Action not permitted
Modal body text goes here.
Modal Title
Modal Body
cve-2020-24303
Vulnerability from cvelistv5
Published
2020-10-28 13:25
Modified
2024-08-04 15:12
Severity ?
EPSS score ?
Summary
Grafana before 7.1.0-beta 1 allows XSS via a query alias for the ElasticSearch datasource.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://github.com/grafana/grafana/blob/master/CHANGELOG.md#710-beta-1-2020-07-01 | Release Notes, Third Party Advisory | |
| cve@mitre.org | https://github.com/grafana/grafana/pull/25401 | Patch, Third Party Advisory | |
| cve@mitre.org | https://security.netapp.com/advisory/ntap-20201123-0002/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/grafana/grafana/blob/master/CHANGELOG.md#710-beta-1-2020-07-01 | Release Notes, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/grafana/grafana/pull/25401 | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.netapp.com/advisory/ntap-20201123-0002/ | Third Party Advisory |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T15:12:08.961Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/grafana/grafana/blob/master/CHANGELOG.md#710-beta-1-2020-07-01", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/grafana/grafana/pull/25401", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20201123-0002/", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Grafana before 7.1.0-beta 1 allows XSS via a query alias for the ElasticSearch datasource.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2020-11-23T11:06:15", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://github.com/grafana/grafana/blob/master/CHANGELOG.md#710-beta-1-2020-07-01", }, { tags: [ "x_refsource_MISC", ], url: "https://github.com/grafana/grafana/pull/25401", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://security.netapp.com/advisory/ntap-20201123-0002/", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2020-24303", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Grafana before 7.1.0-beta 1 allows XSS via a query alias for the ElasticSearch datasource.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://github.com/grafana/grafana/blob/master/CHANGELOG.md#710-beta-1-2020-07-01", refsource: "MISC", url: "https://github.com/grafana/grafana/blob/master/CHANGELOG.md#710-beta-1-2020-07-01", }, { name: "https://github.com/grafana/grafana/pull/25401", refsource: "MISC", url: "https://github.com/grafana/grafana/pull/25401", }, { name: "https://security.netapp.com/advisory/ntap-20201123-0002/", refsource: "CONFIRM", url: "https://security.netapp.com/advisory/ntap-20201123-0002/", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2020-24303", datePublished: "2020-10-28T13:25:22", dateReserved: "2020-08-13T00:00:00", dateUpdated: "2024-08-04T15:12:08.961Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", "vulnerability-lookup:meta": { fkie_nvd: { configurations: "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:grafana:grafana:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"7.0.5\", \"matchCriteriaId\": \"EB6DBF52-7C99-4B79-B3E6-17F724A47483\"}]}]}]", descriptions: "[{\"lang\": \"en\", \"value\": \"Grafana before 7.1.0-beta 1 allows XSS via a query alias for the ElasticSearch datasource.\"}, {\"lang\": \"es\", \"value\": \"Grafana versiones anteriores a 7.1.0-beta 1, permite un ataque de tipo XSS por medio de un alias de consulta de la fuente de datos de ElasticSearch\"}]", id: "CVE-2020-24303", lastModified: "2024-11-21T05:14:34.773", metrics: "{\"cvssMetricV31\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N\", \"baseScore\": 6.1, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"REQUIRED\", \"scope\": \"CHANGED\", \"confidentialityImpact\": \"LOW\", \"integrityImpact\": \"LOW\", \"availabilityImpact\": \"NONE\"}, \"exploitabilityScore\": 2.8, \"impactScore\": 2.7}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:M/Au:N/C:N/I:P/A:N\", \"baseScore\": 4.3, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"MEDIUM\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"NONE\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 8.6, \"impactScore\": 2.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": true}]}", published: "2020-10-28T14:15:12.330", references: "[{\"url\": \"https://github.com/grafana/grafana/blob/master/CHANGELOG.md#710-beta-1-2020-07-01\", \"source\": \"cve@mitre.org\", \"tags\": [\"Release Notes\", \"Third Party Advisory\"]}, {\"url\": \"https://github.com/grafana/grafana/pull/25401\", \"source\": \"cve@mitre.org\", \"tags\": [\"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://security.netapp.com/advisory/ntap-20201123-0002/\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://github.com/grafana/grafana/blob/master/CHANGELOG.md#710-beta-1-2020-07-01\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Release Notes\", \"Third Party Advisory\"]}, {\"url\": \"https://github.com/grafana/grafana/pull/25401\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://security.netapp.com/advisory/ntap-20201123-0002/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}]", sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-79\"}]}]", }, nvd: "{\"cve\":{\"id\":\"CVE-2020-24303\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2020-10-28T14:15:12.330\",\"lastModified\":\"2024-11-21T05:14:34.773\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Grafana before 7.1.0-beta 1 allows XSS via a query alias for the ElasticSearch datasource.\"},{\"lang\":\"es\",\"value\":\"Grafana versiones anteriores a 7.1.0-beta 1, permite un ataque de tipo XSS por medio de un alias de consulta de la fuente de datos de ElasticSearch\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N\",\"baseScore\":6.1,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.8,\"impactScore\":2.7}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:N/I:P/A:N\",\"baseScore\":4.3,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.6,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-79\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:grafana:grafana:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"7.0.5\",\"matchCriteriaId\":\"EB6DBF52-7C99-4B79-B3E6-17F724A47483\"}]}]}],\"references\":[{\"url\":\"https://github.com/grafana/grafana/blob/master/CHANGELOG.md#710-beta-1-2020-07-01\",\"source\":\"cve@mitre.org\",\"tags\":[\"Release Notes\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/grafana/grafana/pull/25401\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20201123-0002/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://github.com/grafana/grafana/blob/master/CHANGELOG.md#710-beta-1-2020-07-01\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/grafana/grafana/pull/25401\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20201123-0002/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]}]}}", }, }
ghsa-mvpr-q6rh-8vrp
Vulnerability from github
Published
2022-05-24 17:32
Modified
2024-07-08 20:04
Severity ?
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
5.1 (Medium) - CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
5.1 (Medium) - CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
Summary
Grafana XSS via a query alias for the ElasticSearch datasource
Details
Grafana before 7.1.0-beta 1 allows XSS via a query alias for the ElasticSearch datasource.
{ affected: [ { package: { ecosystem: "Go", name: "github.com/grafana/grafana", }, ranges: [ { events: [ { introduced: "0", }, { fixed: "7.1.0-beta1", }, ], type: "ECOSYSTEM", }, ], }, ], aliases: [ "CVE-2020-24303", ], database_specific: { cwe_ids: [ "CWE-79", ], github_reviewed: true, github_reviewed_at: "2024-02-01T21:48:06Z", nvd_published_at: "2020-10-28T14:15:00Z", severity: "MODERATE", }, details: "Grafana before 7.1.0-beta 1 allows XSS via a query alias for the ElasticSearch datasource.", id: "GHSA-mvpr-q6rh-8vrp", modified: "2024-07-08T20:04:29Z", published: "2022-05-24T17:32:32Z", references: [ { type: "ADVISORY", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-24303", }, { type: "WEB", url: "https://github.com/grafana/grafana/pull/25401", }, { type: "PACKAGE", url: "https://github.com/grafana/grafana", }, { type: "WEB", url: "https://github.com/grafana/grafana/blob/master/CHANGELOG.md#710-beta-1-2020-07-01", }, { type: "WEB", url: "https://security.netapp.com/advisory/ntap-20201123-0002", }, ], schema_version: "1.4.0", severity: [ { score: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", type: "CVSS_V3", }, { score: "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N", type: "CVSS_V4", }, ], summary: "Grafana XSS via a query alias for the ElasticSearch datasource", }
suse-su-2020:3624-1
Vulnerability from csaf_suse
Published
2020-12-04 11:50
Modified
2020-12-04 11:50
Summary
Security update for crowbar-openstack, grafana, influxdb, python-urllib3
Notes
Title of the patch
Security update for crowbar-openstack, grafana, influxdb, python-urllib3
Description of the patch
This update for crowbar-openstack, grafana, influxdb, python-urllib3 contains the following fixes:
Security fixes included in this update:
openstack-glance
- CVE-2016-8611: Added rate limiting for glance api (bnc#1005886)
grafana
- CVE-2020-24303: Fixed an XSS via a query alias for the ElasticSearch datasource (#bnc#1178243)
influxdb
- CVE-2019-20933: Fixed an authentication bypass (bnc#1178988)
python-urlib3
- CVE-2019-9740: Fixed a CRLF injection in urllib3 (bnc#1129071).
- CVE-2020-26137: Fixed a CRLF injection via HTTP request method (bnc#1177120)
memcached
- CVE-2018-1000115: Fixed a issue where a UDP server allowed spoofed traffic amplification DoS (bnc#1083903).
Non-security fixes included in this update:
Changes in crowbar-openstack:
- Update to version 4.0+git.1604938545.30c10db18:
* rabbitmq: Fix crm running check (SOC-11240)
Changes in grafana:
- Fix bnc#1178243 CVE-2020-24303 by adding
25401-Fix-XSS-vulnerability-with-series-overrides.patch
Changes in influxdb:
- Add CVE-2019-20933.patch (bnc#1178988, CVE-2019-20933) to
fix authentication bypass_
- Declare license files correctly
- Version 1.2.4:
* The stress tool influx_stress will be removed in a subsequent
release.
* Remove the override of GOMAXPROCS.
* Uncomment section headers from the default configuration file.
* Improve write performance significantly.
* Prune data in meta store for deleted shards.
* Update latest dependencies with Godeps.
* Introduce syntax for marking a partial response with chunking.
* Use X-Forwarded-For IP address in HTTP logger if present.
* Add support for secure transmission via collectd.
* Switch logging to use structured logging everywhere.
* [CLI feature request] USE retention policy for queries.
* Add clear command to cli.
* Adding ability to use parameters in queries in the v2 client
using the Parameters map in the Query struct.
* Allow add items to array config via ENV
* Support subquery execution in the query language.
* Verbose output for SSL connection errors.
* Cache snapshotting performance improvements
- Partially revert previous change to fix build for Leap
Changes in python-urllib3:
- Update urllib3-fix-test-urls.patch. Adjust to match upstream solution.
- Add urllib3-fix-test-urls.patch. Fix tests failing on python checks for
CVE-2019-9740.
- Add urllib3-cve-2020-26137.patch. Don't allow control chars in request
method. (bnc#1177120, CVE-2020-26137)
Patchnames
SUSE-2020-3624,SUSE-OpenStack-Cloud-7-2020-3624
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "moderate", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Security update for crowbar-openstack, grafana, influxdb, python-urllib3", title: "Title of the patch", }, { category: "description", text: "This update for crowbar-openstack, grafana, influxdb, python-urllib3 contains the following fixes:\n\nSecurity fixes included in this update:\n\nopenstack-glance\n- CVE-2016-8611: Added rate limiting for glance api (bnc#1005886)\n\ngrafana\n- CVE-2020-24303: Fixed an XSS via a query alias for the ElasticSearch datasource (#bnc#1178243)\n\ninfluxdb\n- CVE-2019-20933: Fixed an authentication bypass (bnc#1178988)\n\npython-urlib3\n- CVE-2019-9740: Fixed a CRLF injection in urllib3 (bnc#1129071).\n- CVE-2020-26137: Fixed a CRLF injection via HTTP request method (bnc#1177120)\n\nmemcached\n- CVE-2018-1000115: Fixed a issue where a UDP server allowed spoofed traffic amplification DoS (bnc#1083903).\n\nNon-security fixes included in this update:\n\nChanges in crowbar-openstack:\n- Update to version 4.0+git.1604938545.30c10db18:\n * rabbitmq: Fix crm running check (SOC-11240)\n\nChanges in grafana:\n- Fix bnc#1178243 CVE-2020-24303 by adding\n 25401-Fix-XSS-vulnerability-with-series-overrides.patch\n\nChanges in influxdb:\n- Add CVE-2019-20933.patch (bnc#1178988, CVE-2019-20933) to\n fix authentication bypass_\n- Declare license files correctly\n\n- Version 1.2.4:\n * The stress tool influx_stress will be removed in a subsequent\n release.\n * Remove the override of GOMAXPROCS.\n * Uncomment section headers from the default configuration file.\n * Improve write performance significantly.\n * Prune data in meta store for deleted shards.\n * Update latest dependencies with Godeps.\n * Introduce syntax for marking a partial response with chunking.\n * Use X-Forwarded-For IP address in HTTP logger if present.\n * Add support for secure transmission via collectd.\n * Switch logging to use structured logging everywhere.\n * [CLI feature request] USE retention policy for queries.\n * Add clear command to cli.\n * Adding ability to use parameters in queries in the v2 client\n using the Parameters map in the Query struct.\n * Allow add items to array config via ENV\n * Support subquery execution in the query language.\n * Verbose output for SSL connection errors.\n * Cache snapshotting performance improvements\n\n- Partially revert previous change to fix build for Leap\n\nChanges in python-urllib3:\n- Update urllib3-fix-test-urls.patch. Adjust to match upstream solution.\n\n- Add urllib3-fix-test-urls.patch. Fix tests failing on python checks for\n CVE-2019-9740.\n\n- Add urllib3-cve-2020-26137.patch. Don't allow control chars in request\n method. (bnc#1177120, CVE-2020-26137)\n\n ", title: "Description of the patch", }, { category: "details", text: "SUSE-2020-3624,SUSE-OpenStack-Cloud-7-2020-3624", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2020_3624-1.json", }, { category: "self", summary: "URL for SUSE-SU-2020:3624-1", url: "https://www.suse.com/support/update/announcement/2020/suse-su-20203624-1/", }, { category: "self", summary: "E-Mail link for SUSE-SU-2020:3624-1", url: "https://lists.suse.com/pipermail/sle-security-updates/2020-December/007916.html", }, { category: "self", summary: "SUSE Bug 1005886", url: "https://bugzilla.suse.com/1005886", }, { category: "self", summary: "SUSE Bug 1170479", url: "https://bugzilla.suse.com/1170479", }, { category: "self", summary: "SUSE Bug 1177120", url: "https://bugzilla.suse.com/1177120", }, { category: "self", summary: "SUSE Bug 1178243", url: "https://bugzilla.suse.com/1178243", }, { category: "self", summary: "SUSE Bug 1178988", url: "https://bugzilla.suse.com/1178988", }, { category: "self", summary: "SUSE CVE CVE-2016-8611 page", url: "https://www.suse.com/security/cve/CVE-2016-8611/", }, { category: "self", summary: "SUSE CVE CVE-2019-20933 page", url: "https://www.suse.com/security/cve/CVE-2019-20933/", }, { category: "self", summary: "SUSE CVE CVE-2019-9740 page", url: "https://www.suse.com/security/cve/CVE-2019-9740/", }, { category: "self", summary: "SUSE CVE CVE-2020-24303 page", url: "https://www.suse.com/security/cve/CVE-2020-24303/", }, { category: "self", summary: "SUSE CVE CVE-2020-26137 page", url: "https://www.suse.com/security/cve/CVE-2020-26137/", }, ], title: "Security update for crowbar-openstack, grafana, influxdb, python-urllib3", tracking: { current_release_date: "2020-12-04T11:50:23Z", generator: { date: "2020-12-04T11:50:23Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "SUSE-SU-2020:3624-1", initial_release_date: "2020-12-04T11:50:23Z", revision_history: [ { date: "2020-12-04T11:50:23Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "grafana-6.7.4-1.20.1.aarch64", product: { name: "grafana-6.7.4-1.20.1.aarch64", product_id: "grafana-6.7.4-1.20.1.aarch64", }, }, { category: "product_version", name: "influxdb-1.2.4-5.1.aarch64", product: { name: "influxdb-1.2.4-5.1.aarch64", product_id: "influxdb-1.2.4-5.1.aarch64", }, }, { category: "product_version", name: "influxdb-devel-1.2.4-5.1.aarch64", product: { name: "influxdb-devel-1.2.4-5.1.aarch64", product_id: "influxdb-devel-1.2.4-5.1.aarch64", }, }, ], category: "architecture", name: "aarch64", }, { branches: [ { category: "product_version", name: "crowbar-openstack-4.0+git.1604938545.30c10db18-9.77.1.noarch", product: { name: "crowbar-openstack-4.0+git.1604938545.30c10db18-9.77.1.noarch", product_id: "crowbar-openstack-4.0+git.1604938545.30c10db18-9.77.1.noarch", }, }, { category: "product_version", name: "python-urllib3-1.16-3.12.1.noarch", product: { name: "python-urllib3-1.16-3.12.1.noarch", product_id: "python-urllib3-1.16-3.12.1.noarch", }, }, ], category: "architecture", name: "noarch", }, { branches: [ { category: "product_version", name: "grafana-6.7.4-1.20.1.ppc64le", product: { name: "grafana-6.7.4-1.20.1.ppc64le", product_id: "grafana-6.7.4-1.20.1.ppc64le", }, }, { category: "product_version", name: "influxdb-1.2.4-5.1.ppc64le", product: { name: "influxdb-1.2.4-5.1.ppc64le", product_id: "influxdb-1.2.4-5.1.ppc64le", }, }, { category: "product_version", name: "influxdb-devel-1.2.4-5.1.ppc64le", product: { name: "influxdb-devel-1.2.4-5.1.ppc64le", product_id: "influxdb-devel-1.2.4-5.1.ppc64le", }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "grafana-6.7.4-1.20.1.s390x", product: { name: "grafana-6.7.4-1.20.1.s390x", product_id: "grafana-6.7.4-1.20.1.s390x", }, }, { category: "product_version", name: "influxdb-1.2.4-5.1.s390x", product: { name: "influxdb-1.2.4-5.1.s390x", product_id: "influxdb-1.2.4-5.1.s390x", }, }, { category: "product_version", name: "influxdb-devel-1.2.4-5.1.s390x", product: { name: "influxdb-devel-1.2.4-5.1.s390x", product_id: "influxdb-devel-1.2.4-5.1.s390x", }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "grafana-6.7.4-1.20.1.x86_64", product: { name: "grafana-6.7.4-1.20.1.x86_64", product_id: "grafana-6.7.4-1.20.1.x86_64", }, }, { category: "product_version", name: "influxdb-1.2.4-5.1.x86_64", product: { name: "influxdb-1.2.4-5.1.x86_64", product_id: "influxdb-1.2.4-5.1.x86_64", }, }, { category: "product_version", name: "influxdb-devel-1.2.4-5.1.x86_64", product: { name: "influxdb-devel-1.2.4-5.1.x86_64", product_id: "influxdb-devel-1.2.4-5.1.x86_64", }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_name", name: "SUSE OpenStack Cloud 7", product: { name: "SUSE OpenStack Cloud 7", product_id: "SUSE OpenStack Cloud 7", product_identification_helper: { cpe: "cpe:/o:suse:suse-openstack-cloud:7", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "crowbar-openstack-4.0+git.1604938545.30c10db18-9.77.1.noarch as component of SUSE OpenStack Cloud 7", product_id: "SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1604938545.30c10db18-9.77.1.noarch", }, product_reference: "crowbar-openstack-4.0+git.1604938545.30c10db18-9.77.1.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 7", }, { category: "default_component_of", full_product_name: { name: "grafana-6.7.4-1.20.1.x86_64 as component of SUSE OpenStack Cloud 7", product_id: "SUSE OpenStack Cloud 7:grafana-6.7.4-1.20.1.x86_64", }, product_reference: "grafana-6.7.4-1.20.1.x86_64", relates_to_product_reference: "SUSE OpenStack Cloud 7", }, { category: "default_component_of", full_product_name: { name: "influxdb-1.2.4-5.1.x86_64 as component of SUSE OpenStack Cloud 7", product_id: "SUSE OpenStack Cloud 7:influxdb-1.2.4-5.1.x86_64", }, product_reference: "influxdb-1.2.4-5.1.x86_64", relates_to_product_reference: "SUSE OpenStack Cloud 7", }, { category: "default_component_of", full_product_name: { name: "python-urllib3-1.16-3.12.1.noarch as component of SUSE OpenStack Cloud 7", product_id: "SUSE OpenStack Cloud 7:python-urllib3-1.16-3.12.1.noarch", }, product_reference: "python-urllib3-1.16-3.12.1.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 7", }, ], }, vulnerabilities: [ { cve: "CVE-2016-8611", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2016-8611", }, ], notes: [ { category: "general", text: "A vulnerability was found in Openstack Glance. No limits are enforced within the Glance image service for both v1 and v2 `/images` API POST method for authenticated users, resulting in possible denial of service attacks through database table saturation.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1604938545.30c10db18-9.77.1.noarch", "SUSE OpenStack Cloud 7:grafana-6.7.4-1.20.1.x86_64", "SUSE OpenStack Cloud 7:influxdb-1.2.4-5.1.x86_64", "SUSE OpenStack Cloud 7:python-urllib3-1.16-3.12.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2016-8611", url: "https://www.suse.com/security/cve/CVE-2016-8611", }, { category: "external", summary: "SUSE Bug 1005886 for CVE-2016-8611", url: "https://bugzilla.suse.com/1005886", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1604938545.30c10db18-9.77.1.noarch", "SUSE OpenStack Cloud 7:grafana-6.7.4-1.20.1.x86_64", "SUSE OpenStack Cloud 7:influxdb-1.2.4-5.1.x86_64", "SUSE OpenStack Cloud 7:python-urllib3-1.16-3.12.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 4.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1604938545.30c10db18-9.77.1.noarch", "SUSE OpenStack Cloud 7:grafana-6.7.4-1.20.1.x86_64", "SUSE OpenStack Cloud 7:influxdb-1.2.4-5.1.x86_64", "SUSE OpenStack Cloud 7:python-urllib3-1.16-3.12.1.noarch", ], }, ], threats: [ { category: "impact", date: "2020-12-04T11:50:23Z", details: "low", }, ], title: "CVE-2016-8611", }, { cve: "CVE-2019-20933", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-20933", }, ], notes: [ { category: "general", text: "InfluxDB before 1.7.6 has an authentication bypass vulnerability in the authenticate function in services/httpd/handler.go because a JWT token may have an empty SharedSecret (aka shared secret).", title: "CVE description", }, ], product_status: { recommended: [ "SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1604938545.30c10db18-9.77.1.noarch", "SUSE OpenStack Cloud 7:grafana-6.7.4-1.20.1.x86_64", "SUSE OpenStack Cloud 7:influxdb-1.2.4-5.1.x86_64", "SUSE OpenStack Cloud 7:python-urllib3-1.16-3.12.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2019-20933", url: "https://www.suse.com/security/cve/CVE-2019-20933", }, { category: "external", summary: "SUSE Bug 1178988 for CVE-2019-20933", url: "https://bugzilla.suse.com/1178988", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1604938545.30c10db18-9.77.1.noarch", "SUSE OpenStack Cloud 7:grafana-6.7.4-1.20.1.x86_64", "SUSE OpenStack Cloud 7:influxdb-1.2.4-5.1.x86_64", "SUSE OpenStack Cloud 7:python-urllib3-1.16-3.12.