.1.x86_64", "SUSE OpenStack Cloud 8:python-pyroute2-0.4.21-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-pysaml2-4.0.2-5.6.1.noarch", "SUSE OpenStack Cloud 8:python-tooz-1.58.1-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud 8:storm-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:storm-nimbus-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:storm-supervisor-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:venv-openstack-aodh-x86_64-5.1.1~dev7-12.26.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-barbican-x86_64-5.0.2~dev3-12.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-ceilometer-x86_64-9.0.8~dev7-12.24.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-cinder-x86_64-11.2.3~dev23-14.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-designate-x86_64-5.0.3~dev7-12.25.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-freezer-x86_64-5.0.0.0~xrc2~dev2-10.22.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-glance-x86_64-15.0.3~dev3-12.25.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-heat-x86_64-9.0.8~dev22-12.27.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-horizon-x86_64-12.0.5~dev3-14.30.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-ironic-x86_64-9.1.8~dev8-12.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-keystone-x86_64-12.0.4~dev11-11.28.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-magnum-x86_64-5.0.2_5.0.2_5.0.2~dev31-11.26.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-manila-x86_64-5.1.1~dev5-12.31.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-monasca-ceilometer-x86_64-1.5.1_1.5.1_1.5.1~dev3-8.22.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-monasca-x86_64-2.2.2~dev1-11.22.3.noarch", "SUSE OpenStack Cloud 8:venv-openstack-murano-x86_64-4.0.2~dev2-12.22.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-neutron-x86_64-11.0.9~dev65-13.30.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-nova-x86_64-16.1.9~dev61-11.28.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-octavia-x86_64-1.0.6~dev3-12.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-sahara-x86_64-7.0.5~dev4-11.26.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-swift-x86_64-2.15.2_2.15.2_2.15.2~dev32-11.18.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-trove-x86_64-8.0.2~dev2-11.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:ansible-2.4.6.0-3.9.1.noarch", "SUSE OpenStack Cloud Crowbar 8:caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1.noarch", "SUSE OpenStack Cloud Crowbar 8:crowbar-core-5.0+git.1593156248.55bbdb26d-3.41.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:crowbar-core-branding-upstream-5.0+git.1593156248.55bbdb26d-3.41.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:crowbar-openstack-5.0+git.1593085772.64c4ab43c-4.40.2.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-deployment-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-supplement-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-upstream-admin-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-upstream-user-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:grafana-4.6.5-4.9.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kibana-4.6.3-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:openstack-dashboard-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-keystone-doc-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-monasca-installer-20190923_16.32-3.12.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-dhcp-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-doc-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-ha-tool-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-l3-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-macvtap-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-metadata-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-metering-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-server-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-octavia-amphora-image-x86_64-0.1.4-3.12.2.noarch", "SUSE OpenStack Cloud Crowbar 8:python-Django-1.11.23-3.15.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-Flask-0.12.1-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-Pillow-4.2.1-3.5.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:python-amqp-2.4.2-3.12.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-apicapi-1.6.0-3.6.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-horizon-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:python-keystoneauth1-3.1.2~dev2-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:python-oslo.messaging-5.30.8-3.11.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-psutil-5.2.2-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:python-pyroute2-0.4.21-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-pysaml2-4.0.2-5.6.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-tooz-1.58.1-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-crowbar-client-3.9.2-3.12.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-puma-2.16.0-3.9.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:storm-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:storm-nimbus-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:storm-supervisor-1.1.3-3.3.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 3.9, baseSeverity: "LOW", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N", version: "3.1", }, products: [ "HPE Helion OpenStack 8:ansible-2.4.6.0-3.9.1.noarch", "HPE Helion OpenStack 8:ansible1-1.9.6-7.3.1.noarch", "HPE Helion OpenStack 8:ardana-ansible-8.0+git.1589740980.6c3bcdc-3.73.1.noarch", "HPE Helion OpenStack 8:ardana-cluster-8.0+git.1585685203.3e71e49-3.36.1.noarch", "HPE Helion OpenStack 8:ardana-freezer-8.0+git.1586539529.b7d295f-3.21.1.noarch", "HPE Helion OpenStack 8:ardana-input-model-8.0+git.1589740934.0e0ad61-3.39.1.noarch", "HPE Helion OpenStack 8:ardana-logging-8.0+git.1591194866.b7375d0-3.24.1.noarch", "HPE Helion OpenStack 8:ardana-mq-8.0+git.1589715269.62ad6df-3.22.1.noarch", "HPE Helion OpenStack 8:ardana-neutron-8.0+git.1590756744.ba84abc-3.42.1.noarch", "HPE Helion OpenStack 8:ardana-octavia-8.0+git.1590100427.cf4cc8f-3.29.1.noarch", "HPE Helion OpenStack 8:ardana-osconfig-8.0+git.1587034587.eac37b8-3.45.1.noarch", "HPE Helion OpenStack 8:caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-installation-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-operations-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-opsconsole-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-planning-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-security-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-user-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:grafana-4.6.5-4.9.1.x86_64", "HPE Helion OpenStack 8:kibana-4.6.3-3.3.1.x86_64", "HPE Helion OpenStack 8:openstack-dashboard-12.0.5~dev3-3.26.1.noarch", "HPE Helion OpenStack 8:openstack-dashboard-theme-HPE-8+git.1523473653.6599ec8-3.3.1.noarch", "HPE Helion OpenStack 8:openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1.noarch", "HPE Helion OpenStack 8:openstack-keystone-12.0.4~dev11-5.33.2.noarch", "HPE Helion OpenStack 8:openstack-keystone-doc-12.0.4~dev11-5.33.2.noarch", "HPE Helion OpenStack 8:openstack-monasca-agent-2.2.6~dev4-3.18.1.noarch", "HPE Helion OpenStack 8:openstack-monasca-installer-20190923_16.32-3.12.1.noarch", "HPE Helion OpenStack 8:openstack-neutron-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-dhcp-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-doc-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-ha-tool-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-l3-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-macvtap-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-metadata-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-metering-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-server-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-octavia-amphora-image-x86_64-0.1.4-3.12.2.noarch", "HPE Helion OpenStack 8:python-Django-1.11.23-3.15.1.noarch", "HPE Helion OpenStack 8:python-Flask-0.12.1-3.3.1.noarch", "HPE Helion OpenStack 8:python-GitPython-2.1.8-3.3.1.noarch", "HPE Helion OpenStack 8:python-Pillow-4.2.1-3.5.1.x86_64", "HPE Helion OpenStack 8:python-amqp-2.4.2-3.12.1.noarch", "HPE Helion OpenStack 8:python-apicapi-1.6.0-3.6.1.noarch", "HPE Helion OpenStack 8:python-horizon-12.0.5~dev3-3.26.1.noarch", "HPE Helion OpenStack 8:python-keystone-12.0.4~dev11-5.33.2.noarch", "HPE Helion OpenStack 8:python-keystoneauth1-3.1.2~dev2-3.3.1.noarch", "HPE Helion OpenStack 8:python-monasca-agent-2.2.6~dev4-3.18.1.noarch", "HPE Helion OpenStack 8:python-neutron-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:python-oslo.messaging-5.30.8-3.11.1.noarch", "HPE Helion OpenStack 8:python-psutil-5.2.2-3.3.1.x86_64", "HPE Helion OpenStack 8:python-pyroute2-0.4.21-3.3.1.noarch", "HPE Helion OpenStack 8:python-pysaml2-4.0.2-5.6.1.noarch", "HPE Helion OpenStack 8:python-tooz-1.58.1-3.3.1.noarch", "HPE Helion OpenStack 8:python-waitress-1.4.3-3.3.1.noarch", "HPE Helion OpenStack 8:storm-1.1.3-3.3.1.x86_64", "HPE Helion OpenStack 8:storm-nimbus-1.1.3-3.3.1.x86_64", "HPE Helion OpenStack 8:storm-supervisor-1.1.3-3.3.1.x86_64", "HPE Helion OpenStack 8:venv-openstack-aodh-x86_64-5.1.1~dev7-12.26.2.noarch", "HPE Helion OpenStack 8:venv-openstack-barbican-x86_64-5.0.2~dev3-12.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-ceilometer-x86_64-9.0.8~dev7-12.24.2.noarch", "HPE Helion OpenStack 8:venv-openstack-cinder-x86_64-11.2.3~dev23-14.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-designate-x86_64-5.0.3~dev7-12.25.2.noarch", "HPE Helion OpenStack 8:venv-openstack-freezer-x86_64-5.0.0.0~xrc2~dev2-10.22.1.noarch", "HPE Helion OpenStack 8:venv-openstack-glance-x86_64-15.0.3~dev3-12.25.1.noarch", "HPE Helion OpenStack 8:venv-openstack-heat-x86_64-9.0.8~dev22-12.27.1.noarch", "HPE Helion OpenStack 8:venv-openstack-horizon-hpe-x86_64-12.0.5~dev3-14.30.1.noarch", "HPE Helion OpenStack 8:venv-openstack-ironic-x86_64-9.1.8~dev8-12.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-keystone-x86_64-12.0.4~dev11-11.28.2.noarch", "HPE Helion OpenStack 8:venv-openstack-magnum-x86_64-5.0.2_5.0.2_5.0.2~dev31-11.26.2.noarch", "HPE Helion OpenStack 8:venv-openstack-manila-x86_64-5.1.1~dev5-12.31.2.noarch", "HPE Helion OpenStack 8:venv-openstack-monasca-ceilometer-x86_64-1.5.1_1.5.1_1.5.1~dev3-8.22.2.noarch", "HPE Helion OpenStack 8:venv-openstack-monasca-x86_64-2.2.2~dev1-11.22.3.noarch", "HPE Helion OpenStack 8:venv-openstack-murano-x86_64-4.0.2~dev2-12.22.1.noarch", "HPE Helion OpenStack 8:venv-openstack-neutron-x86_64-11.0.9~dev65-13.30.2.noarch", "HPE Helion OpenStack 8:venv-openstack-nova-x86_64-16.1.9~dev61-11.28.2.noarch", "HPE Helion OpenStack 8:venv-openstack-octavia-x86_64-1.0.6~dev3-12.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-sahara-x86_64-7.0.5~dev4-11.26.2.noarch", "HPE Helion OpenStack 8:venv-openstack-swift-x86_64-2.15.2_2.15.2_2.15.2~dev32-11.18.1.noarch", "HPE Helion OpenStack 8:venv-openstack-trove-x86_64-8.0.2~dev2-11.26.1.noarch", "SUSE OpenStack Cloud 8:ansible-2.4.6.0-3.9.1.noarch", "SUSE OpenStack Cloud 8:ansible1-1.9.6-7.3.1.noarch", "SUSE OpenStack Cloud 8:ardana-ansible-8.0+git.1589740980.6c3bcdc-3.73.1.noarch", "SUSE OpenStack Cloud 8:ardana-cluster-8.0+git.1585685203.3e71e49-3.36.1.noarch", "SUSE OpenStack Cloud 8:ardana-freezer-8.0+git.1586539529.b7d295f-3.21.1.noarch", "SUSE OpenStack Cloud 8:ardana-input-model-8.0+git.1589740934.0e0ad61-3.39.1.noarch", "SUSE OpenStack Cloud 8:ardana-logging-8.0+git.1591194866.b7375d0-3.24.1.noarch", "SUSE OpenStack Cloud 8:ardana-mq-8.0+git.1589715269.62ad6df-3.22.1.noarch", "SUSE OpenStack Cloud 8:ardana-neutron-8.0+git.1590756744.ba84abc-3.42.1.noarch", "SUSE OpenStack Cloud 8:ardana-octavia-8.0+git.1590100427.cf4cc8f-3.29.1.noarch", "SUSE OpenStack Cloud 8:ardana-osconfig-8.0+git.1587034587.eac37b8-3.45.1.noarch", "SUSE OpenStack Cloud 8:caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-installation-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-operations-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-opsconsole-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-planning-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-security-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-supplement-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-upstream-admin-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-upstream-user-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-user-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:grafana-4.6.5-4.9.1.x86_64", "SUSE OpenStack Cloud 8:kibana-4.6.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:openstack-dashboard-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud 8:openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1.noarch", "SUSE OpenStack Cloud 8:openstack-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-keystone-doc-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud 8:openstack-monasca-installer-20190923_16.32-3.12.1.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-dhcp-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-doc-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-ha-tool-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-l3-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-macvtap-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-metadata-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-metering-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-server-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-octavia-amphora-image-x86_64-0.1.4-3.12.2.noarch", "SUSE OpenStack Cloud 8:python-Django-1.11.23-3.15.1.noarch", "SUSE OpenStack Cloud 8:python-Flask-0.12.1-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-GitPython-2.1.8-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-Pillow-4.2.1-3.5.1.x86_64", "SUSE OpenStack Cloud 8:python-amqp-2.4.2-3.12.1.noarch", "SUSE OpenStack Cloud 8:python-apicapi-1.6.0-3.6.1.noarch", "SUSE OpenStack Cloud 8:python-horizon-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud 8:python-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud 8:python-keystoneauth1-3.1.2~dev2-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud 8:python-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:python-oslo.messaging-5.30.8-3.11.1.noarch", "SUSE OpenStack Cloud 8:python-psutil-5.2.2-3.3.1.x86_64", "SUSE OpenStack Cloud 8:python-pyroute2-0.4.21-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-pysaml2-4.0.2-5.6.1.noarch", "SUSE OpenStack Cloud 8:python-tooz-1.58.1-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud 8:storm-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:storm-nimbus-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:storm-supervisor-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:venv-openstack-aodh-x86_64-5.1.1~dev7-12.26.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-barbican-x86_64-5.0.2~dev3-12.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-ceilometer-x86_64-9.0.8~dev7-12.24.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-cinder-x86_64-11.2.3~dev23-14.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-designate-x86_64-5.0.3~dev7-12.25.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-freezer-x86_64-5.0.0.0~xrc2~dev2-10.22.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-glance-x86_64-15.0.3~dev3-12.25.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-heat-x86_64-9.0.8~dev22-12.27.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-horizon-x86_64-12.0.5~dev3-14.30.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-ironic-x86_64-9.1.8~dev8-12.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-keystone-x86_64-12.0.4~dev11-11.28.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-magnum-x86_64-5.0.2_5.0.2_5.0.2~dev31-11.26.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-manila-x86_64-5.1.1~dev5-12.31.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-monasca-ceilometer-x86_64-1.5.1_1.5.1_1.5.1~dev3-8.22.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-monasca-x86_64-2.2.2~dev1-11.22.3.noarch", "SUSE OpenStack Cloud 8:venv-openstack-murano-x86_64-4.0.2~dev2-12.22.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-neutron-x86_64-11.0.9~dev65-13.30.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-nova-x86_64-16.1.9~dev61-11.28.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-octavia-x86_64-1.0.6~dev3-12.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-sahara-x86_64-7.0.5~dev4-11.26.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-swift-x86_64-2.15.2_2.15.2_2.15.2~dev32-11.18.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-trove-x86_64-8.0.2~dev2-11.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:ansible-2.4.6.0-3.9.1.noarch", "SUSE OpenStack Cloud Crowbar 8:caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1.noarch", "SUSE OpenStack Cloud Crowbar 8:crowbar-core-5.0+git.1593156248.55bbdb26d-3.41.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:crowbar-core-branding-upstream-5.0+git.1593156248.55bbdb26d-3.41.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:crowbar-openstack-5.0+git.1593085772.64c4ab43c-4.40.2.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-deployment-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-supplement-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-upstream-admin-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-upstream-user-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:grafana-4.6.5-4.9.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kibana-4.6.3-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:openstack-dashboard-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-keystone-doc-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-monasca-installer-20190923_16.32-3.12.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-dhcp-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-doc-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-ha-tool-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-l3-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-macvtap-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-metadata-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-metering-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-server-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-octavia-amphora-image-x86_64-0.1.4-3.12.2.noarch", "SUSE OpenStack Cloud Crowbar 8:python-Django-1.11.23-3.15.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-Flask-0.12.1-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-Pillow-4.2.1-3.5.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:python-amqp-2.4.2-3.12.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-apicapi-1.6.0-3.6.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-horizon-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:python-keystoneauth1-3.1.2~dev2-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:python-oslo.messaging-5.30.8-3.11.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-psutil-5.2.2-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:python-pyroute2-0.4.21-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-pysaml2-4.0.2-5.6.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-tooz-1.58.1-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-crowbar-client-3.9.2-3.12.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-puma-2.16.0-3.9.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:storm-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:storm-nimbus-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:storm-supervisor-1.1.3-3.3.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2020-07-14T12:42:01Z", details: "low", }, ], title: "CVE-2020-10743", }, { cve: "CVE-2020-11076", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-11076", }, ], notes: [ { category: "general", text: "In Puma (RubyGem) before 4.3.4 and 3.12.5, an attacker could smuggle an HTTP response, by using an invalid transfer-encoding header. The problem has been fixed in Puma 3.12.5 and Puma 4.3.4.", title: "CVE description", }, ], product_status: { recommended: [ "HPE Helion OpenStack 8:ansible-2.4.6.0-3.9.1.noarch", "HPE Helion OpenStack 8:ansible1-1.9.6-7.3.1.noarch", "HPE Helion OpenStack 8:ardana-ansible-8.0+git.1589740980.6c3bcdc-3.73.1.noarch", "HPE Helion OpenStack 8:ardana-cluster-8.0+git.1585685203.3e71e49-3.36.1.noarch", "HPE Helion OpenStack 8:ardana-freezer-8.0+git.1586539529.b7d295f-3.21.1.noarch", "HPE Helion OpenStack 8:ardana-input-model-8.0+git.1589740934.0e0ad61-3.39.1.noarch", "HPE Helion OpenStack 8:ardana-logging-8.0+git.1591194866.b7375d0-3.24.1.noarch", "HPE Helion OpenStack 8:ardana-mq-8.0+git.1589715269.62ad6df-3.22.1.noarch", "HPE Helion OpenStack 8:ardana-neutron-8.0+git.1590756744.ba84abc-3.42.1.noarch", "HPE Helion OpenStack 8:ardana-octavia-8.0+git.1590100427.cf4cc8f-3.29.1.noarch", "HPE Helion OpenStack 8:ardana-osconfig-8.0+git.1587034587.eac37b8-3.45.1.noarch", "HPE Helion OpenStack 8:caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-installation-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-operations-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-opsconsole-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-planning-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-security-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-user-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:grafana-4.6.5-4.9.1.x86_64", "HPE Helion OpenStack 8:kibana-4.6.3-3.3.1.x86_64", "HPE Helion OpenStack 8:openstack-dashboard-12.0.5~dev3-3.26.1.noarch", "HPE Helion OpenStack 8:openstack-dashboard-theme-HPE-8+git.1523473653.6599ec8-3.3.1.noarch", "HPE Helion OpenStack 8:openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1.noarch", "HPE Helion OpenStack 8:openstack-keystone-12.0.4~dev11-5.33.2.noarch", "HPE Helion OpenStack 8:openstack-keystone-doc-12.0.4~dev11-5.33.2.noarch", "HPE Helion OpenStack 8:openstack-monasca-agent-2.2.6~dev4-3.18.1.noarch", "HPE Helion OpenStack 8:openstack-monasca-installer-20190923_16.32-3.12.1.noarch", "HPE Helion OpenStack 8:openstack-neutron-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-dhcp-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-doc-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-ha-tool-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-l3-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-macvtap-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-metadata-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-metering-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-server-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-octavia-amphora-image-x86_64-0.1.4-3.12.2.noarch", "HPE Helion OpenStack 8:python-Django-1.11.23-3.15.1.noarch", "HPE Helion OpenStack 8:python-Flask-0.12.1-3.3.1.noarch", "HPE Helion OpenStack 8:python-GitPython-2.1.8-3.3.1.noarch", "HPE Helion OpenStack 8:python-Pillow-4.2.1-3.5.1.x86_64", "HPE Helion OpenStack 8:python-amqp-2.4.2-3.12.1.noarch", "HPE Helion OpenStack 8:python-apicapi-1.6.0-3.6.1.noarch", "HPE Helion OpenStack 8:python-horizon-12.0.5~dev3-3.26.1.noarch", "HPE Helion OpenStack 8:python-keystone-12.0.4~dev11-5.33.2.noarch", "HPE Helion OpenStack 8:python-keystoneauth1-3.1.2~dev2-3.3.1.noarch", "HPE Helion OpenStack 8:python-monasca-agent-2.2.6~dev4-3.18.1.noarch", "HPE Helion OpenStack 8:python-neutron-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:python-oslo.messaging-5.30.8-3.11.1.noarch", "HPE Helion OpenStack 8:python-psutil-5.2.2-3.3.1.x86_64", "HPE Helion OpenStack 8:python-pyroute2-0.4.21-3.3.1.noarch", "HPE Helion OpenStack 8:python-pysaml2-4.0.2-5.6.1.noarch", "HPE Helion OpenStack 8:python-tooz-1.58.1-3.3.1.noarch", "HPE Helion OpenStack 8:python-waitress-1.4.3-3.3.1.noarch", "HPE Helion OpenStack 8:storm-1.1.3-3.3.1.x86_64", "HPE Helion OpenStack 8:storm-nimbus-1.1.3-3.3.1.x86_64", "HPE Helion OpenStack 8:storm-supervisor-1.1.3-3.3.1.x86_64", "HPE Helion OpenStack 8:venv-openstack-aodh-x86_64-5.1.1~dev7-12.26.2.noarch", "HPE Helion OpenStack 8:venv-openstack-barbican-x86_64-5.0.2~dev3-12.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-ceilometer-x86_64-9.0.8~dev7-12.24.2.noarch", "HPE Helion OpenStack 8:venv-openstack-cinder-x86_64-11.2.3~dev23-14.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-designate-x86_64-5.0.3~dev7-12.25.2.noarch", "HPE Helion OpenStack 8:venv-openstack-freezer-x86_64-5.0.0.0~xrc2~dev2-10.22.1.noarch", "HPE Helion OpenStack 8:venv-openstack-glance-x86_64-15.0.3~dev3-12.25.1.noarch", "HPE Helion OpenStack 8:venv-openstack-heat-x86_64-9.0.8~dev22-12.27.1.noarch", "HPE Helion OpenStack 8:venv-openstack-horizon-hpe-x86_64-12.0.5~dev3-14.30.1.noarch", "HPE Helion OpenStack 8:venv-openstack-ironic-x86_64-9.1.8~dev8-12.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-keystone-x86_64-12.0.4~dev11-11.28.2.noarch", "HPE Helion OpenStack 8:venv-openstack-magnum-x86_64-5.0.2_5.0.2_5.0.2~dev31-11.26.2.noarch", "HPE Helion OpenStack 8:venv-openstack-manila-x86_64-5.1.1~dev5-12.31.2.noarch", "HPE Helion OpenStack 8:venv-openstack-monasca-ceilometer-x86_64-1.5.1_1.5.1_1.5.1~dev3-8.22.2.noarch", "HPE Helion OpenStack 8:venv-openstack-monasca-x86_64-2.2.2~dev1-11.22.3.noarch", "HPE Helion OpenStack 8:venv-openstack-murano-x86_64-4.0.2~dev2-12.22.1.noarch", "HPE Helion OpenStack 8:venv-openstack-neutron-x86_64-11.0.9~dev65-13.30.2.noarch", "HPE Helion OpenStack 8:venv-openstack-nova-x86_64-16.1.9~dev61-11.28.2.noarch", "HPE Helion OpenStack 8:venv-openstack-octavia-x86_64-1.0.6~dev3-12.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-sahara-x86_64-7.0.5~dev4-11.26.2.noarch", "HPE Helion OpenStack 8:venv-openstack-swift-x86_64-2.15.2_2.15.2_2.15.2~dev32-11.18.1.noarch", "HPE Helion OpenStack 8:venv-openstack-trove-x86_64-8.0.2~dev2-11.26.1.noarch", "SUSE OpenStack Cloud 8:ansible-2.4.6.0-3.9.1.noarch", "SUSE OpenStack Cloud 8:ansible1-1.9.6-7.3.1.noarch", "SUSE OpenStack Cloud 8:ardana-ansible-8.0+git.1589740980.6c3bcdc-3.73.1.noarch", "SUSE OpenStack Cloud 8:ardana-cluster-8.0+git.1585685203.3e71e49-3.36.1.noarch", "SUSE OpenStack Cloud 8:ardana-freezer-8.0+git.1586539529.b7d295f-3.21.1.noarch", "SUSE OpenStack Cloud 8:ardana-input-model-8.0+git.1589740934.0e0ad61-3.39.1.noarch", "SUSE OpenStack Cloud 8:ardana-logging-8.0+git.1591194866.b7375d0-3.24.1.noarch", "SUSE OpenStack Cloud 8:ardana-mq-8.0+git.1589715269.62ad6df-3.22.1.noarch", "SUSE OpenStack Cloud 8:ardana-neutron-8.0+git.1590756744.ba84abc-3.42.1.noarch", "SUSE OpenStack Cloud 8:ardana-octavia-8.0+git.1590100427.cf4cc8f-3.29.1.noarch", "SUSE OpenStack Cloud 8:ardana-osconfig-8.0+git.1587034587.eac37b8-3.45.1.noarch", "SUSE OpenStack Cloud 8:caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-installation-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-operations-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-opsconsole-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-planning-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-security-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-supplement-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-upstream-admin-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-upstream-user-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-user-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:grafana-4.6.5-4.9.1.x86_64", "SUSE OpenStack Cloud 8:kibana-4.6.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:openstack-dashboard-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud 8:openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1.noarch", "SUSE OpenStack Cloud 8:openstack-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-keystone-doc-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud 8:openstack-monasca-installer-20190923_16.32-3.12.1.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-dhcp-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-doc-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-ha-tool-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-l3-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-macvtap-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-metadata-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-metering-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-server-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-octavia-amphora-image-x86_64-0.1.4-3.12.2.noarch", "SUSE OpenStack Cloud 8:python-Django-1.11.23-3.15.1.noarch", "SUSE OpenStack Cloud 8:python-Flask-0.12.1-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-GitPython-2.1.8-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-Pillow-4.2.1-3.5.1.x86_64", "SUSE OpenStack Cloud 8:python-amqp-2.4.2-3.12.1.noarch", "SUSE OpenStack Cloud 8:python-apicapi-1.6.0-3.6.1.noarch", "SUSE OpenStack Cloud 8:python-horizon-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud 8:python-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud 8:python-keystoneauth1-3.1.2~dev2-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud 8:python-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:python-oslo.messaging-5.30.8-3.11.1.noarch", "SUSE OpenStack Cloud 8:python-psutil-5.2.2-3.3.1.x86_64", "SUSE OpenStack Cloud 8:python-pyroute2-0.4.21-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-pysaml2-4.0.2-5.6.1.noarch", "SUSE OpenStack Cloud 8:python-tooz-1.58.1-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud 8:storm-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:storm-nimbus-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:storm-supervisor-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:venv-openstack-aodh-x86_64-5.1.1~dev7-12.26.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-barbican-x86_64-5.0.2~dev3-12.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-ceilometer-x86_64-9.0.8~dev7-12.24.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-cinder-x86_64-11.2.3~dev23-14.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-designate-x86_64-5.0.3~dev7-12.25.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-freezer-x86_64-5.0.0.0~xrc2~dev2-10.22.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-glance-x86_64-15.0.3~dev3-12.25.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-heat-x86_64-9.0.8~dev22-12.27.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-horizon-x86_64-12.0.5~dev3-14.30.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-ironic-x86_64-9.1.8~dev8-12.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-keystone-x86_64-12.0.4~dev11-11.28.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-magnum-x86_64-5.0.2_5.0.2_5.0.2~dev31-11.26.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-manila-x86_64-5.1.1~dev5-12.31.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-monasca-ceilometer-x86_64-1.5.1_1.5.1_1.5.1~dev3-8.22.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-monasca-x86_64-2.2.2~dev1-11.22.3.noarch", "SUSE OpenStack Cloud 8:venv-openstack-murano-x86_64-4.0.2~dev2-12.22.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-neutron-x86_64-11.0.9~dev65-13.30.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-nova-x86_64-16.1.9~dev61-11.28.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-octavia-x86_64-1.0.6~dev3-12.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-sahara-x86_64-7.0.5~dev4-11.26.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-swift-x86_64-2.15.2_2.15.2_2.15.2~dev32-11.18.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-trove-x86_64-8.0.2~dev2-11.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:ansible-2.4.6.0-3.9.1.noarch", "SUSE OpenStack Cloud Crowbar 8:caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1.noarch", "SUSE OpenStack Cloud Crowbar 8:crowbar-core-5.0+git.1593156248.55bbdb26d-3.41.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:crowbar-core-branding-upstream-5.0+git.1593156248.55bbdb26d-3.41.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:crowbar-openstack-5.0+git.1593085772.64c4ab43c-4.40.2.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-deployment-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-supplement-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-upstream-admin-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-upstream-user-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:grafana-4.6.5-4.9.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kibana-4.6.3-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:openstack-dashboard-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-keystone-doc-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-monasca-installer-20190923_16.32-3.12.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-dhcp-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-doc-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-ha-tool-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-l3-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-macvtap-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-metadata-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-metering-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-server-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-octavia-amphora-image-x86_64-0.1.4-3.12.2.noarch", "SUSE OpenStack Cloud Crowbar 8:python-Django-1.11.23-3.15.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-Flask-0.12.1-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-Pillow-4.2.1-3.5.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:python-amqp-2.4.2-3.12.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-apicapi-1.6.0-3.6.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-horizon-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:python-keystoneauth1-3.1.2~dev2-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:python-oslo.messaging-5.30.8-3.11.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-psutil-5.2.2-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:python-pyroute2-0.4.21-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-pysaml2-4.0.2-5.6.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-tooz-1.58.1-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-crowbar-client-3.9.2-3.12.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-puma-2.16.0-3.9.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:storm-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:storm-nimbus-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:storm-supervisor-1.1.3-3.3.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-11076", url: "https://www.suse.com/security/cve/CVE-2020-11076", }, { category: "external", summary: "SUSE Bug 1172175 for CVE-2020-11076", url: "https://bugzilla.suse.com/1172175", }, { category: "external", summary: "SUSE Bug 1172176 for CVE-2020-11076", url: "https://bugzilla.suse.com/1172176", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "HPE Helion OpenStack 8:ansible-2.4.6.0-3.9.1.noarch", "HPE Helion OpenStack 8:ansible1-1.9.6-7.3.1.noarch", "HPE Helion OpenStack 8:ardana-ansible-8.0+git.1589740980.6c3bcdc-3.73.1.noarch", "HPE Helion OpenStack 8:ardana-cluster-8.0+git.1585685203.3e71e49-3.36.1.noarch", "HPE Helion OpenStack 8:ardana-freezer-8.0+git.1586539529.b7d295f-3.21.1.noarch", "HPE Helion OpenStack 8:ardana-input-model-8.0+git.1589740934.0e0ad61-3.39.1.noarch", "HPE Helion OpenStack 8:ardana-logging-8.0+git.1591194866.b7375d0-3.24.1.noarch", "HPE Helion OpenStack 8:ardana-mq-8.0+git.1589715269.62ad6df-3.22.1.noarch", "HPE Helion OpenStack 8:ardana-neutron-8.0+git.1590756744.ba84abc-3.42.1.noarch", "HPE Helion OpenStack 8:ardana-octavia-8.0+git.1590100427.cf4cc8f-3.29.1.noarch", "HPE Helion OpenStack 8:ardana-osconfig-8.0+git.1587034587.eac37b8-3.45.1.noarch", "HPE Helion OpenStack 8:caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-installation-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-operations-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-opsconsole-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-planning-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-security-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-user-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:grafana-4.6.5-4.9.1.x86_64", "HPE Helion OpenStack 8:kibana-4.6.3-3.3.1.x86_64", "HPE Helion OpenStack 8:openstack-dashboard-12.0.5~dev3-3.26.1.noarch", "HPE Helion OpenStack 8:openstack-dashboard-theme-HPE-8+git.1523473653.6599ec8-3.3.1.noarch", "HPE Helion OpenStack 8:openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1.noarch", "HPE Helion OpenStack 8:openstack-keystone-12.0.4~dev11-5.33.2.noarch", "HPE Helion OpenStack 8:openstack-keystone-doc-12.0.4~dev11-5.33.2.noarch", "HPE Helion OpenStack 8:openstack-monasca-agent-2.2.6~dev4-3.18.1.noarch", "HPE Helion OpenStack 8:openstack-monasca-installer-20190923_16.32-3.12.1.noarch", "HPE Helion OpenStack 8:openstack-neutron-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-dhcp-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-doc-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-ha-tool-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-l3-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-macvtap-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-metadata-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-metering-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-server-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-octavia-amphora-image-x86_64-0.1.4-3.12.2.noarch", "HPE Helion OpenStack 8:python-Django-1.11.23-3.15.1.noarch", "HPE Helion OpenStack 8:python-Flask-0.12.1-3.3.1.noarch", "HPE Helion OpenStack 8:python-GitPython-2.1.8-3.3.1.noarch", "HPE Helion OpenStack 8:python-Pillow-4.2.1-3.5.1.x86_64", "HPE Helion OpenStack 8:python-amqp-2.4.2-3.12.1.noarch", "HPE Helion OpenStack 8:python-apicapi-1.6.0-3.6.1.noarch", "HPE Helion OpenStack 8:python-horizon-12.0.5~dev3-3.26.1.noarch", "HPE Helion OpenStack 8:python-keystone-12.0.4~dev11-5.33.2.noarch", "HPE Helion OpenStack 8:python-keystoneauth1-3.1.2~dev2-3.3.1.noarch", "HPE Helion OpenStack 8:python-monasca-agent-2.2.6~dev4-3.18.1.noarch", "HPE Helion OpenStack 8:python-neutron-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:python-oslo.messaging-5.30.8-3.11.1.noarch", "HPE Helion OpenStack 8:python-psutil-5.2.2-3.3.1.x86_64", "HPE Helion OpenStack 8:python-pyroute2-0.4.21-3.3.1.noarch", "HPE Helion OpenStack 8:python-pysaml2-4.0.2-5.6.1.noarch", "HPE Helion OpenStack 8:python-tooz-1.58.1-3.3.1.noarch", "HPE Helion OpenStack 8:python-waitress-1.4.3-3.3.1.noarch", "HPE Helion OpenStack 8:storm-1.1.3-3.3.1.x86_64", "HPE Helion OpenStack 8:storm-nimbus-1.1.3-3.3.1.x86_64", "HPE Helion OpenStack 8:storm-supervisor-1.1.3-3.3.1.x86_64", "HPE Helion OpenStack 8:venv-openstack-aodh-x86_64-5.1.1~dev7-12.26.2.noarch", "HPE Helion OpenStack 8:venv-openstack-barbican-x86_64-5.0.2~dev3-12.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-ceilometer-x86_64-9.0.8~dev7-12.24.2.noarch", "HPE Helion OpenStack 8:venv-openstack-cinder-x86_64-11.2.3~dev23-14.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-designate-x86_64-5.0.3~dev7-12.25.2.noarch", "HPE Helion OpenStack 8:venv-openstack-freezer-x86_64-5.0.0.0~xrc2~dev2-10.22.1.noarch", "HPE Helion OpenStack 8:venv-openstack-glance-x86_64-15.0.3~dev3-12.25.1.noarch", "HPE Helion OpenStack 8:venv-openstack-heat-x86_64-9.0.8~dev22-12.27.1.noarch", "HPE Helion OpenStack 8:venv-openstack-horizon-hpe-x86_64-12.0.5~dev3-14.30.1.noarch", "HPE Helion OpenStack 8:venv-openstack-ironic-x86_64-9.1.8~dev8-12.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-keystone-x86_64-12.0.4~dev11-11.28.2.noarch", "HPE Helion OpenStack 8:venv-openstack-magnum-x86_64-5.0.2_5.0.2_5.0.2~dev31-11.26.2.noarch", "HPE Helion OpenStack 8:venv-openstack-manila-x86_64-5.1.1~dev5-12.31.2.noarch", "HPE Helion OpenStack 8:venv-openstack-monasca-ceilometer-x86_64-1.5.1_1.5.1_1.5.1~dev3-8.22.2.noarch", "HPE Helion OpenStack 8:venv-openstack-monasca-x86_64-2.2.2~dev1-11.22.3.noarch", "HPE Helion OpenStack 8:venv-openstack-murano-x86_64-4.0.2~dev2-12.22.1.noarch", "HPE Helion OpenStack 8:venv-openstack-neutron-x86_64-11.0.9~dev65-13.30.2.noarch", "HPE Helion OpenStack 8:venv-openstack-nova-x86_64-16.1.9~dev61-11.28.2.noarch", "HPE Helion OpenStack 8:venv-openstack-octavia-x86_64-1.0.6~dev3-12.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-sahara-x86_64-7.0.5~dev4-11.26.2.noarch", "HPE Helion OpenStack 8:venv-openstack-swift-x86_64-2.15.2_2.15.2_2.15.2~dev32-11.18.1.noarch", "HPE Helion OpenStack 8:venv-openstack-trove-x86_64-8.0.2~dev2-11.26.1.noarch", "SUSE OpenStack Cloud 8:ansible-2.4.6.0-3.9.1.noarch", "SUSE OpenStack Cloud 8:ansible1-1.9.6-7.3.1.noarch", "SUSE OpenStack Cloud 8:ardana-ansible-8.0+git.1589740980.6c3bcdc-3.73.1.noarch", "SUSE OpenStack Cloud 8:ardana-cluster-8.0+git.1585685203.3e71e49-3.36.1.noarch", "SUSE OpenStack Cloud 8:ardana-freezer-8.0+git.1586539529.b7d295f-3.21.1.noarch", "SUSE OpenStack Cloud 8:ardana-input-model-8.0+git.1589740934.0e0ad61-3.39.1.noarch", "SUSE OpenStack Cloud 8:ardana-logging-8.0+git.1591194866.b7375d0-3.24.1.noarch", "SUSE OpenStack Cloud 8:ardana-mq-8.0+git.1589715269.62ad6df-3.22.1.noarch", "SUSE OpenStack Cloud 8:ardana-neutron-8.0+git.1590756744.ba84abc-3.42.1.noarch", "SUSE OpenStack Cloud 8:ardana-octavia-8.0+git.1590100427.cf4cc8f-3.29.1.noarch", "SUSE OpenStack Cloud 8:ardana-osconfig-8.0+git.1587034587.eac37b8-3.45.1.noarch", "SUSE OpenStack Cloud 8:caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-installation-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-operations-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-opsconsole-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-planning-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-security-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-supplement-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-upstream-admin-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-upstream-user-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-user-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:grafana-4.6.5-4.9.1.x86_64", "SUSE OpenStack Cloud 8:kibana-4.6.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:openstack-dashboard-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud 8:openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1.noarch", "SUSE OpenStack Cloud 8:openstack-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-keystone-doc-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud 8:openstack-monasca-installer-20190923_16.32-3.12.1.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-dhcp-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-doc-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-ha-tool-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-l3-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-macvtap-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-metadata-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-metering-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-server-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-octavia-amphora-image-x86_64-0.1.4-3.12.2.noarch", "SUSE OpenStack Cloud 8:python-Django-1.11.23-3.15.1.noarch", "SUSE OpenStack Cloud 8:python-Flask-0.12.1-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-GitPython-2.1.8-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-Pillow-4.2.1-3.5.1.x86_64", "SUSE OpenStack Cloud 8:python-amqp-2.4.2-3.12.1.noarch", "SUSE OpenStack Cloud 8:python-apicapi-1.6.0-3.6.1.noarch", "SUSE OpenStack Cloud 8:python-horizon-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud 8:python-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud 8:python-keystoneauth1-3.1.2~dev2-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud 8:python-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:python-oslo.messaging-5.30.8-3.11.1.noarch", "SUSE OpenStack Cloud 8:python-psutil-5.2.2-3.3.1.x86_64", "SUSE OpenStack Cloud 8:python-pyroute2-0.4.21-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-pysaml2-4.0.2-5.6.1.noarch", "SUSE OpenStack Cloud 8:python-tooz-1.58.1-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud 8:storm-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:storm-nimbus-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:storm-supervisor-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:venv-openstack-aodh-x86_64-5.1.1~dev7-12.26.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-barbican-x86_64-5.0.2~dev3-12.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-ceilometer-x86_64-9.0.8~dev7-12.24.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-cinder-x86_64-11.2.3~dev23-14.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-designate-x86_64-5.0.3~dev7-12.25.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-freezer-x86_64-5.0.0.0~xrc2~dev2-10.22.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-glance-x86_64-15.0.3~dev3-12.25.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-heat-x86_64-9.0.8~dev22-12.27.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-horizon-x86_64-12.0.5~dev3-14.30.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-ironic-x86_64-9.1.8~dev8-12.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-keystone-x86_64-12.0.4~dev11-11.28.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-magnum-x86_64-5.0.2_5.0.2_5.0.2~dev31-11.26.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-manila-x86_64-5.1.1~dev5-12.31.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-monasca-ceilometer-x86_64-1.5.1_1.5.1_1.5.1~dev3-8.22.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-monasca-x86_64-2.2.2~dev1-11.22.3.noarch", "SUSE OpenStack Cloud 8:venv-openstack-murano-x86_64-4.0.2~dev2-12.22.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-neutron-x86_64-11.0.9~dev65-13.30.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-nova-x86_64-16.1.9~dev61-11.28.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-octavia-x86_64-1.0.6~dev3-12.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-sahara-x86_64-7.0.5~dev4-11.26.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-swift-x86_64-2.15.2_2.15.2_2.15.2~dev32-11.18.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-trove-x86_64-8.0.2~dev2-11.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:ansible-2.4.6.0-3.9.1.noarch", "SUSE OpenStack Cloud Crowbar 8:caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1.noarch", "SUSE OpenStack Cloud Crowbar 8:crowbar-core-5.0+git.1593156248.55bbdb26d-3.41.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:crowbar-core-branding-upstream-5.0+git.1593156248.55bbdb26d-3.41.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:crowbar-openstack-5.0+git.1593085772.64c4ab43c-4.40.2.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-deployment-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-supplement-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-upstream-admin-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-upstream-user-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:grafana-4.6.5-4.9.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kibana-4.6.3-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:openstack-dashboard-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-keystone-doc-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-monasca-installer-20190923_16.32-3.12.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-dhcp-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-doc-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-ha-tool-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-l3-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-macvtap-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-metadata-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-metering-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-server-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-octavia-amphora-image-x86_64-0.1.4-3.12.2.noarch", "SUSE OpenStack Cloud Crowbar 8:python-Django-1.11.23-3.15.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-Flask-0.12.1-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-Pillow-4.2.1-3.5.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:python-amqp-2.4.2-3.12.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-apicapi-1.6.0-3.6.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-horizon-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:python-keystoneauth1-3.1.2~dev2-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:python-oslo.messaging-5.30.8-3.11.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-psutil-5.2.2-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:python-pyroute2-0.4.21-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-pysaml2-4.0.2-5.6.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-tooz-1.58.1-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-crowbar-client-3.9.2-3.12.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-puma-2.16.0-3.9.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:storm-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:storm-nimbus-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:storm-supervisor-1.1.3-3.3.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.8, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N", version: "3.1", }, products: [ "HPE Helion OpenStack 8:ansible-2.4.6.0-3.9.1.noarch", "HPE Helion OpenStack 8:ansible1-1.9.6-7.3.1.noarch", "HPE Helion OpenStack 8:ardana-ansible-8.0+git.1589740980.6c3bcdc-3.73.1.noarch", "HPE Helion OpenStack 8:ardana-cluster-8.0+git.1585685203.3e71e49-3.36.1.noarch", "HPE Helion OpenStack 8:ardana-freezer-8.0+git.1586539529.b7d295f-3.21.1.noarch", "HPE Helion OpenStack 8:ardana-input-model-8.0+git.1589740934.0e0ad61-3.39.1.noarch", "HPE Helion OpenStack 8:ardana-logging-8.0+git.1591194866.b7375d0-3.24.1.noarch", "HPE Helion OpenStack 8:ardana-mq-8.0+git.1589715269.62ad6df-3.22.1.noarch", "HPE Helion OpenStack 8:ardana-neutron-8.0+git.1590756744.ba84abc-3.42.1.noarch", "HPE Helion OpenStack 8:ardana-octavia-8.0+git.1590100427.cf4cc8f-3.29.1.noarch", "HPE Helion OpenStack 8:ardana-osconfig-8.0+git.1587034587.eac37b8-3.45.1.noarch", "HPE Helion OpenStack 8:caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-installation-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-operations-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-opsconsole-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-planning-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-security-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-user-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:grafana-4.6.5-4.9.1.x86_64", "HPE Helion OpenStack 8:kibana-4.6.3-3.3.1.x86_64", "HPE Helion OpenStack 8:openstack-dashboard-12.0.5~dev3-3.26.1.noarch", "HPE Helion OpenStack 8:openstack-dashboard-theme-HPE-8+git.1523473653.6599ec8-3.3.1.noarch", "HPE Helion OpenStack 8:openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1.noarch", "HPE Helion OpenStack 8:openstack-keystone-12.0.4~dev11-5.33.2.noarch", "HPE Helion OpenStack 8:openstack-keystone-doc-12.0.4~dev11-5.33.2.noarch", "HPE Helion OpenStack 8:openstack-monasca-agent-2.2.6~dev4-3.18.1.noarch", "HPE Helion OpenStack 8:openstack-monasca-installer-20190923_16.32-3.12.1.noarch", "HPE Helion OpenStack 8:openstack-neutron-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-dhcp-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-doc-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-ha-tool-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-l3-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-macvtap-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-metadata-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-metering-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-server-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-octavia-amphora-image-x86_64-0.1.4-3.12.2.noarch", "HPE Helion OpenStack 8:python-Django-1.11.23-3.15.1.noarch", "HPE Helion OpenStack 8:python-Flask-0.12.1-3.3.1.noarch", "HPE Helion OpenStack 8:python-GitPython-2.1.8-3.3.1.noarch", "HPE Helion OpenStack 8:python-Pillow-4.2.1-3.5.1.x86_64", "HPE Helion OpenStack 8:python-amqp-2.4.2-3.12.1.noarch", "HPE Helion OpenStack 8:python-apicapi-1.6.0-3.6.1.noarch", "HPE Helion OpenStack 8:python-horizon-12.0.5~dev3-3.26.1.noarch", "HPE Helion OpenStack 8:python-keystone-12.0.4~dev11-5.33.2.noarch", "HPE Helion OpenStack 8:python-keystoneauth1-3.1.2~dev2-3.3.1.noarch", "HPE Helion OpenStack 8:python-monasca-agent-2.2.6~dev4-3.18.1.noarch", "HPE Helion OpenStack 8:python-neutron-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:python-oslo.messaging-5.30.8-3.11.1.noarch", "HPE Helion OpenStack 8:python-psutil-5.2.2-3.3.1.x86_64", "HPE Helion OpenStack 8:python-pyroute2-0.4.21-3.3.1.noarch", "HPE Helion OpenStack 8:python-pysaml2-4.0.2-5.6.1.noarch", "HPE Helion OpenStack 8:python-tooz-1.58.1-3.3.1.noarch", "HPE Helion OpenStack 8:python-waitress-1.4.3-3.3.1.noarch", "HPE Helion OpenStack 8:storm-1.1.3-3.3.1.x86_64", "HPE Helion OpenStack 8:storm-nimbus-1.1.3-3.3.1.x86_64", "HPE Helion OpenStack 8:storm-supervisor-1.1.3-3.3.1.x86_64", "HPE Helion OpenStack 8:venv-openstack-aodh-x86_64-5.1.1~dev7-12.26.2.noarch", "HPE Helion OpenStack 8:venv-openstack-barbican-x86_64-5.0.2~dev3-12.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-ceilometer-x86_64-9.0.8~dev7-12.24.2.noarch", "HPE Helion OpenStack 8:venv-openstack-cinder-x86_64-11.2.3~dev23-14.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-designate-x86_64-5.0.3~dev7-12.25.2.noarch", "HPE Helion OpenStack 8:venv-openstack-freezer-x86_64-5.0.0.0~xrc2~dev2-10.22.1.noarch", "HPE Helion OpenStack 8:venv-openstack-glance-x86_64-15.0.3~dev3-12.25.1.noarch", "HPE Helion OpenStack 8:venv-openstack-heat-x86_64-9.0.8~dev22-12.27.1.noarch", "HPE Helion OpenStack 8:venv-openstack-horizon-hpe-x86_64-12.0.5~dev3-14.30.1.noarch", "HPE Helion OpenStack 8:venv-openstack-ironic-x86_64-9.1.8~dev8-12.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-keystone-x86_64-12.0.4~dev11-11.28.2.noarch", "HPE Helion OpenStack 8:venv-openstack-magnum-x86_64-5.0.2_5.0.2_5.0.2~dev31-11.26.2.noarch", "HPE Helion OpenStack 8:venv-openstack-manila-x86_64-5.1.1~dev5-12.31.2.noarch", "HPE Helion OpenStack 8:venv-openstack-monasca-ceilometer-x86_64-1.5.1_1.5.1_1.5.1~dev3-8.22.2.noarch", "HPE Helion OpenStack 8:venv-openstack-monasca-x86_64-2.2.2~dev1-11.22.3.noarch", "HPE Helion OpenStack 8:venv-openstack-murano-x86_64-4.0.2~dev2-12.22.1.noarch", "HPE Helion OpenStack 8:venv-openstack-neutron-x86_64-11.0.9~dev65-13.30.2.noarch", "HPE Helion OpenStack 8:venv-openstack-nova-x86_64-16.1.9~dev61-11.28.2.noarch", "HPE Helion OpenStack 8:venv-openstack-octavia-x86_64-1.0.6~dev3-12.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-sahara-x86_64-7.0.5~dev4-11.26.2.noarch", "HPE Helion OpenStack 8:venv-openstack-swift-x86_64-2.15.2_2.15.2_2.15.2~dev32-11.18.1.noarch", "HPE Helion OpenStack 8:venv-openstack-trove-x86_64-8.0.2~dev2-11.26.1.noarch", "SUSE OpenStack Cloud 8:ansible-2.4.6.0-3.9.1.noarch", "SUSE OpenStack Cloud 8:ansible1-1.9.6-7.3.1.noarch", "SUSE OpenStack Cloud 8:ardana-ansible-8.0+git.1589740980.6c3bcdc-3.73.1.noarch", "SUSE OpenStack Cloud 8:ardana-cluster-8.0+git.1585685203.3e71e49-3.36.1.noarch", "SUSE OpenStack Cloud 8:ardana-freezer-8.0+git.1586539529.b7d295f-3.21.1.noarch", "SUSE OpenStack Cloud 8:ardana-input-model-8.0+git.1589740934.0e0ad61-3.39.1.noarch", "SUSE OpenStack Cloud 8:ardana-logging-8.0+git.1591194866.b7375d0-3.24.1.noarch", "SUSE OpenStack Cloud 8:ardana-mq-8.0+git.1589715269.62ad6df-3.22.1.noarch", "SUSE OpenStack Cloud 8:ardana-neutron-8.0+git.1590756744.ba84abc-3.42.1.noarch", "SUSE OpenStack Cloud 8:ardana-octavia-8.0+git.1590100427.cf4cc8f-3.29.1.noarch", "SUSE OpenStack Cloud 8:ardana-osconfig-8.0+git.1587034587.eac37b8-3.45.1.noarch", "SUSE OpenStack Cloud 8:caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-installation-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-operations-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-opsconsole-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-planning-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-security-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-supplement-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-upstream-admin-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-upstream-user-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-user-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:grafana-4.6.5-4.9.1.x86_64", "SUSE OpenStack Cloud 8:kibana-4.6.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:openstack-dashboard-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud 8:openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1.noarch", "SUSE OpenStack Cloud 8:openstack-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-keystone-doc-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud 8:openstack-monasca-installer-20190923_16.32-3.12.1.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-dhcp-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-doc-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-ha-tool-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-l3-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-macvtap-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-metadata-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-metering-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-server-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-octavia-amphora-image-x86_64-0.1.4-3.12.2.noarch", "SUSE OpenStack Cloud 8:python-Django-1.11.23-3.15.1.noarch", "SUSE OpenStack Cloud 8:python-Flask-0.12.1-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-GitPython-2.1.8-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-Pillow-4.2.1-3.5.1.x86_64", "SUSE OpenStack Cloud 8:python-amqp-2.4.2-3.12.1.noarch", "SUSE OpenStack Cloud 8:python-apicapi-1.6.0-3.6.1.noarch", "SUSE OpenStack Cloud 8:python-horizon-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud 8:python-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud 8:python-keystoneauth1-3.1.2~dev2-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud 8:python-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:python-oslo.messaging-5.30.8-3.11.1.noarch", "SUSE OpenStack Cloud 8:python-psutil-5.2.2-3.3.1.x86_64", "SUSE OpenStack Cloud 8:python-pyroute2-0.4.21-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-pysaml2-4.0.2-5.6.1.noarch", "SUSE OpenStack Cloud 8:python-tooz-1.58.1-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud 8:storm-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:storm-nimbus-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:storm-supervisor-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:venv-openstack-aodh-x86_64-5.1.1~dev7-12.26.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-barbican-x86_64-5.0.2~dev3-12.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-ceilometer-x86_64-9.0.8~dev7-12.24.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-cinder-x86_64-11.2.3~dev23-14.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-designate-x86_64-5.0.3~dev7-12.25.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-freezer-x86_64-5.0.0.0~xrc2~dev2-10.22.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-glance-x86_64-15.0.3~dev3-12.25.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-heat-x86_64-9.0.8~dev22-12.27.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-horizon-x86_64-12.0.5~dev3-14.30.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-ironic-x86_64-9.1.8~dev8-12.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-keystone-x86_64-12.0.4~dev11-11.28.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-magnum-x86_64-5.0.2_5.0.2_5.0.2~dev31-11.26.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-manila-x86_64-5.1.1~dev5-12.31.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-monasca-ceilometer-x86_64-1.5.1_1.5.1_1.5.1~dev3-8.22.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-monasca-x86_64-2.2.2~dev1-11.22.3.noarch", "SUSE OpenStack Cloud 8:venv-openstack-murano-x86_64-4.0.2~dev2-12.22.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-neutron-x86_64-11.0.9~dev65-13.30.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-nova-x86_64-16.1.9~dev61-11.28.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-octavia-x86_64-1.0.6~dev3-12.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-sahara-x86_64-7.0.5~dev4-11.26.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-swift-x86_64-2.15.2_2.15.2_2.15.2~dev32-11.18.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-trove-x86_64-8.0.2~dev2-11.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:ansible-2.4.6.0-3.9.1.noarch", "SUSE OpenStack Cloud Crowbar 8:caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1.noarch", "SUSE OpenStack Cloud Crowbar 8:crowbar-core-5.0+git.1593156248.55bbdb26d-3.41.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:crowbar-core-branding-upstream-5.0+git.1593156248.55bbdb26d-3.41.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:crowbar-openstack-5.0+git.1593085772.64c4ab43c-4.40.2.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-deployment-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-supplement-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-upstream-admin-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-upstream-user-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:grafana-4.6.5-4.9.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kibana-4.6.3-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:openstack-dashboard-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-keystone-doc-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-monasca-installer-20190923_16.32-3.12.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-dhcp-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-doc-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-ha-tool-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-l3-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-macvtap-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-metadata-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-metering-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-server-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-octavia-amphora-image-x86_64-0.1.4-3.12.2.noarch", "SUSE OpenStack Cloud Crowbar 8:python-Django-1.11.23-3.15.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-Flask-0.12.1-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-Pillow-4.2.1-3.5.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:python-amqp-2.4.2-3.12.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-apicapi-1.6.0-3.6.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-horizon-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:python-keystoneauth1-3.1.2~dev2-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:python-oslo.messaging-5.30.8-3.11.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-psutil-5.2.2-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:python-pyroute2-0.4.21-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-pysaml2-4.0.2-5.6.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-tooz-1.58.1-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-crowbar-client-3.9.2-3.12.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-puma-2.16.0-3.9.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:storm-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:storm-nimbus-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:storm-supervisor-1.1.3-3.3.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2020-07-14T12:42:01Z", details: "moderate", }, ], title: "CVE-2020-11076", }, { cve: "CVE-2020-11077", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-11077", }, ], notes: [ { category: "general", text: "In Puma (RubyGem) before 4.3.5 and 3.12.6, a client could smuggle a request through a proxy, causing the proxy to send a response back to another unknown client. If the proxy uses persistent connections and the client adds another request in via HTTP pipelining, the proxy may mistake it as the first request's body. Puma, however, would see it as two requests, and when processing the second request, send back a response that the proxy does not expect. If the proxy has reused the persistent connection to Puma to send another request for a different client, the second response from the first client will be sent to the second client. This is a similar but different vulnerability from CVE-2020-11076. The problem has been fixed in Puma 3.12.6 and Puma 4.3.5.", title: "CVE description", }, ], product_status: { recommended: [ "HPE Helion OpenStack 8:ansible-2.4.6.0-3.9.1.noarch", "HPE Helion OpenStack 8:ansible1-1.9.6-7.3.1.noarch", "HPE Helion OpenStack 8:ardana-ansible-8.0+git.1589740980.6c3bcdc-3.73.1.noarch", "HPE Helion OpenStack 8:ardana-cluster-8.0+git.1585685203.3e71e49-3.36.1.noarch", "HPE Helion OpenStack 8:ardana-freezer-8.0+git.1586539529.b7d295f-3.21.1.noarch", "HPE Helion OpenStack 8:ardana-input-model-8.0+git.1589740934.0e0ad61-3.39.1.noarch", "HPE Helion OpenStack 8:ardana-logging-8.0+git.1591194866.b7375d0-3.24.1.noarch", "HPE Helion OpenStack 8:ardana-mq-8.0+git.1589715269.62ad6df-3.22.1.noarch", "HPE Helion OpenStack 8:ardana-neutron-8.0+git.1590756744.ba84abc-3.42.1.noarch", "HPE Helion OpenStack 8:ardana-octavia-8.0+git.1590100427.cf4cc8f-3.29.1.noarch", "HPE Helion OpenStack 8:ardana-osconfig-8.0+git.1587034587.eac37b8-3.45.1.noarch", "HPE Helion OpenStack 8:caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-installation-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-operations-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-opsconsole-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-planning-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-security-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-user-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:grafana-4.6.5-4.9.1.x86_64", "HPE Helion OpenStack 8:kibana-4.6.3-3.3.1.x86_64", "HPE Helion OpenStack 8:openstack-dashboard-12.0.5~dev3-3.26.1.noarch", "HPE Helion OpenStack 8:openstack-dashboard-theme-HPE-8+git.1523473653.6599ec8-3.3.1.noarch", "HPE Helion OpenStack 8:openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1.noarch", "HPE Helion OpenStack 8:openstack-keystone-12.0.4~dev11-5.33.2.noarch", "HPE Helion OpenStack 8:openstack-keystone-doc-12.0.4~dev11-5.33.2.noarch", "HPE Helion OpenStack 8:openstack-monasca-agent-2.2.6~dev4-3.18.1.noarch", "HPE Helion OpenStack 8:openstack-monasca-installer-20190923_16.32-3.12.1.noarch", "HPE Helion OpenStack 8:openstack-neutron-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-dhcp-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-doc-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-ha-tool-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-l3-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-macvtap-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-metadata-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-metering-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-server-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-octavia-amphora-image-x86_64-0.1.4-3.12.2.noarch", "HPE Helion OpenStack 8:python-Django-1.11.23-3.15.1.noarch", "HPE Helion OpenStack 8:python-Flask-0.12.1-3.3.1.noarch", "HPE Helion OpenStack 8:python-GitPython-2.1.8-3.3.1.noarch", "HPE Helion OpenStack 8:python-Pillow-4.2.1-3.5.1.x86_64", "HPE Helion OpenStack 8:python-amqp-2.4.2-3.12.1.noarch", "HPE Helion OpenStack 8:python-apicapi-1.6.0-3.6.1.noarch", "HPE Helion OpenStack 8:python-horizon-12.0.5~dev3-3.26.1.noarch", "HPE Helion OpenStack 8:python-keystone-12.0.4~dev11-5.33.2.noarch", "HPE Helion OpenStack 8:python-keystoneauth1-3.1.2~dev2-3.3.1.noarch", "HPE Helion OpenStack 8:python-monasca-agent-2.2.6~dev4-3.18.1.noarch", "HPE Helion OpenStack 8:python-neutron-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:python-oslo.messaging-5.30.8-3.11.1.noarch", "HPE Helion OpenStack 8:python-psutil-5.2.2-3.3.1.x86_64", "HPE Helion OpenStack 8:python-pyroute2-0.4.21-3.3.1.noarch", "HPE Helion OpenStack 8:python-pysaml2-4.0.2-5.6.1.noarch", "HPE Helion OpenStack 8:python-tooz-1.58.1-3.3.1.noarch", "HPE Helion OpenStack 8:python-waitress-1.4.3-3.3.1.noarch", "HPE Helion OpenStack 8:storm-1.1.3-3.3.1.x86_64", "HPE Helion OpenStack 8:storm-nimbus-1.1.3-3.3.1.x86_64", "HPE Helion OpenStack 8:storm-supervisor-1.1.3-3.3.1.x86_64", "HPE Helion OpenStack 8:venv-openstack-aodh-x86_64-5.1.1~dev7-12.26.2.noarch", "HPE Helion OpenStack 8:venv-openstack-barbican-x86_64-5.0.2~dev3-12.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-ceilometer-x86_64-9.0.8~dev7-12.24.2.noarch", "HPE Helion OpenStack 8:venv-openstack-cinder-x86_64-11.2.3~dev23-14.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-designate-x86_64-5.0.3~dev7-12.25.2.noarch", "HPE Helion OpenStack 8:venv-openstack-freezer-x86_64-5.0.0.0~xrc2~dev2-10.22.1.noarch", "HPE Helion OpenStack 8:venv-openstack-glance-x86_64-15.0.3~dev3-12.25.1.noarch", "HPE Helion OpenStack 8:venv-openstack-heat-x86_64-9.0.8~dev22-12.27.1.noarch", "HPE Helion OpenStack 8:venv-openstack-horizon-hpe-x86_64-12.0.5~dev3-14.30.1.noarch", "HPE Helion OpenStack 8:venv-openstack-ironic-x86_64-9.1.8~dev8-12.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-keystone-x86_64-12.0.4~dev11-11.28.2.noarch", "HPE Helion OpenStack 8:venv-openstack-magnum-x86_64-5.0.2_5.0.2_5.0.2~dev31-11.26.2.noarch", "HPE Helion OpenStack 8:venv-openstack-manila-x86_64-5.1.1~dev5-12.31.2.noarch", "HPE Helion OpenStack 8:venv-openstack-monasca-ceilometer-x86_64-1.5.1_1.5.1_1.5.1~dev3-8.22.2.noarch", "HPE Helion OpenStack 8:venv-openstack-monasca-x86_64-2.2.2~dev1-11.22.3.noarch", "HPE Helion OpenStack 8:venv-openstack-murano-x86_64-4.0.2~dev2-12.22.1.noarch", "HPE Helion OpenStack 8:venv-openstack-neutron-x86_64-11.0.9~dev65-13.30.2.noarch", "HPE Helion OpenStack 8:venv-openstack-nova-x86_64-16.1.9~dev61-11.28.2.noarch", "HPE Helion OpenStack 8:venv-openstack-octavia-x86_64-1.0.6~dev3-12.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-sahara-x86_64-7.0.5~dev4-11.26.2.noarch", "HPE Helion OpenStack 8:venv-openstack-swift-x86_64-2.15.2_2.15.2_2.15.2~dev32-11.18.1.noarch", "HPE Helion OpenStack 8:venv-openstack-trove-x86_64-8.0.2~dev2-11.26.1.noarch", "SUSE OpenStack Cloud 8:ansible-2.4.6.0-3.9.1.noarch", "SUSE OpenStack Cloud 8:ansible1-1.9.6-7.3.1.noarch", "SUSE OpenStack Cloud 8:ardana-ansible-8.0+git.1589740980.6c3bcdc-3.73.1.noarch", "SUSE OpenStack Cloud 8:ardana-cluster-8.0+git.1585685203.3e71e49-3.36.1.noarch", "SUSE OpenStack Cloud 8:ardana-freezer-8.0+git.1586539529.b7d295f-3.21.1.noarch", "SUSE OpenStack Cloud 8:ardana-input-model-8.0+git.1589740934.0e0ad61-3.39.1.noarch", "SUSE OpenStack Cloud 8:ardana-logging-8.0+git.1591194866.b7375d0-3.24.1.noarch", "SUSE OpenStack Cloud 8:ardana-mq-8.0+git.1589715269.62ad6df-3.22.1.noarch", "SUSE OpenStack Cloud 8:ardana-neutron-8.0+git.1590756744.ba84abc-3.42.1.noarch", "SUSE OpenStack Cloud 8:ardana-octavia-8.0+git.1590100427.cf4cc8f-3.29.1.noarch", "SUSE OpenStack Cloud 8:ardana-osconfig-8.0+git.1587034587.eac37b8-3.45.1.noarch", "SUSE OpenStack Cloud 8:caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-installation-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-operations-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-opsconsole-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-planning-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-security-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-supplement-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-upstream-admin-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-upstream-user-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-user-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:grafana-4.6.5-4.9.1.x86_64", "SUSE OpenStack Cloud 8:kibana-4.6.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:openstack-dashboard-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud 8:openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1.noarch", "SUSE OpenStack Cloud 8:openstack-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-keystone-doc-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud 8:openstack-monasca-installer-20190923_16.32-3.12.1.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-dhcp-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-doc-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-ha-tool-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-l3-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-macvtap-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-metadata-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-metering-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-server-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-octavia-amphora-image-x86_64-0.1.4-3.12.2.noarch", "SUSE OpenStack Cloud 8:python-Django-1.11.23-3.15.1.noarch", "SUSE OpenStack Cloud 8:python-Flask-0.12.1-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-GitPython-2.1.8-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-Pillow-4.2.1-3.5.1.x86_64", "SUSE OpenStack Cloud 8:python-amqp-2.4.2-3.12.1.noarch", "SUSE OpenStack Cloud 8:python-apicapi-1.6.0-3.6.1.noarch", "SUSE OpenStack Cloud 8:python-horizon-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud 8:python-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud 8:python-keystoneauth1-3.1.2~dev2-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud 8:python-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:python-oslo.messaging-5.30.8-3.11.1.noarch", "SUSE OpenStack Cloud 8:python-psutil-5.2.2-3.3.1.x86_64", "SUSE OpenStack Cloud 8:python-pyroute2-0.4.21-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-pysaml2-4.0.2-5.6.1.noarch", "SUSE OpenStack Cloud 8:python-tooz-1.58.1-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud 8:storm-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:storm-nimbus-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:storm-supervisor-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:venv-openstack-aodh-x86_64-5.1.1~dev7-12.26.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-barbican-x86_64-5.0.2~dev3-12.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-ceilometer-x86_64-9.0.8~dev7-12.24.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-cinder-x86_64-11.2.3~dev23-14.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-designate-x86_64-5.0.3~dev7-12.25.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-freezer-x86_64-5.0.0.0~xrc2~dev2-10.22.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-glance-x86_64-15.0.3~dev3-12.25.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-heat-x86_64-9.0.8~dev22-12.27.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-horizon-x86_64-12.0.5~dev3-14.30.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-ironic-x86_64-9.1.8~dev8-12.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-keystone-x86_64-12.0.4~dev11-11.28.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-magnum-x86_64-5.0.2_5.0.2_5.0.2~dev31-11.26.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-manila-x86_64-5.1.1~dev5-12.31.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-monasca-ceilometer-x86_64-1.5.1_1.5.1_1.5.1~dev3-8.22.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-monasca-x86_64-2.2.2~dev1-11.22.3.noarch", "SUSE OpenStack Cloud 8:venv-openstack-murano-x86_64-4.0.2~dev2-12.22.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-neutron-x86_64-11.0.9~dev65-13.30.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-nova-x86_64-16.1.9~dev61-11.28.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-octavia-x86_64-1.0.6~dev3-12.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-sahara-x86_64-7.0.5~dev4-11.26.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-swift-x86_64-2.15.2_2.15.2_2.15.2~dev32-11.18.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-trove-x86_64-8.0.2~dev2-11.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:ansible-2.4.6.0-3.9.1.noarch", "SUSE OpenStack Cloud Crowbar 8:caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1.noarch", "SUSE OpenStack Cloud Crowbar 8:crowbar-core-5.0+git.1593156248.55bbdb26d-3.41.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:crowbar-core-branding-upstream-5.0+git.1593156248.55bbdb26d-3.41.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:crowbar-openstack-5.0+git.1593085772.64c4ab43c-4.40.2.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-deployment-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-supplement-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-upstream-admin-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-upstream-user-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:grafana-4.6.5-4.9.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kibana-4.6.3-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:openstack-dashboard-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-keystone-doc-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-monasca-installer-20190923_16.32-3.12.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-dhcp-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-doc-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-ha-tool-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-l3-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-macvtap-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-metadata-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-metering-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-server-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-octavia-amphora-image-x86_64-0.1.4-3.12.2.noarch", "SUSE OpenStack Cloud Crowbar 8:python-Django-1.11.23-3.15.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-Flask-0.12.1-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-Pillow-4.2.1-3.5.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:python-amqp-2.4.2-3.12.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-apicapi-1.6.0-3.6.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-horizon-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:python-keystoneauth1-3.1.2~dev2-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:python-oslo.messaging-5.30.8-3.11.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-psutil-5.2.2-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:python-pyroute2-0.4.21-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-pysaml2-4.0.2-5.6.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-tooz-1.58.1-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-crowbar-client-3.9.2-3.12.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-puma-2.16.0-3.9.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:storm-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:storm-nimbus-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:storm-supervisor-1.1.3-3.3.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-11077", url: "https://www.suse.com/security/cve/CVE-2020-11077", }, { category: "external", summary: "SUSE Bug 1172175 for CVE-2020-11077", url: "https://bugzilla.suse.com/1172175", }, { category: "external", summary: "SUSE Bug 1172176 for CVE-2020-11077", url: "https://bugzilla.suse.com/1172176", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "HPE Helion OpenStack 8:ansible-2.4.6.0-3.9.1.noarch", "HPE Helion OpenStack 8:ansible1-1.9.6-7.3.1.noarch", "HPE Helion OpenStack 8:ardana-ansible-8.0+git.1589740980.6c3bcdc-3.73.1.noarch", "HPE Helion OpenStack 8:ardana-cluster-8.0+git.1585685203.3e71e49-3.36.1.noarch", "HPE Helion OpenStack 8:ardana-freezer-8.0+git.1586539529.b7d295f-3.21.1.noarch", "HPE Helion OpenStack 8:ardana-input-model-8.0+git.1589740934.0e0ad61-3.39.1.noarch", "HPE Helion OpenStack 8:ardana-logging-8.0+git.1591194866.b7375d0-3.24.1.noarch", "HPE Helion OpenStack 8:ardana-mq-8.0+git.1589715269.62ad6df-3.22.1.noarch", "HPE Helion OpenStack 8:ardana-neutron-8.0+git.1590756744.ba84abc-3.42.1.noarch", "HPE Helion OpenStack 8:ardana-octavia-8.0+git.1590100427.cf4cc8f-3.29.1.noarch", "HPE Helion OpenStack 8:ardana-osconfig-8.0+git.1587034587.eac37b8-3.45.1.noarch", "HPE Helion OpenStack 8:caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-installation-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-operations-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-opsconsole-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-planning-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-security-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-user-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:grafana-4.6.5-4.9.1.x86_64", "HPE Helion OpenStack 8:kibana-4.6.3-3.3.1.x86_64", "HPE Helion OpenStack 8:openstack-dashboard-12.0.5~dev3-3.26.1.noarch", "HPE Helion OpenStack 8:openstack-dashboard-theme-HPE-8+git.1523473653.6599ec8-3.3.1.noarch", "HPE Helion OpenStack 8:openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1.noarch", "HPE Helion OpenStack 8:openstack-keystone-12.0.4~dev11-5.33.2.noarch", "HPE Helion OpenStack 8:openstack-keystone-doc-12.0.4~dev11-5.33.2.noarch", "HPE Helion OpenStack 8:openstack-monasca-agent-2.2.6~dev4-3.18.1.noarch", "HPE Helion OpenStack 8:openstack-monasca-installer-20190923_16.32-3.12.1.noarch", "HPE Helion OpenStack 8:openstack-neutron-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-dhcp-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-doc-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-ha-tool-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-l3-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-macvtap-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-metadata-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-metering-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-server-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-octavia-amphora-image-x86_64-0.1.4-3.12.2.noarch", "HPE Helion OpenStack 8:python-Django-1.11.23-3.15.1.noarch", "HPE Helion OpenStack 8:python-Flask-0.12.1-3.3.1.noarch", "HPE Helion OpenStack 8:python-GitPython-2.1.8-3.3.1.noarch", "HPE Helion OpenStack 8:python-Pillow-4.2.1-3.5.1.x86_64", "HPE Helion OpenStack 8:python-amqp-2.4.2-3.12.1.noarch", "HPE Helion OpenStack 8:python-apicapi-1.6.0-3.6.1.noarch", "HPE Helion OpenStack 8:python-horizon-12.0.5~dev3-3.26.1.noarch", "HPE Helion OpenStack 8:python-keystone-12.0.4~dev11-5.33.2.noarch", "HPE Helion OpenStack 8:python-keystoneauth1-3.1.2~dev2-3.3.1.noarch", "HPE Helion OpenStack 8:python-monasca-agent-2.2.6~dev4-3.18.1.noarch", "HPE Helion OpenStack 8:python-neutron-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:python-oslo.messaging-5.30.8-3.11.1.noarch", "HPE Helion OpenStack 8:python-psutil-5.2.2-3.3.1.x86_64", "HPE Helion OpenStack 8:python-pyroute2-0.4.21-3.3.1.noarch", "HPE Helion OpenStack 8:python-pysaml2-4.0.2-5.6.1.noarch", "HPE Helion OpenStack 8:python-tooz-1.58.1-3.3.1.noarch", "HPE Helion OpenStack 8:python-waitress-1.4.3-3.3.1.noarch", "HPE Helion OpenStack 8:storm-1.1.3-3.3.1.x86_64", "HPE Helion OpenStack 8:storm-nimbus-1.1.3-3.3.1.x86_64", "HPE Helion OpenStack 8:storm-supervisor-1.1.3-3.3.1.x86_64", "HPE Helion OpenStack 8:venv-openstack-aodh-x86_64-5.1.1~dev7-12.26.2.noarch", "HPE Helion OpenStack 8:venv-openstack-barbican-x86_64-5.0.2~dev3-12.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-ceilometer-x86_64-9.0.8~dev7-12.24.2.noarch", "HPE Helion OpenStack 8:venv-openstack-cinder-x86_64-11.2.3~dev23-14.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-designate-x86_64-5.0.3~dev7-12.25.2.noarch", "HPE Helion OpenStack 8:venv-openstack-freezer-x86_64-5.0.0.0~xrc2~dev2-10.22.1.noarch", "HPE Helion OpenStack 8:venv-openstack-glance-x86_64-15.0.3~dev3-12.25.1.noarch", "HPE Helion OpenStack 8:venv-openstack-heat-x86_64-9.0.8~dev22-12.27.1.noarch", "HPE Helion OpenStack 8:venv-openstack-horizon-hpe-x86_64-12.0.5~dev3-14.30.1.noarch", "HPE Helion OpenStack 8:venv-openstack-ironic-x86_64-9.1.8~dev8-12.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-keystone-x86_64-12.0.4~dev11-11.28.2.noarch", "HPE Helion OpenStack 8:venv-openstack-magnum-x86_64-5.0.2_5.0.2_5.0.2~dev31-11.26.2.noarch", "HPE Helion OpenStack 8:venv-openstack-manila-x86_64-5.1.1~dev5-12.31.2.noarch", "HPE Helion OpenStack 8:venv-openstack-monasca-ceilometer-x86_64-1.5.1_1.5.1_1.5.1~dev3-8.22.2.noarch", "HPE Helion OpenStack 8:venv-openstack-monasca-x86_64-2.2.2~dev1-11.22.3.noarch", "HPE Helion OpenStack 8:venv-openstack-murano-x86_64-4.0.2~dev2-12.22.1.noarch", "HPE Helion OpenStack 8:venv-openstack-neutron-x86_64-11.0.9~dev65-13.30.2.noarch", "HPE Helion OpenStack 8:venv-openstack-nova-x86_64-16.1.9~dev61-11.28.2.noarch", "HPE Helion OpenStack 8:venv-openstack-octavia-x86_64-1.0.6~dev3-12.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-sahara-x86_64-7.0.5~dev4-11.26.2.noarch", "HPE Helion OpenStack 8:venv-openstack-swift-x86_64-2.15.2_2.15.2_2.15.2~dev32-11.18.1.noarch", "HPE Helion OpenStack 8:venv-openstack-trove-x86_64-8.0.2~dev2-11.26.1.noarch", "SUSE OpenStack Cloud 8:ansible-2.4.6.0-3.9.1.noarch", "SUSE OpenStack Cloud 8:ansible1-1.9.6-7.3.1.noarch", "SUSE OpenStack Cloud 8:ardana-ansible-8.0+git.1589740980.6c3bcdc-3.73.1.noarch", "SUSE OpenStack Cloud 8:ardana-cluster-8.0+git.1585685203.3e71e49-3.36.1.noarch", "SUSE OpenStack Cloud 8:ardana-freezer-8.0+git.1586539529.b7d295f-3.21.1.noarch", "SUSE OpenStack Cloud 8:ardana-input-model-8.0+git.1589740934.0e0ad61-3.39.1.noarch", "SUSE OpenStack Cloud 8:ardana-logging-8.0+git.1591194866.b7375d0-3.24.1.noarch", "SUSE OpenStack Cloud 8:ardana-mq-8.0+git.1589715269.62ad6df-3.22.1.noarch", "SUSE OpenStack Cloud 8:ardana-neutron-8.0+git.1590756744.ba84abc-3.42.1.noarch", "SUSE OpenStack Cloud 8:ardana-octavia-8.0+git.1590100427.cf4cc8f-3.29.1.noarch", "SUSE OpenStack Cloud 8:ardana-osconfig-8.0+git.1587034587.eac37b8-3.45.1.noarch", "SUSE OpenStack Cloud 8:caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-installation-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-operations-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-opsconsole-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-planning-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-security-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-supplement-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-upstream-admin-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-upstream-user-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-user-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:grafana-4.6.5-4.9.1.x86_64", "SUSE OpenStack Cloud 8:kibana-4.6.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:openstack-dashboard-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud 8:openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1.noarch", "SUSE OpenStack Cloud 8:openstack-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-keystone-doc-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud 8:openstack-monasca-installer-20190923_16.32-3.12.1.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-dhcp-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-doc-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-ha-tool-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-l3-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-macvtap-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-metadata-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-metering-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-server-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-octavia-amphora-image-x86_64-0.1.4-3.12.2.noarch", "SUSE OpenStack Cloud 8:python-Django-1.11.23-3.15.1.noarch", "SUSE OpenStack Cloud 8:python-Flask-0.12.1-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-GitPython-2.1.8-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-Pillow-4.2.1-3.5.1.x86_64", "SUSE OpenStack Cloud 8:python-amqp-2.4.2-3.12.1.noarch", "SUSE OpenStack Cloud 8:python-apicapi-1.6.0-3.6.1.noarch", "SUSE OpenStack Cloud 8:python-horizon-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud 8:python-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud 8:python-keystoneauth1-3.1.2~dev2-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud 8:python-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:python-oslo.messaging-5.30.8-3.11.1.noarch", "SUSE OpenStack Cloud 8:python-psutil-5.2.2-3.3.1.x86_64", "SUSE OpenStack Cloud 8:python-pyroute2-0.4.21-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-pysaml2-4.0.2-5.6.1.noarch", "SUSE OpenStack Cloud 8:python-tooz-1.58.1-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud 8:storm-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:storm-nimbus-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:storm-supervisor-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:venv-openstack-aodh-x86_64-5.1.1~dev7-12.26.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-barbican-x86_64-5.0.2~dev3-12.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-ceilometer-x86_64-9.0.8~dev7-12.24.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-cinder-x86_64-11.2.3~dev23-14.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-designate-x86_64-5.0.3~dev7-12.25.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-freezer-x86_64-5.0.0.0~xrc2~dev2-10.22.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-glance-x86_64-15.0.3~dev3-12.25.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-heat-x86_64-9.0.8~dev22-12.27.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-horizon-x86_64-12.0.5~dev3-14.30.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-ironic-x86_64-9.1.8~dev8-12.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-keystone-x86_64-12.0.4~dev11-11.28.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-magnum-x86_64-5.0.2_5.0.2_5.0.2~dev31-11.26.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-manila-x86_64-5.1.1~dev5-12.31.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-monasca-ceilometer-x86_64-1.5.1_1.5.1_1.5.1~dev3-8.22.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-monasca-x86_64-2.2.2~dev1-11.22.3.noarch", "SUSE OpenStack Cloud 8:venv-openstack-murano-x86_64-4.0.2~dev2-12.22.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-neutron-x86_64-11.0.9~dev65-13.30.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-nova-x86_64-16.1.9~dev61-11.28.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-octavia-x86_64-1.0.6~dev3-12.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-sahara-x86_64-7.0.5~dev4-11.26.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-swift-x86_64-2.15.2_2.15.2_2.15.2~dev32-11.18.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-trove-x86_64-8.0.2~dev2-11.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:ansible-2.4.6.0-3.9.1.noarch", "SUSE OpenStack Cloud Crowbar 8:caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1.noarch", "SUSE OpenStack Cloud Crowbar 8:crowbar-core-5.0+git.1593156248.55bbdb26d-3.41.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:crowbar-core-branding-upstream-5.0+git.1593156248.55bbdb26d-3.41.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:crowbar-openstack-5.0+git.1593085772.64c4ab43c-4.40.2.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-deployment-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-supplement-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-upstream-admin-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-upstream-user-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:grafana-4.6.5-4.9.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kibana-4.6.3-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:openstack-dashboard-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-keystone-doc-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-monasca-installer-20190923_16.32-3.12.