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1604938545.30c10db18-9.77.1.noarch", "SUSE OpenStack Cloud 7:grafana-6.7.4-1.20.1.x86_64", "SUSE OpenStack Cloud 7:influxdb-1.2.4-5.1.x86_64", "SUSE OpenStack Cloud 7:python-urllib3-1.16-3.12.1.noarch", ], }, ], threats: [ { category: "impact", date: "2020-12-04T11:50:23Z", details: "important", }, ], title: "CVE-2019-20933", }, { cve: "CVE-2019-9740", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-9740", }, ], notes: [ { category: "general", text: "An issue was discovered in urllib2 in Python 2.x through 2.7.16 and urllib in Python 3.x through 3.7.3. CRLF injection is possible if the attacker controls a url parameter, as demonstrated by the first argument to urllib.request.urlopen with \\r\\n (specifically in the query string after a ? character) followed by an HTTP header or a Redis command. This is fixed in: v2.7.17, v2.7.17rc1, v2.7.18, v2.7.18rc1; v3.5.10, v3.5.10rc1, v3.5.8, v3.5.8rc1, v3.5.8rc2, v3.5.9; v3.6.10, v3.6.10rc1, v3.6.11, v3.6.11rc1, v3.6.12, v3.6.9, v3.6.9rc1; v3.7.4, v3.7.4rc1, v3.7.4rc2, v3.7.5, v3.7.5rc1, v3.7.6, v3.7.6rc1, v3.7.7, v3.7.7rc1, v3.7.8, v3.7.8rc1, v3.7.9.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1604938545.30c10db18-9.77.1.noarch", "SUSE OpenStack Cloud 7:grafana-6.7.4-1.20.1.x86_64", "SUSE OpenStack Cloud 7:influxdb-1.2.4-5.1.x86_64", "SUSE OpenStack Cloud 7:python-urllib3-1.16-3.12.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2019-9740", url: "https://www.suse.com/security/cve/CVE-2019-9740", }, { category: "external", summary: "SUSE Bug 1129071 for CVE-2019-9740", url: "https://bugzilla.suse.com/1129071", }, { category: "external", summary: "SUSE Bug 1130840 for CVE-2019-9740", url: "https://bugzilla.suse.com/1130840", }, { category: "external", summary: "SUSE Bug 1132663 for CVE-2019-9740", url: "https://bugzilla.suse.com/1132663", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1604938545.30c10db18-9.77.1.noarch", "SUSE OpenStack Cloud 7:grafana-6.7.4-1.20.1.x86_64", "SUSE OpenStack Cloud 7:influxdb-1.2.4-5.1.x86_64", "SUSE OpenStack Cloud 7:python-urllib3-1.16-3.12.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 5.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N", version: "3.0", }, products: [ "SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1604938545.30c10db18-9.77.1.noarch", "SUSE OpenStack Cloud 7:grafana-6.7.4-1.20.1.x86_64", "SUSE OpenStack Cloud 7:influxdb-1.2.4-5.1.x86_64", "SUSE OpenStack Cloud 7:python-urllib3-1.16-3.12.1.noarch", ], }, ], threats: [ { category: "impact", date: "2020-12-04T11:50:23Z", details: "moderate", }, ], title: "CVE-2019-9740", }, { cve: "CVE-2020-24303", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-24303", }, ], notes: [ { category: "general", text: "Grafana before 7.1.0-beta 1 allows XSS via a query alias for the ElasticSearch datasource.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1604938545.30c10db18-9.77.1.noarch", "SUSE OpenStack Cloud 7:grafana-6.7.4-1.20.1.x86_64", "SUSE OpenStack Cloud 7:influxdb-1.2.4-5.1.x86_64", "SUSE OpenStack Cloud 7:python-urllib3-1.16-3.12.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2020-24303", url: "https://www.suse.com/security/cve/CVE-2020-24303", }, { category: "external", summary: "SUSE Bug 1178243 for CVE-2020-24303", url: "https://bugzilla.suse.com/1178243", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1604938545.30c10db18-9.77.1.noarch", "SUSE OpenStack Cloud 7:grafana-6.7.4-1.20.1.x86_64", "SUSE OpenStack Cloud 7:influxdb-1.2.4-5.1.x86_64", "SUSE OpenStack Cloud 7:python-urllib3-1.16-3.12.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 5.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, products: [ "SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1604938545.30c10db18-9.77.1.noarch", "SUSE OpenStack Cloud 7:grafana-6.7.4-1.20.1.x86_64", "SUSE OpenStack Cloud 7:influxdb-1.2.4-5.1.x86_64", "SUSE OpenStack Cloud 7:python-urllib3-1.16-3.12.1.noarch", ], }, ], threats: [ { category: "impact", date: "2020-12-04T11:50:23Z", details: "moderate", }, ], title: "CVE-2020-24303", }, { cve: "CVE-2020-26137", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-26137", }, ], notes: [ { category: "general", text: "urllib3 before 1.25.9 allows CRLF injection if the attacker controls the HTTP request method, as demonstrated by inserting CR and LF control characters in the first argument of putrequest(). NOTE: this is similar to CVE-2020-26116.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1604938545.30c10db18-9.77.1.noarch", "SUSE OpenStack Cloud 7:grafana-6.7.4-1.20.1.x86_64", "SUSE OpenStack Cloud 7:influxdb-1.2.4-5.1.x86_64", "SUSE OpenStack Cloud 7:python-urllib3-1.16-3.12.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2020-26137", url: "https://www.suse.com/security/cve/CVE-2020-26137", }, { category: "external", summary: "SUSE Bug 1177120 for CVE-2020-26137", url: "https://bugzilla.suse.com/1177120", }, { category: "external", summary: "SUSE Bug 1177211 for CVE-2020-26137", url: "https://bugzilla.suse.com/1177211", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1604938545.30c10db18-9.77.1.noarch", "SUSE OpenStack Cloud 7:grafana-6.7.4-1.20.1.x86_64", "SUSE OpenStack Cloud 7:influxdb-1.2.4-5.1.x86_64", "SUSE OpenStack Cloud 7:python-urllib3-1.16-3.12.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 5.8, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N", version: "3.1", }, products: [ "SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1604938545.30c10db18-9.77.1.noarch", "SUSE OpenStack Cloud 7:grafana-6.7.4-1.20.1.x86_64", "SUSE OpenStack Cloud 7:influxdb-1.2.4-5.1.x86_64", "SUSE OpenStack Cloud 7:python-urllib3-1.16-3.12.1.noarch", ], }, ], threats: [ { category: "impact", date: "2020-12-04T11:50:23Z", details: "moderate", }, ], title: "CVE-2020-26137", }, ], }
suse-su-2021:1233-1
Vulnerability from csaf_suse
Published
2021-04-15 15:21
Modified
2021-04-15 15:21
Summary
Security update for grafana and system-user-grafana
Notes
Title of the patch
Security update for grafana and system-user-grafana
Description of the patch
This update for grafana and system-user-grafana fixes the following issues:
- Updated grafana to upstream version 7.3.1
* CVE-2019-15043: In Grafana 2.x through 6.x before 6.3.4, parts of the HTTP API allow unauthenticated use.
This makes it possible to run a denial of service attack against the server running Grafana
* CVE-2020-12245: Grafana before 6.7.3 allows table-panel XSS via column.title or cellLinkTooltip (bsc#1170557)
* CVE-2020-13379: The avatar feature in Grafana 3.0.1 through 7.0.1 has an SSRF Incorrect Access Control issue.
This vulnerability allows any unauthenticated user/client to make Grafana send HTTP requests to any URL and
return its result to the user/client. This can be used to gain information about the network that Grafana is
running on. Furthermore, passing invalid URL objects could be used for DOS'ing Grafana via SegFault (bsc#1172409)
* CVE-2019-15043: In Grafana 2.x through 6.x before 6.3.4, parts of the HTTP API allow unauthenticated use.
This makes it possible to run a denial of service attack against the server running Grafana (bsc#1148383)
* CVE-2020-12052: Grafana version below 6.7.3 is vulnerable for annotation popup XSS (bsc#1170657)
* CVE-2020-24303: Grafana before 7.1.0-beta 1 allows XSS via a query alias for the ElasticSearch datasource. (bsc#1178243)
* CVE-2018-18623: Grafana 5.3.1 has XSS via the 'Dashboard > Text Panel' screen (bsc#1172450)
* CVE-2019-19499: Grafana versions below or equal to 6.4.3 has an Arbitrary File Read vulnerability, which
could be exploited by an authenticated attacker that has privileges to modify the data source configurations (bsc#1175951)
* Please refer to this package's changelog to get a full list of all changes (including bug fixes etc.)
- Initial shipment of system-user-grafana to SES 6
Patchnames
SUSE-2021-1233,SUSE-SLE-Manager-Tools-15-2021-1233,SUSE-Storage-6-2021-1233
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "moderate", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Security update for grafana and system-user-grafana", title: "Title of the patch", }, { category: "description", text: "This update for grafana and system-user-grafana fixes the following issues:\n\n- Updated grafana to upstream version 7.3.1\n * CVE-2019-15043: In Grafana 2.x through 6.x before 6.3.4, parts of the HTTP API allow unauthenticated use.\n This makes it possible to run a denial of service attack against the server running Grafana\n * CVE-2020-12245: Grafana before 6.7.3 allows table-panel XSS via column.title or cellLinkTooltip (bsc#1170557)\n * CVE-2020-13379: The avatar feature in Grafana 3.0.1 through 7.0.1 has an SSRF Incorrect Access Control issue.\n This vulnerability allows any unauthenticated user/client to make Grafana send HTTP requests to any URL and\n return its result to the user/client. This can be used to gain information about the network that Grafana is\n running on. Furthermore, passing invalid URL objects could be used for DOS'ing Grafana via SegFault (bsc#1172409)\n * CVE-2019-15043: In Grafana 2.x through 6.x before 6.3.4, parts of the HTTP API allow unauthenticated use.\n This makes it possible to run a denial of service attack against the server running Grafana (bsc#1148383)\n * CVE-2020-12052: Grafana version below 6.7.3 is vulnerable for annotation popup XSS (bsc#1170657)\n * CVE-2020-24303: Grafana before 7.1.0-beta 1 allows XSS via a query alias for the ElasticSearch datasource. (bsc#1178243)\n * CVE-2018-18623: Grafana 5.3.1 has XSS via the 'Dashboard > Text Panel' screen (bsc#1172450)\n * CVE-2019-19499: Grafana versions below or equal to 6.4.3 has an Arbitrary File Read vulnerability, which\n could be exploited by an authenticated attacker that has privileges to modify the data source configurations (bsc#1175951)\n\n * Please refer to this package's changelog to get a full list of all changes (including bug fixes etc.)\n\n- Initial shipment of system-user-grafana to SES 6", title: "Description of the patch", }, { category: "details", text: "SUSE-2021-1233,SUSE-SLE-Manager-Tools-15-2021-1233,SUSE-Storage-6-2021-1233", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2021_1233-1.json", }, { category: "self", summary: "URL for SUSE-SU-2021:1233-1", url: "https://www.suse.com/support/update/announcement/2021/suse-su-20211233-1/", }, { category: "self", summary: "E-Mail link for SUSE-SU-2021:1233-1", url: "https://lists.suse.com/pipermail/sle-security-updates/2021-April/008643.html", }, { category: "self", summary: "SUSE Bug 1148383", url: "https://bugzilla.suse.com/1148383", }, { category: "self", summary: "SUSE Bug 1170557", url: "https://bugzilla.suse.com/1170557", }, { category: "self", summary: "SUSE Bug 1170657", url: "https://bugzilla.suse.com/1170657", }, { category: "self", summary: "SUSE Bug 1172409", url: "https://bugzilla.suse.com/1172409", }, { category: "self", summary: "SUSE Bug 1172450", url: "https://bugzilla.suse.com/1172450", }, { category: "self", summary: "SUSE Bug 1175951", url: "https://bugzilla.suse.com/1175951", }, { category: "self", summary: "SUSE Bug 1178243", url: "https://bugzilla.suse.com/1178243", }, { category: "self", summary: "SUSE CVE CVE-2018-18623 page", url: "https://www.suse.com/security/cve/CVE-2018-18623/", }, { category: "self", summary: "SUSE CVE CVE-2019-15043 page", url: "https://www.suse.com/security/cve/CVE-2019-15043/", }, { category: "self", summary: "SUSE CVE CVE-2019-19499 page", url: "https://www.suse.com/security/cve/CVE-2019-19499/", }, { category: "self", summary: "SUSE CVE CVE-2020-12052 page", url: "https://www.suse.com/security/cve/CVE-2020-12052/", }, { category: "self", summary: "SUSE CVE CVE-2020-12245 page", url: "https://www.suse.com/security/cve/CVE-2020-12245/", }, { category: "self", summary: "SUSE CVE CVE-2020-13379 page", url: "https://www.suse.com/security/cve/CVE-2020-13379/", }, { category: "self", summary: "SUSE CVE CVE-2020-24303 page", url: "https://www.suse.com/security/cve/CVE-2020-24303/", }, ], title: "Security update for grafana and system-user-grafana", tracking: { current_release_date: "2021-04-15T15:21:15Z", generator: { date: "2021-04-15T15:21:15Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "SUSE-SU-2021:1233-1", initial_release_date: "2021-04-15T15:21:15Z", revision_history: [ { date: "2021-04-15T15:21:15Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "grafana-7.3.1-3.6.1.aarch64", product: { name: "grafana-7.3.1-3.6.1.aarch64", product_id: "grafana-7.3.1-3.6.1.aarch64", }, }, ], category: "architecture", name: "aarch64", }, { branches: [ { category: "product_version", name: "system-user-grafana-1.0.0-3.9.1.noarch", product: { name: "system-user-grafana-1.0.0-3.9.1.noarch", product_id: "system-user-grafana-1.0.0-3.9.1.noarch", }, }, ], category: "architecture", name: "noarch", }, { branches: [ { category: "product_version", name: "grafana-7.3.1-3.6.1.x86_64", product: { name: "grafana-7.3.1-3.6.1.x86_64", product_id: "grafana-7.3.1-3.6.1.x86_64", }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_name", name: "SUSE Manager Client Tools 15", product: { name: "SUSE Manager Client Tools 15", product_id: "SUSE Manager Client Tools 15", }, }, { category: "product_name", name: "SUSE Enterprise Storage 6", product: { name: "SUSE Enterprise Storage 6", product_id: "SUSE Enterprise Storage 6", product_identification_helper: { cpe: "cpe:/o:suse:ses:6", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "system-user-grafana-1.0.0-3.9.1.noarch as component of SUSE Manager Client Tools 15", product_id: "SUSE Manager Client Tools 15:system-user-grafana-1.0.0-3.9.1.noarch", }, product_reference: "system-user-grafana-1.0.0-3.9.1.noarch", relates_to_product_reference: "SUSE Manager Client Tools 15", }, { category: "default_component_of", full_product_name: { name: "grafana-7.3.1-3.6.1.aarch64 as component of SUSE Enterprise Storage 6", product_id: "SUSE Enterprise Storage 6:grafana-7.3.1-3.6.1.aarch64", }, product_reference: "grafana-7.3.1-3.6.1.aarch64", relates_to_product_reference: "SUSE Enterprise Storage 6", }, { category: "default_component_of", full_product_name: { name: "grafana-7.3.1-3.6.1.x86_64 as component of SUSE Enterprise Storage 6", product_id: "SUSE Enterprise Storage 6:grafana-7.3.1-3.6.1.x86_64", }, product_reference: "grafana-7.3.1-3.6.1.x86_64", relates_to_product_reference: "SUSE Enterprise Storage 6", }, { category: "default_component_of", full_product_name: { name: "system-user-grafana-1.0.0-3.9.1.noarch as component of SUSE Enterprise Storage 6", product_id: "SUSE Enterprise Storage 6:system-user-grafana-1.0.0-3.9.1.noarch", }, product_reference: "system-user-grafana-1.0.0-3.9.1.noarch", relates_to_product_reference: "SUSE Enterprise Storage 6", }, ], }, vulnerabilities: [ { cve: "CVE-2018-18623", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-18623", }, ], notes: [ { category: "general", text: "Grafana 5.3.1 has XSS via the \"Dashboard > Text Panel\" screen. NOTE: this issue exists because of an incomplete fix for CVE-2018-12099.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Enterprise Storage 6:grafana-7.3.1-3.6.1.aarch64", "SUSE Enterprise Storage 6:grafana-7.3.1-3.6.1.x86_64", "SUSE Enterprise Storage 6:system-user-grafana-1.0.0-3.9.1.noarch", "SUSE Manager Client Tools 15:system-user-grafana-1.0.0-3.9.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2018-18623", url: "https://www.suse.com/security/cve/CVE-2018-18623", }, { category: "external", summary: "SUSE Bug 1172450 for CVE-2018-18623", url: "https://bugzilla.suse.com/1172450", }, { category: "external", summary: "SUSE Bug 1174583 for CVE-2018-18623", url: "https://bugzilla.suse.com/1174583", }, { category: "external", summary: "SUSE Bug 1175951 for CVE-2018-18623", url: "https://bugzilla.suse.com/1175951", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Enterprise Storage 6:grafana-7.3.1-3.6.1.aarch64", "SUSE Enterprise Storage 6:grafana-7.3.1-3.6.1.x86_64", "SUSE Enterprise Storage 6:system-user-grafana-1.0.0-3.9.1.noarch", "SUSE Manager Client Tools 15:system-user-grafana-1.0.0-3.9.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 6.1, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, products: [ "SUSE Enterprise Storage 6:grafana-7.3.1-3.6.1.aarch64", "SUSE Enterprise Storage 6:grafana-7.3.1-3.6.1.x86_64", "SUSE Enterprise Storage 6:system-user-grafana-1.0.0-3.9.1.noarch", "SUSE Manager Client Tools 15:system-user-grafana-1.0.0-3.9.1.noarch", ], }, ], threats: [ { category: "impact", date: "2021-04-15T15:21:15Z", details: "moderate", }, ], title: "CVE-2018-18623", }, { cve: "CVE-2019-15043", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-15043", }, ], notes: [ { category: "general", text: "In Grafana 2.x through 6.x before 6.3.4, parts of the HTTP API allow unauthenticated use. This makes it possible to run a denial of service attack against the server running Grafana.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Enterprise Storage 6:grafana-7.3.1-3.6.1.aarch64", "SUSE Enterprise Storage 6:grafana-7.3.1-3.6.1.x86_64", "SUSE Enterprise Storage 6:system-user-grafana-1.0.0-3.9.1.noarch", "SUSE Manager Client Tools 15:system-user-grafana-1.0.0-3.9.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2019-15043", url: "https://www.suse.com/security/cve/CVE-2019-15043", }, { category: "external", summary: "SUSE Bug 1148383 for CVE-2019-15043", url: "https://bugzilla.suse.com/1148383", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Enterprise Storage 6:grafana-7.3.1-3.6.1.aarch64", "SUSE Enterprise Storage 6:grafana-7.3.1-3.6.1.x86_64", "SUSE Enterprise Storage 6:system-user-grafana-1.0.0-3.9.1.noarch", "SUSE Manager Client Tools 15:system-user-grafana-1.0.0-3.9.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 7.1, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H", version: "3.1", }, products: [ "SUSE Enterprise Storage 6:grafana-7.3.1-3.6.1.aarch64", "SUSE Enterprise Storage 6:grafana-7.3.1-3.6.1.x86_64", "SUSE Enterprise Storage 6:system-user-grafana-1.0.0-3.9.1.noarch", "SUSE Manager Client Tools 15:system-user-grafana-1.0.0-3.9.1.noarch", ], }, ], threats: [ { category: "impact", date: "2021-04-15T15:21:15Z", details: "important", }, ], title: "CVE-2019-15043", }, { cve: "CVE-2019-19499", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-19499", }, ], notes: [ { category: "general", text: "Grafana <= 6.4.3 has an Arbitrary File Read vulnerability, which could be exploited by an authenticated attacker that has privileges to modify the data source configurations.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Enterprise Storage 6:grafana-7.3.1-3.6.1.aarch64", "SUSE Enterprise Storage 6:grafana-7.3.1-3.6.1.x86_64", "SUSE Enterprise Storage 6:system-user-grafana-1.0.0-3.9.1.noarch", "SUSE Manager Client Tools 15:system-user-grafana-1.0.0-3.9.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2019-19499", url: "https://www.suse.com/security/cve/CVE-2019-19499", }, { category: "external", summary: "SUSE Bug 1175951 for CVE-2019-19499", url: "https://bugzilla.suse.com/1175951", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Enterprise Storage 6:grafana-7.3.1-3.6.1.aarch64", "SUSE Enterprise Storage 6:grafana-7.3.1-3.6.1.x86_64", "SUSE Enterprise Storage 6:system-user-grafana-1.0.0-3.9.1.noarch", "SUSE Manager Client Tools 15:system-user-grafana-1.0.0-3.9.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "SUSE Enterprise Storage 6:grafana-7.3.1-3.6.1.aarch64", "SUSE Enterprise Storage 6:grafana-7.3.1-3.6.1.x86_64", "SUSE Enterprise Storage 6:system-user-grafana-1.0.0-3.9.1.noarch", "SUSE Manager Client Tools 15:system-user-grafana-1.0.0-3.9.1.noarch", ], }, ], threats: [ { category: "impact", date: "2021-04-15T15:21:15Z", details: "moderate", }, ], title: "CVE-2019-19499", }, { cve: "CVE-2020-12052", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-12052", }, ], notes: [ { category: "general", text: "Grafana version < 6.7.3 is vulnerable for annotation popup XSS.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Enterprise Storage 6:grafana-7.3.1-3.6.1.aarch64", "SUSE Enterprise Storage 6:grafana-7.3.1-3.6.1.x86_64", "SUSE Enterprise Storage 6:system-user-grafana-1.0.0-3.9.1.noarch", "SUSE Manager Client Tools 15:system-user-grafana-1.0.0-3.9.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2020-12052", url: "https://www.suse.com/security/cve/CVE-2020-12052", }, { category: "external", summary: "SUSE Bug 1170657 for CVE-2020-12052", url: "https://bugzilla.suse.com/1170657", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Enterprise Storage 6:grafana-7.3.1-3.6.1.aarch64", "SUSE Enterprise Storage 6:grafana-7.3.1-3.6.1.x86_64", "SUSE Enterprise Storage 6:system-user-grafana-1.0.0-3.9.1.noarch", "SUSE Manager Client Tools 15:system-user-grafana-1.0.0-3.9.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 6.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", version: "3.1", }, products: [ "SUSE Enterprise Storage 6:grafana-7.3.1-3.6.1.aarch64", "SUSE Enterprise Storage 6:grafana-7.3.1-3.6.1.x86_64", "SUSE Enterprise Storage 6:system-user-grafana-1.0.0-3.9.1.noarch", "SUSE Manager Client Tools 15:system-user-grafana-1.0.0-3.9.1.noarch", ], }, ], threats: [ { category: "impact", date: "2021-04-15T15:21:15Z", details: "moderate", }, ], title: "CVE-2020-12052", }, { cve: "CVE-2020-12245", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-12245", }, ], notes: [ { category: "general", text: "Grafana before 6.7.3 allows table-panel XSS via column.title or cellLinkTooltip.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Enterprise Storage 6:grafana-7.3.1-3.6.1.aarch64", "SUSE Enterprise Storage 6:grafana-7.3.1-3.6.1.x86_64", "SUSE Enterprise Storage 6:system-user-grafana-1.0.0-3.9.1.noarch", "SUSE Manager Client Tools 15:system-user-grafana-1.0.0-3.9.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2020-12245", url: "https://www.suse.com/security/cve/CVE-2020-12245", }, { category: "external", summary: "SUSE Bug 1170557 for CVE-2020-12245", url: "https://bugzilla.suse.com/1170557", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Enterprise Storage 6:grafana-7.3.1-3.6.1.aarch64", "SUSE Enterprise Storage 6:grafana-7.3.1-3.6.1.x86_64", "SUSE Enterprise Storage 6:system-user-grafana-1.0.0-3.9.1.noarch", "SUSE Manager Client Tools 15:system-user-grafana-1.0.0-3.9.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 6.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", version: "3.1", }, products: [ "SUSE Enterprise Storage 6:grafana-7.3.1-3.6.1.aarch64", "SUSE Enterprise Storage 6:grafana-7.3.1-3.6.1.x86_64", "SUSE Enterprise Storage 6:system-user-grafana-1.0.0-3.9.1.noarch", "SUSE Manager Client Tools 15:system-user-grafana-1.0.0-3.9.1.noarch", ], }, ], threats: [ { category: "impact", date: "2021-04-15T15:21:15Z", details: "moderate", }, ], title: "CVE-2020-12245", }, { cve: "CVE-2020-13379", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-13379", }, ], notes: [ { category: "general", text: "The avatar feature in Grafana 3.0.1 through 7.0.1 has an SSRF Incorrect Access Control issue. This vulnerability allows any unauthenticated user/client to make Grafana send HTTP requests to any URL and return its result to the user/client. This can be used to gain information about the network that Grafana is running on. Furthermore, passing invalid URL objects could be used for DOS'ing Grafana via SegFault.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Enterprise Storage 6:grafana-7.3.1-3.6.1.aarch64", "SUSE Enterprise Storage 6:grafana-7.3.1-3.6.1.x86_64", "SUSE Enterprise Storage 6:system-user-grafana-1.0.0-3.9.1.noarch", "SUSE Manager Client Tools 15:system-user-grafana-1.0.0-3.9.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2020-13379", url: "https://www.suse.com/security/cve/CVE-2020-13379", }, { category: "external", summary: "SUSE Bug 1172409 for CVE-2020-13379", url: "https://bugzilla.suse.com/1172409", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Enterprise Storage 6:grafana-7.3.1-3.6.1.aarch64", "SUSE Enterprise Storage 6:grafana-7.3.1-3.6.1.x86_64", "SUSE Enterprise Storage 6:system-user-grafana-1.0.0-3.9.1.noarch", "SUSE Manager Client Tools 15:system-user-grafana-1.0.0-3.9.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "SUSE Enterprise Storage 6:grafana-7.3.1-3.6.1.aarch64", "SUSE Enterprise Storage 6:grafana-7.3.1-3.6.1.x86_64", "SUSE Enterprise Storage 6:system-user-grafana-1.0.0-3.9.1.noarch", "SUSE Manager Client Tools 15:system-user-grafana-1.0.0-3.9.1.noarch", ], }, ], threats: [ { category: "impact", date: "2021-04-15T15:21:15Z", details: "important", }, ], title: "CVE-2020-13379", }, { cve: "CVE-2020-24303", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-24303", }, ], notes: [ { category: "general", text: "Grafana before 7.1.0-beta 1 allows XSS via a query alias for the ElasticSearch datasource.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Enterprise Storage 6:grafana-7.3.1-3.6.1.aarch64", "SUSE Enterprise Storage 6:grafana-7.3.1-3.6.1.x86_64", "SUSE Enterprise Storage 6:system-user-grafana-1.0.0-3.9.1.noarch", "SUSE Manager Client Tools 15:system-user-grafana-1.0.0-3.9.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2020-24303", url: "https://www.suse.com/security/cve/CVE-2020-24303", }, { category: "external", summary: "SUSE Bug 1178243 for CVE-2020-24303", url: "https://bugzilla.suse.com/1178243", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Enterprise Storage 6:grafana-7.3.1-3.6.1.aarch64", "SUSE Enterprise Storage 6:grafana-7.3.1-3.6.1.x86_64", "SUSE Enterprise Storage 6:system-user-grafana-1.0.0-3.9.1.noarch", "SUSE Manager Client Tools 15:system-user-grafana-1.0.0-3.9.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 5.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, products: [ "SUSE Enterprise Storage 6:grafana-7.3.1-3.6.1.aarch64", "SUSE Enterprise Storage 6:grafana-7.3.1-3.6.1.x86_64", "SUSE Enterprise Storage 6:system-user-grafana-1.0.0-3.9.1.noarch", "SUSE Manager Client Tools 15:system-user-grafana-1.0.0-3.9.1.noarch", ], }, ], threats: [ { category: "impact", date: "2021-04-15T15:21:15Z", details: "moderate", }, ], title: "CVE-2020-24303", }, ], }
suse-su-2021:1962-1
Vulnerability from csaf_suse
Published
2021-06-11 13:13
Modified
2021-06-11 13:13
Summary
Security update for ardana-neutron, ardana-swift, cassandra, crowbar-openstack, grafana, kibana, openstack-dashboard, openstack-ironic, openstack-neutron, openstack-neutron-gbp, openstack-nova, python-Django1, python-py, python-pysaml2, python-xmlschema, rubygem-activerecord-session_store, venv-openstack-keystone
Notes
Title of the patch
Security update for ardana-neutron, ardana-swift, cassandra, crowbar-openstack, grafana, kibana, openstack-dashboard, openstack-ironic, openstack-neutron, openstack-neutron-gbp, openstack-nova, python-Django1, python-py, python-pysaml2, python-xmlschema, rubygem-activerecord-session_store, venv-openstack-keystone
Description of the patch
This update for ardana-neutron, ardana-swift, cassandra, crowbar-openstack, grafana, kibana, openstack-dashboard, openstack-ironic, openstack-neutron, openstack-neutron-gbp, openstack-nova, python-Django1, python-py, python-pysaml2, python-xmlschema, rubygem-activerecord-session_store, venv-openstack-keystone contains the following fixes:
Security fixes included in this update:
cassandra:
- CVE-2020-17516: Fixed an issue where encryption between nodes was not enforced
correctly for certain internode_encryption settings (bsc#1181689)
grafana:
- CVE-2018-18623, CVE-2018-18624, CVE-2018-18625: Fixed multiple cross
site scripting vulnerabilities in the dashboard. (bsc#1172450)
- CVE-2021-27358: Fixed a denial of service via remote API call. (bsc#1183803)
- CVE-2019-15043: Fixed a denial of service by an unauthenticated user
in the snapshot HTTP API (bsc#1148383)
- CVE-2020-13379: Fixed an information leak to unauthenticated users. (bsc#1172409)
- CVE-2020-12052: Fixed a cross site scripting vulnerability with the annotation
popup (bsc#1170657)
- CVE-2018-19039: Fixed an issue where a privileged user could
exfiltrate files (bsc#1115960)
- CVE-2020-11110: Fixed a stored cross site scripting vulnerability. (bsc#1174583)
- CVE-2020-24303: Fixed a cross site scripting vulnerability in a query alias for
ElasticSearch datasources (bsc#1178243)
kibana:
- CVE-2017-11499: Fixed a vulnerability in nodejs, related to the HashTable
implementation, which could cause a denial of service. (bsc#1044849)
- CVE-2017-11481: Fixed a cross site scripting vulnerability via via URL fields.
(bsc#1044849)
- CVE-2020-10743: Fixed a clickjacking issue because X-Frame-Option was not used
by default. (bsc#1171909)
python-Django:
- CVE-2021-23336: Fixed a web cache poisoning via django.utils.http.limited_parse_qsl().
(bsc#1182433)
- CVE-2021-28658: Fixed a directory traversal via uploaded files. (bsc#1184148)
- CVE-2021-31542: Fixed a directory traversal via uploaded files with suitably crafted
file names. (bsc#1185623)
- CVE-2021-33203: Fixed potential path-traversal via admindocs' TemplateDetailView.
(bsc#1186608)
- CVE-2021-33571: Tighten validator checks to not allow leading zeros in IPv4 addresses,
which potentially leads to further attacks. (bsc#1186611)
python-py:
- CVE-2020-29651: Fixed a denial of service via regular expressions. (bsc#1179805)
python-pysaml2:
- CVE-2021-21238: Fixed improper verification of cryptographic signatures for signed
SAML documents. (bsc#1181277)
- CVE-2021-21239: Fixed improper verification of cryptographic signatures when using
CryptoBackendXmlSec1(). (bsc#1181278)
rubygem-activerecord-session_store:
- CVE-2019-25025: Fixed a timing attacks targeting the session id which could allow
an attack to hijack sessions. (bsc#1183174)
Non-security changes included in this update:
Changes in ardana-neutron:
- Update to version 9.0+git.1615223676.777f0b3:
* Allow users to stop monitoring rootwrap daemon (bsc#1182317)
Changes in ardana-swift:
- Update to version 9.0+git.1618235096.90974ed:
* Run swiftlm-scan in the UTC timezone (bsc#1181690)
Changes in cassandra:
- update to 3.11.10 (bsc#1181689, CVE-2020-17516)
* Fix digest computation for queries with fetched but non queried columns (CASSANDRA-15962)
* Reduce amount of allocations during batch statement execution (CASSANDRA-16201)
* Update jflex-1.6.0.jar to match upstream (CASSANDRA-16393)
* Fix DecimalDeserializer#toString OOM (CASSANDRA-14925)
* Rate limit validation compactions using compaction_throughput_mb_per_sec (CASSANDRA-16161)
* SASI's `max_compaction_flush_memory_in_mb` settings over 100GB revert to default of 1GB (CASSANDRA-16071)
* Prevent unbounded number of pending flushing tasks (CASSANDRA-16261)
* Improve empty hint file handling during startup (CASSANDRA-16162)
* Allow empty string in collections with COPY FROM in cqlsh (CASSANDRA-16372)
* Fix skipping on pre-3.0 created compact storage sstables due to missing primary key liveness (CASSANDRA-16226)
* Extend the exclusion of replica filtering protection to other indices instead of just SASI (CASSANDRA-16311)
* Synchronize transaction logs for JBOD (CASSANDRA-16225)
* Fix the counting of cells per partition (CASSANDRA-16259)
* Fix serial read/non-applying CAS linearizability (CASSANDRA-12126)
* Avoid potential NPE in JVMStabilityInspector (CASSANDRA-16294)
* Improved check of num_tokens against the length of initial_token (CASSANDRA-14477)
* Fix a race condition on ColumnFamilyStore and TableMetrics (CASSANDRA-16228)
* Remove the SEPExecutor blocking behavior (CASSANDRA-16186)
* Fix invalid cell value skipping when reading from disk (CASSANDRA-16223)
* Prevent invoking enable/disable gossip when not in NORMAL (CASSANDRA-16146)
* Wait for schema agreement when bootstrapping (CASSANDRA-15158)
* Fix the histogram merge of the table metrics (CASSANDRA-16259)
* Synchronize Keyspace instance store/clear (CASSANDRA-16210)
* Fix ColumnFilter to avoid querying cells of unselected complex columns (CASSANDRA-15977)
* Fix memory leak in CompressedChunkReader (CASSANDRA-15880)
* Don't attempt value skipping with mixed version cluster (CASSANDRA-15833)
* Avoid failing compactions with very large partitions (CASSANDRA-15164)
* Make sure LCS handles duplicate sstable added/removed notifications correctly (CASSANDRA-14103)
* Fix OOM when terminating repair session (CASSANDRA-15902)
* Avoid marking shutting down nodes as up after receiving gossip shutdown message (CASSANDRA-16094)
* Check SSTables for latest version before dropping compact storage (CASSANDRA-16063)
* Handle unexpected columns due to schema races (CASSANDRA-15899)
* Add flag to ignore unreplicated keyspaces during repair (CASSANDRA-15160)
* Package tools/bin scripts as executable (CASSANDRA-16151)
* Fixed a NullPointerException when calling nodetool enablethrift (CASSANDRA-16127)
* Correctly interpret SASI's `max_compaction_flush_memory_in_mb` setting in megabytes not bytes (CASSANDRA-16071)
* Fix short read protection for GROUP BY queries (CASSANDRA-15459)
* Frozen RawTuple is not annotated with frozen in the toString method (CASSANDRA-15857)
Merged from 3.0:
* Use IF NOT EXISTS for index and UDT create statements in snapshot schema files (CASSANDRA-13935)
* Fix gossip shutdown order (CASSANDRA-15816)
* Remove broken 'defrag-on-read' optimization (CASSANDRA-15432)
* Check for endpoint collision with hibernating nodes (CASSANDRA-14599)
* Operational improvements and hardening for replica filtering protection (CASSANDRA-15907)
* stop_paranoid disk failure policy is ignored on CorruptSSTableException after node is up (CASSANDRA-15191)
* Forbid altering UDTs used in partition keys (CASSANDRA-15933)
* Fix empty/null json string representation (CASSANDRA-15896)
* 3.x fails to start if commit log has range tombstones from a column which is also deleted (CASSANDRA-15970)
* Handle difference in timestamp precision between java8 and java11 in LogFIle.java (CASSANDRA-16050)
Merged from 2.2:
* Fix CQL parsing of collections when the column type is reversed (CASSANDRA-15814)
* Only allow strings to be passed to JMX authentication (CASSANDRA-16077)
* Fix cqlsh output when fetching all rows in batch mode (CASSANDRA-15905)
* Upgrade Jackson to 2.9.10 (CASSANDRA-15867)
* Fix CQL formatting of read command restrictions for slow query log (CASSANDRA-15503)
* Allow sstableloader to use SSL on the native port (CASSANDRA-14904)
* Backport CASSANDRA-12189: escape string literals (CASSANDRA-15948)
* Avoid hinted handoff per-host throttle being arounded to 0 in large cluster (CASSANDRA-15859)
* Avoid emitting empty range tombstones from RangeTombstoneList (CASSANDRA-15924)
* Avoid thread starvation, and improve compare-and-swap performance, in the slab allocators (CASSANDRA-15922)
* Add token to tombstone warning and error messages (CASSANDRA-15890)
* Fixed range read concurrency factor computation and capped as 10 times tpc cores (CASSANDRA-15752)
* Catch exception on bootstrap resume and init native transport (CASSANDRA-15863)
* Fix replica-side filtering returning stale data with CL > ONE (CASSANDRA-8272, CASSANDRA-8273)
* Fix duplicated row on 2.x upgrades when multi-rows range tombstones interact with collection ones (CASSANDRA-15805)
* Rely on snapshotted session infos on StreamResultFuture.maybeComplete to avoid race conditions (CASSANDRA-15667)
* EmptyType doesn't override writeValue so could attempt to write bytes when expected not to (CASSANDRA-15790)
* Fix index queries on partition key columns when some partitions contains only static data (CASSANDRA-13666)
* Avoid creating duplicate rows during major upgrades (CASSANDRA-15789)
* liveDiskSpaceUsed and totalDiskSpaceUsed get corrupted if IndexSummaryRedistribution gets interrupted (CASSANDRA-15674)
* Fix Debian init start/stop (CASSANDRA-15770)
* Fix infinite loop on index query paging in tables with clustering (CASSANDRA-14242)
* Fix chunk index overflow due to large sstable with small chunk length (CASSANDRA-15595)
* Allow selecting static column only when querying static index (CASSANDRA-14242)
* cqlsh return non-zero status when STDIN CQL fails (CASSANDRA-15623)
* Don't skip sstables in slice queries based only on local min/max/deletion timestamp (CASSANDRA-15690)
* Memtable memory allocations may deadlock (CASSANDRA-15367)
* Run evictFromMembership in GossipStage (CASSANDRA-15592)
* Fix nomenclature of allow and deny lists (CASSANDRA-15862)
* Remove generated files from source artifact (CASSANDRA-15849)
* Remove duplicated tools binaries from tarballs (CASSANDRA-15768)
* Duplicate results with DISTINCT queries in mixed mode (CASSANDRA-15501)
* Disable JMX rebinding (CASSANDRA-15653)
* Fix writing of snapshot manifest when the table has table-backed secondary indexes (CASSANDRA-10968)
* Fix parse error in cqlsh COPY FROM and formatting for map of blobs (CASSANDRA-15679)
* Fix Commit log replays when static column clustering keys are collections (CASSANDRA-14365)
* Fix Red Hat init script on newer systemd versions (CASSANDRA-15273)
* Allow EXTRA_CLASSPATH to work on tar/source installations (CASSANDRA-15567)
* Fix bad UDT sstable metadata serialization headers written by C* 3.0 on upgrade and in sstablescrub (CASSANDRA-15035)
* Fix nodetool compactionstats showing extra pending task for TWCS - patch implemented (CASSANDRA-15409)
* Fix SELECT JSON formatting for the 'duration' type (CASSANDRA-15075)
* Fix LegacyLayout to have same behavior as 2.x when handling unknown column names (CASSANDRA-15081)
* Update nodetool help stop output (CASSANDRA-15401)
* Run in-jvm upgrade dtests in circleci (CASSANDRA-15506)
* Include updates to static column in mutation size calculations (CASSANDRA-15293)
* Fix point-in-time recoevery ignoring timestamp of updates to static columns (CASSANDRA-15292)
* GC logs are also put under $CASSANDRA_LOG_DIR (CASSANDRA-14306)
* Fix sstabledump's position key value when partitions have multiple rows (CASSANDRA-14721)
* Avoid over-scanning data directories in LogFile.verify() (CASSANDRA-15364)
* Bump generations and document changes to system_distributed and system_traces in 3.0, 3.11
(CASSANDRA-15441)
* Fix system_traces creation timestamp; optimise system keyspace upgrades (CASSANDRA-15398)
* Fix various data directory prefix matching issues (CASSANDRA-13974)
* Minimize clustering values in metadata collector (CASSANDRA-15400)
* Avoid over-trimming of results in mixed mode clusters (CASSANDRA-15405)
* validate value sizes in LegacyLayout (CASSANDRA-15373)
* Ensure that tracing doesn't break connections in 3.x/4.0 mixed mode by default (CASSANDRA-15385)
* Make sure index summary redistribution does not start when compactions are paused (CASSANDRA-15265)
* Ensure legacy rows have primary key livenessinfo when they contain illegal cells (CASSANDRA-15365)
* Fix race condition when setting bootstrap flags (CASSANDRA-14878)
* Fix NativeLibrary.tryOpenDirectory callers for Windows (CASSANDRA-15426)
* Fix SELECT JSON output for empty blobs (CASSANDRA-15435)
* In-JVM DTest: Set correct internode message version for upgrade test (CASSANDRA-15371)
* In-JVM DTest: Support NodeTool in dtest (CASSANDRA-15429)
* Fix NativeLibrary.tryOpenDirectory callers for Windows (CASSANDRA-15426)
* Fix SASI non-literal string comparisons (range operators) (CASSANDRA-15169)
* Make sure user defined compaction transactions are always closed (CASSANDRA-15123)
* Fix cassandra-env.sh to use $CASSANDRA_CONF to find cassandra-jaas.config (CASSANDRA-14305)
* Fixed nodetool cfstats printing index name twice (CASSANDRA-14903)
* Add flag to disable SASI indexes, and warnings on creation (CASSANDRA-14866)
* Add ability to cap max negotiable protocol version (CASSANDRA-15193)
* Gossip tokens on startup if available (CASSANDRA-15335)
* Fix resource leak in CompressedSequentialWriter (CASSANDRA-15340)
* Fix bad merge that reverted CASSANDRA-14993 (CASSANDRA-15289)
* Fix LegacyLayout RangeTombstoneList IndexOutOfBoundsException when upgrading and RangeTombstone bounds are asymmetric (CASSANDRA-15172)
* Fix NPE when using allocate_tokens_for_keyspace on new DC/rack (CASSANDRA-14952)
* Filter sstables earlier when running cleanup (CASSANDRA-15100)
* Use mean row count instead of mean column count for index selectivity calculation (CASSANDRA-15259)
* Avoid updating unchanged gossip states (CASSANDRA-15097)
* Prevent recreation of previously dropped columns with a different kind (CASSANDRA-14948)
* Prevent client requests from blocking on executor task queue (CASSANDRA-15013)
* Toughen up column drop/recreate type validations (CASSANDRA-15204)
* LegacyLayout should handle paging states that cross a collection column (CASSANDRA-15201)
* Prevent RuntimeException when username or password is empty/null (CASSANDRA-15198)
* Multiget thrift query returns null records after digest mismatch (CASSANDRA-14812)
* Skipping illegal legacy cells can break reverse iteration of indexed partitions (CASSANDRA-15178)
* Handle paging states serialized with a different version than the session's (CASSANDRA-15176)
* Throw IOE instead of asserting on unsupporter peer versions (CASSANDRA-15066)
* Update token metadata when handling MOVING/REMOVING_TOKEN events (CASSANDRA-15120)
* Add ability to customize cassandra log directory using $CASSANDRA_LOG_DIR (CASSANDRA-15090)
* Skip cells with illegal column names when reading legacy sstables (CASSANDRA-15086)
* Fix assorted gossip races and add related runtime checks (CASSANDRA-15059)
* Fix mixed mode partition range scans with limit (CASSANDRA-15072)
* cassandra-stress works with frozen collections: list and set (CASSANDRA-14907)
* Fix handling FS errors on writing and reading flat files - LogTransaction and hints (CASSANDRA-15053)
* Avoid double closing the iterator to avoid overcounting the number of requests (CASSANDRA-15058)
* Improve `nodetool status -r` speed (CASSANDRA-14847)
* Improve merkle tree size and time on heap (CASSANDRA-14096)
* Add missing commands to nodetool_completion (CASSANDRA-14916)
* Anti-compaction temporarily corrupts sstable state for readers (CASSANDRA-15004)
* Catch non-IOException in FileUtils.close to make sure that all resources are closed (CASSANDRA-15225)
* Handle exceptions during authentication/authorization (CASSANDRA-15041)
* Support cross version messaging in in-jvm upgrade dtests (CASSANDRA-15078)
* Fix index summary redistribution cancellation (CASSANDRA-15045)
* Fixing invalid CQL in security documentation (CASSANDRA-15020)
* Allow instance class loaders to be garbage collected for inJVM dtest (CASSANDRA-15170)
* Add support for network topology and query tracing for inJVM dtest (CASSANDRA-15319)
* Correct sstable sorting for garbagecollect and levelled compaction (CASSANDRA-14870)
* Severe concurrency issues in STCS,DTCS,TWCS,TMD.Topology,TypeParser
* Add a script to make running the cqlsh tests in cassandra repo easier (CASSANDRA-14951)
* If SizeEstimatesRecorder misses a 'onDropTable' notification, the size_estimates table will never be cleared for that table. (CASSANDRA-14905)
* Counters fail to increment in 2.1/2.2 to 3.X mixed version clusters (CASSANDRA-14958)
* Streaming needs to synchronise access to LifecycleTransaction (CASSANDRA-14554)
* Fix cassandra-stress write hang with default options (CASSANDRA-14616)
* Differentiate between slices and RTs when decoding legacy bounds (CASSANDRA-14919)
* Netty epoll IOExceptions caused by unclean client disconnects being logged at INFO (CASSANDRA-14909)
* Unfiltered.isEmpty conflicts with Row extends AbstractCollection.isEmpty (CASSANDRA-14588)
* RangeTombstoneList doesn't properly clean up mergeable or superseded rts in some cases (CASSANDRA-14894)
* Fix handling of collection tombstones for dropped columns from legacy sstables (CASSANDRA-14912)
* Throw exception if Columns serialized subset encode more columns than possible (CASSANDRA-14591)
* Drop/add column name with different Kind can result in corruption (CASSANDRA-14843)
* Fix missing rows when reading 2.1 SSTables with static columns in 3.0 (CASSANDRA-14873)
* Move TWCS message 'No compaction necessary for bucket size' to Trace level (CASSANDRA-14884)
* Sstable min/max metadata can cause data loss (CASSANDRA-14861)
* Dropped columns can cause reverse sstable iteration to return prematurely (CASSANDRA-14838)
* Legacy sstables with multi block range tombstones create invalid bound sequences (CASSANDRA-14823)
* Expand range tombstone validation checks to multiple interim request stages (CASSANDRA-14824)
* Reverse order reads can return incomplete results (CASSANDRA-14803)
* Avoid calling iter.next() in a loop when notifying indexers about range tombstones (CASSANDRA-14794)
* Fix purging semi-expired RT boundaries in reversed iterators (CASSANDRA-14672)
* DESC order reads can fail to return the last Unfiltered in the partition (CASSANDRA-14766)
* Fix corrupted collection deletions for dropped columns in 3.0 <-> 2.{1,2} messages (CASSANDRA-14568)
* Fix corrupted static collection deletions in 3.0 <-> 2.{1,2} messages (CASSANDRA-14568)
* Handle failures in parallelAllSSTableOperation (cleanup/upgradesstables/etc) (CASSANDRA-14657)
* Improve TokenMetaData cache populating performance avoid long locking (CASSANDRA-14660)
* Backport: Flush netty client messages immediately (not by default) (CASSANDRA-13651)
* Fix static column order for SELECT * wildcard queries (CASSANDRA-14638)
* sstableloader should use discovered broadcast address to connect intra-cluster (CASSANDRA-14522)
* Fix reading columns with non-UTF names from schema (CASSANDRA-14468)
* Don't enable client transports when bootstrap is pending (CASSANDRA-14525)
* MigrationManager attempts to pull schema from different major version nodes (CASSANDRA-14928)
* Fix incorrect cqlsh results when selecting same columns multiple times (CASSANDRA-13262)
* Returns null instead of NaN or Infinity in JSON strings (CASSANDRA-14377)
* Paged Range Slice queries with DISTINCT can drop rows from results (CASSANDRA-14956)
Changes in crowbar-openstack:
- Update to version 6.0+git.1616146717.a89ae0f4e:
* monasca: restart Kibana on update (bsc#1044849)
Changes in grafana
- Add CVE-2021-27358.patch (bsc#1183803, CVE-2021-27358)
* Prevent unauthenticated remote attackers from causing a DoS through the
snapshots API.