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-dhcp-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-doc-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-ha-tool-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-l3-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-macvtap-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-metadata-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-metering-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-server-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-octavia-amphora-image-x86_64-0.1.4-3.12.2.noarch", "SUSE OpenStack Cloud Crowbar 8:python-Django-1.11.23-3.15.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-Flask-0.12.1-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-Pillow-4.2.1-3.5.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:python-amqp-2.4.2-3.12.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-apicapi-1.6.0-3.6.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-horizon-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:python-keystoneauth1-3.1.2~dev2-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:python-oslo.messaging-5.30.8-3.11.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-psutil-5.2.2-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:python-pyroute2-0.4.21-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-pysaml2-4.0.2-5.6.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-tooz-1.58.1-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-crowbar-client-3.9.2-3.12.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-puma-2.16.0-3.9.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:storm-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:storm-nimbus-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:storm-supervisor-1.1.3-3.3.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.8, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N", version: "3.1", }, products: [ "HPE Helion OpenStack 8:ansible-2.4.6.0-3.9.1.noarch", "HPE Helion OpenStack 8:ansible1-1.9.6-7.3.1.noarch", "HPE Helion OpenStack 8:ardana-ansible-8.0+git.1589740980.6c3bcdc-3.73.1.noarch", "HPE Helion OpenStack 8:ardana-cluster-8.0+git.1585685203.3e71e49-3.36.1.noarch", "HPE Helion OpenStack 8:ardana-freezer-8.0+git.1586539529.b7d295f-3.21.1.noarch", "HPE Helion OpenStack 8:ardana-input-model-8.0+git.1589740934.0e0ad61-3.39.1.noarch", "HPE Helion OpenStack 8:ardana-logging-8.0+git.1591194866.b7375d0-3.24.1.noarch", "HPE Helion OpenStack 8:ardana-mq-8.0+git.1589715269.62ad6df-3.22.1.noarch", "HPE Helion OpenStack 8:ardana-neutron-8.0+git.1590756744.ba84abc-3.42.1.noarch", "HPE Helion OpenStack 8:ardana-octavia-8.0+git.1590100427.cf4cc8f-3.29.1.noarch", "HPE Helion OpenStack 8:ardana-osconfig-8.0+git.1587034587.eac37b8-3.45.1.noarch", "HPE Helion OpenStack 8:caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-installation-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-operations-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-opsconsole-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-planning-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-security-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-user-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:grafana-4.6.5-4.9.1.x86_64", "HPE Helion OpenStack 8:kibana-4.6.3-3.3.1.x86_64", "HPE Helion OpenStack 8:openstack-dashboard-12.0.5~dev3-3.26.1.noarch", "HPE Helion OpenStack 8:openstack-dashboard-theme-HPE-8+git.1523473653.6599ec8-3.3.1.noarch", "HPE Helion OpenStack 8:openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1.noarch", "HPE Helion OpenStack 8:openstack-keystone-12.0.4~dev11-5.33.2.noarch", "HPE Helion OpenStack 8:openstack-keystone-doc-12.0.4~dev11-5.33.2.noarch", "HPE Helion OpenStack 8:openstack-monasca-agent-2.2.6~dev4-3.18.1.noarch", "HPE Helion OpenStack 8:openstack-monasca-installer-20190923_16.32-3.12.1.noarch", "HPE Helion OpenStack 8:openstack-neutron-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-dhcp-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-doc-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-ha-tool-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-l3-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-macvtap-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-metadata-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-metering-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-server-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-octavia-amphora-image-x86_64-0.1.4-3.12.2.noarch", "HPE Helion OpenStack 8:python-Django-1.11.23-3.15.1.noarch", "HPE Helion OpenStack 8:python-Flask-0.12.1-3.3.1.noarch", "HPE Helion OpenStack 8:python-GitPython-2.1.8-3.3.1.noarch", "HPE Helion OpenStack 8:python-Pillow-4.2.1-3.5.1.x86_64", "HPE Helion OpenStack 8:python-amqp-2.4.2-3.12.1.noarch", "HPE Helion OpenStack 8:python-apicapi-1.6.0-3.6.1.noarch", "HPE Helion OpenStack 8:python-horizon-12.0.5~dev3-3.26.1.noarch", "HPE Helion OpenStack 8:python-keystone-12.0.4~dev11-5.33.2.noarch", "HPE Helion OpenStack 8:python-keystoneauth1-3.1.2~dev2-3.3.1.noarch", "HPE Helion OpenStack 8:python-monasca-agent-2.2.6~dev4-3.18.1.noarch", "HPE Helion OpenStack 8:python-neutron-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:python-oslo.messaging-5.30.8-3.11.1.noarch", "HPE Helion OpenStack 8:python-psutil-5.2.2-3.3.1.x86_64", "HPE Helion OpenStack 8:python-pyroute2-0.4.21-3.3.1.noarch", "HPE Helion OpenStack 8:python-pysaml2-4.0.2-5.6.1.noarch", "HPE Helion OpenStack 8:python-tooz-1.58.1-3.3.1.noarch", "HPE Helion OpenStack 8:python-waitress-1.4.3-3.3.1.noarch", "HPE Helion OpenStack 8:storm-1.1.3-3.3.1.x86_64", "HPE Helion OpenStack 8:storm-nimbus-1.1.3-3.3.1.x86_64", "HPE Helion OpenStack 8:storm-supervisor-1.1.3-3.3.1.x86_64", "HPE Helion OpenStack 8:venv-openstack-aodh-x86_64-5.1.1~dev7-12.26.2.noarch", "HPE Helion OpenStack 8:venv-openstack-barbican-x86_64-5.0.2~dev3-12.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-ceilometer-x86_64-9.0.8~dev7-12.24.2.noarch", "HPE Helion OpenStack 8:venv-openstack-cinder-x86_64-11.2.3~dev23-14.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-designate-x86_64-5.0.3~dev7-12.25.2.noarch", "HPE Helion OpenStack 8:venv-openstack-freezer-x86_64-5.0.0.0~xrc2~dev2-10.22.1.noarch", "HPE Helion OpenStack 8:venv-openstack-glance-x86_64-15.0.3~dev3-12.25.1.noarch", "HPE Helion OpenStack 8:venv-openstack-heat-x86_64-9.0.8~dev22-12.27.1.noarch", "HPE Helion OpenStack 8:venv-openstack-horizon-hpe-x86_64-12.0.5~dev3-14.30.1.noarch", "HPE Helion OpenStack 8:venv-openstack-ironic-x86_64-9.1.8~dev8-12.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-keystone-x86_64-12.0.4~dev11-11.28.2.noarch", "HPE Helion OpenStack 8:venv-openstack-magnum-x86_64-5.0.2_5.0.2_5.0.2~dev31-11.26.2.noarch", "HPE Helion OpenStack 8:venv-openstack-manila-x86_64-5.1.1~dev5-12.31.2.noarch", "HPE Helion OpenStack 8:venv-openstack-monasca-ceilometer-x86_64-1.5.1_1.5.1_1.5.1~dev3-8.22.2.noarch", "HPE Helion OpenStack 8:venv-openstack-monasca-x86_64-2.2.2~dev1-11.22.3.noarch", "HPE Helion OpenStack 8:venv-openstack-murano-x86_64-4.0.2~dev2-12.22.1.noarch", "HPE Helion OpenStack 8:venv-openstack-neutron-x86_64-11.0.9~dev65-13.30.2.noarch", "HPE Helion OpenStack 8:venv-openstack-nova-x86_64-16.1.9~dev61-11.28.2.noarch", "HPE Helion OpenStack 8:venv-openstack-octavia-x86_64-1.0.6~dev3-12.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-sahara-x86_64-7.0.5~dev4-11.26.2.noarch", "HPE Helion OpenStack 8:venv-openstack-swift-x86_64-2.15.2_2.15.2_2.15.2~dev32-11.18.1.noarch", "HPE Helion OpenStack 8:venv-openstack-trove-x86_64-8.0.2~dev2-11.26.1.noarch", "SUSE OpenStack Cloud 8:ansible-2.4.6.0-3.9.1.noarch", "SUSE OpenStack Cloud 8:ansible1-1.9.6-7.3.1.noarch", "SUSE OpenStack Cloud 8:ardana-ansible-8.0+git.1589740980.6c3bcdc-3.73.1.noarch", "SUSE OpenStack Cloud 8:ardana-cluster-8.0+git.1585685203.3e71e49-3.36.1.noarch", "SUSE OpenStack Cloud 8:ardana-freezer-8.0+git.1586539529.b7d295f-3.21.1.noarch", "SUSE OpenStack Cloud 8:ardana-input-model-8.0+git.1589740934.0e0ad61-3.39.1.noarch", "SUSE OpenStack Cloud 8:ardana-logging-8.0+git.1591194866.b7375d0-3.24.1.noarch", "SUSE OpenStack Cloud 8:ardana-mq-8.0+git.1589715269.62ad6df-3.22.1.noarch", "SUSE OpenStack Cloud 8:ardana-neutron-8.0+git.1590756744.ba84abc-3.42.1.noarch", "SUSE OpenStack Cloud 8:ardana-octavia-8.0+git.1590100427.cf4cc8f-3.29.1.noarch", "SUSE OpenStack Cloud 8:ardana-osconfig-8.0+git.1587034587.eac37b8-3.45.1.noarch", "SUSE OpenStack Cloud 8:caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-installation-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-operations-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-opsconsole-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-planning-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-security-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-supplement-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-upstream-admin-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-upstream-user-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-user-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:grafana-4.6.5-4.9.1.x86_64", "SUSE OpenStack Cloud 8:kibana-4.6.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:openstack-dashboard-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud 8:openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1.noarch", "SUSE OpenStack Cloud 8:openstack-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-keystone-doc-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud 8:openstack-monasca-installer-20190923_16.32-3.12.1.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-dhcp-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-doc-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-ha-tool-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-l3-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-macvtap-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-metadata-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-metering-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-server-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-octavia-amphora-image-x86_64-0.1.4-3.12.2.noarch", "SUSE OpenStack Cloud 8:python-Django-1.11.23-3.15.1.noarch", "SUSE OpenStack Cloud 8:python-Flask-0.12.1-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-GitPython-2.1.8-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-Pillow-4.2.1-3.5.1.x86_64", "SUSE OpenStack Cloud 8:python-amqp-2.4.2-3.12.1.noarch", "SUSE OpenStack Cloud 8:python-apicapi-1.6.0-3.6.1.noarch", "SUSE OpenStack Cloud 8:python-horizon-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud 8:python-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud 8:python-keystoneauth1-3.1.2~dev2-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud 8:python-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:python-oslo.messaging-5.30.8-3.11.1.noarch", "SUSE OpenStack Cloud 8:python-psutil-5.2.2-3.3.1.x86_64", "SUSE OpenStack Cloud 8:python-pyroute2-0.4.21-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-pysaml2-4.0.2-5.6.1.noarch", "SUSE OpenStack Cloud 8:python-tooz-1.58.1-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud 8:storm-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:storm-nimbus-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:storm-supervisor-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:venv-openstack-aodh-x86_64-5.1.1~dev7-12.26.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-barbican-x86_64-5.0.2~dev3-12.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-ceilometer-x86_64-9.0.8~dev7-12.24.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-cinder-x86_64-11.2.3~dev23-14.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-designate-x86_64-5.0.3~dev7-12.25.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-freezer-x86_64-5.0.0.0~xrc2~dev2-10.22.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-glance-x86_64-15.0.3~dev3-12.25.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-heat-x86_64-9.0.8~dev22-12.27.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-horizon-x86_64-12.0.5~dev3-14.30.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-ironic-x86_64-9.1.8~dev8-12.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-keystone-x86_64-12.0.4~dev11-11.28.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-magnum-x86_64-5.0.2_5.0.2_5.0.2~dev31-11.26.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-manila-x86_64-5.1.1~dev5-12.31.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-monasca-ceilometer-x86_64-1.5.1_1.5.1_1.5.1~dev3-8.22.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-monasca-x86_64-2.2.2~dev1-11.22.3.noarch", "SUSE OpenStack Cloud 8:venv-openstack-murano-x86_64-4.0.2~dev2-12.22.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-neutron-x86_64-11.0.9~dev65-13.30.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-nova-x86_64-16.1.9~dev61-11.28.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-octavia-x86_64-1.0.6~dev3-12.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-sahara-x86_64-7.0.5~dev4-11.26.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-swift-x86_64-2.15.2_2.15.2_2.15.2~dev32-11.18.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-trove-x86_64-8.0.2~dev2-11.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:ansible-2.4.6.0-3.9.1.noarch", "SUSE OpenStack Cloud Crowbar 8:caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1.noarch", "SUSE OpenStack Cloud Crowbar 8:crowbar-core-5.0+git.1593156248.55bbdb26d-3.41.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:crowbar-core-branding-upstream-5.0+git.1593156248.55bbdb26d-3.41.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:crowbar-openstack-5.0+git.1593085772.64c4ab43c-4.40.2.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-deployment-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-supplement-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-upstream-admin-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-upstream-user-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:grafana-4.6.5-4.9.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kibana-4.6.3-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:openstack-dashboard-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-keystone-doc-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-monasca-installer-20190923_16.32-3.12.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-dhcp-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-doc-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-ha-tool-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-l3-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-macvtap-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-metadata-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-metering-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-server-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-octavia-amphora-image-x86_64-0.1.4-3.12.2.noarch", "SUSE OpenStack Cloud Crowbar 8:python-Django-1.11.23-3.15.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-Flask-0.12.1-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-Pillow-4.2.1-3.5.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:python-amqp-2.4.2-3.12.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-apicapi-1.6.0-3.6.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-horizon-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:python-keystoneauth1-3.1.2~dev2-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:python-oslo.messaging-5.30.8-3.11.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-psutil-5.2.2-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:python-pyroute2-0.4.21-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-pysaml2-4.0.2-5.6.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-tooz-1.58.1-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-crowbar-client-3.9.2-3.12.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-puma-2.16.0-3.9.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:storm-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:storm-nimbus-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:storm-supervisor-1.1.3-3.3.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2020-07-14T12:42:01Z", details: "moderate", }, ], title: "CVE-2020-11077", }, { cve: "CVE-2020-12052", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-12052", }, ], notes: [ { category: "general", text: "Grafana version < 6.7.3 is vulnerable for annotation popup XSS.", title: "CVE description", }, ], product_status: { recommended: [ "HPE Helion OpenStack 8:ansible-2.4.6.0-3.9.1.noarch", "HPE Helion OpenStack 8:ansible1-1.9.6-7.3.1.noarch", "HPE Helion OpenStack 8:ardana-ansible-8.0+git.1589740980.6c3bcdc-3.73.1.noarch", "HPE Helion OpenStack 8:ardana-cluster-8.0+git.1585685203.3e71e49-3.36.1.noarch", "HPE Helion OpenStack 8:ardana-freezer-8.0+git.1586539529.b7d295f-3.21.1.noarch", "HPE Helion OpenStack 8:ardana-input-model-8.0+git.1589740934.0e0ad61-3.39.1.noarch", "HPE Helion OpenStack 8:ardana-logging-8.0+git.1591194866.b7375d0-3.24.1.noarch", "HPE Helion OpenStack 8:ardana-mq-8.0+git.1589715269.62ad6df-3.22.1.noarch", "HPE Helion OpenStack 8:ardana-neutron-8.0+git.1590756744.ba84abc-3.42.1.noarch", "HPE Helion OpenStack 8:ardana-octavia-8.0+git.1590100427.cf4cc8f-3.29.1.noarch", "HPE Helion OpenStack 8:ardana-osconfig-8.0+git.1587034587.eac37b8-3.45.1.noarch", "HPE Helion OpenStack 8:caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-installation-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-operations-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-opsconsole-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-planning-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-security-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-user-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:grafana-4.6.5-4.9.1.x86_64", "HPE Helion OpenStack 8:kibana-4.6.3-3.3.1.x86_64", "HPE Helion OpenStack 8:openstack-dashboard-12.0.5~dev3-3.26.1.noarch", "HPE Helion OpenStack 8:openstack-dashboard-theme-HPE-8+git.1523473653.6599ec8-3.3.1.noarch", "HPE Helion OpenStack 8:openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1.noarch", "HPE Helion OpenStack 8:openstack-keystone-12.0.4~dev11-5.33.2.noarch", "HPE Helion OpenStack 8:openstack-keystone-doc-12.0.4~dev11-5.33.2.noarch", "HPE Helion OpenStack 8:openstack-monasca-agent-2.2.6~dev4-3.18.1.noarch", "HPE Helion OpenStack 8:openstack-monasca-installer-20190923_16.32-3.12.1.noarch", "HPE Helion OpenStack 8:openstack-neutron-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-dhcp-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-doc-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-ha-tool-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-l3-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-macvtap-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-metadata-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-metering-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-server-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-octavia-amphora-image-x86_64-0.1.4-3.12.2.noarch", "HPE Helion OpenStack 8:python-Django-1.11.23-3.15.1.noarch", "HPE Helion OpenStack 8:python-Flask-0.12.1-3.3.1.noarch", "HPE Helion OpenStack 8:python-GitPython-2.1.8-3.3.1.noarch", "HPE Helion OpenStack 8:python-Pillow-4.2.1-3.5.1.x86_64", "HPE Helion OpenStack 8:python-amqp-2.4.2-3.12.1.noarch", "HPE Helion OpenStack 8:python-apicapi-1.6.0-3.6.1.noarch", "HPE Helion OpenStack 8:python-horizon-12.0.5~dev3-3.26.1.noarch", "HPE Helion OpenStack 8:python-keystone-12.0.4~dev11-5.33.2.noarch", "HPE Helion OpenStack 8:python-keystoneauth1-3.1.2~dev2-3.3.1.noarch", "HPE Helion OpenStack 8:python-monasca-agent-2.2.6~dev4-3.18.1.noarch", "HPE Helion OpenStack 8:python-neutron-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:python-oslo.messaging-5.30.8-3.11.1.noarch", "HPE Helion OpenStack 8:python-psutil-5.2.2-3.3.1.x86_64", "HPE Helion OpenStack 8:python-pyroute2-0.4.21-3.3.1.noarch", "HPE Helion OpenStack 8:python-pysaml2-4.0.2-5.6.1.noarch", "HPE Helion OpenStack 8:python-tooz-1.58.1-3.3.1.noarch", "HPE Helion OpenStack 8:python-waitress-1.4.3-3.3.1.noarch", "HPE Helion OpenStack 8:storm-1.1.3-3.3.1.x86_64", "HPE Helion OpenStack 8:storm-nimbus-1.1.3-3.3.1.x86_64", "HPE Helion OpenStack 8:storm-supervisor-1.1.3-3.3.1.x86_64", "HPE Helion OpenStack 8:venv-openstack-aodh-x86_64-5.1.1~dev7-12.26.2.noarch", "HPE Helion OpenStack 8:venv-openstack-barbican-x86_64-5.0.2~dev3-12.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-ceilometer-x86_64-9.0.8~dev7-12.24.2.noarch", "HPE Helion OpenStack 8:venv-openstack-cinder-x86_64-11.2.3~dev23-14.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-designate-x86_64-5.0.3~dev7-12.25.2.noarch", "HPE Helion OpenStack 8:venv-openstack-freezer-x86_64-5.0.0.0~xrc2~dev2-10.22.1.noarch", "HPE Helion OpenStack 8:venv-openstack-glance-x86_64-15.0.3~dev3-12.25.1.noarch", "HPE Helion OpenStack 8:venv-openstack-heat-x86_64-9.0.8~dev22-12.27.1.noarch", "HPE Helion OpenStack 8:venv-openstack-horizon-hpe-x86_64-12.0.5~dev3-14.30.1.noarch", "HPE Helion OpenStack 8:venv-openstack-ironic-x86_64-9.1.8~dev8-12.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-keystone-x86_64-12.0.4~dev11-11.28.2.noarch", "HPE Helion OpenStack 8:venv-openstack-magnum-x86_64-5.0.2_5.0.2_5.0.2~dev31-11.26.2.noarch", "HPE Helion OpenStack 8:venv-openstack-manila-x86_64-5.1.1~dev5-12.31.2.noarch", "HPE Helion OpenStack 8:venv-openstack-monasca-ceilometer-x86_64-1.5.1_1.5.1_1.5.1~dev3-8.22.2.noarch", "HPE Helion OpenStack 8:venv-openstack-monasca-x86_64-2.2.2~dev1-11.22.3.noarch", "HPE Helion OpenStack 8:venv-openstack-murano-x86_64-4.0.2~dev2-12.22.1.noarch", "HPE Helion OpenStack 8:venv-openstack-neutron-x86_64-11.0.9~dev65-13.30.2.noarch", "HPE Helion OpenStack 8:venv-openstack-nova-x86_64-16.1.9~dev61-11.28.2.noarch", "HPE Helion OpenStack 8:venv-openstack-octavia-x86_64-1.0.6~dev3-12.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-sahara-x86_64-7.0.5~dev4-11.26.2.noarch", "HPE Helion OpenStack 8:venv-openstack-swift-x86_64-2.15.2_2.15.2_2.15.2~dev32-11.18.1.noarch", "HPE Helion OpenStack 8:venv-openstack-trove-x86_64-8.0.2~dev2-11.26.1.noarch", "SUSE OpenStack Cloud 8:ansible-2.4.6.0-3.9.1.noarch", "SUSE OpenStack Cloud 8:ansible1-1.9.6-7.3.1.noarch", "SUSE OpenStack Cloud 8:ardana-ansible-8.0+git.1589740980.6c3bcdc-3.73.1.noarch", "SUSE OpenStack Cloud 8:ardana-cluster-8.0+git.1585685203.3e71e49-3.36.1.noarch", "SUSE OpenStack Cloud 8:ardana-freezer-8.0+git.1586539529.b7d295f-3.21.1.noarch", "SUSE OpenStack Cloud 8:ardana-input-model-8.0+git.1589740934.0e0ad61-3.39.1.noarch", "SUSE OpenStack Cloud 8:ardana-logging-8.0+git.1591194866.b7375d0-3.24.1.noarch", "SUSE OpenStack Cloud 8:ardana-mq-8.0+git.1589715269.62ad6df-3.22.1.noarch", "SUSE OpenStack Cloud 8:ardana-neutron-8.0+git.1590756744.ba84abc-3.42.1.noarch", "SUSE OpenStack Cloud 8:ardana-octavia-8.0+git.1590100427.cf4cc8f-3.29.1.noarch", "SUSE OpenStack Cloud 8:ardana-osconfig-8.0+git.1587034587.eac37b8-3.45.1.noarch", "SUSE OpenStack Cloud 8:caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-installation-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-operations-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-opsconsole-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-planning-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-security-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-supplement-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-upstream-admin-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-upstream-user-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-user-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:grafana-4.6.5-4.9.1.x86_64", "SUSE OpenStack Cloud 8:kibana-4.6.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:openstack-dashboard-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud 8:openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1.noarch", "SUSE OpenStack Cloud 8:openstack-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-keystone-doc-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud 8:openstack-monasca-installer-20190923_16.32-3.12.1.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-dhcp-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-doc-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-ha-tool-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-l3-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-macvtap-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-metadata-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-metering-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-server-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-octavia-amphora-image-x86_64-0.1.4-3.12.2.noarch", "SUSE OpenStack Cloud 8:python-Django-1.11.23-3.15.1.noarch", "SUSE OpenStack Cloud 8:python-Flask-0.12.1-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-GitPython-2.1.8-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-Pillow-4.2.1-3.5.1.x86_64", "SUSE OpenStack Cloud 8:python-amqp-2.4.2-3.12.1.noarch", "SUSE OpenStack Cloud 8:python-apicapi-1.6.0-3.6.1.noarch", "SUSE OpenStack Cloud 8:python-horizon-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud 8:python-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud 8:python-keystoneauth1-3.1.2~dev2-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud 8:python-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:python-oslo.messaging-5.30.8-3.11.1.noarch", "SUSE OpenStack Cloud 8:python-psutil-5.2.2-3.3.1.x86_64", "SUSE OpenStack Cloud 8:python-pyroute2-0.4.21-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-pysaml2-4.0.2-5.6.1.noarch", "SUSE OpenStack Cloud 8:python-tooz-1.58.1-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud 8:storm-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:storm-nimbus-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:storm-supervisor-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:venv-openstack-aodh-x86_64-5.1.1~dev7-12.26.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-barbican-x86_64-5.0.2~dev3-12.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-ceilometer-x86_64-9.0.8~dev7-12.24.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-cinder-x86_64-11.2.3~dev23-14.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-designate-x86_64-5.0.3~dev7-12.25.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-freezer-x86_64-5.0.0.0~xrc2~dev2-10.22.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-glance-x86_64-15.0.3~dev3-12.25.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-heat-x86_64-9.0.8~dev22-12.27.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-horizon-x86_64-12.0.5~dev3-14.30.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-ironic-x86_64-9.1.8~dev8-12.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-keystone-x86_64-12.0.4~dev11-11.28.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-magnum-x86_64-5.0.2_5.0.2_5.0.2~dev31-11.26.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-manila-x86_64-5.1.1~dev5-12.31.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-monasca-ceilometer-x86_64-1.5.1_1.5.1_1.5.1~dev3-8.22.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-monasca-x86_64-2.2.2~dev1-11.22.3.noarch", "SUSE OpenStack Cloud 8:venv-openstack-murano-x86_64-4.0.2~dev2-12.22.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-neutron-x86_64-11.0.9~dev65-13.30.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-nova-x86_64-16.1.9~dev61-11.28.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-octavia-x86_64-1.0.6~dev3-12.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-sahara-x86_64-7.0.5~dev4-11.26.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-swift-x86_64-2.15.2_2.15.2_2.15.2~dev32-11.18.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-trove-x86_64-8.0.2~dev2-11.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:ansible-2.4.6.0-3.9.1.noarch", "SUSE OpenStack Cloud Crowbar 8:caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1.noarch", "SUSE OpenStack Cloud Crowbar 8:crowbar-core-5.0+git.1593156248.55bbdb26d-3.41.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:crowbar-core-branding-upstream-5.0+git.1593156248.55bbdb26d-3.41.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:crowbar-openstack-5.0+git.1593085772.64c4ab43c-4.40.2.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-deployment-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-supplement-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-upstream-admin-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-upstream-user-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:grafana-4.6.5-4.9.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kibana-4.6.3-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:openstack-dashboard-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-keystone-doc-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-monasca-installer-20190923_16.32-3.12.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-dhcp-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-doc-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-ha-tool-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-l3-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-macvtap-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-metadata-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-metering-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-server-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-octavia-amphora-image-x86_64-0.1.4-3.12.2.noarch", "SUSE OpenStack Cloud Crowbar 8:python-Django-1.11.23-3.15.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-Flask-0.12.1-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-Pillow-4.2.1-3.5.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:python-amqp-2.4.2-3.12.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-apicapi-1.6.0-3.6.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-horizon-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:python-keystoneauth1-3.1.2~dev2-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:python-oslo.messaging-5.30.8-3.11.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-psutil-5.2.2-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:python-pyroute2-0.4.21-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-pysaml2-4.0.2-5.6.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-tooz-1.58.1-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-crowbar-client-3.9.2-3.12.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-puma-2.16.0-3.9.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:storm-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:storm-nimbus-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:storm-supervisor-1.1.3-3.3.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-12052", url: "https://www.suse.com/security/cve/CVE-2020-12052", }, { category: "external", summary: "SUSE Bug 1170657 for CVE-2020-12052", url: "https://bugzilla.suse.com/1170657", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "HPE Helion OpenStack 8:ansible-2.4.6.0-3.9.1.noarch", "HPE Helion OpenStack 8:ansible1-1.9.6-7.3.1.noarch", "HPE Helion OpenStack 8:ardana-ansible-8.0+git.1589740980.6c3bcdc-3.73.1.noarch", "HPE Helion OpenStack 8:ardana-cluster-8.0+git.1585685203.3e71e49-3.36.1.noarch", "HPE Helion OpenStack 8:ardana-freezer-8.0+git.1586539529.b7d295f-3.21.1.noarch", "HPE Helion OpenStack 8:ardana-input-model-8.0+git.1589740934.0e0ad61-3.39.1.noarch", "HPE Helion OpenStack 8:ardana-logging-8.0+git.1591194866.b7375d0-3.24.1.noarch", "HPE Helion OpenStack 8:ardana-mq-8.0+git.1589715269.62ad6df-3.22.1.noarch", "HPE Helion OpenStack 8:ardana-neutron-8.0+git.1590756744.ba84abc-3.42.1.noarch", "HPE Helion OpenStack 8:ardana-octavia-8.0+git.1590100427.cf4cc8f-3.29.1.noarch", "HPE Helion OpenStack 8:ardana-osconfig-8.0+git.1587034587.eac37b8-3.45.1.noarch", "HPE Helion OpenStack 8:caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-installation-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-operations-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-opsconsole-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-planning-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-security-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-user-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:grafana-4.6.5-4.9.1.x86_64", "HPE Helion OpenStack 8:kibana-4.6.3-3.3.1.x86_64", "HPE Helion OpenStack 8:openstack-dashboard-12.0.5~dev3-3.26.1.noarch", "HPE Helion OpenStack 8:openstack-dashboard-theme-HPE-8+git.1523473653.6599ec8-3.3.1.noarch", "HPE Helion OpenStack 8:openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1.noarch", "HPE Helion OpenStack 8:openstack-keystone-12.0.4~dev11-5.33.2.noarch", "HPE Helion OpenStack 8:openstack-keystone-doc-12.0.4~dev11-5.33.2.noarch", "HPE Helion OpenStack 8:openstack-monasca-agent-2.2.6~dev4-3.18.1.noarch", "HPE Helion OpenStack 8:openstack-monasca-installer-20190923_16.32-3.12.1.noarch", "HPE Helion OpenStack 8:openstack-neutron-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-dhcp-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-doc-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-ha-tool-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-l3-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-macvtap-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-metadata-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-metering-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-server-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-octavia-amphora-image-x86_64-0.1.4-3.12.2.noarch", "HPE Helion OpenStack 8:python-Django-1.11.23-3.15.1.noarch", "HPE Helion OpenStack 8:python-Flask-0.12.1-3.3.1.noarch", "HPE Helion OpenStack 8:python-GitPython-2.1.8-3.3.1.noarch", "HPE Helion OpenStack 8:python-Pillow-4.2.1-3.5.1.x86_64", "HPE Helion OpenStack 8:python-amqp-2.4.2-3.12.1.noarch", "HPE Helion OpenStack 8:python-apicapi-1.6.0-3.6.1.noarch", "HPE Helion OpenStack 8:python-horizon-12.0.5~dev3-3.26.1.noarch", "HPE Helion OpenStack 8:python-keystone-12.0.4~dev11-5.33.2.noarch", "HPE Helion OpenStack 8:python-keystoneauth1-3.1.2~dev2-3.3.1.noarch", "HPE Helion OpenStack 8:python-monasca-agent-2.2.6~dev4-3.18.1.noarch", "HPE Helion OpenStack 8:python-neutron-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:python-oslo.messaging-5.30.8-3.11.1.noarch", "HPE Helion OpenStack 8:python-psutil-5.2.2-3.3.1.x86_64", "HPE Helion OpenStack 8:python-pyroute2-0.4.21-3.3.1.noarch", "HPE Helion OpenStack 8:python-pysaml2-4.0.2-5.6.1.noarch", "HPE Helion OpenStack 8:python-tooz-1.58.1-3.3.1.noarch", "HPE Helion OpenStack 8:python-waitress-1.4.3-3.3.1.noarch", "HPE Helion OpenStack 8:storm-1.1.3-3.3.1.x86_64", "HPE Helion OpenStack 8:storm-nimbus-1.1.3-3.3.1.x86_64", "HPE Helion OpenStack 8:storm-supervisor-1.1.3-3.3.1.x86_64", "HPE Helion OpenStack 8:venv-openstack-aodh-x86_64-5.1.1~dev7-12.26.2.noarch", "HPE Helion OpenStack 8:venv-openstack-barbican-x86_64-5.0.2~dev3-12.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-ceilometer-x86_64-9.0.8~dev7-12.24.2.noarch", "HPE Helion OpenStack 8:venv-openstack-cinder-x86_64-11.2.3~dev23-14.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-designate-x86_64-5.0.3~dev7-12.25.2.noarch", "HPE Helion OpenStack 8:venv-openstack-freezer-x86_64-5.0.0.0~xrc2~dev2-10.22.1.noarch", "HPE Helion OpenStack 8:venv-openstack-glance-x86_64-15.0.3~dev3-12.25.1.noarch", "HPE Helion OpenStack 8:venv-openstack-heat-x86_64-9.0.8~dev22-12.27.1.noarch", "HPE Helion OpenStack 8:venv-openstack-horizon-hpe-x86_64-12.0.5~dev3-14.30.1.noarch", "HPE Helion OpenStack 8:venv-openstack-ironic-x86_64-9.1.8~dev8-12.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-keystone-x86_64-12.0.4~dev11-11.28.2.noarch", "HPE Helion OpenStack 8:venv-openstack-magnum-x86_64-5.0.2_5.0.2_5.0.2~dev31-11.26.2.noarch", "HPE Helion OpenStack 8:venv-openstack-manila-x86_64-5.1.1~dev5-12.31.2.noarch", "HPE Helion OpenStack 8:venv-openstack-monasca-ceilometer-x86_64-1.5.1_1.5.1_1.5.1~dev3-8.22.2.noarch", "HPE Helion OpenStack 8:venv-openstack-monasca-x86_64-2.2.2~dev1-11.22.3.noarch", "HPE Helion OpenStack 8:venv-openstack-murano-x86_64-4.0.2~dev2-12.22.1.noarch", "HPE Helion OpenStack 8:venv-openstack-neutron-x86_64-11.0.9~dev65-13.30.2.noarch", "HPE Helion OpenStack 8:venv-openstack-nova-x86_64-16.1.9~dev61-11.28.2.noarch", "HPE Helion OpenStack 8:venv-openstack-octavia-x86_64-1.0.6~dev3-12.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-sahara-x86_64-7.0.5~dev4-11.26.2.noarch", "HPE Helion OpenStack 8:venv-openstack-swift-x86_64-2.15.2_2.15.2_2.15.2~dev32-11.18.1.noarch", "HPE Helion OpenStack 8:venv-openstack-trove-x86_64-8.0.2~dev2-11.26.1.noarch", "SUSE OpenStack Cloud 8:ansible-2.4.6.0-3.9.1.noarch", "SUSE OpenStack Cloud 8:ansible1-1.9.6-7.3.1.noarch", "SUSE OpenStack Cloud 8:ardana-ansible-8.0+git.1589740980.6c3bcdc-3.73.1.noarch", "SUSE OpenStack Cloud 8:ardana-cluster-8.0+git.1585685203.3e71e49-3.36.1.noarch", "SUSE OpenStack Cloud 8:ardana-freezer-8.0+git.1586539529.b7d295f-3.21.1.noarch", "SUSE OpenStack Cloud 8:ardana-input-model-8.0+git.1589740934.0e0ad61-3.39.1.noarch", "SUSE OpenStack Cloud 8:ardana-logging-8.0+git.1591194866.b7375d0-3.24.1.noarch", "SUSE OpenStack Cloud 8:ardana-mq-8.0+git.1589715269.62ad6df-3.22.1.noarch", "SUSE OpenStack Cloud 8:ardana-neutron-8.0+git.1590756744.ba84abc-3.42.1.noarch", "SUSE OpenStack Cloud 8:ardana-octavia-8.0+git.1590100427.cf4cc8f-3.29.1.noarch", "SUSE OpenStack Cloud 8:ardana-osconfig-8.0+git.1587034587.eac37b8-3.45.1.noarch", "SUSE OpenStack Cloud 8:caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-installation-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-operations-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-opsconsole-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-planning-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-security-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-supplement-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-upstream-admin-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-upstream-user-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-user-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:grafana-4.6.5-4.9.1.x86_64", "SUSE OpenStack Cloud 8:kibana-4.6.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:openstack-dashboard-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud 8:openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1.noarch", "SUSE OpenStack Cloud 8:openstack-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-keystone-doc-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud 8:openstack-monasca-installer-20190923_16.32-3.12.1.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-dhcp-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-doc-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-ha-tool-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-l3-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-macvtap-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-metadata-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-metering-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-server-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-octavia-amphora-image-x86_64-0.1.4-3.12.2.noarch", "SUSE OpenStack Cloud 8:python-Django-1.11.23-3.15.1.noarch", "SUSE OpenStack Cloud 8:python-Flask-0.12.1-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-GitPython-2.1.8-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-Pillow-4.2.1-3.5.1.x86_64", "SUSE OpenStack Cloud 8:python-amqp-2.4.2-3.12.1.noarch", "SUSE OpenStack Cloud 8:python-apicapi-1.6.0-3.6.1.noarch", "SUSE OpenStack Cloud 8:python-horizon-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud 8:python-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud 8:python-keystoneauth1-3.1.2~dev2-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud 8:python-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:python-oslo.messaging-5.30.8-3.11.1.noarch", "SUSE OpenStack Cloud 8:python-psutil-5.2.2-3.3.1.x86_64", "SUSE OpenStack Cloud 8:python-pyroute2-0.4.21-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-pysaml2-4.0.2-5.6.1.noarch", "SUSE OpenStack Cloud 8:python-tooz-1.58.1-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud 8:storm-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:storm-nimbus-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:storm-supervisor-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:venv-openstack-aodh-x86_64-5.1.1~dev7-12.26.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-barbican-x86_64-5.0.2~dev3-12.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-ceilometer-x86_64-9.0.8~dev7-12.24.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-cinder-x86_64-11.2.3~dev23-14.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-designate-x86_64-5.0.3~dev7-12.25.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-freezer-x86_64-5.0.0.0~xrc2~dev2-10.22.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-glance-x86_64-15.0.3~dev3-12.25.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-heat-x86_64-9.0.8~dev22-12.27.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-horizon-x86_64-12.0.5~dev3-14.30.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-ironic-x86_64-9.1.8~dev8-12.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-keystone-x86_64-12.0.4~dev11-11.28.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-magnum-x86_64-5.0.2_5.0.2_5.0.2~dev31-11.26.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-manila-x86_64-5.1.1~dev5-12.31.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-monasca-ceilometer-x86_64-1.5.1_1.5.1_1.5.1~dev3-8.22.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-monasca-x86_64-2.2.2~dev1-11.22.3.noarch", "SUSE OpenStack Cloud 8:venv-openstack-murano-x86_64-4.0.2~dev2-12.22.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-neutron-x86_64-11.0.9~dev65-13.30.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-nova-x86_64-16.1.9~dev61-11.28.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-octavia-x86_64-1.0.6~dev3-12.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-sahara-x86_64-7.0.5~dev4-11.26.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-swift-x86_64-2.15.2_2.15.2_2.15.2~dev32-11.18.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-trove-x86_64-8.0.2~dev2-11.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:ansible-2.4.6.0-3.9.1.noarch", "SUSE OpenStack Cloud Crowbar 8:caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1.noarch", "SUSE OpenStack Cloud Crowbar 8:crowbar-core-5.0+git.1593156248.55bbdb26d-3.41.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:crowbar-core-branding-upstream-5.0+git.1593156248.55bbdb26d-3.41.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:crowbar-openstack-5.0+git.1593085772.64c4ab43c-4.40.2.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-deployment-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-supplement-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-upstream-admin-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-upstream-user-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:grafana-4.6.5-4.9.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kibana-4.6.3-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:openstack-dashboard-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-keystone-doc-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-monasca-installer-20190923_16.32-3.12.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-dhcp-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-doc-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-ha-tool-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-l3-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-macvtap-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-metadata-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-metering-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-server-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-octavia-amphora-image-x86_64-0.1.4-3.12.2.noarch", "SUSE OpenStack Cloud Crowbar 8:python-Django-1.11.23-3.15.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-Flask-0.12.1-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-Pillow-4.2.1-3.5.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:python-amqp-2.4.2-3.12.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-apicapi-1.6.0-3.6.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-horizon-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:python-keystoneauth1-3.1.2~dev2-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:python-oslo.messaging-5.30.8-3.11.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-psutil-5.2.2-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:python-pyroute2-0.4.21-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-pysaml2-4.0.2-5.6.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-tooz-1.58.1-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-crowbar-client-3.9.2-3.12.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-puma-2.16.0-3.9.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:storm-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:storm-nimbus-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:storm-supervisor-1.1.3-3.3.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", version: "3.1", }, products: [ "HPE Helion OpenStack 8:ansible-2.4.6.0-3.9.1.noarch", "HPE Helion OpenStack 8:ansible1-1.9.6-7.3.1.noarch", "HPE Helion OpenStack 8:ardana-ansible-8.0+git.1589740980.6c3bcdc-3.73.1.noarch", "HPE Helion OpenStack 8:ardana-cluster-8.0+git.1585685203.3e71e49-3.36.1.noarch", "HPE Helion OpenStack 8:ardana-freezer-8.0+git.1586539529.b7d295f-3.21.1.noarch", "HPE Helion OpenStack 8:ardana-input-model-8.0+git.1589740934.0e0ad61-3.39.1.noarch", "HPE Helion OpenStack 8:ardana-logging-8.0+git.1591194866.b7375d0-3.24.1.noarch", "HPE Helion OpenStack 8:ardana-mq-8.0+git.1589715269.62ad6df-3.22.1.noarch", "HPE Helion OpenStack 8:ardana-neutron-8.0+git.1590756744.ba84abc-3.42.1.noarch", "HPE Helion OpenStack 8:ardana-octavia-8.0+git.1590100427.cf4cc8f-3.29.1.noarch", "HPE Helion OpenStack 8:ardana-osconfig-8.0+git.1587034587.eac37b8-3.45.1.noarch", "HPE Helion OpenStack 8:caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-installation-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-operations-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-opsconsole-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-planning-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-security-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-user-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:grafana-4.6.5-4.9.1.x86_64", "HPE Helion OpenStack 8:kibana-4.6.3-3.3.1.x86_64", "HPE Helion OpenStack 8:openstack-dashboard-12.0.5~dev3-3.26.1.noarch", "HPE Helion OpenStack 8:openstack-dashboard-theme-HPE-8+git.1523473653.6599ec8-3.3.1.noarch", "HPE Helion OpenStack 8:openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1.noarch", "HPE Helion OpenStack 8:openstack-keystone-12.0.4~dev11-5.33.2.noarch", "HPE Helion OpenStack 8:openstack-keystone-doc-12.0.4~dev11-5.33.2.noarch", "HPE Helion OpenStack 8:openstack-monasca-agent-2.2.6~dev4-3.18.1.noarch", "HPE Helion OpenStack 8:openstack-monasca-installer-20190923_16.32-3.12.1.noarch", "HPE Helion OpenStack 8:openstack-neutron-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-dhcp-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-doc-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-ha-tool-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-l3-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-macvtap-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-metadata-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-metering-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-server-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-octavia-amphora-image-x86_64-0.1.4-3.12.2.noarch", "HPE Helion OpenStack 8:python-Django-1.11.23-3.15.1.noarch", "HPE Helion OpenStack 8:python-Flask-0.12.1-3.3.1.noarch", "HPE Helion OpenStack 8:python-GitPython-2.1.8-3.3.1.noarch", "HPE Helion OpenStack 8:python-Pillow-4.2.1-3.5.1.x86_64", "HPE Helion OpenStack 8:python-amqp-2.4.2-3.12.1.noarch", "HPE Helion OpenStack 8:python-apicapi-1.6.0-3.6.1.noarch", "HPE Helion OpenStack 8:python-horizon-12.0.5~dev3-3.26.1.noarch", "HPE Helion OpenStack 8:python-keystone-12.0.4~dev11-5.33.2.noarch", "HPE Helion OpenStack 8:python-keystoneauth1-3.1.2~dev2-3.3.1.noarch", "HPE Helion OpenStack 8:python-monasca-agent-2.2.6~dev4-3.18.1.noarch", "HPE Helion OpenStack 8:python-neutron-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:python-oslo.messaging-5.30.8-3.11.1.noarch", "HPE Helion OpenStack 8:python-psutil-5.2.2-3.3.1.x86_64", "HPE Helion OpenStack 8:python-pyroute2-0.4.21-3.3.1.noarch", "HPE Helion OpenStack 8:python-pysaml2-4.0.2-5.6.1.noarch", "HPE Helion OpenStack 8:python-tooz-1.58.1-3.3.1.noarch", "HPE Helion OpenStack 8:python-waitress-1.4.3-3.3.1.noarch", "HPE Helion OpenStack 8:storm-1.1.3-3.3.1.x86_64", "HPE Helion OpenStack 8:storm-nimbus-1.1.3-3.3.1.x86_64", "HPE Helion OpenStack 8:storm-supervisor-1.1.3-3.3.1.x86_64", "HPE Helion OpenStack 8:venv-openstack-aodh-x86_64-5.1.1~dev7-12.26.2.noarch", "HPE Helion OpenStack 8:venv-openstack-barbican-x86_64-5.0.2~dev3-12.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-ceilometer-x86_64-9.0.8~dev7-12.24.2.noarch", "HPE Helion OpenStack 8:venv-openstack-cinder-x86_64-11.2.3~dev23-14.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-designate-x86_64-5.0.3~dev7-12.25.2.noarch", "HPE Helion OpenStack 8:venv-openstack-freezer-x86_64-5.0.0.0~xrc2~dev2-10.22.1.noarch", "HPE Helion OpenStack 8:venv-openstack-glance-x86_64-15.0.3~dev3-12.25.1.noarch", "HPE Helion OpenStack 8:venv-openstack-heat-x86_64-9.0.8~dev22-12.27.1.noarch", "HPE Helion OpenStack 8:venv-openstack-horizon-hpe-x86_64-12.0.5~dev3-14.30.1.noarch", "HPE Helion OpenStack 8:venv-openstack-ironic-x86_64-9.1.8~dev8-12.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-keystone-x86_64-12.0.4~dev11-11.28.2.noarch", "HPE Helion OpenStack 8:venv-openstack-magnum-x86_64-5.0.2_5.0.2_5.0.2~dev31-11.26.2.noarch", "HPE Helion OpenStack 8:venv-openstack-manila-x86_64-5.1.1~dev5-12.31.2.noarch", "HPE Helion OpenStack 8:venv-openstack-monasca-ceilometer-x86_64-1.5.1_1.5.1_1.5.1~dev3-8.22.2.noarch", "HPE Helion OpenStack 8:venv-openstack-monasca-x86_64-2.2.2~dev1-11.22.3.noarch", "HPE Helion OpenStack 8:venv-openstack-murano-x86_64-4.0.2~dev2-12.22.1.noarch", "HPE Helion OpenStack 8:venv-openstack-neutron-x86_64-11.0.9~dev65-13.30.2.noarch", "HPE Helion OpenStack 8:venv-openstack-nova-x86_64-16.1.9~dev61-11.28.2.noarch", "HPE Helion OpenStack 8:venv-openstack-octavia-x86_64-1.0.6~dev3-12.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-sahara-x86_64-7.0.5~dev4-11.26.2.noarch", "HPE Helion OpenStack 8:venv-openstack-swift-x86_64-2.15.2_2.15.2_2.15.2~dev32-11.18.1.noarch", "HPE Helion OpenStack 8:venv-openstack-trove-x86_64-8.0.2~dev2-11.26.1.noarch", "SUSE OpenStack Cloud 8:ansible-2.4.6.0-3.9.1.noarch", "SUSE OpenStack Cloud 8:ansible1-1.9.6-7.3.1.noarch", "SUSE OpenStack Cloud 8:ardana-ansible-8.0+git.1589740980.6c3bcdc-3.73.1.noarch", "SUSE OpenStack Cloud 8:ardana-cluster-8.0+git.1585685203.3e71e49-3.36.1.noarch", "SUSE OpenStack Cloud 8:ardana-freezer-8.0+git.1586539529.b7d295f-3.21.1.noarch", "SUSE OpenStack Cloud 8:ardana-input-model-8.0+git.1589740934.0e0ad61-3.39.1.noarch", "SUSE OpenStack Cloud 8:ardana-logging-8.0+git.1591194866.b7375d0-3.24.1.noarch", "SUSE OpenStack Cloud 8:ardana-mq-8.0+git.1589715269.62ad6df-3.22.1.noarch", "SUSE OpenStack Cloud 8:ardana-neutron-8.0+git.1590756744.ba84abc-3.42.1.noarch", "SUSE OpenStack Cloud 8:ardana-octavia-8.0+git.1590100427.cf4cc8f-3.29.1.noarch", "SUSE OpenStack Cloud 8:ardana-osconfig-8.0+git.1587034587.eac37b8-3.45.1.noarch", "SUSE OpenStack Cloud 8:caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-installation-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-operations-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-opsconsole-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-planning-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-security-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-supplement-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-upstream-admin-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-upstream-user-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-user-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:grafana-4.6.5-4.9.1.x86_64", "SUSE OpenStack Cloud 8:kibana-4.6.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:openstack-dashboard-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud 8:openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1.noarch", "SUSE OpenStack Cloud 8:openstack-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-keystone-doc-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud 8:openstack-monasca-installer-20190923_16.32-3.12.1.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-dhcp-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-doc-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-ha-tool-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-l3-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-macvtap-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-metadata-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-metering-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-server-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-octavia-amphora-image-x86_64-0.1.4-3.12.2.noarch", "SUSE OpenStack Cloud 8:python-Django-1.11.23-3.15.1.noarch", "SUSE OpenStack Cloud 8:python-Flask-0.12.1-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-GitPython-2.1.8-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-Pillow-4.2.1-3.5.1.x86_64", "SUSE OpenStack Cloud 8:python-amqp-2.4.2-3.12.1.noarch", "SUSE OpenStack Cloud 8:python-apicapi-1.6.0-3.6.1.noarch", "SUSE OpenStack Cloud 8:python-horizon-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud 8:python-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud 8:python-keystoneauth1-3.1.2~dev2-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud 8:python-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:python-oslo.messaging-5.30.8-3.11.1.noarch", "SUSE OpenStack Cloud 8:python-psutil-5.2.2-3.3.1.x86_64", "SUSE OpenStack Cloud 8:python-pyroute2-0.4.21-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-pysaml2-4.0.2-5.6.1.noarch", "SUSE OpenStack Cloud 8:python-tooz-1.58.1-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud 8:storm-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:storm-nimbus-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:storm-supervisor-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:venv-openstack-aodh-x86_64-5.1.1~dev7-12.26.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-barbican-x86_64-5.0.2~dev3-12.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-ceilometer-x86_64-9.0.8~dev7-12.24.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-cinder-x86_64-11.2.3~dev23-14.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-designate-x86_64-5.0.3~dev7-12.25.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-freezer-x86_64-5.0.0.0~xrc2~dev2-10.22.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-glance-x86_64-15.0.3~dev3-12.25.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-heat-x86_64-9.0.8~dev22-12.27.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-horizon-x86_64-12.0.5~dev3-14.30.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-ironic-x86_64-9.1.8~dev8-12.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-keystone-x86_64-12.0.4~dev11-11.28.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-magnum-x86_64-5.0.2_5.0.2_5.0.2~dev31-11.26.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-manila-x86_64-5.1.1~dev5-12.31.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-monasca-ceilometer-x86_64-1.5.1_1.5.1_1.5.1~dev3-8.22.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-monasca-x86_64-2.2.2~dev1-11.22.3.noarch", "SUSE OpenStack Cloud 8:venv-openstack-murano-x86_64-4.0.2~dev2-12.22.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-neutron-x86_64-11.0.9~dev65-13.30.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-nova-x86_64-16.1.9~dev61-11.28.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-octavia-x86_64-1.0.6~dev3-12.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-sahara-x86_64-7.0.5~dev4-11.26.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-swift-x86_64-2.15.2_2.15.2_2.15.2~dev32-11.18.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-trove-x86_64-8.0.2~dev2-11.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:ansible-2.4.6.0-3.9.1.noarch", "SUSE OpenStack Cloud Crowbar 8:caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1.noarch", "SUSE OpenStack Cloud Crowbar 8:crowbar-core-5.0+git.1593156248.55bbdb26d-3.41.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:crowbar-core-branding-upstream-5.0+git.1593156248.55bbdb26d-3.41.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:crowbar-openstack-5.0+git.1593085772.64c4ab43c-4.40.2.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-deployment-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-supplement-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-upstream-admin-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-upstream-user-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:grafana-4.6.5-4.9.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kibana-4.6.3-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:openstack-dashboard-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-keystone-doc-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-monasca-installer-20190923_16.32-3.12.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-dhcp-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-doc-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-ha-tool-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-l3-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-macvtap-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-metadata-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-metering-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-server-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-octavia-amphora-image-x86_64-0.1.4-3.12.2.noarch", "SUSE OpenStack Cloud Crowbar 8:python-Django-1.11.23-3.15.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-Flask-0.12.1-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-Pillow-4.2.1-3.5.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:python-amqp-2.4.2-3.12.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-apicapi-1.6.0-3.6.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-horizon-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:python-keystoneauth1-3.1.2~dev2-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:python-oslo.messaging-5.30.8-3.11.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-psutil-5.2.2-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:python-pyroute2-0.4.21-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-pysaml2-4.0.2-5.6.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-tooz-1.58.1-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-crowbar-client-3.9.2-3.12.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-puma-2.16.0-3.9.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:storm-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:storm-nimbus-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:storm-supervisor-1.1.3-3.3.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2020-07-14T12:42:01Z", details: "moderate", }, ], title: "CVE-2020-12052", }, { cve: "CVE-2020-13254", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-13254", }, ], notes: [ { category: "general", text: "An issue was discovered in Django 2.2 before 2.2.13 and 3.0 before 3.0.7. In cases where a memcached backend does not perform key validation, passing malformed cache keys could result in a key collision, and potential data leakage.", title: "CVE description", }, ], product_status: { recommended: [ "HPE Helion OpenStack 8:ansible-2.4.6.0-3.9.1.noarch", "HPE Helion OpenStack 8:ansible1-1.9.6-7.3.1.noarch", "HPE Helion OpenStack 8:ardana-ansible-8.0+git.1589740980.6c3bcdc-3.73.1.noarch", "HPE Helion OpenStack 8:ardana-cluster-8.0+git.1585685203.3e71e49-3.36.1.noarch", "HPE Helion OpenStack 8:ardana-freezer-8.0+git.1586539529.b7d295f-3.21.1.noarch", "HPE Helion OpenStack 8:ardana-input-model-8.0+git.1589740934.0e0ad61-3.39.1.noarch", "HPE Helion OpenStack 8:ardana-logging-8.0+git.1591194866.b7375d0-3.24.1.noarch", "HPE Helion OpenStack 8:ardana-mq-8.0+git.1589715269.62ad6df-3.22.1.noarch", "HPE Helion OpenStack 8:ardana-neutron-8.0+git.1590756744.ba84abc-3.42.1.noarch", "HPE Helion OpenStack 8:ardana-octavia-8.0+git.1590100427.cf4cc8f-3.29.1.noarch", "HPE Helion OpenStack 8:ardana-osconfig-8.0+git.1587034587.eac37b8-3.45.1.noarch", "HPE Helion OpenStack 8:caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-installation-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-operations-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-opsconsole-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-planning-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-security-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-user-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:grafana-4.6.5-4.9.1.x86_64", "HPE Helion OpenStack 8:kibana-4.6.3-3.3.1.x86_64", "HPE Helion OpenStack 8:openstack-dashboard-12.0.5~dev3-3.26.1.noarch", "HPE Helion OpenStack 8:openstack-dashboard-theme-HPE-8+git.1523473653.6599ec8-3.3.1.noarch", "HPE Helion OpenStack 8:openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1.noarch", "HPE Helion OpenStack 8:openstack-keystone-12.0.4~dev11-5.33.2.noarch", "HPE Helion OpenStack 8:openstack-keystone-doc-12.0.4~dev11-5.33.2.noarch", "HPE Helion OpenStack 8:openstack-monasca-agent-2.2.6~dev4-3.18.1.noarch", "HPE Helion OpenStack 8:openstack-monasca-installer-20190923_16.32-3.12.1.noarch", "HPE Helion OpenStack 8:openstack-neutron-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-dhcp-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-doc-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-ha-tool-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-l3-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-macvtap-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-metadata-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-metering-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-server-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-octavia-amphora-image-x86_64-0.1.4-3.12.2.noarch", "HPE Helion OpenStack 8:python-Django-1.11.23-3.15.1.noarch", "HPE Helion OpenStack 8:python-Flask-0.12.1-3.3.1.noarch", "HPE Helion OpenStack 8:python-GitPython-2.1.8-3.3.1.noarch", "HPE Helion OpenStack 8:python-Pillow-4.2.1-3.5.1.x86_64", "HPE Helion OpenStack 8:python-amqp-2.4.2-3.12.1.noarch", "HPE Helion OpenStack 8:python-apicapi-1.6.0-3.6.1.noarch", "HPE Helion OpenStack 8:python-horizon-12.0.5~dev3-3.26.1.noarch", "HPE Helion OpenStack 8:python-keystone-12.0.4~dev11-5.33.2.noarch", "HPE Helion OpenStack 8:python-keystoneauth1-3.1.2~dev2-3.3.1.noarch", "HPE Helion OpenStack 8:python-monasca-agent-2.2.6~dev4-3.18.1.noarch", "HPE Helion OpenStack 8:python-neutron-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:python-oslo.messaging-5.30.8-3.11.1.noarch", "HPE Helion OpenStack 8:python-psutil-5.2.2-3.3.1.x86_64", "HPE Helion OpenStack 8:python-pyroute2-0.4.21-3.3.1.noarch", "HPE Helion OpenStack 8:python-pysaml2-4.0.2-5.6.1.noarch", "HPE Helion OpenStack 8:python-tooz-1.58.1-3.3.1.noarch", "HPE Helion OpenStack 8:python-waitress-1.4.3-3.3.1.noarch", "HPE Helion OpenStack 8:storm-1.1.3-3.3.1.x86_64", "HPE Helion OpenStack 8:storm-nimbus-1.1.3-3.3.1.x86_64", "HPE Helion OpenStack 8:storm-supervisor-1.1.3-3.3.1.x86_64", "HPE Helion OpenStack 8:venv-openstack-aodh-x86_64-5.1.1~dev7-12.26.2.noarch", "HPE Helion OpenStack 8:venv-openstack-barbican-x86_64-5.0.2~dev3-12.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-ceilometer-x86_64-9.0.8~dev7-12.24.2.noarch", "HPE Helion OpenStack 8:venv-openstack-cinder-x86_64-11.2.3~dev23-14.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-designate-x86_64-5.0.3~dev7-12.25.2.noarch", "HPE Helion OpenStack 8:venv-openstack-freezer-x86_64-5.0.0.0~xrc2~dev2-10.22.1.noarch", "HPE Helion OpenStack 8:venv-openstack-glance-x86_64-15.0.3~dev3-12.25.1.noarch", "HPE Helion OpenStack 8:venv-openstack-heat-x86_64-9.0.8~dev22-12.27.1.noarch", "HPE Helion OpenStack 8:venv-openstack-horizon-hpe-x86_64-12.0.5~dev3-14.30.1.noarch", "HPE Helion OpenStack 8:venv-openstack-ironic-x86_64-9.1.8~dev8-12.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-keystone-x86_64-12.0.4~dev11-11.28.2.noarch", "HPE Helion OpenStack 8:venv-openstack-magnum-x86_64-5.0.2_5.0.2_5.0.2~dev31-11.26.2.noarch", "HPE Helion OpenStack 8:venv-openstack-manila-x86_64-5.1.1~dev5-12.31.2.noarch", "HPE Helion OpenStack 8:venv-openstack-monasca-ceilometer-x86_64-1.5.1_1.5.1_1.5.1~dev3-8.22.2.noarch", "HPE Helion OpenStack 8:venv-openstack-monasca-x86_64-2.2.2~dev1-11.22.3.noarch", "HPE Helion OpenStack 8:venv-openstack-murano-x86_64-4.0.2~dev2-12.22.1.noarch", "HPE Helion OpenStack 8:venv-openstack-neutron-x86_64-11.0.9~dev65-13.30.2.noarch", "HPE Helion OpenStack 8:venv-openstack-nova-x86_64-16.1.9~dev61-11.28.2.noarch", "HPE Helion OpenStack 8:venv-openstack-octavia-x86_64-1.0.6~dev3-12.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-sahara-x86_64-7.0.5~dev4-11.26.2.noarch", "HPE Helion OpenStack 8:venv-openstack-swift-x86_64-2.15.2_2.15.2_2.15.2~dev32-11.18.1.noarch", "HPE Helion OpenStack 8:venv-openstack-trove-x86_64-8.0.2~dev2-11.26.1.noarch", "SUSE OpenStack Cloud 8:ansible-2.4.6.0-3.9.1.noarch", "SUSE OpenStack Cloud 8:ansible1-1.9.6-7.3.1.noarch", "SUSE OpenStack Cloud 8:ardana-ansible-8.0+git.1589740980.6c3bcdc-3.73.1.noarch", "SUSE OpenStack Cloud 8:ardana-cluster-8.0+git.1585685203.3e71e49-3.36.1.noarch", "SUSE OpenStack Cloud 8:ardana-freezer-8.0+git.1586539529.b7d295f-3.21.1.noarch", "SUSE OpenStack Cloud 8:ardana-input-model-8.0+git.1589740934.0e0ad61-3.39.1.noarch", "SUSE OpenStack Cloud 8:ardana-logging-8.0+git.1591194866.b7375d0-3.24.1.noarch", "SUSE OpenStack Cloud 8:ardana-mq-8.0+git.1589715269.62ad6df-3.22.1.noarch", "SUSE OpenStack Cloud 8:ardana-neutron-8.0+git.1590756744.ba84abc-3.42.1.noarch", "SUSE OpenStack Cloud 8:ardana-octavia-8.0+git.1590100427.cf4cc8f-3.29.1.noarch", "SUSE OpenStack Cloud 8:ardana-osconfig-8.0+git.1587034587.eac37b8-3.45.1.noarch", "SUSE OpenStack Cloud 8:caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-installation-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-operations-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-opsconsole-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-planning-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-security-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-supplement-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-upstream-admin-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-upstream-user-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-user-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:grafana-4.6.5-4.9.1.x86_64", "SUSE OpenStack Cloud 8:kibana-4.6.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:openstack-dashboard-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud 8:openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1.noarch", "SUSE OpenStack Cloud 8:openstack-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-keystone-doc-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud 8:openstack-monasca-installer-20190923_16.32-3.12.1.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-dhcp-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-doc-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-ha-tool-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-l3-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-macvtap-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-metadata-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-metering-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-server-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-octavia-amphora-image-x86_64-0.1.4-3.12.2.noarch", "SUSE OpenStack Cloud 8:python-Django-1.11.23-3.15.1.noarch", "SUSE OpenStack Cloud 8:python-Flask-0.12.1-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-GitPython-2.1.8-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-Pillow-4.2.1-3.5.1.x86_64", "SUSE OpenStack Cloud 8:python-amqp-2.4.2-3.12.1.noarch", "SUSE OpenStack Cloud 8:python-apicapi-1.6.0-3.6.1.noarch", "SUSE OpenStack Cloud 8:python-horizon-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud 8:python-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud 8:python-keystoneauth1-3.1.2~dev2-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud 8:python-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:python-oslo.messaging-5.30.8-3.11.1.noarch", "SUSE OpenStack Cloud 8:python-psutil-5.2.2-3.3.1.x86_64", "SUSE OpenStack Cloud 8:python-pyroute2-0.4.21-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-pysaml2-4.0.2-5.6.1.noarch", "SUSE OpenStack Cloud 8:python-tooz-1.58.1-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud 8:storm-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:storm-nimbus-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:storm-supervisor-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:venv-openstack-aodh-x86_64-5.1.1~dev7-12.26.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-barbican-x86_64-5.0.2~dev3-12.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-ceilometer-x86_64-9.0.8~dev7-12.24.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-cinder-x86_64-11.2.3~dev23-14.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-designate-x86_64-5.0.3~dev7-12.25.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-freezer-x86_64-5.0.0.0~xrc2~dev2-10.22.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-glance-x86_64-15.0.3~dev3-12.25.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-heat-x86_64-9.0.8~dev22-12.27.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-horizon-x86_64-12.0.5~dev3-14.30.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-ironic-x86_64-9.1.8~dev8-12.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-keystone-x86_64-12.0.4~dev11-11.28.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-magnum-x86_64-5.0.2_5.0.2_5.0.2~dev31-11.26.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-manila-x86_64-5.1.1~dev5-12.31.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-monasca-ceilometer-x86_64-1.5.1_1.5.1_1.5.1~dev3-8.22.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-monasca-x86_64-2.2.2~dev1-11.22.3.noarch", "SUSE OpenStack Cloud 8:venv-openstack-murano-x86_64-4.0.2~dev2-12.22.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-neutron-x86_64-11.0.9~dev65-13.30.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-nova-x86_64-16.1.9~dev61-11.28.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-octavia-x86_64-1.0.6~dev3-12.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-sahara-x86_64-7.0.5~dev4-11.26.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-swift-x86_64-2.15.2_2.15.2_2.15.2~dev32-11.18.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-trove-x86_64-8.0.2~dev2-11.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:ansible-2.4.6.0-3.9.1.noarch", "SUSE OpenStack Cloud Crowbar 8:caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1.noarch", "SUSE OpenStack Cloud Crowbar 8:crowbar-core-5.0+git.1593156248.55bbdb26d-3.41.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:crowbar-core-branding-upstream-5.0+git.1593156248.55bbdb26d-3.41.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:crowbar-openstack-5.0+git.1593085772.64c4ab43c-4.40.2.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-deployment-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-supplement-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-upstream-admin-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-upstream-user-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:grafana-4.6.5-4.9.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kibana-4.6.3-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:openstack-dashboard-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-keystone-doc-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-monasca-installer-20190923_16.32-3.12.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-dhcp-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-doc-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-ha-tool-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-l3-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-macvtap-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-metadata-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-metering-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-server-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-octavia-amphora-image-x86_64-0.1.4-3.12.2.noarch", "SUSE OpenStack Cloud Crowbar 8:python-Django-1.11.23-3.15.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-Flask-0.12.1-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-Pillow-4.2.1-3.5.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:python-amqp-2.4.2-3.12.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-apicapi-1.6.0-3.6.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-horizon-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:python-keystoneauth1-3.1.2~dev2-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:python-oslo.messaging-5.30.8-3.11.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-psutil-5.2.2-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:python-pyroute2-0.4.21-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-pysaml2-4.0.2-5.6.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-tooz-1.58.1-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-crowbar-client-3.9.2-3.12.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-puma-2.16.0-3.9.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:storm-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:storm-nimbus-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:storm-supervisor-1.1.3-3.3.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-13254", url: "https://www.suse.com/security/cve/CVE-2020-13254", }, { category: "external", summary: "SUSE Bug 1172166 for CVE-2020-13254", url: "https://bugzilla.suse.com/1172166", }, { category: "external", summary: "SUSE Bug 1172167 for CVE-2020-13254", url: "https://bugzilla.suse.com/1172167", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "HPE Helion OpenStack 8:ansible-2.4.6.0-3.9.1.noarch", "HPE Helion OpenStack 8:ansible1-1.9.6-7.3.1.noarch", "HPE Helion OpenStack 8:ardana-ansible-8.0+git.1589740980.6c3bcdc-3.73.1.noarch", "HPE Helion OpenStack 8:ardana-cluster-8.0+git.1585685203.3e71e49-3.36.1.noarch", "HPE Helion OpenStack 8:ardana-freezer-8.0+git.1586539529.b7d295f-3.21.1.noarch", "HPE Helion OpenStack 8:ardana-input-model-8.0+git.1589740934.0e0ad61-3.39.1.noarch", "HPE Helion OpenStack 8:ardana-logging-8.0+git.1591194866.b7375d0-3.24.1.noarch", "HPE Helion OpenStack 8:ardana-mq-8.0+git.1589715269.62ad6df-3.22.1.noarch", "HPE Helion OpenStack 8:ardana-neutron-8.0+git.1590756744.ba84abc-3.42.1.noarch", "HPE Helion OpenStack 8:ardana-octavia-8.0+git.1590100427.cf4cc8f-3.29.1.noarch", "HPE Helion OpenStack 8:ardana-osconfig-8.0+git.1587034587.eac37b8-3.45.1.noarch", "HPE Helion OpenStack 8:caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-installation-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-operations-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-opsconsole-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-planning-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-security-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-user-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:grafana-4.6.5-4.9.1.x86_64", "HPE Helion OpenStack 8:kibana-4.6.3-3.3.1.x86_64", "HPE Helion OpenStack 8:openstack-dashboard-12.0.5~dev3-3.26.1.noarch", "HPE Helion OpenStack 8:openstack-dashboard-theme-HPE-8+git.1523473653.6599ec8-3.3.1.noarch", "HPE Helion OpenStack 8:openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1.noarch", "HPE Helion OpenStack 8:openstack-keystone-12.0.4~dev11-5.33.2.noarch", "HPE Helion OpenStack 8:openstack-keystone-doc-12.0.4~dev11-5.33.2.noarch", "HPE Helion OpenStack 8:openstack-monasca-agent-2.2.6~dev4-3.18.1.noarch", "HPE Helion OpenStack 8:openstack-monasca-installer-20190923_16.32-3.12.1.noarch", "HPE Helion OpenStack 8:openstack-neutron-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-dhcp-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-doc-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-ha-tool-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-l3-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-macvtap-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-metadata-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-metering-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-server-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-octavia-amphora-image-x86_64-0.1.4-3.12.2.noarch", "HPE Helion OpenStack 8:python-Django-1.11.23-3.15.1.noarch", "HPE Helion OpenStack 8:python-Flask-0.12.1-3.3.1.noarch", "HPE Helion OpenStack 8:python-GitPython-2.1.8-3.3.1.noarch", "HPE Helion OpenStack 8:python-Pillow-4.2.1-3.5.1.x86_64", "HPE Helion OpenStack 8:python-amqp-2.4.2-3.12.1.noarch", "HPE Helion OpenStack 8:python-apicapi-1.6.0-3.6.1.noarch", "HPE Helion OpenStack 8:python-horizon-12.0.5~dev3-3.26.1.noarch", "HPE Helion OpenStack 8:python-keystone-12.0.4~dev11-5.33.2.noarch", "HPE Helion OpenStack 8:python-keystoneauth1-3.1.2~dev2-3.3.1.noarch", "HPE Helion OpenStack 8:python-monasca-agent-2.2.6~dev4-3.18.1.noarch", "HPE Helion OpenStack 8:python-neutron-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:python-oslo.messaging-5.30.8-3.11.1.noarch", "HPE Helion OpenStack 8:python-psutil-5.2.2-3.3.1.x86_64", "HPE Helion OpenStack 8:python-pyroute2-0.4.21-3.3.1.noarch", "HPE Helion OpenStack 8:python-pysaml2-4.0.2-5.6.1.noarch", "HPE Helion OpenStack 8:python-tooz-1.58.1-3.3.1.noarch", "HPE Helion OpenStack 8:python-waitress-1.4.3-3.3.1.noarch", "HPE Helion OpenStack 8:storm-1.1.3-3.3.1.x86_64", "HPE Helion OpenStack 8:storm-nimbus-1.1.3-3.3.1.x86_64", "HPE Helion OpenStack 8:storm-supervisor-1.1.3-3.3.1.x86_64", "HPE Helion OpenStack 8:venv-openstack-aodh-x86_64-5.1.1~dev7-12.26.2.noarch", "HPE Helion OpenStack 8:venv-openstack-barbican-x86_64-5.0.2~dev3-12.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-ceilometer-x86_64-9.0.8~dev7-12.24.2.noarch", "HPE Helion OpenStack 8:venv-openstack-cinder-x86_64-11.2.3~dev23-14.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-designate-x86_64-5.0.3~dev7-12.25.2.noarch", "HPE Helion OpenStack 8:venv-openstack-freezer-x86_64-5.0.0.0~xrc2~dev2-10.22.1.noarch", "HPE Helion OpenStack 8:venv-openstack-glance-x86_64-15.0.3~dev3-12.25.1.noarch", "HPE Helion OpenStack 8:venv-openstack-heat-x86_64-9.0.8~dev22-12.27.1.noarch", "HPE Helion OpenStack 8:venv-openstack-horizon-hpe-x86_64-12.0.5~dev3-14.30.1.noarch", "HPE Helion OpenStack 8:venv-openstack-ironic-x86_64-9.1.8~dev8-12.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-keystone-x86_64-12.0.4~dev11-11.28.2.noarch", "HPE Helion OpenStack 8:venv-openstack-magnum-x86_64-5.0.2_5.0.2_5.0.2~dev31-11.26.2.noarch", "HPE Helion OpenStack 8:venv-openstack-manila-x86_64-5.1.1~dev5-12.31.2.noarch", "HPE Helion OpenStack 8:venv-openstack-monasca-ceilometer-x86_64-1.5.1_1.5.1_1.5.1~dev3-8.22.2.noarch", "HPE Helion OpenStack 8:venv-openstack-monasca-x86_64-2.2.2~dev1-11.22.3.noarch", "HPE Helion OpenStack 8:venv-openstack-murano-x86_64-4.0.2~dev2-12.22.1.noarch", "HPE Helion OpenStack 8:venv-openstack-neutron-x86_64-11.0.9~dev65-13.30.2.noarch", "HPE Helion OpenStack 8:venv-openstack-nova-x86_64-16.1.9~dev61-11.28.2.noarch", "HPE Helion OpenStack 8:venv-openstack-octavia-x86_64-1.0.6~dev3-12.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-sahara-x86_64-7.0.5~dev4-11.26.2.noarch", "HPE Helion OpenStack 8:venv-openstack-swift-x86_64-2.15.2_2.15.2_2.15.2~dev32-11.18.1.noarch", "HPE Helion OpenStack 8:venv-openstack-trove-x86_64-8.0.2~dev2-11.26.1.noarch", "SUSE OpenStack Cloud 8:ansible-2.4.6.0-3.9.1.noarch", "SUSE OpenStack Cloud 8:ansible1-1.9.6-7.3.1.noarch", "SUSE OpenStack Cloud 8:ardana-ansible-8.0+git.1589740980.6c3bcdc-3.73.1.noarch", "SUSE OpenStack Cloud 8:ardana-cluster-8.0+git.1585685203.3e71e49-3.36.1.noarch", "SUSE OpenStack Cloud 8:ardana-freezer-8.0+git.1586539529.b7d295f-3.21.1.noarch", "SUSE OpenStack Cloud 8:ardana-input-model-8.0+git.1589740934.0e0ad61-3.39.1.noarch", "SUSE OpenStack Cloud 8:ardana-logging-8.0+git.1591194866.b7375d0-3.24.1.noarch", "SUSE OpenStack Cloud 8:ardana-mq-8.0+git.1589715269.62ad6df-3.22.1.noarch", "SUSE OpenStack Cloud 8:ardana-neutron-8.0+git.1590756744.ba84abc-3.42.1.noarch", "SUSE OpenStack Cloud 8:ardana-octavia-8.0+git.1590100427.cf4cc8f-3.29.1.noarch", "SUSE OpenStack Cloud 8:ardana-osconfig-8.0+git.1587034587.eac37b8-3.45.1.noarch", "SUSE OpenStack Cloud 8:caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-installation-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-operations-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-opsconsole-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-planning-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-security-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-supplement-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-upstream-admin-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-upstream-user-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-user-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:grafana-4.6.5-4.9.1.x86_64", "SUSE OpenStack Cloud 8:kibana-4.6.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:openstack-dashboard-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud 8:openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1.noarch", "SUSE OpenStack Cloud 8:openstack-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-keystone-doc-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud 8:openstack-monasca-installer-20190923_16.32-3.12.1.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-dhcp-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-doc-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-ha-tool-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-l3-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-macvtap-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-metadata-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-metering-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-server-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-octavia-amphora-image-x86_64-0.1.4-3.12.2.noarch", "SUSE OpenStack Cloud 8:python-Django-1.11.23-3.15.1.noarch", "SUSE OpenStack Cloud 8:python-Flask-0.12.1-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-GitPython-2.1.8-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-Pillow-4.2.1-3.5.1.x86_64", "SUSE OpenStack Cloud 8:python-amqp-2.4.2-3.12.1.noarch", "SUSE OpenStack Cloud 8:python-apicapi-1.6.0-3.6.1.noarch", "SUSE OpenStack Cloud 8:python-horizon-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud 8:python-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud 8:python-keystoneauth1-3.1.2~dev2-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud 8:python-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:python-oslo.messaging-5.30.8-3.11.1.noarch", "SUSE OpenStack Cloud 8:python-psutil-5.2.2-3.3.1.x86_64", "SUSE OpenStack Cloud 8:python-pyroute2-0.4.21-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-pysaml2-4.0.2-5.6.1.noarch", "SUSE OpenStack Cloud 8:python-tooz-1.58.1-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud 8:storm-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:storm-nimbus-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:storm-supervisor-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:venv-openstack-aodh-x86_64-5.1.1~dev7-12.26.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-barbican-x86_64-5.0.2~dev3-12.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-ceilometer-x86_64-9.0.8~dev7-12.24.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-cinder-x86_64-11.2.3~dev23-14.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-designate-x86_64-5.0.3~dev7-12.25.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-freezer-x86_64-5.0.0.0~xrc2~dev2-10.22.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-glance-x86_64-15.0.3~dev3-12.25.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-heat-x86_64-9.0.8~dev22-12.27.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-horizon-x86_64-12.0.5~dev3-14.30.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-ironic-x86_64-9.1.8~dev8-12.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-keystone-x86_64-12.0.4~dev11-11.28.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-magnum-x86_64-5.0.2_5.0.2_5.0.2~dev31-11.26.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-manila-x86_64-5.1.1~dev5-12.31.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-monasca-ceilometer-x86_64-1.5.1_1.5.1_1.5.1~dev3-8.22.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-monasca-x86_64-2.2.2~dev1-11.22.3.noarch", "SUSE OpenStack Cloud 8:venv-openstack-murano-x86_64-4.0.2~dev2-12.22.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-neutron-x86_64-11.0.9~dev65-13.30.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-nova-x86_64-16.1.9~dev61-11.28.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-octavia-x86_64-1.0.6~dev3-12.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-sahara-x86_64-7.0.5~dev4-11.26.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-swift-x86_64-2.15.2_2.15.2_2.15.2~dev32-11.18.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-trove-x86_64-8.0.2~dev2-11.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:ansible-2.4.6.0-3.9.1.noarch", "SUSE OpenStack Cloud Crowbar 8:caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1.noarch", "SUSE OpenStack Cloud Crowbar 8:crowbar-core-5.0+git.1593156248.55bbdb26d-3.41.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:crowbar-core-branding-upstream-5.0+git.1593156248.55bbdb26d-3.41.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:crowbar-openstack-5.0+git.1593085772.64c4ab43c-4.40.2.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-deployment-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-supplement-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-upstream-admin-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-upstream-user-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:grafana-4.6.5-4.9.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kibana-4.6.3-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:openstack-dashboard-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-keystone-doc-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-monasca-installer-20190923_16.32-3.12.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-dhcp-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-doc-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-ha-tool-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-l3-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-macvtap-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-metadata-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-metering-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-server-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-octavia-amphora-image-x86_64-0.1.4-3.12.2.noarch", "SUSE OpenStack Cloud Crowbar 8:python-Django-1.11.23-3.15.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-Flask-0.12.1-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-Pillow-4.2.1-3.5.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:python-amqp-2.4.2-3.12.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-apicapi-1.6.0-3.6.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-horizon-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:python-keystoneauth1-3.1.2~dev2-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:python-oslo.messaging-5.30.8-3.11.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-psutil-5.2.2-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:python-pyroute2-0.4.21-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-pysaml2-4.0.2-5.6.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-tooz-1.58.1-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-crowbar-client-3.9.2-3.12.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-puma-2.16.0-3.9.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:storm-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:storm-nimbus-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:storm-supervisor-1.1.3-3.3.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "HPE Helion OpenStack 8:ansible-2.4.6.0-3.9.1.noarch", "HPE Helion OpenStack 8:ansible1-1.9.6-7.3.1.noarch", "HPE Helion OpenStack 8:ardana-ansible-8.0+git.1589740980.6c3bcdc-3.73.1.noarch", "HPE Helion OpenStack 8:ardana-cluster-8.0+git.1585685203.3e71e49-3.36.1.noarch", "HPE Helion OpenStack 8:ardana-freezer-8.0+git.1586539529.b7d295f-3.21.1.noarch", "HPE Helion OpenStack 8:ardana-input-model-8.0+git.1589740934.0e0ad61-3.39.1.noarch", "HPE Helion OpenStack 8:ardana-logging-8.0+git.1591194866.b7375d0-3.24.1.noarch", "HPE Helion OpenStack 8:ardana-mq-8.0+git.1589715269.62ad6df-3.22.1.noarch", "HPE Helion OpenStack 8:ardana-neutron-8.0+git.1590756744.ba84abc-3.42.1.noarch", "HPE Helion OpenStack 8:ardana-octavia-8.0+git.1590100427.cf4cc8f-3.29.1.noarch", "HPE Helion OpenStack 8:ardana-osconfig-8.0+git.1587034587.eac37b8-3.45.1.noarch", "HPE Helion OpenStack 8:caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-installation-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-operations-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-opsconsole-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-planning-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-security-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-user-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:grafana-4.6.5-4.9.1.x86_64", "HPE Helion OpenStack 8:kibana-4.6.3-3.3.1.x86_64", "HPE Helion OpenStack 8:openstack-dashboard-12.0.5~dev3-3.26.1.noarch", "HPE Helion OpenStack 8:openstack-dashboard-theme-HPE-8+git.1523473653.6599ec8-3.3.1.noarch", "HPE Helion OpenStack 8:openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1.noarch", "HPE Helion OpenStack 8:openstack-keystone-12.0.4~dev11-5.33.2.noarch", "HPE Helion OpenStack 8:openstack-keystone-doc-12.0.4~dev11-5.33.2.noarch", "HPE Helion OpenStack 8:openstack-monasca-agent-2.2.6~dev4-3.18.1.noarch", "HPE Helion OpenStack 8:openstack-monasca-installer-20190923_16.32-3.12.1.noarch", "HPE Helion OpenStack 8:openstack-neutron-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-dhcp-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-doc-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-ha-tool-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-l3-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-macvtap-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-metadata-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-metering-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-server-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-octavia-amphora-image-x86_64-0.1.4-3.12.2.noarch", "HPE Helion OpenStack 8:python-Django-1.11.23-3.15.1.noarch", "HPE Helion OpenStack 8:python-Flask-0.12.1-3.3.1.noarch", "HPE Helion OpenStack 8:python-GitPython-2.1.8-3.3.1.noarch", "HPE Helion OpenStack 8:python-Pillow-4.2.1-3.5.1.x86_64", "HPE Helion OpenStack 8:python-amqp-2.4.2-3.12.1.noarch", "HPE Helion OpenStack 8:python-apicapi-1.6.0-3.6.1.noarch", "HPE Helion OpenStack 8:python-horizon-12.0.5~dev3-3.26.1.noarch", "HPE Helion OpenStack 8:python-keystone-12.0.4~dev11-5.33.2.noarch", "HPE Helion OpenStack 8:python-keystoneauth1-3.1.2~dev2-3.3.1.noarch", "HPE Helion OpenStack 8:python-monasca-agent-2.2.6~dev4-3.18.1.noarch", "HPE Helion OpenStack 8:python-neutron-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:python-oslo.messaging-5.30.8-3.11.1.noarch", "HPE Helion OpenStack 8:python-psutil-5.2.2-3.3.1.x86_64", "HPE Helion OpenStack 8:python-pyroute2-0.4.21-3.3.1.noarch", "HPE Helion OpenStack 8:python-pysaml2-4.0.2-5.6.1.noarch", "HPE Helion OpenStack 8:python-tooz-1.58.1-3.3.1.noarch", "HPE Helion OpenStack 8:python-waitress-1.4.3-3.3.1.noarch", "HPE Helion OpenStack 8:storm-1.1.3-3.3.1.x86_64", "HPE Helion OpenStack 8:storm-nimbus-1.1.3-3.3.1.x86_64", "HPE Helion OpenStack 8:storm-supervisor-1.1.3-3.3.1.x86_64", "HPE Helion OpenStack 8:venv-openstack-aodh-x86_64-5.1.1~dev7-12.26.2.noarch", "HPE Helion OpenStack 8:venv-openstack-barbican-x86_64-5.0.2~dev3-12.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-ceilometer-x86_64-9.0.8~dev7-12.24.2.noarch", "HPE Helion OpenStack 8:venv-openstack-cinder-x86_64-11.2.3~dev23-14.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-designate-x86_64-5.0.3~dev7-12.25.2.noarch", "HPE Helion OpenStack 8:venv-openstack-freezer-x86_64-5.0.0.0~xrc2~dev2-10.22.1.noarch", "HPE Helion OpenStack 8:venv-openstack-glance-x86_64-15.0.3~dev3-12.25.1.noarch", "HPE Helion OpenStack 8:venv-openstack-heat-x86_64-9.0.8~dev22-12.27.1.noarch", "HPE Helion OpenStack 8:venv-openstack-horizon-hpe-x86_64-12.0.5~dev3-14.30.1.noarch", "HPE Helion OpenStack 8:venv-openstack-ironic-x86_64-9.1.8~dev8-12.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-keystone-x86_64-12.0.4~dev11-11.28.2.noarch", "HPE Helion OpenStack 8:venv-openstack-magnum-x86_64-5.0.2_5.0.2_5.0.2~dev31-11.26.2.noarch", "HPE Helion OpenStack 8:venv-openstack-manila-x86_64-5.1.1~dev5-12.31.2.noarch", "HPE Helion OpenStack 8:venv-openstack-monasca-ceilometer-x86_64-1.5.1_1.5.1_1.5.1~dev3-8.22.2.noarch", "HPE Helion OpenStack 8:venv-openstack-monasca-x86_64-2.2.2~dev1-11.22.3.noarch", "HPE Helion OpenStack 8:venv-openstack-murano-x86_64-4.0.2~dev2-12.22.1.noarch", "HPE Helion OpenStack 8:venv-openstack-neutron-x86_64-11.0.9~dev65-13.30.2.noarch", "HPE Helion OpenStack 8:venv-openstack-nova-x86_64-16.1.9~dev61-11.28.2.noarch", "HPE Helion OpenStack 8:venv-openstack-octavia-x86_64-1.0.6~dev3-12.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-sahara-x86_64-7.0.5~dev4-11.26.2.noarch", "HPE Helion OpenStack 8:venv-openstack-swift-x86_64-2.15.2_2.15.2_2.15.2~dev32-11.18.1.noarch", "HPE Helion OpenStack 8:venv-openstack-trove-x86_64-8.0.2~dev2-11.26.1.noarch", "SUSE OpenStack Cloud 8:ansible-2.4.6.0-3.9.1.noarch", "SUSE OpenStack Cloud 8:ansible1-1.9.6-7.3.1.noarch", "SUSE OpenStack Cloud 8:ardana-ansible-8.0+git.1589740980.6c3bcdc-3.73.1.noarch", "SUSE OpenStack Cloud 8:ardana-cluster-8.0+git.1585685203.3e71e49-3.36.1.noarch", "SUSE OpenStack Cloud 8:ardana-freezer-8.0+git.1586539529.b7d295f-3.21.1.noarch", "SUSE OpenStack Cloud 8:ardana-input-model-8.0+git.1589740934.0e0ad61-3.39.1.noarch", "SUSE OpenStack Cloud 8:ardana-logging-8.0+git.1591194866.b7375d0-3.24.1.noarch", "SUSE OpenStack Cloud 8:ardana-mq-8.0+git.1589715269.62ad6df-3.22.1.noarch", "SUSE OpenStack Cloud 8:ardana-neutron-8.0+git.1590756744.ba84abc-3.42.1.noarch", "SUSE OpenStack Cloud 8:ardana-octavia-8.0+git.1590100427.cf4cc8f-3.29.1.noarch", "SUSE OpenStack Cloud 8:ardana-osconfig-8.0+git.1587034587.eac37b8-3.45.1.noarch", "SUSE OpenStack Cloud 8:caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-installation-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-operations-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-opsconsole-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-planning-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-security-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-supplement-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-upstream-admin-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-upstream-user-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-user-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:grafana-4.6.5-4.9.1.x86_64", "SUSE OpenStack Cloud 8:kibana-4.6.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:openstack-dashboard-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud 8:openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1.noarch", "SUSE OpenStack Cloud 8:openstack-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-keystone-doc-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud 8:openstack-monasca-installer-20190923_16.32-3.12.1.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-dhcp-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-doc-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-ha-tool-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-l3-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-macvtap-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-metadata-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-metering-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-server-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-octavia-amphora-image-x86_64-0.1.4-3.12.2.noarch", "SUSE OpenStack Cloud 8:python-Django-1.11.23-3.15.1.noarch", "SUSE OpenStack Cloud 8:python-Flask-0.12.1-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-GitPython-2.1.8-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-Pillow-4.2.1-3.5.1.x86_64", "SUSE OpenStack Cloud 8:python-amqp-2.4.2-3.12.1.noarch", "SUSE OpenStack Cloud 8:python-apicapi-1.6.0-3.6.1.noarch", "SUSE OpenStack Cloud 8:python-horizon-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud 8:python-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud 8:python-keystoneauth1-3.1.2~dev2-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud 8:python-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:python-oslo.messaging-5.30.8-3.11.1.noarch", "SUSE OpenStack Cloud 8:python-psutil-5.2.2-3.3.1.x86_64", "SUSE OpenStack Cloud 8:python-pyroute2-0.4.21-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-pysaml2-4.0.2-5.6.1.noarch", "SUSE OpenStack Cloud 8:python-tooz-1.58.1-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud 8:storm-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:storm-nimbus-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:storm-supervisor-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:venv-openstack-aodh-x86_64-5.1.1~dev7-12.26.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-barbican-x86_64-5.0.2~dev3-12.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-ceilometer-x86_64-9.0.8~dev7-12.24.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-cinder-x86_64-11.2.3~dev23-14.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-designate-x86_64-5.0.3~dev7-12.25.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-freezer-x86_64-5.0.0.0~xrc2~dev2-10.22.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-glance-x86_64-15.0.3~dev3-12.25.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-heat-x86_64-9.0.8~dev22-12.27.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-horizon-x86_64-12.0.5~dev3-14.30.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-ironic-x86_64-9.1.8~dev8-12.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-keystone-x86_64-12.0.4~dev11-11.28.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-magnum-x86_64-5.0.2_5.0.2_5.0.2~dev31-11.26.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-manila-x86_64-5.1.1~dev5-12.31.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-monasca-ceilometer-x86_64-1.5.1_1.5.1_1.5.1~dev3-8.22.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-monasca-x86_64-2.2.2~dev1-11.22.3.noarch", "SUSE OpenStack Cloud 8:venv-openstack-murano-x86_64-4.0.2~dev2-12.22.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-neutron-x86_64-11.0.9~dev65-13.30.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-nova-x86_64-16.1.9~dev61-11.28.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-octavia-x86_64-1.0.6~dev3-12.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-sahara-x86_64-7.0.5~dev4-11.26.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-swift-x86_64-2.15.2_2.15.2_2.15.2~dev32-11.18.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-trove-x86_64-8.0.2~dev2-11.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:ansible-2.4.6.0-3.9.1.noarch", "SUSE OpenStack Cloud Crowbar 8:caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1.noarch", "SUSE OpenStack Cloud Crowbar 8:crowbar-core-5.0+git.1593156248.55bbdb26d-3.41.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:crowbar-core-branding-upstream-5.0+git.1593156248.55bbdb26d-3.41.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:crowbar-openstack-5.0+git.1593085772.64c4ab43c-4.40.2.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-deployment-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-supplement-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-upstream-admin-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-upstream-user-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:grafana-4.6.5-4.9.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kibana-4.6.3-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:openstack-dashboard-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-keystone-doc-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-monasca-installer-20190923_16.32-3.12.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-dhcp-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-doc-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-ha-tool-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-l3-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-macvtap-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-metadata-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-metering-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-server-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-octavia-amphora-image-x86_64-0.1.4-3.12.2.noarch", "SUSE OpenStack Cloud Crowbar 8:python-Django-1.11.23-3.15.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-Flask-0.12.1-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-Pillow-4.2.1-3.5.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:python-amqp-2.4.2-3.12.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-apicapi-1.6.0-3.6.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-horizon-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:python-keystoneauth1-3.1.2~dev2-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:python-oslo.messaging-5.30.8-3.11.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-psutil-5.2.2-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:python-pyroute2-0.4.21-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-pysaml2-4.0.2-5.6.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-tooz-1.58.1-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-crowbar-client-3.9.2-3.12.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-puma-2.16.0-3.9.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:storm-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:storm-nimbus-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:storm-supervisor-1.1.3-3.3.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2020-07-14T12:42:01Z", details: "moderate", }, ], title: "CVE-2020-13254", }, { cve: "CVE-2020-13379", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-13379", }, ], notes: [ { category: "general", text: "The avatar feature in Grafana 3.0.1 through 7.0.1 has an SSRF Incorrect Access Control issue. This vulnerability allows any unauthenticated user/client to make Grafana send HTTP requests to any URL and return its result to the user/client. This can be used to gain information about the network that Grafana is running on. Furthermore, passing invalid URL objects could be used for DOS'ing Grafana via SegFault.", title: "CVE description", }, ], product_status: { recommended: [ "HPE Helion OpenStack 8:ansible-2.4.6.0-3.9.1.noarch", "HPE Helion OpenStack 8:ansible1-1.9.6-7.3.1.noarch", "HPE Helion OpenStack 8:ardana-ansible-8.0+git.1589740980.6c3bcdc-3.73.1.noarch", "HPE Helion OpenStack 8:ardana-cluster-8.0+git.1585685203.3e71e49-3.36.1.noarch", "HPE Helion OpenStack 8:ardana-freezer-8.0+git.1586539529.b7d295f-3.21.1.noarch", "HPE Helion OpenStack 8:ardana-input-model-8.0+git.1589740934.0e0ad61-3.39.1.noarch", "HPE Helion OpenStack 8:ardana-logging-8.0+git.1591194866.b7375d0-3.24.1.noarch", "HPE Helion OpenStack 8:ardana-mq-8.0+git.1589715269.62ad6df-3.22.1.noarch", "HPE Helion OpenStack 8:ardana-neutron-8.0+git.1590756744.ba84abc-3.42.1.noarch", "HPE Helion OpenStack 8:ardana-octavia-8.0+git.1590100427.cf4cc8f-3.29.1.noarch", "HPE Helion OpenStack 8:ardana-osconfig-8.0+git.1587034587.eac37b8-3.45.1.noarch", "HPE Helion OpenStack 8:caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-installation-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-operations-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-opsconsole-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-planning-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-security-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-user-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:grafana-4.6.5-4.9.1.x86_64", "HPE Helion OpenStack 8:kibana-4.6.3-3.3.1.x86_64", "HPE Helion OpenStack 8:openstack-dashboard-12.0.5~dev3-3.26.1.noarch", "HPE Helion OpenStack 8:openstack-dashboard-theme-HPE-8+git.1523473653.6599ec8-3.3.1.noarch", "HPE Helion OpenStack 8:openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1.noarch", "HPE Helion OpenStack 8:openstack-keystone-12.0.4~dev11-5.33.2.noarch", "HPE Helion OpenStack 8:openstack-keystone-doc-12.0.4~dev11-5.33.2.noarch", "HPE Helion OpenStack 8:openstack-monasca-agent-2.2.6~dev4-3.18.1.noarch", "HPE Helion OpenStack 8:openstack-monasca-installer-20190923_16.32-3.12.1.noarch", "HPE Helion OpenStack 8:openstack-neutron-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-dhcp-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-doc-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-ha-tool-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-l3-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-macvtap-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-metadata-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-metering-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-server-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-octavia-amphora-image-x86_64-0.1.4-3.12.2.noarch", "HPE Helion OpenStack 8:python-Django-1.11.23-3.15.1.noarch", "HPE Helion OpenStack 8:python-Flask-0.12.1-3.3.1.noarch", "HPE Helion OpenStack 8:python-GitPython-2.1.8-3.3.1.noarch", "HPE Helion OpenStack 8:python-Pillow-4.2.1-3.5.1.x86_64", "HPE Helion OpenStack 8:python-amqp-2.4.2-3.12.1.noarch", "HPE Helion OpenStack 8:python-apicapi-1.6.0-3.6.1.noarch", "HPE Helion OpenStack 8:python-horizon-12.0.5~dev3-3.26.1.noarch", "HPE Helion OpenStack 8:python-keystone-12.0.4~dev11-5.33.2.noarch", "HPE Helion OpenStack 8:python-keystoneauth1-3.1.2~dev2-3.3.1.noarch", "HPE Helion OpenStack 8:python-monasca-agent-2.2.6~dev4-3.18.1.noarch", "HPE Helion OpenStack 8:python-neutron-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:python-oslo.messaging-5.30.8-3.11.1.noarch", "HPE Helion OpenStack 8:python-psutil-5.2.2-3.3.1.x86_64", "HPE Helion OpenStack 8:python-pyroute2-0.4.21-3.3.1.noarch", "HPE Helion OpenStack 8:python-pysaml2-4.0.2-5.6.1.noarch", "HPE Helion OpenStack 8:python-tooz-1.58.1-3.3.1.noarch", "HPE Helion OpenStack 8:python-waitress-1.4.3-3.3.1.noarch", "HPE Helion OpenStack 8:storm-1.1.3-3.3.1.x86_64", "HPE Helion OpenStack 8:storm-nimbus-1.1.3-3.3.1.x86_64", "HPE Helion OpenStack 8:storm-supervisor-1.1.3-3.3.1.x86_64", "HPE Helion OpenStack 8:venv-openstack-aodh-x86_64-5.1.1~dev7-12.26.2.noarch", "HPE Helion OpenStack 8:venv-openstack-barbican-x86_64-5.0.2~dev3-12.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-ceilometer-x86_64-9.0.8~dev7-12.24.2.noarch", "HPE Helion OpenStack 8:venv-openstack-cinder-x86_64-11.2.3~dev23-14.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-designate-x86_64-5.0.3~dev7-12.25.2.noarch", "HPE Helion OpenStack 8:venv-openstack-freezer-x86_64-5.0.0.0~xrc2~dev2-10.22.1.noarch", "HPE Helion OpenStack 8:venv-openstack-glance-x86_64-15.0.3~dev3-12.25.1.noarch", "HPE Helion OpenStack 8:venv-openstack-heat-x86_64-9.0.8~dev22-12.27.1.noarch", "HPE Helion OpenStack 8:venv-openstack-horizon-hpe-x86_64-12.0.5~dev3-14.30.1.noarch", "HPE Helion OpenStack 8:venv-openstack-ironic-x86_64-9.1.8~dev8-12.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-keystone-x86_64-12.0.4~dev11-11.28.2.noarch", "HPE Helion OpenStack 8:venv-openstack-magnum-x86_64-5.0.2_5.0.2_5.0.2~dev31-11.26.2.noarch", "HPE Helion OpenStack 8:venv-openstack-manila-x86_64-5.1.1~dev5-12.31.2.noarch", "HPE Helion OpenStack 8:venv-openstack-monasca-ceilometer-x86_64-1.5.1_1.5.1_1.5.1~dev3-8.22.2.noarch", "HPE Helion OpenStack 8:venv-openstack-monasca-x86_64-2.2.2~dev1-11.22.3.noarch", "HPE Helion OpenStack 8:venv-openstack-murano-x86_64-4.0.2~dev2-12.22.1.noarch", "HPE Helion OpenStack 8:venv-openstack-neutron-x86_64-11.0.9~dev65-13.30.2.noarch", "HPE Helion OpenStack 8:venv-openstack-nova-x86_64-16.1.9~dev61-11.28.2.noarch", "HPE Helion OpenStack 8:venv-openstack-octavia-x86_64-1.0.6~dev3-12.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-sahara-x86_64-7.0.5~dev4-11.26.2.noarch", "HPE Helion OpenStack 8:venv-openstack-swift-x86_64-2.15.2_2.15.2_2.15.2~dev32-11.18.1.noarch", "HPE Helion OpenStack 8:venv-openstack-trove-x86_64-8.0.2~dev2-11.26.1.noarch", "SUSE OpenStack Cloud 8:ansible-2.4.6.0-3.9.1.noarch", "SUSE OpenStack Cloud 8:ansible1-1.9.6-7.3.1.noarch", "SUSE OpenStack Cloud 8:ardana-ansible-8.0+git.1589740980.6c3bcdc-3.73.1.noarch", "SUSE OpenStack Cloud 8:ardana-cluster-8.0+git.1585685203.3e71e49-3.36.1.noarch", "SUSE OpenStack Cloud 8:ardana-freezer-8.0+git.1586539529.b7d295f-3.21.1.noarch", "SUSE OpenStack Cloud 8:ardana-input-model-8.0+git.1589740934.0e0ad61-3.39.1.noarch", "SUSE OpenStack Cloud 8:ardana-logging-8.0+git.1591194866.b7375d0-3.24.1.noarch", "SUSE OpenStack Cloud 8:ardana-mq-8.0+git.1589715269.62ad6df-3.22.1.noarch", "SUSE OpenStack Cloud 8:ardana-neutron-8.0+git.1590756744.ba84abc-3.42.1.noarch", "SUSE OpenStack Cloud 8:ardana-octavia-8.0+git.1590100427.cf4cc8f-3.29.1.noarch", "SUSE OpenStack Cloud 8:ardana-osconfig-8.0+git.1587034587.eac37b8-3.45.1.noarch", "SUSE OpenStack Cloud 8:caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-installation-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-operations-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-opsconsole-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-planning-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-security-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-supplement-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-upstream-admin-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-upstream-user-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-user-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:grafana-4.6.5-4.9.1.x86_64", "SUSE OpenStack Cloud 8:kibana-4.6.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:openstack-dashboard-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud 8:openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1.noarch", "SUSE OpenStack Cloud 8:openstack-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-keystone-doc-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud 8:openstack-monasca-installer-20190923_16.32-3.12.1.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-dhcp-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-doc-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-ha-tool-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-l3-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-macvtap-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-metadata-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-metering-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-server-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-octavia-amphora-image-x86_64-0.1.4-3.12.2.noarch", "SUSE OpenStack Cloud 8:python-Django-1.11.23-3.15.1.noarch", "SUSE OpenStack Cloud 8:python-Flask-0.12.1-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-GitPython-2.1.8-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-Pillow-4.2.1-3.5.1.x86_64", "SUSE OpenStack Cloud 8:python-amqp-2.4.2-3.12.1.noarch", "SUSE OpenStack Cloud 8:python-apicapi-1.6.0-3.6.1.noarch", "SUSE OpenStack Cloud 8:python-horizon-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud 8:python-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud 8:python-keystoneauth1-3.1.2~dev2-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud 8:python-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:python-oslo.messaging-5.30.8-3.11.1.noarch", "SUSE OpenStack Cloud 8:python-psutil-5.2.2-3.3.1.x86_64", "SUSE OpenStack Cloud 8:python-pyroute2-0.4.21-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-pysaml2-4.0.2-5.6.1.noarch", "SUSE OpenStack Cloud 8:python-tooz-1.58.1-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud 8:storm-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:storm-nimbus-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:storm-supervisor-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:venv-openstack-aodh-x86_64-5.1.1~dev7-12.26.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-barbican-x86_64-5.0.2~dev3-12.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-ceilometer-x86_64-9.0.8~dev7-12.24.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-cinder-x86_64-11.2.3~dev23-14.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-designate-x86_64-5.0.3~dev7-12.25.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-freezer-x86_64-5.0.0.0~xrc2~dev2-10.22.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-glance-x86_64-15.0.3~dev3-12.25.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-heat-x86_64-9.0.8~dev22-12.27.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-horizon-x86_64-12.0.5~dev3-14.30.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-ironic-x86_64-9.1.8~dev8-12.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-keystone-x86_64-12.0.4~dev11-11.28.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-magnum-x86_64-5.0.2_5.0.2_5.0.2~dev31-11.26.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-manila-x86_64-5.1.1~dev5-12.31.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-monasca-ceilometer-x86_64-1.5.1_1.5.1_1.5.1~dev3-8.22.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-monasca-x86_64-2.2.2~dev1-11.22.3.noarch", "SUSE OpenStack Cloud 8:venv-openstack-murano-x86_64-4.0.2~dev2-12.22.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-neutron-x86_64-11.0.9~dev65-13.30.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-nova-x86_64-16.1.9~dev61-11.28.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-octavia-x86_64-1.0.6~dev3-12.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-sahara-x86_64-7.0.5~dev4-11.26.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-swift-x86_64-2.15.2_2.15.2_2.15.2~dev32-11.18.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-trove-x86_64-8.0.2~dev2-11.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:ansible-2.4.6.0-3.9.1.noarch", "SUSE OpenStack Cloud Crowbar 8:caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1.noarch", "SUSE OpenStack Cloud Crowbar 8:crowbar-core-5.0+git.1593156248.55bbdb26d-3.41.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:crowbar-core-branding-upstream-5.0+git.1593156248.55bbdb26d-3.41.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:crowbar-openstack-5.0+git.1593085772.64c4ab43c-4.40.2.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-deployment-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-supplement-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-upstream-admin-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-upstream-user-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:grafana-4.6.5-4.9.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kibana-4.6.3-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:openstack-dashboard-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-keystone-doc-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-monasca-installer-20190923_16.32-3.12.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-dhcp-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-doc-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-ha-tool-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-l3-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-macvtap-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-metadata-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-metering-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-server-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-octavia-amphora-image-x86_64-0.1.4-3.12.2.noarch", "SUSE OpenStack Cloud Crowbar 8:python-Django-1.11.23-3.15.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-Flask-0.12.1-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-Pillow-4.2.1-3.5.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:python-amqp-2.4.2-3.12.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-apicapi-1.6.0-3.6.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-horizon-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:python-keystoneauth1-3.1.2~dev2-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:python-oslo.messaging-5.30.8-3.11.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-psutil-5.2.2-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:python-pyroute2-0.4.21-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-pysaml2-4.0.2-5.6.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-tooz-1.58.1-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-crowbar-client-3.9.2-3.12.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-puma-2.16.0-3.9.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:storm-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:storm-nimbus-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:storm-supervisor-1.1.3-3.3.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-13379", url: "https://www.suse.com/security/cve/CVE-2020-13379", }, { category: "external", summary: "SUSE Bug 1172409 for CVE-2020-13379", url: "https://bugzilla.suse.com/1172409", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "HPE Helion OpenStack 8:ansible-2.4.6.0-3.9.1.noarch", "HPE Helion OpenStack 8:ansible1-1.9.6-7.3.1.noarch", "HPE Helion OpenStack 8:ardana-ansible-8.0+git.1589740980.6c3bcdc-3.73.1.noarch", "HPE Helion OpenStack 8:ardana-cluster-8.0+git.1585685203.3e71e49-3.36.1.noarch", "HPE Helion OpenStack 8:ardana-freezer-8.0+git.1586539529.b7d295f-3.21.1.noarch", "HPE Helion OpenStack 8:ardana-input-model-8.0+git.1589740934.0e0ad61-3.39.1.noarch", "HPE Helion OpenStack 8:ardana-logging-8.0+git.1591194866.b7375d0-3.24.1.noarch", "HPE Helion OpenStack 8:ardana-mq-8.0+git.1589715269.62ad6df-3.22.1.noarch", "HPE Helion OpenStack 8:ardana-neutron-8.0+git.1590756744.ba84abc-3.42.1.noarch", "HPE Helion OpenStack 8:ardana-octavia-8.0+git.1590100427.cf4cc8f-3.29.1.noarch", "HPE Helion OpenStack 8:ardana-osconfig-8.0+git.1587034587.eac37b8-3.45.1.noarch", "HPE Helion OpenStack 8:caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-installation-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-operations-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-opsconsole-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-planning-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-security-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-user-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:grafana-4.6.5-4.9.1.x86_64", "HPE Helion OpenStack 8:kibana-4.6.3-3.3.1.x86_64", "HPE Helion OpenStack 8:openstack-dashboard-12.0.5~dev3-3.26.1.noarch", "HPE Helion OpenStack 8:openstack-dashboard-theme-HPE-8+git.1523473653.6599ec8-3.3.1.noarch", "HPE Helion OpenStack 8:openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1.noarch", "HPE Helion OpenStack 8:openstack-keystone-12.0.4~dev11-5.33.2.noarch", "HPE Helion OpenStack 8:openstack-keystone-doc-12.0.4~dev11-5.33.2.noarch", "HPE Helion OpenStack 8:openstack-monasca-agent-2.2.6~dev4-3.18.1.noarch", "HPE Helion OpenStack 8:openstack-monasca-installer-20190923_16.32-3.12.1.noarch", "HPE Helion OpenStack 8:openstack-neutron-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-dhcp-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-doc-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-ha-tool-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-l3-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-macvtap-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-metadata-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-metering-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-server-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-octavia-amphora-image-x86_64-0.1.4-3.12.2.noarch", "HPE Helion OpenStack 8:python-Django-1.11.23-3.15.1.noarch", "HPE Helion OpenStack 8:python-Flask-0.12.1-3.3.1.noarch", "HPE Helion OpenStack 8:python-GitPython-2.1.8-3.3.1.noarch", "HPE Helion OpenStack 8:python-Pillow-4.2.1-3.5.1.x86_64", "HPE Helion OpenStack 8:python-amqp-2.4.2-3.12.1.noarch", "HPE Helion OpenStack 8:python-apicapi-1.6.0-3.6.1.noarch", "HPE Helion OpenStack 8:python-horizon-12.0.5~dev3-3.26.1.noarch", "HPE Helion OpenStack 8:python-keystone-12.0.4~dev11-5.33.2.noarch", "HPE Helion OpenStack 8:python-keystoneauth1-3.1.2~dev2-3.3.1.noarch", "HPE Helion OpenStack 8:python-monasca-agent-2.2.6~dev4-3.18.1.noarch", "HPE Helion OpenStack 8:python-neutron-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:python-oslo.messaging-5.30.8-3.11.1.noarch", "HPE Helion OpenStack 8:python-psutil-5.2.2-3.3.1.x86_64", "HPE Helion OpenStack 8:python-pyroute2-0.4.21-3.3.1.noarch", "HPE Helion OpenStack 8:python-pysaml2-4.0.2-5.6.1.noarch", "HPE Helion OpenStack 8:python-tooz-1.58.1-3.3.1.noarch", "HPE Helion OpenStack 8:python-waitress-1.4.3-3.3.1.noarch", "HPE Helion OpenStack 8:storm-1.1.3-3.3.1.x86_64", "HPE Helion OpenStack 8:storm-nimbus-1.1.3-3.3.1.x86_64", "HPE Helion OpenStack 8:storm-supervisor-1.1.3-3.3.1.x86_64", "HPE Helion OpenStack 8:venv-openstack-aodh-x86_64-5.1.1~dev7-12.26.2.noarch", "HPE Helion OpenStack 8:venv-openstack-barbican-x86_64-5.0.2~dev3-12.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-ceilometer-x86_64-9.0.8~dev7-12.24.2.noarch", "HPE Helion OpenStack 8:venv-openstack-cinder-x86_64-11.2.3~dev23-14.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-designate-x86_64-5.0.3~dev7-12.25.2.noarch", "HPE Helion OpenStack 8:venv-openstack-freezer-x86_64-5.0.0.0~xrc2~dev2-10.22.1.noarch", "HPE Helion OpenStack 8:venv-openstack-glance-x86_64-15.0.3~dev3-12.25.1.noarch", "HPE Helion OpenStack 8:venv-openstack-heat-x86_64-9.0.8~dev22-12.27.1.noarch", "HPE Helion OpenStack 8:venv-openstack-horizon-hpe-x86_64-12.0.5~dev3-14.30.1.noarch", "HPE Helion OpenStack 8:venv-openstack-ironic-x86_64-9.1.8~dev8-12.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-keystone-x86_64-12.0.4~dev11-11.28.2.noarch", "HPE Helion OpenStack 8:venv-openstack-magnum-x86_64-5.0.2_5.0.2_5.0.2~dev31-11.26.2.noarch", "HPE Helion OpenStack 8:venv-openstack-manila-x86_64-5.1.1~dev5-12.31.2.noarch", "HPE Helion OpenStack 8:venv-openstack-monasca-ceilometer-x86_64-1.5.1_1.5.1_1.5.1~dev3-8.22.2.noarch", "HPE Helion OpenStack 8:venv-openstack-monasca-x86_64-2.2.2~dev1-11.22.3.noarch", "HPE Helion OpenStack 8:venv-openstack-murano-x86_64-4.0.2~dev2-12.22.1.noarch", "HPE Helion OpenStack 8:venv-openstack-neutron-x86_64-11.0.9~dev65-13.30.2.noarch", "HPE Helion OpenStack 8:venv-openstack-nova-x86_64-16.1.9~dev61-11.28.2.noarch", "HPE Helion OpenStack 8:venv-openstack-octavia-x86_64-1.0.6~dev3-12.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-sahara-x86_64-7.0.5~dev4-11.26.2.noarch", "HPE Helion OpenStack 8:venv-openstack-swift-x86_64-2.15.2_2.15.2_2.15.2~dev32-11.18.1.noarch", "HPE Helion OpenStack 8:venv-openstack-trove-x86_64-8.0.2~dev2-11.26.1.noarch", "SUSE OpenStack Cloud 8:ansible-2.4.6.0-3.9.1.noarch", "SUSE OpenStack Cloud 8:ansible1-1.9.6-7.3.1.noarch", "SUSE OpenStack Cloud 8:ardana-ansible-8.0+git.1589740980.6c3bcdc-3.73.1.noarch", "SUSE OpenStack Cloud 8:ardana-cluster-8.0+git.1585685203.3e71e49-3.36.1.noarch", "SUSE OpenStack Cloud 8:ardana-freezer-8.0+git.1586539529.b7d295f-3.21.1.noarch", "SUSE OpenStack Cloud 8:ardana-input-model-8.0+git.1589740934.0e0ad61-3.39.1.noarch", "SUSE OpenStack Cloud 8:ardana-logging-8.0+git.1591194866.b7375d0-3.24.1.noarch", "SUSE OpenStack Cloud 8:ardana-mq-8.0+git.1589715269.62ad6df-3.22.1.noarch", "SUSE OpenStack Cloud 8:ardana-neutron-8.0+git.1590756744.ba84abc-3.42.1.noarch", "SUSE OpenStack Cloud 8:ardana-octavia-8.0+git.1590100427.cf4cc8f-3.29.1.noarch", "SUSE OpenStack Cloud 8:ardana-osconfig-8.0+git.1587034587.eac37b8-3.45.1.noarch", "SUSE OpenStack Cloud 8:caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-installation-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-operations-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-opsconsole-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-planning-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-security-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-supplement-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-upstream-admin-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-upstream-user-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-user-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:grafana-4.6.5-4.9.1.x86_64", "SUSE OpenStack Cloud 8:kibana-4.6.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:openstack-dashboard-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud 8:openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1.noarch", "SUSE OpenStack Cloud 8:openstack-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-keystone-doc-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud 8:openstack-monasca-installer-20190923_16.32-3.12.1.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-dhcp-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-doc-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-ha-tool-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-l3-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-macvtap-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-metadata-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-metering-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-server-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-octavia-amphora-image-x86_64-0.1.4-3.12.2.noarch", "SUSE OpenStack Cloud 8:python-Django-1.11.23-3.15.1.noarch", "SUSE OpenStack Cloud 8:python-Flask-0.12.1-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-GitPython-2.1.8-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-Pillow-4.2.1-3.5.1.x86_64", "SUSE OpenStack Cloud 8:python-amqp-2.4.2-3.12.1.noarch", "SUSE OpenStack Cloud 8:python-apicapi-1.6.0-3.6.1.noarch", "SUSE OpenStack Cloud 8:python-horizon-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud 8:python-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud 8:python-keystoneauth1-3.1.2~dev2-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud 8:python-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:python-oslo.messaging-5.30.8-3.11.1.noarch", "SUSE OpenStack Cloud 8:python-psutil-5.2.2-3.3.1.x86_64", "SUSE OpenStack Cloud 8:python-pyroute2-0.4.21-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-pysaml2-4.0.2-5.6.1.noarch", "SUSE OpenStack Cloud 8:python-tooz-1.58.1-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud 8:storm-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:storm-nimbus-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:storm-supervisor-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:venv-openstack-aodh-x86_64-5.1.1~dev7-12.26.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-barbican-x86_64-5.0.2~dev3-12.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-ceilometer-x86_64-9.0.8~dev7-12.24.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-cinder-x86_64-11.2.3~dev23-14.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-designate-x86_64-5.0.3~dev7-12.25.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-freezer-x86_64-5.0.0.0~xrc2~dev2-10.22.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-glance-x86_64-15.0.3~dev3-12.25.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-heat-x86_64-9.0.8~dev22-12.27.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-horizon-x86_64-12.0.5~dev3-14.30.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-ironic-x86_64-9.1.8~dev8-12.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-keystone-x86_64-12.0.4~dev11-11.28.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-magnum-x86_64-5.0.2_5.0.2_5.0.2~dev31-11.26.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-manila-x86_64-5.1.1~dev5-12.31.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-monasca-ceilometer-x86_64-1.5.1_1.5.1_1.5.1~dev3-8.22.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-monasca-x86_64-2.2.2~dev1-11.22.3.noarch", "SUSE OpenStack Cloud 8:venv-openstack-murano-x86_64-4.0.2~dev2-12.22.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-neutron-x86_64-11.0.9~dev65-13.30.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-nova-x86_64-16.1.9~dev61-11.28.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-octavia-x86_64-1.0.6~dev3-12.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-sahara-x86_64-7.0.5~dev4-11.26.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-swift-x86_64-2.15.2_2.15.2_2.15.2~dev32-11.18.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-trove-x86_64-8.0.2~dev2-11.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:ansible-2.4.6.0-3.9.1.noarch", "SUSE OpenStack Cloud Crowbar 8:caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1.noarch", "SUSE OpenStack Cloud Crowbar 8:crowbar-core-5.0+git.1593156248.55bbdb26d-3.41.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:crowbar-core-branding-upstream-5.0+git.1593156248.55bbdb26d-3.41.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:crowbar-openstack-5.0+git.1593085772.64c4ab43c-4.40.2.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-deployment-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-supplement-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-upstream-admin-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-upstream-user-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:grafana-4.6.5-4.9.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kibana-4.6.3-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:openstack-dashboard-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-keystone-doc-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-monasca-installer-20190923_16.32-3.12.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-dhcp-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-doc-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-ha-tool-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-l3-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-macvtap-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-metadata-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-metering-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-server-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-octavia-amphora-image-x86_64-0.1.4-3.12.2.noarch", "SUSE OpenStack Cloud Crowbar 8:python-Django-1.11.23-3.15.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-Flask-0.12.1-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-Pillow-4.2.1-3.5.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:python-amqp-2.4.2-3.12.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-apicapi-1.6.0-3.6.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-horizon-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:python-keystoneauth1-3.1.2~dev2-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:python-oslo.messaging-5.30.8-3.11.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-psutil-5.2.2-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:python-pyroute2-0.4.21-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-pysaml2-4.0.2-5.6.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-tooz-1.58.1-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-crowbar-client-3.9.2-3.12.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-puma-2.16.0-3.9.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:storm-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:storm-nimbus-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:storm-supervisor-1.1.3-3.3.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "HPE Helion OpenStack 8:ansible-2.4.6.0-3.9.1.noarch", "HPE Helion OpenStack 8:ansible1-1.9.6-7.3.1.noarch", "HPE Helion OpenStack 8:ardana-ansible-8.0+git.1589740980.6c3bcdc-3.73.1.noarch", "HPE Helion OpenStack 8:ardana-cluster-8.0+git.1585685203.3e71e49-3.36.1.noarch", "HPE Helion OpenStack 8:ardana-freezer-8.0+git.1586539529.b7d295f-3.21.1.noarch", "HPE Helion OpenStack 8:ardana-input-model-8.0+git.1589740934.0e0ad61-3.39.1.noarch", "HPE Helion OpenStack 8:ardana-logging-8.0+git.1591194866.b7375d0-3.24.1.noarch", "HPE Helion OpenStack 8:ardana-mq-8.0+git.1589715269.62ad6df-3.22.1.noarch", "HPE Helion OpenStack 8:ardana-neutron-8.0+git.1590756744.ba84abc-3.42.1.noarch", "HPE Helion OpenStack 8:ardana-octavia-8.0+git.1590100427.cf4cc8f-3.29.1.noarch", "HPE Helion OpenStack 8:ardana-osconfig-8.0+git.1587034587.eac37b8-3.45.1.noarch", "HPE Helion OpenStack 8:caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-installation-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-operations-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-opsconsole-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-planning-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-security-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-user-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:grafana-4.6.5-4.9.1.x86_64", "HPE Helion OpenStack 8:kibana-4.6.3-3.3.1.x86_64", "HPE Helion OpenStack 8:openstack-dashboard-12.0.5~dev3-3.26.1.noarch", "HPE Helion OpenStack 8:openstack-dashboard-theme-HPE-8+git.1523473653.6599ec8-3.3.1.noarch", "HPE Helion OpenStack 8:openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1.noarch", "HPE Helion OpenStack 8:openstack-keystone-12.0.4~dev11-5.33.2.noarch", "HPE Helion OpenStack 8:openstack-keystone-doc-12.0.4~dev11-5.33.2.noarch", "HPE Helion OpenStack 8:openstack-monasca-agent-2.2.6~dev4-3.18.1.noarch", "HPE Helion OpenStack 8:openstack-monasca-installer-20190923_16.32-3.12.1.noarch", "HPE Helion OpenStack 8:openstack-neutron-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-dhcp-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-doc-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-ha-tool-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-l3-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-macvtap-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-metadata-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-metering-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-server-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-octavia-amphora-image-x86_64-0.1.4-3.12.2.noarch", "HPE Helion OpenStack 8:python-Django-1.11.23-3.15.1.noarch", "HPE Helion OpenStack 8:python-Flask-0.12.1-3.3.1.noarch", "HPE Helion OpenStack 8:python-GitPython-2.1.8-3.3.1.noarch", "HPE Helion OpenStack 8:python-Pillow-4.2.1-3.5.1.x86_64", "HPE Helion OpenStack 8:python-amqp-2.4.2-3.12.1.noarch", "HPE Helion OpenStack 8:python-apicapi-1.6.0-3.6.1.noarch", "HPE Helion OpenStack 8:python-horizon-12.0.5~dev3-3.26.1.noarch", "HPE Helion OpenStack 8:python-keystone-12.0.4~dev11-5.33.2.noarch", "HPE Helion OpenStack 8:python-keystoneauth1-3.1.2~dev2-3.3.1.noarch", "HPE Helion OpenStack 8:python-monasca-agent-2.2.6~dev4-3.18.1.noarch", "HPE Helion OpenStack 8:python-neutron-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:python-oslo.messaging-5.30.8-3.11.1.noarch", "HPE Helion OpenStack 8:python-psutil-5.2.2-3.3.1.x86_64", "HPE Helion OpenStack 8:python-pyroute2-0.4.21-3.3.1.noarch", "HPE Helion OpenStack 8:python-pysaml2-4.0.2-5.6.1.noarch", "HPE Helion OpenStack 8:python-tooz-1.58.1-3.3.1.noarch", "HPE Helion OpenStack 8:python-waitress-1.4.3-3.3.1.noarch", "HPE Helion OpenStack 8:storm-1.1.3-3.3.1.x86_64", "HPE Helion OpenStack 8:storm-nimbus-1.1.3-3.3.1.x86_64", "HPE Helion OpenStack 8:storm-supervisor-1.1.3-3.3.1.x86_64", "HPE Helion OpenStack 8:venv-openstack-aodh-x86_64-5.1.1~dev7-12.26.2.noarch", "HPE Helion OpenStack 8:venv-openstack-barbican-x86_64-5.0.2~dev3-12.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-ceilometer-x86_64-9.0.8~dev7-12.24.2.noarch", "HPE Helion OpenStack 8:venv-openstack-cinder-x86_64-11.2.3~dev23-14.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-designate-x86_64-5.0.3~dev7-12.25.2.noarch", "HPE Helion OpenStack 8:venv-openstack-freezer-x86_64-5.0.0.0~xrc2~dev2-10.22.1.noarch", "HPE Helion OpenStack 8:venv-openstack-glance-x86_64-15.0.3~dev3-12.25.1.noarch", "HPE Helion OpenStack 8:venv-openstack-heat-x86_64-9.0.8~dev22-12.27.1.noarch", "HPE Helion OpenStack 8:venv-openstack-horizon-hpe-x86_64-12.0.5~dev3-14.30.1.noarch", "HPE Helion OpenStack 8:venv-openstack-ironic-x86_64-9.1.8~dev8-12.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-keystone-x86_64-12.0.4~dev11-11.28.2.noarch", "HPE Helion OpenStack 8:venv-openstack-magnum-x86_64-5.0.2_5.0.2_5.0.2~dev31-11.26.2.noarch", "HPE Helion OpenStack 8:venv-openstack-manila-x86_64-5.1.1~dev5-12.31.2.noarch", "HPE Helion OpenStack 8:venv-openstack-monasca-ceilometer-x86_64-1.5.1_1.5.1_1.5.1~dev3-8.22.2.noarch", "HPE Helion OpenStack 8:venv-openstack-monasca-x86_64-2.2.2~dev1-11.22.3.noarch", "HPE Helion OpenStack 8:venv-openstack-murano-x86_64-4.0.2~dev2-12.22.1.noarch", "HPE Helion OpenStack 8:venv-openstack-neutron-x86_64-11.0.9~dev65-13.30.2.noarch", "HPE Helion OpenStack 8:venv-openstack-nova-x86_64-16.1.9~dev61-11.28.2.noarch", "HPE Helion OpenStack 8:venv-openstack-octavia-x86_64-1.0.6~dev3-12.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-sahara-x86_64-7.0.5~dev4-11.26.2.noarch", "HPE Helion OpenStack 8:venv-openstack-swift-x86_64-2.15.2_2.15.2_2.15.2~dev32-11.18.1.noarch", "HPE Helion OpenStack 8:venv-openstack-trove-x86_64-8.0.2~dev2-11.26.1.noarch", "SUSE OpenStack Cloud 8:ansible-2.4.6.0-3.9.1.noarch", "SUSE OpenStack Cloud 8:ansible1-1.9.6-7.3.1.noarch", "SUSE OpenStack Cloud 8:ardana-ansible-8.0+git.1589740980.6c3bcdc-3.73.1.noarch", "SUSE OpenStack Cloud 8:ardana-cluster-8.0+git.1585685203.3e71e49-3.36.1.noarch", "SUSE OpenStack Cloud 8:ardana-freezer-8.0+git.1586539529.b7d295f-3.21.1.noarch", "SUSE OpenStack Cloud 8:ardana-input-model-8.0+git.1589740934.0e0ad61-3.39.1.noarch", "SUSE OpenStack Cloud 8:ardana-logging-8.0+git.1591194866.b7375d0-3.24.1.noarch", "SUSE OpenStack Cloud 8:ardana-mq-8.0+git.1589715269.62ad6df-3.22.1.noarch", "SUSE OpenStack Cloud 8:ardana-neutron-8.0+git.1590756744.ba84abc-3.42.1.noarch", "SUSE OpenStack Cloud 8:ardana-octavia-8.0+git.1590100427.cf4cc8f-3.29.1.noarch", "SUSE OpenStack Cloud 8:ardana-osconfig-8.0+git.1587034587.eac37b8-3.45.1.noarch", "SUSE OpenStack Cloud 8:caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-installation-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-operations-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-opsconsole-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-planning-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-security-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-supplement-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-upstream-admin-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-upstream-user-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-user-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:grafana-4.6.5-4.9.1.x86_64", "SUSE OpenStack Cloud 8:kibana-4.6.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:openstack-dashboard-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud 8:openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1.noarch", "SUSE OpenStack Cloud 8:openstack-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-keystone-doc-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud 8:openstack-monasca-installer-20190923_16.32-3.12.1.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-dhcp-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-doc-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-ha-tool-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-l3-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-macvtap-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-metadata-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-metering-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-server-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-octavia-amphora-image-x86_64-0.1.4-3.12.2.noarch", "SUSE OpenStack Cloud 8:python-Django-1.11.23-3.15.1.noarch", "SUSE OpenStack Cloud 8:python-Flask-0.12.1-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-GitPython-2.1.8-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-Pillow-4.2.1-3.5.1.x86_64", "SUSE OpenStack Cloud 8:python-amqp-2.4.2-3.12.1.noarch", "SUSE OpenStack Cloud 8:python-apicapi-1.6.0-3.6.1.noarch", "SUSE OpenStack Cloud 8:python-horizon-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud 8:python-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud 8:python-keystoneauth1-3.1.2~dev2-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud 8:python-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:python-oslo.messaging-5.30.8-3.11.1.noarch", "SUSE OpenStack Cloud 8:python-psutil-5.2.2-3.3.1.x86_64", "SUSE OpenStack Cloud 8:python-pyroute2-0.4.21-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-pysaml2-4.0.2-5.6.1.noarch", "SUSE OpenStack Cloud 8:python-tooz-1.58.1-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud 8:storm-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:storm-nimbus-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:storm-supervisor-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:venv-openstack-aodh-x86_64-5.1.1~dev7-12.26.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-barbican-x86_64-5.0.2~dev3-12.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-ceilometer-x86_64-9.0.8~dev7-12.24.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-cinder-x86_64-11.2.3~dev23-14.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-designate-x86_64-5.0.3~dev7-12.25.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-freezer-x86_64-5.0.0.0~xrc2~dev2-10.22.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-glance-x86_64-15.0.3~dev3-12.25.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-heat-x86_64-9.0.8~dev22-12.27.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-horizon-x86_64-12.0.5~dev3-14.30.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-ironic-x86_64-9.1.8~dev8-12.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-keystone-x86_64-12.0.4~dev11-11.28.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-magnum-x86_64-5.0.2_5.0.2_5.0.2~dev31-11.26.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-manila-x86_64-5.1.1~dev5-12.31.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-monasca-ceilometer-x86_64-1.5.1_1.5.1_1.5.1~dev3-8.22.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-monasca-x86_64-2.2.2~dev1-11.22.3.noarch", "SUSE OpenStack Cloud 8:venv-openstack-murano-x86_64-4.0.2~dev2-12.22.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-neutron-x86_64-11.0.9~dev65-13.30.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-nova-x86_64-16.1.9~dev61-11.28.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-octavia-x86_64-1.0.6~dev3-12.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-sahara-x86_64-7.0.5~dev4-11.26.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-swift-x86_64-2.15.2_2.15.2_2.15.2~dev32-11.18.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-trove-x86_64-8.0.2~dev2-11.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:ansible-2.4.6.0-3.9.1.noarch", "SUSE OpenStack Cloud Crowbar 8:caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1.noarch", "SUSE OpenStack Cloud Crowbar 8:crowbar-core-5.0+git.1593156248.55bbdb26d-3.41.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:crowbar-core-branding-upstream-5.0+git.1593156248.55bbdb26d-3.41.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:crowbar-openstack-5.0+git.1593085772.64c4ab43c-4.40.2.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-deployment-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-supplement-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-upstream-admin-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-upstream-user-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:grafana-4.6.5-4.9.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kibana-4.6.3-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:openstack-dashboard-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-keystone-doc-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-monasca-installer-20190923_16.32-3.12.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-dhcp-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-doc-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-ha-tool-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-l3-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-macvtap-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-metadata-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-metering-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-server-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-octavia-amphora-image-x86_64-0.1.4-3.12.2.noarch", "SUSE OpenStack Cloud Crowbar 8:python-Django-1.11.23-3.15.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-Flask-0.12.1-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-Pillow-4.2.1-3.5.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:python-amqp-2.4.2-3.12.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-apicapi-1.6.0-3.6.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-horizon-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:python-keystoneauth1-3.1.2~dev2-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:python-oslo.messaging-5.30.8-3.11.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-psutil-5.2.2-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:python-pyroute2-0.4.21-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-pysaml2-4.0.2-5.6.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-tooz-1.58.1-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-crowbar-client-3.9.2-3.12.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-puma-2.16.0-3.9.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:storm-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:storm-nimbus-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:storm-supervisor-1.1.3-3.3.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2020-07-14T12:42:01Z", details: "important", }, ], title: "CVE-2020-13379", }, { cve: "CVE-2020-13596", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-13596", }, ], notes: [ { category: "general", text: "An issue was discovered in Django 2.2 before 2.2.13 and 3.0 before 3.0.7. Query parameters generated by the Django admin ForeignKeyRawIdWidget were not properly URL encoded, leading to a possibility of an XSS attack.", title: "CVE description", }, ], product_status: { recommended: [ "HPE Helion OpenStack 8:ansible-2.4.6.0-3.9.1.noarch", "HPE Helion OpenStack 8:ansible1-1.9.6-7.3.1.noarch", "HPE Helion OpenStack 8:ardana-ansible-8.0+git.1589740980.6c3bcdc-3.73.1.noarch", "HPE Helion OpenStack 8:ardana-cluster-8.0+git.1585685203.3e71e49-3.36.1.noarch", "HPE Helion OpenStack 8:ardana-freezer-8.0+git.1586539529.b7d295f-3.21.1.noarch", "HPE Helion OpenStack 8:ardana-input-model-8.0+git.1589740934.0e0ad61-3.39.1.noarch", "HPE Helion OpenStack 8:ardana-logging-8.0+git.1591194866.b7375d0-3.24.1.noarch", "HPE Helion OpenStack 8:ardana-mq-8.0+git.1589715269.62ad6df-3.22.1.noarch", "HPE Helion OpenStack 8:ardana-neutron-8.0+git.1590756744.ba84abc-3.42.1.noarch", "HPE Helion OpenStack 8:ardana-octavia-8.0+git.1590100427.cf4cc8f-3.29.1.noarch", "HPE Helion OpenStack 8:ardana-osconfig-8.0+git.1587034587.eac37b8-3.45.1.noarch", "HPE Helion OpenStack 8:caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-installation-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-operations-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-opsconsole-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-planning-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-security-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-user-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:grafana-4.6.5-4.9.1.x86_64", "HPE Helion OpenStack 8:kibana-4.6.3-3.3.1.x86_64", "HPE Helion OpenStack 8:openstack-dashboard-12.0.5~dev3-3.26.1.noarch", "HPE Helion OpenStack 8:openstack-dashboard-theme-HPE-8+git.1523473653.6599ec8-3.3.1.noarch", "HPE Helion OpenStack 8:openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1.noarch", "HPE Helion OpenStack 8:openstack-keystone-12.0.4~dev11-5.33.2.noarch", "HPE Helion OpenStack 8:openstack-keystone-doc-12.0.4~dev11-5.33.2.noarch", "HPE Helion OpenStack 8:openstack-monasca-agent-2.2.6~dev4-3.18.1.noarch", "HPE Helion OpenStack 8:openstack-monasca-installer-20190923_16.32-3.12.1.noarch", "HPE Helion OpenStack 8:openstack-neutron-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-dhcp-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-doc-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-ha-tool-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-l3-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-macvtap-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-metadata-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-metering-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-server-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-octavia-amphora-image-x86_64-0.1.4-3.12.2.noarch", "HPE Helion OpenStack 8:python-Django-1.11.23-3.15.1.noarch", "HPE Helion OpenStack 8:python-Flask-0.12.1-3.3.1.noarch", "HPE Helion OpenStack 8:python-GitPython-2.1.8-3.3.1.noarch", "HPE Helion OpenStack 8:python-Pillow-4.2.1-3.5.1.x86_64", "HPE Helion OpenStack 8:python-amqp-2.4.2-3.12.1.noarch", "HPE Helion OpenStack 8:python-apicapi-1.6.0-3.6.1.noarch", "HPE Helion OpenStack 8:python-horizon-12.0.5~dev3-3.26.1.noarch", "HPE Helion OpenStack 8:python-keystone-12.0.4~dev11-5.33.2.noarch", "HPE Helion OpenStack 8:python-keystoneauth1-3.1.2~dev2-3.3.1.noarch", "HPE Helion OpenStack 8:python-monasca-agent-2.2.6~dev4-3.18.1.noarch", "HPE Helion OpenStack 8:python-neutron-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:python-oslo.messaging-5.30.8-3.11.1.noarch", "HPE Helion OpenStack 8:python-psutil-5.2.2-3.3.1.x86_64", "HPE Helion OpenStack 8:python-pyroute2-0.4.21-3.3.1.noarch", "HPE Helion OpenStack 8:python-pysaml2-4.0.2-5.6.1.noarch", "HPE Helion OpenStack 8:python-tooz-1.58.1-3.3.1.noarch", "HPE Helion OpenStack 8:python-waitress-1.4.3-3.3.1.noarch", "HPE Helion OpenStack 8:storm-1.1.3-3.3.1.x86_64", "HPE Helion OpenStack 8:storm-nimbus-1.1.3-3.3.1.x86_64", "HPE Helion OpenStack 8:storm-supervisor-1.1.3-3.3.1.x86_64", "HPE Helion OpenStack 8:venv-openstack-aodh-x86_64-5.1.1~dev7-12.26.2.noarch", "HPE Helion OpenStack 8:venv-openstack-barbican-x86_64-5.0.2~dev3-12.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-ceilometer-x86_64-9.0.8~dev7-12.24.2.noarch", "HPE Helion OpenStack 8:venv-openstack-cinder-x86_64-11.2.3~dev23-14.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-designate-x86_64-5.0.3~dev7-12.25.2.noarch", "HPE Helion OpenStack 8:venv-openstack-freezer-x86_64-5.0.0.0~xrc2~dev2-10.22.1.noarch", "HPE Helion OpenStack 8:venv-openstack-glance-x86_64-15.0.3~dev3-12.25.1.noarch", "HPE Helion OpenStack 8:venv-openstack-heat-x86_64-9.0.8~dev22-12.27.1.noarch", "HPE Helion OpenStack 8:venv-openstack-horizon-hpe-x86_64-12.0.5~dev3-14.30.1.noarch", "HPE Helion OpenStack 8:venv-openstack-ironic-x86_64-9.1.8~dev8-12.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-keystone-x86_64-12.0.4~dev11-11.28.2.noarch", "HPE Helion OpenStack 8:venv-openstack-magnum-x86_64-5.0.2_5.0.2_5.0.2~dev31-11.26.2.noarch", "HPE Helion OpenStack 8:venv-openstack-manila-x86_64-5.1.1~dev5-12.31.2.noarch", "HPE Helion OpenStack 8:venv-openstack-monasca-ceilometer-x86_64-1.5.1_1.5.1_1.5.1~dev3-8.22.2.noarch", "HPE Helion OpenStack 8:venv-openstack-monasca-x86_64-2.2.2~dev1-11.22.3.noarch", "HPE Helion OpenStack 8:venv-openstack-murano-x86_64-4.0.2~dev2-12.22.1.noarch", "HPE Helion OpenStack 8:venv-openstack-neutron-x86_64-11.0.9~dev65-13.30.2.noarch", "HPE Helion OpenStack 8:venv-openstack-nova-x86_64-16.1.9~dev61-11.28.2.noarch", "HPE Helion OpenStack 8:venv-openstack-octavia-x86_64-1.0.6~dev3-12.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-sahara-x86_64-7.0.5~dev4-11.26.2.noarch", "HPE Helion OpenStack 8:venv-openstack-swift-x86_64-2.15.2_2.15.2_2.15.2~dev32-11.18.1.noarch", "HPE Helion OpenStack 8:venv-openstack-trove-x86_64-8.0.2~dev2-11.26.1.noarch", "SUSE OpenStack Cloud 8:ansible-2.4.6.0-3.9.1.noarch", "SUSE OpenStack Cloud 8:ansible1-1.9.6-7.3.1.noarch", "SUSE OpenStack Cloud 8:ardana-ansible-8.0+git.1589740980.6c3bcdc-3.73.1.noarch", "SUSE OpenStack Cloud 8:ardana-cluster-8.0+git.1585685203.3e71e49-3.36.1.noarch", "SUSE OpenStack Cloud 8:ardana-freezer-8.0+git.1586539529.b7d295f-3.21.1.noarch", "SUSE OpenStack Cloud 8:ardana-input-model-8.0+git.1589740934.0e0ad61-3.39.1.noarch", "SUSE OpenStack Cloud 8:ardana-logging-8.0+git.1591194866.b7375d0-3.24.1.noarch", "SUSE OpenStack Cloud 8:ardana-mq-8.0+git.1589715269.62ad6df-3.22.1.noarch", "SUSE OpenStack Cloud 8:ardana-neutron-8.0+git.1590756744.ba84abc-3.42.1.noarch", "SUSE OpenStack Cloud 8:ardana-octavia-8.0+git.1590100427.cf4cc8f-3.29.1.noarch", "SUSE OpenStack Cloud 8:ardana-osconfig-8.0+git.1587034587.eac37b8-3.45.1.noarch", "SUSE OpenStack Cloud 8:caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-installation-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-operations-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-opsconsole-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-planning-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-security-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-supplement-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-upstream-admin-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-upstream-user-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-user-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:grafana-4.6.5-4.9.1.x86_64", "SUSE OpenStack Cloud 8:kibana-4.6.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:openstack-dashboard-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud 8:openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1.noarch", "SUSE OpenStack Cloud 8:openstack-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-keystone-doc-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud 8:openstack-monasca-installer-20190923_16.32-3.12.1.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-dhcp-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-doc-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-ha-tool-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-l3-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-macvtap-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-metadata-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-metering-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-server-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-octavia-amphora-image-x86_64-0.1.4-3.12.2.noarch", "SUSE OpenStack Cloud 8:python-Django-1.11.23-3.15.1.noarch", "SUSE OpenStack Cloud 8:python-Flask-0.12.1-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-GitPython-2.1.8-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-Pillow-4.2.1-3.5.1.x86_64", "SUSE OpenStack Cloud 8:python-amqp-2.4.2-3.12.1.noarch", "SUSE OpenStack Cloud 8:python-apicapi-1.6.0-3.6.1.noarch", "SUSE OpenStack Cloud 8:python-horizon-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud 8:python-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud 8:python-keystoneauth1-3.1.2~dev2-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud 8:python-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:python-oslo.messaging-5.30.8-3.11.1.noarch", "SUSE OpenStack Cloud 8:python-psutil-5.2.2-3.3.1.x86_64", "SUSE OpenStack Cloud 8:python-pyroute2-0.4.21-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-pysaml2-4.0.2-5.6.1.noarch", "SUSE OpenStack Cloud 8:python-tooz-1.58.1-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud 8:storm-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:storm-nimbus-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:storm-supervisor-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:venv-openstack-aodh-x86_64-5.1.1~dev7-12.26.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-barbican-x86_64-5.0.2~dev3-12.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-ceilometer-x86_64-9.0.8~dev7-12.24.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-cinder-x86_64-11.2.3~dev23-14.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-designate-x86_64-5.0.3~dev7-12.25.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-freezer-x86_64-5.0.0.0~xrc2~dev2-10.22.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-glance-x86_64-15.0.3~dev3-12.25.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-heat-x86_64-9.0.8~dev22-12.27.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-horizon-x86_64-12.0.5~dev3-14.30.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-ironic-x86_64-9.1.8~dev8-12.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-keystone-x86_64-12.0.4~dev11-11.28.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-magnum-x86_64-5.0.2_5.0.2_5.0.2~dev31-11.26.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-manila-x86_64-5.1.1~dev5-12.31.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-monasca-ceilometer-x86_64-1.5.1_1.5.1_1.5.1~dev3-8.22.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-monasca-x86_64-2.2.2~dev1-11.22.3.noarch", "SUSE OpenStack Cloud 8:venv-openstack-murano-x86_64-4.0.2~dev2-12.22.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-neutron-x86_64-11.0.9~dev65-13.30.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-nova-x86_64-16.1.9~dev61-11.28.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-octavia-x86_64-1.0.6~dev3-12.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-sahara-x86_64-7.0.5~dev4-11.26.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-swift-x86_64-2.15.2_2.15.2_2.15.2~dev32-11.18.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-trove-x86_64-8.0.2~dev2-11.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:ansible-2.4.6.0-3.9.1.noarch", "SUSE OpenStack Cloud Crowbar 8:caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1.noarch", "SUSE OpenStack Cloud Crowbar 8:crowbar-core-5.0+git.1593156248.55bbdb26d-3.41.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:crowbar-core-branding-upstream-5.0+git.1593156248.55bbdb26d-3.41.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:crowbar-openstack-5.0+git.1593085772.64c4ab43c-4.40.2.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-deployment-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-supplement-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-upstream-admin-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-upstream-user-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:grafana-4.6.5-4.9.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kibana-4.6.3-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:openstack-dashboard-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-keystone-doc-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-monasca-installer-20190923_16.32-3.12.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-dhcp-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-doc-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-ha-tool-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-l3-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-macvtap-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-metadata-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-metering-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-server-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-octavia-amphora-image-x86_64-0.1.4-3.12.2.noarch", "SUSE OpenStack Cloud Crowbar 8:python-Django-1.11.23-3.15.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-Flask-0.12.1-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-Pillow-4.2.1-3.5.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:python-amqp-2.4.2-3.12.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-apicapi-1.6.0-3.6.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-horizon-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:python-keystoneauth1-3.1.2~dev2-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:python-oslo.messaging-5.30.8-3.11.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-psutil-5.2.2-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:python-pyroute2-0.4.21-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-pysaml2-4.0.2-5.6.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-tooz-1.58.1-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-crowbar-client-3.9.2-3.12.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-puma-2.16.0-3.9.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:storm-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:storm-nimbus-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:storm-supervisor-1.1.3-3.3.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-13596", url: "https://www.suse.com/security/cve/CVE-2020-13596", }, { category: "external", summary: "SUSE Bug 1172166 for CVE-2020-13596", url: "https://bugzilla.suse.com/1172166", }, { category: "external", summary: "SUSE Bug 1172167 for CVE-2020-13596", url: "https://bugzilla.suse.com/1172167", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "HPE Helion OpenStack 8:ansible-2.4.6.0-3.9.1.noarch", "HPE Helion OpenStack 8:ansible1-1.9.6-7.3.1.noarch", "HPE Helion OpenStack 8:ardana-ansible-8.0+git.1589740980.6c3bcdc-3.73.1.noarch", "HPE Helion OpenStack 8:ardana-cluster-8.0+git.1585685203.3e71e49-3.36.1.noarch", "HPE Helion OpenStack 8:ardana-freezer-8.0+git.1586539529.b7d295f-3.21.1.noarch", "HPE Helion OpenStack 8:ardana-input-model-8.0+git.1589740934.0e0ad61-3.39.1.noarch", "HPE Helion OpenStack 8:ardana-logging-8.0+git.1591194866.b7375d0-3.24.1.noarch", "HPE Helion OpenStack 8:ardana-mq-8.0+git.1589715269.62ad6df-3.22.1.noarch", "HPE Helion OpenStack 8:ardana-neutron-8.0+git.1590756744.ba84abc-3.42.1.noarch", "HPE Helion OpenStack 8:ardana-octavia-8.0+git.1590100427.cf4cc8f-3.29.1.noarch", "HPE Helion OpenStack 8:ardana-osconfig-8.0+git.1587034587.eac37b8-3.45.1.noarch", "HPE Helion OpenStack 8:caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-installation-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-operations-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-opsconsole-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-planning-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-security-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-user-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:grafana-4.6.5-4.9.1.x86_64", "HPE Helion OpenStack 8:kibana-4.6.3-3.3.1.x86_64", "HPE Helion OpenStack 8:openstack-dashboard-12.0.5~dev3-3.26.1.noarch", "HPE Helion OpenStack 8:openstack-dashboard-theme-HPE-8+git.1523473653.6599ec8-3.3.1.noarch", "HPE Helion OpenStack 8:openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1.noarch", "HPE Helion OpenStack 8:openstack-keystone-12.0.4~dev11-5.33.2.noarch", "HPE Helion OpenStack 8:openstack-keystone-doc-12.0.4~dev11-5.33.2.noarch", "HPE Helion OpenStack 8:openstack-monasca-agent-2.2.6~dev4-3.18.1.noarch", "HPE Helion OpenStack 8:openstack-monasca-installer-20190923_16.32-3.12.1.noarch", "HPE Helion OpenStack 8:openstack-neutron-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-dhcp-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-doc-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-ha-tool-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-l3-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-macvtap-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-metadata-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-metering-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-server-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-octavia-amphora-image-x86_64-0.1.4-3.12.2.noarch", "HPE Helion OpenStack 8:python-Django-1.11.23-3.15.1.noarch", "HPE Helion OpenStack 8:python-Flask-0.12.1-3.3.1.noarch", "HPE Helion OpenStack 8:python-GitPython-2.1.8-3.3.1.noarch", "HPE Helion OpenStack 8:python-Pillow-4.2.1-3.5.1.x86_64", "HPE Helion OpenStack 8:python-amqp-2.4.2-3.12.1.noarch", "HPE Helion OpenStack 8:python-apicapi-1.6.0-3.6.1.noarch", "HPE Helion OpenStack 8:python-horizon-12.0.5~dev3-3.26.1.noarch", "HPE Helion OpenStack 8:python-keystone-12.0.4~dev11-5.33.2.noarch", "HPE Helion OpenStack 8:python-keystoneauth1-3.1.2~dev2-3.3.1.noarch", "HPE Helion OpenStack 8:python-monasca-agent-2.2.6~dev4-3.18.1.noarch", "HPE Helion OpenStack 8:python-neutron-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:python-oslo.messaging-5.30.8-3.11.1.noarch", "HPE Helion OpenStack 8:python-psutil-5.2.2-3.3.1.x86_64", "HPE Helion OpenStack 8:python-pyroute2-0.4.21-3.3.1.noarch", "HPE Helion OpenStack 8:python-pysaml2-4.0.2-5.6.1.noarch", "HPE Helion OpenStack 8:python-tooz-1.58.1-3.3.1.noarch", "HPE Helion OpenStack 8:python-waitress-1.4.3-3.3.1.noarch", "HPE Helion OpenStack 8:storm-1.1.3-3.3.1.x86_64", "HPE Helion OpenStack 8:storm-nimbus-1.1.3-3.3.1.x86_64", "HPE Helion OpenStack 8:storm-supervisor-1.1.3-3.3.1.x86_64", "HPE Helion OpenStack 8:venv-openstack-aodh-x86_64-5.1.1~dev7-12.26.2.noarch", "HPE Helion OpenStack 8:venv-openstack-barbican-x86_64-5.0.2~dev3-12.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-ceilometer-x86_64-9.0.8~dev7-12.24.2.noarch", "HPE Helion OpenStack 8:venv-openstack-cinder-x86_64-11.2.3~dev23-14.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-designate-x86_64-5.0.3~dev7-12.25.2.noarch", "HPE Helion OpenStack 8:venv-openstack-freezer-x86_64-5.0.0.0~xrc2~dev2-10.22.1.noarch", "HPE Helion OpenStack 8:venv-openstack-glance-x86_64-15.0.3~dev3-12.25.1.noarch", "HPE Helion OpenStack 8:venv-openstack-heat-x86_64-9.0.8~dev22-12.27.1.noarch", "HPE Helion OpenStack 8:venv-openstack-horizon-hpe-x86_64-12.0.5~dev3-14.30.1.noarch", "HPE Helion OpenStack 8:venv-openstack-ironic-x86_64-9.1.8~dev8-12.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-keystone-x86_64-12.0.4~dev11-11.28.2.noarch", "HPE Helion OpenStack 8:venv-openstack-magnum-x86_64-5.0.2_5.0.2_5.0.2~dev31-11.26.2.noarch", "HPE Helion OpenStack 8:venv-openstack-manila-x86_64-5.1.1~dev5-12.31.2.noarch", "HPE Helion OpenStack 8:venv-openstack-monasca-ceilometer-x86_64-1.5.1_1.5.1_1.5.1~dev3-8.22.2.noarch", "HPE Helion OpenStack 8:venv-openstack-monasca-x86_64-2.2.2~dev1-11.22.3.noarch", "HPE Helion OpenStack 8:venv-openstack-murano-x86_64-4.0.2~dev2-12.22.1.noarch", "HPE Helion OpenStack 8:venv-openstack-neutron-x86_64-11.0.9~dev65-13.30.2.noarch", "HPE Helion OpenStack 8:venv-openstack-nova-x86_64-16.1.9~dev61-11.28.2.noarch", "HPE Helion OpenStack 8:venv-openstack-octavia-x86_64-1.0.6~dev3-12.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-sahara-x86_64-7.0.5~dev4-11.26.2.noarch", "HPE Helion OpenStack 8:venv-openstack-swift-x86_64-2.15.2_2.15.2_2.15.2~dev32-11.18.1.noarch", "HPE Helion OpenStack 8:venv-openstack-trove-x86_64-8.0.2~dev2-11.26.1.noarch", "SUSE OpenStack Cloud 8:ansible-2.4.6.0-3.9.1.noarch", "SUSE OpenStack Cloud 8:ansible1-1.9.6-7.3.1.noarch", "SUSE OpenStack Cloud 8:ardana-ansible-8.0+git.1589740980.6c3bcdc-3.73.1.noarch", "SUSE OpenStack Cloud 8:ardana-cluster-8.0+git.1585685203.3e71e49-3.36.1.noarch", "SUSE OpenStack Cloud 8:ardana-freezer-8.0+git.1586539529.b7d295f-3.21.1.noarch", "SUSE OpenStack Cloud 8:ardana-input-model-8.0+git.1589740934.0e0ad61-3.39.1.noarch", "SUSE OpenStack Cloud 8:ardana-logging-8.0+git.1591194866.b7375d0-3.24.1.noarch", "SUSE OpenStack Cloud 8:ardana-mq-8.0+git.1589715269.62ad6df-3.22.1.noarch", "SUSE OpenStack Cloud 8:ardana-neutron-8.0+git.1590756744.ba84abc-3.42.1.noarch", "SUSE OpenStack Cloud 8:ardana-octavia-8.0+git.1590100427.cf4cc8f-3.29.1.noarch", "SUSE OpenStack Cloud 8:ardana-osconfig-8.0+git.1587034587.eac37b8-3.45.1.noarch", "SUSE OpenStack Cloud 8:caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-installation-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-operations-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-opsconsole-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-planning-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-security-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-supplement-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-upstream-admin-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-upstream-user-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-user-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:grafana-4.6.5-4.9.1.x86_64", "SUSE OpenStack Cloud 8:kibana-4.6.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:openstack-dashboard-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud 8:openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1.noarch", "SUSE OpenStack Cloud 8:openstack-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-keystone-doc-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud 8:openstack-monasca-installer-20190923_16.32-3.12.1.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-dhcp-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-doc-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-ha-tool-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-l3-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-macvtap-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-metadata-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-metering-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-server-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-octavia-amphora-image-x86_64-0.1.4-3.12.2.noarch", "SUSE OpenStack Cloud 8:python-Django-1.11.23-3.15.1.noarch", "SUSE OpenStack Cloud 8:python-Flask-0.12.1-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-GitPython-2.1.8-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-Pillow-4.2.1-3.5.1.x86_64", "SUSE OpenStack Cloud 8:python-amqp-2.4.2-3.12.1.noarch", "SUSE OpenStack Cloud 8:python-apicapi-1.6.0-3.6.1.noarch", "SUSE OpenStack Cloud 8:python-horizon-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud 8:python-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud 8:python-keystoneauth1-3.1.2~dev2-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud 8:python-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:python-oslo.messaging-5.30.8-3.11.1.noarch", "SUSE OpenStack Cloud 8:python-psutil-5.2.2-3.3.1.x86_64", "SUSE OpenStack Cloud 8:python-pyroute2-0.4.21-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-pysaml2-4.0.2-5.6.1.noarch", "SUSE OpenStack Cloud 8:python-tooz-1.58.1-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud 8:storm-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:storm-nimbus-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:storm-supervisor-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:venv-openstack-aodh-x86_64-5.1.1~dev7-12.26.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-barbican-x86_64-5.0.2~dev3-12.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-ceilometer-x86_64-9.0.8~dev7-12.24.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-cinder-x86_64-11.2.3~dev23-14.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-designate-x86_64-5.0.3~dev7-12.25.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-freezer-x86_64-5.0.0.0~xrc2~dev2-10.22.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-glance-x86_64-15.0.3~dev3-12.25.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-heat-x86_64-9.0.8~dev22-12.27.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-horizon-x86_64-12.0.5~dev3-14.30.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-ironic-x86_64-9.1.8~dev8-12.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-keystone-x86_64-12.0.4~dev11-11.28.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-magnum-x86_64-5.0.2_5.0.2_5.0.2~dev31-11.26.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-manila-x86_64-5.1.1~dev5-12.31.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-monasca-ceilometer-x86_64-1.5.1_1.5.1_1.5.1~dev3-8.22.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-monasca-x86_64-2.2.2~dev1-11.22.3.noarch", "SUSE OpenStack Cloud 8:venv-openstack-murano-x86_64-4.0.2~dev2-12.22.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-neutron-x86_64-11.0.9~dev65-13.30.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-nova-x86_64-16.1.9~dev61-11.28.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-octavia-x86_64-1.0.6~dev3-12.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-sahara-x86_64-7.0.5~dev4-11.26.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-swift-x86_64-2.15.2_2.15.2_2.15.2~dev32-11.18.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-trove-x86_64-8.0.2~dev2-11.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:ansible-2.4.6.0-3.9.1.noarch", "SUSE OpenStack Cloud Crowbar 8:caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1.noarch", "SUSE OpenStack Cloud Crowbar 8:crowbar-core-5.0+git.1593156248.55bbdb26d-3.41.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:crowbar-core-branding-upstream-5.0+git.1593156248.55bbdb26d-3.41.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:crowbar-openstack-5.0+git.1593085772.64c4ab43c-4.40.2.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-deployment-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-supplement-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-upstream-admin-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-upstream-user-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:grafana-4.6.5-4.9.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kibana-4.6.3-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:openstack-dashboard-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-keystone-doc-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-monasca-installer-20190923_16.32-3.12.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-dhcp-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-doc-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-ha-tool-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-l3-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-macvtap-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-metadata-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-metering-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-server-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-octavia-amphora-image-x86_64-0.1.4-3.12.2.noarch", "SUSE OpenStack Cloud Crowbar 8:python-Django-1.11.23-3.15.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-Flask-0.12.1-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-Pillow-4.2.1-3.5.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:python-amqp-2.4.2-3.12.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-apicapi-1.6.0-3.6.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-horizon-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:python-keystoneauth1-3.1.2~dev2-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:python-oslo.messaging-5.30.8-3.11.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-psutil-5.2.2-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:python-pyroute2-0.4.21-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-pysaml2-4.0.2-5.6.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-tooz-1.58.1-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-crowbar-client-3.9.2-3.12.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-puma-2.16.0-3.9.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:storm-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:storm-nimbus-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:storm-supervisor-1.1.3-3.3.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", version: "3.1", }, products: [ "HPE Helion OpenStack 8:ansible-2.4.6.0-3.9.1.noarch", "HPE Helion OpenStack 8:ansible1-1.9.6-7.3.1.noarch", "HPE Helion OpenStack 8:ardana-ansible-8.0+git.1589740980.6c3bcdc-3.73.1.noarch", "HPE Helion OpenStack 8:ardana-cluster-8.0+git.1585685203.3e71e49-3.36.1.noarch", "HPE Helion OpenStack 8:ardana-freezer-8.0+git.1586539529.b7d295f-3.21.1.noarch", "HPE Helion OpenStack 8:ardana-input-model-8.0+git.1589740934.0e0ad61-3.39.1.noarch", "HPE Helion OpenStack 8:ardana-logging-8.0+git.1591194866.b7375d0-3.24.1.noarch", "HPE Helion OpenStack 8:ardana-mq-8.0+git.1589715269.62ad6df-3.22.1.noarch", "HPE Helion OpenStack 8:ardana-neutron-8.0+git.1590756744.ba84abc-3.42.1.noarch", "HPE Helion OpenStack 8:ardana-octavia-8.0+git.1590100427.cf4cc8f-3.29.1.noarch", "HPE Helion OpenStack 8:ardana-osconfig-8.0+git.1587034587.eac37b8-3.45.1.noarch", "HPE Helion OpenStack 8:caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-installation-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-operations-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-opsconsole-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-planning-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-security-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-user-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:grafana-4.6.5-4.9.1.x86_64", "HPE Helion OpenStack 8:kibana-4.6.3-3.3.1.x86_64", "HPE Helion OpenStack 8:openstack-dashboard-12.0.5~dev3-3.26.1.noarch", "HPE Helion OpenStack 8:openstack-dashboard-theme-HPE-8+git.1523473653.6599ec8-3.3.1.noarch", "HPE Helion OpenStack 8:openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1.noarch", "HPE Helion OpenStack 8:openstack-keystone-12.0.4~dev11-5.33.2.noarch", "HPE Helion OpenStack 8:openstack-keystone-doc-12.0.4~dev11-5.33.2.noarch", "HPE Helion OpenStack 8:openstack-monasca-agent-2.2.6~dev4-3.18.1.noarch", "HPE Helion OpenStack 8:openstack-monasca-installer-20190923_16.32-3.12.1.noarch", "HPE Helion OpenStack 8:openstack-neutron-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-dhcp-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-doc-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-ha-tool-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-l3-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-macvtap-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-metadata-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-metering-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-server-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-octavia-amphora-image-x86_64-0.1.4-3.12.2.noarch", "HPE Helion OpenStack 8:python-Django-1.11.23-3.15.1.noarch", "HPE Helion OpenStack 8:python-Flask-0.12.1-3.3.1.noarch", "HPE Helion OpenStack 8:python-GitPython-2.1.8-3.3.1.noarch", "HPE Helion OpenStack 8:python-Pillow-4.2.1-3.5.1.x86_64", "HPE Helion OpenStack 8:python-amqp-2.4.2-3.12.1.noarch", "HPE Helion OpenStack 8:python-apicapi-1.6.0-3.6.1.noarch", "HPE Helion OpenStack 8:python-horizon-12.0.5~dev3-3.26.1.noarch", "HPE Helion OpenStack 8:python-keystone-12.0.4~dev11-5.33.2.noarch", "HPE Helion OpenStack 8:python-keystoneauth1-3.1.2~dev2-3.3.1.noarch", "HPE Helion OpenStack 8:python-monasca-agent-2.2.6~dev4-3.18.1.noarch", "HPE Helion OpenStack 8:python-neutron-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:python-oslo.messaging-5.30.8-3.11.1.noarch", "HPE Helion OpenStack 8:python-psutil-5.2.2-3.3.1.x86_64", "HPE Helion OpenStack 8:python-pyroute2-0.4.21-3.3.1.noarch", "HPE Helion OpenStack 8:python-pysaml2-4.0.2-5.6.1.noarch", "HPE Helion OpenStack 8:python-tooz-1.58.1-3.3.1.noarch", "HPE Helion OpenStack 8:python-waitress-1.4.3-3.3.1.noarch", "HPE Helion OpenStack 8:storm-1.1.3-3.3.1.x86_64", "HPE Helion OpenStack 8:storm-nimbus-1.1.3-3.3.1.x86_64", "HPE Helion OpenStack 8:storm-supervisor-1.1.3-3.3.1.x86_64", "HPE Helion OpenStack 8:venv-openstack-aodh-x86_64-5.1.1~dev7-12.26.2.noarch", "HPE Helion OpenStack 8:venv-openstack-barbican-x86_64-5.0.2~dev3-12.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-ceilometer-x86_64-9.0.8~dev7-12.24.2.noarch", "HPE Helion OpenStack 8:venv-openstack-cinder-x86_64-11.2.3~dev23-14.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-designate-x86_64-5.0.3~dev7-12.25.2.noarch", "HPE Helion OpenStack 8:venv-openstack-freezer-x86_64-5.0.0.0~xrc2~dev2-10.22.1.noarch", "HPE Helion OpenStack 8:venv-openstack-glance-x86_64-15.0.3~dev3-12.25.1.noarch", "HPE Helion OpenStack 8:venv-openstack-heat-x86_64-9.0.8~dev22-12.27.1.noarch", "HPE Helion OpenStack 8:venv-openstack-horizon-hpe-x86_64-12.0.5~dev3-14.30.1.noarch", "HPE Helion OpenStack 8:venv-openstack-ironic-x86_64-9.1.8~dev8-12.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-keystone-x86_64-12.0.4~dev11-11.28.2.noarch", "HPE Helion OpenStack 8:venv-openstack-magnum-x86_64-5.0.2_5.0.2_5.0.2~dev31-11.26.2.noarch", "HPE Helion OpenStack 8:venv-openstack-manila-x86_64-5.1.1~dev5-12.31.2.noarch", "HPE Helion OpenStack 8:venv-openstack-monasca-ceilometer-x86_64-1.5.1_1.5.1_1.5.1~dev3-8.22.2.noarch", "HPE Helion OpenStack 8:venv-openstack-monasca-x86_64-2.2.2~dev1-11.22.3.noarch", "HPE Helion OpenStack 8:venv-openstack-murano-x86_64-4.0.2~dev2-12.22.1.noarch", "HPE Helion OpenStack 8:venv-openstack-neutron-x86_64-11.0.9~dev65-13.30.2.noarch", "HPE Helion OpenStack 8:venv-openstack-nova-x86_64-16.1.9~dev61-11.28.2.noarch", "HPE Helion OpenStack 8:venv-openstack-octavia-x86_64-1.0.6~dev3-12.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-sahara-x86_64-7.0.5~dev4-11.26.2.noarch", "HPE Helion OpenStack 8:venv-openstack-swift-x86_64-2.15.2_2.15.2_2.15.2~dev32-11.18.1.noarch", "HPE Helion OpenStack 8:venv-openstack-trove-x86_64-8.0.2~dev2-11.26.1.noarch", "SUSE OpenStack Cloud 8:ansible-2.4.6.0-3.9.1.noarch", "SUSE OpenStack Cloud 8:ansible1-1.9.6-7.3.1.noarch", "SUSE OpenStack Cloud 8:ardana-ansible-8.0+git.1589740980.6c3bcdc-3.73.1.noarch", "SUSE OpenStack Cloud 8:ardana-cluster-8.0+git.1585685203.3e71e49-3.36.1.noarch", "SUSE OpenStack Cloud 8:ardana-freezer-8.0+git.1586539529.b7d295f-3.21.1.noarch", "SUSE OpenStack Cloud 8:ardana-input-model-8.0+git.1589740934.0e0ad61-3.39.1.noarch", "SUSE OpenStack Cloud 8:ardana-logging-8.0+git.1591194866.b7375d0-3.24.1.noarch", "SUSE OpenStack Cloud 8:ardana-mq-8.0+git.1589715269.62ad6df-3.22.1.noarch", "SUSE OpenStack Cloud 8:ardana-neutron-8.0+git.1590756744.ba84abc-3.42.1.noarch", "SUSE OpenStack Cloud 8:ardana-octavia-8.0+git.1590100427.cf4cc8f-3.29.1.noarch", "SUSE OpenStack Cloud 8:ardana-osconfig-8.0+git.1587034587.eac37b8-3.45.1.noarch", "SUSE OpenStack Cloud 8:caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-installation-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-operations-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-opsconsole-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-planning-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-security-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-supplement-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-upstream-admin-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-upstream-user-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-user-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:grafana-4.6.5-4.9.1.x86_64", "SUSE OpenStack Cloud 8:kibana-4.6.