Changes in kibana:
- Ensure /etc/sysconfig/kibana is present
- Update to Kibana 4.6.6 (bsc#1044849, CVE-2017-11499, ESA-2017-14, ESA-2017-16)
* [4.6] ignore forked code for babel transpile build phase (#13483)
* Allow more than match queries in custom filters (#8614) (#10857)
* [state] don't make extra $location.replace() calls (#9954)
* [optimizer] move to querystring-browser package for up-to-date api
* [state/unhashUrl] use encode-uri-query to generate cleanly encoded urls
* server: refactor log_interceptor to be more DRY (#9617)
* server: downgrade ECANCELED logs to debug (#9616)
* server: do not treat logged warnings as errors (#8746) (#9610)
* [server/logger] downgrade EPIPE errors to debug level (#9023)
* Add basepath when redirecting from a trailling slash (#9035)
* [es/kibanaIndex] use unmapped_type rather than ignore_unmapped (#8968)
* [server/shortUrl] validate urls before shortening them
- Add CVE-2017-11481.patch (bsc#1044849, CVE-2017-11481)
* This fixes an XSS vulnerability in URL fields
- Remove %dir declaration from /opt/kibana/optimize to ensure
no files owned by root end up in there
- Exclude /opt/kibana/optimize from %fdupes
- Restart service on upgrade
- Do not copy LICENSE.txt and README.txt to /opt/kibana
- Fix rpmlint warnings/errors
- Switch to explicit patch application
- Fix source URL
- Fix logic for systemd/systemv detection
- Add 0001-Configurable-custom-response-headers-for-server.patch
(bsc#1171909, CVE-2020-10743)
- Added kibana.yml symlink (bsc#1048688, FATE#323204)
Changes in openstack-dashboard:
- Update to version horizon-14.1.1.dev11:
* Consume tempest-horizon from PyPI release
Changes in openstack-ironic:
- Update to version ironic-11.1.5.dev17:
* Remove lower-constraints job
Changes in openstack-ironic:
- Update to version ironic-11.1.5.dev17:
* Remove lower-constraints job
Changes in openstack-neutron:
- Update to version neutron-13.0.8.dev164:
* Schedule networks to new segments if needed
- Update to version neutron-13.0.8.dev162:
* Fix invalid JSON generated by quota details
- Update to version neutron-13.0.8.dev160:
* Fix deletion of rfp interfaces when router is re-enabled
- Update to version neutron-13.0.8.dev159:
* [OVS FW] Allow egress ICMPv6 only for know addresses
* [OVS FW] Clean conntrack entries with mark == CT\_MARK\_INVALID
- Update to version neutron-13.0.8.dev155:
* Fix removal of dvr-src mac flows when non-gateway port on router is deleted
- Update to version neutron-13.0.8.dev153:
* Add some wait time between stopping and starting again ovsdb monitor
* Workaround for TCP checksum issue with ovs-dpdk and veth pair
- Update to version neutron-13.0.8.dev149:
* Fix wrong packet\_type set for IPv6 GRE tunnels in OVS
- Update to version neutron-13.0.8.dev148:
* Fix losses of ovs flows when ovs is restarted
Changes in openstack-neutron:
- Update to version neutron-13.0.8.dev164:
* Schedule networks to new segments if needed
- Update to version neutron-13.0.8.dev162:
* Fix invalid JSON generated by quota details
- Update to version neutron-13.0.8.dev160:
* Fix deletion of rfp interfaces when router is re-enabled
- Update to version neutron-13.0.8.dev159:
* [OVS FW] Allow egress ICMPv6 only for know addresses
* [OVS FW] Clean conntrack entries with mark == CT\_MARK\_INVALID
- Update to version neutron-13.0.8.dev155:
* Fix removal of dvr-src mac flows when non-gateway port on router is deleted
- Update to version neutron-13.0.8.dev153:
* Add some wait time between stopping and starting again ovsdb monitor
* Workaround for TCP checksum issue with ovs-dpdk and veth pair
- Update to version neutron-13.0.8.dev149:
* Fix wrong packet\_type set for IPv6 GRE tunnels in OVS
- Update to version neutron-13.0.8.dev148:
* Fix losses of ovs flows when ovs is restarted
Changes in openstack-neutron-gbp:
- Update to version group-based-policy-12.0.1.dev29:
* gbp-validate: Tenant and resource level scoping
2014.2.0rc1
- Update to version group-based-policy-12.0.1.dev27:
* Import data\_utils from the new location
- Update to version group-based-policy-12.0.1.dev26:
* Add SNAT port's Mac Address to the host\_snat\_ips dictionary
- Update to version group-based-policy-12.0.1.dev25:
* Add support for victoria
2014.2.rc1
- Update to version group-based-policy-12.0.1.dev24:
* Fix deletion of SVI networks
- Update to version group-based-policy-12.0.1.dev23:
* Allow per-port qos configuration on dhcp port
2014.2rc1
- Update to version group-based-policy-12.0.1.dev22:
* Add connectivity parameter to driver
* [AIM] Fix ERSPAN extension
2014.2.rc1
- Update to version group-based-policy-12.0.1.dev19:
* Fix exception with cleanup
2014.2.0rc1
- Update to version group-based-policy-12.0.1.dev18:
* Add workaround to get\_subnets
Changes in openstack-nova:
- Update to version nova-18.3.1.dev82:
* [stable-only] gate: Pin CEPH\_RELEASE to nautilus in LM hook
* Change default num\_retries for glance to 3
Changes in openstack-nova:
- Update to version nova-18.3.1.dev82:
* [stable-only] gate: Pin CEPH\_RELEASE to nautilus in LM hook
* Change default num\_retries for glance to 3
Changes in python-Django1:
- Add CVE-2021-33203.patch (bsc#1186608, CVE-2021-33203)
* Fixed potential path-traversal via admindocs' TemplateDetailView.
- Add CVE-2021-33571.patch (bsc#1186611, CVE-2021-33571)
* Prevented leading zeros in IPv4 addresses.
- Add CVE-2021-31542.patch (bsc#1185623, CVE-2021-31542)
* Fixed CVE-2021-31542 -- Tightened path and file name sanitation in file
uploads.
- Add CVE-2021-28658.patch (bsc#1184148, CVE-2021-28658)
* Fixed potential directory-traversal via uploaded files
- Add CVE-2021-23336.patch (bsc#1182433, CVE-2021-23336)
* Fixed web cache poisoning via django.utils.http.limited_parse_qsl()
Changes in python-py:
- Add CVE-2020-29651.patch ((bsc#1179805, CVE-2020-29651)
* svnwc: fix regular expression vulnerable to DoS in blame
functionality
Changes in python-pysaml2:
- Fix patches (SOC-11453)
* 0005-Fix-CVE-2021-21238-SAML-XML-Signature-wrapping.patch
- rename saml2.xml to saml2.samlxml to avoid overriding
the xml module in the system module path
- add missing __init__.py files
- add missing saml2/data package to setup.py
* 0007-Make-previous-commits-python2-compatible.patch so as not to
- Adjust to saml2.xml to saml2.samlxml changes
- Fix a few more syntax errors and Python2-isms.
- Fix CVE-2021-21238, bsc#1181277 with
0002-Strengthen-XSW-tests.patch ,
0003-Fix-the-parser-to-not-break-on-ePTID-AttributeValues.patch ,
0004-Add-xsd-schemas.patch ,
0005-Fix-CVE-2021-21238-SAML-XML-Signature-wrapping.patch .
This adds a dependency on python-xmlschema, which depends on
python-elementpath, thus both need to be added for this to work.
The used python-xmlschema needs to support the sandbox argument
which was added in 1.2.0 and refined in 1.2.1, but that version
doesn't support python2, so a patched version that does both is
needed.
Add 0007-Make-previous-commits-python2-compatible.patch to
not add a dependency on reportlib_resources and make other
changes python2 compatible.
. Fix CVE-2021-21239, bsc#1181278 with
0006-Fix-CVE-2021-21239-Restrict-the-key-data-that-xmlsec.patch
Changes in python-xmlschema:
- Add 3 patches to backport sandbox argument, which is needed by a security fix
in python-pysaml2 and one patch to make backport python2 compatible.
- Upstream url changed
- Add rpmlintrc to make it work on Leap 42.3
- Update to 1.0.18:
* Fix for *ModelVisitor.iter_unordered_content()*
* Fixed default converter, AbderaConverter and JsonMLConverter for xs:anyType decode
* Fixed validation tests with all converters
* Added UnorderedConverter to validation tests
- Update to 1.0.17:
* Enhancement of validation-only speed (~15%)
* Added *is_valid()* and *iter_errors()* to module API
- Update to 1.0.16:
* Improved XMLResource class for working with compressed files
* Fix for validation with XSD wildcards and 'lax' process content
* Fix ambiguous items validation for xs:choice and xs:sequence models
- Handle UnicodeDecodeErrors during build process
- Update to 1.0.15:
* Improved XPath 2.0 bindings
* Added logging for schema initialization and building (handled with argument loglevel)
* Update encoding of collapsed contents with a new model based reordering method
* Removed XLink namespace from meta-schema (loaded from a fallback location like XHTML)
* Fixed half of failed W3C instance tests (remain 255 over 15344 tests)
- Initial commit, needed by pytest 5.1.2
Changes in python-elementpath:
- Update to 1.3.1:
* Improved schema proxy
* Improved XSD type matching using paths
* Cached parent path for XPathContext (only Python 3)
* Improve typed selection with TypedAttribute and TypedElement named-tuples
* Add iter_results to XPathContext
* Remove XMLSchemaProxy from package
* Fix descendant shortcut operator '//'
* Fix text() function
* Fix typed select of '(name)' token
* Fix 24-hour time for DateTime
- Skip test_hashing to fix 32bit builds
- Initial commit needed by python-xmlschema
Changes in rubygem-activerecord-session_store:
- added CVE-2019-25025.patch (CVE-2019-25025, bsc#1183174)
* This requires CVE-2019-16782.patch to be included in
rubygem-actionpack-4_2 to work correctly.
Changes in venv-openstack-keystone
- Add python-xmlschema and python-elementpath for new python-pysaml2 version.
Patchnames
SUSE-2021-1962,SUSE-OpenStack-Cloud-9-2021-1962,SUSE-OpenStack-Cloud-Crowbar-9-2021-1962
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "moderate", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Security update for ardana-neutron, ardana-swift, cassandra, crowbar-openstack, grafana, kibana, openstack-dashboard, openstack-ironic, openstack-neutron, openstack-neutron-gbp, openstack-nova, python-Django1, python-py, python-pysaml2, python-xmlschema, rubygem-activerecord-session_store, venv-openstack-keystone", title: "Title of the patch", }, { category: "description", text: "This update for ardana-neutron, ardana-swift, cassandra, crowbar-openstack, grafana, kibana, openstack-dashboard, openstack-ironic, openstack-neutron, openstack-neutron-gbp, openstack-nova, python-Django1, python-py, python-pysaml2, python-xmlschema, rubygem-activerecord-session_store, venv-openstack-keystone contains the following fixes:\n\nSecurity fixes included in this update:\n\ncassandra:\n- CVE-2020-17516: Fixed an issue where encryption between nodes was not enforced\n correctly for certain internode_encryption settings (bsc#1181689)\n\ngrafana:\n- CVE-2018-18623, CVE-2018-18624, CVE-2018-18625: Fixed multiple cross\n site scripting vulnerabilities in the dashboard. (bsc#1172450)\n- CVE-2021-27358: Fixed a denial of service via remote API call. (bsc#1183803)\n- CVE-2019-15043: Fixed a denial of service by an unauthenticated user\n in the snapshot HTTP API (bsc#1148383)\n- CVE-2020-13379: Fixed an information leak to unauthenticated users. (bsc#1172409)\n- CVE-2020-12052: Fixed a cross site scripting vulnerability with the annotation\n popup (bsc#1170657)\n- CVE-2018-19039: Fixed an issue where a privileged user could\n exfiltrate files (bsc#1115960)\n- CVE-2020-11110: Fixed a stored cross site scripting vulnerability. (bsc#1174583)\n- CVE-2020-24303: Fixed a cross site scripting vulnerability in a query alias for\n ElasticSearch datasources (bsc#1178243)\n\nkibana:\n- CVE-2017-11499: Fixed a vulnerability in nodejs, related to the HashTable\n implementation, which could cause a denial of service. (bsc#1044849)\n- CVE-2017-11481: Fixed a cross site scripting vulnerability via via URL fields.\n (bsc#1044849)\n- CVE-2020-10743: Fixed a clickjacking issue because X-Frame-Option was not used\n by default. (bsc#1171909)\n\npython-Django:\n- CVE-2021-23336: Fixed a web cache poisoning via django.utils.http.limited_parse_qsl().\n (bsc#1182433)\n- CVE-2021-28658: Fixed a directory traversal via uploaded files. (bsc#1184148)\n- CVE-2021-31542: Fixed a directory traversal via uploaded files with suitably crafted\n file names. (bsc#1185623)\n- CVE-2021-33203: Fixed potential path-traversal via admindocs' TemplateDetailView.\n (bsc#1186608)\n- CVE-2021-33571: Tighten validator checks to not allow leading zeros in IPv4 addresses,\n which potentially leads to further attacks. (bsc#1186611)\n\npython-py:\n- CVE-2020-29651: Fixed a denial of service via regular expressions. (bsc#1179805)\n\npython-pysaml2:\n- CVE-2021-21238: Fixed improper verification of cryptographic signatures for signed\n SAML documents. (bsc#1181277)\n- CVE-2021-21239: Fixed improper verification of cryptographic signatures when using\n CryptoBackendXmlSec1(). (bsc#1181278)\n\nrubygem-activerecord-session_store:\n- CVE-2019-25025: Fixed a timing attacks targeting the session id which could allow\n an attack to hijack sessions. (bsc#1183174)\n\n\nNon-security changes included in this update:\n\nChanges in ardana-neutron:\n- Update to version 9.0+git.1615223676.777f0b3:\n * Allow users to stop monitoring rootwrap daemon (bsc#1182317)\n\nChanges in ardana-swift:\n- Update to version 9.0+git.1618235096.90974ed:\n * Run swiftlm-scan in the UTC timezone (bsc#1181690)\n\nChanges in cassandra:\n- update to 3.11.10 (bsc#1181689, CVE-2020-17516) \n * Fix digest computation for queries with fetched but non queried columns (CASSANDRA-15962)\n * Reduce amount of allocations during batch statement execution (CASSANDRA-16201)\n * Update jflex-1.6.0.jar to match upstream (CASSANDRA-16393)\n * Fix DecimalDeserializer#toString OOM (CASSANDRA-14925)\n * Rate limit validation compactions using compaction_throughput_mb_per_sec (CASSANDRA-16161)\n * SASI's `max_compaction_flush_memory_in_mb` settings over 100GB revert to default of 1GB (CASSANDRA-16071)\n * Prevent unbounded number of pending flushing tasks (CASSANDRA-16261)\n * Improve empty hint file handling during startup (CASSANDRA-16162)\n * Allow empty string in collections with COPY FROM in cqlsh (CASSANDRA-16372)\n * Fix skipping on pre-3.0 created compact storage sstables due to missing primary key liveness (CASSANDRA-16226)\n * Extend the exclusion of replica filtering protection to other indices instead of just SASI (CASSANDRA-16311)\n * Synchronize transaction logs for JBOD (CASSANDRA-16225)\n * Fix the counting of cells per partition (CASSANDRA-16259)\n * Fix serial read/non-applying CAS linearizability (CASSANDRA-12126)\n * Avoid potential NPE in JVMStabilityInspector (CASSANDRA-16294)\n * Improved check of num_tokens against the length of initial_token (CASSANDRA-14477)\n * Fix a race condition on ColumnFamilyStore and TableMetrics (CASSANDRA-16228)\n * Remove the SEPExecutor blocking behavior (CASSANDRA-16186)\n * Fix invalid cell value skipping when reading from disk (CASSANDRA-16223)\n * Prevent invoking enable/disable gossip when not in NORMAL (CASSANDRA-16146)\n * Wait for schema agreement when bootstrapping (CASSANDRA-15158)\n * Fix the histogram merge of the table metrics (CASSANDRA-16259)\n * Synchronize Keyspace instance store/clear (CASSANDRA-16210)\n * Fix ColumnFilter to avoid querying cells of unselected complex columns (CASSANDRA-15977)\n * Fix memory leak in CompressedChunkReader (CASSANDRA-15880)\n * Don't attempt value skipping with mixed version cluster (CASSANDRA-15833)\n * Avoid failing compactions with very large partitions (CASSANDRA-15164)\n * Make sure LCS handles duplicate sstable added/removed notifications correctly (CASSANDRA-14103)\n * Fix OOM when terminating repair session (CASSANDRA-15902)\n * Avoid marking shutting down nodes as up after receiving gossip shutdown message (CASSANDRA-16094)\n * Check SSTables for latest version before dropping compact storage (CASSANDRA-16063)\n * Handle unexpected columns due to schema races (CASSANDRA-15899)\n * Add flag to ignore unreplicated keyspaces during repair (CASSANDRA-15160)\n * Package tools/bin scripts as executable (CASSANDRA-16151)\n * Fixed a NullPointerException when calling nodetool enablethrift (CASSANDRA-16127)\n * Correctly interpret SASI's `max_compaction_flush_memory_in_mb` setting in megabytes not bytes (CASSANDRA-16071)\n * Fix short read protection for GROUP BY queries (CASSANDRA-15459)\n * Frozen RawTuple is not annotated with frozen in the toString method (CASSANDRA-15857)\nMerged from 3.0:\n * Use IF NOT EXISTS for index and UDT create statements in snapshot schema files (CASSANDRA-13935)\n * Fix gossip shutdown order (CASSANDRA-15816)\n * Remove broken 'defrag-on-read' optimization (CASSANDRA-15432)\n * Check for endpoint collision with hibernating nodes (CASSANDRA-14599)\n * Operational improvements and hardening for replica filtering protection (CASSANDRA-15907)\n * stop_paranoid disk failure policy is ignored on CorruptSSTableException after node is up (CASSANDRA-15191)\n * Forbid altering UDTs used in partition keys (CASSANDRA-15933)\n * Fix empty/null json string representation (CASSANDRA-15896)\n * 3.x fails to start if commit log has range tombstones from a column which is also deleted (CASSANDRA-15970)\n * Handle difference in timestamp precision between java8 and java11 in LogFIle.java (CASSANDRA-16050)\nMerged from 2.2:\n * Fix CQL parsing of collections when the column type is reversed (CASSANDRA-15814)\n * Only allow strings to be passed to JMX authentication (CASSANDRA-16077)\n * Fix cqlsh output when fetching all rows in batch mode (CASSANDRA-15905)\n * Upgrade Jackson to 2.9.10 (CASSANDRA-15867)\n * Fix CQL formatting of read command restrictions for slow query log (CASSANDRA-15503)\n * Allow sstableloader to use SSL on the native port (CASSANDRA-14904)\n * Backport CASSANDRA-12189: escape string literals (CASSANDRA-15948)\n * Avoid hinted handoff per-host throttle being arounded to 0 in large cluster (CASSANDRA-15859)\n * Avoid emitting empty range tombstones from RangeTombstoneList (CASSANDRA-15924)\n * Avoid thread starvation, and improve compare-and-swap performance, in the slab allocators (CASSANDRA-15922)\n * Add token to tombstone warning and error messages (CASSANDRA-15890)\n * Fixed range read concurrency factor computation and capped as 10 times tpc cores (CASSANDRA-15752)\n * Catch exception on bootstrap resume and init native transport (CASSANDRA-15863)\n * Fix replica-side filtering returning stale data with CL > ONE (CASSANDRA-8272, CASSANDRA-8273)\n * Fix duplicated row on 2.x upgrades when multi-rows range tombstones interact with collection ones (CASSANDRA-15805)\n * Rely on snapshotted session infos on StreamResultFuture.maybeComplete to avoid race conditions (CASSANDRA-15667)\n * EmptyType doesn't override writeValue so could attempt to write bytes when expected not to (CASSANDRA-15790)\n * Fix index queries on partition key columns when some partitions contains only static data (CASSANDRA-13666)\n * Avoid creating duplicate rows during major upgrades (CASSANDRA-15789)\n * liveDiskSpaceUsed and totalDiskSpaceUsed get corrupted if IndexSummaryRedistribution gets interrupted (CASSANDRA-15674)\n * Fix Debian init start/stop (CASSANDRA-15770)\n * Fix infinite loop on index query paging in tables with clustering (CASSANDRA-14242)\n * Fix chunk index overflow due to large sstable with small chunk length (CASSANDRA-15595)\n * Allow selecting static column only when querying static index (CASSANDRA-14242)\n * cqlsh return non-zero status when STDIN CQL fails (CASSANDRA-15623)\n * Don't skip sstables in slice queries based only on local min/max/deletion timestamp (CASSANDRA-15690)\n * Memtable memory allocations may deadlock (CASSANDRA-15367)\n * Run evictFromMembership in GossipStage (CASSANDRA-15592)\n * Fix nomenclature of allow and deny lists (CASSANDRA-15862)\n * Remove generated files from source artifact (CASSANDRA-15849)\n * Remove duplicated tools binaries from tarballs (CASSANDRA-15768)\n * Duplicate results with DISTINCT queries in mixed mode (CASSANDRA-15501)\n * Disable JMX rebinding (CASSANDRA-15653)\n * Fix writing of snapshot manifest when the table has