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:openstack-dashboard-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud 8:openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1.noarch", "SUSE OpenStack Cloud 8:openstack-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-keystone-doc-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud 8:openstack-monasca-installer-20190923_16.32-3.12.1.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-dhcp-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-doc-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-ha-tool-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-l3-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-macvtap-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-metadata-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-metering-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-server-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-octavia-amphora-image-x86_64-0.1.4-3.12.2.noarch", "SUSE OpenStack Cloud 8:python-Django-1.11.23-3.15.1.noarch", "SUSE OpenStack Cloud 8:python-Flask-0.12.1-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-GitPython-2.1.8-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-Pillow-4.2.1-3.5.1.x86_64", "SUSE OpenStack Cloud 8:python-amqp-2.4.2-3.12.1.noarch", "SUSE OpenStack Cloud 8:python-apicapi-1.6.0-3.6.1.noarch", "SUSE OpenStack Cloud 8:python-horizon-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud 8:python-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud 8:python-keystoneauth1-3.1.2~dev2-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud 8:python-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:python-oslo.messaging-5.30.8-3.11.1.noarch", "SUSE OpenStack Cloud 8:python-psutil-5.2.2-3.3.1.x86_64", "SUSE OpenStack Cloud 8:python-pyroute2-0.4.21-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-pysaml2-4.0.2-5.6.1.noarch", "SUSE OpenStack Cloud 8:python-tooz-1.58.1-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud 8:storm-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:storm-nimbus-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:storm-supervisor-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:venv-openstack-aodh-x86_64-5.1.1~dev7-12.26.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-barbican-x86_64-5.0.2~dev3-12.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-ceilometer-x86_64-9.0.8~dev7-12.24.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-cinder-x86_64-11.2.3~dev23-14.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-designate-x86_64-5.0.3~dev7-12.25.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-freezer-x86_64-5.0.0.0~xrc2~dev2-10.22.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-glance-x86_64-15.0.3~dev3-12.25.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-heat-x86_64-9.0.8~dev22-12.27.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-horizon-x86_64-12.0.5~dev3-14.30.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-ironic-x86_64-9.1.8~dev8-12.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-keystone-x86_64-12.0.4~dev11-11.28.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-magnum-x86_64-5.0.2_5.0.2_5.0.2~dev31-11.26.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-manila-x86_64-5.1.1~dev5-12.31.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-monasca-ceilometer-x86_64-1.5.1_1.5.1_1.5.1~dev3-8.22.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-monasca-x86_64-2.2.2~dev1-11.22.3.noarch", "SUSE OpenStack Cloud 8:venv-openstack-murano-x86_64-4.0.2~dev2-12.22.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-neutron-x86_64-11.0.9~dev65-13.30.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-nova-x86_64-16.1.9~dev61-11.28.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-octavia-x86_64-1.0.6~dev3-12.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-sahara-x86_64-7.0.5~dev4-11.26.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-swift-x86_64-2.15.2_2.15.2_2.15.2~dev32-11.18.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-trove-x86_64-8.0.2~dev2-11.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:ansible-2.4.6.0-3.9.1.noarch", "SUSE OpenStack Cloud Crowbar 8:caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1.noarch", "SUSE OpenStack Cloud Crowbar 8:crowbar-core-5.0+git.1593156248.55bbdb26d-3.41.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:crowbar-core-branding-upstream-5.0+git.1593156248.55bbdb26d-3.41.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:crowbar-openstack-5.0+git.1593085772.64c4ab43c-4.40.2.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-deployment-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-supplement-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-upstream-admin-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-upstream-user-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:grafana-4.6.5-4.9.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kibana-4.6.3-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:openstack-dashboard-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-keystone-doc-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-monasca-installer-20190923_16.32-3.12.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-dhcp-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-doc-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-ha-tool-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-l3-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-macvtap-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-metadata-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-metering-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-server-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-octavia-amphora-image-x86_64-0.1.4-3.12.2.noarch", "SUSE OpenStack Cloud Crowbar 8:python-Django-1.11.23-3.15.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-Flask-0.12.1-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-Pillow-4.2.1-3.5.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:python-amqp-2.4.2-3.12.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-apicapi-1.6.0-3.6.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-horizon-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:python-keystoneauth1-3.1.2~dev2-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:python-oslo.messaging-5.30.8-3.11.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-psutil-5.2.2-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:python-pyroute2-0.4.21-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-pysaml2-4.0.2-5.6.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-tooz-1.58.1-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-crowbar-client-3.9.2-3.12.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-puma-2.16.0-3.9.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:storm-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:storm-nimbus-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:storm-supervisor-1.1.3-3.3.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2020-07-14T12:42:01Z", details: "moderate", }, ], title: "CVE-2020-13596", }, { cve: "CVE-2020-5312", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-5312", }, ], notes: [ { category: "general", text: "libImaging/PcxDecode.c in Pillow before 6.2.2 has a PCX P mode buffer overflow.", title: "CVE description", }, ], product_status: { recommended: [ "HPE Helion OpenStack 8:ansible-2.4.6.0-3.9.1.noarch", "HPE Helion OpenStack 8:ansible1-1.9.6-7.3.1.noarch", "HPE Helion OpenStack 8:ardana-ansible-8.0+git.1589740980.6c3bcdc-3.73.1.noarch", "HPE Helion OpenStack 8:ardana-cluster-8.0+git.1585685203.3e71e49-3.36.1.noarch", "HPE Helion OpenStack 8:ardana-freezer-8.0+git.1586539529.b7d295f-3.21.1.noarch", "HPE Helion OpenStack 8:ardana-input-model-8.0+git.1589740934.0e0ad61-3.39.1.noarch", "HPE Helion OpenStack 8:ardana-logging-8.0+git.1591194866.b7375d0-3.24.1.noarch", "HPE Helion OpenStack 8:ardana-mq-8.0+git.1589715269.62ad6df-3.22.1.noarch", "HPE Helion OpenStack 8:ardana-neutron-8.0+git.1590756744.ba84abc-3.42.1.noarch", "HPE Helion OpenStack 8:ardana-octavia-8.0+git.1590100427.cf4cc8f-3.29.1.noarch", "HPE Helion OpenStack 8:ardana-osconfig-8.0+git.1587034587.eac37b8-3.45.1.noarch", "HPE Helion OpenStack 8:caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-installation-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-operations-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-opsconsole-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-planning-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-security-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-user-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:grafana-4.6.5-4.9.1.x86_64", "HPE Helion OpenStack 8:kibana-4.6.3-3.3.1.x86_64", "HPE Helion OpenStack 8:openstack-dashboard-12.0.5~dev3-3.26.1.noarch", "HPE Helion OpenStack 8:openstack-dashboard-theme-HPE-8+git.1523473653.6599ec8-3.3.1.noarch", "HPE Helion OpenStack 8:openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1.noarch", "HPE Helion OpenStack 8:openstack-keystone-12.0.4~dev11-5.33.2.noarch", "HPE Helion OpenStack 8:openstack-keystone-doc-12.0.4~dev11-5.33.2.noarch", "HPE Helion OpenStack 8:openstack-monasca-agent-2.2.6~dev4-3.18.1.noarch", "HPE Helion OpenStack 8:openstack-monasca-installer-20190923_16.32-3.12.1.noarch", "HPE Helion OpenStack 8:openstack-neutron-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-dhcp-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-doc-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-ha-tool-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-l3-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-macvtap-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-metadata-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-metering-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-server-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-octavia-amphora-image-x86_64-0.1.4-3.12.2.noarch", "HPE Helion OpenStack 8:python-Django-1.11.23-3.15.1.noarch", "HPE Helion OpenStack 8:python-Flask-0.12.1-3.3.1.noarch", "HPE Helion OpenStack 8:python-GitPython-2.1.8-3.3.1.noarch", "HPE Helion OpenStack 8:python-Pillow-4.2.1-3.5.1.x86_64", "HPE Helion OpenStack 8:python-amqp-2.4.2-3.12.1.noarch", "HPE Helion OpenStack 8:python-apicapi-1.6.0-3.6.1.noarch", "HPE Helion OpenStack 8:python-horizon-12.0.5~dev3-3.26.1.noarch", "HPE Helion OpenStack 8:python-keystone-12.0.4~dev11-5.33.2.noarch", "HPE Helion OpenStack 8:python-keystoneauth1-3.1.2~dev2-3.3.1.noarch", "HPE Helion OpenStack 8:python-monasca-agent-2.2.6~dev4-3.18.1.noarch", "HPE Helion OpenStack 8:python-neutron-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:python-oslo.messaging-5.30.8-3.11.1.noarch", "HPE Helion OpenStack 8:python-psutil-5.2.2-3.3.1.x86_64", "HPE Helion OpenStack 8:python-pyroute2-0.4.21-3.3.1.noarch", "HPE Helion OpenStack 8:python-pysaml2-4.0.2-5.6.1.noarch", "HPE Helion OpenStack 8:python-tooz-1.58.1-3.3.1.noarch", "HPE Helion OpenStack 8:python-waitress-1.4.3-3.3.1.noarch", "HPE Helion OpenStack 8:storm-1.1.3-3.3.1.x86_64", "HPE Helion OpenStack 8:storm-nimbus-1.1.3-3.3.1.x86_64", "HPE Helion OpenStack 8:storm-supervisor-1.1.3-3.3.1.x86_64", "HPE Helion OpenStack 8:venv-openstack-aodh-x86_64-5.1.1~dev7-12.26.2.noarch", "HPE Helion OpenStack 8:venv-openstack-barbican-x86_64-5.0.2~dev3-12.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-ceilometer-x86_64-9.0.8~dev7-12.24.2.noarch", "HPE Helion OpenStack 8:venv-openstack-cinder-x86_64-11.2.3~dev23-14.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-designate-x86_64-5.0.3~dev7-12.25.2.noarch", "HPE Helion OpenStack 8:venv-openstack-freezer-x86_64-5.0.0.0~xrc2~dev2-10.22.1.noarch", "HPE Helion OpenStack 8:venv-openstack-glance-x86_64-15.0.3~dev3-12.25.1.noarch", "HPE Helion OpenStack 8:venv-openstack-heat-x86_64-9.0.8~dev22-12.27.1.noarch", "HPE Helion OpenStack 8:venv-openstack-horizon-hpe-x86_64-12.0.5~dev3-14.30.1.noarch", "HPE Helion OpenStack 8:venv-openstack-ironic-x86_64-9.1.8~dev8-12.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-keystone-x86_64-12.0.4~dev11-11.28.2.noarch", "HPE Helion OpenStack 8:venv-openstack-magnum-x86_64-5.0.2_5.0.2_5.0.2~dev31-11.26.2.noarch", "HPE Helion OpenStack 8:venv-openstack-manila-x86_64-5.1.1~dev5-12.31.2.noarch", "HPE Helion OpenStack 8:venv-openstack-monasca-ceilometer-x86_64-1.5.1_1.5.1_1.5.1~dev3-8.22.2.noarch", "HPE Helion OpenStack 8:venv-openstack-monasca-x86_64-2.2.2~dev1-11.22.3.noarch", "HPE Helion OpenStack 8:venv-openstack-murano-x86_64-4.0.2~dev2-12.22.1.noarch", "HPE Helion OpenStack 8:venv-openstack-neutron-x86_64-11.0.9~dev65-13.30.2.noarch", "HPE Helion OpenStack 8:venv-openstack-nova-x86_64-16.1.9~dev61-11.28.2.noarch", "HPE Helion OpenStack 8:venv-openstack-octavia-x86_64-1.0.6~dev3-12.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-sahara-x86_64-7.0.5~dev4-11.26.2.noarch", "HPE Helion OpenStack 8:venv-openstack-swift-x86_64-2.15.2_2.15.2_2.15.2~dev32-11.18.1.noarch", "HPE Helion OpenStack 8:venv-openstack-trove-x86_64-8.0.2~dev2-11.26.1.noarch", "SUSE OpenStack Cloud 8:ansible-2.4.6.0-3.9.1.noarch", "SUSE OpenStack Cloud 8:ansible1-1.9.6-7.3.1.noarch", "SUSE OpenStack Cloud 8:ardana-ansible-8.0+git.1589740980.6c3bcdc-3.73.1.noarch", "SUSE OpenStack Cloud 8:ardana-cluster-8.0+git.1585685203.3e71e49-3.36.1.noarch", "SUSE OpenStack Cloud 8:ardana-freezer-8.0+git.1586539529.b7d295f-3.21.1.noarch", "SUSE OpenStack Cloud 8:ardana-input-model-8.0+git.1589740934.0e0ad61-3.39.1.noarch", "SUSE OpenStack Cloud 8:ardana-logging-8.0+git.1591194866.b7375d0-3.24.1.noarch", "SUSE OpenStack Cloud 8:ardana-mq-8.0+git.1589715269.62ad6df-3.22.1.noarch", "SUSE OpenStack Cloud 8:ardana-neutron-8.0+git.1590756744.ba84abc-3.42.1.noarch", "SUSE OpenStack Cloud 8:ardana-octavia-8.0+git.1590100427.cf4cc8f-3.29.1.noarch", "SUSE OpenStack Cloud 8:ardana-osconfig-8.0+git.1587034587.eac37b8-3.45.1.noarch", "SUSE OpenStack Cloud 8:caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-installation-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-operations-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-opsconsole-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-planning-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-security-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-supplement-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-upstream-admin-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-upstream-user-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-user-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:grafana-4.6.5-4.9.1.x86_64", "SUSE OpenStack Cloud 8:kibana-4.6.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:openstack-dashboard-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud 8:openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1.noarch", "SUSE OpenStack Cloud 8:openstack-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-keystone-doc-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud 8:openstack-monasca-installer-20190923_16.32-3.12.1.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-dhcp-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-doc-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-ha-tool-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-l3-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-macvtap-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-metadata-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-metering-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-server-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-octavia-amphora-image-x86_64-0.1.4-3.12.2.noarch", "SUSE OpenStack Cloud 8:python-Django-1.11.23-3.15.1.noarch", "SUSE OpenStack Cloud 8:python-Flask-0.12.1-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-GitPython-2.1.8-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-Pillow-4.2.1-3.5.1.x86_64", "SUSE OpenStack Cloud 8:python-amqp-2.4.2-3.12.1.noarch", "SUSE OpenStack Cloud 8:python-apicapi-1.6.0-3.6.1.noarch", "SUSE OpenStack Cloud 8:python-horizon-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud 8:python-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud 8:python-keystoneauth1-3.1.2~dev2-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud 8:python-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:python-oslo.messaging-5.30.8-3.11.1.noarch", "SUSE OpenStack Cloud 8:python-psutil-5.2.2-3.3.1.x86_64", "SUSE OpenStack Cloud 8:python-pyroute2-0.4.21-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-pysaml2-4.0.2-5.6.1.noarch", "SUSE OpenStack Cloud 8:python-tooz-1.58.1-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud 8:storm-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:storm-nimbus-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:storm-supervisor-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:venv-openstack-aodh-x86_64-5.1.1~dev7-12.26.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-barbican-x86_64-5.0.2~dev3-12.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-ceilometer-x86_64-9.0.8~dev7-12.24.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-cinder-x86_64-11.2.3~dev23-14.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-designate-x86_64-5.0.3~dev7-12.25.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-freezer-x86_64-5.0.0.0~xrc2~dev2-10.22.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-glance-x86_64-15.0.3~dev3-12.25.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-heat-x86_64-9.0.8~dev22-12.27.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-horizon-x86_64-12.0.5~dev3-14.30.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-ironic-x86_64-9.1.8~dev8-12.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-keystone-x86_64-12.0.4~dev11-11.28.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-magnum-x86_64-5.0.2_5.0.2_5.0.2~dev31-11.26.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-manila-x86_64-5.1.1~dev5-12.31.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-monasca-ceilometer-x86_64-1.5.1_1.5.1_1.5.1~dev3-8.22.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-monasca-x86_64-2.2.2~dev1-11.22.3.noarch", "SUSE OpenStack Cloud 8:venv-openstack-murano-x86_64-4.0.2~dev2-12.22.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-neutron-x86_64-11.0.9~dev65-13.30.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-nova-x86_64-16.1.9~dev61-11.28.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-octavia-x86_64-1.0.6~dev3-12.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-sahara-x86_64-7.0.5~dev4-11.26.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-swift-x86_64-2.15.2_2.15.2_2.15.2~dev32-11.18.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-trove-x86_64-8.0.2~dev2-11.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:ansible-2.4.6.0-3.9.1.noarch", "SUSE OpenStack Cloud Crowbar 8:caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1.noarch", "SUSE OpenStack Cloud Crowbar 8:crowbar-core-5.0+git.1593156248.55bbdb26d-3.41.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:crowbar-core-branding-upstream-5.0+git.1593156248.55bbdb26d-3.41.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:crowbar-openstack-5.0+git.1593085772.64c4ab43c-4.40.2.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-deployment-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-supplement-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-upstream-admin-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-upstream-user-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:grafana-4.6.5-4.9.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kibana-4.6.3-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:openstack-dashboard-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-keystone-doc-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-monasca-installer-20190923_16.32-3.12.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-dhcp-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-doc-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-ha-tool-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-l3-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-macvtap-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-metadata-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-metering-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-server-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-octavia-amphora-image-x86_64-0.1.4-3.12.2.noarch", "SUSE OpenStack Cloud Crowbar 8:python-Django-1.11.23-3.15.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-Flask-0.12.1-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-Pillow-4.2.1-3.5.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:python-amqp-2.4.2-3.12.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-apicapi-1.6.0-3.6.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-horizon-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:python-keystoneauth1-3.1.2~dev2-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:python-oslo.messaging-5.30.8-3.11.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-psutil-5.2.2-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:python-pyroute2-0.4.21-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-pysaml2-4.0.2-5.6.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-tooz-1.58.1-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-crowbar-client-3.9.2-3.12.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-puma-2.16.0-3.9.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:storm-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:storm-nimbus-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:storm-supervisor-1.1.3-3.3.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-5312", url: "https://www.suse.com/security/cve/CVE-2020-5312", }, { category: "external", summary: "SUSE Bug 1160152 for CVE-2020-5312", url: "https://bugzilla.suse.com/1160152", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "HPE Helion OpenStack 8:ansible-2.4.6.0-3.9.1.noarch", "HPE Helion OpenStack 8:ansible1-1.9.6-7.3.1.noarch", "HPE Helion OpenStack 8:ardana-ansible-8.0+git.1589740980.6c3bcdc-3.73.1.noarch", "HPE Helion OpenStack 8:ardana-cluster-8.0+git.1585685203.3e71e49-3.36.1.noarch", "HPE Helion OpenStack 8:ardana-freezer-8.0+git.1586539529.b7d295f-3.21.1.noarch", "HPE Helion OpenStack 8:ardana-input-model-8.0+git.1589740934.0e0ad61-3.39.1.noarch", "HPE Helion OpenStack 8:ardana-logging-8.0+git.1591194866.b7375d0-3.24.1.noarch", "HPE Helion OpenStack 8:ardana-mq-8.0+git.1589715269.62ad6df-3.22.1.noarch", "HPE Helion OpenStack 8:ardana-neutron-8.0+git.1590756744.ba84abc-3.42.1.noarch", "HPE Helion OpenStack 8:ardana-octavia-8.0+git.1590100427.cf4cc8f-3.29.1.noarch", "HPE Helion OpenStack 8:ardana-osconfig-8.0+git.1587034587.eac37b8-3.45.1.noarch", "HPE Helion OpenStack 8:caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-installation-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-operations-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-opsconsole-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-planning-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-security-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-user-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:grafana-4.6.5-4.9.1.x86_64", "HPE Helion OpenStack 8:kibana-4.6.3-3.3.1.x86_64", "HPE Helion OpenStack 8:openstack-dashboard-12.0.5~dev3-3.26.1.noarch", "HPE Helion OpenStack 8:openstack-dashboard-theme-HPE-8+git.1523473653.6599ec8-3.3.1.noarch", "HPE Helion OpenStack 8:openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1.noarch", "HPE Helion OpenStack 8:openstack-keystone-12.0.4~dev11-5.33.2.noarch", "HPE Helion OpenStack 8:openstack-keystone-doc-12.0.4~dev11-5.33.2.noarch", "HPE Helion OpenStack 8:openstack-monasca-agent-2.2.6~dev4-3.18.1.noarch", "HPE Helion OpenStack 8:openstack-monasca-installer-20190923_16.32-3.12.1.noarch", "HPE Helion OpenStack 8:openstack-neutron-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-dhcp-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-doc-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-ha-tool-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-l3-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-macvtap-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-metadata-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-metering-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-server-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-octavia-amphora-image-x86_64-0.1.4-3.12.2.noarch", "HPE Helion OpenStack 8:python-Django-1.11.23-3.15.1.noarch", "HPE Helion OpenStack 8:python-Flask-0.12.1-3.3.1.noarch", "HPE Helion OpenStack 8:python-GitPython-2.1.8-3.3.1.noarch", "HPE Helion OpenStack 8:python-Pillow-4.2.1-3.5.1.x86_64", "HPE Helion OpenStack 8:python-amqp-2.4.2-3.12.1.noarch", "HPE Helion OpenStack 8:python-apicapi-1.6.0-3.6.1.noarch", "HPE Helion OpenStack 8:python-horizon-12.0.5~dev3-3.26.1.noarch", "HPE Helion OpenStack 8:python-keystone-12.0.4~dev11-5.33.2.noarch", "HPE Helion OpenStack 8:python-keystoneauth1-3.1.2~dev2-3.3.1.noarch", "HPE Helion OpenStack 8:python-monasca-agent-2.2.6~dev4-3.18.1.noarch", "HPE Helion OpenStack 8:python-neutron-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:python-oslo.messaging-5.30.8-3.11.1.noarch", "HPE Helion OpenStack 8:python-psutil-5.2.2-3.3.1.x86_64", "HPE Helion OpenStack 8:python-pyroute2-0.4.21-3.3.1.noarch", "HPE Helion OpenStack 8:python-pysaml2-4.0.2-5.6.1.noarch", "HPE Helion OpenStack 8:python-tooz-1.58.1-3.3.1.noarch", "HPE Helion OpenStack 8:python-waitress-1.4.3-3.3.1.noarch", "HPE Helion OpenStack 8:storm-1.1.3-3.3.1.x86_64", "HPE Helion OpenStack 8:storm-nimbus-1.1.3-3.3.1.x86_64", "HPE Helion OpenStack 8:storm-supervisor-1.1.3-3.3.1.x86_64", "HPE Helion OpenStack 8:venv-openstack-aodh-x86_64-5.1.1~dev7-12.26.2.noarch", "HPE Helion OpenStack 8:venv-openstack-barbican-x86_64-5.0.2~dev3-12.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-ceilometer-x86_64-9.0.8~dev7-12.24.2.noarch", "HPE Helion OpenStack 8:venv-openstack-cinder-x86_64-11.2.3~dev23-14.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-designate-x86_64-5.0.3~dev7-12.25.2.noarch", "HPE Helion OpenStack 8:venv-openstack-freezer-x86_64-5.0.0.0~xrc2~dev2-10.22.1.noarch", "HPE Helion OpenStack 8:venv-openstack-glance-x86_64-15.0.3~dev3-12.25.1.noarch", "HPE Helion OpenStack 8:venv-openstack-heat-x86_64-9.0.8~dev22-12.27.1.noarch", "HPE Helion OpenStack 8:venv-openstack-horizon-hpe-x86_64-12.0.5~dev3-14.30.1.noarch", "HPE Helion OpenStack 8:venv-openstack-ironic-x86_64-9.1.8~dev8-12.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-keystone-x86_64-12.0.4~dev11-11.28.2.noarch", "HPE Helion OpenStack 8:venv-openstack-magnum-x86_64-5.0.2_5.0.2_5.0.2~dev31-11.26.2.noarch", "HPE Helion OpenStack 8:venv-openstack-manila-x86_64-5.1.1~dev5-12.31.2.noarch", "HPE Helion OpenStack 8:venv-openstack-monasca-ceilometer-x86_64-1.5.1_1.5.1_1.5.1~dev3-8.22.2.noarch", "HPE Helion OpenStack 8:venv-openstack-monasca-x86_64-2.2.2~dev1-11.22.3.noarch", "HPE Helion OpenStack 8:venv-openstack-murano-x86_64-4.0.2~dev2-12.22.1.noarch", "HPE Helion OpenStack 8:venv-openstack-neutron-x86_64-11.0.9~dev65-13.30.2.noarch", "HPE Helion OpenStack 8:venv-openstack-nova-x86_64-16.1.9~dev61-11.28.2.noarch", "HPE Helion OpenStack 8:venv-openstack-octavia-x86_64-1.0.6~dev3-12.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-sahara-x86_64-7.0.5~dev4-11.26.2.noarch", "HPE Helion OpenStack 8:venv-openstack-swift-x86_64-2.15.2_2.15.2_2.15.2~dev32-11.18.1.noarch", "HPE Helion OpenStack 8:venv-openstack-trove-x86_64-8.0.2~dev2-11.26.1.noarch", "SUSE OpenStack Cloud 8:ansible-2.4.6.0-3.9.1.noarch", "SUSE OpenStack Cloud 8:ansible1-1.9.6-7.3.1.noarch", "SUSE OpenStack Cloud 8:ardana-ansible-8.0+git.1589740980.6c3bcdc-3.73.1.noarch", "SUSE OpenStack Cloud 8:ardana-cluster-8.0+git.1585685203.3e71e49-3.36.1.noarch", "SUSE OpenStack Cloud 8:ardana-freezer-8.0+git.1586539529.b7d295f-3.21.1.noarch", "SUSE OpenStack Cloud 8:ardana-input-model-8.0+git.1589740934.0e0ad61-3.39.1.noarch", "SUSE OpenStack Cloud 8:ardana-logging-8.0+git.1591194866.b7375d0-3.24.1.noarch", "SUSE OpenStack Cloud 8:ardana-mq-8.0+git.1589715269.62ad6df-3.22.1.noarch", "SUSE OpenStack Cloud 8:ardana-neutron-8.0+git.1590756744.ba84abc-3.42.1.noarch", "SUSE OpenStack Cloud 8:ardana-octavia-8.0+git.1590100427.cf4cc8f-3.29.1.noarch", "SUSE OpenStack Cloud 8:ardana-osconfig-8.0+git.1587034587.eac37b8-3.45.1.noarch", "SUSE OpenStack Cloud 8:caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-installation-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-operations-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-opsconsole-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-planning-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-security-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-supplement-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-upstream-admin-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-upstream-user-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-user-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:grafana-4.6.5-4.9.1.x86_64", "SUSE OpenStack Cloud 8:kibana-4.6.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:openstack-dashboard-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud 8:openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1.noarch", "SUSE OpenStack Cloud 8:openstack-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-keystone-doc-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud 8:openstack-monasca-installer-20190923_16.32-3.12.1.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-dhcp-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-doc-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-ha-tool-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-l3-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-macvtap-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-metadata-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-metering-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-server-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-octavia-amphora-image-x86_64-0.1.4-3.12.2.noarch", "SUSE OpenStack Cloud 8:python-Django-1.11.23-3.15.1.noarch", "SUSE OpenStack Cloud 8:python-Flask-0.12.1-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-GitPython-2.1.8-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-Pillow-4.2.1-3.5.1.x86_64", "SUSE OpenStack Cloud 8:python-amqp-2.4.2-3.12.1.noarch", "SUSE OpenStack Cloud 8:python-apicapi-1.6.0-3.6.1.noarch", "SUSE OpenStack Cloud 8:python-horizon-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud 8:python-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud 8:python-keystoneauth1-3.1.2~dev2-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud 8:python-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:python-oslo.messaging-5.30.8-3.11.1.noarch", "SUSE OpenStack Cloud 8:python-psutil-5.2.2-3.3.1.x86_64", "SUSE OpenStack Cloud 8:python-pyroute2-0.4.21-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-pysaml2-4.0.2-5.6.1.noarch", "SUSE OpenStack Cloud 8:python-tooz-1.58.1-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud 8:storm-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:storm-nimbus-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:storm-supervisor-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:venv-openstack-aodh-x86_64-5.1.1~dev7-12.26.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-barbican-x86_64-5.0.2~dev3-12.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-ceilometer-x86_64-9.0.8~dev7-12.24.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-cinder-x86_64-11.2.3~dev23-14.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-designate-x86_64-5.0.3~dev7-12.25.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-freezer-x86_64-5.0.0.0~xrc2~dev2-10.22.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-glance-x86_64-15.0.3~dev3-12.25.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-heat-x86_64-9.0.8~dev22-12.27.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-horizon-x86_64-12.0.5~dev3-14.30.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-ironic-x86_64-9.1.8~dev8-12.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-keystone-x86_64-12.0.4~dev11-11.28.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-magnum-x86_64-5.0.2_5.0.2_5.0.2~dev31-11.26.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-manila-x86_64-5.1.1~dev5-12.31.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-monasca-ceilometer-x86_64-1.5.1_1.5.1_1.5.1~dev3-8.22.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-monasca-x86_64-2.2.2~dev1-11.22.3.noarch", "SUSE OpenStack Cloud 8:venv-openstack-murano-x86_64-4.0.2~dev2-12.22.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-neutron-x86_64-11.0.9~dev65-13.30.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-nova-x86_64-16.1.9~dev61-11.28.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-octavia-x86_64-1.0.6~dev3-12.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-sahara-x86_64-7.0.5~dev4-11.26.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-swift-x86_64-2.15.2_2.15.2_2.15.2~dev32-11.18.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-trove-x86_64-8.0.2~dev2-11.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:ansible-2.4.6.0-3.9.1.noarch", "SUSE OpenStack Cloud Crowbar 8:caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1.noarch", "SUSE OpenStack Cloud Crowbar 8:crowbar-core-5.0+git.1593156248.55bbdb26d-3.41.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:crowbar-core-branding-upstream-5.0+git.1593156248.55bbdb26d-3.41.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:crowbar-openstack-5.0+git.1593085772.64c4ab43c-4.40.2.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-deployment-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-supplement-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-upstream-admin-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-upstream-user-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:grafana-4.6.5-4.9.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kibana-4.6.3-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:openstack-dashboard-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-keystone-doc-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-monasca-installer-20190923_16.32-3.12.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-dhcp-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-doc-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-ha-tool-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-l3-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-macvtap-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-metadata-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-metering-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-server-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-octavia-amphora-image-x86_64-0.1.4-3.12.2.noarch", "SUSE OpenStack Cloud Crowbar 8:python-Django-1.11.23-3.15.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-Flask-0.12.1-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-Pillow-4.2.1-3.5.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:python-amqp-2.4.2-3.12.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-apicapi-1.6.0-3.6.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-horizon-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:python-keystoneauth1-3.1.2~dev2-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:python-oslo.messaging-5.30.8-3.11.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-psutil-5.2.2-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:python-pyroute2-0.4.21-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-pysaml2-4.0.2-5.6.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-tooz-1.58.1-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-crowbar-client-3.9.2-3.12.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-puma-2.16.0-3.9.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:storm-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:storm-nimbus-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:storm-supervisor-1.1.3-3.3.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "HPE Helion OpenStack 8:ansible-2.4.6.0-3.9.1.noarch", "HPE Helion OpenStack 8:ansible1-1.9.6-7.3.1.noarch", "HPE Helion OpenStack 8:ardana-ansible-8.0+git.1589740980.6c3bcdc-3.73.1.noarch", "HPE Helion OpenStack 8:ardana-cluster-8.0+git.1585685203.3e71e49-3.36.1.noarch", "HPE Helion OpenStack 8:ardana-freezer-8.0+git.1586539529.b7d295f-3.21.1.noarch", "HPE Helion OpenStack 8:ardana-input-model-8.0+git.1589740934.0e0ad61-3.39.1.noarch", "HPE Helion OpenStack 8:ardana-logging-8.0+git.1591194866.b7375d0-3.24.1.noarch", "HPE Helion OpenStack 8:ardana-mq-8.0+git.1589715269.62ad6df-3.22.1.noarch", "HPE Helion OpenStack 8:ardana-neutron-8.0+git.1590756744.ba84abc-3.42.1.noarch", "HPE Helion OpenStack 8:ardana-octavia-8.0+git.1590100427.cf4cc8f-3.29.1.noarch", "HPE Helion OpenStack 8:ardana-osconfig-8.0+git.1587034587.eac37b8-3.45.1.noarch", "HPE Helion OpenStack 8:caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-installation-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-operations-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-opsconsole-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-planning-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-security-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-user-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:grafana-4.6.5-4.9.1.x86_64", "HPE Helion OpenStack 8:kibana-4.6.3-3.3.1.x86_64", "HPE Helion OpenStack 8:openstack-dashboard-12.0.5~dev3-3.26.1.noarch", "HPE Helion OpenStack 8:openstack-dashboard-theme-HPE-8+git.1523473653.6599ec8-3.3.1.noarch", "HPE Helion OpenStack 8:openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1.noarch", "HPE Helion OpenStack 8:openstack-keystone-12.0.4~dev11-5.33.2.noarch", "HPE Helion OpenStack 8:openstack-keystone-doc-12.0.4~dev11-5.33.2.noarch", "HPE Helion OpenStack 8:openstack-monasca-agent-2.2.6~dev4-3.18.1.noarch", "HPE Helion OpenStack 8:openstack-monasca-installer-20190923_16.32-3.12.1.noarch", "HPE Helion OpenStack 8:openstack-neutron-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-dhcp-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-doc-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-ha-tool-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-l3-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-macvtap-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-metadata-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-metering-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-server-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-octavia-amphora-image-x86_64-0.1.4-3.12.2.noarch", "HPE Helion OpenStack 8:python-Django-1.11.23-3.15.1.noarch", "HPE Helion OpenStack 8:python-Flask-0.12.1-3.3.1.noarch", "HPE Helion OpenStack 8:python-GitPython-2.1.8-3.3.1.noarch", "HPE Helion OpenStack 8:python-Pillow-4.2.1-3.5.1.x86_64", "HPE Helion OpenStack 8:python-amqp-2.4.2-3.12.1.noarch", "HPE Helion OpenStack 8:python-apicapi-1.6.0-3.6.1.noarch", "HPE Helion OpenStack 8:python-horizon-12.0.5~dev3-3.26.1.noarch", "HPE Helion OpenStack 8:python-keystone-12.0.4~dev11-5.33.2.noarch", "HPE Helion OpenStack 8:python-keystoneauth1-3.1.2~dev2-3.3.1.noarch", "HPE Helion OpenStack 8:python-monasca-agent-2.2.6~dev4-3.18.1.noarch", "HPE Helion OpenStack 8:python-neutron-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:python-oslo.messaging-5.30.8-3.11.1.noarch", "HPE Helion OpenStack 8:python-psutil-5.2.2-3.3.1.x86_64", "HPE Helion OpenStack 8:python-pyroute2-0.4.21-3.3.1.noarch", "HPE Helion OpenStack 8:python-pysaml2-4.0.2-5.6.1.noarch", "HPE Helion OpenStack 8:python-tooz-1.58.1-3.3.1.noarch", "HPE Helion OpenStack 8:python-waitress-1.4.3-3.3.1.noarch", "HPE Helion OpenStack 8:storm-1.1.3-3.3.1.x86_64", "HPE Helion OpenStack 8:storm-nimbus-1.1.3-3.3.1.x86_64", "HPE Helion OpenStack 8:storm-supervisor-1.1.3-3.3.1.x86_64", "HPE Helion OpenStack 8:venv-openstack-aodh-x86_64-5.1.1~dev7-12.26.2.noarch", "HPE Helion OpenStack 8:venv-openstack-barbican-x86_64-5.0.2~dev3-12.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-ceilometer-x86_64-9.0.8~dev7-12.24.2.noarch", "HPE Helion OpenStack 8:venv-openstack-cinder-x86_64-11.2.3~dev23-14.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-designate-x86_64-5.0.3~dev7-12.25.2.noarch", "HPE Helion OpenStack 8:venv-openstack-freezer-x86_64-5.0.0.0~xrc2~dev2-10.22.1.noarch", "HPE Helion OpenStack 8:venv-openstack-glance-x86_64-15.0.3~dev3-12.25.1.noarch", "HPE Helion OpenStack 8:venv-openstack-heat-x86_64-9.0.8~dev22-12.27.1.noarch", "HPE Helion OpenStack 8:venv-openstack-horizon-hpe-x86_64-12.0.5~dev3-14.30.1.noarch", "HPE Helion OpenStack 8:venv-openstack-ironic-x86_64-9.1.8~dev8-12.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-keystone-x86_64-12.0.4~dev11-11.28.2.noarch", "HPE Helion OpenStack 8:venv-openstack-magnum-x86_64-5.0.2_5.0.2_5.0.2~dev31-11.26.2.noarch", "HPE Helion OpenStack 8:venv-openstack-manila-x86_64-5.1.1~dev5-12.31.2.noarch", "HPE Helion OpenStack 8:venv-openstack-monasca-ceilometer-x86_64-1.5.1_1.5.1_1.5.1~dev3-8.22.2.noarch", "HPE Helion OpenStack 8:venv-openstack-monasca-x86_64-2.2.2~dev1-11.22.3.noarch", "HPE Helion OpenStack 8:venv-openstack-murano-x86_64-4.0.2~dev2-12.22.1.noarch", "HPE Helion OpenStack 8:venv-openstack-neutron-x86_64-11.0.9~dev65-13.30.2.noarch", "HPE Helion OpenStack 8:venv-openstack-nova-x86_64-16.1.9~dev61-11.28.2.noarch", "HPE Helion OpenStack 8:venv-openstack-octavia-x86_64-1.0.6~dev3-12.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-sahara-x86_64-7.0.5~dev4-11.26.2.noarch", "HPE Helion OpenStack 8:venv-openstack-swift-x86_64-2.15.2_2.15.2_2.15.2~dev32-11.18.1.noarch", "HPE Helion OpenStack 8:venv-openstack-trove-x86_64-8.0.2~dev2-11.26.1.noarch", "SUSE OpenStack Cloud 8:ansible-2.4.6.0-3.9.1.noarch", "SUSE OpenStack Cloud 8:ansible1-1.9.6-7.3.1.noarch", "SUSE OpenStack Cloud 8:ardana-ansible-8.0+git.1589740980.6c3bcdc-3.73.1.noarch", "SUSE OpenStack Cloud 8:ardana-cluster-8.0+git.1585685203.3e71e49-3.36.1.noarch", "SUSE OpenStack Cloud 8:ardana-freezer-8.0+git.1586539529.b7d295f-3.21.1.noarch", "SUSE OpenStack Cloud 8:ardana-input-model-8.0+git.1589740934.0e0ad61-3.39.1.noarch", "SUSE OpenStack Cloud 8:ardana-logging-8.0+git.1591194866.b7375d0-3.24.1.noarch", "SUSE OpenStack Cloud 8:ardana-mq-8.0+git.1589715269.62ad6df-3.22.1.noarch", "SUSE OpenStack Cloud 8:ardana-neutron-8.0+git.1590756744.ba84abc-3.42.1.noarch", "SUSE OpenStack Cloud 8:ardana-octavia-8.0+git.1590100427.cf4cc8f-3.29.1.noarch", "SUSE OpenStack Cloud 8:ardana-osconfig-8.0+git.1587034587.eac37b8-3.45.1.noarch", "SUSE OpenStack Cloud 8:caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-installation-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-operations-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-opsconsole-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-planning-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-security-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-supplement-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-upstream-admin-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-upstream-user-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-user-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:grafana-4.6.5-4.9.1.x86_64", "SUSE OpenStack Cloud 8:kibana-4.6.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:openstack-dashboard-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud 8:openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1.noarch", "SUSE OpenStack Cloud 8:openstack-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-keystone-doc-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud 8:openstack-monasca-installer-20190923_16.32-3.12.1.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-dhcp-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-doc-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-ha-tool-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-l3-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-macvtap-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-metadata-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-metering-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-server-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-octavia-amphora-image-x86_64-0.1.4-3.12.2.noarch", "SUSE OpenStack Cloud 8:python-Django-1.11.23-3.15.1.noarch", "SUSE OpenStack Cloud 8:python-Flask-0.12.1-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-GitPython-2.1.8-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-Pillow-4.2.1-3.5.1.x86_64", "SUSE OpenStack Cloud 8:python-amqp-2.4.2-3.12.1.noarch", "SUSE OpenStack Cloud 8:python-apicapi-1.6.0-3.6.1.noarch", "SUSE OpenStack Cloud 8:python-horizon-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud 8:python-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud 8:python-keystoneauth1-3.1.2~dev2-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud 8:python-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:python-oslo.messaging-5.30.8-3.11.1.noarch", "SUSE OpenStack Cloud 8:python-psutil-5.2.2-3.3.1.x86_64", "SUSE OpenStack Cloud 8:python-pyroute2-0.4.21-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-pysaml2-4.0.2-5.6.1.noarch", "SUSE OpenStack Cloud 8:python-tooz-1.58.1-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud 8:storm-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:storm-nimbus-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:storm-supervisor-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:venv-openstack-aodh-x86_64-5.1.1~dev7-12.26.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-barbican-x86_64-5.0.2~dev3-12.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-ceilometer-x86_64-9.0.8~dev7-12.24.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-cinder-x86_64-11.2.3~dev23-14.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-designate-x86_64-5.0.3~dev7-12.25.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-freezer-x86_64-5.0.0.0~xrc2~dev2-10.22.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-glance-x86_64-15.0.3~dev3-12.25.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-heat-x86_64-9.0.8~dev22-12.27.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-horizon-x86_64-12.0.5~dev3-14.30.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-ironic-x86_64-9.1.8~dev8-12.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-keystone-x86_64-12.0.4~dev11-11.28.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-magnum-x86_64-5.0.2_5.0.2_5.0.2~dev31-11.26.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-manila-x86_64-5.1.1~dev5-12.31.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-monasca-ceilometer-x86_64-1.5.1_1.5.1_1.5.1~dev3-8.22.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-monasca-x86_64-2.2.2~dev1-11.22.3.noarch", "SUSE OpenStack Cloud 8:venv-openstack-murano-x86_64-4.0.2~dev2-12.22.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-neutron-x86_64-11.0.9~dev65-13.30.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-nova-x86_64-16.1.9~dev61-11.28.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-octavia-x86_64-1.0.6~dev3-12.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-sahara-x86_64-7.0.5~dev4-11.26.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-swift-x86_64-2.15.2_2.15.2_2.15.2~dev32-11.18.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-trove-x86_64-8.0.2~dev2-11.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:ansible-2.4.6.0-3.9.1.noarch", "SUSE OpenStack Cloud Crowbar 8:caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1.noarch", "SUSE OpenStack Cloud Crowbar 8:crowbar-core-5.0+git.1593156248.55bbdb26d-3.41.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:crowbar-core-branding-upstream-5.0+git.1593156248.55bbdb26d-3.41.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:crowbar-openstack-5.0+git.1593085772.64c4ab43c-4.40.2.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-deployment-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-supplement-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-upstream-admin-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-upstream-user-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:grafana-4.6.5-4.9.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kibana-4.6.3-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:openstack-dashboard-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-keystone-doc-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-monasca-installer-20190923_16.32-3.12.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-dhcp-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-doc-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-ha-tool-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-l3-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-macvtap-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-metadata-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-metering-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-server-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-octavia-amphora-image-x86_64-0.1.4-3.12.2.noarch", "SUSE OpenStack Cloud Crowbar 8:python-Django-1.11.23-3.15.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-Flask-0.12.1-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-Pillow-4.2.1-3.5.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:python-amqp-2.4.2-3.12.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-apicapi-1.6.0-3.6.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-horizon-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:python-keystoneauth1-3.1.2~dev2-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:python-oslo.messaging-5.30.8-3.11.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-psutil-5.2.2-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:python-pyroute2-0.4.21-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-pysaml2-4.0.2-5.6.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-tooz-1.58.1-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-crowbar-client-3.9.2-3.12.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-puma-2.16.0-3.9.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:storm-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:storm-nimbus-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:storm-supervisor-1.1.3-3.3.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2020-07-14T12:42:01Z", details: "important", }, ], title: "CVE-2020-5312", }, { cve: "CVE-2020-5313", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-5313", }, ], notes: [ { category: "general", text: "libImaging/FliDecode.c in Pillow before 6.2.2 has an FLI buffer overflow.", title: "CVE description", }, ], product_status: { recommended: [ "HPE Helion OpenStack 8:ansible-2.4.6.0-3.9.1.noarch", "HPE Helion OpenStack 8:ansible1-1.9.6-7.3.1.noarch", "HPE Helion OpenStack 8:ardana-ansible-8.0+git.1589740980.6c3bcdc-3.73.1.noarch", "HPE Helion OpenStack 8:ardana-cluster-8.0+git.1585685203.3e71e49-3.36.1.noarch", "HPE Helion OpenStack 8:ardana-freezer-8.0+git.1586539529.b7d295f-3.21.1.noarch", "HPE Helion OpenStack 8:ardana-input-model-8.0+git.1589740934.0e0ad61-3.39.1.noarch", "HPE Helion OpenStack 8:ardana-logging-8.0+git.1591194866.b7375d0-3.24.1.noarch", "HPE Helion OpenStack 8:ardana-mq-8.0+git.1589715269.62ad6df-3.22.1.noarch", "HPE Helion OpenStack 8:ardana-neutron-8.0+git.1590756744.ba84abc-3.42.1.noarch", "HPE Helion OpenStack 8:ardana-octavia-8.0+git.1590100427.cf4cc8f-3.29.1.noarch", "HPE Helion OpenStack 8:ardana-osconfig-8.0+git.1587034587.eac37b8-3.45.1.noarch", "HPE Helion OpenStack 8:caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-installation-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-operations-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-opsconsole-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-planning-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-security-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-user-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:grafana-4.6.5-4.9.1.x86_64", "HPE Helion OpenStack 8:kibana-4.6.3-3.3.1.x86_64", "HPE Helion OpenStack 8:openstack-dashboard-12.0.5~dev3-3.26.1.noarch", "HPE Helion OpenStack 8:openstack-dashboard-theme-HPE-8+git.1523473653.6599ec8-3.3.1.noarch", "HPE Helion OpenStack 8:openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1.noarch", "HPE Helion OpenStack 8:openstack-keystone-12.0.4~dev11-5.33.2.noarch", "HPE Helion OpenStack 8:openstack-keystone-doc-12.0.4~dev11-5.33.2.noarch", "HPE Helion OpenStack 8:openstack-monasca-agent-2.2.6~dev4-3.18.1.noarch", "HPE Helion OpenStack 8:openstack-monasca-installer-20190923_16.32-3.12.1.noarch", "HPE Helion OpenStack 8:openstack-neutron-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-dhcp-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-doc-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-ha-tool-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-l3-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-macvtap-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-metadata-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-metering-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-server-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-octavia-amphora-image-x86_64-0.1.4-3.12.2.noarch", "HPE Helion OpenStack 8:python-Django-1.11.23-3.15.1.noarch", "HPE Helion OpenStack 8:python-Flask-0.12.1-3.3.1.noarch", "HPE Helion OpenStack 8:python-GitPython-2.1.8-3.3.1.noarch", "HPE Helion OpenStack 8:python-Pillow-4.2.1-3.5.1.x86_64", "HPE Helion OpenStack 8:python-amqp-2.4.2-3.12.1.noarch", "HPE Helion OpenStack 8:python-apicapi-1.6.0-3.6.1.noarch", "HPE Helion OpenStack 8:python-horizon-12.0.5~dev3-3.26.1.noarch", "HPE Helion OpenStack 8:python-keystone-12.0.4~dev11-5.33.2.noarch", "HPE Helion OpenStack 8:python-keystoneauth1-3.1.2~dev2-3.3.1.noarch", "HPE Helion OpenStack 8:python-monasca-agent-2.2.6~dev4-3.18.1.noarch", "HPE Helion OpenStack 8:python-neutron-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:python-oslo.messaging-5.30.8-3.11.1.noarch", "HPE Helion OpenStack 8:python-psutil-5.2.2-3.3.1.x86_64", "HPE Helion OpenStack 8:python-pyroute2-0.4.21-3.3.1.noarch", "HPE Helion OpenStack 8:python-pysaml2-4.0.2-5.6.1.noarch", "HPE Helion OpenStack 8:python-tooz-1.58.1-3.3.1.noarch", "HPE Helion OpenStack 8:python-waitress-1.4.3-3.3.1.noarch", "HPE Helion OpenStack 8:storm-1.1.3-3.3.1.x86_64", "HPE Helion OpenStack 8:storm-nimbus-1.1.3-3.3.1.x86_64", "HPE Helion OpenStack 8:storm-supervisor-1.1.3-3.3.1.x86_64", "HPE Helion OpenStack 8:venv-openstack-aodh-x86_64-5.1.1~dev7-12.26.2.noarch", "HPE Helion OpenStack 8:venv-openstack-barbican-x86_64-5.0.2~dev3-12.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-ceilometer-x86_64-9.0.8~dev7-12.24.2.noarch", "HPE Helion OpenStack 8:venv-openstack-cinder-x86_64-11.2.3~dev23-14.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-designate-x86_64-5.0.3~dev7-12.25.2.noarch", "HPE Helion OpenStack 8:venv-openstack-freezer-x86_64-5.0.0.0~xrc2~dev2-10.22.1.noarch", "HPE Helion OpenStack 8:venv-openstack-glance-x86_64-15.0.3~dev3-12.25.1.noarch", "HPE Helion OpenStack 8:venv-openstack-heat-x86_64-9.0.8~dev22-12.27.1.noarch", "HPE Helion OpenStack 8:venv-openstack-horizon-hpe-x86_64-12.0.5~dev3-14.30.1.noarch", "HPE Helion OpenStack 8:venv-openstack-ironic-x86_64-9.1.8~dev8-12.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-keystone-x86_64-12.0.4~dev11-11.28.2.noarch", "HPE Helion OpenStack 8:venv-openstack-magnum-x86_64-5.0.2_5.0.2_5.0.2~dev31-11.26.2.noarch", "HPE Helion OpenStack 8:venv-openstack-manila-x86_64-5.1.1~dev5-12.31.2.noarch", "HPE Helion OpenStack 8:venv-openstack-monasca-ceilometer-x86_64-1.5.1_1.5.1_1.5.1~dev3-8.22.2.noarch", "HPE Helion OpenStack 8:venv-openstack-monasca-x86_64-2.2.2~dev1-11.22.3.noarch", "HPE Helion OpenStack 8:venv-openstack-murano-x86_64-4.0.2~dev2-12.22.1.noarch", "HPE Helion OpenStack 8:venv-openstack-neutron-x86_64-11.0.9~dev65-13.30.2.noarch", "HPE Helion OpenStack 8:venv-openstack-nova-x86_64-16.1.9~dev61-11.28.2.noarch", "HPE Helion OpenStack 8:venv-openstack-octavia-x86_64-1.0.6~dev3-12.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-sahara-x86_64-7.0.5~dev4-11.26.2.noarch", "HPE Helion OpenStack 8:venv-openstack-swift-x86_64-2.15.2_2.15.2_2.15.2~dev32-11.18.1.noarch", "HPE Helion OpenStack 8:venv-openstack-trove-x86_64-8.0.2~dev2-11.26.1.noarch", "SUSE OpenStack Cloud 8:ansible-2.4.6.0-3.9.1.noarch", "SUSE OpenStack Cloud 8:ansible1-1.9.6-7.3.1.noarch", "SUSE OpenStack Cloud 8:ardana-ansible-8.0+git.1589740980.6c3bcdc-3.73.1.noarch", "SUSE OpenStack Cloud 8:ardana-cluster-8.0+git.1585685203.3e71e49-3.36.1.noarch", "SUSE OpenStack Cloud 8:ardana-freezer-8.0+git.1586539529.b7d295f-3.21.1.noarch", "SUSE OpenStack Cloud 8:ardana-input-model-8.0+git.1589740934.0e0ad61-3.39.1.noarch", "SUSE OpenStack Cloud 8:ardana-logging-8.0+git.1591194866.b7375d0-3.24.1.noarch", "SUSE OpenStack Cloud 8:ardana-mq-8.0+git.1589715269.62ad6df-3.22.1.noarch", "SUSE OpenStack Cloud 8:ardana-neutron-8.0+git.1590756744.ba84abc-3.42.1.noarch", "SUSE OpenStack Cloud 8:ardana-octavia-8.0+git.1590100427.cf4cc8f-3.29.1.noarch", "SUSE OpenStack Cloud 8:ardana-osconfig-8.0+git.1587034587.eac37b8-3.45.1.noarch", "SUSE OpenStack Cloud 8:caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-installation-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-operations-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-opsconsole-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-planning-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-security-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-supplement-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-upstream-admin-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-upstream-user-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-user-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:grafana-4.6.5-4.9.1.x86_64", "SUSE OpenStack Cloud 8:kibana-4.6.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:openstack-dashboard-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud 8:openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1.noarch", "SUSE OpenStack Cloud 8:openstack-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-keystone-doc-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud 8:openstack-monasca-installer-20190923_16.32-3.12.1.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-dhcp-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-doc-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-ha-tool-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-l3-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-macvtap-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-metadata-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-metering-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-server-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-octavia-amphora-image-x86_64-0.1.4-3.12.2.noarch", "SUSE OpenStack Cloud 8:python-Django-1.11.23-3.15.1.noarch", "SUSE OpenStack Cloud 8:python-Flask-0.12.1-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-GitPython-2.1.8-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-Pillow-4.2.1-3.5.1.x86_64", "SUSE OpenStack Cloud 8:python-amqp-2.4.2-3.12.1.noarch", "SUSE OpenStack Cloud 8:python-apicapi-1.6.0-3.6.1.noarch", "SUSE OpenStack Cloud 8:python-horizon-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud 8:python-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud 8:python-keystoneauth1-3.1.2~dev2-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud 8:python-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:python-oslo.messaging-5.30.8-3.11.1.noarch", "SUSE OpenStack Cloud 8:python-psutil-5.2.2-3.3.1.x86_64", "SUSE OpenStack Cloud 8:python-pyroute2-0.4.21-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-pysaml2-4.0.2-5.6.1.noarch", "SUSE OpenStack Cloud 8:python-tooz-1.58.1-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud 8:storm-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:storm-nimbus-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:storm-supervisor-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:venv-openstack-aodh-x86_64-5.1.1~dev7-12.26.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-barbican-x86_64-5.0.2~dev3-12.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-ceilometer-x86_64-9.0.8~dev7-12.24.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-cinder-x86_64-11.2.3~dev23-14.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-designate-x86_64-5.0.3~dev7-12.25.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-freezer-x86_64-5.0.0.0~xrc2~dev2-10.22.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-glance-x86_64-15.0.3~dev3-12.25.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-heat-x86_64-9.0.8~dev22-12.27.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-horizon-x86_64-12.0.5~dev3-14.30.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-ironic-x86_64-9.1.8~dev8-12.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-keystone-x86_64-12.0.4~dev11-11.28.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-magnum-x86_64-5.0.2_5.0.2_5.0.2~dev31-11.26.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-manila-x86_64-5.1.1~dev5-12.31.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-monasca-ceilometer-x86_64-1.5.1_1.5.1_1.5.1~dev3-8.22.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-monasca-x86_64-2.2.2~dev1-11.22.3.noarch", "SUSE OpenStack Cloud 8:venv-openstack-murano-x86_64-4.0.2~dev2-12.22.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-neutron-x86_64-11.0.9~dev65-13.30.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-nova-x86_64-16.1.9~dev61-11.28.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-octavia-x86_64-1.0.6~dev3-12.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-sahara-x86_64-7.0.5~dev4-11.26.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-swift-x86_64-2.15.2_2.15.2_2.15.2~dev32-11.18.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-trove-x86_64-8.0.2~dev2-11.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:ansible-2.4.6.0-3.9.1.noarch", "SUSE OpenStack Cloud Crowbar 8:caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1.noarch", "SUSE OpenStack Cloud Crowbar 8:crowbar-core-5.0+git.1593156248.55bbdb26d-3.41.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:crowbar-core-branding-upstream-5.0+git.1593156248.55bbdb26d-3.41.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:crowbar-openstack-5.0+git.1593085772.64c4ab43c-4.40.2.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-deployment-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-supplement-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-upstream-admin-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-upstream-user-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:grafana-4.6.5-4.9.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kibana-4.6.3-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:openstack-dashboard-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-keystone-doc-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-monasca-installer-20190923_16.32-3.12.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-dhcp-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-doc-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-ha-tool-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-l3-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-macvtap-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-metadata-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-metering-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-server-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-octavia-amphora-image-x86_64-0.1.4-3.12.2.noarch", "SUSE OpenStack Cloud Crowbar 8:python-Django-1.11.23-3.15.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-Flask-0.12.1-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-Pillow-4.2.1-3.5.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:python-amqp-2.4.2-3.12.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-apicapi-1.6.0-3.6.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-horizon-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:python-keystoneauth1-3.1.2~dev2-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:python-oslo.messaging-5.30.8-3.11.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-psutil-5.2.2-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:python-pyroute2-0.4.21-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-pysaml2-4.0.2-5.6.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-tooz-1.58.1-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-crowbar-client-3.9.2-3.12.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-puma-2.16.0-3.9.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:storm-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:storm-nimbus-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:storm-supervisor-1.1.3-3.3.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-5313", url: "https://www.suse.com/security/cve/CVE-2020-5313", }, { category: "external", summary: "SUSE Bug 1160153 for CVE-2020-5313", url: "https://bugzilla.suse.com/1160153", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "HPE Helion OpenStack 8:ansible-2.4.6.0-3.9.1.noarch", "HPE Helion OpenStack 8:ansible1-1.9.6-7.3.1.noarch", "HPE Helion OpenStack 8:ardana-ansible-8.0+git.1589740980.6c3bcdc-3.73.1.noarch", "HPE Helion OpenStack 8:ardana-cluster-8.0+git.1585685203.3e71e49-3.36.1.noarch", "HPE Helion OpenStack 8:ardana-freezer-8.0+git.1586539529.b7d295f-3.21.1.noarch", "HPE Helion OpenStack 8:ardana-input-model-8.0+git.1589740934.0e0ad61-3.39.1.noarch", "HPE Helion OpenStack 8:ardana-logging-8.0+git.1591194866.b7375d0-3.24.1.noarch", "HPE Helion OpenStack 8:ardana-mq-8.0+git.1589715269.62ad6df-3.22.1.noarch", "HPE Helion OpenStack 8:ardana-neutron-8.0+git.1590756744.ba84abc-3.42.1.noarch", "HPE Helion OpenStack 8:ardana-octavia-8.0+git.1590100427.cf4cc8f-3.29.1.noarch", "HPE Helion OpenStack 8:ardana-osconfig-8.0+git.1587034587.eac37b8-3.45.1.noarch", "HPE Helion OpenStack 8:caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-installation-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-operations-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-opsconsole-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-planning-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-security-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-user-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:grafana-4.6.5-4.9.1.x86_64", "HPE Helion OpenStack 8:kibana-4.6.3-3.3.1.x86_64", "HPE Helion OpenStack 8:openstack-dashboard-12.0.5~dev3-3.26.1.noarch", "HPE Helion OpenStack 8:openstack-dashboard-theme-HPE-8+git.1523473653.6599ec8-3.3.1.noarch", "HPE Helion OpenStack 8:openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1.noarch", "HPE Helion OpenStack 8:openstack-keystone-12.0.4~dev11-5.33.2.noarch", "HPE Helion OpenStack 8:openstack-keystone-doc-12.0.4~dev11-5.33.2.noarch", "HPE Helion OpenStack 8:openstack-monasca-agent-2.2.6~dev4-3.18.1.noarch", "HPE Helion OpenStack 8:openstack-monasca-installer-20190923_16.32-3.12.1.noarch", "HPE Helion OpenStack 8:openstack-neutron-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-dhcp-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-doc-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-ha-tool-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-l3-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-macvtap-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-metadata-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-metering-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-server-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-octavia-amphora-image-x86_64-0.1.4-3.12.2.noarch", "HPE Helion OpenStack 8:python-Django-1.11.23-3.15.1.noarch", "HPE Helion OpenStack 8:python-Flask-0.12.1-3.3.1.noarch", "HPE Helion OpenStack 8:python-GitPython-2.1.8-3.3.1.noarch", "HPE Helion OpenStack 8:python-Pillow-4.2.1-3.5.1.x86_64", "HPE Helion OpenStack 8:python-amqp-2.4.2-3.12.1.noarch", "HPE Helion OpenStack 8:python-apicapi-1.6.0-3.6.1.noarch", "HPE Helion OpenStack 8:python-horizon-12.0.5~dev3-3.26.1.noarch", "HPE Helion OpenStack 8:python-keystone-12.0.4~dev11-5.33.2.noarch", "HPE Helion OpenStack 8:python-keystoneauth1-3.1.2~dev2-3.3.1.noarch", "HPE Helion OpenStack 8:python-monasca-agent-2.2.6~dev4-3.18.1.noarch", "HPE Helion OpenStack 8:python-neutron-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:python-oslo.messaging-5.30.8-3.11.1.noarch", "HPE Helion OpenStack 8:python-psutil-5.2.2-3.3.1.x86_64", "HPE Helion OpenStack 8:python-pyroute2-0.4.21-3.3.1.noarch", "HPE Helion OpenStack 8:python-pysaml2-4.0.2-5.6.1.noarch", "HPE Helion OpenStack 8:python-tooz-1.58.1-3.3.1.noarch", "HPE Helion OpenStack 8:python-waitress-1.4.3-3.3.1.noarch", "HPE Helion OpenStack 8:storm-1.1.3-3.3.1.x86_64", "HPE Helion OpenStack 8:storm-nimbus-1.1.3-3.3.1.x86_64", "HPE Helion OpenStack 8:storm-supervisor-1.1.3-3.3.1.x86_64", "HPE Helion OpenStack 8:venv-openstack-aodh-x86_64-5.1.1~dev7-12.26.2.noarch", "HPE Helion OpenStack 8:venv-openstack-barbican-x86_64-5.0.2~dev3-12.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-ceilometer-x86_64-9.0.8~dev7-12.24.2.noarch", "HPE Helion OpenStack 8:venv-openstack-cinder-x86_64-11.2.3~dev23-14.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-designate-x86_64-5.0.3~dev7-12.25.2.noarch", "HPE Helion OpenStack 8:venv-openstack-freezer-x86_64-5.0.0.0~xrc2~dev2-10.22.1.noarch", "HPE Helion OpenStack 8:venv-openstack-glance-x86_64-15.0.3~dev3-12.25.1.noarch", "HPE Helion OpenStack 8:venv-openstack-heat-x86_64-9.0.8~dev22-12.27.1.noarch", "HPE Helion OpenStack 8:venv-openstack-horizon-hpe-x86_64-12.0.5~dev3-14.30.1.noarch", "HPE Helion OpenStack 8:venv-openstack-ironic-x86_64-9.1.8~dev8-12.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-keystone-x86_64-12.0.4~dev11-11.28.2.noarch", "HPE Helion OpenStack 8:venv-openstack-magnum-x86_64-5.0.2_5.0.2_5.0.2~dev31-11.26.2.noarch", "HPE Helion OpenStack 8:venv-openstack-manila-x86_64-5.1.1~dev5-12.31.2.noarch", "HPE Helion OpenStack 8:venv-openstack-monasca-ceilometer-x86_64-1.5.1_1.5.1_1.5.1~dev3-8.22.2.noarch", "HPE Helion OpenStack 8:venv-openstack-monasca-x86_64-2.2.2~dev1-11.22.3.noarch", "HPE Helion OpenStack 8:venv-openstack-murano-x86_64-4.0.2~dev2-12.22.1.noarch", "HPE Helion OpenStack 8:venv-openstack-neutron-x86_64-11.0.9~dev65-13.30.2.noarch", "HPE Helion OpenStack 8:venv-openstack-nova-x86_64-16.1.9~dev61-11.28.2.noarch", "HPE Helion OpenStack 8:venv-openstack-octavia-x86_64-1.0.6~dev3-12.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-sahara-x86_64-7.0.5~dev4-11.26.2.noarch", "HPE Helion OpenStack 8:venv-openstack-swift-x86_64-2.15.2_2.15.2_2.15.2~dev32-11.18.1.noarch", "HPE Helion OpenStack 8:venv-openstack-trove-x86_64-8.0.2~dev2-11.26.1.noarch", "SUSE OpenStack Cloud 8:ansible-2.4.6.0-3.9.1.noarch", "SUSE OpenStack Cloud 8:ansible1-1.9.6-7.3.1.noarch", "SUSE OpenStack Cloud 8:ardana-ansible-8.0+git.1589740980.6c3bcdc-3.73.1.noarch", "SUSE OpenStack Cloud 8:ardana-cluster-8.0+git.1585685203.3e71e49-3.36.1.noarch", "SUSE OpenStack Cloud 8:ardana-freezer-8.0+git.1586539529.b7d295f-3.21.1.noarch", "SUSE OpenStack Cloud 8:ardana-input-model-8.0+git.1589740934.0e0ad61-3.39.1.noarch", "SUSE OpenStack Cloud 8:ardana-logging-8.0+git.1591194866.b7375d0-3.24.1.noarch", "SUSE OpenStack Cloud 8:ardana-mq-8.0+git.1589715269.62ad6df-3.22.1.noarch", "SUSE OpenStack Cloud 8:ardana-neutron-8.0+git.1590756744.ba84abc-3.42.1.noarch", "SUSE OpenStack Cloud 8:ardana-octavia-8.0+git.1590100427.cf4cc8f-3.29.1.noarch", "SUSE OpenStack Cloud 8:ardana-osconfig-8.0+git.1587034587.eac37b8-3.45.1.noarch", "SUSE OpenStack Cloud 8:caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-installation-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-operations-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-opsconsole-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-planning-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-security-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-supplement-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-upstream-admin-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-upstream-user-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-user-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:grafana-4.6.5-4.9.1.x86_64", "SUSE OpenStack Cloud 8:kibana-4.6.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:openstack-dashboard-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud 8:openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1.noarch", "SUSE OpenStack Cloud 8:openstack-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-keystone-doc-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud 8:openstack-monasca-installer-20190923_16.32-3.12.1.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-dhcp-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-doc-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-ha-tool-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-l3-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-macvtap-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-metadata-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-metering-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-server-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-octavia-amphora-image-x86_64-0.1.4-3.12.2.noarch", "SUSE OpenStack Cloud 8:python-Django-1.11.23-3.15.1.noarch", "SUSE OpenStack Cloud 8:python-Flask-0.12.1-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-GitPython-2.1.8-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-Pillow-4.2.1-3.5.1.x86_64", "SUSE OpenStack Cloud 8:python-amqp-2.4.2-3.12.1.noarch", "SUSE OpenStack Cloud 8:python-apicapi-1.6.0-3.6.1.noarch", "SUSE OpenStack Cloud 8:python-horizon-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud 8:python-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud 8:python-keystoneauth1-3.1.2~dev2-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud 8:python-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:python-oslo.messaging-5.30.8-3.11.1.noarch", "SUSE OpenStack Cloud 8:python-psutil-5.2.2-3.3.1.x86_64", "SUSE OpenStack Cloud 8:python-pyroute2-0.4.21-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-pysaml2-4.0.2-5.6.1.noarch", "SUSE OpenStack Cloud 8:python-tooz-1.58.1-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud 8:storm-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:storm-nimbus-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:storm-supervisor-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:venv-openstack-aodh-x86_64-5.1.1~dev7-12.26.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-barbican-x86_64-5.0.2~dev3-12.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-ceilometer-x86_64-9.0.8~dev7-12.24.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-cinder-x86_64-11.2.3~dev23-14.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-designate-x86_64-5.0.3~dev7-12.25.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-freezer-x86_64-5.0.0.0~xrc2~dev2-10.22.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-glance-x86_64-15.0.3~dev3-12.25.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-heat-x86_64-9.0.8~dev22-12.27.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-horizon-x86_64-12.0.5~dev3-14.30.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-ironic-x86_64-9.1.8~dev8-12.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-keystone-x86_64-12.0.4~dev11-11.28.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-magnum-x86_64-5.0.2_5.0.2_5.0.2~dev31-11.26.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-manila-x86_64-5.1.1~dev5-12.31.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-monasca-ceilometer-x86_64-1.5.1_1.5.1_1.5.1~dev3-8.22.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-monasca-x86_64-2.2.2~dev1-11.22.3.noarch", "SUSE OpenStack Cloud 8:venv-openstack-murano-x86_64-4.0.2~dev2-12.22.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-neutron-x86_64-11.0.9~dev65-13.30.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-nova-x86_64-16.1.9~dev61-11.28.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-octavia-x86_64-1.0.6~dev3-12.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-sahara-x86_64-7.0.5~dev4-11.26.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-swift-x86_64-2.15.2_2.15.2_2.15.2~dev32-11.18.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-trove-x86_64-8.0.2~dev2-11.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:ansible-2.4.6.0-3.9.1.noarch", "SUSE OpenStack Cloud Crowbar 8:caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1.noarch", "SUSE OpenStack Cloud Crowbar 8:crowbar-core-5.0+git.1593156248.55bbdb26d-3.41.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:crowbar-core-branding-upstream-5.0+git.1593156248.55bbdb26d-3.41.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:crowbar-openstack-5.0+git.1593085772.64c4ab43c-4.40.2.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-deployment-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-supplement-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-upstream-admin-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-upstream-user-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:grafana-4.6.5-4.9.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kibana-4.6.3-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:openstack-dashboard-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-keystone-doc-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-monasca-installer-20190923_16.32-3.12.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-dhcp-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-doc-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-ha-tool-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-l3-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-macvtap-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-metadata-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-metering-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-server-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-octavia-amphora-image-x86_64-0.1.4-3.12.2.noarch", "SUSE OpenStack Cloud Crowbar 8:python-Django-1.11.23-3.15.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-Flask-0.12.1-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-Pillow-4.2.1-3.5.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:python-amqp-2.4.2-3.12.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-apicapi-1.6.0-3.6.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-horizon-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:python-keystoneauth1-3.1.2~dev2-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:python-oslo.messaging-5.30.8-3.11.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-psutil-5.2.2-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:python-pyroute2-0.4.21-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-pysaml2-4.0.2-5.6.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-tooz-1.58.1-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-crowbar-client-3.9.2-3.12.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-puma-2.16.0-3.9.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:storm-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:storm-nimbus-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:storm-supervisor-1.1.3-3.3.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "HPE Helion OpenStack 8:ansible-2.4.6.0-3.9.1.noarch", "HPE Helion OpenStack 8:ansible1-1.9.6-7.3.1.noarch", "HPE Helion OpenStack 8:ardana-ansible-8.0+git.1589740980.6c3bcdc-3.73.1.noarch", "HPE Helion OpenStack 8:ardana-cluster-8.0+git.1585685203.3e71e49-3.36.1.noarch", "HPE Helion OpenStack 8:ardana-freezer-8.0+git.1586539529.b7d295f-3.21.1.noarch", "HPE Helion OpenStack 8:ardana-input-model-8.0+git.1589740934.0e0ad61-3.39.1.noarch", "HPE Helion OpenStack 8:ardana-logging-8.0+git.1591194866.b7375d0-3.24.1.noarch", "HPE Helion OpenStack 8:ardana-mq-8.0+git.1589715269.62ad6df-3.22.1.noarch", "HPE Helion OpenStack 8:ardana-neutron-8.0+git.1590756744.ba84abc-3.42.1.noarch", "HPE Helion OpenStack 8:ardana-octavia-8.0+git.1590100427.cf4cc8f-3.29.1.noarch", "HPE Helion OpenStack 8:ardana-osconfig-8.0+git.1587034587.eac37b8-3.45.1.noarch", "HPE Helion OpenStack 8:caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-installation-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-operations-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-opsconsole-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-planning-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-security-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-user-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:grafana-4.6.5-4.9.1.x86_64", "HPE Helion OpenStack 8:kibana-4.6.3-3.3.1.x86_64", "HPE Helion OpenStack 8:openstack-dashboard-12.0.5~dev3-3.26.1.noarch", "HPE Helion OpenStack 8:openstack-dashboard-theme-HPE-8+git.1523473653.6599ec8-3.3.1.noarch", "HPE Helion OpenStack 8:openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1.noarch", "HPE Helion OpenStack 8:openstack-keystone-12.0.4~dev11-5.33.2.noarch", "HPE Helion OpenStack 8:openstack-keystone-doc-12.0.4~dev11-5.33.2.noarch", "HPE Helion OpenStack 8:openstack-monasca-agent-2.2.6~dev4-3.18.1.noarch", "HPE Helion OpenStack 8:openstack-monasca-installer-20190923_16.32-3.12.1.noarch", "HPE Helion OpenStack 8:openstack-neutron-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-dhcp-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-doc-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-ha-tool-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-l3-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-macvtap-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-metadata-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-metering-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-server-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-octavia-amphora-image-x86_64-0.1.4-3.12.2.noarch", "HPE Helion OpenStack 8:python-Django-1.11.23-3.15.1.noarch", "HPE Helion OpenStack 8:python-Flask-0.12.1-3.3.1.noarch", "HPE Helion OpenStack 8:python-GitPython-2.1.8-3.3.1.noarch", "HPE Helion OpenStack 8:python-Pillow-4.2.1-3.5.1.x86_64", "HPE Helion OpenStack 8:python-amqp-2.4.2-3.12.1.noarch", "HPE Helion OpenStack 8:python-apicapi-1.6.0-3.6.1.noarch", "HPE Helion OpenStack 8:python-horizon-12.0.5~dev3-3.26.1.noarch", "HPE Helion OpenStack 8:python-keystone-12.0.4~dev11-5.33.2.noarch", "HPE Helion OpenStack 8:python-keystoneauth1-3.1.2~dev2-3.3.1.noarch", "HPE Helion OpenStack 8:python-monasca-agent-2.2.6~dev4-3.18.1.noarch", "HPE Helion OpenStack 8:python-neutron-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:python-oslo.messaging-5.30.8-3.11.1.noarch", "HPE Helion OpenStack 8:python-psutil-5.2.2-3.3.1.x86_64", "HPE Helion OpenStack 8:python-pyroute2-0.4.21-3.3.1.noarch", "HPE Helion OpenStack 8:python-pysaml2-4.0.2-5.6.1.noarch", "HPE Helion OpenStack 8:python-tooz-1.58.1-3.3.1.noarch", "HPE Helion OpenStack 8:python-waitress-1.4.3-3.3.1.noarch", "HPE Helion OpenStack 8:storm-1.1.3-3.3.1.x86_64", "HPE Helion OpenStack 8:storm-nimbus-1.1.3-3.3.1.x86_64", "HPE Helion OpenStack 8:storm-supervisor-1.1.3-3.3.1.x86_64", "HPE Helion OpenStack 8:venv-openstack-aodh-x86_64-5.1.1~dev7-12.26.2.noarch", "HPE Helion OpenStack 8:venv-openstack-barbican-x86_64-5.0.2~dev3-12.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-ceilometer-x86_64-9.0.8~dev7-12.24.2.noarch", "HPE Helion OpenStack 8:venv-openstack-cinder-x86_64-11.2.3~dev23-14.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-designate-x86_64-5.0.3~dev7-12.25.2.noarch", "HPE Helion OpenStack 8:venv-openstack-freezer-x86_64-5.0.0.0~xrc2~dev2-10.22.1.noarch", "HPE Helion OpenStack 8:venv-openstack-glance-x86_64-15.0.3~dev3-12.25.1.noarch", "HPE Helion OpenStack 8:venv-openstack-heat-x86_64-9.0.8~dev22-12.27.1.noarch", "HPE Helion OpenStack 8:venv-openstack-horizon-hpe-x86_64-12.0.5~dev3-14.30.1.noarch", "HPE Helion OpenStack 8:venv-openstack-ironic-x86_64-9.1.8~dev8-12.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-keystone-x86_64-12.0.4~dev11-11.28.2.noarch", "HPE Helion OpenStack 8:venv-openstack-magnum-x86_64-5.0.2_5.0.2_5.0.2~dev31-11.26.2.noarch", "HPE Helion OpenStack 8:venv-openstack-manila-x86_64-5.1.1~dev5-12.31.2.noarch", "HPE Helion OpenStack 8:venv-openstack-monasca-ceilometer-x86_64-1.5.1_1.5.1_1.5.1~dev3-8.22.2.noarch", "HPE Helion OpenStack 8:venv-openstack-monasca-x86_64-2.2.2~dev1-11.22.3.noarch", "HPE Helion OpenStack 8:venv-openstack-murano-x86_64-4.0.2~dev2-12.22.1.noarch", "HPE Helion OpenStack 8:venv-openstack-neutron-x86_64-11.0.9~dev65-13.30.2.noarch", "HPE Helion OpenStack 8:venv-openstack-nova-x86_64-16.1.9~dev61-11.28.2.noarch", "HPE Helion OpenStack 8:venv-openstack-octavia-x86_64-1.0.6~dev3-12.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-sahara-x86_64-7.0.5~dev4-11.26.2.noarch", "HPE Helion OpenStack 8:venv-openstack-swift-x86_64-2.15.2_2.15.2_2.15.2~dev32-11.18.1.noarch", "HPE Helion OpenStack 8:venv-openstack-trove-x86_64-8.0.2~dev2-11.26.1.noarch", "SUSE OpenStack Cloud 8:ansible-2.4.6.0-3.9.1.noarch", "SUSE OpenStack Cloud 8:ansible1-1.9.6-7.3.1.noarch", "SUSE OpenStack Cloud 8:ardana-ansible-8.0+git.1589740980.6c3bcdc-3.73.1.noarch", "SUSE OpenStack Cloud 8:ardana-cluster-8.0+git.1585685203.3e71e49-3.36.1.noarch", "SUSE OpenStack Cloud 8:ardana-freezer-8.0+git.1586539529.b7d295f-3.21.1.noarch", "SUSE OpenStack Cloud 8:ardana-input-model-8.0+git.1589740934.0e0ad61-3.39.1.noarch", "SUSE OpenStack Cloud 8:ardana-logging-8.0+git.1591194866.b7375d0-3.24.1.noarch", "SUSE OpenStack Cloud 8:ardana-mq-8.0+git.1589715269.62ad6df-3.22.1.noarch", "SUSE OpenStack Cloud 8:ardana-neutron-8.0+git.1590756744.ba84abc-3.42.1.noarch", "SUSE OpenStack Cloud 8:ardana-octavia-8.0+git.1590100427.cf4cc8f-3.29.1.noarch", "SUSE OpenStack Cloud 8:ardana-osconfig-8.0+git.1587034587.eac37b8-3.45.1.noarch", "SUSE OpenStack Cloud 8:caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-installation-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-operations-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-opsconsole-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-planning-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-security-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-supplement-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-upstream-admin-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-upstream-user-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-user-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:grafana-4.6.5-4.9.1.x86_64", "SUSE OpenStack Cloud 8:kibana-4.6.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:openstack-dashboard-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud 8:openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1.noarch", "SUSE OpenStack Cloud 8:openstack-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-keystone-doc-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud 8:openstack-monasca-installer-20190923_16.32-3.12.1.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-dhcp-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-doc-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-ha-tool-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-l3-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-macvtap-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-metadata-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-metering-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-server-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-octavia-amphora-image-x86_64-0.1.4-3.12.2.noarch", "SUSE OpenStack Cloud 8:python-Django-1.11.23-3.15.1.noarch", "SUSE OpenStack Cloud 8:python-Flask-0.12.1-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-GitPython-2.1.8-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-Pillow-4.2.1-3.5.1.x86_64", "SUSE OpenStack Cloud 8:python-amqp-2.4.2-3.12.1.noarch", "SUSE OpenStack Cloud 8:python-apicapi-1.6.0-3.6.1.noarch", "SUSE OpenStack Cloud 8:python-horizon-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud 8:python-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud 8:python-keystoneauth1-3.1.2~dev2-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud 8:python-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:python-oslo.messaging-5.30.8-3.11.1.noarch", "SUSE OpenStack Cloud 8:python-psutil-5.2.2-3.3.1.x86_64", "SUSE OpenStack Cloud 8:python-pyroute2-0.4.21-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-pysaml2-4.0.2-5.6.1.noarch", "SUSE OpenStack Cloud 8:python-tooz-1.58.1-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud 8:storm-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:storm-nimbus-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:storm-supervisor-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:venv-openstack-aodh-x86_64-5.1.1~dev7-12.26.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-barbican-x86_64-5.0.2~dev3-12.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-ceilometer-x86_64-9.0.8~dev7-12.24.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-cinder-x86_64-11.2.3~dev23-14.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-designate-x86_64-5.0.3~dev7-12.25.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-freezer-x86_64-5.0.0.0~xrc2~dev2-10.22.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-glance-x86_64-15.0.3~dev3-12.25.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-heat-x86_64-9.0.8~dev22-12.27.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-horizon-x86_64-12.0.5~dev3-14.30.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-ironic-x86_64-9.1.8~dev8-12.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-keystone-x86_64-12.0.4~dev11-11.28.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-magnum-x86_64-5.0.2_5.0.2_5.0.2~dev31-11.26.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-manila-x86_64-5.1.1~dev5-12.31.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-monasca-ceilometer-x86_64-1.5.1_1.5.1_1.5.1~dev3-8.22.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-monasca-x86_64-2.2.2~dev1-11.22.3.noarch", "SUSE OpenStack Cloud 8:venv-openstack-murano-x86_64-4.0.2~dev2-12.22.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-neutron-x86_64-11.0.9~dev65-13.30.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-nova-x86_64-16.1.9~dev61-11.28.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-octavia-x86_64-1.0.6~dev3-12.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-sahara-x86_64-7.0.5~dev4-11.26.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-swift-x86_64-2.15.2_2.15.2_2.15.2~dev32-11.18.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-trove-x86_64-8.0.2~dev2-11.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:ansible-2.4.6.0-3.9.1.noarch", "SUSE OpenStack Cloud Crowbar 8:caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1.noarch", "SUSE OpenStack Cloud Crowbar 8:crowbar-core-5.0+git.1593156248.55bbdb26d-3.41.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:crowbar-core-branding-upstream-5.0+git.1593156248.55bbdb26d-3.41.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:crowbar-openstack-5.0+git.1593085772.64c4ab43c-4.40.2.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-deployment-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-supplement-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-upstream-admin-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-upstream-user-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:grafana-4.6.5-4.9.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kibana-4.6.3-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:openstack-dashboard-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-keystone-doc-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-monasca-installer-20190923_16.32-3.12.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-dhcp-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-doc-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-ha-tool-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-l3-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-macvtap-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-metadata-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-metering-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-server-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-octavia-amphora-image-x86_64-0.1.4-3.12.2.noarch", "SUSE OpenStack Cloud Crowbar 8:python-Django-1.11.23-3.15.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-Flask-0.12.1-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-Pillow-4.2.1-3.5.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:python-amqp-2.4.2-3.12.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-apicapi-1.6.0-3.6.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-horizon-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:python-keystoneauth1-3.1.2~dev2-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:python-oslo.messaging-5.30.8-3.11.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-psutil-5.2.2-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:python-pyroute2-0.4.21-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-pysaml2-4.0.2-5.6.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-tooz-1.58.1-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-crowbar-client-3.9.2-3.12.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-puma-2.16.0-3.9.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:storm-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:storm-nimbus-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:storm-supervisor-1.1.3-3.3.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2020-07-14T12:42:01Z", details: "important", }, ], title: "CVE-2020-5313", }, { cve: "CVE-2020-5390", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-5390", }, ], notes: [ { category: "general", text: "PySAML2 before 5.0.0 does not check that the signature in a SAML document is enveloped and thus signature wrapping is effective, i.e., it is affected by XML Signature Wrapping (XSW). The signature information and the node/object that is signed can be in different places and thus the signature verification will succeed, but the wrong data will be used. This specifically affects the verification of assertion that have been signed.", title: "CVE description", }, ], product_status: { recommended: [ "HPE Helion OpenStack 8:ansible-2.4.6.0-3.9.1.noarch", "HPE Helion OpenStack 8:ansible1-1.9.6-7.3.1.noarch", "HPE Helion OpenStack 8:ardana-ansible-8.0+git.1589740980.6c3bcdc-3.73.1.noarch", "HPE Helion OpenStack 8:ardana-cluster-8.0+git.1585685203.3e71e49-3.36.1.noarch", "HPE Helion OpenStack 8:ardana-freezer-8.0+git.1586539529.b7d295f-3.21.1.noarch", "HPE Helion OpenStack 8:ardana-input-model-8.0+git.1589740934.0e0ad61-3.39.1.noarch", "HPE Helion OpenStack 8:ardana-logging-8.0+git.1591194866.b7375d0-3.24.1.noarch", "HPE Helion OpenStack 8:ardana-mq-8.0+git.1589715269.62ad6df-3.22.1.noarch", "HPE Helion OpenStack 8:ardana-neutron-8.0+git.1590756744.ba84abc-3.42.1.noarch", "HPE Helion OpenStack 8:ardana-octavia-8.0+git.1590100427.cf4cc8f-3.29.1.noarch", "HPE Helion OpenStack 8:ardana-osconfig-8.0+git.1587034587.eac37b8-3.45.1.noarch", "HPE Helion OpenStack 8:caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-installation-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-operations-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-opsconsole-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-planning-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-security-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-user-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:grafana-4.6.5-4.9.1.x86_64", "HPE Helion OpenStack 8:kibana-4.6.3-3.3.1.x86_64", "HPE Helion OpenStack 8:openstack-dashboard-12.0.5~dev3-3.26.1.noarch", "HPE Helion OpenStack 8:openstack-dashboard-theme-HPE-8+git.1523473653.6599ec8-3.3.1.noarch", "HPE Helion OpenStack 8:openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1.noarch", "HPE Helion OpenStack 8:openstack-keystone-12.0.4~dev11-5.33.2.noarch", "HPE Helion OpenStack 8:openstack-keystone-doc-12.0.4~dev11-5.33.2.noarch", "HPE Helion OpenStack 8:openstack-monasca-agent-2.2.6~dev4-3.18.1.noarch", "HPE Helion OpenStack 8:openstack-monasca-installer-20190923_16.32-3.12.1.noarch", "HPE Helion OpenStack 8:openstack-neutron-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-dhcp-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-doc-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-ha-tool-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-l3-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-macvtap-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-metadata-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-metering-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-server-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-octavia-amphora-image-x86_64-0.1.4-3.12.2.noarch", "HPE Helion OpenStack 8:python-Django-1.11.23-3.15.1.noarch", "HPE Helion OpenStack 8:python-Flask-0.12.1-3.3.1.noarch", "HPE Helion OpenStack 8:python-GitPython-2.1.8-3.3.1.noarch", "HPE Helion OpenStack 8:python-Pillow-4.2.1-3.5.1.x86_64", "HPE Helion OpenStack 8:python-amqp-2.4.2-3.12.1.noarch", "HPE Helion OpenStack 8:python-apicapi-1.6.0-3.6.1.noarch", "HPE Helion OpenStack 8:python-horizon-12.0.5~dev3-3.26.1.noarch", "HPE Helion OpenStack 8:python-keystone-12.0.4~dev11-5.33.2.noarch", "HPE Helion OpenStack 8:python-keystoneauth1-3.1.2~dev2-3.3.1.noarch", "HPE Helion OpenStack 8:python-monasca-agent-2.2.6~dev4-3.18.1.noarch", "HPE Helion OpenStack 8:python-neutron-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:python-oslo.messaging-5.30.8-3.11.1.noarch", "HPE Helion OpenStack 8:python-psutil-5.2.2-3.3.1.x86_64", "HPE Helion OpenStack 8:python-pyroute2-0.4.21-3.3.1.noarch", "HPE Helion OpenStack 8:python-pysaml2-4.0.2-5.6.1.noarch", "HPE Helion OpenStack 8:python-tooz-1.58.1-3.3.1.noarch", "HPE Helion OpenStack 8:python-waitress-1.4.3-3.3.1.noarch", "HPE Helion OpenStack 8:storm-1.1.3-3.3.1.x86_64", "HPE Helion OpenStack 8:storm-nimbus-1.1.3-3.3.1.x86_64", "HPE Helion OpenStack 8:storm-supervisor-1.1.3-3.3.1.x86_64", "HPE Helion OpenStack 8:venv-openstack-aodh-x86_64-5.1.1~dev7-12.26.2.noarch", "HPE Helion OpenStack 8:venv-openstack-barbican-x86_64-5.0.2~dev3-12.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-ceilometer-x86_64-9.0.8~dev7-12.24.2.noarch", "HPE Helion OpenStack 8:venv-openstack-cinder-x86_64-11.2.3~dev23-14.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-designate-x86_64-5.0.3~dev7-12.25.2.noarch", "HPE Helion OpenStack 8:venv-openstack-freezer-x86_64-5.0.0.0~xrc2~dev2-10.22.1.noarch", "HPE Helion OpenStack 8:venv-openstack-glance-x86_64-15.0.3~dev3-12.25.1.noarch", "HPE Helion OpenStack 8:venv-openstack-heat-x86_64-9.0.8~dev22-12.27.1.noarch", "HPE Helion OpenStack 8:venv-openstack-horizon-hpe-x86_64-12.0.5~dev3-14.30.1.noarch", "HPE Helion OpenStack 8:venv-openstack-ironic-x86_64-9.1.8~dev8-12.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-keystone-x86_64-12.0.4~dev11-11.28.2.noarch", "HPE Helion OpenStack 8:venv-openstack-magnum-x86_64-5.0.2_5.0.2_5.0.2~dev31-11.26.2.noarch", "HPE Helion OpenStack 8:venv-openstack-manila-x86_64-5.1.1~dev5-12.31.2.noarch", "HPE Helion OpenStack 8:venv-openstack-monasca-ceilometer-x86_64-1.5.1_1.5.1_1.5.1~dev3-8.22.2.noarch", "HPE Helion OpenStack 8:venv-openstack-monasca-x86_64-2.2.2~dev1-11.22.3.noarch", "HPE Helion OpenStack 8:venv-openstack-murano-x86_64-4.0.2~dev2-12.22.1.noarch", "HPE Helion OpenStack 8:venv-openstack-neutron-x86_64-11.0.9~dev65-13.30.2.noarch", "HPE Helion OpenStack 8:venv-openstack-nova-x86_64-16.1.9~dev61-11.28.2.noarch", "HPE Helion OpenStack 8:venv-openstack-octavia-x86_64-1.0.6~dev3-12.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-sahara-x86_64-7.0.5~dev4-11.26.2.noarch", "HPE Helion OpenStack 8:venv-openstack-swift-x86_64-2.15.2_2.15.2_2.15.2~dev32-11.18.1.noarch", "HPE Helion OpenStack 8:venv-openstack-trove-x86_64-8.0.2~dev2-11.26.1.noarch", "SUSE OpenStack Cloud 8:ansible-2.4.6.0-3.9.1.noarch", "SUSE OpenStack Cloud 8:ansible1-1.9.6-7.3.1.noarch", "SUSE OpenStack Cloud 8:ardana-ansible-8.0+git.1589740980.6c3bcdc-3.73.1.noarch", "SUSE OpenStack Cloud 8:ardana-cluster-8.0+git.1585685203.3e71e49-3.36.1.noarch", "SUSE OpenStack Cloud 8:ardana-freezer-8.0+git.1586539529.b7d295f-3.21.1.noarch", "SUSE OpenStack Cloud 8:ardana-input-model-8.0+git.1589740934.0e0ad61-3.39.1.noarch", "SUSE OpenStack Cloud 8:ardana-logging-8.0+git.1591194866.b7375d0-3.24.1.noarch", "SUSE OpenStack Cloud 8:ardana-mq-8.0+git.1589715269.62ad6df-3.22.1.noarch", "SUSE OpenStack Cloud 8:ardana-neutron-8.0+git.1590756744.ba84abc-3.42.1.noarch", "SUSE OpenStack Cloud 8:ardana-octavia-8.0+git.1590100427.cf4cc8f-3.29.1.noarch", "SUSE OpenStack Cloud 8:ardana-osconfig-8.0+git.1587034587.eac37b8-3.45.1.noarch", "SUSE OpenStack Cloud 8:caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-installation-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-operations-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-opsconsole-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-planning-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-security-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-supplement-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-upstream-admin-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-upstream-user-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-user-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:grafana-4.6.5-4.9.1.x86_64", "SUSE OpenStack Cloud 8:kibana-4.6.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:openstack-dashboard-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud 8:openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1.noarch", "SUSE OpenStack Cloud 8:openstack-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-keystone-doc-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud 8:openstack-monasca-installer-20190923_16.32-3.12.1.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-dhcp-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-doc-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-ha-tool-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-l3-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-macvtap-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-metadata-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-metering-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-server-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-octavia-amphora-image-x86_64-0.1.4-3.12.2.noarch", "SUSE OpenStack Cloud 8:python-Django-1.11.23-3.15.1.noarch", "SUSE OpenStack Cloud 8:python-Flask-0.12.1-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-GitPython-2.1.8-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-Pillow-4.2.1-3.5.1.x86_64", "SUSE OpenStack Cloud 8:python-amqp-2.4.2-3.12.1.noarch", "SUSE OpenStack Cloud 8:python-apicapi-1.6.0-3.6.1.noarch", "SUSE OpenStack Cloud 8:python-horizon-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud 8:python-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud 8:python-keystoneauth1-3.1.2~dev2-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud 8:python-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:python-oslo.messaging-5.30.8-3.11.1.noarch", "SUSE OpenStack Cloud 8:python-psutil-5.2.2-3.3.1.x86_64", "SUSE OpenStack Cloud 8:python-pyroute2-0.4.21-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-pysaml2-4.0.2-5.6.1.noarch", "SUSE OpenStack Cloud 8:python-tooz-1.58.1-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud 8:storm-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:storm-nimbus-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:storm-supervisor-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:venv-openstack-aodh-x86_64-5.1.1~dev7-12.26.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-barbican-x86_64-5.0.2~dev3-12.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-ceilometer-x86_64-9.0.8~dev7-12.24.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-cinder-x86_64-11.2.3~dev23-14.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-designate-x86_64-5.0.3~dev7-12.25.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-freezer-x86_64-5.0.0.0~xrc2~dev2-10.22.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-glance-x86_64-15.0.3~dev3-12.25.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-heat-x86_64-9.0.8~dev22-12.27.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-horizon-x86_64-12.0.5~dev3-14.30.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-ironic-x86_64-9.1.8~dev8-12.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-keystone-x86_64-12.0.4~dev11-11.28.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-magnum-x86_64-5.0.2_5.0.2_5.0.2~dev31-11.26.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-manila-x86_64-5.1.1~dev5-12.31.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-monasca-ceilometer-x86_64-1.5.1_1.5.1_1.5.1~dev3-8.22.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-monasca-x86_64-2.2.2~dev1-11.22.3.noarch", "SUSE OpenStack Cloud 8:venv-openstack-murano-x86_64-4.0.2~dev2-12.22.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-neutron-x86_64-11.0.9~dev65-13.30.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-nova-x86_64-16.1.9~dev61-11.28.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-octavia-x86_64-1.0.6~dev3-12.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-sahara-x86_64-7.0.5~dev4-11.26.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-swift-x86_64-2.15.2_2.15.2_2.15.2~dev32-11.18.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-trove-x86_64-8.0.2~dev2-11.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:ansible-2.4.6.0-3.9.1.noarch", "SUSE OpenStack Cloud Crowbar 8:caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1.noarch", "SUSE OpenStack Cloud Crowbar 8:crowbar-core-5.0+git.1593156248.55bbdb26d-3.41.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:crowbar-core-branding-upstream-5.0+git.1593156248.55bbdb26d-3.41.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:crowbar-openstack-5.0+git.1593085772.64c4ab43c-4.40.2.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-deployment-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-supplement-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-upstream-admin-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-upstream-user-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:grafana-4.6.5-4.9.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kibana-4.6.3-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:openstack-dashboard-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-keystone-doc-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-monasca-installer-20190923_16.32-3.12.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-dhcp-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-doc-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-ha-tool-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-l3-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-macvtap-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-metadata-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-metering-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-server-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-octavia-amphora-image-x86_64-0.1.4-3.12.2.noarch", "SUSE OpenStack Cloud Crowbar 8:python-Django-1.11.23-3.15.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-Flask-0.12.1-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-Pillow-4.2.1-3.5.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:python-amqp-2.4.2-3.12.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-apicapi-1.6.0-3.6.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-horizon-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:python-keystoneauth1-3.1.2~dev2-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:python-oslo.messaging-5.30.8-3.11.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-psutil-5.2.2-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:python-pyroute2-0.4.21-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-pysaml2-4.0.2-5.6.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-tooz-1.58.1-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-crowbar-client-3.9.2-3.12.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-puma-2.16.0-3.9.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:storm-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:storm-nimbus-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:storm-supervisor-1.1.3-3.3.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-5390", url: "https://www.suse.com/security/cve/CVE-2020-5390", }, { category: "external", summary: "SUSE Bug 1160851 for CVE-2020-5390", url: "https://bugzilla.suse.com/1160851", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "HPE Helion OpenStack 8:ansible-2.4.6.0-3.9.1.noarch", "HPE Helion OpenStack 8:ansible1-1.9.6-7.3.1.noarch", "HPE Helion OpenStack 8:ardana-ansible-8.0+git.1589740980.6c3bcdc-3.73.1.noarch", "HPE Helion OpenStack 8:ardana-cluster-8.0+git.1585685203.3e71e49-3.36.1.noarch", "HPE Helion OpenStack 8:ardana-freezer-8.0+git.1586539529.b7d295f-3.21.1.noarch", "HPE Helion OpenStack 8:ardana-input-model-8.0+git.1589740934.0e0ad61-3.39.1.noarch", "HPE Helion OpenStack 8:ardana-logging-8.0+git.1591194866.b7375d0-3.24.1.noarch", "HPE Helion OpenStack 8:ardana-mq-8.0+git.1589715269.62ad6df-3.22.1.noarch", "HPE Helion OpenStack 8:ardana-neutron-8.0+git.1590756744.ba84abc-3.42.1.noarch", "HPE Helion OpenStack 8:ardana-octavia-8.0+git.1590100427.cf4cc8f-3.29.1.noarch", "HPE Helion OpenStack 8:ardana-osconfig-8.0+git.1587034587.eac37b8-3.45.1.noarch", "HPE Helion OpenStack 8:caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-installation-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-operations-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-opsconsole-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-planning-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-security-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-user-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:grafana-4.6.5-4.9.1.x86_64", "HPE Helion OpenStack 8:kibana-4.6.3-3.3.1.x86_64", "HPE Helion OpenStack 8:openstack-dashboard-12.0.5~dev3-3.26.1.noarch", "HPE Helion OpenStack 8:openstack-dashboard-theme-HPE-8+git.1523473653.6599ec8-3.3.1.noarch", "HPE Helion OpenStack 8:openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1.noarch", "HPE Helion OpenStack 8:openstack-keystone-12.0.4~dev11-5.33.2.noarch", "HPE Helion OpenStack 8:openstack-keystone-doc-12.0.4~dev11-5.33.2.noarch", "HPE Helion OpenStack 8:openstack-monasca-agent-2.2.6~dev4-3.18.1.noarch", "HPE Helion OpenStack 8:openstack-monasca-installer-20190923_16.32-3.12.1.noarch", "HPE Helion OpenStack 8:openstack-neutron-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-dhcp-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-doc-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-ha-tool-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-l3-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-macvtap-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-metadata-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-metering-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-server-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-octavia-amphora-image-x86_64-0.1.4-3.12.2.noarch", "HPE Helion OpenStack 8:python-Django-1.11.23-3.15.1.noarch", "HPE Helion OpenStack 8:python-Flask-0.12.1-3.3.1.noarch", "HPE Helion OpenStack 8:python-GitPython-2.1.8-3.3.1.noarch", "HPE Helion OpenStack 8:python-Pillow-4.2.1-3.5.1.x86_64", "HPE Helion OpenStack 8:python-amqp-2.4.2-3.12.1.noarch", "HPE Helion OpenStack 8:python-apicapi-1.6.0-3.6.1.noarch", "HPE Helion OpenStack 8:python-horizon-12.0.5~dev3-3.26.1.noarch", "HPE Helion OpenStack 8:python-keystone-12.0.4~dev11-5.33.2.noarch", "HPE Helion OpenStack 8:python-keystoneauth1-3.1.2~dev2-3.3.1.noarch", "HPE Helion OpenStack 8:python-monasca-agent-2.2.6~dev4-3.18.1.noarch", "HPE Helion OpenStack 8:python-neutron-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:python-oslo.messaging-5.30.8-3.11.1.noarch", "HPE Helion OpenStack 8:python-psutil-5.2.2-3.3.1.x86_64", "HPE Helion OpenStack 8:python-pyroute2-0.4.21-3.3.1.noarch", "HPE Helion OpenStack 8:python-pysaml2-4.0.2-5.6.1.noarch", "HPE Helion OpenStack 8:python-tooz-1.58.1-3.3.1.noarch", "HPE Helion OpenStack 8:python-waitress-1.4.3-3.3.1.noarch", "HPE Helion OpenStack 8:storm-1.1.3-3.3.1.x86_64", "HPE Helion OpenStack 8:storm-nimbus-1.1.3-3.3.1.x86_64", "HPE Helion OpenStack 8:storm-supervisor-1.1.3-3.3.1.x86_64", "HPE Helion OpenStack 8:venv-openstack-aodh-x86_64-5.1.1~dev7-12.26.2.noarch", "HPE Helion OpenStack 8:venv-openstack-barbican-x86_64-5.0.2~dev3-12.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-ceilometer-x86_64-9.0.8~dev7-12.24.2.noarch", "HPE Helion OpenStack 8:venv-openstack-cinder-x86_64-11.2.3~dev23-14.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-designate-x86_64-5.0.3~dev7-12.25.2.noarch", "HPE Helion OpenStack 8:venv-openstack-freezer-x86_64-5.0.0.0~xrc2~dev2-10.22.1.noarch", "HPE Helion OpenStack 8:venv-openstack-glance-x86_64-15.0.3~dev3-12.25.1.noarch", "HPE Helion OpenStack 8:venv-openstack-heat-x86_64-9.0.8~dev22-12.27.1.noarch", "HPE Helion OpenStack 8:venv-openstack-horizon-hpe-x86_64-12.0.5~dev3-14.30.1.noarch", "HPE Helion OpenStack 8:venv-openstack-ironic-x86_64-9.1.8~dev8-12.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-keystone-x86_64-12.0.4~dev11-11.28.2.noarch", "HPE Helion OpenStack 8:venv-openstack-magnum-x86_64-5.0.2_5.0.2_5.0.2~dev31-11.26.2.noarch", "HPE Helion OpenStack 8:venv-openstack-manila-x86_64-5.1.1~dev5-12.31.2.noarch", "HPE Helion OpenStack 8:venv-openstack-monasca-ceilometer-x86_64-1.5.1_1.5.1_1.5.1~dev3-8.22.2.noarch", "HPE Helion OpenStack 8:venv-openstack-monasca-x86_64-2.2.2~dev1-11.22.3.noarch", "HPE Helion OpenStack 8:venv-openstack-murano-x86_64-4.0.2~dev2-12.22.1.noarch", "HPE Helion OpenStack 8:venv-openstack-neutron-x86_64-11.0.9~dev65-13.30.2.noarch", "HPE Helion OpenStack 8:venv-openstack-nova-x86_64-16.1.9~dev61-11.28.2.noarch", "HPE Helion OpenStack 8:venv-openstack-octavia-x86_64-1.0.6~dev3-12.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-sahara-x86_64-7.0.5~dev4-11.26.2.noarch", "HPE Helion OpenStack 8:venv-openstack-swift-x86_64-2.15.2_2.15.2_2.15.2~dev32-11.18.1.noarch", "HPE Helion OpenStack 8:venv-openstack-trove-x86_64-8.0.2~dev2-11.26.1.noarch", "SUSE OpenStack Cloud 8:ansible-2.4.6.0-3.9.1.noarch", "SUSE OpenStack Cloud 8:ansible1-1.9.6-7.3.1.noarch", "SUSE OpenStack Cloud 8:ardana-ansible-8.0+git.1589740980.6c3bcdc-3.73.1.noarch", "SUSE OpenStack Cloud 8:ardana-cluster-8.0+git.1585685203.3e71e49-3.36.1.noarch", "SUSE OpenStack Cloud 8:ardana-freezer-8.0+git.1586539529.b7d295f-3.21.1.noarch", "SUSE OpenStack Cloud 8:ardana-input-model-8.0+git.1589740934.0e0ad61-3.39.1.noarch", "SUSE OpenStack Cloud 8:ardana-logging-8.0+git.1591194866.b7375d0-3.24.1.noarch", "SUSE OpenStack Cloud 8:ardana-mq-8.0+git.1589715269.62ad6df-3.22.1.noarch", "SUSE OpenStack Cloud 8:ardana-neutron-8.0+git.1590756744.ba84abc-3.42.1.noarch", "SUSE OpenStack Cloud 8:ardana-octavia-8.0+git.1590100427.cf4cc8f-3.29.1.noarch", "SUSE OpenStack Cloud 8:ardana-osconfig-8.0+git.1587034587.eac37b8-3.45.1.noarch", "SUSE OpenStack Cloud 8:caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-installation-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-operations-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-opsconsole-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-planning-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-security-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-supplement-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-upstream-admin-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-upstream-user-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-user-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:grafana-4.6.5-4.9.1.x86_64", "SUSE OpenStack Cloud 8:kibana-4.6.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:openstack-dashboard-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud 8:openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1.noarch", "SUSE OpenStack Cloud 8:openstack-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-keystone-doc-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud 8:openstack-monasca-installer-20190923_16.32-3.12.1.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-dhcp-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-doc-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-ha-tool-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-l3-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-macvtap-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-metadata-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-metering-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-server-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-octavia-amphora-image-x86_64-0.1.4-3.12.2.noarch", "SUSE OpenStack Cloud 8:python-Django-1.11.23-3.15.1.noarch", "SUSE OpenStack Cloud 8:python-Flask-0.12.1-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-GitPython-2.1.8-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-Pillow-4.2.1-3.5.1.x86_64", "SUSE OpenStack Cloud 8:python-amqp-2.4.2-3.12.1.noarch", "SUSE OpenStack Cloud 8:python-apicapi-1.6.0-3.6.1.noarch", "SUSE OpenStack Cloud 8:python-horizon-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud 8:python-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud 8:python-keystoneauth1-3.1.2~dev2-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud 8:python-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:python-oslo.messaging-5.30.8-3.11.1.noarch", "SUSE OpenStack Cloud 8:python-psutil-5.2.2-3.3.1.x86_64", "SUSE OpenStack Cloud 8:python-pyroute2-0.4.21-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-pysaml2-4.0.2-5.6.1.noarch", "SUSE OpenStack Cloud 8:python-tooz-1.58.1-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud 8:storm-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:storm-nimbus-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:storm-supervisor-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:venv-openstack-aodh-x86_64-5.1.1~dev7-12.26.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-barbican-x86_64-5.0.2~dev3-12.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-ceilometer-x86_64-9.0.8~dev7-12.24.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-cinder-x86_64-11.2.3~dev23-14.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-designate-x86_64-5.0.3~dev7-12.25.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-freezer-x86_64-5.0.0.0~xrc2~dev2-10.22.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-glance-x86_64-15.0.3~dev3-12.25.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-heat-x86_64-9.0.8~dev22-12.27.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-horizon-x86_64-12.0.5~dev3-14.30.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-ironic-x86_64-9.1.8~dev8-12.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-keystone-x86_64-12.0.4~dev11-11.28.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-magnum-x86_64-5.0.2_5.0.2_5.0.2~dev31-11.26.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-manila-x86_64-5.1.1~dev5-12.31.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-monasca-ceilometer-x86_64-1.5.1_1.5.1_1.5.1~dev3-8.22.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-monasca-x86_64-2.2.2~dev1-11.22.3.noarch", "SUSE OpenStack Cloud 8:venv-openstack-murano-x86_64-4.0.2~dev2-12.22.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-neutron-x86_64-11.0.9~dev65-13.30.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-nova-x86_64-16.1.9~dev61-11.28.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-octavia-x86_64-1.0.6~dev3-12.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-sahara-x86_64-7.0.5~dev4-11.26.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-swift-x86_64-2.15.2_2.15.2_2.15.2~dev32-11.18.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-trove-x86_64-8.0.2~dev2-11.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:ansible-2.4.6.0-3.9.1.noarch", "SUSE OpenStack Cloud Crowbar 8:caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1.noarch", "SUSE OpenStack Cloud Crowbar 8:crowbar-core-5.0+git.1593156248.55bbdb26d-3.41.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:crowbar-core-branding-upstream-5.0+git.1593156248.55bbdb26d-3.41.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:crowbar-openstack-5.0+git.1593085772.64c4ab43c-4.40.2.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-deployment-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-supplement-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-upstream-admin-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-upstream-user-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:grafana-4.6.5-4.9.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kibana-4.6.3-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:openstack-dashboard-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-keystone-doc-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-monasca-installer-20190923_16.32-3.12.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-dhcp-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-doc-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-ha-tool-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-l3-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-macvtap-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-metadata-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-metering-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-server-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-octavia-amphora-image-x86_64-0.1.4-3.12.2.noarch", "SUSE OpenStack Cloud Crowbar 8:python-Django-1.11.23-3.15.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-Flask-0.12.1-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-Pillow-4.2.1-3.5.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:python-amqp-2.4.2-3.12.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-apicapi-1.6.0-3.6.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-horizon-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:python-keystoneauth1-3.1.2~dev2-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:python-oslo.messaging-5.30.8-3.11.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-psutil-5.2.2-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:python-pyroute2-0.4.21-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-pysaml2-4.0.2-5.6.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-tooz-1.58.1-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-crowbar-client-3.9.2-3.12.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-puma-2.16.0-3.9.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:storm-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:storm-nimbus-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:storm-supervisor-1.1.3-3.3.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", version: "3.1", }, products: [ "HPE Helion OpenStack 8:ansible-2.4.6.0-3.9.1.noarch", "HPE Helion OpenStack 8:ansible1-1.9.6-7.3.1.noarch", "HPE Helion OpenStack 8:ardana-ansible-8.0+git.1589740980.6c3bcdc-3.73.1.noarch", "HPE Helion OpenStack 8:ardana-cluster-8.0+git.1585685203.3e71e49-3.36.1.noarch", "HPE Helion OpenStack 8:ardana-freezer-8.0+git.1586539529.b7d295f-3.21.1.noarch", "HPE Helion OpenStack 8:ardana-input-model-8.0+git.1589740934.0e0ad61-3.39.1.noarch", "HPE Helion OpenStack 8:ardana-logging-8.0+git.1591194866.b7375d0-3.24.1.noarch", "HPE Helion OpenStack 8:ardana-mq-8.0+git.1589715269.62ad6df-3.22.1.noarch", "HPE Helion OpenStack 8:ardana-neutron-8.0+git.1590756744.ba84abc-3.42.1.noarch", "HPE Helion OpenStack 8:ardana-octavia-8.0+git.1590100427.cf4cc8f-3.29.1.noarch", "HPE Helion OpenStack 8:ardana-osconfig-8.0+git.1587034587.eac37b8-3.45.1.noarch", "HPE Helion OpenStack 8:caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-installation-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-operations-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-opsconsole-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-planning-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-security-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-user-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:grafana-4.6.5-4.9.1.x86_64", "HPE Helion OpenStack 8:kibana-4.6.3-3.3.1.x86_64", "HPE Helion OpenStack 8:openstack-dashboard-12.0.5~dev3-3.26.1.noarch", "HPE Helion OpenStack 8:openstack-dashboard-theme-HPE-8+git.1523473653.6599ec8-3.3.1.noarch", "HPE Helion OpenStack 8:openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1.noarch", "HPE Helion OpenStack 8:openstack-keystone-12.0.4~dev11-5.33.2.noarch", "HPE Helion OpenStack 8:openstack-keystone-doc-12.0.4~dev11-5.33.2.noarch", "HPE Helion OpenStack 8:openstack-monasca-agent-2.2.6~dev4-3.18.1.noarch", "HPE Helion OpenStack 8:openstack-monasca-installer-20190923_16.32-3.12.1.noarch", "HPE Helion OpenStack 8:openstack-neutron-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-dhcp-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-doc-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-ha-tool-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-l3-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-macvtap-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-metadata-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-metering-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-server-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-octavia-amphora-image-x86_64-0.1.4-3.12.2.noarch", "HPE Helion OpenStack 8:python-Django-1.11.23-3.15.1.noarch", "HPE Helion OpenStack 8:python-Flask-0.12.1-3.3.1.noarch", "HPE Helion OpenStack 8:python-GitPython-2.1.8-3.3.1.noarch", "HPE Helion OpenStack 8:python-Pillow-4.2.1-3.5.1.x86_64", "HPE Helion OpenStack 8:python-amqp-2.4.2-3.12.1.noarch", "HPE Helion OpenStack 8:python-apicapi-1.6.0-3.6.1.noarch", "HPE Helion OpenStack 8:python-horizon-12.0.5~dev3-3.26.1.noarch", "HPE Helion OpenStack 8:python-keystone-12.0.4~dev11-5.33.2.noarch", "HPE Helion OpenStack 8:python-keystoneauth1-3.1.2~dev2-3.3.1.noarch", "HPE Helion OpenStack 8:python-monasca-agent-2.2.6~dev4-3.18.1.noarch", "HPE Helion OpenStack 8:python-neutron-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:python-oslo.messaging-5.30.8-3.11.1.noarch", "HPE Helion OpenStack 8:python-psutil-5.2.2-3.3.1.x86_64", "HPE Helion OpenStack 8:python-pyroute2-0.4.21-3.3.1.noarch", "HPE Helion OpenStack 8:python-pysaml2-4.0.2-5.6.1.noarch", "HPE Helion OpenStack 8:python-tooz-1.58.1-3.3.1.noarch", "HPE Helion OpenStack 8:python-waitress-1.4.3-3.3.1.noarch", "HPE Helion OpenStack 8:storm-1.1.3-3.3.1.x86_64", "HPE Helion OpenStack 8:storm-nimbus-1.1.3-3.3.1.x86_64", "HPE Helion OpenStack 8:storm-supervisor-1.1.3-3.3.1.x86_64", "HPE Helion OpenStack 8:venv-openstack-aodh-x86_64-5.1.1~dev7-12.26.2.noarch", "HPE Helion OpenStack 8:venv-openstack-barbican-x86_64-5.0.2~dev3-12.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-ceilometer-x86_64-9.0.8~dev7-12.24.2.noarch", "HPE Helion OpenStack 8:venv-openstack-cinder-x86_64-11.2.3~dev23-14.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-designate-x86_64-5.0.3~dev7-12.25.2.noarch", "HPE Helion OpenStack 8:venv-openstack-freezer-x86_64-5.0.0.0~xrc2~dev2-10.22.1.noarch", "HPE Helion OpenStack 8:venv-openstack-glance-x86_64-15.0.3~dev3-12.25.1.noarch", "HPE Helion OpenStack 8:venv-openstack-heat-x86_64-9.0.8~dev22-12.27.1.noarch", "HPE Helion OpenStack 8:venv-openstack-horizon-hpe-x86_64-12.0.5~dev3-14.30.1.noarch", "HPE Helion OpenStack 8:venv-openstack-ironic-x86_64-9.1.8~dev8-12.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-keystone-x86_64-12.0.4~dev11-11.28.2.noarch", "HPE Helion OpenStack 8:venv-openstack-magnum-x86_64-5.0.2_5.0.2_5.0.2~dev31-11.26.2.noarch", "HPE Helion OpenStack 8:venv-openstack-manila-x86_64-5.1.1~dev5-12.31.2.noarch", "HPE Helion OpenStack 8:venv-openstack-monasca-ceilometer-x86_64-1.5.1_1.5.1_1.5.1~dev3-8.22.2.noarch", "HPE Helion OpenStack 8:venv-openstack-monasca-x86_64-2.2.2~dev1-11.22.3.noarch", "HPE Helion OpenStack 8:venv-openstack-murano-x86_64-4.0.2~dev2-12.22.1.noarch", "HPE Helion OpenStack 8:venv-openstack-neutron-x86_64-11.0.9~dev65-13.30.2.noarch", "HPE Helion OpenStack 8:venv-openstack-nova-x86_64-16.1.9~dev61-11.28.2.noarch", "HPE Helion OpenStack 8:venv-openstack-octavia-x86_64-1.0.6~dev3-12.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-sahara-x86_64-7.0.5~dev4-11.26.2.noarch", "HPE Helion OpenStack 8:venv-openstack-swift-x86_64-2.15.2_2.15.2_2.15.2~dev32-11.18.1.noarch", "HPE Helion OpenStack 8:venv-openstack-trove-x86_64-8.0.2~dev2-11.26.1.noarch", "SUSE OpenStack Cloud 8:ansible-2.4.6.0-3.9.1.noarch", "SUSE OpenStack Cloud 8:ansible1-1.9.6-7.3.1.noarch", "SUSE OpenStack Cloud 8:ardana-ansible-8.0+git.1589740980.6c3bcdc-3.73.1.noarch", "SUSE OpenStack Cloud 8:ardana-cluster-8.0+git.1585685203.3e71e49-3.36.1.noarch", "SUSE OpenStack Cloud 8:ardana-freezer-8.0+git.1586539529.b7d295f-3.21.1.noarch", "SUSE OpenStack Cloud 8:ardana-input-model-8.0+git.1589740934.0e0ad61-3.39.1.noarch", "SUSE OpenStack Cloud 8:ardana-logging-8.0+git.1591194866.b7375d0-3.24.1.noarch", "SUSE OpenStack Cloud 8:ardana-mq-8.0+git.1589715269.62ad6df-3.22.1.noarch", "SUSE OpenStack Cloud 8:ardana-neutron-8.0+git.1590756744.ba84abc-3.42.1.noarch", "SUSE OpenStack Cloud 8:ardana-octavia-8.0+git.1590100427.cf4cc8f-3.29.1.noarch", "SUSE OpenStack Cloud 8:ardana-osconfig-8.0+git.1587034587.eac37b8-3.45.1.noarch", "SUSE OpenStack Cloud 8:caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-installation-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-operations-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-opsconsole-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-planning-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-security-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-supplement-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-upstream-admin-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-upstream-user-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-user-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:grafana-4.6.5-4.9.1.x86_64", "SUSE OpenStack Cloud 8:kibana-4.6.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:openstack-dashboard-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud 8:openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1.noarch", "SUSE OpenStack Cloud 8:openstack-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-keystone-doc-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud 8:openstack-monasca-installer-20190923_16.32-3.12.1.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-dhcp-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-doc-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-ha-tool-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-l3-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-macvtap-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-metadata-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-metering-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-server-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-octavia-amphora-image-x86_64-0.1.4-3.12.2.noarch", "SUSE OpenStack Cloud 8:python-Django-1.11.23-3.15.1.noarch", "SUSE OpenStack Cloud 8:python-Flask-0.12.1-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-GitPython-2.1.8-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-Pillow-4.2.1-3.5.1.x86_64", "SUSE OpenStack Cloud 8:python-amqp-2.4.2-3.12.1.noarch", "SUSE OpenStack Cloud 8:python-apicapi-1.6.0-3.6.1.noarch", "SUSE OpenStack Cloud 8:python-horizon-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud 8:python-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud 8:python-keystoneauth1-3.1.2~dev2-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud 8:python-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:python-oslo.messaging-5.30.8-3.11.1.noarch", "SUSE OpenStack Cloud 8:python-psutil-5.2.2-3.3.1.x86_64", "SUSE OpenStack Cloud 8:python-pyroute2-0.4.21-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-pysaml2-4.0.2-5.6.1.noarch", "SUSE OpenStack Cloud 8:python-tooz-1.58.1-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud 8:storm-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:storm-nimbus-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:storm-supervisor-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:venv-openstack-aodh-x86_64-5.1.1~dev7-12.26.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-barbican-x86_64-5.0.2~dev3-12.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-ceilometer-x86_64-9.0.8~dev7-12.24.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-cinder-x86_64-11.2.3~dev23-14.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-designate-x86_64-5.0.3~dev7-12.25.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-freezer-x86_64-5.0.0.0~xrc2~dev2-10.22.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-glance-x86_64-15.0.3~dev3-12.25.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-heat-x86_64-9.0.8~dev22-12.27.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-horizon-x86_64-12.0.5~dev3-14.30.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-ironic-x86_64-9.1.8~dev8-12.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-keystone-x86_64-12.0.4~dev11-11.28.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-magnum-x86_64-5.0.2_5.0.2_5.0.2~dev31-11.26.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-manila-x86_64-5.1.1~dev5-12.31.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-monasca-ceilometer-x86_64-1.5.1_1.5.1_1.5.1~dev3-8.22.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-monasca-x86_64-2.2.2~dev1-11.22.3.noarch", "SUSE OpenStack Cloud 8:venv-openstack-murano-x86_64-4.0.2~dev2-12.22.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-neutron-x86_64-11.0.9~dev65-13.30.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-nova-x86_64-16.1.9~dev61-11.28.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-octavia-x86_64-1.0.6~dev3-12.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-sahara-x86_64-7.0.5~dev4-11.26.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-swift-x86_64-2.15.2_2.15.2_2.15.2~dev32-11.18.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-trove-x86_64-8.0.2~dev2-11.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:ansible-2.4.6.0-3.9.1.noarch", "SUSE OpenStack Cloud Crowbar 8:caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1.noarch", "SUSE OpenStack Cloud Crowbar 8:crowbar-core-5.0+git.1593156248.55bbdb26d-3.41.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:crowbar-core-branding-upstream-5.0+git.1593156248.55bbdb26d-3.41.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:crowbar-openstack-5.0+git.1593085772.64c4ab43c-4.40.2.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-deployment-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-supplement-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-upstream-admin-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-upstream-user-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:grafana-4.6.5-4.9.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kibana-4.6.3-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:openstack-dashboard-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-keystone-doc-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-monasca-installer-20190923_16.32-3.12.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-dhcp-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-doc-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-ha-tool-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-l3-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-macvtap-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-metadata-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-metering-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-server-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-octavia-amphora-image-x86_64-0.1.4-3.12.2.noarch", "SUSE OpenStack Cloud Crowbar 8:python-Django-1.11.23-3.15.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-Flask-0.12.1-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-Pillow-4.2.1-3.5.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:python-amqp-2.4.2-3.12.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-apicapi-1.6.0-3.6.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-horizon-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:python-keystoneauth1-3.1.2~dev2-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:python-oslo.messaging-5.30.8-3.11.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-psutil-5.2.2-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:python-pyroute2-0.4.21-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-pysaml2-4.0.2-5.6.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-tooz-1.58.1-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-crowbar-client-3.9.2-3.12.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-puma-2.16.0-3.9.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:storm-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:storm-nimbus-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:storm-supervisor-1.1.3-3.3.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2020-07-14T12:42:01Z", details: "moderate", }, ], title: "CVE-2020-5390", }, { cve: "CVE-2020-8151", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-8151", }, ], notes: [ { category: "general", text: "There is a possible information disclosure issue in Active Resource <v5.1.1 that could allow an attacker to create specially crafted requests to access data in an unexpected way and possibly leak information.", title: "CVE description", }, ], product_status: { recommended: [ "HPE Helion OpenStack 8:ansible-2.4.6.0-3.9.1.noarch", "HPE Helion OpenStack 8:ansible1-1.9.6-7.3.1.noarch", "HPE Helion OpenStack 8:ardana-ansible-8.0+git.1589740980.6c3bcdc-3.73.1.noarch", "HPE Helion OpenStack 8:ardana-cluster-8.0+git.1585685203.3e71e49-3.36.1.noarch", "HPE Helion OpenStack 8:ardana-freezer-8.0+git.1586539529.b7d295f-3.21.1.noarch", "HPE Helion OpenStack 8:ardana-input-model-8.0+git.1589740934.0e0ad61-3.39.1.noarch", "HPE Helion OpenStack 8:ardana-logging-8.0+git.1591194866.b7375d0-3.24.1.noarch", "HPE Helion OpenStack 8:ardana-mq-8.0+git.1589715269.62ad6df-3.22.1.noarch", "HPE Helion OpenStack 8:ardana-neutron-8.0+git.1590756744.ba84abc-3.42.1.noarch", "HPE Helion OpenStack 8:ardana-octavia-8.0+git.1590100427.cf4cc8f-3.29.1.noarch", "HPE Helion OpenStack 8:ardana-osconfig-8.0+git.1587034587.eac37b8-3.45.1.noarch", "HPE Helion OpenStack 8:caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-installation-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-operations-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-opsconsole-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-planning-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-security-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-user-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:grafana-4.6.5-4.9.1.x86_64", "HPE Helion OpenStack 8:kibana-4.6.3-3.3.1.x86_64", "HPE Helion OpenStack 8:openstack-dashboard-12.0.5~dev3-3.26.1.noarch", "HPE Helion OpenStack 8:openstack-dashboard-theme-HPE-8+git.1523473653.6599ec8-3.3.1.noarch", "HPE Helion OpenStack 8:openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1.noarch", "HPE Helion OpenStack 8:openstack-keystone-12.0.4~dev11-5.33.2.noarch", "HPE Helion OpenStack 8:openstack-keystone-doc-12.0.4~dev11-5.33.2.noarch", "HPE Helion OpenStack 8:openstack-monasca-agent-2.2.6~dev4-3.18.1.noarch", "HPE Helion OpenStack 8:openstack-monasca-installer-20190923_16.32-3.12.1.noarch", "HPE Helion OpenStack 8:openstack-neutron-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-dhcp-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-doc-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-ha-tool-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-l3-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-macvtap-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-metadata-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-metering-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-server-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-octavia-amphora-image-x86_64-0.1.4-3.12.2.noarch", "HPE Helion OpenStack 8:python-Django-1.11.23-3.15.1.noarch", "HPE Helion OpenStack 8:python-Flask-0.12.1-3.3.1.noarch", "HPE Helion OpenStack 8:python-GitPython-2.1.8-3.3.1.noarch", "HPE Helion OpenStack 8:python-Pillow-4.2.1-3.5.1.x86_64", "HPE Helion OpenStack 8:python-amqp-2.4.2-3.12.1.noarch", "HPE Helion OpenStack 8:python-apicapi-1.6.0-3.6.1.noarch", "HPE Helion OpenStack 8:python-horizon-12.0.5~dev3-3.26.1.noarch", "HPE Helion OpenStack 8:python-keystone-12.0.4~dev11-5.33.2.noarch", "HPE Helion OpenStack 8:python-keystoneauth1-3.1.2~dev2-3.3.1.noarch", "HPE Helion OpenStack 8:python-monasca-agent-2.2.6~dev4-3.18.1.noarch", "HPE Helion OpenStack 8:python-neutron-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:python-oslo.messaging-5.30.8-3.11.1.noarch", "HPE Helion OpenStack 8:python-psutil-5.2.2-3.3.1.x86_64", "HPE Helion OpenStack 8:python-pyroute2-0.4.21-3.3.1.noarch", "HPE Helion OpenStack 8:python-pysaml2-4.0.2-5.6.1.noarch", "HPE Helion OpenStack 8:python-tooz-1.58.1-3.3.1.noarch", "HPE Helion OpenStack 8:python-waitress-1.4.3-3.3.1.noarch", "HPE Helion OpenStack 8:storm-1.1.3-3.3.1.x86_64", "HPE Helion OpenStack 8:storm-nimbus-1.1.3-3.3.1.x86_64", "HPE Helion OpenStack 8:storm-supervisor-1.1.3-3.3.1.x86_64", "HPE Helion OpenStack 8:venv-openstack-aodh-x86_64-5.1.1~dev7-12.26.2.noarch", "HPE Helion OpenStack 8:venv-openstack-barbican-x86_64-5.0.2~dev3-12.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-ceilometer-x86_64-9.0.8~dev7-12.24.2.noarch", "HPE Helion OpenStack 8:venv-openstack-cinder-x86_64-11.2.3~dev23-14.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-designate-x86_64-5.0.3~dev7-12.25.2.noarch", "HPE Helion OpenStack 8:venv-openstack-freezer-x86_64-5.0.0.0~xrc2~dev2-10.22.1.noarch", "HPE Helion OpenStack 8:venv-openstack-glance-x86_64-15.0.3~dev3-12.25.1.noarch", "HPE Helion OpenStack 8:venv-openstack-heat-x86_64-9.0.8~dev22-12.27.1.noarch", "HPE Helion OpenStack 8:venv-openstack-horizon-hpe-x86_64-12.0.5~dev3-14.30.1.noarch", "HPE Helion OpenStack 8:venv-openstack-ironic-x86_64-9.1.8~dev8-12.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-keystone-x86_64-12.0.4~dev11-11.28.2.noarch", "HPE Helion OpenStack 8:venv-openstack-magnum-x86_64-5.0.2_5.0.2_5.0.2~dev31-11.26.2.noarch", "HPE Helion OpenStack 8:venv-openstack-manila-x86_64-5.1.1~dev5-12.31.2.noarch", "HPE Helion OpenStack 8:venv-openstack-monasca-ceilometer-x86_64-1.5.1_1.5.1_1.5.1~dev3-8.22.2.noarch", "HPE Helion OpenStack 8:venv-openstack-monasca-x86_64-2.2.2~dev1-11.22.3.noarch", "HPE Helion OpenStack 8:venv-openstack-murano-x86_64-4.0.2~dev2-12.22.1.noarch", "HPE Helion OpenStack 8:venv-openstack-neutron-x86_64-11.0.9~dev65-13.30.2.noarch", "HPE Helion OpenStack 8:venv-openstack-nova-x86_64-16.1.9~dev61-11.28.2.noarch", "HPE Helion OpenStack 8:venv-openstack-octavia-x86_64-1.0.6~dev3-12.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-sahara-x86_64-7.0.5~dev4-11.26.2.noarch", "HPE Helion OpenStack 8:venv-openstack-swift-x86_64-2.15.2_2.15.2_2.15.2~dev32-11.18.1.noarch", "HPE Helion OpenStack 8:venv-openstack-trove-x86_64-8.0.2~dev2-11.26.1.noarch", "SUSE OpenStack Cloud 8:ansible-2.4.6.0-3.9.1.noarch", "SUSE OpenStack Cloud 8:ansible1-1.9.6-7.3.1.noarch", "SUSE OpenStack Cloud 8:ardana-ansible-8.0+git.1589740980.6c3bcdc-3.73.1.noarch", "SUSE OpenStack Cloud 8:ardana-cluster-8.0+git.1585685203.3e71e49-3.36.1.noarch", "SUSE OpenStack Cloud 8:ardana-freezer-8.0+git.1586539529.b7d295f-3.21.1.noarch", "SUSE OpenStack Cloud 8:ardana-input-model-8.0+git.1589740934.0e0ad61-3.39.1.noarch", "SUSE OpenStack Cloud 8:ardana-logging-8.0+git.1591194866.b7375d0-3.24.1.noarch", "SUSE OpenStack Cloud 8:ardana-mq-8.0+git.1589715269.62ad6df-3.22.1.noarch", "SUSE OpenStack Cloud 8:ardana-neutron-8.0+git.1590756744.ba84abc-3.42.1.noarch", "SUSE OpenStack Cloud 8:ardana-octavia-8.0+git.1590100427.cf4cc8f-3.29.1.noarch", "SUSE OpenStack Cloud 8:ardana-osconfig-8.0+git.1587034587.eac37b8-3.45.1.noarch", "SUSE OpenStack Cloud 8:caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-installation-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-operations-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-opsconsole-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-planning-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-security-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-supplement-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-upstream-admin-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-upstream-user-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-user-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:grafana-4.6.5-4.9.1.x86_64", "SUSE OpenStack Cloud 8:kibana-4.6.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:openstack-dashboard-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud 8:openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1.noarch", "SUSE OpenStack Cloud 8:openstack-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-keystone-doc-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud 8:openstack-monasca-installer-20190923_16.32-3.12.1.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-dhcp-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-doc-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-ha-tool-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-l3-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-macvtap-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-metadata-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-metering-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-server-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-octavia-amphora-image-x86_64-0.1.4-3.12.2.noarch", "SUSE OpenStack Cloud 8:python-Django-1.11.23-3.15.1.noarch", "SUSE OpenStack Cloud 8:python-Flask-0.12.1-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-GitPython-2.1.8-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-Pillow-4.2.1-3.5.1.x86_64", "SUSE OpenStack Cloud 8:python-amqp-2.4.2-3.12.1.noarch", "SUSE OpenStack Cloud 8:python-apicapi-1.6.0-3.6.1.noarch", "SUSE OpenStack Cloud 8:python-horizon-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud 8:python-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud 8:python-keystoneauth1-3.1.2~dev2-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud 8:python-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:python-oslo.messaging-5.30.8-3.11.1.noarch", "SUSE OpenStack Cloud 8:python-psutil-5.2.2-3.3.1.x86_64", "SUSE OpenStack Cloud 8:python-pyroute2-0.4.21-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-pysaml2-4.0.2-5.6.1.noarch", "SUSE OpenStack Cloud 8:python-tooz-1.58.1-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud 8:storm-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:storm-nimbus-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:storm-supervisor-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:venv-openstack-aodh-x86_64-5.1.1~dev7-12.26.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-barbican-x86_64-5.0.2~dev3-12.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-ceilometer-x86_64-9.0.8~dev7-12.24.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-cinder-x86_64-11.2.3~dev23-14.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-designate-x86_64-5.0.3~dev7-12.25.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-freezer-x86_64-5.0.0.0~xrc2~dev2-10.22.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-glance-x86_64-15.0.3~dev3-12.25.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-heat-x86_64-9.0.8~dev22-12.27.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-horizon-x86_64-12.0.5~dev3-14.30.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-ironic-x86_64-9.1.8~dev8-12.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-keystone-x86_64-12.0.4~dev11-11.28.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-magnum-x86_64-5.0.2_5.0.2_5.0.2~dev31-11.26.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-manila-x86_64-5.1.1~dev5-12.31.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-monasca-ceilometer-x86_64-1.5.1_1.5.1_1.5.1~dev3-8.22.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-monasca-x86_64-2.2.2~dev1-11.22.3.noarch", "SUSE OpenStack Cloud 8:venv-openstack-murano-x86_64-4.0.2~dev2-12.22.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-neutron-x86_64-11.0.9~dev65-13.30.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-nova-x86_64-16.1.9~dev61-11.28.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-octavia-x86_64-1.0.6~dev3-12.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-sahara-x86_64-7.0.5~dev4-11.26.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-swift-x86_64-2.15.2_2.15.2_2.15.2~dev32-11.18.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-trove-x86_64-8.0.2~dev2-11.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:ansible-2.4.6.0-3.9.1.noarch", "SUSE OpenStack Cloud Crowbar 8:caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1.noarch", "SUSE OpenStack Cloud Crowbar 8:crowbar-core-5.0+git.1593156248.55bbdb26d-3.41.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:crowbar-core-branding-upstream-5.0+git.1593156248.55bbdb26d-3.41.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:crowbar-openstack-5.0+git.1593085772.64c4ab43c-4.40.2.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-deployment-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-supplement-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-upstream-admin-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-upstream-user-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:grafana-4.6.5-4.9.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kibana-4.6.3-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:openstack-dashboard-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-keystone-doc-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-monasca-installer-20190923_16.32-3.12.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-dhcp-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-doc-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-ha-tool-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-l3-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-macvtap-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-metadata-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-metering-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-server-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-octavia-amphora-image-x86_64-0.1.4-3.12.2.noarch", "SUSE OpenStack Cloud Crowbar 8:python-Django-1.11.23-3.15.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-Flask-0.12.1-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-Pillow-4.2.1-3.5.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:python-amqp-2.4.2-3.12.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-apicapi-1.6.0-3.6.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-horizon-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:python-keystoneauth1-3.1.2~dev2-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:python-oslo.messaging-5.30.8-3.11.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-psutil-5.2.2-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:python-pyroute2-0.4.21-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-pysaml2-4.0.2-5.6.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-tooz-1.58.1-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-crowbar-client-3.9.2-3.12.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-puma-2.16.0-3.9.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:storm-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:storm-nimbus-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:storm-supervisor-1.1.3-3.3.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-8151", url: "https://www.suse.com/security/cve/CVE-2020-8151", }, { category: "external", summary: "SUSE Bug 1171560 for CVE-2020-8151", url: "https://bugzilla.suse.com/1171560", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "HPE Helion OpenStack 8:ansible-2.4.6.0-3.9.1.noarch", "HPE Helion OpenStack 8:ansible1-1.9.6-7.3.1.noarch", "HPE Helion OpenStack 8:ardana-ansible-8.0+git.1589740980.6c3bcdc-3.73.1.noarch", "HPE Helion OpenStack 8:ardana-cluster-8.0+git.1585685203.3e71e49-3.36.1.noarch", "HPE Helion OpenStack 8:ardana-freezer-8.0+git.1586539529.b7d295f-3.21.1.noarch", "HPE Helion OpenStack 8:ardana-input-model-8.0+git.1589740934.0e0ad61-3.39.1.noarch", "HPE Helion OpenStack 8:ardana-logging-8.0+git.1591194866.b7375d0-3.24.1.noarch", "HPE Helion OpenStack 8:ardana-mq-8.0+git.1589715269.62ad6df-3.22.1.noarch", "HPE Helion OpenStack 8:ardana-neutron-8.0+git.1590756744.ba84abc-3.42.1.noarch", "HPE Helion OpenStack 8:ardana-octavia-8.0+git.1590100427.cf4cc8f-3.29.1.noarch", "HPE Helion OpenStack 8:ardana-osconfig-8.0+git.1587034587.eac37b8-3.45.1.noarch", "HPE Helion OpenStack 8:caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-installation-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-operations-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-opsconsole-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-planning-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-security-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-user-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:grafana-4.6.5-4.9.1.x86_64", "HPE Helion OpenStack 8:kibana-4.6.3-3.3.1.x86_64", "HPE Helion OpenStack 8:openstack-dashboard-12.0.5~dev3-3.26.1.noarch", "HPE Helion OpenStack 8:openstack-dashboard-theme-HPE-8+git.1523473653.6599ec8-3.3.1.noarch", "HPE Helion OpenStack 8:openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1.noarch", "HPE Helion OpenStack 8:openstack-keystone-12.0.4~dev11-5.33.2.noarch", "HPE Helion OpenStack 8:openstack-keystone-doc-12.0.4~dev11-5.33.2.noarch", "HPE Helion OpenStack 8:openstack-monasca-agent-2.2.6~dev4-3.18.1.noarch", "HPE Helion OpenStack 8:openstack-monasca-installer-20190923_16.32-3.12.1.noarch", "HPE Helion OpenStack 8:openstack-neutron-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-dhcp-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-doc-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-ha-tool-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-l3-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-macvtap-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-metadata-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-metering-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-server-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-octavia-amphora-image-x86_64-0.1.4-3.12.2.noarch", "HPE Helion OpenStack 8:python-Django-1.11.23-3.15.1.noarch", "HPE Helion OpenStack 8:python-Flask-0.12.1-3.3.1.noarch", "HPE Helion OpenStack 8:python-GitPython-2.1.8-3.3.1.noarch", "HPE Helion OpenStack 8:python-Pillow-4.2.1-3.5.1.x86_64", "HPE Helion OpenStack 8:python-amqp-2.4.2-3.12.1.noarch", "HPE Helion OpenStack 8:python-apicapi-1.6.0-3.6.1.noarch", "HPE Helion OpenStack 8:python-horizon-12.0.5~dev3-3.26.1.noarch", "HPE Helion OpenStack 8:python-keystone-12.0.4~dev11-5.33.2.noarch", "HPE Helion OpenStack 8:python-keystoneauth1-3.1.2~dev2-3.3.1.noarch", "HPE Helion OpenStack 8:python-monasca-agent-2.2.6~dev4-3.18.1.noarch", "HPE Helion OpenStack 8:python-neutron-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:python-oslo.messaging-5.30.8-3.11.1.noarch", "HPE Helion OpenStack 8:python-psutil-5.2.2-3.3.1.x86_64", "HPE Helion OpenStack 8:python-pyroute2-0.4.21-3.3.1.noarch", "HPE Helion OpenStack 8:python-pysaml2-4.0.2-5.6.1.noarch", "HPE Helion OpenStack 8:python-tooz-1.58.1-3.3.1.noarch", "HPE Helion OpenStack 8:python-waitress-1.4.3-3.3.1.noarch", "HPE Helion OpenStack 8:storm-1.1.3-3.3.1.x86_64", "HPE Helion OpenStack 8:storm-nimbus-1.1.3-3.3.1.x86_64", "HPE Helion OpenStack 8:storm-supervisor-1.1.3-3.3.1.x86_64", "HPE Helion OpenStack 8:venv-openstack-aodh-x86_64-5.1.1~dev7-12.26.2.noarch", "HPE Helion OpenStack 8:venv-openstack-barbican-x86_64-5.0.2~dev3-12.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-ceilometer-x86_64-9.0.8~dev7-12.24.2.noarch", "HPE Helion OpenStack 8:venv-openstack-cinder-x86_64-11.2.3~dev23-14.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-designate-x86_64-5.0.3~dev7-12.25.2.noarch", "HPE Helion OpenStack 8:venv-openstack-freezer-x86_64-5.0.0.0~xrc2~dev2-10.22.1.noarch", "HPE Helion OpenStack 8:venv-openstack-glance-x86_64-15.0.3~dev3-12.25.1.noarch", "HPE Helion OpenStack 8:venv-openstack-heat-x86_64-9.0.8~dev22-12.27.1.noarch", "HPE Helion OpenStack 8:venv-openstack-horizon-hpe-x86_64-12.0.5~dev3-14.30.1.noarch", "HPE Helion OpenStack 8:venv-openstack-ironic-x86_64-9.1.8~dev8-12.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-keystone-x86_64-12.0.4~dev11-11.28.2.noarch", "HPE Helion OpenStack 8:venv-openstack-magnum-x86_64-5.0.2_5.0.2_5.0.2~dev31-11.26.2.noarch", "HPE Helion OpenStack 8:venv-openstack-manila-x86_64-5.1.1~dev5-12.31.2.noarch", "HPE Helion OpenStack 8:venv-openstack-monasca-ceilometer-x86_64-1.5.1_1.5.1_1.5.1~dev3-8.22.2.noarch", "HPE Helion OpenStack 8:venv-openstack-monasca-x86_64-2.2.2~dev1-11.22.3.noarch", "HPE Helion OpenStack 8:venv-openstack-murano-x86_64-4.0.2~dev2-12.22.1.noarch", "HPE Helion OpenStack 8:venv-openstack-neutron-x86_64-11.0.9~dev65-13.30.2.noarch", "HPE Helion OpenStack 8:venv-openstack-nova-x86_64-16.1.9~dev61-11.28.2.noarch", "HPE Helion OpenStack 8:venv-openstack-octavia-x86_64-1.0.6~dev3-12.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-sahara-x86_64-7.0.5~dev4-11.26.2.noarch", "HPE Helion OpenStack 8:venv-openstack-swift-x86_64-2.15.2_2.15.2_2.15.2~dev32-11.18.1.noarch", "HPE Helion OpenStack 8:venv-openstack-trove-x86_64-8.0.2~dev2-11.26.1.noarch", "SUSE OpenStack Cloud 8:ansible-2.4.6.0-3.9.1.noarch", "SUSE OpenStack Cloud 8:ansible1-1.9.6-7.3.1.noarch", "SUSE OpenStack Cloud 8:ardana-ansible-8.0+git.1589740980.6c3bcdc-3.73.1.noarch", "SUSE OpenStack Cloud 8:ardana-cluster-8.0+git.1585685203.3e71e49-3.36.1.noarch", "SUSE OpenStack Cloud 8:ardana-freezer-8.0+git.1586539529.b7d295f-3.21.1.noarch", "SUSE OpenStack Cloud 8:ardana-input-model-8.0+git.1589740934.0e0ad61-3.39.1.noarch", "SUSE OpenStack Cloud 8:ardana-logging-8.0+git.1591194866.b7375d0-3.24.1.noarch", "SUSE OpenStack Cloud 8:ardana-mq-8.0+git.1589715269.62ad6df-3.22.1.noarch", "SUSE OpenStack Cloud 8:ardana-neutron-8.0+git.1590756744.ba84abc-3.42.1.noarch", "SUSE OpenStack Cloud 8:ardana-octavia-8.0+git.1590100427.cf4cc8f-3.29.1.noarch", "SUSE OpenStack Cloud 8:ardana-osconfig-8.0+git.1587034587.eac37b8-3.45.1.noarch", "SUSE OpenStack Cloud 8:caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-installation-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-operations-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-opsconsole-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-planning-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-security-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-supplement-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-upstream-admin-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-upstream-user-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-user-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:grafana-4.6.5-4.9.1.x86_64", "SUSE OpenStack Cloud 8:kibana-4.6.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:openstack-dashboard-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud 8:openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1.noarch", "SUSE OpenStack Cloud 8:openstack-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-keystone-doc-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud 8:openstack-monasca-installer-20190923_16.32-3.12.1.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-dhcp-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-doc-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-ha-tool-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-l3-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-macvtap-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-metadata-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-metering-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-server-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-octavia-amphora-image-x86_64-0.1.4-3.12.2.noarch", "SUSE OpenStack Cloud 8:python-Django-1.11.23-3.15.1.noarch", "SUSE OpenStack Cloud 8:python-Flask-0.12.1-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-GitPython-2.1.8-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-Pillow-4.2.1-3.5.1.x86_64", "SUSE OpenStack Cloud 8:python-amqp-2.4.2-3.12.1.noarch", "SUSE OpenStack Cloud 8:python-apicapi-1.6.0-3.6.1.noarch", "SUSE OpenStack Cloud 8:python-horizon-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud 8:python-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud 8:python-keystoneauth1-3.1.2~dev2-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud 8:python-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:python-oslo.messaging-5.30.8-3.11.1.noarch", "SUSE OpenStack Cloud 8:python-psutil-5.2.2-3.3.1.x86_64", "SUSE OpenStack Cloud 8:python-pyroute2-0.4.21-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-pysaml2-4.0.2-5.6.1.noarch", "SUSE OpenStack Cloud 8:python-tooz-1.58.1-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud 8:storm-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:storm-nimbus-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:storm-supervisor-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:venv-openstack-aodh-x86_64-5.1.1~dev7-12.26.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-barbican-x86_64-5.0.2~dev3-12.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-ceilometer-x86_64-9.0.8~dev7-12.24.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-cinder-x86_64-11.2.3~dev23-14.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-designate-x86_64-5.0.3~dev7-12.25.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-freezer-x86_64-5.0.0.0~xrc2~dev2-10.22.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-glance-x86_64-15.0.3~dev3-12.25.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-heat-x86_64-9.0.8~dev22-12.27.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-horizon-x86_64-12.0.5~dev3-14.30.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-ironic-x86_64-9.1.8~dev8-12.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-keystone-x86_64-12.0.4~dev11-11.28.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-magnum-x86_64-5.0.2_5.0.2_5.0.2~dev31-11.26.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-manila-x86_64-5.1.1~dev5-12.31.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-monasca-ceilometer-x86_64-1.5.1_1.5.1_1.5.1~dev3-8.22.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-monasca-x86_64-2.2.2~dev1-11.22.3.noarch", "SUSE OpenStack Cloud 8:venv-openstack-murano-x86_64-4.0.2~dev2-12.22.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-neutron-x86_64-11.0.9~dev65-13.30.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-nova-x86_64-16.1.9~dev61-11.28.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-octavia-x86_64-1.0.6~dev3-12.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-sahara-x86_64-7.0.5~dev4-11.26.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-swift-x86_64-2.15.2_2.15.2_2.15.2~dev32-11.18.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-trove-x86_64-8.0.2~dev2-11.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:ansible-2.4.6.0-3.9.1.noarch", "SUSE OpenStack Cloud Crowbar 8:caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1.noarch", "SUSE OpenStack Cloud Crowbar 8:crowbar-core-5.0+git.1593156248.55bbdb26d-3.41.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:crowbar-core-branding-upstream-5.0+git.1593156248.55bbdb26d-3.41.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:crowbar-openstack-5.0+git.1593085772.64c4ab43c-4.40.2.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-deployment-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-supplement-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-upstream-admin-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-upstream-user-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:grafana-4.6.5-4.9.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kibana-4.6.3-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:openstack-dashboard-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-keystone-doc-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-monasca-installer-20190923_16.32-3.12.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-dhcp-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-doc-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-ha-tool-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-l3-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-macvtap-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-metadata-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-metering-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-server-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-octavia-amphora-image-x86_64-0.1.4-3.12.2.noarch", "SUSE OpenStack Cloud Crowbar 8:python-Django-1.11.23-3.15.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-Flask-0.12.1-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-Pillow-4.2.1-3.5.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:python-amqp-2.4.2-3.12.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-apicapi-1.6.0-3.6.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-horizon-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:python-keystoneauth1-3.1.2~dev2-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:python-oslo.messaging-5.30.8-3.11.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-psutil-5.2.2-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:python-pyroute2-0.4.21-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-pysaml2-4.0.2-5.6.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-tooz-1.58.1-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-crowbar-client-3.9.2-3.12.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-puma-2.16.0-3.9.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:storm-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:storm-nimbus-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:storm-supervisor-1.1.3-3.3.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", version: "3.1", }, products: [ "HPE Helion OpenStack 8:ansible-2.4.6.0-3.9.1.noarch", "HPE Helion OpenStack 8:ansible1-1.9.6-7.3.1.noarch", "HPE Helion OpenStack 8:ardana-ansible-8.0+git.1589740980.6c3bcdc-3.73.1.noarch", "HPE Helion OpenStack 8:ardana-cluster-8.0+git.1585685203.3e71e49-3.36.1.noarch", "HPE Helion OpenStack 8:ardana-freezer-8.0+git.1586539529.b7d295f-3.21.1.noarch", "HPE Helion OpenStack 8:ardana-input-model-8.0+git.1589740934.0e0ad61-3.39.1.noarch", "HPE Helion OpenStack 8:ardana-logging-8.0+git.1591194866.b7375d0-3.24.1.noarch", "HPE Helion OpenStack 8:ardana-mq-8.0+git.1589715269.62ad6df-3.22.1.noarch", "HPE Helion OpenStack 8:ardana-neutron-8.0+git.1590756744.ba84abc-3.42.1.noarch", "HPE Helion OpenStack 8:ardana-octavia-8.0+git.1590100427.cf4cc8f-3.29.1.noarch", "HPE Helion OpenStack 8:ardana-osconfig-8.0+git.1587034587.eac37b8-3.45.1.noarch", "HPE Helion OpenStack 8:caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-installation-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-operations-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-opsconsole-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-planning-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-security-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:documentation-hpe-helion-openstack-user-8.20200527-1.26.1.noarch", "HPE Helion OpenStack 8:grafana-4.6.5-4.9.1.x86_64", "HPE Helion OpenStack 8:kibana-4.6.3-3.3.1.x86_64", "HPE Helion OpenStack 8:openstack-dashboard-12.0.5~dev3-3.26.1.noarch", "HPE Helion OpenStack 8:openstack-dashboard-theme-HPE-8+git.1523473653.6599ec8-3.3.1.noarch", "HPE Helion OpenStack 8:openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1.noarch", "HPE Helion OpenStack 8:openstack-keystone-12.0.4~dev11-5.33.2.noarch", "HPE Helion OpenStack 8:openstack-keystone-doc-12.0.4~dev11-5.33.2.noarch", "HPE Helion OpenStack 8:openstack-monasca-agent-2.2.6~dev4-3.18.1.noarch", "HPE Helion OpenStack 8:openstack-monasca-installer-20190923_16.32-3.12.1.noarch", "HPE Helion OpenStack 8:openstack-neutron-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-dhcp-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-doc-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-ha-tool-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-l3-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-macvtap-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-metadata-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-metering-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-neutron-server-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:openstack-octavia-amphora-image-x86_64-0.1.4-3.12.2.noarch", "HPE Helion OpenStack 8:python-Django-1.11.23-3.15.1.noarch", "HPE Helion OpenStack 8:python-Flask-0.12.1-3.3.1.noarch", "HPE Helion OpenStack 8:python-GitPython-2.1.8-3.3.1.noarch", "HPE Helion OpenStack 8:python-Pillow-4.2.1-3.5.1.x86_64", "HPE Helion OpenStack 8:python-amqp-2.4.2-3.12.1.noarch", "HPE Helion OpenStack 8:python-apicapi-1.6.0-3.6.1.noarch", "HPE Helion OpenStack 8:python-horizon-12.0.5~dev3-3.26.1.noarch", "HPE Helion OpenStack 8:python-keystone-12.0.4~dev11-5.33.2.noarch", "HPE Helion OpenStack 8:python-keystoneauth1-3.1.2~dev2-3.3.1.noarch", "HPE Helion OpenStack 8:python-monasca-agent-2.2.6~dev4-3.18.1.noarch", "HPE Helion OpenStack 8:python-neutron-11.0.9~dev65-3.33.2.noarch", "HPE Helion OpenStack 8:python-oslo.messaging-5.30.8-3.11.1.noarch", "HPE Helion OpenStack 8:python-psutil-5.2.2-3.3.1.x86_64", "HPE Helion OpenStack 8:python-pyroute2-0.4.21-3.3.1.noarch", "HPE Helion OpenStack 8:python-pysaml2-4.0.2-5.6.1.noarch", "HPE Helion OpenStack 8:python-tooz-1.58.1-3.3.1.noarch", "HPE Helion OpenStack 8:python-waitress-1.4.3-3.3.1.noarch", "HPE Helion OpenStack 8:storm-1.1.3-3.3.1.x86_64", "HPE Helion OpenStack 8:storm-nimbus-1.1.3-3.3.1.x86_64", "HPE Helion OpenStack 8:storm-supervisor-1.1.3-3.3.1.x86_64", "HPE Helion OpenStack 8:venv-openstack-aodh-x86_64-5.1.1~dev7-12.26.2.noarch", "HPE Helion OpenStack 8:venv-openstack-barbican-x86_64-5.0.2~dev3-12.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-ceilometer-x86_64-9.0.8~dev7-12.24.2.noarch", "HPE Helion OpenStack 8:venv-openstack-cinder-x86_64-11.2.3~dev23-14.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-designate-x86_64-5.0.3~dev7-12.25.2.noarch", "HPE Helion OpenStack 8:venv-openstack-freezer-x86_64-5.0.0.0~xrc2~dev2-10.22.1.noarch", "HPE Helion OpenStack 8:venv-openstack-glance-x86_64-15.0.3~dev3-12.25.1.noarch", "HPE Helion OpenStack 8:venv-openstack-heat-x86_64-9.0.8~dev22-12.27.1.noarch", "HPE Helion OpenStack 8:venv-openstack-horizon-hpe-x86_64-12.0.5~dev3-14.30.1.noarch", "HPE Helion OpenStack 8:venv-openstack-ironic-x86_64-9.1.8~dev8-12.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-keystone-x86_64-12.0.4~dev11-11.28.2.noarch", "HPE Helion OpenStack 8:venv-openstack-magnum-x86_64-5.0.2_5.0.2_5.0.2~dev31-11.26.2.noarch", "HPE Helion OpenStack 8:venv-openstack-manila-x86_64-5.1.1~dev5-12.31.2.noarch", "HPE Helion OpenStack 8:venv-openstack-monasca-ceilometer-x86_64-1.5.1_1.5.1_1.5.1~dev3-8.22.2.noarch", "HPE Helion OpenStack 8:venv-openstack-monasca-x86_64-2.2.2~dev1-11.22.3.noarch", "HPE Helion OpenStack 8:venv-openstack-murano-x86_64-4.0.2~dev2-12.22.1.noarch", "HPE Helion OpenStack 8:venv-openstack-neutron-x86_64-11.0.9~dev65-13.30.2.noarch", "HPE Helion OpenStack 8:venv-openstack-nova-x86_64-16.1.9~dev61-11.28.2.noarch", "HPE Helion OpenStack 8:venv-openstack-octavia-x86_64-1.0.6~dev3-12.27.2.noarch", "HPE Helion OpenStack 8:venv-openstack-sahara-x86_64-7.0.5~dev4-11.26.2.noarch", "HPE Helion OpenStack 8:venv-openstack-swift-x86_64-2.15.2_2.15.2_2.15.2~dev32-11.18.1.noarch", "HPE Helion OpenStack 8:venv-openstack-trove-x86_64-8.0.2~dev2-11.26.1.noarch", "SUSE OpenStack Cloud 8:ansible-2.4.6.0-3.9.1.noarch", "SUSE OpenStack Cloud 8:ansible1-1.9.6-7.3.1.noarch", "SUSE OpenStack Cloud 8:ardana-ansible-8.0+git.1589740980.6c3bcdc-3.73.1.noarch", "SUSE OpenStack Cloud 8:ardana-cluster-8.0+git.1585685203.3e71e49-3.36.1.noarch", "SUSE OpenStack Cloud 8:ardana-freezer-8.0+git.1586539529.b7d295f-3.21.1.noarch", "SUSE OpenStack Cloud 8:ardana-input-model-8.0+git.1589740934.0e0ad61-3.39.1.noarch", "SUSE OpenStack Cloud 8:ardana-logging-8.0+git.1591194866.b7375d0-3.24.1.noarch", "SUSE OpenStack Cloud 8:ardana-mq-8.0+git.1589715269.62ad6df-3.22.1.noarch", "SUSE OpenStack Cloud 8:ardana-neutron-8.0+git.1590756744.ba84abc-3.42.1.noarch", "SUSE OpenStack Cloud 8:ardana-octavia-8.0+git.1590100427.cf4cc8f-3.29.1.noarch", "SUSE OpenStack Cloud 8:ardana-osconfig-8.0+git.1587034587.eac37b8-3.45.1.noarch", "SUSE OpenStack Cloud 8:caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-installation-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-operations-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-opsconsole-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-planning-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-security-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-supplement-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-upstream-admin-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-upstream-user-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:documentation-suse-openstack-cloud-user-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud 8:grafana-4.6.5-4.9.1.x86_64", "SUSE OpenStack Cloud 8:kibana-4.6.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:openstack-dashboard-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud 8:openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1.noarch", "SUSE OpenStack Cloud 8:openstack-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-keystone-doc-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud 8:openstack-monasca-installer-20190923_16.32-3.12.1.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-dhcp-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-doc-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-ha-tool-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-l3-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-macvtap-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-metadata-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-metering-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-neutron-server-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:openstack-octavia-amphora-image-x86_64-0.1.4-3.12.2.noarch", "SUSE OpenStack Cloud 8:python-Django-1.11.23-3.15.1.noarch", "SUSE OpenStack Cloud 8:python-Flask-0.12.1-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-GitPython-2.1.8-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-Pillow-4.2.1-3.5.1.x86_64", "SUSE OpenStack Cloud 8:python-amqp-2.4.2-3.12.1.noarch", "SUSE OpenStack Cloud 8:python-apicapi-1.6.0-3.6.1.noarch", "SUSE OpenStack Cloud 8:python-horizon-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud 8:python-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud 8:python-keystoneauth1-3.1.2~dev2-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud 8:python-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud 8:python-oslo.messaging-5.30.8-3.11.1.noarch", "SUSE OpenStack Cloud 8:python-psutil-5.2.2-3.3.1.x86_64", "SUSE OpenStack Cloud 8:python-pyroute2-0.4.21-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-pysaml2-4.0.2-5.6.1.noarch", "SUSE OpenStack Cloud 8:python-tooz-1.58.1-3.3.1.noarch", "SUSE OpenStack Cloud 8:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud 8:storm-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:storm-nimbus-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:storm-supervisor-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud 8:venv-openstack-aodh-x86_64-5.1.1~dev7-12.26.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-barbican-x86_64-5.0.2~dev3-12.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-ceilometer-x86_64-9.0.8~dev7-12.24.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-cinder-x86_64-11.2.3~dev23-14.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-designate-x86_64-5.0.3~dev7-12.25.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-freezer-x86_64-5.0.0.0~xrc2~dev2-10.22.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-glance-x86_64-15.0.3~dev3-12.25.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-heat-x86_64-9.0.8~dev22-12.27.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-horizon-x86_64-12.0.5~dev3-14.30.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-ironic-x86_64-9.1.8~dev8-12.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-keystone-x86_64-12.0.4~dev11-11.28.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-magnum-x86_64-5.0.2_5.0.2_5.0.2~dev31-11.26.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-manila-x86_64-5.1.1~dev5-12.31.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-monasca-ceilometer-x86_64-1.5.1_1.5.1_1.5.1~dev3-8.22.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-monasca-x86_64-2.2.2~dev1-11.22.3.noarch", "SUSE OpenStack Cloud 8:venv-openstack-murano-x86_64-4.0.2~dev2-12.22.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-neutron-x86_64-11.0.9~dev65-13.30.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-nova-x86_64-16.1.9~dev61-11.28.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-octavia-x86_64-1.0.6~dev3-12.27.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-sahara-x86_64-7.0.5~dev4-11.26.2.noarch", "SUSE OpenStack Cloud 8:venv-openstack-swift-x86_64-2.15.2_2.15.2_2.15.2~dev32-11.18.1.noarch", "SUSE OpenStack Cloud 8:venv-openstack-trove-x86_64-8.0.2~dev2-11.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:ansible-2.4.6.0-3.9.1.noarch", "SUSE OpenStack Cloud Crowbar 8:caasp-openstack-heat-templates-1.0+git.1560518045.ad7dc6d-4.18.1.noarch", "SUSE OpenStack Cloud Crowbar 8:crowbar-core-5.0+git.1593156248.55bbdb26d-3.41.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:crowbar-core-branding-upstream-5.0+git.1593156248.55bbdb26d-3.41.2.x86_64", "SUSE OpenStack Cloud Crowbar 8:crowbar-openstack-5.0+git.1593085772.64c4ab43c-4.40.2.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-deployment-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-supplement-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-upstream-admin-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:documentation-suse-openstack-cloud-upstream-user-8.20200527-1.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:grafana-4.6.5-4.9.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:kibana-4.6.3-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:openstack-dashboard-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-heat-templates-0.0.0+git.1582270132.8a20477-3.15.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-keystone-doc-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-monasca-installer-20190923_16.32-3.12.1.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-dhcp-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-doc-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-ha-tool-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-l3-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-linuxbridge-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-macvtap-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-metadata-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-metering-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-openvswitch-agent-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-server-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:openstack-octavia-amphora-image-x86_64-0.1.4-3.12.2.noarch", "SUSE OpenStack Cloud Crowbar 8:python-Django-1.11.23-3.15.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-Flask-0.12.1-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-Pillow-4.2.1-3.5.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:python-amqp-2.4.2-3.12.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-apicapi-1.6.0-3.6.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-horizon-12.0.5~dev3-3.26.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-keystone-12.0.4~dev11-5.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:python-keystoneauth1-3.1.2~dev2-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-monasca-agent-2.2.6~dev4-3.18.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-neutron-11.0.9~dev65-3.33.2.noarch", "SUSE OpenStack Cloud Crowbar 8:python-oslo.messaging-5.30.8-3.11.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-psutil-5.2.2-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:python-pyroute2-0.4.21-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-pysaml2-4.0.2-5.6.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-tooz-1.58.1-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:python-waitress-1.4.3-3.3.1.noarch", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-activeresource-4.0.0-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-crowbar-client-3.9.2-3.12.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-json-1_7-1.7.7-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-puma-2.16.0-3.9.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:storm-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:storm-nimbus-1.1.3-3.3.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:storm-supervisor-1.1.3-3.3.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2020-07-14T12:42:01Z", details: "moderate", }, ], title: "CVE-2020-8151", }, ], }
suse-su-2020:3036-1
Vulnerability from csaf_suse
Published
2020-10-26 11:11
Modified
2020-10-26 11:11
Summary
Security update for rmt-server
Notes
Title of the patch
Security update for rmt-server
Description of the patch
This update for rmt-server fixes the following issues:
Update to version 2.6.5:
- Solved potential bug of SCC repository URLs changing over time. RMT
now self heals by removing the previous invalid repository and
creating the correct one.