table-backed secondary indexes (CASSANDRA-10968)\n * Fix parse error in cqlsh COPY FROM and formatting for map of blobs (CASSANDRA-15679)\n * Fix Commit log replays when static column clustering keys are collections (CASSANDRA-14365)\n * Fix Red Hat init script on newer systemd versions (CASSANDRA-15273)\n * Allow EXTRA_CLASSPATH to work on tar/source installations (CASSANDRA-15567)\n * Fix bad UDT sstable metadata serialization headers written by C* 3.0 on upgrade and in sstablescrub (CASSANDRA-15035)\n * Fix nodetool compactionstats showing extra pending task for TWCS - patch implemented (CASSANDRA-15409)\n * Fix SELECT JSON formatting for the 'duration' type (CASSANDRA-15075)\n * Fix LegacyLayout to have same behavior as 2.x when handling unknown column names (CASSANDRA-15081)\n * Update nodetool help stop output (CASSANDRA-15401)\n * Run in-jvm upgrade dtests in circleci (CASSANDRA-15506)\n * Include updates to static column in mutation size calculations (CASSANDRA-15293)\n * Fix point-in-time recoevery ignoring timestamp of updates to static columns (CASSANDRA-15292)\n * GC logs are also put under $CASSANDRA_LOG_DIR (CASSANDRA-14306)\n * Fix sstabledump's position key value when partitions have multiple rows (CASSANDRA-14721)\n * Avoid over-scanning data directories in LogFile.verify() (CASSANDRA-15364)\n * Bump generations and document changes to system_distributed and system_traces in 3.0, 3.11\n (CASSANDRA-15441)\n * Fix system_traces creation timestamp; optimise system keyspace upgrades (CASSANDRA-15398)\n * Fix various data directory prefix matching issues (CASSANDRA-13974)\n * Minimize clustering values in metadata collector (CASSANDRA-15400)\n * Avoid over-trimming of results in mixed mode clusters (CASSANDRA-15405)\n * validate value sizes in LegacyLayout (CASSANDRA-15373)\n * Ensure that tracing doesn't break connections in 3.x/4.0 mixed mode by default (CASSANDRA-15385)\n * Make sure index summary redistribution does not start when compactions are paused (CASSANDRA-15265)\n * Ensure legacy rows have primary key livenessinfo when they contain illegal cells (CASSANDRA-15365)\n * Fix race condition when setting bootstrap flags (CASSANDRA-14878)\n * Fix NativeLibrary.tryOpenDirectory callers for Windows (CASSANDRA-15426)\n * Fix SELECT JSON output for empty blobs (CASSANDRA-15435)\n * In-JVM DTest: Set correct internode message version for upgrade test (CASSANDRA-15371)\n * In-JVM DTest: Support NodeTool in dtest (CASSANDRA-15429)\n * Fix NativeLibrary.tryOpenDirectory callers for Windows (CASSANDRA-15426)\n * Fix SASI non-literal string comparisons (range operators) (CASSANDRA-15169)\n * Make sure user defined compaction transactions are always closed (CASSANDRA-15123)\n * Fix cassandra-env.sh to use $CASSANDRA_CONF to find cassandra-jaas.config (CASSANDRA-14305)\n * Fixed nodetool cfstats printing index name twice (CASSANDRA-14903)\n * Add flag to disable SASI indexes, and warnings on creation (CASSANDRA-14866)\n * Add ability to cap max negotiable protocol version (CASSANDRA-15193)\n * Gossip tokens on startup if available (CASSANDRA-15335)\n * Fix resource leak in CompressedSequentialWriter (CASSANDRA-15340)\n * Fix bad merge that reverted CASSANDRA-14993 (CASSANDRA-15289)\n * Fix LegacyLayout RangeTombstoneList IndexOutOfBoundsException when upgrading and RangeTombstone bounds are asymmetric (CASSANDRA-15172)\n * Fix NPE when using allocate_tokens_for_keyspace on new DC/rack (CASSANDRA-14952)\n * Filter sstables earlier when running cleanup (CASSANDRA-15100)\n * Use mean row count instead of mean column count for index selectivity calculation (CASSANDRA-15259)\n * Avoid updating unchanged gossip states (CASSANDRA-15097)\n * Prevent recreation of previously dropped columns with a different kind (CASSANDRA-14948)\n * Prevent client requests from blocking on executor task queue (CASSANDRA-15013)\n * Toughen up column drop/recreate type validations (CASSANDRA-15204)\n * LegacyLayout should handle paging states that cross a collection column (CASSANDRA-15201)\n * Prevent RuntimeException when username or password is empty/null (CASSANDRA-15198)\n * Multiget thrift query returns null records after digest mismatch (CASSANDRA-14812)\n * Skipping illegal legacy cells can break reverse iteration of indexed partitions (CASSANDRA-15178)\n * Handle paging states serialized with a different version than the session's (CASSANDRA-15176)\n * Throw IOE instead of asserting on unsupporter peer versions (CASSANDRA-15066)\n * Update token metadata when handling MOVING/REMOVING_TOKEN events (CASSANDRA-15120)\n * Add ability to customize cassandra log directory using $CASSANDRA_LOG_DIR (CASSANDRA-15090)\n * Skip cells with illegal column names when reading legacy sstables (CASSANDRA-15086)\n * Fix assorted gossip races and add related runtime checks (CASSANDRA-15059)\n * Fix mixed mode partition range scans with limit (CASSANDRA-15072)\n * cassandra-stress works with frozen collections: list and set (CASSANDRA-14907)\n * Fix handling FS errors on writing and reading flat files - LogTransaction and hints (CASSANDRA-15053)\n * Avoid double closing the iterator to avoid overcounting the number of requests (CASSANDRA-15058)\n * Improve `nodetool status -r` speed (CASSANDRA-14847)\n * Improve merkle tree size and time on heap (CASSANDRA-14096)\n * Add missing commands to nodetool_completion (CASSANDRA-14916)\n * Anti-compaction temporarily corrupts sstable state for readers (CASSANDRA-15004)\n * Catch non-IOException in FileUtils.close to make sure that all resources are closed (CASSANDRA-15225)\n * Handle exceptions during authentication/authorization (CASSANDRA-15041)\n * Support cross version messaging in in-jvm upgrade dtests (CASSANDRA-15078)\n * Fix index summary redistribution cancellation (CASSANDRA-15045)\n * Fixing invalid CQL in security documentation (CASSANDRA-15020)\n * Allow instance class loaders to be garbage collected for inJVM dtest (CASSANDRA-15170)\n * Add support for network topology and query tracing for inJVM dtest (CASSANDRA-15319)\n * Correct sstable sorting for garbagecollect and levelled compaction (CASSANDRA-14870)\n * Severe concurrency issues in STCS,DTCS,TWCS,TMD.Topology,TypeParser\n * Add a script to make running the cqlsh tests in cassandra repo easier (CASSANDRA-14951)\n * If SizeEstimatesRecorder misses a 'onDropTable' notification, the size_estimates table will never be cleared for that table. (CASSANDRA-14905)\n * Counters fail to increment in 2.1/2.2 to 3.X mixed version clusters (CASSANDRA-14958)\n * Streaming needs to synchronise access to LifecycleTransaction (CASSANDRA-14554)\n * Fix cassandra-stress write hang with default options (CASSANDRA-14616)\n * Differentiate between slices and RTs when decoding legacy bounds (CASSANDRA-14919)\n * Netty epoll IOExceptions caused by unclean client disconnects being logged at INFO (CASSANDRA-14909)\n * Unfiltered.isEmpty conflicts with Row extends AbstractCollection.isEmpty (CASSANDRA-14588)\n * RangeTombstoneList doesn't properly clean up mergeable or superseded rts in some cases (CASSANDRA-14894)\n * Fix handling of collection tombstones for dropped columns from legacy sstables (CASSANDRA-14912)\n * Throw exception if Columns serialized subset encode more columns than possible (CASSANDRA-14591)\n * Drop/add column name with different Kind can result in corruption (CASSANDRA-14843)\n * Fix missing rows when reading 2.1 SSTables with static columns in 3.0 (CASSANDRA-14873)\n * Move TWCS message 'No compaction necessary for bucket size' to Trace level (CASSANDRA-14884)\n * Sstable min/max metadata can cause data loss (CASSANDRA-14861)\n * Dropped columns can cause reverse sstable iteration to return prematurely (CASSANDRA-14838)\n * Legacy sstables with multi block range tombstones create invalid bound sequences (CASSANDRA-14823)\n * Expand range tombstone validation checks to multiple interim request stages (CASSANDRA-14824)\n * Reverse order reads can return incomplete results (CASSANDRA-14803)\n * Avoid calling iter.next() in a loop when notifying indexers about range tombstones (CASSANDRA-14794)\n * Fix purging semi-expired RT boundaries in reversed iterators (CASSANDRA-14672)\n * DESC order reads can fail to return the last Unfiltered in the partition (CASSANDRA-14766)\n * Fix corrupted collection deletions for dropped columns in 3.0 <-> 2.{1,2} messages (CASSANDRA-14568)\n * Fix corrupted static collection deletions in 3.0 <-> 2.{1,2} messages (CASSANDRA-14568)\n * Handle failures in parallelAllSSTableOperation (cleanup/upgradesstables/etc) (CASSANDRA-14657)\n * Improve TokenMetaData cache populating performance avoid long locking (CASSANDRA-14660)\n * Backport: Flush netty client messages immediately (not by default) (CASSANDRA-13651)\n * Fix static column order for SELECT * wildcard queries (CASSANDRA-14638)\n * sstableloader should use discovered broadcast address to connect intra-cluster (CASSANDRA-14522)\n * Fix reading columns with non-UTF names from schema (CASSANDRA-14468)\n * Don't enable client transports when bootstrap is pending (CASSANDRA-14525)\n * MigrationManager attempts to pull schema from different major version nodes (CASSANDRA-14928)\n * Fix incorrect cqlsh results when selecting same columns multiple times (CASSANDRA-13262)\n * Returns null instead of NaN or Infinity in JSON strings (CASSANDRA-14377)\n * Paged Range Slice queries with DISTINCT can drop rows from results (CASSANDRA-14956)\n\nChanges in crowbar-openstack:\n- Update to version 6.0+git.1616146717.a89ae0f4e:\n * monasca: restart Kibana on update (bsc#1044849)\n\nChanges in grafana\n- Add CVE-2021-27358.patch (bsc#1183803, CVE-2021-27358)\n * Prevent unauthenticated remote attackers from causing a DoS through the\n snapshots API.\n\nChanges in kibana:\n- Ensure /etc/sysconfig/kibana is present\n\n- Update to Kibana 4.6.6 (bsc#1044849, CVE-2017-11499, ESA-2017-14, ESA-2017-16)\n * [4.6] ignore forked code for babel transpile build phase (#13483)\n * Allow more than match queries in custom filters (#8614) (#10857)\n * [state] don't make extra $location.replace() calls (#9954)\n * [optimizer] move to querystring-browser package for up-to-date api\n * [state/unhashUrl] use encode-uri-query to generate cleanly encoded urls\n * server: refactor log_interceptor to be more DRY (#9617)\n * server: downgrade ECANCELED logs to debug (#9616)\n * server: do not treat logged warnings as errors (#8746) (#9610)\n * [server/logger] downgrade EPIPE errors to debug level (#9023)\n * Add basepath when redirecting from a trailling slash (#9035)\n * [es/kibanaIndex] use unmapped_type rather than ignore_unmapped (#8968)\n * [server/shortUrl] validate urls before shortening them\n- Add CVE-2017-11481.patch (bsc#1044849, CVE-2017-11481)\n * This fixes an XSS vulnerability in URL fields\n- Remove %dir declaration from /opt/kibana/optimize to ensure\n no files owned by root end up in there\n- Exclude /opt/kibana/optimize from %fdupes\n- Restart service on upgrade\n- Do not copy LICENSE.txt and README.txt to /opt/kibana\n- Fix rpmlint warnings/errors\n- Switch to explicit patch application\n- Fix source URL\n- Fix logic for systemd/systemv detection\n\n- Add 0001-Configurable-custom-response-headers-for-server.patch\n (bsc#1171909, CVE-2020-10743)\n\n- Added kibana.yml symlink (bsc#1048688, FATE#323204)\nChanges in openstack-dashboard:\n- Update to version horizon-14.1.1.dev11:\n * Consume tempest-horizon from PyPI release\n\nChanges in openstack-ironic:\n- Update to version ironic-11.1.5.dev17:\n * Remove lower-constraints job\n\nChanges in openstack-ironic:\n- Update to version ironic-11.1.5.dev17:\n * Remove lower-constraints job\n\nChanges in openstack-neutron:\n- Update to version neutron-13.0.8.dev164:\n * Schedule networks to new segments if needed\n\n- Update to version neutron-13.0.8.dev162:\n * Fix invalid JSON generated by quota details\n\n- Update to version neutron-13.0.8.dev160:\n * Fix deletion of rfp interfaces when router is re-enabled\n\n- Update to version neutron-13.0.8.dev159:\n * [OVS FW] Allow egress ICMPv6 only for know addresses\n * [OVS FW] Clean conntrack entries with mark == CT\\_MARK\\_INVALID\n\n- Update to version neutron-13.0.8.dev155:\n * Fix removal of dvr-src mac flows when non-gateway port on router is deleted\n\n- Update to version neutron-13.0.8.dev153:\n * Add some wait time between stopping and starting again ovsdb monitor\n * Workaround for TCP checksum issue with ovs-dpdk and veth pair\n\n- Update to version neutron-13.0.8.dev149:\n * Fix wrong packet\\_type set for IPv6 GRE tunnels in OVS\n\n- Update to version neutron-13.0.8.dev148:\n * Fix losses of ovs flows when ovs is restarted\n\nChanges in openstack-neutron:\n- Update to version neutron-13.0.8.dev164:\n * Schedule networks to new segments if needed\n\n- Update to version neutron-13.0.8.dev162:\n * Fix invalid JSON generated by quota details\n\n- Update to version neutron-13.0.8.dev160:\n * Fix deletion of rfp interfaces when router is re-enabled\n\n- Update to version neutron-13.0.8.dev159:\n * [OVS FW] Allow egress ICMPv6 only for know addresses\n * [OVS FW] Clean conntrack entries with mark == CT\\_MARK\\_INVALID\n\n- Update to version neutron-13.0.8.dev155:\n * Fix removal of dvr-src mac flows when non-gateway port on router is deleted\n\n- Update to version neutron-13.0.8.dev153:\n * Add some wait time between stopping and starting again ovsdb monitor\n * Workaround for TCP checksum issue with ovs-dpdk and veth pair\n\n- Update to version neutron-13.0.8.dev149:\n * Fix wrong packet\\_type set for IPv6 GRE tunnels in OVS\n\n- Update to version neutron-13.0.8.dev148:\n * Fix losses of ovs flows when ovs is restarted\n\nChanges in openstack-neutron-gbp:\n- Update to version group-based-policy-12.0.1.dev29:\n * gbp-validate: Tenant and resource level scoping\n 2014.2.0rc1\n\n- Update to version group-based-policy-12.0.1.dev27:\n * Import data\\_utils from the new location\n\n- Update to version group-based-policy-12.0.1.dev26:\n * Add SNAT port's Mac Address to the host\\_snat\\_ips dictionary\n\n- Update to version group-based-policy-12.0.1.dev25:\n * Add support for victoria\n 2014.2.rc1\n\n- Update to version group-based-policy-12.0.1.dev24:\n * Fix deletion of SVI networks\n\n- Update to version group-based-policy-12.0.1.dev23:\n * Allow per-port qos configuration on dhcp port\n 2014.2rc1\n\n- Update to version group-based-policy-12.0.1.dev22:\n * Add connectivity parameter to driver\n * [AIM] Fix ERSPAN extension\n 2014.2.rc1\n\n- Update to version group-based-policy-12.0.1.dev19:\n * Fix exception with cleanup\n 2014.2.0rc1\n\n- Update to version group-based-policy-12.0.1.dev18:\n * Add workaround to get\\_subnets\n\nChanges in openstack-nova:\n- Update to version nova-18.3.1.dev82:\n * [stable-only] gate: Pin CEPH\\_RELEASE to nautilus in LM hook\n * Change default num\\_retries for glance to 3\n\nChanges in openstack-nova:\n- Update to version nova-18.3.1.dev82:\n * [stable-only] gate: Pin CEPH\\_RELEASE to nautilus in LM hook\n * Change default num\\_retries for glance to 3\n\nChanges in python-Django1:\n- Add CVE-2021-33203.patch (bsc#1186608, CVE-2021-33203)\n * Fixed potential path-traversal via admindocs' TemplateDetailView.\n- Add CVE-2021-33571.patch (bsc#1186611, CVE-2021-33571)\n * Prevented leading zeros in IPv4 addresses.\n\n- Add CVE-2021-31542.patch (bsc#1185623, CVE-2021-31542)\n * Fixed CVE-2021-31542 -- Tightened path and file name sanitation in file\n uploads.\n\n- Add CVE-2021-28658.patch (bsc#1184148, CVE-2021-28658)\n * Fixed potential directory-traversal via uploaded files\n\n- Add CVE-2021-23336.patch (bsc#1182433, CVE-2021-23336)\n * Fixed web cache poisoning via django.utils.http.limited_parse_qsl()\n\n\nChanges in python-py:\n- Add CVE-2020-29651.patch ((bsc#1179805, CVE-2020-29651)\n * svnwc: fix regular expression vulnerable to DoS in blame\n functionality\n\nChanges in python-pysaml2:\n- Fix patches (SOC-11453)\n * 0005-Fix-CVE-2021-21238-SAML-XML-Signature-wrapping.patch\n - rename saml2.xml to saml2.samlxml to avoid overriding\n the xml module in the system module path\n - add missing __init__.py files\n - add missing saml2/data package to setup.py\n * 0007-Make-previous-commits-python2-compatible.patch so as not to\n - Adjust to saml2.xml to saml2.samlxml changes\n - Fix a few more syntax errors and Python2-isms.\n\n- Fix CVE-2021-21238, bsc#1181277 with\n 0002-Strengthen-XSW-tests.patch ,\n 0003-Fix-the-parser-to-not-break-on-ePTID-AttributeValues.patch ,\n 0004-Add-xsd-schemas.patch ,\n 0005-Fix-CVE-2021-21238-SAML-XML-Signature-wrapping.patch .\n This adds a dependency on python-xmlschema, which depends on\n python-elementpath, thus both need to be added for this to work.\n The used python-xmlschema needs to support the sandbox argument\n which was added in 1.2.0 and refined in 1.2.1, but that version\n doesn't support python2, so a patched version that does both is\n needed.\n Add 0007-Make-previous-commits-python2-compatible.patch to\n not add a dependency on reportlib_resources and make other\n changes python2 compatible.\n. Fix CVE-2021-21239, bsc#1181278 with\n 0006-Fix-CVE-2021-21239-Restrict-the-key-data-that-xmlsec.patch\n\nChanges in python-xmlschema:\n\n- Add 3 patches to backport sandbox argument, which is needed by a security fix\n in python-pysaml2 and one patch to make backport python2 compatible.\n- Upstream url changed\n- Add rpmlintrc to make it work on Leap 42.3\n- Update to 1.0.18:\n * Fix for *ModelVisitor.iter_unordered_content()*\n * Fixed default converter, AbderaConverter and JsonMLConverter for xs:anyType decode\n * Fixed validation tests with all converters\n * Added UnorderedConverter to validation tests\n- Update to 1.0.17:\n * Enhancement of validation-only speed (~15%)\n * Added *is_valid()* and *iter_errors()* to module API\n- Update to 1.0.16:\n * Improved XMLResource class for working with compressed files\n * Fix for validation with XSD wildcards and 'lax' process content\n * Fix ambiguous items validation for xs:choice and xs:sequence models\n\n- Handle UnicodeDecodeErrors during build process\n\n- Update to 1.0.15:\n * Improved XPath 2.0 bindings\n * Added logging for schema initialization and building (handled with argument loglevel)\n * Update encoding of collapsed contents with a new model based reordering method\n * Removed XLink namespace from meta-schema (loaded from a fallback location like XHTML)\n * Fixed half of failed W3C instance tests (remain 255 over 15344 tests)\n\n- Initial commit, needed by pytest 5.1.2\nChanges in python-elementpath:\n\n- Update to 1.3.1:\n * Improved schema proxy\n * Improved XSD type matching using paths\n * Cached parent path for XPathContext (only Python 3)\n * Improve typed selection with TypedAttribute and TypedElement named-tuples\n * Add iter_results to XPathContext\n * Remove XMLSchemaProxy from package\n * Fix descendant shortcut operator '//'\n * Fix text() function\n * Fix typed select of '(name)' token\n * Fix 24-hour time for DateTime\n\n- Skip test_hashing to fix 32bit builds\n\n- Initial commit needed by python-xmlschema\nChanges in rubygem-activerecord-session_store:\n- added CVE-2019-25025.patch (CVE-2019-25025, bsc#1183174)\n * This requires CVE-2019-16782.patch to be included in\n rubygem-actionpack-4_2 to work correctly.\n\nChanges in venv-openstack-keystone\n- Add python-xmlschema and python-elementpath for new python-pysaml2 version.