- Add web server settings to /etc/rmt.conf:
Now it's possible to configure the minimum and maximum threads count as well
the number of web server workers to be booted through /etc/rmt.conf.
- Instead of using an MD5 of URLs for custom repository friendly_ids,
RMT now builds an ID from the name.
- Fix RMT file caching based on timestamps:
Previously, RMT sent GET requests with the header 'If-Modified-Since' to a
repository server and if the response had a 304 (Not Modified), it would copy
a file from the local cache instead of downloading. However, if the local file
timestamp accidentally changed to a date newer than the one on the repository
server, RMT would have an outdated file, which caused some errors.
Now, RMT makes HEAD requests to the repositories servers and inspect the
'Last-Modified' header to decide whether to download a file or copy it from
cache, by comparing the equalness of timestamps.
- Fixed an issue where relative paths supplied to `rmt-cli import repos`
caused the command to fail.
- Friendlier IDs for custom repositories:
In an effort to simplify the handling of SCC and custom repositories,
RMT now has friendly IDs. For SCC repositories, it's the same SCC ID
as before. For custom repositories, it can either be user provided
or RMT generated (MD5 of the provided URL).
Benefits:
* `rmt-cli mirror repositories` now works for custom repositories.
* Custom repository IDs can be the same across RMT instances.
* No more confusing 'SCC ID' vs 'ID' in `rmt-cli` output.
Deprecation Warnings:
* RMT now uses a different ID for custom repositories than before.
RMT still supports that old ID, but it's recommended to start
using the new ID to ensure future compatibility.
- Updated rails and puma dependencies for security fixes.
Patchnames
SUSE-2020-3036,SUSE-SLE-Module-Public-Cloud-15-SP2-2020-3036,SUSE-SLE-Module-Server-Applications-15-SP2-2020-3036
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Security update for rmt-server", title: "Title of the patch", }, { category: "description", text: "This update for rmt-server fixes the following issues:\n\nUpdate to version 2.6.5:\n- Solved potential bug of SCC repository URLs changing over time. RMT\n now self heals by removing the previous invalid repository and\n creating the correct one.\n- Add web server settings to /etc/rmt.conf:\n Now it's possible to configure the minimum and maximum threads count as well\n the number of web server workers to be booted through /etc/rmt.conf.\n- Instead of using an MD5 of URLs for custom repository friendly_ids,\n RMT now builds an ID from the name.\n- Fix RMT file caching based on timestamps:\n Previously, RMT sent GET requests with the header 'If-Modified-Since' to a\n repository server and if the response had a 304 (Not Modified), it would copy\n a file from the local cache instead of downloading. However, if the local file\n timestamp accidentally changed to a date newer than the one on the repository\n server, RMT would have an outdated file, which caused some errors.\n Now, RMT makes HEAD requests to the repositories servers and inspect the\n 'Last-Modified' header to decide whether to download a file or copy it from\n cache, by comparing the equalness of timestamps.\n- Fixed an issue where relative paths supplied to `rmt-cli import repos`\n caused the command to fail.\n- Friendlier IDs for custom repositories:\n In an effort to simplify the handling of SCC and custom repositories,\n RMT now has friendly IDs. For SCC repositories, it's the same SCC ID\n as before. For custom repositories, it can either be user provided\n or RMT generated (MD5 of the provided URL).\n Benefits:\n * `rmt-cli mirror repositories` now works for custom repositories.\n * Custom repository IDs can be the same across RMT instances.\n * No more confusing 'SCC ID' vs 'ID' in `rmt-cli` output.\n Deprecation Warnings:\n * RMT now uses a different ID for custom repositories than before.\n RMT still supports that old ID, but it's recommended to start\n using the new ID to ensure future compatibility.\n- Updated rails and puma dependencies for security fixes.\n", title: "Description of the patch", }, { category: "details", text: "SUSE-2020-3036,SUSE-SLE-Module-Public-Cloud-15-SP2-2020-3036,SUSE-SLE-Module-Server-Applications-15-SP2-2020-3036", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2020_3036-1.json", }, { category: "self", summary: "URL for SUSE-SU-2020:3036-1", url: "https://www.suse.com/support/update/announcement/2020/suse-su-20203036-1/", }, { category: "self", summary: "E-Mail link for SUSE-SU-2020:3036-1", url: "https://lists.suse.com/pipermail/sle-security-updates/2020-October/007625.html", }, { category: "self", summary: "SUSE Bug 1165548", url: "https://bugzilla.suse.com/1165548", }, { category: "self", summary: "SUSE Bug 1168554", url: "https://bugzilla.suse.com/1168554", }, { category: "self", summary: "SUSE Bug 1172177", url: "https://bugzilla.suse.com/1172177", }, { category: "self", summary: "SUSE Bug 1172182", url: "https://bugzilla.suse.com/1172182", }, { category: "self", summary: "SUSE Bug 1172184", url: "https://bugzilla.suse.com/1172184", }, { category: "self", summary: "SUSE Bug 1172186", url: "https://bugzilla.suse.com/1172186", }, { category: "self", summary: "SUSE Bug 1173351", url: "https://bugzilla.suse.com/1173351", }, { category: "self", summary: "SUSE CVE CVE-2019-16770 page", url: "https://www.suse.com/security/cve/CVE-2019-16770/", }, { category: "self", summary: "SUSE CVE CVE-2019-5418 page", url: "https://www.suse.com/security/cve/CVE-2019-5418/", }, { category: "self", summary: "SUSE CVE CVE-2019-5419 page", url: "https://www.suse.com/security/cve/CVE-2019-5419/", }, { category: "self", summary: "SUSE CVE CVE-2019-5420 page", url: "https://www.suse.com/security/cve/CVE-2019-5420/", }, { category: "self", summary: "SUSE CVE CVE-2020-11076 page", url: "https://www.suse.com/security/cve/CVE-2020-11076/", }, { category: "self", summary: "SUSE CVE CVE-2020-11077 page", url: "https://www.suse.com/security/cve/CVE-2020-11077/", }, { category: "self", summary: "SUSE CVE CVE-2020-15169 page", url: "https://www.suse.com/security/cve/CVE-2020-15169/", }, { category: "self", summary: "SUSE CVE CVE-2020-5247 page", url: "https://www.suse.com/security/cve/CVE-2020-5247/", }, { category: "self", summary: "SUSE CVE CVE-2020-5249 page", url: "https://www.suse.com/security/cve/CVE-2020-5249/", }, { category: "self", summary: "SUSE CVE CVE-2020-5267 page", url: "https://www.suse.com/security/cve/CVE-2020-5267/", }, { category: "self", summary: "SUSE CVE CVE-2020-8164 page", url: "https://www.suse.com/security/cve/CVE-2020-8164/", }, { category: "self", summary: "SUSE CVE CVE-2020-8165 page", url: "https://www.suse.com/security/cve/CVE-2020-8165/", }, { category: "self", summary: "SUSE CVE CVE-2020-8166 page", url: "https://www.suse.com/security/cve/CVE-2020-8166/", }, { category: "self", summary: "SUSE CVE CVE-2020-8167 page", url: "https://www.suse.com/security/cve/CVE-2020-8167/", }, { category: "self", summary: "SUSE CVE CVE-2020-8184 page", url: "https://www.suse.com/security/cve/CVE-2020-8184/", }, { category: "self", summary: "SUSE CVE CVE-2020-8185 page", url: "https://www.suse.com/security/cve/CVE-2020-8185/", }, ], title: "Security update for rmt-server", tracking: { current_release_date: "2020-10-26T11:11:15Z", generator: { date: "2020-10-26T11:11:15Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "SUSE-SU-2020:3036-1", initial_release_date: "2020-10-26T11:11:15Z", revision_history: [ { date: "2020-10-26T11:11:15Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "rmt-server-2.6.5-3.3.1.aarch64", product: { name: "rmt-server-2.6.5-3.3.1.aarch64", product_id: "rmt-server-2.6.5-3.3.1.aarch64", }, }, { category: "product_version", name: "rmt-server-config-2.6.5-3.3.1.aarch64", product: { name: "rmt-server-config-2.6.5-3.3.1.aarch64", product_id: "rmt-server-config-2.6.5-3.3.1.aarch64", }, }, { category: "product_version", name: "rmt-server-pubcloud-2.6.5-3.3.1.aarch64", product: { name: "rmt-server-pubcloud-2.6.5-3.3.1.aarch64", product_id: "rmt-server-pubcloud-2.6.5-3.3.1.aarch64", }, }, ], category: "architecture", name: "aarch64", }, { branches: [ { category: "product_version", name: "rmt-server-2.6.5-3.3.1.ppc64le", product: { name: "rmt-server-2.6.5-3.3.1.ppc64le", product_id: "rmt-server-2.6.5-3.3.1.ppc64le", }, }, { category: "product_version", name: "rmt-server-config-2.6.5-3.3.1.ppc64le", product: { name: "rmt-server-config-2.6.5-3.3.1.ppc64le", product_id: "rmt-server-config-2.6.5-3.3.1.ppc64le", }, }, { category: "product_version", name: "rmt-server-pubcloud-2.6.5-3.3.1.ppc64le", product: { name: "rmt-server-pubcloud-2.6.5-3.3.1.ppc64le", product_id: "rmt-server-pubcloud-2.6.5-3.3.1.ppc64le", }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "rmt-server-2.6.5-3.3.1.s390x", product: { name: "rmt-server-2.6.5-3.3.1.s390x", product_id: "rmt-server-2.6.5-3.3.1.s390x", }, }, { category: "product_version", name: "rmt-server-config-2.6.5-3.3.1.s390x", product: { name: "rmt-server-config-2.6.5-3.3.1.s390x", product_id: "rmt-server-config-2.6.5-3.3.1.s390x", }, }, { category: "product_version", name: "rmt-server-pubcloud-2.6.5-3.3.1.s390x", product: { name: "rmt-server-pubcloud-2.6.5-3.3.1.s390x", product_id: "rmt-server-pubcloud-2.6.5-3.3.1.s390x", }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "rmt-server-2.6.5-3.3.1.x86_64", product: { name: "rmt-server-2.6.5-3.3.1.x86_64", product_id: "rmt-server-2.6.5-3.3.1.x86_64", }, }, { category: "product_version", name: "rmt-server-config-2.6.5-3.3.1.x86_64", product: { name: "rmt-server-config-2.6.5-3.3.1.x86_64", product_id: "rmt-server-config-2.6.5-3.3.1.x86_64", }, }, { category: "product_version", name: "rmt-server-pubcloud-2.6.5-3.3.1.x86_64", product: { name: "rmt-server-pubcloud-2.6.5-3.3.1.x86_64", product_id: "rmt-server-pubcloud-2.6.5-3.3.1.x86_64", }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_name", name: "SUSE Linux Enterprise Module for Public Cloud 15 SP2", product: { name: "SUSE Linux Enterprise Module for Public Cloud 15 SP2", product_id: "SUSE Linux Enterprise Module for Public Cloud 15 SP2", product_identification_helper: { cpe: "cpe:/o:suse:sle-module-public-cloud:15:sp2", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Module for Server Applications 15 SP2", product: { name: "SUSE Linux Enterprise Module for Server Applications 15 SP2", product_id: "SUSE Linux Enterprise Module for Server Applications 15 SP2", product_identification_helper: { cpe: "cpe:/o:suse:sle-module-server-applications:15:sp2", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "rmt-server-pubcloud-2.6.5-3.3.1.aarch64 as component of SUSE Linux Enterprise Module for Public Cloud 15 SP2", product_id: "SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.6.5-3.3.1.aarch64", }, product_reference: "rmt-server-pubcloud-2.6.5-3.3.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Module for Public Cloud 15 SP2", }, { category: "default_component_of", full_product_name: { name: "rmt-server-pubcloud-2.6.5-3.3.1.ppc64le as component of SUSE Linux Enterprise Module for Public Cloud 15 SP2", product_id: "SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.6.5-3.3.1.ppc64le", }, product_reference: "rmt-server-pubcloud-2.6.5-3.3.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Module for Public Cloud 15 SP2", }, { category: "default_component_of", full_product_name: { name: "rmt-server-pubcloud-2.6.5-3.3.1.s390x as component of SUSE Linux Enterprise Module for Public Cloud 15 SP2", product_id: "SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.6.5-3.3.1.s390x", }, product_reference: "rmt-server-pubcloud-2.6.5-3.3.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Module for Public Cloud 15 SP2", }, { category: "default_component_of", full_product_name: { name: "rmt-server-pubcloud-2.6.5-3.3.1.x86_64 as component of SUSE Linux Enterprise Module for Public Cloud 15 SP2", product_id: "SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.6.5-3.3.1.x86_64", }, product_reference: "rmt-server-pubcloud-2.6.5-3.3.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Module for Public Cloud 15 SP2", }, { category: "default_component_of", full_product_name: { name: "rmt-server-2.6.5-3.3.1.aarch64 as component of SUSE Linux Enterprise Module for Server Applications 15 SP2", product_id: "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-2.6.5-3.3.1.aarch64", }, product_reference: "rmt-server-2.6.5-3.3.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Module for Server Applications 15 SP2", }, { category: "default_component_of", full_product_name: { name: "rmt-server-2.6.5-3.3.1.ppc64le as component of SUSE Linux Enterprise Module for Server Applications 15 SP2", product_id: "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-2.6.5-3.3.1.ppc64le", }, product_reference: "rmt-server-2.6.5-3.3.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Module for Server Applications 15 SP2", }, { category: "default_component_of", full_product_name: { name: "rmt-server-2.6.5-3.3.1.s390x as component of SUSE Linux Enterprise Module for Server Applications 15 SP2", product_id: "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-2.6.5-3.3.1.s390x", }, product_reference: "rmt-server-2.6.5-3.3.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Module for Server Applications 15 SP2", }, { category: "default_component_of", full_product_name: { name: "rmt-server-2.6.5-3.3.1.x86_64 as component of SUSE Linux Enterprise Module for Server Applications 15 SP2", product_id: "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-2.6.5-3.3.1.x86_64", }, product_reference: "rmt-server-2.6.5-3.3.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Module for Server Applications 15 SP2", }, { category: "default_component_of", full_product_name: { name: "rmt-server-config-2.6.5-3.3.1.aarch64 as component of SUSE Linux Enterprise Module for Server Applications 15 SP2", product_id: "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-config-2.6.5-3.3.1.aarch64", }, product_reference: "rmt-server-config-2.6.5-3.3.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Module for Server Applications 15 SP2", }, { category: "default_component_of", full_product_name: { name: "rmt-server-config-2.6.5-3.3.1.ppc64le as component of SUSE Linux Enterprise Module for Server Applications 15 SP2", product_id: "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-config-2.6.5-3.3.1.ppc64le", }, product_reference: "rmt-server-config-2.6.5-3.3.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Module for Server Applications 15 SP2", }, { category: "default_component_of", full_product_name: { name: "rmt-server-config-2.6.5-3.3.1.s390x as component of SUSE Linux Enterprise Module for Server Applications 15 SP2", product_id: "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-config-2.6.5-3.3.1.s390x", }, product_reference: "rmt-server-config-2.6.5-3.3.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Module for Server Applications 15 SP2", }, { category: "default_component_of", full_product_name: { name: "rmt-server-config-2.6.5-3.3.1.x86_64 as component of SUSE Linux Enterprise Module for Server Applications 15 SP2", product_id: "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-config-2.6.5-3.3.1.x86_64", }, product_reference: "rmt-server-config-2.6.5-3.3.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Module for Server Applications 15 SP2", }, ], }, vulnerabilities: [ { cve: "CVE-2019-16770", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-16770", }, ], notes: [ { category: "general", text: "In Puma before versions 3.12.2 and 4.3.1, a poorly-behaved client could use keepalive requests to monopolize Puma's reactor and create a denial of service attack. If more keepalive connections to Puma are opened than there are threads available, additional connections will wait permanently if the attacker sends requests frequently enough. This vulnerability is patched in Puma 4.3.1 and 3.12.2.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.6.5-3.3.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.6.5-3.3.1.ppc64le", "SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.6.5-3.3.1.s390x", "SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.6.5-3.3.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-2.6.5-3.3.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-2.6.5-3.3.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-2.6.5-3.3.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-2.6.5-3.3.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-config-2.6.5-3.3.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-config-2.6.5-3.3.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-config-2.6.5-3.3.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-config-2.6.5-3.3.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-16770", url: "https://www.suse.com/security/cve/CVE-2019-16770", }, { category: "external", summary: "SUSE Bug 1158675 for CVE-2019-16770", url: "https://bugzilla.suse.com/1158675", }, { category: "external", summary: "SUSE Bug 1188527 for CVE-2019-16770", url: "https://bugzilla.suse.com/1188527", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.6.5-3.3.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.6.5-3.3.1.ppc64le", "SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.6.5-3.3.1.s390x", "SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.6.5-3.3.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-2.6.5-3.3.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-2.6.5-3.3.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-2.6.5-3.3.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-2.6.5-3.3.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-config-2.6.5-3.3.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-config-2.6.5-3.3.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-config-2.6.5-3.3.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-config-2.6.5-3.3.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.6.5-3.3.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.6.5-3.3.1.ppc64le", "SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.6.5-3.3.1.s390x", "SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.6.5-3.3.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-2.6.5-3.3.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-2.6.5-3.3.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-2.6.5-3.3.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-2.6.5-3.3.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-config-2.6.5-3.3.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-config-2.6.5-3.3.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-config-2.6.5-3.3.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-config-2.6.5-3.3.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2020-10-26T11:11:15Z", details: "important", }, ], title: "CVE-2019-16770", }, { cve: "CVE-2019-5418", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-5418", }, ], notes: [ { category: "general", text: "There is a File Content Disclosure vulnerability in Action View <5.2.2.1, <5.1.6.2, <5.0.7.2, <4.2.11.1 and v3 where specially crafted accept headers can cause contents of arbitrary files on the target system's filesystem to be exposed.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.6.5-3.3.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.6.5-3.3.1.ppc64le", "SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.6.5-3.3.1.s390x", "SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.6.5-3.3.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-2.6.5-3.3.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-2.6.5-3.3.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-2.6.5-3.3.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-2.6.5-3.3.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-config-2.6.5-3.3.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-config-2.6.5-3.3.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-config-2.6.5-3.3.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-config-2.6.5-3.3.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-5418", url: "https://www.suse.com/security/cve/CVE-2019-5418", }, { category: "external", summary: "SUSE Bug 1129272 for CVE-2019-5418", url: "https://bugzilla.suse.com/1129272", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.6.5-3.3.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.6.5-3.3.1.ppc64le", "SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.6.5-3.3.1.s390x", "SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.6.5-3.3.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-2.6.5-3.3.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-2.6.5-3.3.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-2.6.5-3.3.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-2.6.5-3.3.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-config-2.6.5-3.3.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-config-2.6.5-3.3.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-config-2.6.5-3.3.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-config-2.6.5-3.3.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.0", }, products: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.6.5-3.3.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.6.5-3.3.1.ppc64le", "SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.6.5-3.3.1.s390x", "SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.6.5-3.3.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-2.6.5-3.3.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-2.6.5-3.3.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-2.6.5-3.3.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-2.6.5-3.3.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-config-2.6.5-3.3.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-config-2.6.5-3.3.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-config-2.6.5-3.3.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-config-2.6.5-3.3.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2020-10-26T11:11:15Z", details: "moderate", }, ], title: "CVE-2019-5418", }, { cve: "CVE-2019-5419", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-5419", }, ], notes: [ { category: "general", text: "There is a possible denial of service vulnerability in Action View (Rails) <5.2.2.1, <5.1.6.2, <5.0.7.2, <4.2.11.1 where specially crafted accept headers can cause action view to consume 100% cpu and make the server unresponsive.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.6.5-3.3.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.6.5-3.3.1.ppc64le", "SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.6.5-3.3.1.s390x", "SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.6.5-3.3.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-2.6.5-3.3.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-2.6.5-3.3.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-2.6.5-3.3.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-2.6.5-3.3.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-config-2.6.5-3.3.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-config-2.6.5-3.3.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-config-2.6.5-3.3.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-config-2.6.5-3.3.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-5419", url: "https://www.suse.com/security/cve/CVE-2019-5419", }, { category: "external", summary: "SUSE Bug 1129271 for CVE-2019-5419", url: "https://bugzilla.suse.com/1129271", }, { category: "external", summary: "SUSE Bug 1203810 for CVE-2019-5419", url: "https://bugzilla.suse.com/1203810", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.6.5-3.3.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.6.5-3.3.1.ppc64le", "SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.6.5-3.3.1.s390x", "SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.6.5-3.3.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-2.6.5-3.3.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-2.6.5-3.3.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-2.6.5-3.3.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-2.6.5-3.3.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-config-2.6.5-3.3.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-config-2.6.5-3.3.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-config-2.6.5-3.3.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-config-2.6.5-3.3.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.6.5-3.3.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.6.5-3.3.1.ppc64le", "SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.6.5-3.3.1.s390x", "SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.6.5-3.3.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-2.6.5-3.3.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-2.6.5-3.3.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-2.6.5-3.3.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-2.6.5-3.3.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-config-2.6.5-3.3.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-config-2.6.5-3.3.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-config-2.6.5-3.3.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-config-2.6.5-3.3.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2020-10-26T11:11:15Z", details: "moderate", }, ], title: "CVE-2019-5419", }, { cve: "CVE-2019-5420", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-5420", }, ], notes: [ { category: "general", text: "A remote code execution vulnerability in development mode Rails <5.2.2.1, <6.0.0.beta3 can allow an attacker to guess the automatically generated development mode secret token. This secret token can be used in combination with other Rails internals to escalate to a remote code execution exploit.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.6.5-3.3.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.6.5-3.3.1.ppc64le", "SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.6.5-3.3.1.s390x", "SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.6.5-3.3.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-2.6.5-3.3.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-2.6.5-3.3.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-2.6.5-3.3.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-2.6.5-3.3.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-config-2.6.5-3.3.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-config-2.6.5-3.3.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-config-2.6.5-3.3.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-config-2.6.5-3.3.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-5420", url: "https://www.suse.com/security/cve/CVE-2019-5420", }, { category: "external", summary: "SUSE Bug 1129268 for CVE-2019-5420", url: "https://bugzilla.suse.com/1129268", }, { category: "external", summary: "SUSE Bug 1203810 for CVE-2019-5420", url: "https://bugzilla.suse.com/1203810", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.6.5-3.3.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.6.5-3.3.1.ppc64le", "SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.6.5-3.3.1.s390x", "SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.6.5-3.3.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-2.6.5-3.3.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-2.6.5-3.3.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-2.6.5-3.3.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-2.6.5-3.3.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-config-2.6.5-3.3.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-config-2.6.5-3.3.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-config-2.6.5-3.3.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-config-2.6.5-3.3.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.1, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.6.5-3.3.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.6.5-3.3.1.ppc64le", "SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.6.5-3.3.1.s390x", "SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.6.5-3.3.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-2.6.5-3.3.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-2.6.5-3.3.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-2.6.5-3.3.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-2.6.5-3.3.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-config-2.6.5-3.3.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-config-2.6.5-3.3.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-config-2.6.5-3.3.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-config-2.6.5-3.3.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2020-10-26T11:11:15Z", details: "important", }, ], title: "CVE-2019-5420", }, { cve: "CVE-2020-11076", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-11076", }, ], notes: [ { category: "general", text: "In Puma (RubyGem) before 4.3.4 and 3.12.5, an attacker could smuggle an HTTP response, by using an invalid transfer-encoding header. The problem has been fixed in Puma 3.12.5 and Puma 4.3.4.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.6.5-3.3.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.6.5-3.3.1.ppc64le", "SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.6.5-3.3.1.s390x", "SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.6.5-3.3.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-2.6.5-3.3.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-2.6.5-3.3.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-2.6.5-3.3.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-2.6.5-3.3.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-config-2.6.5-3.3.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-config-2.6.5-3.3.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-config-2.6.5-3.3.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-config-2.6.5-3.3.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-11076", url: "https://www.suse.com/security/cve/CVE-2020-11076", }, { category: "external", summary: "SUSE Bug 1172175 for CVE-2020-11076", url: "https://bugzilla.suse.com/1172175", }, { category: "external", summary: "SUSE Bug 1172176 for CVE-2020-11076", url: "https://bugzilla.suse.com/1172176", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.6.5-3.3.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.6.5-3.3.1.ppc64le", "SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.6.5-3.3.1.s390x", "SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.6.5-3.3.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-2.6.5-3.3.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-2.6.5-3.3.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-2.6.5-3.3.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-2.6.5-3.3.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-config-2.6.5-3.3.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-config-2.6.5-3.3.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-config-2.6.5-3.3.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-config-2.6.5-3.3.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.8, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N", version: "3.1", }, products: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.6.5-3.3.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.6.5-3.3.1.ppc64le", "SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.6.5-3.3.1.s390x", "SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.6.5-3.3.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-2.6.5-3.3.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-2.6.5-3.3.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-2.6.5-3.3.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-2.6.5-3.3.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-config-2.6.5-3.3.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-config-2.6.5-3.3.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-config-2.6.5-3.3.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-config-2.6.5-3.3.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2020-10-26T11:11:15Z", details: "moderate", }, ], title: "CVE-2020-11076", }, { cve: "CVE-2020-11077", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-11077", }, ], notes: [ { category: "general", text: "In Puma (RubyGem) before 4.3.5 and 3.12.6, a client could smuggle a request through a proxy, causing the proxy to send a response back to another unknown client. If the proxy uses persistent connections and the client adds another request in via HTTP pipelining, the proxy may mistake it as the first request's body. Puma, however, would see it as two requests, and when processing the second request, send back a response that the proxy does not expect. If the proxy has reused the persistent connection to Puma to send another request for a different client, the second response from the first client will be sent to the second client. This is a similar but different vulnerability from CVE-2020-11076. The problem has been fixed in Puma 3.12.6 and Puma 4.3.5.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.6.5-3.3.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.6.5-3.3.1.ppc64le", "SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.6.5-3.3.1.s390x", "SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.6.5-3.3.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-2.6.5-3.3.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-2.6.5-3.3.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-2.6.5-3.3.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-2.6.5-3.3.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-config-2.6.5-3.3.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-config-2.6.5-3.3.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-config-2.6.5-3.3.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-config-2.6.5-3.3.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-11077", url: "https://www.suse.com/security/cve/CVE-2020-11077", }, { category: "external", summary: "SUSE Bug 1172175 for CVE-2020-11077", url: "https://bugzilla.suse.com/1172175", }, { category: "external", summary: "SUSE Bug 1172176 for CVE-2020-11077", url: "https://bugzilla.suse.com/1172176", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.6.5-3.3.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.6.5-3.3.1.ppc64le", "SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.6.5-3.3.1.s390x", "SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.6.5-3.3.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-2.6.5-3.3.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-2.6.5-3.3.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-2.6.5-3.3.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-2.6.5-3.3.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-config-2.6.5-3.3.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-config-2.6.5-3.3.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-config-2.6.5-3.3.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-config-2.6.5-3.3.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.8, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N", version: "3.1", }, products: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.6.5-3.3.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.6.5-3.3.1.ppc64le", "SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.6.5-3.3.1.s390x", "SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.6.5-3.3.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-2.6.5-3.3.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-2.6.5-3.3.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-2.6.5-3.3.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-2.6.5-3.3.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-config-2.6.5-3.3.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-config-2.6.5-3.3.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-config-2.6.5-3.3.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-config-2.6.5-3.3.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2020-10-26T11:11:15Z", details: "moderate", }, ], title: "CVE-2020-11077", }, { cve: "CVE-2020-15169", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-15169", }, ], notes: [ { category: "general", text: "In Action View before versions 5.2.4.4 and 6.0.3.3 there is a potential Cross-Site Scripting (XSS) vulnerability in Action View's translation helpers. Views that allow the user to control the default (not found) value of the `t` and `translate` helpers could be susceptible to XSS attacks. When an HTML-unsafe string is passed as the default for a missing translation key named html or ending in _html, the default string is incorrectly marked as HTML-safe and not escaped. This is patched in versions 6.0.3.3 and 5.2.4.4. A workaround without upgrading is proposed in the source advisory.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.6.5-3.3.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.6.5-3.3.1.ppc64le", "SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.6.5-3.3.1.s390x", "SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.6.5-3.3.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-2.6.5-3.3.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-2.6.5-3.3.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-2.6.5-3.3.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-2.6.5-3.3.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-config-2.6.5-3.3.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-config-2.6.5-3.3.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-config-2.6.5-3.3.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-config-2.6.5-3.3.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-15169", url: "https://www.suse.com/security/cve/CVE-2020-15169", }, { category: "external", summary: "SUSE Bug 1176421 for CVE-2020-15169", url: "https://bugzilla.suse.com/1176421", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.6.5-3.3.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.6.5-3.3.1.ppc64le", "SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.6.5-3.3.1.s390x", "SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.6.5-3.3.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-2.6.5-3.3.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-2.6.5-3.3.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-2.6.5-3.3.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-2.6.5-3.3.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-config-2.6.5-3.3.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-config-2.6.5-3.3.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-config-2.6.5-3.3.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-config-2.6.5-3.3.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.4, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, products: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.6.5-3.3.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.6.5-3.3.1.ppc64le", "SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.6.5-3.3.1.s390x", "SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.6.5-3.3.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-2.6.5-3.3.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-2.6.5-3.3.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-2.6.5-3.3.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-2.6.5-3.3.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-config-2.6.5-3.3.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-config-2.6.5-3.3.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-config-2.6.5-3.3.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-config-2.6.5-3.3.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2020-10-26T11:11:15Z", details: "important", }, ], title: "CVE-2020-15169", }, { cve: "CVE-2020-5247", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-5247", }, ], notes: [ { category: "general", text: "In Puma (RubyGem) before 4.3.2 and before 3.12.3, if an application using Puma allows untrusted input in a response header, an attacker can use newline characters (i.e. `CR`, `LF` or`/r`, `/n`) to end the header and inject malicious content, such as additional headers or an entirely new response body. This vulnerability is known as HTTP Response Splitting. While not an attack in itself, response splitting is a vector for several other attacks, such as cross-site scripting (XSS). This is related to CVE-2019-16254, which fixed this vulnerability for the WEBrick Ruby web server. This has been fixed in versions 4.3.2 and 3.12.3 by checking all headers for line endings and rejecting headers with those characters.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.6.5-3.3.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.6.5-3.3.1.ppc64le", "SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.6.5-3.3.1.s390x", "SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.6.5-3.3.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-2.6.5-3.3.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-2.6.5-3.3.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-2.6.5-3.3.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-2.6.5-3.3.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-config-2.6.5-3.3.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-config-2.6.5-3.3.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-config-2.6.5-3.3.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-config-2.6.5-3.3.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-5247", url: "https://www.suse.com/security/cve/CVE-2020-5247", }, { category: "external", summary: "SUSE Bug 1165402 for CVE-2020-5247", url: "https://bugzilla.suse.com/1165402", }, { category: "external", summary: "SUSE Bug 1165524 for CVE-2020-5247", url: "https://bugzilla.suse.com/1165524", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.6.5-3.3.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.6.5-3.3.1.ppc64le", "SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.6.5-3.3.1.s390x", "SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.6.5-3.3.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-2.6.5-3.3.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-2.6.5-3.3.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-2.6.5-3.3.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-2.6.5-3.3.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-config-2.6.5-3.3.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-config-2.6.5-3.3.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-config-2.6.5-3.3.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-config-2.6.5-3.3.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N", version: "3.1", }, products: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.6.5-3.3.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.6.5-3.3.1.ppc64le", "SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.6.5-3.3.1.s390x", "SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.6.5-3.3.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-2.6.5-3.3.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-2.6.5-3.3.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-2.6.5-3.3.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-2.6.5-3.3.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-config-2.6.5-3.3.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-config-2.6.5-3.3.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-config-2.6.5-3.3.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-config-2.6.5-3.3.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2020-10-26T11:11:15Z", details: "moderate", }, ], title: "CVE-2020-5247", }, { cve: "CVE-2020-5249", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-5249", }, ], notes: [ { category: "general", text: "In Puma (RubyGem) before 4.3.3 and 3.12.4, if an application using Puma allows untrusted input in an early-hints header, an attacker can use a carriage return character to end the header and inject malicious content, such as additional headers or an entirely new response body. This vulnerability is known as HTTP Response Splitting. While not an attack in itself, response splitting is a vector for several other attacks, such as cross-site scripting (XSS). This is related to CVE-2020-5247, which fixed this vulnerability but only for regular responses. This has been fixed in 4.3.3 and 3.12.4.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.6.5-3.3.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.6.5-3.3.1.ppc64le", "SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.6.5-3.3.1.s390x", "SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.6.5-3.3.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-2.6.5-3.3.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-2.6.5-3.3.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-2.6.5-3.3.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-2.6.5-3.3.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-config-2.6.5-3.3.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-config-2.6.5-3.3.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-config-2.6.5-3.3.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-config-2.6.5-3.3.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-5249", url: "https://www.suse.com/security/cve/CVE-2020-5249", }, { category: "external", summary: "SUSE Bug 1165524 for CVE-2020-5249", url: "https://bugzilla.suse.com/1165524", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.6.5-3.3.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.6.5-3.3.1.ppc64le", "SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.6.5-3.3.1.s390x", "SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.6.5-3.3.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-2.6.5-3.3.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-2.6.5-3.3.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-2.6.5-3.3.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-2.6.5-3.3.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-config-2.6.5-3.3.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-config-2.6.5-3.3.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-config-2.6.5-3.3.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-config-2.6.5-3.3.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", version: "3.1", }, products: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.6.5-3.3.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.6.5-3.3.1.ppc64le", "SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.6.5-3.3.1.s390x", "SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.6.5-3.3.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-2.6.5-3.3.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-2.6.5-3.3.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-2.6.5-3.3.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-2.6.5-3.3.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-config-2.6.5-3.3.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-config-2.6.5-3.3.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-config-2.6.5-3.3.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-config-2.6.5-3.3.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2020-10-26T11:11:15Z", details: "moderate", }, ], title: "CVE-2020-5249", }, { cve: "CVE-2020-5267", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-5267", }, ], notes: [ { category: "general", text: "In ActionView before versions 6.0.2.2 and 5.2.4.2, there is a possible XSS vulnerability in ActionView's JavaScript literal escape helpers. Views that use the `j` or `escape_javascript` methods may be susceptible to XSS attacks. The issue is fixed in versions 6.0.2.2 and 5.2.4.2.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.6.5-3.3.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.6.5-3.3.1.ppc64le", "SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.6.5-3.3.1.s390x", "SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.6.5-3.3.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-2.6.5-3.3.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-2.6.5-3.3.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-2.6.5-3.3.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-2.6.5-3.3.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-config-2.6.5-3.3.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-config-2.6.5-3.3.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-config-2.6.5-3.3.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-config-2.6.5-3.3.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-5267", url: "https://www.suse.com/security/cve/CVE-2020-5267", }, { category: "external", summary: "SUSE Bug 1167240 for CVE-2020-5267", url: "https://bugzilla.suse.com/1167240", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.6.5-3.3.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.6.5-3.3.1.ppc64le", "SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.6.5-3.3.1.s390x", "SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.6.5-3.3.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-2.6.5-3.3.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-2.6.5-3.3.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-2.6.5-3.3.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-2.6.5-3.3.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-config-2.6.5-3.3.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-config-2.6.5-3.3.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-config-2.6.5-3.3.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-config-2.6.5-3.3.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.8, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, products: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.6.5-3.3.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.6.5-3.3.1.ppc64le", "SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.6.5-3.3.1.s390x", "SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.6.5-3.3.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-2.6.5-3.3.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-2.6.5-3.3.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-2.6.5-3.3.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-2.6.5-3.3.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-config-2.6.5-3.3.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-config-2.6.5-3.3.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-config-2.6.5-3.3.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-config-2.6.5-3.3.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2020-10-26T11:11:15Z", details: "moderate", }, ], title: "CVE-2020-5267", }, { cve: "CVE-2020-8164", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-8164", }, ], notes: [ { category: "general", text: "A deserialization of untrusted data vulnerability exists in rails < 5.2.4.3, rails < 6.0.3.1 which can allow an attacker to supply information can be inadvertently leaked fromStrong Parameters.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.6.5-3.3.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.6.5-3.3.1.ppc64le", "SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.6.5-3.3.1.s390x", "SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.6.5-3.3.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-2.6.5-3.3.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-2.6.5-3.3.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-2.6.5-3.3.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-2.6.5-3.3.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-config-2.6.5-3.3.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-config-2.6.5-3.3.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-config-2.6.5-3.3.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-config-2.6.5-3.3.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-8164", url: "https://www.suse.com/security/cve/CVE-2020-8164", }, { category: "external", summary: "SUSE Bug 1172177 for CVE-2020-8164", url: "https://bugzilla.suse.com/1172177", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.6.5-3.3.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.6.5-3.3.1.ppc64le", "SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.6.5-3.3.1.s390x", "SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.6.5-3.3.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-2.6.5-3.3.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-2.6.5-3.3.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-2.6.5-3.3.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-2.6.5-3.3.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-config-2.6.5-3.3.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-config-2.6.5-3.3.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-config-2.6.5-3.3.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-config-2.6.5-3.3.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.6.5-3.3.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.6.5-3.3.1.ppc64le", "SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.6.5-3.3.1.s390x", "SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.6.5-3.3.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-2.6.5-3.3.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-2.6.5-3.3.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-2.6.5-3.3.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-2.6.5-3.3.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-config-2.6.5-3.3.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-config-2.6.5-3.3.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-config-2.6.5-3.3.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-config-2.6.5-3.3.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2020-10-26T11:11:15Z", details: "important", }, ], title: "CVE-2020-8164", }, { cve: "CVE-2020-8165", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-8165", }, ], notes: [ { category: "general", text: "A deserialization of untrusted data vulnernerability exists in rails < 5.2.4.3, rails < 6.0.3.1 that can allow an attacker to unmarshal user-provided objects in MemCacheStore and RedisCacheStore potentially resulting in an RCE.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.6.5-3.3.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.6.5-3.3.1.ppc64le", "SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.6.5-3.3.1.s390x", "SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.6.5-3.3.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-2.6.5-3.3.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-2.6.5-3.3.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-2.6.5-3.3.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-2.6.5-3.3.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-config-2.6.5-3.3.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-config-2.6.5-3.3.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-config-2.6.5-3.3.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-config-2.6.5-3.3.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-8165", url: "https://www.suse.com/security/cve/CVE-2020-8165", }, { category: "external", summary: "SUSE Bug 1172186 for CVE-2020-8165", url: "https://bugzilla.suse.com/1172186", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.6.5-3.3.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.6.5-3.3.1.ppc64le", "SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.6.5-3.3.1.s390x", "SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.6.5-3.3.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-2.6.5-3.3.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-2.6.5-3.3.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-2.6.5-3.3.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-2.6.5-3.3.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-config-2.6.5-3.3.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-config-2.6.5-3.3.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-config-2.6.5-3.3.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-config-2.6.5-3.3.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.6.5-3.3.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.6.5-3.3.1.ppc64le", "SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.6.5-3.3.1.s390x", "SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.6.5-3.3.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-2.6.5-3.3.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-2.6.5-3.3.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-2.6.5-3.3.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-2.6.5-3.3.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-config-2.6.5-3.3.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-config-2.6.5-3.3.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-config-2.6.5-3.3.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-config-2.6.5-3.3.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2020-10-26T11:11:15Z", details: "critical", }, ], title: "CVE-2020-8165", }, { cve: "CVE-2020-8166", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-8166", }, ], notes: [ { category: "general", text: "A CSRF forgery vulnerability exists in rails < 5.2.5, rails < 6.0.4 that makes it possible for an attacker to, given a global CSRF token such as the one present in the authenticity_token meta tag, forge a per-form CSRF token.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.6.5-3.3.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.6.5-3.3.1.ppc64le", "SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.6.5-3.3.1.s390x", "SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.6.5-3.3.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-2.6.5-3.3.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-2.6.5-3.3.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-2.6.5-3.3.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-2.6.5-3.3.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-config-2.6.5-3.3.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-config-2.6.5-3.3.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-config-2.6.5-3.3.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-config-2.6.5-3.3.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-8166", url: "https://www.suse.com/security/cve/CVE-2020-8166", }, { category: "external", summary: "SUSE Bug 1172182 for CVE-2020-8166", url: "https://bugzilla.suse.com/1172182", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.6.5-3.3.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.6.5-3.3.1.ppc64le", "SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.6.5-3.3.1.s390x", "SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.6.5-3.3.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-2.6.5-3.3.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-2.6.5-3.3.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-2.6.5-3.3.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-2.6.5-3.3.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-config-2.6.5-3.3.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-config-2.6.5-3.3.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-config-2.6.5-3.3.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-config-2.6.5-3.3.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 3.7, baseSeverity: "LOW", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", version: "3.1", }, products: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.6.5-3.3.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.6.5-3.3.1.ppc64le", "SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.6.5-3.3.1.s390x", "SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.6.5-3.3.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-2.6.5-3.3.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-2.6.5-3.3.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-2.6.5-3.3.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-2.6.5-3.3.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-config-2.6.5-3.3.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-config-2.6.5-3.3.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-config-2.6.5-3.3.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-config-2.6.5-3.3.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2020-10-26T11:11:15Z", details: "low", }, ], title: "CVE-2020-8166", }, { cve: "CVE-2020-8167", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-8167", }, ], notes: [ { category: "general", text: "A CSRF vulnerability exists in rails <= 6.0.3 rails-ujs module that could allow attackers to send CSRF tokens to wrong domains.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.6.5-3.3.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.6.5-3.3.1.ppc64le", "SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.6.5-3.3.1.s390x", "SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.6.5-3.3.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-2.6.5-3.3.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-2.6.5-3.3.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-2.6.5-3.3.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-2.6.5-3.3.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-config-2.6.5-3.3.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-config-2.6.5-3.3.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-config-2.6.5-3.3.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-config-2.6.5-3.3.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-8167", url: "https://www.suse.com/security/cve/CVE-2020-8167", }, { category: "external", summary: "SUSE Bug 1172184 for CVE-2020-8167", url: "https://bugzilla.suse.com/1172184", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.6.5-3.3.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.6.5-3.3.1.ppc64le", "SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.6.5-3.3.1.s390x", "SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.6.5-3.3.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-2.6.5-3.3.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-2.6.5-3.3.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-2.6.5-3.3.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-2.6.5-3.3.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-config-2.6.5-3.3.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-config-2.6.5-3.3.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-config-2.6.5-3.3.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-config-2.6.5-3.3.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N", version: "3.1", }, products: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.6.5-3.3.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.6.5-3.3.1.ppc64le", "SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.6.5-3.3.1.s390x", "SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.6.5-3.3.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-2.6.5-3.3.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-2.6.5-3.3.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-2.6.5-3.3.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-2.6.5-3.3.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-config-2.6.5-3.3.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-config-2.6.5-3.3.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-config-2.6.5-3.3.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-config-2.6.5-3.3.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2020-10-26T11:11:15Z", details: "moderate", }, ], title: "CVE-2020-8167", }, { cve: "CVE-2020-8184", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-8184", }, ], notes: [ { category: "general", text: "A reliance on cookies without validation/integrity check security vulnerability exists in rack < 2.2.3, rack < 2.1.4 that makes it is possible for an attacker to forge a secure or host-only cookie prefix.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.6.5-3.3.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.6.5-3.3.1.ppc64le", "SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.6.5-3.3.1.s390x", "SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.6.5-3.3.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-2.6.5-3.3.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-2.6.5-3.3.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-2.6.5-3.3.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-2.6.5-3.3.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-config-2.6.5-3.3.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-config-2.6.5-3.3.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-config-2.6.5-3.3.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-config-2.6.5-3.3.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-8184", url: "https://www.suse.com/security/cve/CVE-2020-8184", }, { category: "external", summary: "SUSE Bug 1173351 for CVE-2020-8184", url: "https://bugzilla.suse.com/1173351", }, { category: "external", summary: "SUSE Bug 1177352 for CVE-2020-8184", url: "https://bugzilla.suse.com/1177352", }, { category: "external", summary: "SUSE Bug 1193081 for CVE-2020-8184", url: "https://bugzilla.suse.com/1193081", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.6.5-3.3.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.6.5-3.3.1.ppc64le", "SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.6.5-3.3.1.s390x", "SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.6.5-3.3.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-2.6.5-3.3.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-2.6.5-3.3.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-2.6.5-3.3.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-2.6.5-3.3.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-config-2.6.5-3.3.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-config-2.6.5-3.3.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-config-2.6.5-3.3.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-config-2.6.5-3.3.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.8, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, products: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.6.5-3.3.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.6.5-3.3.1.ppc64le", "SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.6.5-3.3.1.s390x", "SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.6.5-3.3.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-2.6.5-3.3.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-2.6.5-3.3.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-2.6.5-3.3.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-2.6.5-3.3.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-config-2.6.5-3.3.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-config-2.6.5-3.3.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-config-2.6.5-3.3.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-config-2.6.5-3.3.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2020-10-26T11:11:15Z", details: "moderate", }, ], title: "CVE-2020-8184", }, { cve: "CVE-2020-8185", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-8185", }, ], notes: [ { category: "general", text: "A denial of service vulnerability exists in Rails <6.0.3.2 that allowed an untrusted user to run any pending migrations on a Rails app running in production.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.6.5-3.3.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.6.5-3.3.1.ppc64le", "SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.6.5-3.3.1.s390x", "SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.6.5-3.3.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-2.6.5-3.3.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-2.6.5-3.3.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-2.6.5-3.3.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-2.6.5-3.3.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-config-2.6.5-3.3.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-config-2.6.5-3.3.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-config-2.6.5-3.3.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-config-2.6.5-3.3.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-8185", url: "https://www.suse.com/security/cve/CVE-2020-8185", }, { category: "external", summary: "SUSE Bug 1173564 for CVE-2020-8185", url: "https://bugzilla.suse.com/1173564", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.6.5-3.3.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.6.5-3.3.1.ppc64le", "SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.6.5-3.3.1.s390x", "SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.6.5-3.3.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-2.6.5-3.3.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-2.6.5-3.3.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-2.6.5-3.3.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-2.6.5-3.3.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-config-2.6.5-3.3.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-config-2.6.5-3.3.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-config-2.6.5-3.3.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-config-2.6.5-3.3.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.6.5-3.3.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.6.5-3.3.1.ppc64le", "SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.6.5-3.3.1.s390x", "SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.6.5-3.3.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-2.6.5-3.3.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-2.6.5-3.3.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-2.6.5-3.3.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-2.6.5-3.3.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-config-2.6.5-3.3.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-config-2.6.5-3.3.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-config-2.6.5-3.3.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP2:rmt-server-config-2.6.5-3.3.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2020-10-26T11:11:15Z", details: "moderate", }, ], title: "CVE-2020-8185", }, ], }
suse-su-2020:3160-1
Vulnerability from csaf_suse
Published
2020-11-05 09:33
Modified
2020-11-05 09:33
Summary
Security update for rmt-server
Notes
Title of the patch
Security update for rmt-server
Description of the patch
This update for rmt-server fixes the following issues:
- Version 2.6.5
- Solved potential bug of SCC repository URLs changing over time. RMT
now self heals by removing the previous invalid repository and
creating the correct one.
- Version 2.6.4
- Add web server settings to /etc/rmt.conf:
Now it's possible to configure the minimum and maximum threads count as well
the number of web server workers to be booted through /etc/rmt.conf.
- Version 2.6.3
- Instead of using an MD5 of URLs for custom repository friendly_ids,
RMT now builds an ID from the name.
- Version 2.6.2
- Fix RMT file caching based on timestamps:
Previously, RMT sent GET requests with the header 'If-Modified-Since' to a
repository server and if the response had a 304 (Not Modified), it would copy
a file from the local cache instead of downloading. However, if the local file
timestamp accidentally changed to a date newer than the one on the repository
server, RMT would have an outdated file, which caused some errors.
Now, RMT makes HEAD requests to the repositories servers and inspect the
'Last-Modified' header to decide whether to download a file or copy it from
cache, by comparing the equalness of timestamps.
- Version 2.6.1
- Fixed an issue where relative paths supplied to `rmt-cli import repos`
caused the command to fail.
- Version 2.6.0
- Friendlier IDs for custom repositories:
In an effort to simplify the handling of SCC and custom repositories,
RMT now has friendly IDs. For SCC repositories, it's the same SCC ID
as before. For custom repositories, it can either be user provided
or RMT generated (MD5 of the provided URL).
Benefits:
* `rmt-cli mirror repositories` now works for custom repositories.
* Custom repository IDs can be the same across RMT instances.
* No more confusing 'SCC ID' vs 'ID' in `rmt-cli` output.
Deprecation Warnings:
* RMT now uses a different ID for custom repositories than before.
RMT still supports that old ID, but it's recommended to start
using the new ID to ensure future compatibility.
- Version 2.5.20
- Updated rails from 6.0.3.2 to 6.0.3.3:
- actionview (CVE-2020-15169)
- Version 2.5.19
- RMT now has the ability to remove local systems with the command
`rmt-cli systems remove`.
- Version 2.5.18
- Fixed exit code for `rmt-cli mirror` and its subcommands. Now it exits with 1
whenever an error occurs during mirroring
- Improved message logging for `rtm-cli mirror`. Instead of logging an error
when it occurs, the command summarize all errors at the end of execution. Now
log messages have colors to better identify failure/success.
- Version 2.5.17
- RMT no longer provides the installer updates repository to systems via its
zypper service. This repository is used during the installation process, as
it provides an up-to-date installation experience, but it has no use on an
already installed system.
- Version 2.5.16
- Updated RMT's rails and puma dependencies.
- puma (CVE-2020-11076, CVE-2020-11077, CVE-2020-5249, CVE-2020-5247
CVE-2019-16770)
- actionpack (CVE-2020-8185, CVE-2020-8164, CVE-2020-8166)
- actionview (CVE-2020-8167, CVE-2020-5267, CVE-2019-5418, CVE-2019-5419)
- activesupport (CVE-2020-8165)
- railties (CVE-2019-5420)
- Version 2.5.15
- RMT now checks if repositories are fully mirrored during the
activation process. Previously, RMT only checked if the repositories
were enabled to be mirrored, but not that they were actually mirrored.
In this case, RMTs were not able to provide the repository data which
systems assumed it had.
- Version 2.5.14
- Enable 'Installer-Updates' repositories by default
- Fixed deprecation warning when thor encountered an error. Also,
instead of returning 0 for thor errors, rmt-cli will return 1
instead.
- Version 2.5.13
- Added `rmt-cli repos clean` command to remove locally mirrored files
of repositories which are not marked to be mirrored.
- Previously, RMT didn't track deduplicated files in its database. Now,
to accommodate `rmt-cli repos clean`, RMT will track all mirrored
files.
- Move the nginx reload to the configuration package which contain
nginx config files, don't reload nginx unconditionally from main
package.
- Version 2.5.12
- Update rack to version 2.2.3 (CVE-2020-8184: bsc#1173351)
- Update Rails to version 5.2.4.3:
- actionpack (CVE-2020-8164: bsc#1172177)
- actionpack (CVE-2020-8166: bsc#1172182)
- activesupport (CVE-2020-8165: bsc#1172186)
- actionview (CVE-2020-8167: bsc#1172184)
- Version 2.5.11
- rmt-server-pubcloud:
- SLES11 EOL
- Extension activation verification based on the available subscriptions
- Added a manual instance verification script
- Version 2.5.10
- Support rmt-server to run with Ruby 2.7 (Factory/Tumbleweed):
- Bump gem 'config' version from 1.7.2 to 2.2.1 to fix incompatibility Ruby
2.7 OpenStruct class;
- Bump gem 'typhoeus' version from 1.3.1 to 1.4.0 in order to also bump gem
'ethon' version, which caused a 'rb_safe_level' warning on Ruby 2.7;
- Fix 'last arg as keyword arg' Ruby 2.7 warning on source code;
- Disable 'deprecated' warnings from Ruby 2.7; Rails 5.1 generates a lot of
warnings with Ruby 2.7, mainly due to 'capturing the given block with
Proc.new', which is deprecated;
- Improve RPM spec to consider only the distribution default Ruby version
configured in OBS;
- Improve RPM spec to remove Ruby 2.7 warnings regarding 'bundler.
- Move nginx/vhosts.d directory to correct sub-package. They
are needed together with nginx, not rmt-server.
- Fix dependencies especially for containerized usage:
- mariadb and nginx are not hard requires, could run on another host
- Fix generic dependencies:
- systemd ordering was missing
- shadow is required for pre-install
- Version 2.5.9
- rmt-server-pubcloud: enforce strict authentication
- Version 2.5.8
- Use repomd_parser gem to remove repository metadata parsing code.