\n", title: "Description of the patch", }, { category: "details", text: "SUSE-2021-1962,SUSE-OpenStack-Cloud-9-2021-1962,SUSE-OpenStack-Cloud-Crowbar-9-2021-1962", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2021_1962-1.json", }, { category: "self", summary: "URL for SUSE-SU-2021:1962-1", url: "https://www.suse.com/support/update/announcement/2021/suse-su-20211962-1/", }, { category: "self", summary: "E-Mail link for SUSE-SU-2021:1962-1", url: "https://lists.suse.com/pipermail/sle-security-updates/2021-June/009001.html", }, { category: "self", summary: "SUSE Bug 1044849", url: "https://bugzilla.suse.com/1044849", }, { category: "self", summary: "SUSE Bug 1048688", url: "https://bugzilla.suse.com/1048688", }, { category: "self", summary: "SUSE Bug 1115960", url: "https://bugzilla.suse.com/1115960", }, { category: "self", summary: "SUSE Bug 1148383", url: "https://bugzilla.suse.com/1148383", }, { category: "self", summary: "SUSE Bug 1170657", url: "https://bugzilla.suse.com/1170657", }, { category: "self", summary: "SUSE Bug 1171909", url: "https://bugzilla.suse.com/1171909", }, { category: "self", summary: "SUSE Bug 1172409", url: "https://bugzilla.suse.com/1172409", }, { category: "self", summary: "SUSE Bug 1172450", url: "https://bugzilla.suse.com/1172450", }, { category: "self", summary: "SUSE Bug 1174583", url: "https://bugzilla.suse.com/1174583", }, { category: "self", summary: "SUSE Bug 1178243", url: "https://bugzilla.suse.com/1178243", }, { category: "self", summary: "SUSE Bug 1179805", url: "https://bugzilla.suse.com/1179805", }, { category: "self", summary: "SUSE Bug 1181277", url: "https://bugzilla.suse.com/1181277", }, { category: "self", summary: "SUSE Bug 1181278", url: "https://bugzilla.suse.com/1181278", }, { category: "self", summary: "SUSE Bug 1181689", url: "https://bugzilla.suse.com/1181689", }, { category: "self", summary: "SUSE Bug 1181690", url: "https://bugzilla.suse.com/1181690", }, { category: "self", summary: "SUSE Bug 1182317", url: "https://bugzilla.suse.com/1182317", }, { category: "self", summary: "SUSE Bug 1182433", url: "https://bugzilla.suse.com/1182433", }, { category: "self", summary: "SUSE Bug 1183174", url: "https://bugzilla.suse.com/1183174", }, { category: "self", summary: "SUSE Bug 1183803", url: "https://bugzilla.suse.com/1183803", }, { category: "self", summary: "SUSE Bug 1184148", url: "https://bugzilla.suse.com/1184148", }, { category: "self", summary: "SUSE Bug 1185623", url: "https://bugzilla.suse.com/1185623", }, { category: "self", summary: "SUSE Bug 1186608", url: "https://bugzilla.suse.com/1186608", }, { category: "self", summary: "SUSE Bug 1186611", url: "https://bugzilla.suse.com/1186611", }, { category: "self", summary: "SUSE CVE CVE-2017-11481 page", url: "https://www.suse.com/security/cve/CVE-2017-11481/", }, { category: "self", summary: "SUSE CVE CVE-2017-11499 page", url: "https://www.suse.com/security/cve/CVE-2017-11499/", }, { category: "self", summary: "SUSE CVE CVE-2018-18623 page", url: "https://www.suse.com/security/cve/CVE-2018-18623/", }, { category: "self", summary: "SUSE CVE CVE-2018-18624 page", url: "https://www.suse.com/security/cve/CVE-2018-18624/", }, { category: "self", summary: "SUSE CVE CVE-2018-18625 page", url: "https://www.suse.com/security/cve/CVE-2018-18625/", }, { category: "self", summary: "SUSE CVE CVE-2018-19039 page", url: "https://www.suse.com/security/cve/CVE-2018-19039/", }, { category: "self", summary: "SUSE CVE CVE-2019-15043 page", url: "https://www.suse.com/security/cve/CVE-2019-15043/", }, { category: "self", summary: "SUSE CVE CVE-2019-25025 page", url: "https://www.suse.com/security/cve/CVE-2019-25025/", }, { category: "self", summary: "SUSE CVE CVE-2020-10743 page", url: "https://www.suse.com/security/cve/CVE-2020-10743/", }, { category: "self", summary: "SUSE CVE CVE-2020-11110 page", url: "https://www.suse.com/security/cve/CVE-2020-11110/", }, { category: "self", summary: "SUSE CVE CVE-2020-12052 page", url: "https://www.suse.com/security/cve/CVE-2020-12052/", }, { category: "self", summary: "SUSE CVE CVE-2020-13379 page", url: "https://www.suse.com/security/cve/CVE-2020-13379/", }, { category: "self", summary: "SUSE CVE CVE-2020-17516 page", url: "https://www.suse.com/security/cve/CVE-2020-17516/", }, { category: "self", summary: "SUSE CVE CVE-2020-24303 page", url: "https://www.suse.com/security/cve/CVE-2020-24303/", }, { category: "self", summary: "SUSE CVE CVE-2020-29651 page", url: "https://www.suse.com/security/cve/CVE-2020-29651/", }, { category: "self", summary: "SUSE CVE CVE-2021-21238 page", url: "https://www.suse.com/security/cve/CVE-2021-21238/", }, { category: "self", summary: "SUSE CVE CVE-2021-21239 page", url: "https://www.suse.com/security/cve/CVE-2021-21239/", }, { category: "self", summary: "SUSE CVE CVE-2021-23336 page", url: "https://www.suse.com/security/cve/CVE-2021-23336/", }, { category: "self", summary: "SUSE CVE CVE-2021-27358 page", url: "https://www.suse.com/security/cve/CVE-2021-27358/", }, { category: "self", summary: "SUSE CVE CVE-2021-28658 page", url: "https://www.suse.com/security/cve/CVE-2021-28658/", }, { category: "self", summary: "SUSE CVE CVE-2021-31542 page", url: "https://www.suse.com/security/cve/CVE-2021-31542/", }, { category: "self", summary: "SUSE CVE CVE-2021-33203 page", url: "https://www.suse.com/security/cve/CVE-2021-33203/", }, { category: "self", summary: "SUSE CVE CVE-2021-33571 page", url: "https://www.suse.com/security/cve/CVE-2021-33571/", }, ], title: "Security update for ardana-neutron, ardana-swift, cassandra, crowbar-openstack, grafana, kibana, openstack-dashboard, openstack-ironic, openstack-neutron, openstack-neutron-gbp, openstack-nova, python-Django1, python-py, python-pysaml2, python-xmlschema, rubygem-activerecord-session_store, venv-openstack-keystone", tracking: { current_release_date: "2021-06-11T13:13:53Z", generator: { date: "2021-06-11T13:13:53Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "SUSE-SU-2021:1962-1", initial_release_date: "2021-06-11T13:13:53Z", revision_history: [ { date: "2021-06-11T13:13:53Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "cassandra-3.11.10-3.3.3.aarch64", product: { name: "cassandra-3.11.10-3.3.3.aarch64", product_id: "cassandra-3.11.10-3.3.3.aarch64", }, }, { category: "product_version", name: "cassandra-javadoc-3.11.10-3.3.3.aarch64", product: { name: "cassandra-javadoc-3.11.10-3.3.3.aarch64", product_id: "cassandra-javadoc-3.11.10-3.3.3.aarch64", }, }, { category: "product_version", name: "cassandra-tools-3.11.10-3.3.3.aarch64", product: { name: "cassandra-tools-3.11.10-3.3.3.aarch64", product_id: "cassandra-tools-3.11.10-3.3.3.aarch64", }, }, { category: "product_version", name: "grafana-6.7.4-3.23.2.aarch64", product: { name: "grafana-6.7.4-3.23.2.aarch64", product_id: "grafana-6.7.4-3.23.2.aarch64", }, }, { category: "product_version", name: "kibana-4.6.6-4.9.2.aarch64", product: { name: "kibana-4.6.6-4.9.2.aarch64", product_id: "kibana-4.6.6-4.9.2.aarch64", }, }, { category: "product_version", name: "ruby2.1-rubygem-activerecord-session_store-0.1.2-4.3.2.aarch64", product: { name: "ruby2.1-rubygem-activerecord-session_store-0.1.2-4.3.2.aarch64", product_id: "ruby2.1-rubygem-activerecord-session_store-0.1.2-4.3.2.aarch64", }, }, { category: "product_version", name: "ruby2.1-rubygem-activerecord-session_store-doc-0.1.2-4.3.2.aarch64", product: { name: "ruby2.1-rubygem-activerecord-session_store-doc-0.1.2-4.3.2.aarch64", product_id: "ruby2.1-rubygem-activerecord-session_store-doc-0.1.2-4.3.2.aarch64", }, }, ], category: "architecture", name: "aarch64", }, { branches: [ { category: "product_version", name: "ardana-neutron-9.0+git.1615223676.777f0b3-3.25.2.noarch", product: { name: "ardana-neutron-9.0+git.1615223676.777f0b3-3.25.2.noarch", product_id: "ardana-neutron-9.0+git.1615223676.777f0b3-3.25.2.noarch", }, }, { category: "product_version", name: "ardana-swift-9.0+git.1618235096.90974ed-3.10.2.noarch", product: { name: "ardana-swift-9.0+git.1618235096.90974ed-3.10.2.noarch", product_id: "ardana-swift-9.0+git.1618235096.90974ed-3.10.2.noarch", }, }, { category: "product_version", name: "cassandra-kit-3.11.10-3.3.2.noarch", product: { name: "cassandra-kit-3.11.10-3.3.2.noarch", product_id: "cassandra-kit-3.11.10-3.3.2.noarch", }, }, { category: "product_version", name: "crowbar-openstack-6.0+git.1616146717.a89ae0f4e-3.34.4.noarch", product: { name: "crowbar-openstack-6.0+git.1616146717.a89ae0f4e-3.34.4.noarch", product_id: "crowbar-openstack-6.0+git.1616146717.a89ae0f4e-3.34.4.noarch", }, }, { category: "product_version", name: "openstack-dashboard-14.1.1~dev11-3.24.6.noarch", product: { name: "openstack-dashboard-14.1.1~dev11-3.24.6.noarch", product_id: "openstack-dashboard-14.1.1~dev11-3.24.6.noarch", }, }, { category: "product_version", name: "openstack-dashboard-test-14.1.1~dev11-3.24.6.noarch", product: { name: "openstack-dashboard-test-14.1.1~dev11-3.24.6.noarch", product_id: "openstack-dashboard-test-14.1.1~dev11-3.24.6.noarch", }, }, { category: "product_version", name: "openstack-ironic-11.1.5~dev17-3.25.5.noarch", product: { name: "openstack-ironic-11.1.5~dev17-3.25.5.noarch", product_id: "openstack-ironic-11.1.5~dev17-3.25.5.noarch", }, }, { category: "product_version", name: "openstack-ironic-api-11.1.5~dev17-3.25.5.noarch", product: { name: "openstack-ironic-api-11.1.5~dev17-3.25.5.noarch", product_id: "openstack-ironic-api-11.1.5~dev17-3.25.5.noarch", }, }, { category: "product_version", name: "openstack-ironic-conductor-11.1.5~dev17-3.25.5.noarch", product: { name: "openstack-ironic-conductor-11.1.5~dev17-3.25.5.noarch", product_id: "openstack-ironic-conductor-11.1.5~dev17-3.25.5.noarch", }, }, { category: "product_version", name: "openstack-ironic-test-11.1.5~dev17-3.25.5.noarch", product: { name: "openstack-ironic-test-11.1.5~dev17-3.25.5.noarch", product_id: "openstack-ironic-test-11.1.5~dev17-3.25.5.noarch", }, }, { category: "product_version", name: "openstack-neutron-13.0.8~dev164-3.37.4.noarch", product: { name: "openstack-neutron-13.0.8~dev164-3.37.4.noarch", product_id: "openstack-neutron-13.0.8~dev164-3.37.4.noarch", }, }, { category: "product_version", name: "openstack-neutron-dhcp-agent-13.0.8~dev164-3.37.4.noarch", product: { name: "openstack-neutron-dhcp-agent-13.0.8~dev164-3.37.4.noarch", product_id: "openstack-neutron-dhcp-agent-13.0.8~dev164-3.37.4.noarch", }, }, { category: "product_version", name: "openstack-neutron-gbp-12.0.1~dev29-3.25.3.noarch", product: { name: "openstack-neutron-gbp-12.0.1~dev29-3.25.3.noarch", product_id: "openstack-neutron-gbp-12.0.1~dev29-3.25.3.noarch", }, }, { category: "product_version", name: "openstack-neutron-gbp-test-12.0.1~dev29-3.25.3.noarch", product: { name: "openstack-neutron-gbp-test-12.0.1~dev29-3.25.3.noarch", product_id: "openstack-neutron-gbp-test-12.0.1~dev29-3.25.3.noarch", }, }, { category: "product_version", name: "openstack-neutron-ha-tool-13.0.8~dev164-3.37.4.noarch", product: { name: "openstack-neutron-ha-tool-13.0.8~dev164-3.37.4.noarch", product_id: "openstack-neutron-ha-tool-13.0.8~dev164-3.37.4.noarch", }, }, { category: "product_version", name: "openstack-neutron-l3-agent-13.0.8~dev164-3.37.4.noarch", product: { name: "openstack-neutron-l3-agent-13.0.8~dev164-3.37.4.noarch", product_id: "openstack-neutron-l3-agent-13.0.8~dev164-3.37.4.noarch", }, }, { category: "product_version", name: "openstack-neutron-linuxbridge-agent-13.0.8~dev164-3.37.4.noarch", product: { name: "openstack-neutron-linuxbridge-agent-13.0.8~dev164-3.37.4.noarch", product_id: "openstack-neutron-linuxbridge-agent-13.0.8~dev164-3.37.4.noarch", }, }, { category: "product_version", name: "openstack-neutron-macvtap-agent-13.0.8~dev164-3.37.4.noarch", product: { name: "openstack-neutron-macvtap-agent-13.0.8~dev164-3.37.4.noarch", product_id: "openstack-neutron-macvtap-agent-13.0.8~dev164-3.37.4.noarch", }, }, { category: "product_version", name: "openstack-neutron-metadata-agent-13.0.8~dev164-3.37.4.noarch", product: { name: "openstack-neutron-metadata-agent-13.0.8~dev164-3.37.4.noarch", product_id: "openstack-neutron-metadata-agent-13.0.8~dev164-3.37.4.noarch", }, }, { category: "product_version", name: "openstack-neutron-metering-agent-13.0.8~dev164-3.37.4.noarch", product: { name: "openstack-neutron-metering-agent-13.0.8~dev164-3.37.4.noarch", product_id: "openstack-neutron-metering-agent-13.0.8~dev164-3.37.4.noarch", }, }, { category: "product_version", name: "openstack-neutron-openvswitch-agent-13.0.8~dev164-3.37.4.noarch", product: { name: "openstack-neutron-openvswitch-agent-13.0.8~dev164-3.37.4.noarch", product_id: "openstack-neutron-openvswitch-agent-13.0.8~dev164-3.37.4.noarch", }, }, { category: "product_version", name: "openstack-neutron-server-13.0.8~dev164-3.37.4.noarch", product: { name: "openstack-neutron-server-13.0.8~dev164-3.37.4.noarch", product_id: "openstack-neutron-server-13.0.8~dev164-3.37.4.noarch", }, }, { category: "product_version", name: "openstack-neutron-test-13.0.8~dev164-3.37.4.noarch", product: { name: "openstack-neutron-test-13.0.8~dev164-3.37.4.noarch", product_id: "openstack-neutron-test-13.0.8~dev164-3.37.4.noarch", }, }, { category: "product_version", name: "openstack-nova-18.3.1~dev82-3.37.6.noarch", product: { name: "openstack-nova-18.3.1~dev82-3.37.6.noarch", product_id: "openstack-nova-18.3.1~dev82-3.37.6.noarch", }, }, { category: "product_version", name: "openstack-nova-api-18.3.1~dev82-3.37.6.noarch", product: { name: "openstack-nova-api-18.3.1~dev82-3.37.6.noarch", product_id: "openstack-nova-api-18.3.1~dev82-3.37.6.noarch", }, }, { category: "product_version", name: "openstack-nova-cells-18.3.1~dev82-3.37.6.noarch", product: { name: "openstack-nova-cells-18.3.1~dev82-3.37.6.noarch", product_id: "openstack-nova-cells-18.3.1~dev82-3.37.6.noarch", }, }, { category: "product_version", name: "openstack-nova-compute-18.3.1~dev82-3.37.6.noarch", product: { name: "openstack-nova-compute-18.3.1~dev82-3.37.6.noarch", product_id: "openstack-nova-compute-18.3.1~dev82-3.37.6.noarch", }, }, { category: "product_version", name: "openstack-nova-conductor-18.3.1~dev82-3.37.6.noarch", product: { name: "openstack-nova-conductor-18.3.1~dev82-3.37.6.noarch", product_id: "openstack-nova-conductor-18.3.1~dev82-3.37.6.noarch", }, }, { category: "product_version", name: "openstack-nova-console-18.3.1~dev82-3.37.6.noarch", product: { name: "openstack-nova-console-18.3.1~dev82-3.37.6.noarch", product_id: "openstack-nova-console-18.3.1~dev82-3.37.6.noarch", }, }, { category: "product_version", name: "openstack-nova-consoleauth-18.3.1~dev82-3.37.6.noarch", product: { name: "openstack-nova-consoleauth-18.3.1~dev82-3.37.6.noarch", product_id: "openstack-nova-consoleauth-18.3.1~dev82-3.37.6.noarch", }, }, { category: "product_version", name: "openstack-nova-network-18.3.1~dev82-3.37.6.noarch", product: { name: "openstack-nova-network-18.3.1~dev82-3.37.6.noarch", product_id: "openstack-nova-network-18.3.1~dev82-3.37.6.noarch", }, }, { category: "product_version", name: "openstack-nova-novncproxy-18.3.1~dev82-3.37.6.noarch", product: { name: "openstack-nova-novncproxy-18.3.1~dev82-3.37.6.noarch", product_id: "openstack-nova-novncproxy-18.3.1~dev82-3.37.6.noarch", }, }, { category: "product_version", name: "openstack-nova-placement-api-18.3.1~dev82-3.37.6.noarch", product: { name: "openstack-nova-placement-api-18.3.1~dev82-3.37.6.noarch", product_id: "openstack-nova-placement-api-18.3.1~dev82-3.37.6.noarch", }, }, { category: "product_version", name: "openstack-nova-scheduler-18.3.1~dev82-3.37.6.noarch", product: { name: "openstack-nova-scheduler-18.3.1~dev82-3.37.6.noarch", product_id: "openstack-nova-scheduler-18.3.1~dev82-3.37.6.noarch", }, }, { category: "product_version", name: "openstack-nova-serialproxy-18.3.1~dev82-3.37.6.noarch", product: { name: "openstack-nova-serialproxy-18.3.1~dev82-3.37.6.noarch", product_id: "openstack-nova-serialproxy-18.3.1~dev82-3.37.6.noarch", }, }, { category: "product_version", name: "openstack-nova-test-18.3.1~dev82-3.37.6.noarch", product: { name: "openstack-nova-test-18.3.1~dev82-3.37.6.noarch", product_id: "openstack-nova-test-18.3.1~dev82-3.37.6.noarch", }, }, { category: "product_version", name: "openstack-nova-vncproxy-18.3.1~dev82-3.37.6.noarch", product: { name: "openstack-nova-vncproxy-18.3.1~dev82-3.37.6.noarch", product_id: "openstack-nova-vncproxy-18.3.1~dev82-3.37.6.noarch", }, }, { category: "product_version", name: "python-Django1-1.11.29-3.25.1.noarch", product: { name: "python-Django1-1.11.29-3.25.1.noarch", product_id: "python-Django1-1.11.29-3.25.1.noarch", }, }, { category: "product_version", name: "python-elementpath-1.3.1-1.3.2.noarch", product: { name: "python-elementpath-1.3.1-1.3.2.noarch", product_id: "python-elementpath-1.3.1-1.3.2.noarch", }, }, { category: "product_version", name: "python-horizon-14.1.1~dev11-3.24.6.noarch", product: { name: "python-horizon-14.1.1~dev11-3.24.6.noarch", product_id: "python-horizon-14.1.1~dev11-3.24.6.noarch", }, }, { category: "product_version", name: "python-ironic-11.1.5~dev17-3.25.5.noarch", product: { name: "python-ironic-11.1.5~dev17-3.25.5.noarch", product_id: "python-ironic-11.1.5~dev17-3.25.5.noarch", }, }, { category: "product_version", name: "python-neutron-13.0.8~dev164-3.37.4.noarch", product: { name: "python-neutron-13.0.8~dev164-3.37.4.noarch", product_id: "python-neutron-13.0.8~dev164-3.37.4.noarch", }, }, { category: "product_version", name: "python-neutron-gbp-12.0.1~dev29-3.25.3.noarch", product: { name: "python-neutron-gbp-12.0.1~dev29-3.25.3.noarch", product_id: "python-neutron-gbp-12.0.1~dev29-3.25.3.noarch", }, }, { category: "product_version", name: "python-nova-18.3.1~dev82-3.37.6.noarch", product: { name: "python-nova-18.3.1~dev82-3.37.6.noarch", product_id: "python-nova-18.3.1~dev82-3.37.6.noarch", }, }, { category: "product_version", name: "python-openstack_auth-14.1.1~dev11-3.24.6.noarch", product: { name: "python-openstack_auth-14.1.1~dev11-3.24.6.noarch", product_id: "python-openstack_auth-14.1.1~dev11-3.24.6.noarch", }, }, { category: "product_version", name: "python-py-1.5.4-3.3.2.noarch", product: { name: "python-py-1.5.4-3.3.2.noarch", product_id: "python-py-1.5.4-3.3.2.noarch", }, }, { category: "product_version", name: "python-pysaml2-4.5.0-4.6.2.noarch", product: { name: "python-pysaml2-4.5.0-4.6.2.noarch", product_id: "python-pysaml2-4.5.0-4.6.2.noarch", }, }, { category: "product_version", name: "python-xmlschema-1.0.18-1.3.2.noarch", product: { name: "python-xmlschema-1.0.18-1.3.2.noarch", product_id: "python-xmlschema-1.0.18-1.3.2.noarch", }, }, { category: "product_version", name: "python3-Django1-1.11.29-3.25.1.noarch", product: { name: "python3-Django1-1.11.29-3.25.1.noarch", product_id: "python3-Django1-1.11.29-3.25.1.noarch", }, }, { category: "product_version", name: "python3-elementpath-1.3.1-1.3.2.noarch", product: { name: "python3-elementpath-1.3.1-1.3.2.noarch", product_id: "python3-elementpath-1.3.1-1.3.2.noarch", }, }, { category: "product_version", name: "python3-py-1.5.4-3.3.2.noarch", product: { name: "python3-py-1.5.4-3.3.2.noarch", product_id: "python3-py-1.5.4-3.3.2.noarch", }, }, { category: "product_version", name: "python3-pysaml2-4.5.0-4.6.2.noarch", product: { name: "python3-pysaml2-4.5.0-4.6.2.noarch", product_id: "python3-pysaml2-4.5.0-4.6.2.noarch", }, }, { category: "product_version", name: "python3-xmlschema-1.0.18-1.3.2.noarch", product: { name: "python3-xmlschema-1.0.18-1.3.2.noarch", product_id: "python3-xmlschema-1.0.18-1.3.2.noarch", }, }, { category: "product_version", name: "venv-openstack-barbican-x86_64-7.0.1~dev24-3.23.1.noarch", product: { name: "venv-openstack-barbican-x86_64-7.0.1~dev24-3.23.1.noarch", product_id: "venv-openstack-barbican-x86_64-7.0.1~dev24-3.23.1.noarch", }, }, { category: "product_version", name: "venv-openstack-cinder-x86_64-13.0.10~dev20-3.26.1.noarch", product: { name: "venv-openstack-cinder-x86_64-13.0.10~dev20-3.26.1.noarch", product_id: "venv-openstack-cinder-x86_64-13.0.10~dev20-3.26.1.noarch", }, }, { category: "product_version", name: "venv-openstack-designate-x86_64-7.0.2~dev2-3.23.1.noarch", product: { name: "venv-openstack-designate-x86_64-7.0.2~dev2-3.23.1.noarch", product_id: "venv-openstack-designate-x86_64-7.0.2~dev2-3.23.1.noarch", }, }, { category: "product_version", name: "venv-openstack-glance-x86_64-17.0.1~dev30-3.21.1.noarch", product: { name: "venv-openstack-glance-x86_64-17.0.1~dev30-3.21.1.noarch", product_id: "venv-openstack-glance-x86_64-17.0.1~dev30-3.21.1.noarch", }, }, { category: "product_version", name: "venv-openstack-heat-x86_64-11.0.4~dev4-3.23.1.noarch", product: { name: "venv-openstack-heat-x86_64-11.0.4~dev4-3.23.1.noarch", product_id: "venv-openstack-heat-x86_64-11.0.4~dev4-3.23.1.noarch", }, }, { category: "product_version", name: "venv-openstack-horizon-x86_64-14.1.1~dev11-4.27.3.noarch", product: { name: "venv-openstack-horizon-x86_64-14.1.1~dev11-4.27.3.noarch", product_id: "venv-openstack-horizon-x86_64-14.1.1~dev11-4.27.3.noarch", }, }, { category: "product_version", name: "venv-openstack-ironic-x86_64-11.1.5~dev17-4.21.2.noarch", product: { name: "venv-openstack-ironic-x86_64-11.1.5~dev17-4.21.2.noarch", product_id: "venv-openstack-ironic-x86_64-11.1.5~dev17-4.21.2.noarch", }, }, { category: "product_version", name: "venv-openstack-keystone-aarch64-14.2.1~dev4-3.24.3.noarch", product: { name: "venv-openstack-keystone-aarch64-14.2.1~dev4-3.24.3.noarch", product_id: "venv-openstack-keystone-aarch64-14.2.1~dev4-3.24.3.noarch", }, }, { category: "product_version", name: "venv-openstack-keystone-ppc64le-14.2.1~dev4-3.24.3.noarch", product: { name: "venv-openstack-keystone-ppc64le-14.2.1~dev4-3.24.3.noarch", product_id: "venv-openstack-keystone-ppc64le-14.2.1~dev4-3.24.3.noarch", }, }, { category: "product_version", name: "venv-openstack-keystone-s390x-14.2.1~dev4-3.24.3.noarch", product: { name: "venv-openstack-keystone-s390x-14.2.1~dev4-3.24.3.noarch", product_id: "venv-openstack-keystone-s390x-14.2.1~dev4-3.24.3.noarch", }, }, { category: "product_version", name: "venv-openstack-keystone-x86_64-14.2.1~dev4-3.24.3.noarch", product: { name: "venv-openstack-keystone-x86_64-14.2.1~dev4-3.24.3.noarch", product_id: "venv-openstack-keystone-x86_64-14.2.1~dev4-3.24.3.noarch", }, }, { category: "product_version", name: "venv-openstack-magnum-x86_64-7.2.1~dev1-4.23.1.noarch", product: { name: "venv-openstack-magnum-x86_64-7.2.1~dev1-4.23.1.noarch", product_id: "venv-openstack-magnum-x86_64-7.2.1~dev1-4.23.1.noarch", }, }, { category: "product_version", name: "venv-openstack-manila-x86_64-7.4.2~dev60-3.29.1.noarch", product: { name: "venv-openstack-manila-x86_64-7.4.2~dev60-3.29.1.noarch", product_id: "venv-openstack-manila-x86_64-7.4.2~dev60-3.29.1.noarch", }, }, { category: "product_version", name: "venv-openstack-monasca-ceilometer-x86_64-1.8.2~dev3-3.23.2.noarch", product: { name: "venv-openstack-monasca-ceilometer-x86_64-1.8.2~dev3-3.23.2.noarch", product_id: "venv-openstack-monasca-ceilometer-x86_64-1.8.2~dev3-3.23.2.noarch", }, }, { category: "product_version", name: "venv-openstack-monasca-x86_64-2.7.1~dev10-3.21.1.noarch", product: { name: "venv-openstack-monasca-x86_64-2.7.1~dev10-3.21.1.noarch", product_id: "venv-openstack-monasca-x86_64-2.7.1~dev10-3.21.1.noarch", }, }, { category: "product_version", name: "venv-openstack-neutron-x86_64-13.0.8~dev164-6.27.3.noarch", product: { name: "venv-openstack-neutron-x86_64-13.0.8~dev164-6.27.3.noarch", product_id: "venv-openstack-neutron-x86_64-13.0.8~dev164-6.27.3.noarch", }, }, { category: "product_version", name: "venv-openstack-nova-x86_64-18.3.1~dev82-3.27.3.noarch", product: { name: "venv-openstack-nova-x86_64-18.3.1~dev82-3.27.3.noarch", product_id: "venv-openstack-nova-x86_64-18.3.1~dev82-3.27.3.noarch", }, }, { category: "product_version", name: "venv-openstack-octavia-x86_64-3.2.3~dev7-4.23.1.noarch", product: { name: "venv-openstack-octavia-x86_64-3.2.3~dev7-4.23.1.noarch", product_id: "venv-openstack-octavia-x86_64-3.2.3~dev7-4.23.1.noarch", }, }, { category: "product_version", name: "venv-openstack-sahara-x86_64-9.0.2~dev15-3.23.1.noarch", product: { name: "venv-openstack-sahara-x86_64-9.0.2~dev15-3.23.1.noarch", product_id: "venv-openstack-sahara-x86_64-9.0.2~dev15-3.23.1.noarch", }, }, { category: "product_version", name: "venv-openstack-swift-x86_64-2.19.2~dev48-2.18.1.noarch", product: { name: "venv-openstack-swift-x86_64-2.19.2~dev48-2.18.1.noarch", product_id: "venv-openstack-swift-x86_64-2.19.2~dev48-2.18.1.noarch", }, }, ], category: "architecture", name: "noarch", }, { branches: [ { category: "product_version", name: "cassandra-3.11.10-3.3.3.ppc64le", product: { name: "cassandra-3.11.10-3.3.3.ppc64le", product_id: "cassandra-3.11.10-3.3.3.ppc64le", }, }, { category: "product_version", name: "cassandra-javadoc-3.11.10-3.3.3.ppc64le", product: { name: "cassandra-javadoc-3.11.10-3.3.3.ppc64le", product_id: "cassandra-javadoc-3.11.10-3.3.3.ppc64le", }, }, { category: "product_version", name: "cassandra-tools-3.11.10-3.3.3.ppc64le", product: { name: "cassandra-tools-3.11.10-3.3.3.ppc64le", product_id: "cassandra-tools-3.11.10-3.3.3.ppc64le", }, }, { category: "product_version", name: "grafana-6.7.4-3.23.2.ppc64le", product: { name: "grafana-6.7.4-3.23.2.ppc64le", product_id: "grafana-6.7.4-3.23.2.ppc64le", }, }, { category: "product_version", name: "kibana-4.6.6-4.9.2.ppc64le", product: { name: "kibana-4.6.6-4.9.2.ppc64le", product_id: "kibana-4.6.6-4.9.2.ppc64le", }, }, { category: "product_version", name: "ruby2.1-rubygem-activerecord-session_store-0.1.2-4.3.2.ppc64le", product: { name: "ruby2.1-rubygem-activerecord-session_store-0.1.2-4.3.2.ppc64le", product_id: "ruby2.1-rubygem-activerecord-session_store-0.1.2-4.3.2.ppc64le", }, }, { category: "product_version", name: "ruby2.1-rubygem-activerecord-session_store-doc-0.1.2-4.3.2.ppc64le", product: { name: "ruby2.1-rubygem-activerecord-session_store-doc-0.1.2-4.3.2.ppc64le", product_id: "ruby2.1-rubygem-activerecord-session_store-doc-0.1.2-4.3.2.ppc64le", }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "grafana-6.7.4-3.23.2.s390x", product: { name: "grafana-6.7.4-3.23.2.s390x", product_id: "grafana-6.7.4-3.23.2.s390x", }, }, { category: "product_version", name: "kibana-4.6.6-4.9.2.s390x", product: { name: "kibana-4.6.6-4.9.2.s390x", product_id: "kibana-4.6.6-4.9.2.s390x", }, }, { category: "product_version", name: "ruby2.1-rubygem-activerecord-session_store-0.1.2-4.3.2.s390x", product: { name: "ruby2.1-rubygem-activerecord-session_store-0.1.2-4.3.2.s390x", product_id: "ruby2.1-rubygem-activerecord-session_store-0.1.2-4.3.2.s390x", }, }, { category: "product_version", name: "ruby2.1-rubygem-activerecord-session_store-doc-0.1.2-4.3.2.s390x", product: { name: "ruby2.1-rubygem-activerecord-session_store-doc-0.1.2-4.3.2.s390x", product_id: "ruby2.1-rubygem-activerecord-session_store-doc-0.1.2-4.3.2.s390x", }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "cassandra-3.11.10-3.3.3.x86_64", product: { name: "cassandra-3.11.10-3.3.3.x86_64", product_id: "cassandra-3.11.10-3.3.3.x86_64", }, }, { category: "product_version", name: "cassandra-javadoc-3.11.10-3.3.3.x86_64", product: { name: "cassandra-javadoc-3.11.10-3.3.3.x86_64", product_id: "cassandra-javadoc-3.11.10-3.3.3.x86_64", }, }, { category: "product_version", name: "cassandra-tools-3.11.10-3.3.3.x86_64", product: { name: "cassandra-tools-3.11.10-3.3.3.x86_64", product_id: "cassandra-tools-3.11.10-3.3.3.x86_64", }, }, { category: "product_version", name: "grafana-6.7.4-3.23.2.x86_64", product: { name: "grafana-6.7.4-3.23.2.x86_64", product_id: "grafana-6.7.4-3.23.2.x86_64", }, }, { category: "product_version", name: "kibana-4.6.6-4.9.2.x86_64", product: { name: "kibana-4.6.6-4.9.2.x86_64", product_id: "kibana-4.6.6-4.9.2.x86_64", }, }, { category: "product_version", name: "ruby2.1-rubygem-activerecord-session_store-0.1.2-4.3.2.x86_64", product: { name: "ruby2.1-rubygem-activerecord-session_store-0.1.2-4.3.2.x86_64", product_id: "ruby2.1-rubygem-activerecord-session_store-0.1.2-4.3.2.x86_64", }, }, { category: "product_version", name: "ruby2.1-rubygem-activerecord-session_store-doc-0.1.2-4.3.2.x86_64", product: { name: "ruby2.1-rubygem-activerecord-session_store-doc-0.1.2-4.3.2.x86_64", product_id: "ruby2.1-rubygem-activerecord-session_store-doc-0.1.2-4.3.2.x86_64", }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_name", name: "SUSE OpenStack Cloud 9", product: { name: "SUSE OpenStack Cloud 9", product_id: "SUSE OpenStack Cloud 9", product_identification_helper: { cpe: "cpe:/o:suse:suse-openstack-cloud:9", }, }, }, { category: "product_name", name: "SUSE OpenStack Cloud Crowbar 9", product: { name: "SUSE OpenStack Cloud Crowbar 9", product_id: "SUSE OpenStack Cloud Crowbar 9", product_identification_helper: { cpe: "cpe:/o:suse:suse-openstack-cloud-crowbar:9", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "ardana-neutron-9.0+git.1615223676.777f0b3-3.25.2.noarch as component of SUSE OpenStack Cloud 9", product_id: "SUSE OpenStack Cloud 9:ardana-neutron-9.0+git.1615223676.777f0b3-3.25.2.noarch", }, product_reference: "ardana-neutron-9.0+git.1615223676.777f0b3-3.25.2.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 9", }, { category: "default_component_of", full_product_name: { name: "ardana-swift-9.0+git.1618235096.90974ed-3.10.2.noarch as component of SUSE OpenStack Cloud 9", product_id: "SUSE OpenStack Cloud 9:ardana-swift-9.0+git.1618235096.90974ed-3.10.2.noarch", }, product_reference: "ardana-swift-9.0+git.1618235096.90974ed-3.10.2.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 9", }, { category: "default_component_of", full_product_name: { name: "cassandra-3.11.10-3.3.3.x86_64 as component of SUSE OpenStack Cloud 9", product_id: "SUSE OpenStack Cloud 9:cassandra-3.11.10-3.3.3.x86_64", }, product_reference: "cassandra-3.11.10-3.3.3.x86_64", relates_to_product_reference: "SUSE OpenStack Cloud 9", }, { category: "default_component_of", full_product_name: { name: "cassandra-tools-3.11.10-3.3.3.x86_64 as component of SUSE OpenStack Cloud 9", product_id: "SUSE OpenStack Cloud 9:cassandra-tools-3.11.10-3.3.3.x86_64", }, product_reference: "cassandra-tools-3.11.10-3.3.3.x86_64", relates_to_product_reference: "SUSE OpenStack Cloud 9", }, { category: "default_component_of", full_product_name: { name: "grafana-6.7.4-3.23.2.x86_64 as component of SUSE OpenStack Cloud 9", product_id: "SUSE OpenStack Cloud 9:grafana-6.7.4-3.23.2.x86_64", }, product_reference: "grafana-6.7.4-3.23.2.x86_64", relates_to_product_reference: "SUSE OpenStack Cloud 9", }, { category: "default_component_of", full_product_name: { name: "kibana-4.6.6-4.9.2.x86_64 as component of SUSE OpenStack Cloud 9", product_id: "SUSE OpenStack Cloud 9:kibana-4.6.6-4.9.2.x86_64", }, product_reference: "kibana-4.6.6-4.9.2.x86_64", relates_to_product_reference: "SUSE OpenStack Cloud 9", }, { category: "default_component_of", full_product_name: { name: "openstack-dashboard-14.1.1~dev11-3.24.6.noarch as component of SUSE OpenStack Cloud 9", product_id: "SUSE OpenStack Cloud 9:openstack-dashboard-14.1.1~dev11-3.24.6.noarch", }, product_reference: "openstack-dashboard-14.1.1~dev11-3.24.6.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 9", }, { category: "default_component_of", full_product_name: { name: "openstack-ironic-11.1.5~dev17-3.25.5.noarch as component of SUSE OpenStack Cloud 9", product_id: "SUSE OpenStack Cloud 9:openstack-ironic-11.1.5~dev17-3.25.5.noarch", }, product_reference: "openstack-ironic-11.1.5~dev17-3.25.5.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 9", }, { category: "default_component_of", full_product_name: { name: "openstack-ironic-api-11.1.5~dev17-3.25.5.noarch as component of SUSE OpenStack Cloud 9", product_id: "SUSE OpenStack Cloud 9:openstack-ironic-api-11.1.5~dev17-3.25.5.noarch", }, product_reference: "openstack-ironic-api-11.1.5~dev17-3.25.5.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 9", }, { category: "default_component_of", full_product_name: { name: "openstack-ironic-conductor-11.1.5~dev17-3.25.5.noarch as component of SUSE OpenStack Cloud 9", product_id: "SUSE OpenStack Cloud 9:openstack-ironic-conductor-11.1.5~dev17-3.25.5.noarch", }, product_reference: "openstack-ironic-conductor-11.1.5~dev17-3.25.5.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 9", }, { category: "default_component_of", full_product_name: { name: "openstack-neutron-13.0.8~dev164-3.37.4.noarch as component of SUSE OpenStack Cloud 9", product_id: "SUSE OpenStack Cloud 9:openstack-neutron-13.0.8~dev164-3.37.4.noarch", }, product_reference: "openstack-neutron-13.0.8~dev164-3.37.4.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 9", }, { category: "default_component_of", full_product_name: { name: "openstack-neutron-dhcp-agent-13.0.8~dev164-3.37.4.noarch as component of SUSE OpenStack Cloud 9", product_id: "SUSE OpenStack Cloud 9:openstack-neutron-dhcp-agent-13.0.8~dev164-3.37.4.noarch", }, product_reference: "openstack-neutron-dhcp-agent-13.0.8~dev164-3.37.4.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 9", }, { category: "default_component_of", full_product_name: { name: "openstack-neutron-gbp-12.0.1~dev29-3.25.3.noarch as component of SUSE OpenStack Cloud 9", product_id: "SUSE OpenStack Cloud 9:openstack-neutron-gbp-12.0.1~dev29-3.25.3.noarch", }, product_reference: "openstack-neutron-gbp-12.0.1~dev29-3.25.3.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 9", }, { category: "default_component_of", full_product_name: { name: "openstack-neutron-ha-tool-13.0.8~dev164-3.37.4.noarch as component of SUSE OpenStack Cloud 9", product_id: "SUSE OpenStack Cloud 9:openstack-neutron-ha-tool-13.0.8~dev164-3.37.4.noarch", }, product_reference: "openstack-neutron-ha-tool-13.0.8~dev164-3.37.4.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 9", }, { category: "default_component_of", full_product_name: { name: "openstack-neutron-l3-agent-13.0.8~dev164-3.37.4.noarch as component of SUSE OpenStack Cloud 9", product_id: "SUSE OpenStack Cloud 9:openstack-neutron-l3-agent-13.0.8~dev164-3.37.4.noarch", }, product_reference: "openstack-neutron-l3-agent-13.0.8~dev164-3.37.4.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 9", }, { category: "default_component_of", full_product_name: { name: "openstack-neutron-linuxbridge-agent-13.0.8~dev164-3.37.4.noarch as component of SUSE OpenStack Cloud 9", product_id: "SUSE OpenStack Cloud 9:openstack-neutron-linuxbridge-agent-13.0.8~dev164-3.37.4.noarch", }, product_reference: "openstack-neutron-linuxbridge-agent-13.0.8~dev164-3.37.4.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 9", }, { category: "default_component_of", full_product_name: { name: "openstack-neutron-macvtap-agent-13.0.8~dev164-3.37.4.noarch as component of SUSE OpenStack Cloud 9", product_id: "SUSE OpenStack Cloud 9:openstack-neutron-macvtap-agent-13.0.8~dev164-3.37.4.noarch", }, product_reference: "openstack-neutron-macvtap-agent-13.0.8~dev164-3.37.4.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 9", }, { category: "default_component_of", full_product_name: { name: "openstack-neutron-metadata-agent-13.0.8~dev164-3.37.4.noarch as component of SUSE OpenStack Cloud 9", product_id: "SUSE OpenStack Cloud 9:openstack-neutron-metadata-agent-13.0.8~dev164-3.37.4.noarch", }, product_reference: "openstack-neutron-metadata-agent-13.0.8~dev164-3.37.4.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 9", }, { category: "default_component_of", full_product_name: { name: "openstack-neutron-metering-agent-13.0.8~dev164-3.37.4.noarch as component of SUSE OpenStack Cloud 9", product_id: "SUSE OpenStack Cloud 9:openstack-neutron-metering-agent-13.0.8~dev164-3.37.4.noarch", }, product_reference: "openstack-neutron-metering-agent-13.0.8~dev164-3.37.4.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 9", }, { category: "default_component_of", full_product_name: { name: "openstack-neutron-openvswitch-agent-13.0.8~dev164-3.37.4.noarch as component of SUSE OpenStack Cloud 9", product_id: "SUSE OpenStack Cloud 9:openstack-neutron-openvswitch-agent-13.0.8~dev164-3.37.4.noarch", }, product_reference: "openstack-neutron-openvswitch-agent-13.0.8~dev164-3.37.4.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 9", }, { category: "default_component_of", full_product_name: { name: "openstack-neutron-server-13.0.8~dev164-3.37.4.noarch as component of SUSE OpenStack Cloud 9", product_id: "SUSE OpenStack Cloud 9:openstack-neutron-server-13.0.8~dev164-3.37.4.noarch", }, product_reference: "openstack-neutron-server-13.0.8~dev164-3.37.4.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 9", }, { category: "default_component_of", full_product_name: { name: "openstack-nova-18.3.1~dev82-3.37.6.noarch as component of SUSE OpenStack Cloud 9", product_id: "SUSE OpenStack Cloud 9:openstack-nova-18.3.1~dev82-3.37.6.noarch", }, product_reference: "openstack-nova-18.3.1~dev82-3.37.6.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 9", }, { category: "default_component_of", full_product_name: { name: "openstack-nova-api-18.3.1~dev82-3.37.6.noarch as component of SUSE OpenStack Cloud 9", product_id: "SUSE OpenStack Cloud 9:openstack-nova-api-18.3.1~dev82-3.37.6.noarch", }, product_reference: "openstack-nova-api-18.3.1~dev82-3.37.6.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 9", }, { category: "default_component_of", full_product_name: { name: "openstack-nova-cells-18.3.1~dev82-3.37.6.noarch as component of SUSE OpenStack Cloud 9", product_id: "SUSE OpenStack Cloud 9:openstack-nova-cells-18.3.1~dev82-3.37.6.noarch", }, product_reference: "openstack-nova-cells-18.3.1~dev82-3.37.6.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 9", }, { category: "default_component_of", full_product_name: { name: "openstack-nova-compute-18.3.1~dev82-3.37.6.noarch as component of SUSE OpenStack Cloud 9", product_id: "SUSE OpenStack Cloud 9:openstack-nova-compute-18.3.1~dev82-3.37.6.noarch", }, product_reference: "openstack-nova-compute-18.3.1~dev82-3.37.6.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 9", }, { category: "default_component_of", full_product_name: { name: "openstack-nova-conductor-18.3.1~dev82-3.37.6.noarch as component of SUSE OpenStack Cloud 9", product_id: "SUSE OpenStack Cloud 9:openstack-nova-conductor-18.3.1~dev82-3.37.6.noarch", }, product_reference: "openstack-nova-conductor-18.3.1~dev82-3.37.6.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 9", }, { category: "default_component_of", full_product_name: { name: "openstack-nova-console-18.3.1~dev82-3.37.6.noarch as component of SUSE OpenStack Cloud 9", product_id: "SUSE OpenStack Cloud 9:openstack-nova-console-18.3.1~dev82-3.37.6.noarch", }, product_reference: "openstack-nova-console-18.3.1~dev82-3.37.6.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 9", }, { category: "default_component_of", full_product_name: { name: "openstack-nova-novncproxy-18.3.1~dev82-3.37.6.noarch as component of SUSE OpenStack Cloud 9", product_id: "SUSE OpenStack Cloud 9:openstack-nova-novncproxy-18.3.1~dev82-3.37.6.noarch", }, product_reference: "openstack-nova-novncproxy-18.3.1~dev82-3.37.6.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 9", }, { category: "default_component_of", full_product_name: { name: "openstack-nova-placement-api-18.3.1~dev82-3.37.6.noarch as component of SUSE OpenStack Cloud 9", product_id: "SUSE OpenStack Cloud 9:openstack-nova-placement-api-18.3.1~dev82-3.37.6.noarch", }, product_reference: "openstack-nova-placement-api-18.3.1~dev82-3.37.6.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 9", }, { category: "default_component_of", full_product_name: { name: "openstack-nova-scheduler-18.3.1~dev82-3.37.6.noarch as component of SUSE OpenStack Cloud 9", product_id: "SUSE OpenStack Cloud 9:openstack-nova-scheduler-18.3.1~dev82-3.37.6.noarch", }, product_reference: "openstack-nova-scheduler-18.3.1~dev82-3.37.6.