Patchnames
SUSE-2020-3160,SUSE-SLE-Module-Public-Cloud-15-SP1-2020-3160,SUSE-SLE-Module-Server-Applications-15-SP1-2020-3160
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Security update for rmt-server", title: "Title of the patch", }, { category: "description", text: "This update for rmt-server fixes the following issues:\n\n- Version 2.6.5\n- Solved potential bug of SCC repository URLs changing over time. RMT\n now self heals by removing the previous invalid repository and\n creating the correct one.\n\n- Version 2.6.4\n- Add web server settings to /etc/rmt.conf:\n Now it's possible to configure the minimum and maximum threads count as well\n the number of web server workers to be booted through /etc/rmt.conf.\n\n- Version 2.6.3\n- Instead of using an MD5 of URLs for custom repository friendly_ids,\n RMT now builds an ID from the name.\n\n- Version 2.6.2\n- Fix RMT file caching based on timestamps:\n Previously, RMT sent GET requests with the header 'If-Modified-Since' to a\n repository server and if the response had a 304 (Not Modified), it would copy\n a file from the local cache instead of downloading. However, if the local file\n timestamp accidentally changed to a date newer than the one on the repository\n server, RMT would have an outdated file, which caused some errors.\n Now, RMT makes HEAD requests to the repositories servers and inspect the\n 'Last-Modified' header to decide whether to download a file or copy it from\n cache, by comparing the equalness of timestamps.\n \n\n- Version 2.6.1\n- Fixed an issue where relative paths supplied to `rmt-cli import repos`\n caused the command to fail.\n\n- Version 2.6.0\n- Friendlier IDs for custom repositories:\n In an effort to simplify the handling of SCC and custom repositories,\n RMT now has friendly IDs. For SCC repositories, it's the same SCC ID\n as before. For custom repositories, it can either be user provided\n or RMT generated (MD5 of the provided URL).\n Benefits:\n * `rmt-cli mirror repositories` now works for custom repositories.\n * Custom repository IDs can be the same across RMT instances.\n * No more confusing 'SCC ID' vs 'ID' in `rmt-cli` output.\n Deprecation Warnings:\n * RMT now uses a different ID for custom repositories than before.\n RMT still supports that old ID, but it's recommended to start\n using the new ID to ensure future compatibility.\n\n- Version 2.5.20\n- Updated rails from 6.0.3.2 to 6.0.3.3:\n - actionview (CVE-2020-15169)\n\n- Version 2.5.19\n- RMT now has the ability to remove local systems with the command\n `rmt-cli systems remove`.\n\n- Version 2.5.18\n- Fixed exit code for `rmt-cli mirror` and its subcommands. Now it exits with 1\n whenever an error occurs during mirroring\n- Improved message logging for `rtm-cli mirror`. Instead of logging an error\n when it occurs, the command summarize all errors at the end of execution. Now\n log messages have colors to better identify failure/success.\n\n- Version 2.5.17\n- RMT no longer provides the installer updates repository to systems via its\n zypper service. This repository is used during the installation process, as\n it provides an up-to-date installation experience, but it has no use on an\n already installed system.\n\n- Version 2.5.16\n- Updated RMT's rails and puma dependencies.\n - puma (CVE-2020-11076, CVE-2020-11077, CVE-2020-5249, CVE-2020-5247\n CVE-2019-16770)\n - actionpack (CVE-2020-8185, CVE-2020-8164, CVE-2020-8166)\n - actionview (CVE-2020-8167, CVE-2020-5267, CVE-2019-5418, CVE-2019-5419)\n - activesupport (CVE-2020-8165)\n - railties (CVE-2019-5420)\n\n- Version 2.5.15\n- RMT now checks if repositories are fully mirrored during the\n activation process. Previously, RMT only checked if the repositories\n were enabled to be mirrored, but not that they were actually mirrored.\n In this case, RMTs were not able to provide the repository data which\n systems assumed it had.\n\n- Version 2.5.14\n- Enable 'Installer-Updates' repositories by default\n\n- Fixed deprecation warning when thor encountered an error. Also,\n instead of returning 0 for thor errors, rmt-cli will return 1\n instead.\n\n- Version 2.5.13\n- Added `rmt-cli repos clean` command to remove locally mirrored files\n of repositories which are not marked to be mirrored.\n- Previously, RMT didn't track deduplicated files in its database. Now,\n to accommodate `rmt-cli repos clean`, RMT will track all mirrored\n files.\n\n- Move the nginx reload to the configuration package which contain\n nginx config files, don't reload nginx unconditionally from main\n package.\n\n- Version 2.5.12\n- Update rack to version 2.2.3 (CVE-2020-8184: bsc#1173351)\n- Update Rails to version 5.2.4.3:\n - actionpack (CVE-2020-8164: bsc#1172177)\n - actionpack (CVE-2020-8166: bsc#1172182)\n - activesupport (CVE-2020-8165: bsc#1172186)\n - actionview (CVE-2020-8167: bsc#1172184)\n\n- Version 2.5.11\n- rmt-server-pubcloud:\n - SLES11 EOL\n - Extension activation verification based on the available subscriptions\n - Added a manual instance verification script\n\n- Version 2.5.10\n- Support rmt-server to run with Ruby 2.7 (Factory/Tumbleweed):\n - Bump gem 'config' version from 1.7.2 to 2.2.1 to fix incompatibility Ruby\n 2.7 OpenStruct class;\n - Bump gem 'typhoeus' version from 1.3.1 to 1.4.0 in order to also bump gem\n 'ethon' version, which caused a 'rb_safe_level' warning on Ruby 2.7;\n - Fix 'last arg as keyword arg' Ruby 2.7 warning on source code;\n - Disable 'deprecated' warnings from Ruby 2.7; Rails 5.1 generates a lot of\n warnings with Ruby 2.7, mainly due to 'capturing the given block with\n Proc.new', which is deprecated;\n - Improve RPM spec to consider only the distribution default Ruby version\n configured in OBS;\n - Improve RPM spec to remove Ruby 2.7 warnings regarding 'bundler.\n\n- Move nginx/vhosts.d directory to correct sub-package. They\n are needed together with nginx, not rmt-server.\n- Fix dependencies especially for containerized usage:\n - mariadb and nginx are not hard requires, could run on another host\n- Fix generic dependencies:\n - systemd ordering was missing\n - shadow is required for pre-install\n\n- Version 2.5.9\n- rmt-server-pubcloud: enforce strict authentication\n\n- Version 2.5.8\n- Use repomd_parser gem to remove repository metadata parsing code.\n", title: "Description of the patch", }, { category: "details", text: "SUSE-2020-3160,SUSE-SLE-Module-Public-Cloud-15-SP1-2020-3160,SUSE-SLE-Module-Server-Applications-15-SP1-2020-3160", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2020_3160-1.json", }, { category: "self", summary: "URL for SUSE-SU-2020:3160-1", url: "https://www.suse.com/support/update/announcement/2020/suse-su-20203160-1/", }, { category: "self", summary: "E-Mail link for SUSE-SU-2020:3160-1", url: "https://lists.suse.com/pipermail/sle-security-updates/2020-November/007702.html", }, { category: "self", summary: "SUSE Bug 1172177", url: "https://bugzilla.suse.com/1172177", }, { category: "self", summary: "SUSE Bug 1172182", url: "https://bugzilla.suse.com/1172182", }, { category: "self", summary: "SUSE Bug 1172184", url: "https://bugzilla.suse.com/1172184", }, { category: "self", summary: "SUSE Bug 1172186", url: "https://bugzilla.suse.com/1172186", }, { category: "self", summary: "SUSE Bug 1173351", url: "https://bugzilla.suse.com/1173351", }, { category: "self", summary: "SUSE CVE CVE-2019-16770 page", url: "https://www.suse.com/security/cve/CVE-2019-16770/", }, { category: "self", summary: "SUSE CVE CVE-2019-5418 page", url: "https://www.suse.com/security/cve/CVE-2019-5418/", }, { category: "self", summary: "SUSE CVE CVE-2019-5419 page", url: "https://www.suse.com/security/cve/CVE-2019-5419/", }, { category: "self", summary: "SUSE CVE CVE-2019-5420 page", url: "https://www.suse.com/security/cve/CVE-2019-5420/", }, { category: "self", summary: "SUSE CVE CVE-2020-11076 page", url: "https://www.suse.com/security/cve/CVE-2020-11076/", }, { category: "self", summary: "SUSE CVE CVE-2020-11077 page", url: "https://www.suse.com/security/cve/CVE-2020-11077/", }, { category: "self", summary: "SUSE CVE CVE-2020-15169 page", url: "https://www.suse.com/security/cve/CVE-2020-15169/", }, { category: "self", summary: "SUSE CVE CVE-2020-5247 page", url: "https://www.suse.com/security/cve/CVE-2020-5247/", }, { category: "self", summary: "SUSE CVE CVE-2020-5249 page", url: "https://www.suse.com/security/cve/CVE-2020-5249/", }, { category: "self", summary: "SUSE CVE CVE-2020-5267 page", url: "https://www.suse.com/security/cve/CVE-2020-5267/", }, { category: "self", summary: "SUSE CVE CVE-2020-8164 page", url: "https://www.suse.com/security/cve/CVE-2020-8164/", }, { category: "self", summary: "SUSE CVE CVE-2020-8165 page", url: "https://www.suse.com/security/cve/CVE-2020-8165/", }, { category: "self", summary: "SUSE CVE CVE-2020-8166 page", url: "https://www.suse.com/security/cve/CVE-2020-8166/", }, { category: "self", summary: "SUSE CVE CVE-2020-8167 page", url: "https://www.suse.com/security/cve/CVE-2020-8167/", }, { category: "self", summary: "SUSE CVE CVE-2020-8184 page", url: "https://www.suse.com/security/cve/CVE-2020-8184/", }, { category: "self", summary: "SUSE CVE CVE-2020-8185 page", url: "https://www.suse.com/security/cve/CVE-2020-8185/", }, ], title: "Security update for rmt-server", tracking: { current_release_date: "2020-11-05T09:33:25Z", generator: { date: "2020-11-05T09:33:25Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "SUSE-SU-2020:3160-1", initial_release_date: "2020-11-05T09:33:25Z", revision_history: [ { date: "2020-11-05T09:33:25Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "rmt-server-2.6.5-3.18.1.aarch64", product: { name: "rmt-server-2.6.5-3.18.1.aarch64", product_id: "rmt-server-2.6.5-3.18.1.aarch64", }, }, { category: "product_version", name: "rmt-server-config-2.6.5-3.18.1.aarch64", product: { name: "rmt-server-config-2.6.5-3.18.1.aarch64", product_id: "rmt-server-config-2.6.5-3.18.1.aarch64", }, }, { category: "product_version", name: "rmt-server-pubcloud-2.6.5-3.18.1.aarch64", product: { name: "rmt-server-pubcloud-2.6.5-3.18.1.aarch64", product_id: "rmt-server-pubcloud-2.6.5-3.18.1.aarch64", }, }, ], category: "architecture", name: "aarch64", }, { branches: [ { category: "product_version", name: "rmt-server-2.6.5-3.18.1.ppc64le", product: { name: "rmt-server-2.6.5-3.18.1.ppc64le", product_id: "rmt-server-2.6.5-3.18.1.ppc64le", }, }, { category: "product_version", name: "rmt-server-config-2.6.5-3.18.1.ppc64le", product: { name: "rmt-server-config-2.6.5-3.18.1.ppc64le", product_id: "rmt-server-config-2.6.5-3.18.1.ppc64le", }, }, { category: "product_version", name: "rmt-server-pubcloud-2.6.5-3.18.1.ppc64le", product: { name: "rmt-server-pubcloud-2.6.5-3.18.1.ppc64le", product_id: "rmt-server-pubcloud-2.6.5-3.18.1.ppc64le", }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "rmt-server-2.6.5-3.18.1.s390x", product: { name: "rmt-server-2.6.5-3.18.1.s390x", product_id: "rmt-server-2.6.5-3.18.1.s390x", }, }, { category: "product_version", name: "rmt-server-config-2.6.5-3.18.1.s390x", product: { name: "rmt-server-config-2.6.5-3.18.1.s390x", product_id: "rmt-server-config-2.6.5-3.18.1.s390x", }, }, { category: "product_version", name: "rmt-server-pubcloud-2.6.5-3.18.1.s390x", product: { name: "rmt-server-pubcloud-2.6.5-3.18.1.s390x", product_id: "rmt-server-pubcloud-2.6.5-3.18.1.s390x", }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "rmt-server-2.6.5-3.18.1.x86_64", product: { name: "rmt-server-2.6.5-3.18.1.x86_64", product_id: "rmt-server-2.6.5-3.18.1.x86_64", }, }, { category: "product_version", name: "rmt-server-config-2.6.5-3.18.1.x86_64", product: { name: "rmt-server-config-2.6.5-3.18.1.x86_64", product_id: "rmt-server-config-2.6.5-3.18.1.x86_64", }, }, { category: "product_version", name: "rmt-server-pubcloud-2.6.5-3.18.1.x86_64", product: { name: "rmt-server-pubcloud-2.6.5-3.18.1.x86_64", product_id: "rmt-server-pubcloud-2.6.5-3.18.1.x86_64", }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_name", name: "SUSE Linux Enterprise Module for Public Cloud 15 SP1", product: { name: "SUSE Linux Enterprise Module for Public Cloud 15 SP1", product_id: "SUSE Linux Enterprise Module for Public Cloud 15 SP1", product_identification_helper: { cpe: "cpe:/o:suse:sle-module-public-cloud:15:sp1", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Module for Server Applications 15 SP1", product: { name: "SUSE Linux Enterprise Module for Server Applications 15 SP1", product_id: "SUSE Linux Enterprise Module for Server Applications 15 SP1", product_identification_helper: { cpe: "cpe:/o:suse:sle-module-server-applications:15:sp1", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "rmt-server-pubcloud-2.6.5-3.18.1.aarch64 as component of SUSE Linux Enterprise Module for Public Cloud 15 SP1", product_id: "SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.6.5-3.18.1.aarch64", }, product_reference: "rmt-server-pubcloud-2.6.5-3.18.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Module for Public Cloud 15 SP1", }, { category: "default_component_of", full_product_name: { name: "rmt-server-pubcloud-2.6.5-3.18.1.ppc64le as component of SUSE Linux Enterprise Module for Public Cloud 15 SP1", product_id: "SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.6.5-3.18.1.ppc64le", }, product_reference: "rmt-server-pubcloud-2.6.5-3.18.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Module for Public Cloud 15 SP1", }, { category: "default_component_of", full_product_name: { name: "rmt-server-pubcloud-2.6.5-3.18.1.s390x as component of SUSE Linux Enterprise Module for Public Cloud 15 SP1", product_id: "SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.6.5-3.18.1.s390x", }, product_reference: "rmt-server-pubcloud-2.6.5-3.18.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Module for Public Cloud 15 SP1", }, { category: "default_component_of", full_product_name: { name: "rmt-server-pubcloud-2.6.5-3.18.1.x86_64 as component of SUSE Linux Enterprise Module for Public Cloud 15 SP1", product_id: "SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.6.5-3.18.1.x86_64", }, product_reference: "rmt-server-pubcloud-2.6.5-3.18.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Module for Public Cloud 15 SP1", }, { category: "default_component_of", full_product_name: { name: "rmt-server-2.6.5-3.18.1.aarch64 as component of SUSE Linux Enterprise Module for Server Applications 15 SP1", product_id: "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-2.6.5-3.18.1.aarch64", }, product_reference: "rmt-server-2.6.5-3.18.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Module for Server Applications 15 SP1", }, { category: "default_component_of", full_product_name: { name: "rmt-server-2.6.5-3.18.1.ppc64le as component of SUSE Linux Enterprise Module for Server Applications 15 SP1", product_id: "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-2.6.5-3.18.1.ppc64le", }, product_reference: "rmt-server-2.6.5-3.18.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Module for Server Applications 15 SP1", }, { category: "default_component_of", full_product_name: { name: "rmt-server-2.6.5-3.18.1.s390x as component of SUSE Linux Enterprise Module for Server Applications 15 SP1", product_id: "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-2.6.5-3.18.1.s390x", }, product_reference: "rmt-server-2.6.5-3.18.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Module for Server Applications 15 SP1", }, { category: "default_component_of", full_product_name: { name: "rmt-server-2.6.5-3.18.1.x86_64 as component of SUSE Linux Enterprise Module for Server Applications 15 SP1", product_id: "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-2.6.5-3.18.1.x86_64", }, product_reference: "rmt-server-2.6.5-3.18.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Module for Server Applications 15 SP1", }, { category: "default_component_of", full_product_name: { name: "rmt-server-config-2.6.5-3.18.1.aarch64 as component of SUSE Linux Enterprise Module for Server Applications 15 SP1", product_id: "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-config-2.6.5-3.18.1.aarch64", }, product_reference: "rmt-server-config-2.6.5-3.18.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Module for Server Applications 15 SP1", }, { category: "default_component_of", full_product_name: { name: "rmt-server-config-2.6.5-3.18.1.ppc64le as component of SUSE Linux Enterprise Module for Server Applications 15 SP1", product_id: "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-config-2.6.5-3.18.1.ppc64le", }, product_reference: "rmt-server-config-2.6.5-3.18.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Module for Server Applications 15 SP1", }, { category: "default_component_of", full_product_name: { name: "rmt-server-config-2.6.5-3.18.1.s390x as component of SUSE Linux Enterprise Module for Server Applications 15 SP1", product_id: "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-config-2.6.5-3.18.1.s390x", }, product_reference: "rmt-server-config-2.6.5-3.18.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Module for Server Applications 15 SP1", }, { category: "default_component_of", full_product_name: { name: "rmt-server-config-2.6.5-3.18.1.x86_64 as component of SUSE Linux Enterprise Module for Server Applications 15 SP1", product_id: "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-config-2.6.5-3.18.1.x86_64", }, product_reference: "rmt-server-config-2.6.5-3.18.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Module for Server Applications 15 SP1", }, ], }, vulnerabilities: [ { cve: "CVE-2019-16770", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-16770", }, ], notes: [ { category: "general", text: "In Puma before versions 3.12.2 and 4.3.1, a poorly-behaved client could use keepalive requests to monopolize Puma's reactor and create a denial of service attack. If more keepalive connections to Puma are opened than there are threads available, additional connections will wait permanently if the attacker sends requests frequently enough. This vulnerability is patched in Puma 4.3.1 and 3.12.2.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.6.5-3.18.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.6.5-3.18.1.ppc64le", "SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.6.5-3.18.1.s390x", "SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.6.5-3.18.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-2.6.5-3.18.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-2.6.5-3.18.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-2.6.5-3.18.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-2.6.5-3.18.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-config-2.6.5-3.18.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-config-2.6.5-3.18.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-config-2.6.5-3.18.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-config-2.6.5-3.18.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-16770", url: "https://www.suse.com/security/cve/CVE-2019-16770", }, { category: "external", summary: "SUSE Bug 1158675 for CVE-2019-16770", url: "https://bugzilla.suse.com/1158675", }, { category: "external", summary: "SUSE Bug 1188527 for CVE-2019-16770", url: "https://bugzilla.suse.com/1188527", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.6.5-3.18.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.6.5-3.18.1.ppc64le", "SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.6.5-3.18.1.s390x", "SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.6.5-3.18.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-2.6.5-3.18.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-2.6.5-3.18.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-2.6.5-3.18.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-2.6.5-3.18.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-config-2.6.5-3.18.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-config-2.6.5-3.18.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-config-2.6.5-3.18.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-config-2.6.5-3.18.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.6.5-3.18.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.6.5-3.18.1.ppc64le", "SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.6.5-3.18.1.s390x", "SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.6.5-3.18.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-2.6.5-3.18.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-2.6.5-3.18.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-2.6.5-3.18.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-2.6.5-3.18.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-config-2.6.5-3.18.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-config-2.6.5-3.18.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-config-2.6.5-3.18.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-config-2.6.5-3.18.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2020-11-05T09:33:25Z", details: "important", }, ], title: "CVE-2019-16770", }, { cve: "CVE-2019-5418", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-5418", }, ], notes: [ { category: "general", text: "There is a File Content Disclosure vulnerability in Action View <5.2.2.1, <5.1.6.2, <5.0.7.2, <4.2.11.1 and v3 where specially crafted accept headers can cause contents of arbitrary files on the target system's filesystem to be exposed.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.6.5-3.18.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.6.5-3.18.1.ppc64le", "SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.6.5-3.18.1.s390x", "SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.6.5-3.18.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-2.6.5-3.18.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-2.6.5-3.18.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-2.6.5-3.18.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-2.6.5-3.18.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-config-2.6.5-3.18.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-config-2.6.5-3.18.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-config-2.6.5-3.18.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-config-2.6.5-3.18.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-5418", url: "https://www.suse.com/security/cve/CVE-2019-5418", }, { category: "external", summary: "SUSE Bug 1129272 for CVE-2019-5418", url: "https://bugzilla.suse.com/1129272", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.6.5-3.18.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.6.5-3.18.1.ppc64le", "SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.6.5-3.18.1.s390x", "SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.6.5-3.18.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-2.6.5-3.18.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-2.6.5-3.18.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-2.6.5-3.18.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-2.6.5-3.18.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-config-2.6.5-3.18.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-config-2.6.5-3.18.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-config-2.6.5-3.18.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-config-2.6.5-3.18.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.0", }, products: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.6.5-3.18.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.6.5-3.18.1.ppc64le", "SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.6.5-3.18.1.s390x", "SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.6.5-3.18.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-2.6.5-3.18.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-2.6.5-3.18.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-2.6.5-3.18.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-2.6.5-3.18.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-config-2.6.5-3.18.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-config-2.6.5-3.18.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-config-2.6.5-3.18.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-config-2.6.5-3.18.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2020-11-05T09:33:25Z", details: "moderate", }, ], title: "CVE-2019-5418", }, { cve: "CVE-2019-5419", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-5419", }, ], notes: [ { category: "general", text: "There is a possible denial of service vulnerability in Action View (Rails) <5.2.2.1, <5.1.6.2, <5.0.7.2, <4.2.11.1 where specially crafted accept headers can cause action view to consume 100% cpu and make the server unresponsive.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.6.5-3.18.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.6.5-3.18.1.ppc64le", "SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.6.5-3.18.1.s390x", "SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.6.5-3.18.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-2.6.5-3.18.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-2.6.5-3.18.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-2.6.5-3.18.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-2.6.5-3.18.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-config-2.6.5-3.18.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-config-2.6.5-3.18.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-config-2.6.5-3.18.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-config-2.6.5-3.18.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-5419", url: "https://www.suse.com/security/cve/CVE-2019-5419", }, { category: "external", summary: "SUSE Bug 1129271 for CVE-2019-5419", url: "https://bugzilla.suse.com/1129271", }, { category: "external", summary: "SUSE Bug 1203810 for CVE-2019-5419", url: "https://bugzilla.suse.com/1203810", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.6.5-3.18.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.6.5-3.18.1.ppc64le", "SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.6.5-3.18.1.s390x", "SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.6.5-3.18.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-2.6.5-3.18.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-2.6.5-3.18.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-2.6.5-3.18.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-2.6.5-3.18.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-config-2.6.5-3.18.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-config-2.6.5-3.18.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-config-2.6.5-3.18.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-config-2.6.5-3.18.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.6.5-3.18.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.6.5-3.18.1.ppc64le", "SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.6.5-3.18.1.s390x", "SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.6.5-3.18.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-2.6.5-3.18.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-2.6.5-3.18.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-2.6.5-3.18.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-2.6.5-3.18.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-config-2.6.5-3.18.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-config-2.6.5-3.18.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-config-2.6.5-3.18.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-config-2.6.5-3.18.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2020-11-05T09:33:25Z", details: "moderate", }, ], title: "CVE-2019-5419", }, { cve: "CVE-2019-5420", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-5420", }, ], notes: [ { category: "general", text: "A remote code execution vulnerability in development mode Rails <5.2.2.1, <6.0.0.beta3 can allow an attacker to guess the automatically generated development mode secret token. This secret token can be used in combination with other Rails internals to escalate to a remote code execution exploit.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.6.5-3.18.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.6.5-3.18.1.ppc64le", "SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.6.5-3.18.1.s390x", "SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.6.5-3.18.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-2.6.5-3.18.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-2.6.5-3.18.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-2.6.5-3.18.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-2.6.5-3.18.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-config-2.6.5-3.18.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-config-2.6.5-3.18.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-config-2.6.5-3.18.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-config-2.6.5-3.18.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-5420", url: "https://www.suse.com/security/cve/CVE-2019-5420", }, { category: "external", summary: "SUSE Bug 1129268 for CVE-2019-5420", url: "https://bugzilla.suse.com/1129268", }, { category: "external", summary: "SUSE Bug 1203810 for CVE-2019-5420", url: "https://bugzilla.suse.com/1203810", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.6.5-3.18.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.6.5-3.18.1.ppc64le", "SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.6.5-3.18.1.s390x", "SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.6.5-3.18.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-2.6.5-3.18.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-2.6.5-3.18.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-2.6.5-3.18.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-2.6.5-3.18.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-config-2.6.5-3.18.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-config-2.6.5-3.18.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-config-2.6.5-3.18.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-config-2.6.5-3.18.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.1, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.6.5-3.18.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.6.5-3.18.1.ppc64le", "SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.6.5-3.18.1.s390x", "SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.6.5-3.18.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-2.6.5-3.18.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-2.6.5-3.18.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-2.6.5-3.18.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-2.6.5-3.18.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-config-2.6.5-3.18.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-config-2.6.5-3.18.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-config-2.6.5-3.18.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-config-2.6.5-3.18.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2020-11-05T09:33:25Z", details: "important", }, ], title: "CVE-2019-5420", }, { cve: "CVE-2020-11076", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-11076", }, ], notes: [ { category: "general", text: "In Puma (RubyGem) before 4.3.4 and 3.12.5, an attacker could smuggle an HTTP response, by using an invalid transfer-encoding header. The problem has been fixed in Puma 3.12.5 and Puma 4.3.4.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.6.5-3.18.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.6.5-3.18.1.ppc64le", "SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.6.5-3.18.1.s390x", "SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.6.5-3.18.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-2.6.5-3.18.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-2.6.5-3.18.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-2.6.5-3.18.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-2.6.5-3.18.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-config-2.6.5-3.18.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-config-2.6.5-3.18.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-config-2.6.5-3.18.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-config-2.6.5-3.18.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-11076", url: "https://www.suse.com/security/cve/CVE-2020-11076", }, { category: "external", summary: "SUSE Bug 1172175 for CVE-2020-11076", url: "https://bugzilla.suse.com/1172175", }, { category: "external", summary: "SUSE Bug 1172176 for CVE-2020-11076", url: "https://bugzilla.suse.com/1172176", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.6.5-3.18.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.6.5-3.18.1.ppc64le", "SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.6.5-3.18.1.s390x", "SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.6.5-3.18.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-2.6.5-3.18.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-2.6.5-3.18.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-2.6.5-3.18.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-2.6.5-3.18.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-config-2.6.5-3.18.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-config-2.6.5-3.18.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-config-2.6.5-3.18.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-config-2.6.5-3.18.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.8, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N", version: "3.1", }, products: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.6.5-3.18.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.6.5-3.18.1.ppc64le", "SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.6.5-3.18.1.s390x", "SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.6.5-3.18.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-2.6.5-3.18.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-2.6.5-3.18.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-2.6.5-3.18.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-2.6.5-3.18.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-config-2.6.5-3.18.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-config-2.6.5-3.18.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-config-2.6.5-3.18.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-config-2.6.5-3.18.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2020-11-05T09:33:25Z", details: "moderate", }, ], title: "CVE-2020-11076", }, { cve: "CVE-2020-11077", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-11077", }, ], notes: [ { category: "general", text: "In Puma (RubyGem) before 4.3.5 and 3.12.6, a client could smuggle a request through a proxy, causing the proxy to send a response back to another unknown client. If the proxy uses persistent connections and the client adds another request in via HTTP pipelining, the proxy may mistake it as the first request's body. Puma, however, would see it as two requests, and when processing the second request, send back a response that the proxy does not expect. If the proxy has reused the persistent connection to Puma to send another request for a different client, the second response from the first client will be sent to the second client. This is a similar but different vulnerability from CVE-2020-11076. The problem has been fixed in Puma 3.12.6 and Puma 4.3.5.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.6.5-3.18.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.6.5-3.18.1.ppc64le", "SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.6.5-3.18.1.s390x", "SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.6.5-3.18.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-2.6.5-3.18.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-2.6.5-3.18.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-2.6.5-3.18.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-2.6.5-3.18.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-config-2.6.5-3.18.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-config-2.6.5-3.18.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-config-2.6.5-3.18.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-config-2.6.5-3.18.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-11077", url: "https://www.suse.com/security/cve/CVE-2020-11077", }, { category: "external", summary: "SUSE Bug 1172175 for CVE-2020-11077", url: "https://bugzilla.suse.com/1172175", }, { category: "external", summary: "SUSE Bug 1172176 for CVE-2020-11077", url: "https://bugzilla.suse.com/1172176", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.6.5-3.18.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.6.5-3.18.1.ppc64le", "SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.6.5-3.18.1.s390x", "SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.6.5-3.18.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-2.6.5-3.18.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-2.6.5-3.18.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-2.6.5-3.18.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-2.6.5-3.18.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-config-2.6.5-3.18.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-config-2.6.5-3.18.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-config-2.6.5-3.18.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-config-2.6.5-3.18.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.8, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N", version: "3.1", }, products: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.6.5-3.18.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.6.5-3.18.1.ppc64le", "SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.6.5-3.18.1.s390x", "SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.6.5-3.18.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-2.6.5-3.18.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-2.6.5-3.18.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-2.6.5-3.18.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-2.6.5-3.18.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-config-2.6.5-3.18.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-config-2.6.5-3.18.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-config-2.6.5-3.18.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-config-2.6.5-3.18.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2020-11-05T09:33:25Z", details: "moderate", }, ], title: "CVE-2020-11077", }, { cve: "CVE-2020-15169", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-15169", }, ], notes: [ { category: "general", text: "In Action View before versions 5.2.4.4 and 6.0.3.3 there is a potential Cross-Site Scripting (XSS) vulnerability in Action View's translation helpers. Views that allow the user to control the default (not found) value of the `t` and `translate` helpers could be susceptible to XSS attacks. When an HTML-unsafe string is passed as the default for a missing translation key named html or ending in _html, the default string is incorrectly marked as HTML-safe and not escaped. This is patched in versions 6.0.3.3 and 5.2.4.4. A workaround without upgrading is proposed in the source advisory.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.6.5-3.18.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.6.5-3.18.1.ppc64le", "SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.6.5-3.18.1.s390x", "SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.6.5-3.18.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-2.6.5-3.18.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-2.6.5-3.18.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-2.6.5-3.18.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-2.6.5-3.18.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-config-2.6.5-3.18.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-config-2.6.5-3.18.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-config-2.6.5-3.18.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-config-2.6.5-3.18.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-15169", url: "https://www.suse.com/security/cve/CVE-2020-15169", }, { category: "external", summary: "SUSE Bug 1176421 for CVE-2020-15169", url: "https://bugzilla.suse.com/1176421", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.6.5-3.18.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.6.5-3.18.1.ppc64le", "SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.6.5-3.18.1.s390x", "SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.6.5-3.18.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-2.6.5-3.18.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-2.6.5-3.18.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-2.6.5-3.18.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-2.6.5-3.18.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-config-2.6.5-3.18.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-config-2.6.5-3.18.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-config-2.6.5-3.18.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-config-2.6.5-3.18.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.4, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, products: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.6.5-3.18.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.6.5-3.18.1.ppc64le", "SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.6.5-3.18.1.s390x", "SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.6.5-3.18.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-2.6.5-3.18.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-2.6.5-3.18.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-2.6.5-3.18.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-2.6.5-3.18.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-config-2.6.5-3.18.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-config-2.6.5-3.18.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-config-2.6.5-3.18.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-config-2.6.5-3.18.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2020-11-05T09:33:25Z", details: "important", }, ], title: "CVE-2020-15169", }, { cve: "CVE-2020-5247", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-5247", }, ], notes: [ { category: "general", text: "In Puma (RubyGem) before 4.3.2 and before 3.12.3, if an application using Puma allows untrusted input in a response header, an attacker can use newline characters (i.e. `CR`, `LF` or`/r`, `/n`) to end the header and inject malicious content, such as additional headers or an entirely new response body. This vulnerability is known as HTTP Response Splitting. While not an attack in itself, response splitting is a vector for several other attacks, such as cross-site scripting (XSS). This is related to CVE-2019-16254, which fixed this vulnerability for the WEBrick Ruby web server. This has been fixed in versions 4.3.2 and 3.12.3 by checking all headers for line endings and rejecting headers with those characters.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.6.5-3.18.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.6.5-3.18.1.ppc64le", "SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.6.5-3.18.1.s390x", "SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.6.5-3.18.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-2.6.5-3.18.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-2.6.5-3.18.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-2.6.5-3.18.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-2.6.5-3.18.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-config-2.6.5-3.18.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-config-2.6.5-3.18.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-config-2.6.5-3.18.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-config-2.6.5-3.18.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-5247", url: "https://www.suse.com/security/cve/CVE-2020-5247", }, { category: "external", summary: "SUSE Bug 1165402 for CVE-2020-5247", url: "https://bugzilla.suse.com/1165402", }, { category: "external", summary: "SUSE Bug 1165524 for CVE-2020-5247", url: "https://bugzilla.suse.com/1165524", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.6.5-3.18.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.6.5-3.18.1.ppc64le", "SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.6.5-3.18.1.s390x", "SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.6.5-3.18.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-2.6.5-3.18.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-2.6.5-3.18.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-2.6.5-3.18.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-2.6.5-3.18.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-config-2.6.5-3.18.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-config-2.6.5-3.18.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-config-2.6.5-3.18.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-config-2.6.5-3.18.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N", version: "3.1", }, products: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.6.5-3.18.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.6.5-3.18.1.ppc64le", "SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.6.5-3.18.1.s390x", "SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.6.5-3.18.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-2.6.5-3.18.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-2.6.5-3.18.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-2.6.5-3.18.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-2.6.5-3.18.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-config-2.6.5-3.18.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-config-2.6.5-3.18.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-config-2.6.5-3.18.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-config-2.6.5-3.18.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2020-11-05T09:33:25Z", details: "moderate", }, ], title: "CVE-2020-5247", }, { cve: "CVE-2020-5249", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-5249", }, ], notes: [ { category: "general", text: "In Puma (RubyGem) before 4.3.3 and 3.12.4, if an application using Puma allows untrusted input in an early-hints header, an attacker can use a carriage return character to end the header and inject malicious content, such as additional headers or an entirely new response body. This vulnerability is known as HTTP Response Splitting. While not an attack in itself, response splitting is a vector for several other attacks, such as cross-site scripting (XSS). This is related to CVE-2020-5247, which fixed this vulnerability but only for regular responses. This has been fixed in 4.3.3 and 3.12.4.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.6.5-3.18.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.6.5-3.18.1.ppc64le", "SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.6.5-3.18.1.s390x", "SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.6.5-3.18.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-2.6.5-3.18.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-2.6.5-3.18.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-2.6.5-3.18.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-2.6.5-3.18.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-config-2.6.5-3.18.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-config-2.6.5-3.18.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-config-2.6.5-3.18.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-config-2.6.5-3.18.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-5249", url: "https://www.suse.com/security/cve/CVE-2020-5249", }, { category: "external", summary: "SUSE Bug 1165524 for CVE-2020-5249", url: "https://bugzilla.suse.com/1165524", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.6.5-3.18.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.6.5-3.18.1.ppc64le", "SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.6.5-3.18.1.s390x", "SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.6.5-3.18.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-2.6.5-3.18.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-2.6.5-3.18.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-2.6.5-3.18.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-2.6.5-3.18.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-config-2.6.5-3.18.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-config-2.6.5-3.18.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-config-2.6.5-3.18.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-config-2.6.5-3.18.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", version: "3.1", }, products: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.6.5-3.18.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.6.5-3.18.1.ppc64le", "SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.6.5-3.18.1.s390x", "SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.6.5-3.18.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-2.6.5-3.18.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-2.6.5-3.18.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-2.6.5-3.18.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-2.6.5-3.18.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-config-2.6.5-3.18.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-config-2.6.5-3.18.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-config-2.6.5-3.18.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-config-2.6.5-3.18.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2020-11-05T09:33:25Z", details: "moderate", }, ], title: "CVE-2020-5249", }, { cve: "CVE-2020-5267", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-5267", }, ], notes: [ { category: "general", text: "In ActionView before versions 6.0.2.2 and 5.2.4.2, there is a possible XSS vulnerability in ActionView's JavaScript literal escape helpers. Views that use the `j` or `escape_javascript` methods may be susceptible to XSS attacks. The issue is fixed in versions 6.0.2.2 and 5.2.4.2.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.6.5-3.18.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.6.5-3.18.1.ppc64le", "SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.6.5-3.18.1.s390x", "SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.6.5-3.18.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-2.6.5-3.18.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-2.6.5-3.18.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-2.6.5-3.18.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-2.6.5-3.18.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-config-2.6.5-3.18.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-config-2.6.5-3.18.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-config-2.6.5-3.18.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-config-2.6.5-3.18.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-5267", url: "https://www.suse.com/security/cve/CVE-2020-5267", }, { category: "external", summary: "SUSE Bug 1167240 for CVE-2020-5267", url: "https://bugzilla.suse.com/1167240", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.6.5-3.18.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.6.5-3.18.1.ppc64le", "SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.6.5-3.18.1.s390x", "SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.6.5-3.18.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-2.6.5-3.18.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-2.6.5-3.18.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-2.6.5-3.18.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-2.6.5-3.18.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-config-2.6.5-3.18.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-config-2.6.5-3.18.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-config-2.6.5-3.18.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-config-2.6.5-3.18.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.8, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, products: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.6.5-3.18.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.6.5-3.18.1.ppc64le", "SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.6.5-3.18.1.s390x", "SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.6.5-3.18.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-2.6.5-3.18.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-2.6.5-3.18.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-2.6.5-3.18.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-2.6.5-3.18.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-config-2.6.5-3.18.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-config-2.6.5-3.18.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-config-2.6.5-3.18.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-config-2.6.5-3.18.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2020-11-05T09:33:25Z", details: "moderate", }, ], title: "CVE-2020-5267", }, { cve: "CVE-2020-8164", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-8164", }, ], notes: [ { category: "general", text: "A deserialization of untrusted data vulnerability exists in rails < 5.2.4.3, rails < 6.0.3.1 which can allow an attacker to supply information can be inadvertently leaked fromStrong Parameters.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.6.5-3.18.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.6.5-3.18.1.ppc64le", "SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.6.5-3.18.1.s390x", "SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.6.5-3.18.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-2.6.5-3.18.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-2.6.5-3.18.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-2.6.5-3.18.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-2.6.5-3.18.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-config-2.6.5-3.18.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-config-2.6.5-3.18.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-config-2.6.5-3.18.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-config-2.6.5-3.18.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-8164", url: "https://www.suse.com/security/cve/CVE-2020-8164", }, { category: "external", summary: "SUSE Bug 1172177 for CVE-2020-8164", url: "https://bugzilla.suse.com/1172177", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.6.5-3.18.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.6.5-3.18.1.ppc64le", "SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.6.5-3.18.1.s390x", "SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.6.5-3.18.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-2.6.5-3.18.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-2.6.5-3.18.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-2.6.5-3.18.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-2.6.5-3.18.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-config-2.6.5-3.18.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-config-2.6.5-3.18.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-config-2.6.5-3.18.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-config-2.6.5-3.18.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.6.5-3.18.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.6.5-3.18.1.ppc64le", "SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.6.5-3.18.1.s390x", "SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.6.5-3.18.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-2.6.5-3.18.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-2.6.5-3.18.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-2.6.5-3.18.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-2.6.5-3.18.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-config-2.6.5-3.18.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-config-2.6.5-3.18.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-config-2.6.5-3.18.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-config-2.6.5-3.18.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2020-11-05T09:33:25Z", details: "important", }, ], title: "CVE-2020-8164", }, { cve: "CVE-2020-8165", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-8165", }, ], notes: [ { category: "general", text: "A deserialization of untrusted data vulnernerability exists in rails < 5.2.4.3, rails < 6.0.3.1 that can allow an attacker to unmarshal user-provided objects in MemCacheStore and RedisCacheStore potentially resulting in an RCE.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.6.5-3.18.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.6.5-3.18.1.ppc64le", "SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.6.5-3.18.1.s390x", "SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.6.5-3.18.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-2.6.5-3.18.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-2.6.5-3.18.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-2.6.5-3.18.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-2.6.5-3.18.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-config-2.6.5-3.18.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-config-2.6.5-3.18.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-config-2.6.5-3.18.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-config-2.6.5-3.18.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-8165", url: "https://www.suse.com/security/cve/CVE-2020-8165", }, { category: "external", summary: "SUSE Bug 1172186 for CVE-2020-8165", url: "https://bugzilla.suse.com/1172186", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.6.5-3.18.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.6.5-3.18.1.ppc64le", "SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.6.5-3.18.1.s390x", "SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.6.5-3.18.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-2.6.5-3.18.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-2.6.5-3.18.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-2.6.5-3.18.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-2.6.5-3.18.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-config-2.6.5-3.18.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-config-2.6.5-3.18.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-config-2.6.5-3.18.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-config-2.6.5-3.18.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.6.5-3.18.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.6.5-3.18.1.ppc64le", "SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.6.5-3.18.1.s390x", "SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.6.5-3.18.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-2.6.5-3.18.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-2.6.5-3.18.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-2.6.5-3.18.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-2.6.5-3.18.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-config-2.6.5-3.18.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-config-2.6.5-3.18.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-config-2.6.5-3.18.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-config-2.6.5-3.18.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2020-11-05T09:33:25Z", details: "critical", }, ], title: "CVE-2020-8165", }, { cve: "CVE-2020-8166", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-8166", }, ], notes: [ { category: "general", text: "A CSRF forgery vulnerability exists in rails < 5.2.5, rails < 6.0.4 that makes it possible for an attacker to, given a global CSRF token such as the one present in the authenticity_token meta tag, forge a per-form CSRF token.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.6.5-3.18.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.6.5-3.18.1.ppc64le", "SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.6.5-3.18.1.s390x", "SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.6.5-3.18.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-2.6.5-3.18.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-2.6.5-3.18.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-2.6.5-3.18.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-2.6.5-3.18.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-config-2.6.5-3.18.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-config-2.6.5-3.18.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-config-2.6.5-3.18.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-config-2.6.5-3.18.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-8166", url: "https://www.suse.com/security/cve/CVE-2020-8166", }, { category: "external", summary: "SUSE Bug 1172182 for CVE-2020-8166", url: "https://bugzilla.suse.com/1172182", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.6.5-3.18.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.6.5-3.18.1.ppc64le", "SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.6.5-3.18.1.s390x", "SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.6.5-3.18.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-2.6.5-3.18.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-2.6.5-3.18.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-2.6.5-3.18.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-2.6.5-3.18.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-config-2.6.5-3.18.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-config-2.6.5-3.18.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-config-2.6.5-3.18.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-config-2.6.5-3.18.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 3.7, baseSeverity: "LOW", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", version: "3.1", }, products: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.6.5-3.18.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.6.5-3.18.1.ppc64le", "SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.6.5-3.18.1.s390x", "SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.6.5-3.18.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-2.6.5-3.18.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-2.6.5-3.18.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-2.6.5-3.18.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-2.6.5-3.18.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-config-2.6.5-3.18.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-config-2.6.5-3.18.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-config-2.6.5-3.18.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-config-2.6.5-3.18.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2020-11-05T09:33:25Z", details: "low", }, ], title: "CVE-2020-8166", }, { cve: "CVE-2020-8167", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-8167", }, ], notes: [ { category: "general", text: "A CSRF vulnerability exists in rails <= 6.0.3 rails-ujs module that could allow attackers to send CSRF tokens to wrong domains.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.6.5-3.18.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.6.5-3.18.1.ppc64le", "SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.6.5-3.18.1.s390x", "SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.6.5-3.18.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-2.6.5-3.18.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-2.6.5-3.18.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-2.6.5-3.18.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-2.6.5-3.18.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-config-2.6.5-3.18.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-config-2.6.5-3.18.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-config-2.6.5-3.18.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-config-2.6.5-3.18.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-8167", url: "https://www.suse.com/security/cve/CVE-2020-8167", }, { category: "external", summary: "SUSE Bug 1172184 for CVE-2020-8167", url: "https://bugzilla.suse.com/1172184", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.6.5-3.18.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.6.5-3.18.1.ppc64le", "SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.6.5-3.18.1.s390x", "SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.6.5-3.18.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-2.6.5-3.18.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-2.6.5-3.18.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-2.6.5-3.18.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-2.6.5-3.18.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-config-2.6.5-3.18.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-config-2.6.5-3.18.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-config-2.6.5-3.18.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-config-2.6.5-3.18.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N", version: "3.1", }, products: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.6.5-3.18.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.6.5-3.18.1.ppc64le", "SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.6.5-3.18.1.s390x", "SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.6.5-3.18.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-2.6.5-3.18.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-2.6.5-3.18.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-2.6.5-3.18.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-2.6.5-3.18.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-config-2.6.5-3.18.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-config-2.6.5-3.18.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-config-2.6.5-3.18.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-config-2.6.5-3.18.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2020-11-05T09:33:25Z", details: "moderate", }, ], title: "CVE-2020-8167", }, { cve: "CVE-2020-8184", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-8184", }, ], notes: [ { category: "general", text: "A reliance on cookies without validation/integrity check security vulnerability exists in rack < 2.2.3, rack < 2.1.4 that makes it is possible for an attacker to forge a secure or host-only cookie prefix.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.6.5-3.18.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.6.5-3.18.1.ppc64le", "SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.6.5-3.18.1.s390x", "SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.6.5-3.18.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-2.6.5-3.18.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-2.6.5-3.18.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-2.6.5-3.18.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-2.6.5-3.18.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-config-2.6.5-3.18.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-config-2.6.5-3.18.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-config-2.6.5-3.18.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-config-2.6.5-3.18.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-8184", url: "https://www.suse.com/security/cve/CVE-2020-8184", }, { category: "external", summary: "SUSE Bug 1173351 for CVE-2020-8184", url: "https://bugzilla.suse.com/1173351", }, { category: "external", summary: "SUSE Bug 1177352 for CVE-2020-8184", url: "https://bugzilla.suse.com/1177352", }, { category: "external", summary: "SUSE Bug 1193081 for CVE-2020-8184", url: "https://bugzilla.suse.com/1193081", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.6.5-3.18.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.6.5-3.18.1.ppc64le", "SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.6.5-3.18.1.s390x", "SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.6.5-3.18.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-2.6.5-3.18.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-2.6.5-3.18.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-2.6.5-3.18.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-2.6.5-3.18.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-config-2.6.5-3.18.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-config-2.6.5-3.18.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-config-2.6.5-3.18.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-config-2.6.5-3.18.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.8, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, products: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.6.5-3.18.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.6.5-3.18.1.ppc64le", "SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.6.5-3.18.1.s390x", "SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.6.5-3.18.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-2.6.5-3.18.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-2.6.5-3.18.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-2.6.5-3.18.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-2.6.5-3.18.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-config-2.6.5-3.18.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-config-2.6.5-3.18.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-config-2.6.5-3.18.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-config-2.6.5-3.18.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2020-11-05T09:33:25Z", details: "moderate", }, ], title: "CVE-2020-8184", }, { cve: "CVE-2020-8185", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-8185", }, ], notes: [ { category: "general", text: "A denial of service vulnerability exists in Rails <6.0.3.2 that allowed an untrusted user to run any pending migrations on a Rails app running in production.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.6.5-3.18.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.6.5-3.18.1.ppc64le", "SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.6.5-3.18.1.s390x", "SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.6.5-3.18.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-2.6.5-3.18.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-2.6.5-3.18.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-2.6.5-3.18.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-2.6.5-3.18.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-config-2.6.5-3.18.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-config-2.6.5-3.18.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-config-2.6.5-3.18.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-config-2.6.5-3.18.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-8185", url: "https://www.suse.com/security/cve/CVE-2020-8185", }, { category: "external", summary: "SUSE Bug 1173564 for CVE-2020-8185", url: "https://bugzilla.suse.com/1173564", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.6.5-3.18.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.6.5-3.18.1.ppc64le", "SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.6.5-3.18.1.s390x", "SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.6.5-3.18.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-2.6.5-3.18.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-2.6.5-3.18.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-2.6.5-3.18.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-2.6.5-3.18.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-config-2.6.5-3.18.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-config-2.6.5-3.18.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-config-2.6.5-3.18.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-config-2.6.5-3.18.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.6.5-3.18.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.6.5-3.18.1.ppc64le", "SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.6.5-3.18.1.s390x", "SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.6.5-3.18.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-2.6.5-3.18.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-2.6.5-3.18.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-2.6.5-3.18.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-2.6.5-3.18.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-config-2.6.5-3.18.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-config-2.6.5-3.18.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-config-2.6.5-3.18.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP1:rmt-server-config-2.6.5-3.18.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2020-11-05T09:33:25Z", details: "moderate", }, ], title: "CVE-2020-8185", }, ], }
opensuse-su-2020:1001-1
Vulnerability from csaf_opensuse
Published
2020-07-18 18:27
Modified
2020-07-18 18:27
Summary
Security update for rubygem-puma
Notes
Title of the patch
Security update for rubygem-puma
Description of the patch
This update for rubygem-puma to version 4.3.5 fixes the following issues:
- CVE-2020-11077: Fixed a HTTP smuggling issue related to proxy usage (bsc#1172175).
- CVE-2020-11076: Fixed a HTTP smuggling issue when using an invalid transfer-encoding header (bsc#1172176).
- Disabled TLSv1.0 and TLSv1.1 (jsc#SLE-6965).
This update was imported from the SUSE:SLE-15:Update update project.
Patchnames
openSUSE-2020-1001
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "moderate", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Security update for rubygem-puma", title: "Title of the patch", }, { category: "description", text: "This update for rubygem-puma to version 4.3.5 fixes the following issues:\n\n- CVE-2020-11077: Fixed a HTTP smuggling issue related to proxy usage (bsc#1172175).\n- CVE-2020-11076: Fixed a HTTP smuggling issue when using an invalid transfer-encoding header (bsc#1172176).\n- Disabled TLSv1.0 and TLSv1.1 (jsc#SLE-6965).\n\nThis update was imported from the SUSE:SLE-15:Update update project.", title: "Description of the patch", }, { category: "details", text: "openSUSE-2020-1001", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2020_1001-1.json", }, { category: "self", summary: "URL for openSUSE-SU-2020:1001-1", url: "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/M45HASKBK5DTMENRJIYQEDWU3B4X4DUN/", }, { category: "self", summary: "E-Mail link for openSUSE-SU-2020:1001-1", url: "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/M45HASKBK5DTMENRJIYQEDWU3B4X4DUN/", }, { category: "self", summary: "SUSE Bug 1172175", url: "https://bugzilla.suse.com/1172175", }, { category: "self", summary: "SUSE Bug 1172176", url: "https://bugzilla.suse.com/1172176", }, { category: "self", summary: "SUSE CVE CVE-2020-11076 page", url: "https://www.suse.com/security/cve/CVE-2020-11076/", }, { category: "self", summary: "SUSE CVE CVE-2020-11077 page", url: "https://www.suse.com/security/cve/CVE-2020-11077/", }, ], title: "Security update for rubygem-puma", tracking: { current_release_date: "2020-07-18T18:27:45Z", generator: { date: "2020-07-18T18:27:45Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "openSUSE-SU-2020:1001-1", initial_release_date: "2020-07-18T18:27:45Z", revision_history: [ { date: "2020-07-18T18:27:45Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "ruby2.5-rubygem-puma-4.3.5-lp152.4.3.1.x86_64", product: { name: "ruby2.5-rubygem-puma-4.3.5-lp152.4.3.1.x86_64", product_id: "ruby2.5-rubygem-puma-4.3.5-lp152.4.3.1.x86_64", }, }, { category: "product_version", name: "ruby2.5-rubygem-puma-doc-4.3.5-lp152.4.3.1.x86_64", product: { name: "ruby2.5-rubygem-puma-doc-4.3.5-lp152.4.3.1.x86_64", product_id: "ruby2.5-rubygem-puma-doc-4.3.5-lp152.4.3.1.x86_64", }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_name", name: "openSUSE Leap 15.2", product: { name: "openSUSE Leap 15.2", product_id: "openSUSE Leap 15.2", product_identification_helper: { cpe: "cpe:/o:opensuse:leap:15.2", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "ruby2.5-rubygem-puma-4.3.5-lp152.4.3.1.x86_64 as component of openSUSE Leap 15.2", product_id: "openSUSE Leap 15.2:ruby2.5-rubygem-puma-4.3.5-lp152.4.3.1.x86_64", }, product_reference: "ruby2.5-rubygem-puma-4.3.5-lp152.4.3.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.2", }, { category: "default_component_of", full_product_name: { name: "ruby2.5-rubygem-puma-doc-4.3.5-lp152.4.3.1.x86_64 as component of openSUSE Leap 15.2", product_id: "openSUSE Leap 15.2:ruby2.5-rubygem-puma-doc-4.3.5-lp152.4.3.1.x86_64", }, product_reference: "ruby2.5-rubygem-puma-doc-4.3.5-lp152.4.3.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.2", }, ], }, vulnerabilities: [ { cve: "CVE-2020-11076", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-11076", }, ], notes: [ { category: "general", text: "In Puma (RubyGem) before 4.3.4 and 3.12.5, an attacker could smuggle an HTTP response, by using an invalid transfer-encoding header. The problem has been fixed in Puma 3.12.5 and Puma 4.3.4.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.2:ruby2.5-rubygem-puma-4.3.5-lp152.4.3.1.x86_64", "openSUSE Leap 15.2:ruby2.5-rubygem-puma-doc-4.3.5-lp152.4.3.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-11076", url: "https://www.suse.com/security/cve/CVE-2020-11076", }, { category: "external", summary: "SUSE Bug 1172175 for CVE-2020-11076", url: "https://bugzilla.suse.com/1172175", }, { category: "external", summary: "SUSE Bug 1172176 for CVE-2020-11076", url: "https://bugzilla.suse.com/1172176", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.2:ruby2.5-rubygem-puma-4.3.5-lp152.4.3.1.x86_64", "openSUSE Leap 15.2:ruby2.5-rubygem-puma-doc-4.3.5-lp152.4.3.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.8, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N", version: "3.1", }, products: [ "openSUSE Leap 15.2:ruby2.5-rubygem-puma-4.3.5-lp152.4.3.1.x86_64", "openSUSE Leap 15.2:ruby2.5-rubygem-puma-doc-4.3.5-lp152.4.3.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2020-07-18T18:27:45Z", details: "moderate", }, ], title: "CVE-2020-11076", }, { cve: "CVE-2020-11077", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-11077", }, ], notes: [ { category: "general", text: "In Puma (RubyGem) before 4.3.5 and 3.12.6, a client could smuggle a request through a proxy, causing the proxy to send a response back to another unknown client. If the proxy uses persistent connections and the client adds another request in via HTTP pipelining, the proxy may mistake it as the first request's body. Puma, however, would see it as two requests, and when processing the second request, send back a response that the proxy does not expect. If the proxy has reused the persistent connection to Puma to send another request for a different client, the second response from the first client will be sent to the second client. This is a similar but different vulnerability from CVE-2020-11076. The problem has been fixed in Puma 3.12.6 and Puma 4.3.5.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.2:ruby2.5-rubygem-puma-4.3.5-lp152.4.3.1.x86_64", "openSUSE Leap 15.2:ruby2.5-rubygem-puma-doc-4.3.5-lp152.4.3.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-11077", url: "https://www.suse.com/security/cve/CVE-2020-11077", }, { category: "external", summary: "SUSE Bug 1172175 for CVE-2020-11077", url: "https://bugzilla.suse.com/1172175", }, { category: "external", summary: "SUSE Bug 1172176 for CVE-2020-11077", url: "https://bugzilla.suse.com/1172176", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.2:ruby2.5-rubygem-puma-4.3.5-lp152.4.3.1.x86_64", "openSUSE Leap 15.2:ruby2.5-rubygem-puma-doc-4.3.5-lp152.4.3.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.8, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N", version: "3.1", }, products: [ "openSUSE Leap 15.2:ruby2.5-rubygem-puma-4.3.5-lp152.4.3.1.x86_64", "openSUSE Leap 15.2:ruby2.5-rubygem-puma-doc-4.3.5-lp152.4.3.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2020-07-18T18:27:45Z", details: "moderate", }, ], title: "CVE-2020-11077", }, ], }
opensuse-su-2020:1993-1
Vulnerability from csaf_opensuse
Published
2020-11-21 11:23
Modified
2020-11-21 11:23
Summary
Security update for rmt-server
Notes
Title of the patch
Security update for rmt-server
Description of the patch
This update for rmt-server fixes the following issues:
Update to version 2.6.5:
- Solved potential bug of SCC repository URLs changing over time. RMT
now self heals by removing the previous invalid repository and
creating the correct one.
- Add web server settings to /etc/rmt.conf:
Now it's possible to configure the minimum and maximum threads count as well
the number of web server workers to be booted through /etc/rmt.conf.
- Instead of using an MD5 of URLs for custom repository friendly_ids,
RMT now builds an ID from the name.
- Fix RMT file caching based on timestamps:
Previously, RMT sent GET requests with the header 'If-Modified-Since' to a
repository server and if the response had a 304 (Not Modified), it would copy
a file from the local cache instead of downloading. However, if the local file
timestamp accidentally changed to a date newer than the one on the repository
server, RMT would have an outdated file, which caused some errors.
Now, RMT makes HEAD requests to the repositories servers and inspect the
'Last-Modified' header to decide whether to download a file or copy it from
cache, by comparing the equalness of timestamps.
- Fixed an issue where relative paths supplied to `rmt-cli import repos`
caused the command to fail.
- Friendlier IDs for custom repositories:
In an effort to simplify the handling of SCC and custom repositories,
RMT now has friendly IDs. For SCC repositories, it's the same SCC ID
as before. For custom repositories, it can either be user provided
or RMT generated (MD5 of the provided URL).
Benefits:
* `rmt-cli mirror repositories` now works for custom repositories.
* Custom repository IDs can be the same across RMT instances.
* No more confusing 'SCC ID' vs 'ID' in `rmt-cli` output.
Deprecation Warnings:
* RMT now uses a different ID for custom repositories than before.
RMT still supports that old ID, but it's recommended to start
using the new ID to ensure future compatibility.
- Updated rails and puma dependencies for security fixes.
This update was imported from the SUSE:SLE-15-SP2:Update update project.
Patchnames
openSUSE-2020-1993
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Security update for rmt-server", title: "Title of the patch", }, { category: "description", text: "This update for rmt-server fixes the following issues:\n\nUpdate to version 2.6.5:\n- Solved potential bug of SCC repository URLs changing over time. RMT\n now self heals by removing the previous invalid repository and\n creating the correct one.\n- Add web server settings to /etc/rmt.conf:\n Now it's possible to configure the minimum and maximum threads count as well\n the number of web server workers to be booted through /etc/rmt.conf.\n- Instead of using an MD5 of URLs for custom repository friendly_ids,\n RMT now builds an ID from the name.\n- Fix RMT file caching based on timestamps:\n Previously, RMT sent GET requests with the header 'If-Modified-Since' to a\n repository server and if the response had a 304 (Not Modified), it would copy\n a file from the local cache instead of downloading. However, if the local file\n timestamp accidentally changed to a date newer than the one on the repository\n server, RMT would have an outdated file, which caused some errors.\n Now, RMT makes HEAD requests to the repositories servers and inspect the\n 'Last-Modified' header to decide whether to download a file or copy it from\n cache, by comparing the equalness of timestamps.\n- Fixed an issue where relative paths supplied to `rmt-cli import repos`\n caused the command to fail.\n- Friendlier IDs for custom repositories:\n In an effort to simplify the handling of SCC and custom repositories,\n RMT now has friendly IDs. For SCC repositories, it's the same SCC ID\n as before. For custom repositories, it can either be user provided\n or RMT generated (MD5 of the provided URL).\n Benefits:\n * `rmt-cli mirror repositories` now works for custom repositories.\n * Custom repository IDs can be the same across RMT instances.\n * No more confusing 'SCC ID' vs 'ID' in `rmt-cli` output.\n Deprecation Warnings:\n * RMT now uses a different ID for custom repositories than before.\n RMT still supports that old ID, but it's recommended to start\n using the new ID to ensure future compatibility.\n- Updated rails and puma dependencies for security fixes.\n\nThis update was imported from the SUSE:SLE-15-SP2:Update update project.", title: "Description of the patch", }, { category: "details", text: "openSUSE-2020-1993", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2020_1993-1.json", }, { category: "self", summary: "URL for openSUSE-SU-2020:1993-1", url: "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/2W26GJJ7QXIADWB6ZCQWC2BUZD2ALYVT/", }, { category: "self", summary: "E-Mail link for openSUSE-SU-2020:1993-1", url: "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/2W26GJJ7QXIADWB6ZCQWC2BUZD2ALYVT/", }, { category: "self", summary: "SUSE Bug 1165548", url: "https://bugzilla.suse.com/1165548", }, { category: "self", summary: "SUSE Bug 1168554", url: "https://bugzilla.suse.com/1168554", }, { category: "self", summary: "SUSE Bug 1172177", url: "https://bugzilla.suse.com/1172177", }, { category: "self", summary: "SUSE Bug 1172182", url: "https://bugzilla.suse.com/1172182", }, { category: "self", summary: "SUSE Bug 1172184", url: "https://bugzilla.suse.com/1172184", }, { category: "self", summary: "SUSE Bug 1172186", url: "https://bugzilla.suse.com/1172186", }, { category: "self", summary: "SUSE Bug 1173351", url: "https://bugzilla.suse.com/1173351", }, { category: "self", summary: "SUSE CVE CVE-2019-16770 page", url: "https://www.suse.com/security/cve/CVE-2019-16770/", }, { category: "self", summary: "SUSE CVE CVE-2019-5418 page", url: "https://www.suse.com/security/cve/CVE-2019-5418/", }, { category: "self", summary: "SUSE CVE CVE-2019-5419 page", url: "https://www.suse.com/security/cve/CVE-2019-5419/", }, { category: "self", summary: "SUSE CVE CVE-2019-5420 page", url: "https://www.suse.com/security/cve/CVE-2019-5420/", }, { category: "self", summary: "SUSE CVE CVE-2020-11076 page", url: "https://www.suse.com/security/cve/CVE-2020-11076/", }, { category: "self", summary: "SUSE CVE CVE-2020-11077 page", url: "https://www.suse.com/security/cve/CVE-2020-11077/", }, { category: "self", summary: "SUSE CVE CVE-2020-15169 page", url: "https://www.suse.com/security/cve/CVE-2020-15169/", }, { category: "self", summary: "SUSE CVE CVE-2020-5247 page", url: "https://www.suse.com/security/cve/CVE-2020-5247/", }, { category: "self", summary: "SUSE CVE CVE-2020-5249 page", url: "https://www.suse.com/security/cve/CVE-2020-5249/", }, { category: "self", summary: "SUSE CVE CVE-2020-5267 page", url: "https://www.suse.com/security/cve/CVE-2020-5267/", }, { category: "self", summary: "SUSE CVE CVE-2020-8164 page", url: "https://www.suse.com/security/cve/CVE-2020-8164/", }, { category: "self", summary: "SUSE CVE CVE-2020-8165 page", url: "https://www.suse.com/security/cve/CVE-2020-8165/", }, { category: "self", summary: "SUSE CVE CVE-2020-8166 page", url: "https://www.suse.com/security/cve/CVE-2020-8166/", }, { category: "self", summary: "SUSE CVE CVE-2020-8167 page", url: "https://www.suse.com/security/cve/CVE-2020-8167/", }, { category: "self", summary: "SUSE CVE CVE-2020-8184 page", url: "https://www.suse.com/security/cve/CVE-2020-8184/", }, { category: "self", summary: "SUSE CVE CVE-2020-8185 page", url: "https://www.suse.com/security/cve/CVE-2020-8185/", }, ], title: "Security update for rmt-server", tracking: { current_release_date: "2020-11-21T11:23:05Z", generator: { date: "2020-11-21T11:23:05Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "openSUSE-SU-2020:1993-1", initial_release_date: "2020-11-21T11:23:05Z", revision_history: [ { date: "2020-11-21T11:23:05Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "rmt-server-2.6.5-lp152.2.3.1.x86_64", product: { name: "rmt-server-2.6.5-lp152.2.3.1.x86_64", product_id: "rmt-server-2.6.5-lp152.2.3.1.x86_64", }, }, { category: "product_version", name: "rmt-server-config-2.6.5-lp152.2.3.1.x86_64", product: { name: "rmt-server-config-2.6.5-lp152.2.3.1.x86_64", product_id: "rmt-server-config-2.6.5-lp152.2.3.1.x86_64", }, }, { category: "product_version", name: "rmt-server-pubcloud-2.6.5-lp152.2.3.1.x86_64", product: { name: "rmt-server-pubcloud-2.6.5-lp152.2.3.1.x86_64", product_id: "rmt-server-pubcloud-2.6.5-lp152.2.3.1.x86_64", }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_name", name: "openSUSE Leap 15.2", product: { name: "openSUSE Leap 15.2", product_id: "openSUSE Leap 15.2", product_identification_helper: { cpe: "cpe:/o:opensuse:leap:15.2", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "rmt-server-2.6.5-lp152.2.3.1.x86_64 as component of openSUSE Leap 15.2", product_id: "openSUSE Leap 15.2:rmt-server-2.6.5-lp152.2.3.1.x86_64", }, product_reference: "rmt-server-2.6.5-lp152.2.3.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.2", }, { category: "default_component_of", full_product_name: { name: "rmt-server-config-2.6.5-lp152.2.3.1.x86_64 as component of openSUSE Leap 15.2", product_id: "openSUSE Leap 15.2:rmt-server-config-2.6.5-lp152.2.3.1.x86_64", }, product_reference: "rmt-server-config-2.6.5-lp152.2.3.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.2", }, { category: "default_component_of", full_product_name: { name: "rmt-server-pubcloud-2.6.5-lp152.2.3.1.x86_64 as component of openSUSE Leap 15.2", product_id: "openSUSE Leap 15.2:rmt-server-pubcloud-2.6.5-lp152.2.3.1.x86_64", }, product_reference: "rmt-server-pubcloud-2.6.5-lp152.2.3.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.2", }, ], }, vulnerabilities: [ { cve: "CVE-2019-16770", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-16770", }, ], notes: [ { category: "general", text: "In Puma before versions 3.12.2 and 4.3.1, a poorly-behaved client could use keepalive requests to monopolize Puma's reactor and create a denial of service attack. If more keepalive connections to Puma are opened than there are threads available, additional connections will wait permanently if the attacker sends requests frequently enough. This vulnerability is patched in Puma 4.3.1 and 3.12.2.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.2:rmt-server-2.6.5-lp152.2.3.1.x86_64", "openSUSE Leap 15.2:rmt-server-config-2.6.5-lp152.2.3.1.x86_64", "openSUSE Leap 15.2:rmt-server-pubcloud-2.6.5-lp152.2.3.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-16770", url: "https://www.suse.com/security/cve/CVE-2019-16770", }, { category: "external", summary: "SUSE Bug 1158675 for CVE-2019-16770", url: "https://bugzilla.suse.com/1158675", }, { category: "external", summary: "SUSE Bug 1188527 for CVE-2019-16770", url: "https://bugzilla.suse.com/1188527", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.2:rmt-server-2.6.5-lp152.2.3.1.x86_64", "openSUSE Leap 15.2:rmt-server-config-2.6.5-lp152.2.3.1.x86_64", "openSUSE Leap 15.2:rmt-server-pubcloud-2.6.5-lp152.2.3.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.2:rmt-server-2.6.5-lp152.2.3.1.x86_64", "openSUSE Leap 15.2:rmt-server-config-2.6.5-lp152.2.3.1.x86_64", "openSUSE Leap 15.2:rmt-server-pubcloud-2.6.5-lp152.2.3.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2020-11-21T11:23:05Z", details: "important", }, ], title: "CVE-2019-16770", }, { cve: "CVE-2019-5418", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-5418", }, ], notes: [ { category: "general", text: "There is a File Content Disclosure vulnerability in Action View <5.2.2.1, <5.1.6.2, <5.0.7.2, <4.2.11.1 and v3 where specially crafted accept headers can cause contents of arbitrary files on the target system's filesystem to be exposed.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.2:rmt-server-2.6.5-lp152.2.3.1.x86_64", "openSUSE Leap 15.2:rmt-server-config-2.6.5-lp152.2.3.1.x86_64", "openSUSE Leap 15.2:rmt-server-pubcloud-2.6.5-lp152.2.3.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-5418", url: "https://www.suse.com/security/cve/CVE-2019-5418", }, { category: "external", summary: "SUSE Bug 1129272 for CVE-2019-5418", url: "https://bugzilla.suse.com/1129272", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.2:rmt-server-2.6.5-lp152.2.3.1.x86_64", "openSUSE Leap 15.2:rmt-server-config-2.6.5-lp152.2.3.1.x86_64", "openSUSE Leap 15.2:rmt-server-pubcloud-2.6.5-lp152.2.3.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.0", }, products: [ "openSUSE Leap 15.2:rmt-server-2.6.5-lp152.2.3.1.x86_64", "openSUSE Leap 15.2:rmt-server-config-2.6.5-lp152.2.3.1.x86_64", "openSUSE Leap 15.2:rmt-server-pubcloud-2.6.5-lp152.2.3.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2020-11-21T11:23:05Z", details: "moderate", }, ], title: "CVE-2019-5418", }, { cve: "CVE-2019-5419", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-5419", }, ], notes: [ { category: "general", text: "There is a possible denial of service vulnerability in Action View (Rails) <5.2.2.1, <5.1.6.2, <5.0.7.2, <4.2.11.1 where specially crafted accept headers can cause action view to consume 100% cpu and make the server unresponsive.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.2:rmt-server-2.6.5-lp152.2.3.1.x86_64", "openSUSE Leap 15.2:rmt-server-config-2.6.5-lp152.2.3.1.x86_64", "openSUSE Leap 15.2:rmt-server-pubcloud-2.6.5-lp152.2.3.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-5419", url: "https://www.suse.com/security/cve/CVE-2019-5419", }, { category: "external", summary: "SUSE Bug 1129271 for CVE-2019-5419", url: "https://bugzilla.suse.com/1129271", }, { category: "external", summary: "SUSE Bug 1203810 for CVE-2019-5419", url: "https://bugzilla.suse.com/1203810", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.2:rmt-server-2.6.5-lp152.2.3.1.x86_64", "openSUSE Leap 15.2:rmt-server-config-2.6.5-lp152.2.3.1.x86_64", "openSUSE Leap 15.2:rmt-server-pubcloud-2.6.5-lp152.2.3.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "openSUSE Leap 15.2:rmt-server-2.6.5-lp152.2.3.1.x86_64", "openSUSE Leap 15.2:rmt-server-config-2.6.5-lp152.2.3.1.x86_64", "openSUSE Leap 15.2:rmt-server-pubcloud-2.6.5-lp152.2.3.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2020-11-21T11:23:05Z", details: "moderate", }, ], title: "CVE-2019-5419", }, { cve: "CVE-2019-5420", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-5420", }, ], notes: [ { category: "general", text: "A remote code execution vulnerability in development mode Rails <5.2.2.1, <6.0.0.beta3 can allow an attacker to guess the automatically generated development mode secret token. This secret token can be used in combination with other Rails internals to escalate to a remote code execution exploit.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.2:rmt-server-2.6.5-lp152.2.3.1.x86_64", "openSUSE Leap 15.2:rmt-server-config-2.6.5-lp152.2.3.1.x86_64", "openSUSE Leap 15.2:rmt-server-pubcloud-2.6.5-lp152.2.3.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-5420", url: "https://www.suse.com/security/cve/CVE-2019-5420", }, { category: "external", summary: "SUSE Bug 1129268 for CVE-2019-5420", url: "https://bugzilla.suse.com/1129268", }, { category: "external", summary: "SUSE Bug 1203810 for CVE-2019-5420", url: "https://bugzilla.suse.com/1203810", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.2:rmt-server-2.6.5-lp152.2.3.1.x86_64", "openSUSE Leap 15.2:rmt-server-config-2.6.5-lp152.2.3.1.x86_64", "openSUSE Leap 15.2:rmt-server-pubcloud-2.6.5-lp152.2.3.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.1, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.2:rmt-server-2.6.5-lp152.2.3.1.x86_64", "openSUSE Leap 15.2:rmt-server-config-2.6.5-lp152.2.3.1.x86_64", "openSUSE Leap 15.2:rmt-server-pubcloud-2.6.5-lp152.2.3.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2020-11-21T11:23:05Z", details: "important", }, ], title: "CVE-2019-5420", }, { cve: "CVE-2020-11076", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-11076", }, ], notes: [ { category: "general", text: "In Puma (RubyGem) before 4.3.4 and 3.12.5, an attacker could smuggle an HTTP response, by using an invalid transfer-encoding header. The problem has been fixed in Puma 3.12.5 and Puma 4.3.4.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.2:rmt-server-2.6.5-lp152.2.3.1.x86_64", "openSUSE Leap 15.2:rmt-server-config-2.6.5-lp152.2.3.1.x86_64", "openSUSE Leap 15.2:rmt-server-pubcloud-2.6.5-lp152.2.3.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-11076", url: "https://www.suse.com/security/cve/CVE-2020-11076", }, { category: "external", summary: "SUSE Bug 1172175 for CVE-2020-11076", url: "https://bugzilla.suse.com/1172175", }, { category: "external", summary: "SUSE Bug 1172176 for CVE-2020-11076", url: "https://bugzilla.suse.com/1172176", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.2:rmt-server-2.6.5-lp152.2.3.1.x86_64", "openSUSE Leap 15.2:rmt-server-config-2.6.5-lp152.2.3.1.x86_64", "openSUSE Leap 15.2:rmt-server-pubcloud-2.6.5-lp152.2.3.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.8, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N", version: "3.1", }, products: [ "openSUSE Leap 15.2:rmt-server-2.6.5-lp152.2.3.1.x86_64", "openSUSE Leap 15.2:rmt-server-config-2.6.5-lp152.2.3.1.x86_64", "openSUSE Leap 15.2:rmt-server-pubcloud-2.6.5-lp152.2.3.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2020-11-21T11:23:05Z", details: "moderate", }, ], title: "CVE-2020-11076", }, { cve: "CVE-2020-11077", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-11077", }, ], notes: [ { category: "general", text: "In Puma (RubyGem) before 4.3.5 and 3.12.6, a client could smuggle a request through a proxy, causing the proxy to send a response back to another unknown client. If the proxy uses persistent connections and the client adds another request in via HTTP pipelining, the proxy may mistake it as the first request's body. Puma, however, would see it as two requests, and when processing the second request, send back a response that the proxy does not expect. If the proxy has reused the persistent connection to Puma to send another request for a different client, the second response from the first client will be sent to the second client. This is a similar but different vulnerability from CVE-2020-11076. The problem has been fixed in Puma 3.12.6 and Puma 4.3.5.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.2:rmt-server-2.6.5-lp152.2.3.1.x86_64", "openSUSE Leap 15.2:rmt-server-config-2.6.5-lp152.2.3.1.x86_64", "openSUSE Leap 15.2:rmt-server-pubcloud-2.6.5-lp152.2.3.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-11077", url: "https://www.suse.com/security/cve/CVE-2020-11077", }, { category: "external", summary: "SUSE Bug 1172175 for CVE-2020-11077", url: "https://bugzilla.suse.com/1172175", }, { category: "external", summary: "SUSE Bug 1172176 for CVE-2020-11077", url: "https://bugzilla.suse.com/1172176", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.2:rmt-server-2.6.5-lp152.2.3.1.x86_64", "openSUSE Leap 15.2:rmt-server-config-2.6.5-lp152.2.3.1.x86_64", "openSUSE Leap 15.2:rmt-server-pubcloud-2.6.5-lp152.2.3.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.8, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N", version: "3.1", }, products: [ "openSUSE Leap 15.2:rmt-server-2.6.5-lp152.2.3.1.x86_64", "openSUSE Leap 15.2:rmt-server-config-2.6.5-lp152.2.3.1.x86_64", "openSUSE Leap 15.2:rmt-server-pubcloud-2.6.5-lp152.2.3.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2020-11-21T11:23:05Z", details: "moderate", }, ], title: "CVE-2020-11077", }, { cve: "CVE-2020-15169", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-15169", }, ], notes: [ { category: "general", text: "In Action View before versions 5.2.4.4 and 6.0.3.3 there is a potential Cross-Site Scripting (XSS) vulnerability in Action View's translation helpers. Views that allow the user to control the default (not found) value of the `t` and `translate` helpers could be susceptible to XSS attacks. When an HTML-unsafe string is passed as the default for a missing translation key named html or ending in _html, the default string is incorrectly marked as HTML-safe and not escaped. This is patched in versions 6.0.3.3 and 5.2.4.4. A workaround without upgrading is proposed in the source advisory.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.2:rmt-server-2.6.5-lp152.2.3.1.x86_64", "openSUSE Leap 15.2:rmt-server-config-2.6.5-lp152.2.3.1.x86_64", "openSUSE Leap 15.2:rmt-server-pubcloud-2.6.5-lp152.2.3.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-15169", url: "https://www.suse.com/security/cve/CVE-2020-15169", }, { category: "external", summary: "SUSE Bug 1176421 for CVE-2020-15169", url: "https://bugzilla.suse.com/1176421", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.2:rmt-server-2.6.5-lp152.2.3.1.x86_64", "openSUSE Leap 15.2:rmt-server-config-2.6.5-lp152.2.3.1.x86_64", "openSUSE Leap 15.2:rmt-server-pubcloud-2.6.5-lp152.2.3.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.4, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, products: [ "openSUSE Leap 15.2:rmt-server-2.6.5-lp152.2.3.1.x86_64", "openSUSE Leap 15.2:rmt-server-config-2.6.5-lp152.2.3.1.x86_64", "openSUSE Leap 15.2:rmt-server-pubcloud-2.6.5-lp152.2.3.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2020-11-21T11:23:05Z", details: "important", }, ], title: "CVE-2020-15169", }, { cve: "CVE-2020-5247", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-5247", }, ], notes: [ { category: "general", text: "In Puma (RubyGem) before 4.3.2 and before 3.12.3, if an application using Puma allows untrusted input in a response header, an attacker can use newline characters (i.e. `CR`, `LF` or`/r`, `/n`) to end the header and inject malicious content, such as additional headers or an entirely new response body. This vulnerability is known as HTTP Response Splitting. While not an attack in itself, response splitting is a vector for several other attacks, such as cross-site scripting (XSS). This is related to CVE-2019-16254, which fixed this vulnerability for the WEBrick Ruby web server. This has been fixed in versions 4.3.2 and 3.12.3 by checking all headers for line endings and rejecting headers with those characters.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.2:rmt-server-2.6.5-lp152.2.3.1.x86_64", "openSUSE Leap 15.2:rmt-server-config-2.6.5-lp152.2.3.1.x86_64", "openSUSE Leap 15.2:rmt-server-pubcloud-2.6.5-lp152.2.3.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-5247", url: "https://www.suse.com/security/cve/CVE-2020-5247", }, { category: "external", summary: "SUSE Bug 1165402 for CVE-2020-5247", url: "https://bugzilla.suse.com/1165402", }, { category: "external", summary: "SUSE Bug 1165524 for CVE-2020-5247", url: "https://bugzilla.suse.com/1165524", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.2:rmt-server-2.6.5-lp152.2.3.1.x86_64", "openSUSE Leap 15.2:rmt-server-config-2.6.5-lp152.2.3.1.x86_64", "openSUSE Leap 15.2:rmt-server-pubcloud-2.6.5-lp152.2.3.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N", version: "3.1", }, products: [ "openSUSE Leap 15.2:rmt-server-2.6.5-lp152.2.3.1.x86_64", "openSUSE Leap 15.2:rmt-server-config-2.6.5-lp152.2.3.1.x86_64", "openSUSE Leap 15.2:rmt-server-pubcloud-2.6.5-lp152.2.3.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2020-11-21T11:23:05Z", details: "moderate", }, ], title: "CVE-2020-5247", }, { cve: "CVE-2020-5249", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-5249", }, ], notes: [ { category: "general", text: "In Puma (RubyGem) before 4.3.3 and 3.12.4, if an application using Puma allows untrusted input in an early-hints header, an attacker can use a carriage return character to end the header and inject malicious content, such as additional headers or an entirely new response body. This vulnerability is known as HTTP Response Splitting. While not an attack in itself, response splitting is a vector for several other attacks, such as cross-site scripting (XSS). This is related to CVE-2020-5247, which fixed this vulnerability but only for regular responses. This has been fixed in 4.3.3 and 3.12.4.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.2:rmt-server-2.6.5-lp152.2.3.1.x86_64", "openSUSE Leap 15.2:rmt-server-config-2.6.5-lp152.2.3.1.x86_64", "openSUSE Leap 15.2:rmt-server-pubcloud-2.6.5-lp152.2.3.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-5249", url: "https://www.suse.com/security/cve/CVE-2020-5249", }, { category: "external", summary: "SUSE Bug 1165524 for CVE-2020-5249", url: "https://bugzilla.suse.com/1165524", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.2:rmt-server-2.6.5-lp152.2.3.1.x86_64", "openSUSE Leap 15.2:rmt-server-config-2.6.5-lp152.2.3.1.x86_64", "openSUSE Leap 15.2:rmt-server-pubcloud-2.6.5-lp152.2.3.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", version: "3.1", }, products: [ "openSUSE Leap 15.2:rmt-server-2.6.5-lp152.2.3.1.x86_64", "openSUSE Leap 15.2:rmt-server-config-2.6.5-lp152.2.3.1.x86_64", "openSUSE Leap 15.2:rmt-server-pubcloud-2.6.5-lp152.2.3.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2020-11-21T11:23:05Z", details: "moderate", }, ], title: "CVE-2020-5249", }, { cve: "CVE-2020-5267", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-5267", }, ], notes: [ { category: "general", text: "In ActionView before versions 6.0.2.2 and 5.2.4.2, there is a possible XSS vulnerability in ActionView's JavaScript literal escape helpers. Views that use the `j` or `escape_javascript` methods may be susceptible to XSS attacks. The issue is fixed in versions 6.0.2.2 and 5.2.4.2.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.2:rmt-server-2.6.5-lp152.2.3.1.x86_64", "openSUSE Leap 15.2:rmt-server-config-2.6.5-lp152.2.3.1.x86_64", "openSUSE Leap 15.2:rmt-server-pubcloud-2.6.5-lp152.2.3.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-5267", url: "https://www.suse.com/security/cve/CVE-2020-5267", }, { category: "external", summary: "SUSE Bug 1167240 for CVE-2020-5267", url: "https://bugzilla.suse.com/1167240", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.2:rmt-server-2.6.5-lp152.2.3.1.x86_64", "openSUSE Leap 15.2:rmt-server-config-2.6.5-lp152.2.3.1.x86_64", "openSUSE Leap 15.2:rmt-server-pubcloud-2.6.5-lp152.2.3.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.8, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, products: [ "openSUSE Leap 15.2:rmt-server-2.6.5-lp152.2.3.1.x86_64", "openSUSE Leap 15.2:rmt-server-config-2.6.5-lp152.2.3.1.x86_64", "openSUSE Leap 15.2:rmt-server-pubcloud-2.6.5-lp152.2.3.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2020-11-21T11:23:05Z", details: "moderate", }, ], title: "CVE-2020-5267", }, { cve: "CVE-2020-8164", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-8164", }, ], notes: [ { category: "general", text: "A deserialization of untrusted data vulnerability exists in rails < 5.2.4.3, rails < 6.0.3.1 which can allow an attacker to supply information can be inadvertently leaked fromStrong Parameters.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.2:rmt-server-2.6.5-lp152.2.3.1.x86_64", "openSUSE Leap 15.2:rmt-server-config-2.6.5-lp152.2.3.1.x86_64", "openSUSE Leap 15.2:rmt-server-pubcloud-2.6.5-lp152.2.3.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-8164", url: "https://www.suse.com/security/cve/CVE-2020-8164", }, { category: "external", summary: "SUSE Bug 1172177 for CVE-2020-8164", url: "https://bugzilla.suse.com/1172177", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.2:rmt-server-2.6.5-lp152.2.3.1.x86_64", "openSUSE Leap 15.2:rmt-server-config-2.6.5-lp152.2.3.1.x86_64", "openSUSE Leap 15.2:rmt-server-pubcloud-2.6.5-lp152.2.3.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "openSUSE Leap 15.2:rmt-server-2.6.5-lp152.2.3.1.x86_64", "openSUSE Leap 15.2:rmt-server-config-2.6.5-lp152.2.3.1.x86_64", "openSUSE Leap 15.2:rmt-server-pubcloud-2.6.5-lp152.2.3.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2020-11-21T11:23:05Z", details: "important", }, ], title: "CVE-2020-8164", }, { cve: "CVE-2020-8165", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-8165", }, ], notes: [ { category: "general", text: "A deserialization of untrusted data vulnernerability exists in rails < 5.2.4.3, rails < 6.0.3.1 that can allow an attacker to unmarshal user-provided objects in MemCacheStore and RedisCacheStore potentially resulting in an RCE.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.2:rmt-server-2.6.5-lp152.2.3.1.x86_64", "openSUSE Leap 15.2:rmt-server-config-2.6.5-lp152.2.3.1.x86_64", "openSUSE Leap 15.2:rmt-server-pubcloud-2.6.5-lp152.2.3.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-8165", url: "https://www.suse.com/security/cve/CVE-2020-8165", }, { category: "external", summary: "SUSE Bug 1172186 for CVE-2020-8165", url: "https://bugzilla.suse.com/1172186", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.2:rmt-server-2.6.5-lp152.2.3.1.x86_64", "openSUSE Leap 15.2:rmt-server-config-2.6.5-lp152.2.3.1.x86_64", "openSUSE Leap 15.2:rmt-server-pubcloud-2.6.5-lp152.2.3.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.2:rmt-server-2.6.5-lp152.2.3.1.x86_64", "openSUSE Leap 15.2:rmt-server-config-2.6.5-lp152.2.3.1.x86_64", "openSUSE Leap 15.2:rmt-server-pubcloud-2.6.5-lp152.2.3.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2020-11-21T11:23:05Z", details: "critical", }, ], title: "CVE-2020-8165", }, { cve: "CVE-2020-8166", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-8166", }, ], notes: [ { category: "general", text: "A CSRF forgery vulnerability exists in rails < 5.2.5, rails < 6.0.4 that makes it possible for an attacker to, given a global CSRF token such as the one present in the authenticity_token meta tag, forge a per-form CSRF token.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.2:rmt-server-2.6.5-lp152.2.3.1.x86_64", "openSUSE Leap 15.2:rmt-server-config-2.6.5-lp152.2.3.1.x86_64", "openSUSE Leap 15.2:rmt-server-pubcloud-2.6.5-lp152.2.3.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-8166", url: "https://www.suse.com/security/cve/CVE-2020-8166", }, { category: "external", summary: "SUSE Bug 1172182 for CVE-2020-8166", url: "https://bugzilla.suse.com/1172182", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.2:rmt-server-2.6.5-lp152.2.3.1.x86_64", "openSUSE Leap 15.2:rmt-server-config-2.6.5-lp152.2.3.1.x86_64", "openSUSE Leap 15.2:rmt-server-pubcloud-2.6.5-lp152.2.3.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 3.7, baseSeverity: "LOW", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", version: "3.1", }, products: [ "openSUSE Leap 15.2:rmt-server-2.6.5-lp152.2.3.1.x86_64", "openSUSE Leap 15.2:rmt-server-config-2.6.5-lp152.2.3.1.x86_64", "openSUSE Leap 15.2:rmt-server-pubcloud-2.6.5-lp152.2.3.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2020-11-21T11:23:05Z", details: "low", }, ], title: "CVE-2020-8166", }, { cve: "CVE-2020-8167", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-8167", }, ], notes: [ { category: "general", text: "A CSRF vulnerability exists in rails <= 6.0.3 rails-ujs module that could allow attackers to send CSRF tokens to wrong domains.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.2:rmt-server-2.6.5-lp152.2.3.1.x86_64", "openSUSE Leap 15.2:rmt-server-config-2.6.5-lp152.2.3.1.x86_64", "openSUSE Leap 15.2:rmt-server-pubcloud-2.6.5-lp152.2.3.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-8167", url: "https://www.suse.com/security/cve/CVE-2020-8167", }, { category: "external", summary: "SUSE Bug 1172184 for CVE-2020-8167", url: "https://bugzilla.suse.com/1172184", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.2:rmt-server-2.6.5-lp152.2.3.1.x86_64", "openSUSE Leap 15.2:rmt-server-config-2.6.5-lp152.2.3.1.x86_64", "openSUSE Leap 15.2:rmt-server-pubcloud-2.6.5-lp152.2.3.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N", version: "3.1", }, products: [ "openSUSE Leap 15.2:rmt-server-2.6.5-lp152.2.3.1.x86_64", "openSUSE Leap 15.2:rmt-server-config-2.6.5-lp152.2.3.1.x86_64", "openSUSE Leap 15.2:rmt-server-pubcloud-2.6.5-lp152.2.3.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2020-11-21T11:23:05Z", details: "moderate", }, ], title: "CVE-2020-8167", }, { cve: "CVE-2020-8184", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-8184", }, ], notes: [ { category: "general", text: "A reliance on cookies without validation/integrity check security vulnerability exists in rack < 2.2.3, rack < 2.1.4 that makes it is possible for an attacker to forge a secure or host-only cookie prefix.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.2:rmt-server-2.6.5-lp152.2.3.1.x86_64", "openSUSE Leap 15.2:rmt-server-config-2.6.5-lp152.2.3.1.x86_64", "openSUSE Leap 15.2:rmt-server-pubcloud-2.6.5-lp152.2.3.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-8184", url: "https://www.suse.com/security/cve/CVE-2020-8184", }, { category: "external", summary: "SUSE Bug 1173351 for CVE-2020-8184", url: "https://bugzilla.suse.com/1173351", }, { category: "external", summary: "SUSE Bug 1177352 for CVE-2020-8184", url: "https://bugzilla.suse.com/1177352", }, { category: "external", summary: "SUSE Bug 1193081 for CVE-2020-8184", url: "https://bugzilla.suse.com/1193081", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.2:rmt-server-2.6.5-lp152.2.3.1.x86_64", "openSUSE Leap 15.2:rmt-server-config-2.6.5-lp152.2.3.1.x86_64", "openSUSE Leap 15.2:rmt-server-pubcloud-2.6.5-lp152.2.3.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.8, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, products: [ "openSUSE Leap 15.2:rmt-server-2.6.5-lp152.2.3.1.x86_64", "openSUSE Leap 15.2:rmt-server-config-2.6.5-lp152.2.3.1.x86_64", "openSUSE Leap 15.2:rmt-server-pubcloud-2.6.5-lp152.2.3.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2020-11-21T11:23:05Z", details: "moderate", }, ], title: "CVE-2020-8184", }, { cve: "CVE-2020-8185", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-8185", }, ], notes: [ { category: "general", text: "A denial of service vulnerability exists in Rails <6.0.3.2 that allowed an untrusted user to run any pending migrations on a Rails app running in production.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.2:rmt-server-2.6.5-lp152.2.3.1.x86_64", "openSUSE Leap 15.2:rmt-server-config-2.6.5-lp152.2.3.1.x86_64", "openSUSE Leap 15.2:rmt-server-pubcloud-2.6.5-lp152.2.3.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-8185", url: "https://www.suse.com/security/cve/CVE-2020-8185", }, { category: "external", summary: "SUSE Bug 1173564 for CVE-2020-8185", url: "https://bugzilla.suse.com/1173564", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.2:rmt-server-2.6.5-lp152.2.3.1.x86_64", "openSUSE Leap 15.2:rmt-server-config-2.6.5-lp152.2.3.1.x86_64", "openSUSE Leap 15.2:rmt-server-pubcloud-2.6.5-lp152.2.3.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.2:rmt-server-2.6.5-lp152.2.3.1.x86_64", "openSUSE Leap 15.2:rmt-server-config-2.6.5-lp152.2.3.1.x86_64", "openSUSE Leap 15.2:rmt-server-pubcloud-2.6.5-lp152.2.3.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2020-11-21T11:23:05Z", details: "moderate", }, ], title: "CVE-2020-8185", }, ], }
opensuse-su-2020:2000-1
Vulnerability from csaf_opensuse
Published
2020-11-23 09:30
Modified
2020-11-23 09:30
Summary
Security update for rmt-server
Notes
Title of the patch
Security update for rmt-server
Description of the patch
This update for rmt-server fixes the following issues:
- Version 2.6.5
- Solved potential bug of SCC repository URLs changing over time. RMT
now self heals by removing the previous invalid repository and
creating the correct one.
- Version 2.6.4
- Add web server settings to /etc/rmt.conf:
Now it's possible to configure the minimum and maximum threads count as well
the number of web server workers to be booted through /etc/rmt.conf.
- Version 2.6.3
- Instead of using an MD5 of URLs for custom repository friendly_ids,
RMT now builds an ID from the name.
- Version 2.6.2
- Fix RMT file caching based on timestamps:
Previously, RMT sent GET requests with the header 'If-Modified-Since' to a
repository server and if the response had a 304 (Not Modified), it would copy
a file from the local cache instead of downloading. However, if the local file
timestamp accidentally changed to a date newer than the one on the repository
server, RMT would have an outdated file, which caused some errors.
Now, RMT makes HEAD requests to the repositories servers and inspect the
'Last-Modified' header to decide whether to download a file or copy it from
cache, by comparing the equalness of timestamps.
- Version 2.6.1
- Fixed an issue where relative paths supplied to `rmt-cli import repos`
caused the command to fail.
- Version 2.6.0
- Friendlier IDs for custom repositories:
In an effort to simplify the handling of SCC and custom repositories,
RMT now has friendly IDs. For SCC repositories, it's the same SCC ID
as before. For custom repositories, it can either be user provided
or RMT generated (MD5 of the provided URL).
Benefits:
* `rmt-cli mirror repositories` now works for custom repositories.
* Custom repository IDs can be the same across RMT instances.
* No more confusing 'SCC ID' vs 'ID' in `rmt-cli` output.
Deprecation Warnings:
* RMT now uses a different ID for custom repositories than before.
RMT still supports that old ID, but it's recommended to start
using the new ID to ensure future compatibility.
- Version 2.5.20
- Updated rails from 6.0.3.2 to 6.0.3.3:
- actionview (CVE-2020-15169)
- Version 2.5.19
- RMT now has the ability to remove local systems with the command
`rmt-cli systems remove`.
- Version 2.5.18
- Fixed exit code for `rmt-cli mirror` and its subcommands. Now it exits with 1
whenever an error occurs during mirroring
- Improved message logging for `rtm-cli mirror`. Instead of logging an error
when it occurs, the command summarize all errors at the end of execution. Now
log messages have colors to better identify failure/success.
- Version 2.5.17
- RMT no longer provides the installer updates repository to systems via its
zypper service. This repository is used during the installation process, as
it provides an up-to-date installation experience, but it has no use on an
already installed system.
- Version 2.5.16
- Updated RMT's rails and puma dependencies.
- puma (CVE-2020-11076, CVE-2020-11077, CVE-2020-5249, CVE-2020-5247
CVE-2019-16770)
- actionpack (CVE-2020-8185, CVE-2020-8164, CVE-2020-8166)
- actionview (CVE-2020-8167, CVE-2020-5267, CVE-2019-5418, CVE-2019-5419)
- activesupport (CVE-2020-8165)
- railties (CVE-2019-5420)
- Version 2.5.15
- RMT now checks if repositories are fully mirrored during the
activation process. Previously, RMT only checked if the repositories
were enabled to be mirrored, but not that they were actually mirrored.
In this case, RMTs were not able to provide the repository data which
systems assumed it had.
- Version 2.5.14
- Enable 'Installer-Updates' repositories by default
- Fixed deprecation warning when thor encountered an error. Also,
instead of returning 0 for thor errors, rmt-cli will return 1
instead.
- Version 2.5.13
- Added `rmt-cli repos clean` command to remove locally mirrored files
of repositories which are not marked to be mirrored.
- Previously, RMT didn't track deduplicated files in its database. Now,
to accommodate `rmt-cli repos clean`, RMT will track all mirrored
files.
- Move the nginx reload to the configuration package which contain
nginx config files, don't reload nginx unconditionally from main
package.
- Version 2.5.12
- Update rack to version 2.2.3 (CVE-2020-8184: bsc#1173351)
- Update Rails to version 5.2.4.3:
- actionpack (CVE-2020-8164: bsc#1172177)
- actionpack (CVE-2020-8166: bsc#1172182)
- activesupport (CVE-2020-8165: bsc#1172186)
- actionview (CVE-2020-8167: bsc#1172184)
- Version 2.5.11
- rmt-server-pubcloud:
- SLES11 EOL
- Extension activation verification based on the available subscriptions
- Added a manual instance verification script
- Version 2.5.10
- Support rmt-server to run with Ruby 2.7 (Factory/Tumbleweed):
- Bump gem 'config' version from 1.7.2 to 2.2.1 to fix incompatibility Ruby
2.7 OpenStruct class;
- Bump gem 'typhoeus' version from 1.3.1 to 1.4.0 in order to also bump gem
'ethon' version, which caused a 'rb_safe_level' warning on Ruby 2.7;
- Fix 'last arg as keyword arg' Ruby 2.7 warning on source code;
- Disable 'deprecated' warnings from Ruby 2.7; Rails 5.1 generates a lot of
warnings with Ruby 2.7, mainly due to 'capturing the given block with
Proc.new', which is deprecated;
- Improve RPM spec to consider only the distribution default Ruby version
configured in OBS;
- Improve RPM spec to remove Ruby 2.7 warnings regarding 'bundler.
- Move nginx/vhosts.d directory to correct sub-package. They
are needed together with nginx, not rmt-server.
- Fix dependencies especially for containerized usage:
- mariadb and nginx are not hard requires, could run on another host
- Fix generic dependencies:
- systemd ordering was missing
- shadow is required for pre-install
- Version 2.5.9
- rmt-server-pubcloud: enforce strict authentication
- Version 2.5.8
- Use repomd_parser gem to remove repository metadata parsing code.
This update was imported from the SUSE:SLE-15-SP1:Update update project.
Patchnames
openSUSE-2020-2000
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Security update for rmt-server", title: "Title of the patch", }, { category: "description", text: "This update for rmt-server fixes the following issues:\n\n- Version 2.6.5\n- Solved potential bug of SCC repository URLs changing over time. RMT\n now self heals by removing the previous invalid repository and\n creating the correct one.\n\n- Version 2.6.4\n- Add web server settings to /etc/rmt.conf:\n Now it's possible to configure the minimum and maximum threads count as well\n the number of web server workers to be booted through /etc/rmt.conf.\n\n- Version 2.6.3\n- Instead of using an MD5 of URLs for custom repository friendly_ids,\n RMT now builds an ID from the name.\n\n- Version 2.6.2\n- Fix RMT file caching based on timestamps:\n Previously, RMT sent GET requests with the header 'If-Modified-Since' to a\n repository server and if the response had a 304 (Not Modified), it would copy\n a file from the local cache instead of downloading. However, if the local file\n timestamp accidentally changed to a date newer than the one on the repository\n server, RMT would have an outdated file, which caused some errors.\n Now, RMT makes HEAD requests to the repositories servers and inspect the\n 'Last-Modified' header to decide whether to download a file or copy it from\n cache, by comparing the equalness of timestamps.\n \n\n- Version 2.6.1\n- Fixed an issue where relative paths supplied to `rmt-cli import repos`\n caused the command to fail.\n\n- Version 2.6.0\n- Friendlier IDs for custom repositories:\n In an effort to simplify the handling of SCC and custom repositories,\n RMT now has friendly IDs. For SCC repositories, it's the same SCC ID\n as before. For custom repositories, it can either be user provided\n or RMT generated (MD5 of the provided URL).\n Benefits:\n * `rmt-cli mirror repositories` now works for custom repositories.\n * Custom repository IDs can be the same across RMT instances.\n * No more confusing 'SCC ID' vs 'ID' in `rmt-cli` output.\n Deprecation Warnings:\n * RMT now uses a different ID for custom repositories than before.\n RMT still supports that old ID, but it's recommended to start\n using the new ID to ensure future compatibility.\n\n- Version 2.5.20\n- Updated rails from 6.0.3.2 to 6.0.3.3:\n - actionview (CVE-2020-15169)\n\n- Version 2.5.19\n- RMT now has the ability to remove local systems with the command\n `rmt-cli systems remove`.\n\n- Version 2.5.18\n- Fixed exit code for `rmt-cli mirror` and its subcommands. Now it exits with 1\n whenever an error occurs during mirroring\n- Improved message logging for `rtm-cli mirror`. Instead of logging an error\n when it occurs, the command summarize all errors at the end of execution. Now\n log messages have colors to better identify failure/success.\n\n- Version 2.5.17\n- RMT no longer provides the installer updates repository to systems via its\n zypper service. This repository is used during the installation process, as\n it provides an up-to-date installation experience, but it has no use on an\n already installed system.\n\n- Version 2.5.16\n- Updated RMT's rails and puma dependencies.\n - puma (CVE-2020-11076, CVE-2020-11077, CVE-2020-5249, CVE-2020-5247\n CVE-2019-16770)\n - actionpack (CVE-2020-8185, CVE-2020-8164, CVE-2020-8166)\n - actionview (CVE-2020-8167, CVE-2020-5267, CVE-2019-5418, CVE-2019-5419)\n - activesupport (CVE-2020-8165)\n - railties (CVE-2019-5420)\n\n- Version 2.5.15\n- RMT now checks if repositories are fully mirrored during the\n activation process. Previously, RMT only checked if the repositories\n were enabled to be mirrored, but not that they were actually mirrored.\n In this case, RMTs were not able to provide the repository data which\n systems assumed it had.\n\n- Version 2.5.14\n- Enable 'Installer-Updates' repositories by default\n\n- Fixed deprecation warning when thor encountered an error. Also,\n instead of returning 0 for thor errors, rmt-cli will return 1\n instead.\n\n- Version 2.5.13\n- Added `rmt-cli repos clean` command to remove locally mirrored files\n of repositories which are not marked to be mirrored.\n- Previously, RMT didn't track deduplicated files in its database. Now,\n to accommodate `rmt-cli repos clean`, RMT will track all mirrored\n files.\n\n- Move the nginx reload to the configuration package which contain\n nginx config files, don't reload nginx unconditionally from main\n package.\n\n- Version 2.5.12\n- Update rack to version 2.2.3 (CVE-2020-8184: bsc#1173351)\n- Update Rails to version 5.2.4.3:\n - actionpack (CVE-2020-8164: bsc#1172177)\n - actionpack (CVE-2020-8166: bsc#1172182)\n - activesupport (CVE-2020-8165: bsc#1172186)\n - actionview (CVE-2020-8167: bsc#1172184)\n\n- Version 2.5.11\n- rmt-server-pubcloud:\n - SLES11 EOL\n - Extension activation verification based on the available subscriptions\n - Added a manual instance verification script\n\n- Version 2.5.10\n- Support rmt-server to run with Ruby 2.7 (Factory/Tumbleweed):\n - Bump gem 'config' version from 1.7.2 to 2.2.1 to fix incompatibility Ruby\n 2.7 OpenStruct class;\n - Bump gem 'typhoeus' version from 1.3.1 to 1.4.0 in order to also bump gem\n 'ethon' version, which caused a 'rb_safe_level' warning on Ruby 2.7;\n - Fix 'last arg as keyword arg' Ruby 2.7 warning on source code;\n - Disable 'deprecated' warnings from Ruby 2.7; Rails 5.1 generates a lot of\n warnings with Ruby 2.7, mainly due to 'capturing the given block with\n Proc.new', which is deprecated;\n - Improve RPM spec to consider only the distribution default Ruby version\n configured in OBS;\n - Improve RPM spec to remove Ruby 2.7 warnings regarding 'bundler.\n\n- Move nginx/vhosts.d directory to correct sub-package. They\n are needed together with nginx, not rmt-server.\n- Fix dependencies especially for containerized usage:\n - mariadb and nginx are not hard requires, could run on another host\n- Fix generic dependencies:\n - systemd ordering was missing\n - shadow is required for pre-install\n\n- Version 2.5.9\n- rmt-server-pubcloud: enforce strict authentication\n\n- Version 2.5.8\n- Use repomd_parser gem to remove repository metadata parsing code.\n\nThis update was imported from the SUSE:SLE-15-SP1:Update update project.", title: "Description of the patch", }, { category: "details", text: "openSUSE-2020-2000", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2020_2000-1.json", }, { category: "self", summary: "URL for openSUSE-SU-2020:2000-1", url: "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/7MCDUWQEXA3XGI7X2XPATA7YTNVDYTSF/", }, { category: "self", summary: "E-Mail link for openSUSE-SU-2020:2000-1", url: "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/7MCDUWQEXA3XGI7X2XPATA7YTNVDYTSF/", }, { category: "self", summary: "SUSE Bug 1172177", url: "https://bugzilla.suse.com/1172177", }, { category: "self", summary: "SUSE Bug 1172182", url: "https://bugzilla.suse.com/1172182", }, { category: "self", summary: "SUSE Bug 1172184", url: "https://bugzilla.suse.com/1172184", }, { category: "self", summary: "SUSE Bug 1172186", url: "https://bugzilla.suse.com/1172186", }, { category: "self", summary: "SUSE Bug 1173351", url: "https://bugzilla.suse.com/1173351", }, { category: "self", summary: "SUSE CVE CVE-2019-16770 page", url: "https://www.suse.com/security/cve/CVE-2019-16770/", }, { category: "self", summary: "SUSE CVE CVE-2019-5418 page", url: "https://www.suse.com/security/cve/CVE-2019-5418/", }, { category: "self", summary: "SUSE CVE CVE-2019-5419 page", url: "https://www.suse.com/security/cve/CVE-2019-5419/", }, { category: "self", summary: "SUSE CVE CVE-2019-5420 page", url: "https://www.suse.com/security/cve/CVE-2019-5420/", }, { category: "self", summary: "SUSE CVE CVE-2020-11076 page", url: "https://www.suse.com/security/cve/CVE-2020-11076/", }, { category: "self", summary: "SUSE CVE CVE-2020-11077 page", url: "https://www.suse.com/security/cve/CVE-2020-11077/", }, { category: "self", summary: "SUSE CVE CVE-2020-15169 page", url: "https://www.suse.com/security/cve/CVE-2020-15169/", }, { category: "self", summary: "SUSE CVE CVE-2020-5247 page", url: "https://www.suse.com/security/cve/CVE-2020-5247/", }, { category: "self", summary: "SUSE CVE CVE-2020-5249 page", url: "https://www.suse.com/security/cve/CVE-2020-5249/", }, { category: "self", summary: "SUSE CVE CVE-2020-5267 page", url: "https://www.suse.com/security/cve/CVE-2020-5267/", }, { category: "self", summary: "SUSE CVE CVE-2020-8164 page", url: "https://www.suse.com/security/cve/CVE-2020-8164/", }, { category: "self", summary: "SUSE CVE CVE-2020-8165 page", url: "https://www.suse.com/security/cve/CVE-2020-8165/", }, { category: "self", summary: "SUSE CVE CVE-2020-8166 page", url: "https://www.suse.com/security/cve/CVE-2020-8166/", }, { category: "self", summary: "SUSE CVE CVE-2020-8167 page", url: "https://www.suse.com/security/cve/CVE-2020-8167/", }, { category: "self", summary: "SUSE CVE CVE-2020-8184 page", url: "https://www.suse.com/security/cve/CVE-2020-8184/", }, { category: "self", summary: "SUSE CVE CVE-2020-8185 page", url: "https://www.suse.com/security/cve/CVE-2020-8185/", }, ], title: "Security update for rmt-server", tracking: { current_release_date: "2020-11-23T09:30:24Z", generator: { date: "2020-11-23T09:30:24Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "openSUSE-SU-2020:2000-1", initial_release_date: "2020-11-23T09:30:24Z", revision_history: [ { date: "2020-11-23T09:30:24Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "rmt-server-2.6.5-lp151.2.18.2.x86_64", product: { name: "rmt-server-2.6.5-lp151.2.18.2.x86_64", product_id: "rmt-server-2.6.5-lp151.2.18.2.x86_64", }, }, { category: "product_version", name: "rmt-server-config-2.6.5-lp151.2.18.2.x86_64", product: { name: "rmt-server-config-2.6.5-lp151.2.18.2.x86_64", product_id: "rmt-server-config-2.6.5-lp151.2.18.2.x86_64", }, }, { category: "product_version", name: "rmt-server-pubcloud-2.6.5-lp151.2.18.2.x86_64", product: { name: "rmt-server-pubcloud-2.6.5-lp151.2.18.2.x86_64", product_id: "rmt-server-pubcloud-2.6.5-lp151.2.18.2.x86_64", }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_name", name: "openSUSE Leap 15.1", product: { name: "openSUSE Leap 15.1", product_id: "openSUSE Leap 15.1", product_identification_helper: { cpe: "cpe:/o:opensuse:leap:15.1", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "rmt-server-2.6.5-lp151.2.18.2.x86_64 as component of openSUSE Leap 15.1", product_id: "openSUSE Leap 15.1:rmt-server-2.6.5-lp151.2.18.2.x86_64", }, product_reference: "rmt-server-2.6.5-lp151.2.18.2.x86_64", relates_to_product_reference: "openSUSE Leap 15.1", }, { category: "default_component_of", full_product_name: { name: "rmt-server-config-2.6.5-lp151.2.18.2.x86_64 as component of openSUSE Leap 15.1", product_id: "openSUSE Leap 15.1:rmt-server-config-2.6.5-lp151.2.18.2.x86_64", }, product_reference: "rmt-server-config-2.6.5-lp151.2.18.2.x86_64", relates_to_product_reference: "openSUSE Leap 15.1", }, { category: "default_component_of", full_product_name: { name: "rmt-server-pubcloud-2.6.5-lp151.2.18.2.x86_64 as component of openSUSE Leap 15.1", product_id: "openSUSE Leap 15.1:rmt-server-pubcloud-2.6.5-lp151.2.18.2.x86_64", }, product_reference: "rmt-server-pubcloud-2.6.5-lp151.2.18.2.x86_64", relates_to_product_reference: "openSUSE Leap 15.1", }, ], }, vulnerabilities: [ { cve: "CVE-2019-16770", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-16770", }, ], notes: [ { category: "general", text: "In Puma before versions 3.12.2 and 4.3.1, a poorly-behaved client could use keepalive requests to monopolize Puma's reactor and create a denial of service attack. If more keepalive connections to Puma are opened than there are threads available, additional connections will wait permanently if the attacker sends requests frequently enough. This vulnerability is patched in Puma 4.3.1 and 3.12.2.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.1:rmt-server-2.6.5-lp151.2.18.2.x86_64", "openSUSE Leap 15.1:rmt-server-config-2.6.5-lp151.2.18.2.x86_64", "openSUSE Leap 15.1:rmt-server-pubcloud-2.6.5-lp151.2.18.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-16770", url: "https://www.suse.com/security/cve/CVE-2019-16770", }, { category: "external", summary: "SUSE Bug 1158675 for CVE-2019-16770", url: "https://bugzilla.suse.com/1158675", }, { category: "external", summary: "SUSE Bug 1188527 for CVE-2019-16770", url: "https://bugzilla.suse.com/1188527", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.1:rmt-server-2.6.5-lp151.2.18.2.x86_64", "openSUSE Leap 15.1:rmt-server-config-2.6.5-lp151.2.18.2.x86_64", "openSUSE Leap 15.1:rmt-server-pubcloud-2.6.5-lp151.2.18.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.1:rmt-server-2.6.5-lp151.2.18.2.x86_64", "openSUSE Leap 15.1:rmt-server-config-2.6.5-lp151.2.18.2.x86_64", "openSUSE Leap 15.1:rmt-server-pubcloud-2.6.5-lp151.2.18.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2020-11-23T09:30:24Z", details: "important", }, ], title: "CVE-2019-16770", }, { cve: "CVE-2019-5418", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-5418", }, ], notes: [ { category: "general", text: "There is a File Content Disclosure vulnerability in Action View <5.2.2.1, <5.1.6.2, <5.0.7.2, <4.2.11.1 and v3 where specially crafted accept headers can cause contents of arbitrary files on the target system's filesystem to be exposed.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.1:rmt-server-2.6.5-lp151.2.18.2.x86_64", "openSUSE Leap 15.1:rmt-server-config-2.6.5-lp151.2.18.2.x86_64", "openSUSE Leap 15.1:rmt-server-pubcloud-2.6.5-lp151.2.18.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-5418", url: "https://www.suse.com/security/cve/CVE-2019-5418", }, { category: "external", summary: "SUSE Bug 1129272 for CVE-2019-5418", url: "https://bugzilla.suse.com/1129272", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.1:rmt-server-2.6.5-lp151.2.18.2.x86_64", "openSUSE Leap 15.1:rmt-server-config-2.6.5-lp151.2.18.2.x86_64", "openSUSE Leap 15.1:rmt-server-pubcloud-2.6.5-lp151.2.18.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.0", }, products: [ "openSUSE Leap 15.1:rmt-server-2.6.5-lp151.2.18.2.x86_64", "openSUSE Leap 15.1:rmt-server-config-2.6.5-lp151.2.18.2.x86_64", "openSUSE Leap 15.1:rmt-server-pubcloud-2.6.5-lp151.2.18.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2020-11-23T09:30:24Z", details: "moderate", }, ], title: "CVE-2019-5418", }, { cve: "CVE-2019-5419", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-5419", }, ], notes: [ { category: "general", text: "There is a possible denial of service vulnerability in Action View (Rails) <5.2.2.1, <5.1.6.2, <5.0.7.2, <4.2.11.1 where specially crafted accept headers can cause action view to consume 100% cpu and make the server unresponsive.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.1:rmt-server-2.6.5-lp151.2.18.2.x86_64", "openSUSE Leap 15.1:rmt-server-config-2.6.5-lp151.2.18.2.x86_64", "openSUSE Leap 15.1:rmt-server-pubcloud-2.6.5-lp151.2.18.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-5419", url: "https://www.suse.com/security/cve/CVE-2019-5419", }, { category: "external", summary: "SUSE Bug 1129271 for CVE-2019-5419", url: "https://bugzilla.suse.com/1129271", }, { category: "external", summary: "SUSE Bug 1203810 for CVE-2019-5419", url: "https://bugzilla.suse.com/1203810", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.1:rmt-server-2.6.5-lp151.2.18.2.x86_64", "openSUSE Leap 15.1:rmt-server-config-2.6.5-lp151.2.18.2.x86_64", "openSUSE Leap 15.1:rmt-server-pubcloud-2.6.5-lp151.2.18.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "openSUSE Leap 15.1:rmt-server-2.6.5-lp151.2.18.2.x86_64", "openSUSE Leap 15.1:rmt-server-config-2.6.5-lp151.2.18.2.x86_64", "openSUSE Leap 15.1:rmt-server-pubcloud-2.6.5-lp151.2.18.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2020-11-23T09:30:24Z", details: "moderate", }, ], title: "CVE-2019-5419", }, { cve: "CVE-2019-5420", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-5420", }, ], notes: [ { category: "general", text: "A remote code execution vulnerability in development mode Rails <5.2.2.1, <6.0.0.beta3 can allow an attacker to guess the automatically generated development mode secret token. This secret token can be used in combination with other Rails internals to escalate to a remote code execution exploit.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.1:rmt-server-2.6.5-lp151.2.18.2.x86_64", "openSUSE Leap 15.1:rmt-server-config-2.6.5-lp151.2.18.2.x86_64", "openSUSE Leap 15.1:rmt-server-pubcloud-2.6.5-lp151.2.18.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-5420", url: "https://www.suse.com/security/cve/CVE-2019-5420", }, { category: "external", summary: "SUSE Bug 1129268 for CVE-2019-5420", url: "https://bugzilla.suse.com/1129268", }, { category: "external", summary: "SUSE Bug 1203810 for CVE-2019-5420", url: "https://bugzilla.suse.com/1203810", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.1:rmt-server-2.6.5-lp151.2.18.2.x86_64", "openSUSE Leap 15.1:rmt-server-config-2.6.5-lp151.2.18.2.x86_64", "openSUSE Leap 15.1:rmt-server-pubcloud-2.6.5-lp151.2.18.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.1, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.1:rmt-server-2.6.5-lp151.2.18.2.x86_64", "openSUSE Leap 15.1:rmt-server-config-2.6.5-lp151.2.18.2.x86_64", "openSUSE Leap 15.1:rmt-server-pubcloud-2.6.5-lp151.2.18.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2020-11-23T09:30:24Z", details: "important", }, ], title: "CVE-2019-5420", }, { cve: "CVE-2020-11076", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-11076", }, ], notes: [ { category: "general", text: "In Puma (RubyGem) before 4.3.4 and 3.12.5, an attacker could smuggle an HTTP response, by using an invalid transfer-encoding header. The problem has been fixed in Puma 3.12.5 and Puma 4.3.4.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.1:rmt-server-2.6.5-lp151.2.18.2.x86_64", "openSUSE Leap 15.1:rmt-server-config-2.6.5-lp151.2.18.2.x86_64", "openSUSE Leap 15.1:rmt-server-pubcloud-2.6.5-lp151.2.18.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-11076", url: "https://www.suse.com/security/cve/CVE-2020-11076", }, { category: "external", summary: "SUSE Bug 1172175 for CVE-2020-11076", url: "https://bugzilla.suse.com/1172175", }, { category: "external", summary: "SUSE Bug 1172176 for CVE-2020-11076", url: "https://bugzilla.suse.com/1172176", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.1:rmt-server-2.6.5-lp151.2.18.2.x86_64", "openSUSE Leap 15.1:rmt-server-config-2.6.5-lp151.2.18.2.x86_64", "openSUSE Leap 15.1:rmt-server-pubcloud-2.6.5-lp151.2.18.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.8, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N", version: "3.1", }, products: [ "openSUSE Leap 15.1:rmt-server-2.6.5-lp151.2.18.2.x86_64", "openSUSE Leap 15.1:rmt-server-config-2.6.5-lp151.2.18.2.x86_64", "openSUSE Leap 15.1:rmt-server-pubcloud-2.6.5-lp151.2.18.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2020-11-23T09:30:24Z", details: "moderate", }, ], title: "CVE-2020-11076", }, { cve: "CVE-2020-11077", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-11077", }, ], notes: [ { category: "general", text: "In Puma (RubyGem) before 4.3.5 and 3.12.6, a client could smuggle a request through a proxy, causing the proxy to send a response back to another unknown client. If the proxy uses persistent connections and the client adds another request in via HTTP pipelining, the proxy may mistake it as the first request's body. Puma, however, would see it as two requests, and when processing the second request, send back a response that the proxy does not expect. If the proxy has reused the persistent connection to Puma to send another request for a different client, the second response from the first client will be sent to the second client. This is a similar but different vulnerability from CVE-2020-11076. The problem has been fixed in Puma 3.12.6 and Puma 4.3.5.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.1:rmt-server-2.6.5-lp151.2.18.2.x86_64", "openSUSE Leap 15.1:rmt-server-config-2.6.5-lp151.2.18.2.x86_64", "openSUSE Leap 15.1:rmt-server-pubcloud-2.6.5-lp151.2.18.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-11077", url: "https://www.suse.com/security/cve/CVE-2020-11077", }, { category: "external", summary: "SUSE Bug 1172175 for CVE-2020-11077", url: "https://bugzilla.suse.com/1172175", }, { category: "external", summary: "SUSE Bug 1172176 for CVE-2020-11077", url: "https://bugzilla.suse.com/1172176", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.1:rmt-server-2.6.5-lp151.2.18.2.x86_64", "openSUSE Leap 15.1:rmt-server-config-2.6.5-lp151.2.18.2.x86_64", "openSUSE Leap 15.1:rmt-server-pubcloud-2.6.5-lp151.2.18.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.8, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N", version: "3.1", }, products: [ "openSUSE Leap 15.1:rmt-server-2.6.5-lp151.2.18.2.x86_64", "openSUSE Leap 15.1:rmt-server-config-2.6.5-lp151.2.18.2.x86_64", "openSUSE Leap 15.1:rmt-server-pubcloud-2.6.5-lp151.2.18.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2020-11-23T09:30:24Z", details: "moderate", }, ], title: "CVE-2020-11077", }, { cve: "CVE-2020-15169", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-15169", }, ], notes: [ { category: "general", text: "In Action View before versions 5.2.4.4 and 6.0.3.3 there is a potential Cross-Site Scripting (XSS) vulnerability in Action View's translation helpers. Views that allow the user to control the default (not found) value of the `t` and `translate` helpers could be susceptible to XSS attacks. When an HTML-unsafe string is passed as the default for a missing translation key named html or ending in _html, the default string is incorrectly marked as HTML-safe and not escaped. This is patched in versions 6.0.3.3 and 5.2.4.4. A workaround without upgrading is proposed in the source advisory.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.1:rmt-server-2.6.5-lp151.2.18.2.x86_64", "openSUSE Leap 15.1:rmt-server-config-2.6.5-lp151.2.18.2.x86_64", "openSUSE Leap 15.1:rmt-server-pubcloud-2.6.5-lp151.2.18.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-15169", url: "https://www.suse.com/security/cve/CVE-2020-15169", }, { category: "external", summary: "SUSE Bug 1176421 for CVE-2020-15169", url: "https://bugzilla.suse.com/1176421", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.1:rmt-server-2.6.5-lp151.2.18.2.x86_64", "openSUSE Leap 15.1:rmt-server-config-2.6.5-lp151.2.18.2.x86_64", "openSUSE Leap 15.1:rmt-server-pubcloud-2.6.5-lp151.2.18.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.4, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, products: [ "openSUSE Leap 15.1:rmt-server-2.6.5-lp151.2.18.2.x86_64", "openSUSE Leap 15.1:rmt-server-config-2.6.5-lp151.2.18.2.x86_64", "openSUSE Leap 15.1:rmt-server-pubcloud-2.6.5-lp151.2.18.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2020-11-23T09:30:24Z", details: "important", }, ], title: "CVE-2020-15169", }, { cve: "CVE-2020-5247", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-5247", }, ], notes: [ { category: "general", text: "In Puma (RubyGem) before 4.3.2 and before 3.12.3, if an application using Puma allows untrusted input in a response header, an attacker can use newline characters (i.e. `CR`, `LF` or`/r`, `/n`) to end the header and inject malicious content, such as additional headers or an entirely new response body. This vulnerability is known as HTTP Response Splitting. While not an attack in itself, response splitting is a vector for several other attacks, such as cross-site scripting (XSS). This is related to CVE-2019-16254, which fixed this vulnerability for the WEBrick Ruby web server. This has been fixed in versions 4.3.2 and 3.12.3 by checking all headers for line endings and rejecting headers with those characters.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.1:rmt-server-2.6.5-lp151.2.18.2.x86_64", "openSUSE Leap 15.1:rmt-server-config-2.6.5-lp151.2.18.2.x86_64", "openSUSE Leap 15.1:rmt-server-pubcloud-2.6.5-lp151.2.18.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-5247", url: "https://www.suse.com/security/cve/CVE-2020-5247", }, { category: "external", summary: "SUSE Bug 1165402 for CVE-2020-5247", url: "https://bugzilla.suse.com/1165402", }, { category: "external", summary: "SUSE Bug 1165524 for CVE-2020-5247", url: "https://bugzilla.suse.com/1165524", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.1:rmt-server-2.6.5-lp151.2.18.2.x86_64", "openSUSE Leap 15.1:rmt-server-config-2.6.5-lp151.2.18.2.x86_64", "openSUSE Leap 15.1:rmt-server-pubcloud-2.6.5-lp151.2.18.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N", version: "3.1", }, products: [ "openSUSE Leap 15.1:rmt-server-2.6.5-lp151.2.18.2.x86_64", "openSUSE Leap 15.1:rmt-server-config-2.6.5-lp151.2.18.2.x86_64", "openSUSE Leap 15.1:rmt-server-pubcloud-2.6.5-lp151.2.18.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2020-11-23T09:30:24Z", details: "moderate", }, ], title: "CVE-2020-5247", }, { cve: "CVE-2020-5249", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-5249", }, ], notes: [ { category: "general", text: "In Puma (RubyGem) before 4.3.3 and 3.12.4, if an application using Puma allows untrusted input in an early-hints header, an attacker can use a carriage return character to end the header and inject malicious content, such as additional headers or an entirely new response body. This vulnerability is known as HTTP Response Splitting. While not an attack in itself, response splitting is a vector for several other attacks, such as cross-site scripting (XSS). This is related to CVE-2020-5247, which fixed this vulnerability but only for regular responses. This has been fixed in 4.3.3 and 3.12.4.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.1:rmt-server-2.6.5-lp151.2.18.2.x86_64", "openSUSE Leap 15.1:rmt-server-config-2.6.5-lp151.2.18.2.x86_64", "openSUSE Leap 15.1:rmt-server-pubcloud-2.6.5-lp151.2.18.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-5249", url: "https://www.suse.com/security/cve/CVE-2020-5249", }, { category: "external", summary: "SUSE Bug 1165524 for CVE-2020-5249", url: "https://bugzilla.suse.com/1165524", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.1:rmt-server-2.6.5-lp151.2.18.2.x86_64", "openSUSE Leap 15.1:rmt-server-config-2.6.5-lp151.2.18.2.x86_64", "openSUSE Leap 15.1:rmt-server-pubcloud-2.6.5-lp151.2.18.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", version: "3.1", }, products: [ "openSUSE Leap 15.1:rmt-server-2.6.5-lp151.2.18.2.x86_64", "openSUSE Leap 15.1:rmt-server-config-2.6.5-lp151.2.18.2.x86_64", "openSUSE Leap 15.1:rmt-server-pubcloud-2.6.5-lp151.2.18.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2020-11-23T09:30:24Z", details: "moderate", }, ], title: "CVE-2020-5249", }, { cve: "CVE-2020-5267", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-5267", }, ], notes: [ { category: "general", text: "In ActionView before versions 6.0.2.2 and 5.2.4.2, there is a possible XSS vulnerability in ActionView's JavaScript literal escape helpers. Views that use the `j` or `escape_javascript` methods may be susceptible to XSS attacks. The issue is fixed in versions 6.0.2.2 and 5.2.4.2.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.1:rmt-server-2.6.5-lp151.2.18.2.x86_64", "openSUSE Leap 15.1:rmt-server-config-2.6.5-lp151.2.18.2.x86_64", "openSUSE Leap 15.1:rmt-server-pubcloud-2.6.5-lp151.2.18.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-5267", url: "https://www.suse.com/security/cve/CVE-2020-5267", }, { category: "external", summary: "SUSE Bug 1167240 for CVE-2020-5267", url: "https://bugzilla.suse.com/1167240", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.1:rmt-server-2.6.5-lp151.2.18.2.x86_64", "openSUSE Leap 15.1:rmt-server-config-2.6.5-lp151.2.18.2.x86_64", "openSUSE Leap 15.1:rmt-server-pubcloud-2.6.5-lp151.2.18.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.8, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, products: [ "openSUSE Leap 15.1:rmt-server-2.6.5-lp151.2.18.2.x86_64", "openSUSE Leap 15.1:rmt-server-config-2.6.5-lp151.2.18.2.x86_64", "openSUSE Leap 15.1:rmt-server-pubcloud-2.6.5-lp151.2.18.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2020-11-23T09:30:24Z", details: "moderate", }, ], title: "CVE-2020-5267", }, { cve: "CVE-2020-8164", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-8164", }, ], notes: [ { category: "general", text: "A deserialization of untrusted data vulnerability exists in rails < 5.2.4.3, rails < 6.0.3.1 which can allow an attacker to supply information can be inadvertently leaked fromStrong Parameters.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.1:rmt-server-2.6.5-lp151.2.18.2.x86_64", "openSUSE Leap 15.1:rmt-server-config-2.6.5-lp151.2.18.2.x86_64", "openSUSE Leap 15.1:rmt-server-pubcloud-2.6.5-lp151.2.18.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-8164", url: "https://www.suse.com/security/cve/CVE-2020-8164", }, { category: "external", summary: "SUSE Bug 1172177 for CVE-2020-8164", url: "https://bugzilla.suse.com/1172177", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.1:rmt-server-2.6.5-lp151.2.18.2.x86_64", "openSUSE Leap 15.1:rmt-server-config-2.6.5-lp151.2.18.2.x86_64", "openSUSE Leap 15.1:rmt-server-pubcloud-2.6.5-lp151.2.18.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "openSUSE Leap 15.1:rmt-server-2.6.5-lp151.2.18.2.x86_64", "openSUSE Leap 15.1:rmt-server-config-2.6.5-lp151.2.18.2.x86_64", "openSUSE Leap 15.1:rmt-server-pubcloud-2.6.5-lp151.2.18.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2020-11-23T09:30:24Z", details: "important", }, ], title: "CVE-2020-8164", }, { cve: "CVE-2020-8165", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-8165", }, ], notes: [ { category: "general", text: "A deserialization of untrusted data vulnernerability exists in rails < 5.2.4.3, rails < 6.0.3.1 that can allow an attacker to unmarshal user-provided objects in MemCacheStore and RedisCacheStore potentially resulting in an RCE.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.1:rmt-server-2.6.5-lp151.2.18.2.x86_64", "openSUSE Leap 15.1:rmt-server-config-2.6.5-lp151.2.18.2.x86_64", "openSUSE Leap 15.1:rmt-server-pubcloud-2.6.5-lp151.2.18.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-8165", url: "https://www.suse.com/security/cve/CVE-2020-8165", }, { category: "external", summary: "SUSE Bug 1172186 for CVE-2020-8165", url: "https://bugzilla.suse.com/1172186", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.1:rmt-server-2.6.5-lp151.2.18.2.x86_64", "openSUSE Leap 15.1:rmt-server-config-2.6.5-lp151.2.18.2.x86_64", "openSUSE Leap 15.1:rmt-server-pubcloud-2.6.5-lp151.2.18.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.1:rmt-server-2.6.5-lp151.2.18.2.x86_64", "openSUSE Leap 15.1:rmt-server-config-2.6.5-lp151.2.18.2.x86_64", "openSUSE Leap 15.1:rmt-server-pubcloud-2.6.5-lp151.2.18.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2020-11-23T09:30:24Z", details: "critical", }, ], title: "CVE-2020-8165", }, { cve: "CVE-2020-8166", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-8166", }, ], notes: [ { category: "general", text: "A CSRF forgery vulnerability exists in rails < 5.2.5, rails < 6.0.4 that makes it possible for an attacker to, given a global CSRF token such as the one present in the authenticity_token meta tag, forge a per-form CSRF token.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.1:rmt-server-2.6.5-lp151.2.18.2.x86_64", "openSUSE Leap 15.1:rmt-server-config-2.6.5-lp151.2.18.2.x86_64", "openSUSE Leap 15.1:rmt-server-pubcloud-2.6.5-lp151.2.18.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-8166", url: "https://www.suse.com/security/cve/CVE-2020-8166", }, { category: "external", summary: "SUSE Bug 1172182 for CVE-2020-8166", url: "https://bugzilla.suse.com/1172182", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.1:rmt-server-2.6.5-lp151.2.18.2.x86_64", "openSUSE Leap 15.1:rmt-server-config-2.6.5-lp151.2.18.2.x86_64", "openSUSE Leap 15.1:rmt-server-pubcloud-2.6.5-lp151.2.18.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 3.7, baseSeverity: "LOW", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", version: "3.1", }, products: [ "openSUSE Leap 15.1:rmt-server-2.6.5-lp151.2.18.2.x86_64", "openSUSE Leap 15.1:rmt-server-config-2.6.5-lp151.2.18.2.x86_64", "openSUSE Leap 15.1:rmt-server-pubcloud-2.6.5-lp151.2.18.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2020-11-23T09:30:24Z", details: "low", }, ], title: "CVE-2020-8166", }, { cve: "CVE-2020-8167", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-8167", }, ], notes: [ { category: "general", text: "A CSRF vulnerability exists in rails <= 6.0.3 rails-ujs module that could allow attackers to send CSRF tokens to wrong domains.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.1:rmt-server-2.6.5-lp151.2.18.2.x86_64", "openSUSE Leap 15.1:rmt-server-config-2.6.5-lp151.2.18.2.x86_64", "openSUSE Leap 15.1:rmt-server-pubcloud-2.6.5-lp151.2.18.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-8167", url: "https://www.suse.com/security/cve/CVE-2020-8167", }, { category: "external", summary: "SUSE Bug 1172184 for CVE-2020-8167", url: "https://bugzilla.suse.com/1172184", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.1:rmt-server-2.6.5-lp151.2.18.2.x86_64", "openSUSE Leap 15.1:rmt-server-config-2.6.5-lp151.2.18.2.x86_64", "openSUSE Leap 15.1:rmt-server-pubcloud-2.6.5-lp151.2.18.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N", version: "3.1", }, products: [ "openSUSE Leap 15.1:rmt-server-2.6.5-lp151.2.18.2.x86_64", "openSUSE Leap 15.1:rmt-server-config-2.6.5-lp151.2.18.2.x86_64", "openSUSE Leap 15.1:rmt-server-pubcloud-2.6.5-lp151.2.18.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2020-11-23T09:30:24Z", details: "moderate", }, ], title: "CVE-2020-8167", }, { cve: "CVE-2020-8184", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-8184", }, ], notes: [ { category: "general", text: "A reliance on cookies without validation/integrity check security vulnerability exists in rack < 2.2.3, rack < 2.1.4 that makes it is possible for an attacker to forge a secure or host-only cookie prefix.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.1:rmt-server-2.6.5-lp151.2.18.2.x86_64", "openSUSE Leap 15.1:rmt-server-config-2.6.5-lp151.2.18.2.x86_64", "openSUSE Leap 15.1:rmt-server-pubcloud-2.6.5-lp151.2.18.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-8184", url: "https://www.suse.com/security/cve/CVE-2020-8184", }, { category: "external", summary: "SUSE Bug 1173351 for CVE-2020-8184", url: "https://bugzilla.suse.com/1173351", }, { category: "external", summary: "SUSE Bug 1177352 for CVE-2020-8184", url: "https://bugzilla.suse.com/1177352", }, { category: "external", summary: "SUSE Bug 1193081 for CVE-2020-8184", url: "https://bugzilla.suse.com/1193081", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.1:rmt-server-2.6.5-lp151.2.18.2.x86_64", "openSUSE Leap 15.1:rmt-server-config-2.6.5-lp151.2.18.2.x86_64", "openSUSE Leap 15.1:rmt-server-pubcloud-2.6.5-lp151.2.18.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.8, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, products: [ "openSUSE Leap 15.1:rmt-server-2.6.5-lp151.2.18.2.x86_64", "openSUSE Leap 15.1:rmt-server-config-2.6.5-lp151.2.18.2.x86_64", "openSUSE Leap 15.1:rmt-server-pubcloud-2.6.5-lp151.2.18.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2020-11-23T09:30:24Z", details: "moderate", }, ], title: "CVE-2020-8184", }, { cve: "CVE-2020-8185", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-8185", }, ], notes: [ { category: "general", text: "A denial of service vulnerability exists in Rails <6.0.3.2 that allowed an untrusted user to run any pending migrations on a Rails app running in production.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.1:rmt-server-2.6.5-lp151.2.18.2.x86_64", "openSUSE Leap 15.1:rmt-server-config-2.6.5-lp151.2.18.2.x86_64", "openSUSE Leap 15.1:rmt-server-pubcloud-2.6.5-lp151.2.18.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-8185", url: "https://www.suse.com/security/cve/CVE-2020-8185", }, { category: "external", summary: "SUSE Bug 1173564 for CVE-2020-8185", url: "https://bugzilla.suse.com/1173564", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.1:rmt-server-2.6.5-lp151.2.18.2.x86_64", "openSUSE Leap 15.1:rmt-server-config-2.6.5-lp151.2.18.2.x86_64", "openSUSE Leap 15.1:rmt-server-pubcloud-2.6.5-lp151.2.18.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.1:rmt-server-2.6.5-lp151.2.18.2.x86_64", "openSUSE Leap 15.1:rmt-server-config-2.6.5-lp151.2.18.2.x86_64", "openSUSE Leap 15.1:rmt-server-pubcloud-2.6.5-lp151.2.18.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2020-11-23T09:30:24Z", details: "moderate", }, ], title: "CVE-2020-8185", }, ], }
opensuse-su-2020:0990-1
Vulnerability from csaf_opensuse
Published
2020-07-18 12:27
Modified
2020-07-18 12:27
Summary
Security update for rubygem-puma
Notes
Title of the patch
Security update for rubygem-puma
Description of the patch
This update for rubygem-puma to version 4.3.5 fixes the following issues:
- CVE-2020-11077: Fixed a HTTP smuggling issue related to proxy usage (bsc#1172175).
- CVE-2020-11076: Fixed a HTTP smuggling issue when using an invalid transfer-encoding header (bsc#1172176).
- Disabled TLSv1.0 and TLSv1.1 (jsc#SLE-6965).
This update was imported from the SUSE:SLE-15:Update update project.
Patchnames
openSUSE-2020-990
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "moderate", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Security update for rubygem-puma", title: "Title of the patch", }, { category: "description", text: "This update for rubygem-puma to version 4.3.5 fixes the following issues:\n\n- CVE-2020-11077: Fixed a HTTP smuggling issue related to proxy usage (bsc#1172175).\n- CVE-2020-11076: Fixed a HTTP smuggling issue when using an invalid transfer-encoding header (bsc#1172176).\n- Disabled TLSv1.0 and TLSv1.1 (jsc#SLE-6965).\n\nThis update was imported from the SUSE:SLE-15:Update update project.", title: "Description of the patch", }, { category: "details", text: "openSUSE-2020-990", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2020_0990-1.json", }, { category: "self", summary: "URL for openSUSE-SU-2020:0990-1", url: "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/IBJZ572BJJPWGER47K3F72AXTFOQXAPJ/", }, { category: "self", summary: "E-Mail link for openSUSE-SU-2020:0990-1", url: "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/IBJZ572BJJPWGER47K3F72AXTFOQXAPJ/", }, { category: "self", summary: "SUSE Bug 1172175", url: "https://bugzilla.suse.com/1172175", }, { category: "self", summary: "SUSE Bug 1172176", url: "https://bugzilla.suse.com/1172176", }, { category: "self", summary: "SUSE CVE CVE-2020-11076 page", url: "https://www.suse.com/security/cve/CVE-2020-11076/", }, { category: "self", summary: "SUSE CVE CVE-2020-11077 page", url: "https://www.suse.com/security/cve/CVE-2020-11077/", }, ], title: "Security update for rubygem-puma", tracking: { current_release_date: "2020-07-18T12:27:28Z", generator: { date: "2020-07-18T12:27:28Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "openSUSE-SU-2020:0990-1", initial_release_date: "2020-07-18T12:27:28Z", revision_history: [ { date: "2020-07-18T12:27:28Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "ruby2.5-rubygem-puma-4.3.5-lp151.3.3.1.x86_64", product: { name: "ruby2.5-rubygem-puma-4.3.5-lp151.3.3.1.x86_64", product_id: "ruby2.5-rubygem-puma-4.3.5-lp151.3.3.1.x86_64", }, }, { category: "product_version", name: "ruby2.5-rubygem-puma-doc-4.3.5-lp151.3.3.1.x86_64", product: { name: "ruby2.5-rubygem-puma-doc-4.3.5-lp151.3.3.1.x86_64", product_id: "ruby2.5-rubygem-puma-doc-4.3.5-lp151.3.3.1.x86_64", }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_name", name: "openSUSE Leap 15.1", product: { name: "openSUSE Leap 15.1", product_id: "openSUSE Leap 15.1", product_identification_helper: { cpe: "cpe:/o:opensuse:leap:15.1", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "ruby2.5-rubygem-puma-4.3.5-lp151.3.3.1.x86_64 as component of openSUSE Leap 15.1", product_id: "openSUSE Leap 15.1:ruby2.5-rubygem-puma-4.3.5-lp151.3.3.1.x86_64", }, product_reference: "ruby2.5-rubygem-puma-4.3.5-lp151.3.3.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.1", }, { category: "default_component_of", full_product_name: { name: "ruby2.5-rubygem-puma-doc-4.3.5-lp151.3.3.1.x86_64 as component of openSUSE Leap 15.1", product_id: "openSUSE Leap 15.1:ruby2.5-rubygem-puma-doc-4.3.5-lp151.3.3.1.x86_64", }, product_reference: "ruby2.5-rubygem-puma-doc-4.3.5-lp151.3.3.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.1", }, ], }, vulnerabilities: [ { cve: "CVE-2020-11076", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-11076", }, ], notes: [ { category: "general", text: "In Puma (RubyGem) before 4.3.4 and 3.12.5, an attacker could smuggle an HTTP response, by using an invalid transfer-encoding header. The problem has been fixed in Puma 3.12.5 and Puma 4.3.4.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.1:ruby2.5-rubygem-puma-4.3.5-lp151.3.3.1.x86_64", "openSUSE Leap 15.1:ruby2.5-rubygem-puma-doc-4.3.5-lp151.3.3.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-11076", url: "https://www.suse.com/security/cve/CVE-2020-11076", }, { category: "external", summary: "SUSE Bug 1172175 for CVE-2020-11076", url: "https://bugzilla.suse.com/1172175", }, { category: "external", summary: "SUSE Bug 1172176 for CVE-2020-11076", url: "https://bugzilla.suse.com/1172176", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.1:ruby2.5-rubygem-puma-4.3.5-lp151.3.3.1.x86_64", "openSUSE Leap 15.1:ruby2.5-rubygem-puma-doc-4.3.5-lp151.3.3.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.8, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N", version: "3.1", }, products: [ "openSUSE Leap 15.1:ruby2.5-rubygem-puma-4.3.5-lp151.3.3.1.x86_64", "openSUSE Leap 15.1:ruby2.5-rubygem-puma-doc-4.3.5-lp151.3.3.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2020-07-18T12:27:28Z", details: "moderate", }, ], title: "CVE-2020-11076", }, { cve: "CVE-2020-11077", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-11077", }, ], notes: [ { category: "general", text: "In Puma (RubyGem) before 4.3.5 and 3.12.6, a client could smuggle a request through a proxy, causing the proxy to send a response back to another unknown client. If the proxy uses persistent connections and the client adds another request in via HTTP pipelining, the proxy may mistake it as the first request's body. Puma, however, would see it as two requests, and when processing the second request, send back a response that the proxy does not expect. If the proxy has reused the persistent connection to Puma to send another request for a different client, the second response from the first client will be sent to the second client. This is a similar but different vulnerability from CVE-2020-11076. The problem has been fixed in Puma 3.12.6 and Puma 4.3.5.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.1:ruby2.5-rubygem-puma-4.3.5-lp151.3.3.1.x86_64", "openSUSE Leap 15.1:ruby2.5-rubygem-puma-doc-4.3.5-lp151.3.3.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-11077", url: "https://www.suse.com/security/cve/CVE-2020-11077", }, { category: "external", summary: "SUSE Bug 1172175 for CVE-2020-11077", url: "https://bugzilla.suse.com/1172175", }, { category: "external", summary: "SUSE Bug 1172176 for CVE-2020-11077", url: "https://bugzilla.suse.com/1172176", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.1:ruby2.5-rubygem-puma-4.3.5-lp151.3.3.1.x86_64", "openSUSE Leap 15.1:ruby2.5-rubygem-puma-doc-4.3.5-lp151.3.3.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.8, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N", version: "3.1", }, products: [ "openSUSE Leap 15.1:ruby2.5-rubygem-puma-4.3.5-lp151.3.3.1.x86_64", "openSUSE Leap 15.1:ruby2.5-rubygem-puma-doc-4.3.5-lp151.3.3.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2020-07-18T12:27:28Z", details: "moderate", }, ], title: "CVE-2020-11077", }, ], }
fkie_cve-2020-11077
Vulnerability from fkie_nvd
Published
2020-05-22 15:15
Modified
2024-11-21 04:56
Severity ?
6.8 (Medium) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Summary
In Puma (RubyGem) before 4.3.5 and 3.12.6, a client could smuggle a request through a proxy, causing the proxy to send a response back to another unknown client. If the proxy uses persistent connections and the client adds another request in via HTTP pipelining, the proxy may mistake it as the first request's body. Puma, however, would see it as two requests, and when processing the second request, send back a response that the proxy does not expect. If the proxy has reused the persistent connection to Puma to send another request for a different client, the second response from the first client will be sent to the second client. This is a similar but different vulnerability from CVE-2020-11076. The problem has been fixed in Puma 3.12.6 and Puma 4.3.5.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:puma:puma:*:*:*:*:*:ruby:*:*", matchCriteriaId: "94D6645C-59B2-466F-A147-B23EF284DEBA", versionEndExcluding: "3.12.6", versionStartIncluding: "3.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:puma:puma:*:*:*:*:*:ruby:*:*", matchCriteriaId: "916E4164-0951-4145-85D6-684EF781F13A", versionEndExcluding: "4.3.5", versionStartIncluding: "4.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*", matchCriteriaId: "E460AA51-FCDA-46B9-AE97-E6676AA5E194", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", matchCriteriaId: "DEECE5FC-CACF-4496-A3E7-164736409252", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", matchCriteriaId: "B620311B-34A3-48A6-82DF-6F078D7A4493", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:15.2:*:*:*:*:*:*:*", matchCriteriaId: "B009C22E-30A4-4288-BCF6-C3E81DEAF45A", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "In Puma (RubyGem) before 4.3.5 and 3.12.6, a client could smuggle a request through a proxy, causing the proxy to send a response back to another unknown client. If the proxy uses persistent connections and the client adds another request in via HTTP pipelining, the proxy may mistake it as the first request's body. Puma, however, would see it as two requests, and when processing the second request, send back a response that the proxy does not expect. If the proxy has reused the persistent connection to Puma to send another request for a different client, the second response from the first client will be sent to the second client. This is a similar but different vulnerability from CVE-2020-11076. The problem has been fixed in Puma 3.12.6 and Puma 4.3.5.", }, { lang: "es", value: "En Puma (RubyGem) versiones anteriores a 4.3.5 y 3.12.6, un cliente podría hacer pasar sin autorización una petición por medio de un proxy, causando que el proxy envíe una respuesta a otro cliente desconocido. Si el proxy usa conexiones persistentes y el cliente agrega otra petición por medio de la canalización HTTP, el proxy puede confundirlo como el cuerpo de la primera petición. Sin embargo, Puma lo vería como dos peticiones y, al procesar la segunda petición, devolvería una respuesta que el proxy no espera. Si el proxy ha reutilizado la conexión persistente a Puma para enviar otra petición para un cliente diferente, la segunda respuesta desde el primer cliente será enviada al segundo cliente. Esta es una vulnerabilidad similar pero diferente de CVE-2020-11076. El problema se ha corregido en Puma versión 3.12.6 y Puma versión 4.3.5.", }, ], id: "CVE-2020-11077", lastModified: "2024-11-21T04:56:44.220", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 5, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:N/I:P/A:N", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.8, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N", version: "3.1", }, exploitabilityScore: 2.2, impactScore: 4, source: "security-advisories@github.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-05-22T15:15:11.507", references: [ { source: "security-advisories@github.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00034.html", }, { source: "security-advisories@github.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00038.html", }, { source: "security-advisories@github.com", tags: [ "Release Notes", ], url: "https://github.com/puma/puma/blob/master/History.md#434435-and-31253126--2020-05-22", }, { source: "security-advisories@github.com", tags: [ "Vendor Advisory", ], url: "https://github.com/puma/puma/security/advisories/GHSA-w64w-qqph-5gxm", }, { source: "security-advisories@github.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2020/10/msg00009.html", }, { source: "security-advisories@github.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SKIY5H67GJIGJL6SMFWFLUQQQR3EMVPR/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00034.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00038.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", ], url: "https://github.com/puma/puma/blob/master/History.md#434435-and-31253126--2020-05-22", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://github.com/puma/puma/security/advisories/GHSA-w64w-qqph-5gxm", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2020/10/msg00009.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SKIY5H67GJIGJL6SMFWFLUQQQR3EMVPR/", }, ], sourceIdentifier: "security-advisories@github.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-444", }, ], source: "security-advisories@github.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-444", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
ghsa-w64w-qqph-5gxm
Vulnerability from github
Published
2020-05-22 14:55
Modified
2023-05-16 15:55
Severity ?
Summary
HTTP Smuggling via Transfer-Encoding Header in Puma
Details
Impact
This is a similar but different vulnerability to the one patched in 3.12.5 and 4.3.4.
A client could smuggle a request through a proxy, causing the proxy to send a response back to another unknown client.
If the proxy uses persistent connections and the client adds another request in via HTTP pipelining, the proxy may mistake it as the first request's body. Puma, however, would see it as two requests, and when processing the second request, send back a response that the proxy does not expect. If the proxy has reused the persistent connection to Puma to send another request for a different client, the second response from the first client will be sent to the second client.
Patches
The problem has been fixed in Puma 3.12.6 and Puma 4.3.5.
For more information
If you have any questions or comments about this advisory:
- Open an issue in Puma
- See our security policy
{ affected: [ { package: { ecosystem: "RubyGems", name: "puma", }, ranges: [ { events: [ { introduced: "0", }, { fixed: "3.12.6", }, ], type: "ECOSYSTEM", }, ], }, { package: { ecosystem: "RubyGems", name: "puma", }, ranges: [ { events: [ { introduced: "4.0.0", }, { fixed: "4.3.5", }, ], type: "ECOSYSTEM", }, ], }, ], aliases: [ "CVE-2020-11077", ], database_specific: { cwe_ids: [ "CWE-444", ], github_reviewed: true, github_reviewed_at: "2020-05-22T14:46:33Z", nvd_published_at: "2020-05-22T15:15:00Z", severity: "MODERATE", }, details: "### Impact\nThis is a similar but different vulnerability to the one patched in 3.12.5 and 4.3.4.\n\nA client could smuggle a request through a proxy, causing the proxy to send a response back to another unknown client. \n\nIf the proxy uses persistent connections and the client adds another request in via HTTP pipelining, the proxy may mistake it as the first request's body. Puma, however, would see it as two requests, and when processing the second request, send back a response that the proxy does not expect. If the proxy has reused the persistent connection to Puma to send another request for a different client, the second response from the first client will be sent to the second client.\n\n### Patches\n\nThe problem has been fixed in Puma 3.12.6 and Puma 4.3.5.\n\n### For more information\n\nIf you have any questions or comments about this advisory:\n\n* Open an issue in [Puma](https://github.com/puma/puma)\n* See our [security policy](https://github.com/puma/puma/security/policy)", id: "GHSA-w64w-qqph-5gxm", modified: "2023-05-16T15:55:12Z", published: "2020-05-22T14:55:09Z", references: [ { type: "WEB", url: "https://github.com/puma/puma/security/advisories/GHSA-w64w-qqph-5gxm", }, { type: "ADVISORY", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-11077", }, { type: "PACKAGE", url: "https://github.com/puma/puma", }, { type: "WEB", url: "https://github.com/puma/puma/blob/master/History.md#434435-and-31253126--2020-05-22", }, { type: "WEB", url: "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/puma/CVE-2020-11077.yml", }, { type: "WEB", url: "https://lists.debian.org/debian-lts-announce/2020/10/msg00009.html", }, { type: "WEB", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SKIY5H67GJIGJL6SMFWFLUQQQR3EMVPR", }, { type: "WEB", url: "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00034.html", }, { type: "WEB", url: "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00038.html", }, ], schema_version: "1.4.0", severity: [ { score: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N", type: "CVSS_V3", }, ], summary: "HTTP Smuggling via Transfer-Encoding Header in Puma", }
gsd-2020-11077
Vulnerability from gsd
Modified
2020-05-22 00:00
Details
### Impact
This is a similar but different vulnerability to the one patched in 3.12.5 and 4.3.4.
A client could smuggle a request through a proxy, causing the proxy to send a response
back to another unknown client.
If the proxy uses persistent connections and the client adds another request in via HTTP
pipelining, the proxy may mistake it as the first request's body. Puma, however,
would see it as two requests, and when processing the second request, send back
a response that the proxy does not expect. If the proxy has reused the persistent
connection to Puma to send another request for a different client, the second response
from the first client will be sent to the second client.
### Patches
The problem has been fixed in Puma 3.12.6 and Puma 4.3.5.
Aliases
Aliases
{ GSD: { alias: "CVE-2020-11077", description: "In Puma (RubyGem) before 4.3.5 and 3.12.6, a client could smuggle a request through a proxy, causing the proxy to send a response back to another unknown client. If the proxy uses persistent connections and the client adds another request in via HTTP pipelining, the proxy may mistake it as the first request's body. Puma, however, would see it as two requests, and when processing the second request, send back a response that the proxy does not expect. If the proxy has reused the persistent connection to Puma to send another request for a different client, the second response from the first client will be sent to the second client. This is a similar but different vulnerability from CVE-2020-11076. The problem has been fixed in Puma 3.12.6 and Puma 4.3.5.", id: "GSD-2020-11077", references: [ "https://www.suse.com/security/cve/CVE-2020-11077.html", ], }, gsd: { metadata: { exploitCode: "unknown", remediation: "unknown", reportConfidence: "confirmed", type: "vulnerability", }, osvSchema: { affected: [ { package: { ecosystem: "RubyGems", name: "puma", purl: "pkg:gem/puma", }, }, ], aliases: [ "CVE-2020-11077", "GHSA-w64w-qqph-5gxm", ], details: "### Impact\n\nThis is a similar but different vulnerability to the one patched in 3.12.5 and 4.3.4.\n\nA client could smuggle a request through a proxy, causing the proxy to send a response\nback to another unknown client.\n\nIf the proxy uses persistent connections and the client adds another request in via HTTP\npipelining, the proxy may mistake it as the first request's body. Puma, however,\nwould see it as two requests, and when processing the second request, send back\na response that the proxy does not expect. If the proxy has reused the persistent\nconnection to Puma to send another request for a different client, the second response\nfrom the first client will be sent to the second client.\n\n### Patches\n\nThe problem has been fixed in Puma 3.12.6 and Puma 4.3.5.", id: "GSD-2020-11077", modified: "2020-05-22T00:00:00.000Z", published: "2020-05-22T00:00:00.000Z", references: [ { type: "WEB", url: "https://github.com/puma/puma/security/advisories/GHSA-w64w-qqph-5gxm", }, ], schema_version: "1.4.0", severity: [ { score: 6.8, type: "CVSS_V3", }, ], summary: "HTTP Smuggling via Transfer-Encoding Header in Puma", }, }, namespaces: { "cve.org": { CVE_data_meta: { ASSIGNER: "security-advisories@github.com", ID: "CVE-2020-11077", STATE: "PUBLIC", TITLE: "HTTP Smuggling via Transfer-Encoding Header in Puma", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "puma", version: { version_data: [ { version_value: "< 3.12.6", }, { version_value: ">= 4.0.0, < 4.3.5", }, ], }, }, ], }, vendor_name: "puma", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "In Puma (RubyGem) before 4.3.5 and 3.12.6, a client could smuggle a request through a proxy, causing the proxy to send a response back to another unknown client. If the proxy uses persistent connections and the client adds another request in via HTTP pipelining, the proxy may mistake it as the first request's body. Puma, however, would see it as two requests, and when processing the second request, send back a response that the proxy does not expect. If the proxy has reused the persistent connection to Puma to send another request for a different client, the second response from the first client will be sent to the second client. This is a similar but different vulnerability from CVE-2020-11076. The problem has been fixed in Puma 3.12.6 and Puma 4.3.5.", }, ], }, impact: { cvss: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.8, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-444: Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling')", }, ], }, ], }, references: { reference_data: [ { name: "https://github.com/puma/puma/blob/master/History.md#434435-and-31253126--2020-05-22", refsource: "MISC", url: "https://github.com/puma/puma/blob/master/History.md#434435-and-31253126--2020-05-22", }, { name: "https://github.com/puma/puma/security/advisories/GHSA-w64w-qqph-5gxm", refsource: "CONFIRM", url: "https://github.com/puma/puma/security/advisories/GHSA-w64w-qqph-5gxm", }, { name: "openSUSE-SU-2020:0990", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00034.html", }, { name: "openSUSE-SU-2020:1001", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00038.html", }, { name: "FEDORA-2020-fe354f24e8", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SKIY5H67GJIGJL6SMFWFLUQQQR3EMVPR/", }, { name: "[debian-lts-announce] 20201007 [SECURITY] [DLA 2398-1] puma security update", refsource: "MLIST", url: "https://lists.debian.org/debian-lts-announce/2020/10/msg00009.html", }, ], }, source: { advisory: "GHSA-w64w-qqph-5gxm", discovery: "UNKNOWN", }, }, "github.com/rubysec/ruby-advisory-db": { cve: "2020-11077", cvss_v3: 6.8, date: "2020-05-22", description: "### Impact\n\nThis is a similar but different vulnerability to the one patched in 3.12.5 and 4.3.4.\n\nA client could smuggle a request through a proxy, causing the proxy to send a response\nback to another unknown client.\n\nIf the proxy uses persistent connections and the client adds another request in via HTTP\npipelining, the proxy may mistake it as the first request's body. Puma, however,\nwould see it as two requests, and when processing the second request, send back\na response that the proxy does not expect. If the proxy has reused the persistent\nconnection to Puma to send another request for a different client, the second response\nfrom the first client will be sent to the second client.\n\n### Patches\n\nThe problem has been fixed in Puma 3.12.6 and Puma 4.3.5.", gem: "puma", ghsa: "w64w-qqph-5gxm", patched_versions: [ "~> 3.12.6", ">= 4.3.5", ], title: "HTTP Smuggling via Transfer-Encoding Header in Puma", url: "https://github.com/puma/puma/security/advisories/GHSA-w64w-qqph-5gxm", }, "gitlab.com": { advisories: [ { affected_range: ">=3.0.0 <3.12.6||>=4.0.0 <4.3.5", affected_versions: "All versions starting from 3.0.0 before 3.12.6, all versions starting from 4.0.0 before 4.3.5", cvss_v2: "AV:N/AC:L/Au:N/C:N/I:P/A:N", cvss_v3: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", cwe_ids: [ "CWE-1035", "CWE-444", "CWE-937", ], date: "2020-10-07", description: "In GitLab Puma (RubyGem), a client could smuggle a request through a proxy, causing the proxy to send a response back to another unknown client. If the proxy uses persistent connections and the client adds another request in via HTTP pipelining, the proxy may mistake it as the first request's body. Puma, however, would see it as two requests, and when processing the second request, send back a response that the proxy does not expect. If the proxy has reused the persistent connection to Puma to send another request for a different client, the second response from the first client will be sent to the second client.", fixed_versions: [ "4.3.5.gitlab.3", ], identifier: "CVE-2020-11077", identifiers: [ "CVE-2020-11077", "GHSA-w64w-qqph-5gxm", ], not_impacted: "All versions before 3.0.0, all versions starting from 3.12.6 before 4.0.0, all versions starting from 4.3.5", package_slug: "gem/gitlab-puma", pubdate: "2020-05-22", solution: "Upgrade to version 4.3.5.gitlab.3 or above.", title: "Inconsistent Interpretation of HTTP Requests (HTTP Request Smuggling)", urls: [ "https://nvd.nist.gov/vuln/detail/CVE-2020-11077", ], uuid: "d98a909b-7ccd-4086-b7ab-54829322f8ee", }, { affected_range: ">=3.0.0 <3.12.6||>=4.0.0 <4.3.5", affected_versions: "All versions starting from 3.0.0 before 3.12.6, all versions starting from 4.0.0 before 4.3.5", cvss_v2: "AV:N/AC:L/Au:N/C:N/I:P/A:N", cvss_v3: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", cwe_ids: [ "CWE-1035", "CWE-444", "CWE-937", ], date: "2020-10-07", description: " In Puma (RubyGem), a client could smuggle a request through a proxy, causing the proxy to send a response back to another unknown client. If the proxy uses persistent connections and the client adds another request in via HTTP pipelining, the proxy may mistake it as the first request's body. Puma, however, would see it as two requests, and when processing the second request, send back a response that the proxy does not expect. If the proxy has reused the persistent connection to Puma to send another request for a different client, the second response from the first client will be sent to the second client.", fixed_versions: [ "3.12.6", "4.3.5", ], identifier: "CVE-2020-11077", identifiers: [ "CVE-2020-11077", "GHSA-w64w-qqph-5gxm", ], not_impacted: "All versions before 3.0.0, all versions starting from 3.12.6 before 4.0.0, all versions starting from 4.3.5", package_slug: "gem/puma", pubdate: "2020-05-22", solution: "Upgrade to versions 3.12.6, 4.3.5 or above.", title: "Inconsistent Interpretation of HTTP Requests (HTTP Request Smuggling)", urls: [ "https://nvd.nist.gov/vuln/detail/CVE-2020-11077", ], uuid: "1cd16c54-101c-455b-9267-b5e2904acc67", }, ], }, "nvd.nist.gov": { configurations: { CVE_data_version: "4.0", nodes: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:a:puma:puma:*:*:*:*:*:ruby:*:*", cpe_name: [], versionEndExcluding: "4.3.5", versionStartIncluding: "4.0.0", vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:puma:puma:*:*:*:*:*:ruby:*:*", cpe_name: [], versionEndExcluding: "3.12.6", versionStartIncluding: "3.0.0", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:opensuse:leap:15.2:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, ], }, cve: { CVE_data_meta: { ASSIGNER: "security-advisories@github.com", ID: "CVE-2020-11077", }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "en", value: "In Puma (RubyGem) before 4.3.5 and 3.12.6, a client could smuggle a request through a proxy, causing the proxy to send a response back to another unknown client. If the proxy uses persistent connections and the client adds another request in via HTTP pipelining, the proxy may mistake it as the first request's body. Puma, however, would see it as two requests, and when processing the second request, send back a response that the proxy does not expect. If the proxy has reused the persistent connection to Puma to send another request for a different client, the second response from the first client will be sent to the second client. This is a similar but different vulnerability from CVE-2020-11076. The problem has been fixed in Puma 3.12.6 and Puma 4.3.5.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "en", value: "CWE-444", }, ], }, ], }, references: { reference_data: [ { name: "https://github.com/puma/puma/blob/master/History.md#434435-and-31253126--2020-05-22", refsource: "MISC", tags: [ "Release Notes", ], url: "https://github.com/puma/puma/blob/master/History.md#434435-and-31253126--2020-05-22", }, { name: "https://github.com/puma/puma/security/advisories/GHSA-w64w-qqph-5gxm", refsource: "CONFIRM", tags: [ "Vendor Advisory", ], url: "https://github.com/puma/puma/security/advisories/GHSA-w64w-qqph-5gxm", }, { name: "openSUSE-SU-2020:0990", refsource: "SUSE", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00034.html", }, { name: "openSUSE-SU-2020:1001", refsource: "SUSE", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00038.html", }, { name: "FEDORA-2020-fe354f24e8", refsource: "FEDORA", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SKIY5H67GJIGJL6SMFWFLUQQQR3EMVPR/", }, { name: "[debian-lts-announce] 20201007 [SECURITY] [DLA 2398-1] puma security update", refsource: "MLIST", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2020/10/msg00009.html", }, ], }, }, impact: { baseMetricV2: { acInsufInfo: false, cvssV2: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 5, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:N/I:P/A:N", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, severity: "MEDIUM", userInteractionRequired: false, }, baseMetricV3: { cvssV3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, }, }, lastModifiedDate: "2023-03-03T14:41Z", publishedDate: "2020-05-22T15:15Z", }, }, }
Log in or create an account to share your comment.
Security Advisory comment format.
This schema specifies the format of a comment related to a security advisory.
UUIDv4 of the comment
UUIDv4 of the Vulnerability-Lookup instance
When the comment was created originally
When the comment was last updated
Title of the comment
Description of the comment
The identifier of the vulnerability (CVE ID, GHSA-ID, PYSEC ID, etc.).
Loading…
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.