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 9", }, { category: "default_component_of", full_product_name: { name: "openstack-nova-serialproxy-18.3.1~dev82-3.37.6.noarch as component of SUSE OpenStack Cloud 9", product_id: "SUSE OpenStack Cloud 9:openstack-nova-serialproxy-18.3.1~dev82-3.37.6.noarch", }, product_reference: "openstack-nova-serialproxy-18.3.1~dev82-3.37.6.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 9", }, { category: "default_component_of", full_product_name: { name: "openstack-nova-vncproxy-18.3.1~dev82-3.37.6.noarch as component of SUSE OpenStack Cloud 9", product_id: "SUSE OpenStack Cloud 9:openstack-nova-vncproxy-18.3.1~dev82-3.37.6.noarch", }, product_reference: "openstack-nova-vncproxy-18.3.1~dev82-3.37.6.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 9", }, { category: "default_component_of", full_product_name: { name: "python-Django1-1.11.29-3.25.1.noarch as component of SUSE OpenStack Cloud 9", product_id: "SUSE OpenStack Cloud 9:python-Django1-1.11.29-3.25.1.noarch", }, product_reference: "python-Django1-1.11.29-3.25.1.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 9", }, { category: "default_component_of", full_product_name: { name: "python-elementpath-1.3.1-1.3.2.noarch as component of SUSE OpenStack Cloud 9", product_id: "SUSE OpenStack Cloud 9:python-elementpath-1.3.1-1.3.2.noarch", }, product_reference: "python-elementpath-1.3.1-1.3.2.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 9", }, { category: "default_component_of", full_product_name: { name: "python-horizon-14.1.1~dev11-3.24.6.noarch as component of SUSE OpenStack Cloud 9", product_id: "SUSE OpenStack Cloud 9:python-horizon-14.1.1~dev11-3.24.6.noarch", }, product_reference: "python-horizon-14.1.1~dev11-3.24.6.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 9", }, { category: "default_component_of", full_product_name: { name: "python-ironic-11.1.5~dev17-3.25.5.noarch as component of SUSE OpenStack Cloud 9", product_id: "SUSE OpenStack Cloud 9:python-ironic-11.1.5~dev17-3.25.5.noarch", }, product_reference: "python-ironic-11.1.5~dev17-3.25.5.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 9", }, { category: "default_component_of", full_product_name: { name: "python-neutron-13.0.8~dev164-3.37.4.noarch as component of SUSE OpenStack Cloud 9", product_id: "SUSE OpenStack Cloud 9:python-neutron-13.0.8~dev164-3.37.4.noarch", }, product_reference: "python-neutron-13.0.8~dev164-3.37.4.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 9", }, { category: "default_component_of", full_product_name: { name: "python-neutron-gbp-12.0.1~dev29-3.25.3.noarch as component of SUSE OpenStack Cloud 9", product_id: "SUSE OpenStack Cloud 9:python-neutron-gbp-12.0.1~dev29-3.25.3.noarch", }, product_reference: "python-neutron-gbp-12.0.1~dev29-3.25.3.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 9", }, { category: "default_component_of", full_product_name: { name: "python-nova-18.3.1~dev82-3.37.6.noarch as component of SUSE OpenStack Cloud 9", product_id: "SUSE OpenStack Cloud 9:python-nova-18.3.1~dev82-3.37.6.noarch", }, product_reference: "python-nova-18.3.1~dev82-3.37.6.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 9", }, { category: "default_component_of", full_product_name: { name: "python-openstack_auth-14.1.1~dev11-3.24.6.noarch as component of SUSE OpenStack Cloud 9", product_id: "SUSE OpenStack Cloud 9:python-openstack_auth-14.1.1~dev11-3.24.6.noarch", }, product_reference: "python-openstack_auth-14.1.1~dev11-3.24.6.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 9", }, { category: "default_component_of", full_product_name: { name: "python-py-1.5.4-3.3.2.noarch as component of SUSE OpenStack Cloud 9", product_id: "SUSE OpenStack Cloud 9:python-py-1.5.4-3.3.2.noarch", }, product_reference: "python-py-1.5.4-3.3.2.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 9", }, { category: "default_component_of", full_product_name: { name: "python-pysaml2-4.5.0-4.6.2.noarch as component of SUSE OpenStack Cloud 9", product_id: "SUSE OpenStack Cloud 9:python-pysaml2-4.5.0-4.6.2.noarch", }, product_reference: "python-pysaml2-4.5.0-4.6.2.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 9", }, { category: "default_component_of", full_product_name: { name: "python-xmlschema-1.0.18-1.3.2.noarch as component of SUSE OpenStack Cloud 9", product_id: "SUSE OpenStack Cloud 9:python-xmlschema-1.0.18-1.3.2.noarch", }, product_reference: "python-xmlschema-1.0.18-1.3.2.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 9", }, { category: "default_component_of", full_product_name: { name: "venv-openstack-barbican-x86_64-7.0.1~dev24-3.23.1.noarch as component of SUSE OpenStack Cloud 9", product_id: "SUSE OpenStack Cloud 9:venv-openstack-barbican-x86_64-7.0.1~dev24-3.23.1.noarch", }, product_reference: "venv-openstack-barbican-x86_64-7.0.1~dev24-3.23.1.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 9", }, { category: "default_component_of", full_product_name: { name: "venv-openstack-cinder-x86_64-13.0.10~dev20-3.26.1.noarch as component of SUSE OpenStack Cloud 9", product_id: "SUSE OpenStack Cloud 9:venv-openstack-cinder-x86_64-13.0.10~dev20-3.26.1.noarch", }, product_reference: "venv-openstack-cinder-x86_64-13.0.10~dev20-3.26.1.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 9", }, { category: "default_component_of", full_product_name: { name: "venv-openstack-designate-x86_64-7.0.2~dev2-3.23.1.noarch as component of SUSE OpenStack Cloud 9", product_id: "SUSE OpenStack Cloud 9:venv-openstack-designate-x86_64-7.0.2~dev2-3.23.1.noarch", }, product_reference: "venv-openstack-designate-x86_64-7.0.2~dev2-3.23.1.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 9", }, { category: "default_component_of", full_product_name: { name: "venv-openstack-glance-x86_64-17.0.1~dev30-3.21.1.noarch as component of SUSE OpenStack Cloud 9", product_id: "SUSE OpenStack Cloud 9:venv-openstack-glance-x86_64-17.0.1~dev30-3.21.1.noarch", }, product_reference: "venv-openstack-glance-x86_64-17.0.1~dev30-3.21.1.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 9", }, { category: "default_component_of", full_product_name: { name: "venv-openstack-heat-x86_64-11.0.4~dev4-3.23.1.noarch as component of SUSE OpenStack Cloud 9", product_id: "SUSE OpenStack Cloud 9:venv-openstack-heat-x86_64-11.0.4~dev4-3.23.1.noarch", }, product_reference: "venv-openstack-heat-x86_64-11.0.4~dev4-3.23.1.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 9", }, { category: "default_component_of", full_product_name: { name: "venv-openstack-horizon-x86_64-14.1.1~dev11-4.27.3.noarch as component of SUSE OpenStack Cloud 9", product_id: "SUSE OpenStack Cloud 9:venv-openstack-horizon-x86_64-14.1.1~dev11-4.27.3.noarch", }, product_reference: "venv-openstack-horizon-x86_64-14.1.1~dev11-4.27.3.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 9", }, { category: "default_component_of", full_product_name: { name: "venv-openstack-ironic-x86_64-11.1.5~dev17-4.21.2.noarch as component of SUSE OpenStack Cloud 9", product_id: "SUSE OpenStack Cloud 9:venv-openstack-ironic-x86_64-11.1.5~dev17-4.21.2.noarch", }, product_reference: "venv-openstack-ironic-x86_64-11.1.5~dev17-4.21.2.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 9", }, { category: "default_component_of", full_product_name: { name: "venv-openstack-keystone-x86_64-14.2.1~dev4-3.24.3.noarch as component of SUSE OpenStack Cloud 9", product_id: "SUSE OpenStack Cloud 9:venv-openstack-keystone-x86_64-14.2.1~dev4-3.24.3.noarch", }, product_reference: "venv-openstack-keystone-x86_64-14.2.1~dev4-3.24.3.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 9", }, { category: "default_component_of", full_product_name: { name: "venv-openstack-magnum-x86_64-7.2.1~dev1-4.23.1.noarch as component of SUSE OpenStack Cloud 9", product_id: "SUSE OpenStack Cloud 9:venv-openstack-magnum-x86_64-7.2.1~dev1-4.23.1.noarch", }, product_reference: "venv-openstack-magnum-x86_64-7.2.1~dev1-4.23.1.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 9", }, { category: "default_component_of", full_product_name: { name: "venv-openstack-manila-x86_64-7.4.2~dev60-3.29.1.noarch as component of SUSE OpenStack Cloud 9", product_id: "SUSE OpenStack Cloud 9:venv-openstack-manila-x86_64-7.4.2~dev60-3.29.1.noarch", }, product_reference: "venv-openstack-manila-x86_64-7.4.2~dev60-3.29.1.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 9", }, { category: "default_component_of", full_product_name: { name: "venv-openstack-monasca-ceilometer-x86_64-1.8.2~dev3-3.23.2.noarch as component of SUSE OpenStack Cloud 9", product_id: "SUSE OpenStack Cloud 9:venv-openstack-monasca-ceilometer-x86_64-1.8.2~dev3-3.23.2.noarch", }, product_reference: "venv-openstack-monasca-ceilometer-x86_64-1.8.2~dev3-3.23.2.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 9", }, { category: "default_component_of", full_product_name: { name: "venv-openstack-monasca-x86_64-2.7.1~dev10-3.21.1.noarch as component of SUSE OpenStack Cloud 9", product_id: "SUSE OpenStack Cloud 9:venv-openstack-monasca-x86_64-2.7.1~dev10-3.21.1.noarch", }, product_reference: "venv-openstack-monasca-x86_64-2.7.1~dev10-3.21.1.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 9", }, { category: "default_component_of", full_product_name: { name: "venv-openstack-neutron-x86_64-13.0.8~dev164-6.27.3.noarch as component of SUSE OpenStack Cloud 9", product_id: "SUSE OpenStack Cloud 9:venv-openstack-neutron-x86_64-13.0.8~dev164-6.27.3.noarch", }, product_reference: "venv-openstack-neutron-x86_64-13.0.8~dev164-6.27.3.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 9", }, { category: "default_component_of", full_product_name: { name: "venv-openstack-nova-x86_64-18.3.1~dev82-3.27.3.noarch as component of SUSE OpenStack Cloud 9", product_id: "SUSE OpenStack Cloud 9:venv-openstack-nova-x86_64-18.3.1~dev82-3.27.3.noarch", }, product_reference: "venv-openstack-nova-x86_64-18.3.1~dev82-3.27.3.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 9", }, { category: "default_component_of", full_product_name: { name: "venv-openstack-octavia-x86_64-3.2.3~dev7-4.23.1.noarch as component of SUSE OpenStack Cloud 9", product_id: "SUSE OpenStack Cloud 9:venv-openstack-octavia-x86_64-3.2.3~dev7-4.23.1.noarch", }, product_reference: "venv-openstack-octavia-x86_64-3.2.3~dev7-4.23.1.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 9", }, { category: "default_component_of", full_product_name: { name: "venv-openstack-sahara-x86_64-9.0.2~dev15-3.23.1.noarch as component of SUSE OpenStack Cloud 9", product_id: "SUSE OpenStack Cloud 9:venv-openstack-sahara-x86_64-9.0.2~dev15-3.23.1.noarch", }, product_reference: "venv-openstack-sahara-x86_64-9.0.2~dev15-3.23.1.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 9", }, { category: "default_component_of", full_product_name: { name: "venv-openstack-swift-x86_64-2.19.2~dev48-2.18.1.noarch as component of SUSE OpenStack Cloud 9", product_id: "SUSE OpenStack Cloud 9:venv-openstack-swift-x86_64-2.19.2~dev48-2.18.1.noarch", }, product_reference: "venv-openstack-swift-x86_64-2.19.2~dev48-2.18.1.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 9", }, { category: "default_component_of", full_product_name: { name: "cassandra-3.11.10-3.3.3.x86_64 as component of SUSE OpenStack Cloud Crowbar 9", product_id: "SUSE OpenStack Cloud Crowbar 9:cassandra-3.11.10-3.3.3.x86_64", }, product_reference: "cassandra-3.11.10-3.3.3.x86_64", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 9", }, { category: "default_component_of", full_product_name: { name: "cassandra-tools-3.11.10-3.3.3.x86_64 as component of SUSE OpenStack Cloud Crowbar 9", product_id: "SUSE OpenStack Cloud Crowbar 9:cassandra-tools-3.11.10-3.3.3.x86_64", }, product_reference: "cassandra-tools-3.11.10-3.3.3.x86_64", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 9", }, { category: "default_component_of", full_product_name: { name: "crowbar-openstack-6.0+git.1616146717.a89ae0f4e-3.34.4.noarch as component of SUSE OpenStack Cloud Crowbar 9", product_id: "SUSE OpenStack Cloud Crowbar 9:crowbar-openstack-6.0+git.1616146717.a89ae0f4e-3.34.4.noarch", }, product_reference: "crowbar-openstack-6.0+git.1616146717.a89ae0f4e-3.34.4.noarch", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 9", }, { category: "default_component_of", full_product_name: { name: "grafana-6.7.4-3.23.2.x86_64 as component of SUSE OpenStack Cloud Crowbar 9", product_id: "SUSE OpenStack Cloud Crowbar 9:grafana-6.7.4-3.23.2.x86_64", }, product_reference: "grafana-6.7.4-3.23.2.x86_64", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 9", }, { category: "default_component_of", full_product_name: { name: "kibana-4.6.6-4.9.2.x86_64 as component of SUSE OpenStack Cloud Crowbar 9", product_id: "SUSE OpenStack Cloud Crowbar 9:kibana-4.6.6-4.9.2.x86_64", }, product_reference: "kibana-4.6.6-4.9.2.x86_64", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 9", }, { category: "default_component_of", full_product_name: { name: "openstack-dashboard-14.1.1~dev11-3.24.6.noarch as component of SUSE OpenStack Cloud Crowbar 9", product_id: "SUSE OpenStack Cloud Crowbar 9:openstack-dashboard-14.1.1~dev11-3.24.6.noarch", }, product_reference: "openstack-dashboard-14.1.1~dev11-3.24.6.noarch", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 9", }, { category: "default_component_of", full_product_name: { name: "openstack-ironic-11.1.5~dev17-3.25.5.noarch as component of SUSE OpenStack Cloud Crowbar 9", product_id: "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-11.1.5~dev17-3.25.5.noarch", }, product_reference: "openstack-ironic-11.1.5~dev17-3.25.5.noarch", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 9", }, { category: "default_component_of", full_product_name: { name: "openstack-ironic-api-11.1.5~dev17-3.25.5.noarch as component of SUSE OpenStack Cloud Crowbar 9", product_id: "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-api-11.1.5~dev17-3.25.5.noarch", }, product_reference: "openstack-ironic-api-11.1.5~dev17-3.25.5.noarch", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 9", }, { category: "default_component_of", full_product_name: { name: "openstack-ironic-conductor-11.1.5~dev17-3.25.5.noarch as component of SUSE OpenStack Cloud Crowbar 9", product_id: "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-conductor-11.1.5~dev17-3.25.5.noarch", }, product_reference: "openstack-ironic-conductor-11.1.5~dev17-3.25.5.noarch", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 9", }, { category: "default_component_of", full_product_name: { name: "openstack-neutron-13.0.8~dev164-3.37.4.noarch as component of SUSE OpenStack Cloud Crowbar 9", product_id: "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-13.0.8~dev164-3.37.4.noarch", }, product_reference: "openstack-neutron-13.0.8~dev164-3.37.4.noarch", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 9", }, { category: "default_component_of", full_product_name: { name: "openstack-neutron-dhcp-agent-13.0.8~dev164-3.37.4.noarch as component of SUSE OpenStack Cloud Crowbar 9", product_id: "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-dhcp-agent-13.0.8~dev164-3.37.4.noarch", }, product_reference: "openstack-neutron-dhcp-agent-13.0.8~dev164-3.37.4.noarch", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 9", }, { category: "default_component_of", full_product_name: { name: "openstack-neutron-gbp-12.0.1~dev29-3.25.3.noarch as component of SUSE OpenStack Cloud Crowbar 9", product_id: "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-gbp-12.0.1~dev29-3.25.3.noarch", }, product_reference: "openstack-neutron-gbp-12.0.1~dev29-3.25.3.noarch", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 9", }, { category: "default_component_of", full_product_name: { name: "openstack-neutron-ha-tool-13.0.8~dev164-3.37.4.noarch as component of SUSE OpenStack Cloud Crowbar 9", product_id: "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-ha-tool-13.0.8~dev164-3.37.4.noarch", }, product_reference: "openstack-neutron-ha-tool-13.0.8~dev164-3.37.4.noarch", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 9", }, { category: "default_component_of", full_product_name: { name: "openstack-neutron-l3-agent-13.0.8~dev164-3.37.4.noarch as component of SUSE OpenStack Cloud Crowbar 9", product_id: "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-l3-agent-13.0.8~dev164-3.37.4.noarch", }, product_reference: "openstack-neutron-l3-agent-13.0.8~dev164-3.37.4.noarch", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 9", }, { category: "default_component_of", full_product_name: { name: "openstack-neutron-linuxbridge-agent-13.0.8~dev164-3.37.4.noarch as component of SUSE OpenStack Cloud Crowbar 9", product_id: "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-linuxbridge-agent-13.0.8~dev164-3.37.4.noarch", }, product_reference: "openstack-neutron-linuxbridge-agent-13.0.8~dev164-3.37.4.noarch", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 9", }, { category: "default_component_of", full_product_name: { name: "openstack-neutron-macvtap-agent-13.0.8~dev164-3.37.4.noarch as component of SUSE OpenStack Cloud Crowbar 9", product_id: "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-macvtap-agent-13.0.8~dev164-3.37.4.noarch", }, product_reference: "openstack-neutron-macvtap-agent-13.0.8~dev164-3.37.4.noarch", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 9", }, { category: "default_component_of", full_product_name: { name: "openstack-neutron-metadata-agent-13.0.8~dev164-3.37.4.noarch as component of SUSE OpenStack Cloud Crowbar 9", product_id: "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-metadata-agent-13.0.8~dev164-3.37.4.noarch", }, product_reference: "openstack-neutron-metadata-agent-13.0.8~dev164-3.37.4.noarch", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 9", }, { category: "default_component_of", full_product_name: { name: "openstack-neutron-metering-agent-13.0.8~dev164-3.37.4.noarch as component of SUSE OpenStack Cloud Crowbar 9", product_id: "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-metering-agent-13.0.8~dev164-3.37.4.noarch", }, product_reference: "openstack-neutron-metering-agent-13.0.8~dev164-3.37.4.noarch", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 9", }, { category: "default_component_of", full_product_name: { name: "openstack-neutron-openvswitch-agent-13.0.8~dev164-3.37.4.noarch as component of SUSE OpenStack Cloud Crowbar 9", product_id: "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-openvswitch-agent-13.0.8~dev164-3.37.4.noarch", }, product_reference: "openstack-neutron-openvswitch-agent-13.0.8~dev164-3.37.4.noarch", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 9", }, { category: "default_component_of", full_product_name: { name: "openstack-neutron-server-13.0.8~dev164-3.37.4.noarch as component of SUSE OpenStack Cloud Crowbar 9", product_id: "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-server-13.0.8~dev164-3.37.4.noarch", }, product_reference: "openstack-neutron-server-13.0.8~dev164-3.37.4.noarch", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 9", }, { category: "default_component_of", full_product_name: { name: "openstack-nova-18.3.1~dev82-3.37.6.noarch as component of SUSE OpenStack Cloud Crowbar 9", product_id: "SUSE OpenStack Cloud Crowbar 9:openstack-nova-18.3.1~dev82-3.37.6.noarch", }, product_reference: "openstack-nova-18.3.1~dev82-3.37.6.noarch", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 9", }, { category: "default_component_of", full_product_name: { name: "openstack-nova-api-18.3.1~dev82-3.37.6.noarch as component of SUSE OpenStack Cloud Crowbar 9", product_id: "SUSE OpenStack Cloud Crowbar 9:openstack-nova-api-18.3.1~dev82-3.37.6.noarch", }, product_reference: "openstack-nova-api-18.3.1~dev82-3.37.6.noarch", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 9", }, { category: "default_component_of", full_product_name: { name: "openstack-nova-cells-18.3.1~dev82-3.37.6.noarch as component of SUSE OpenStack Cloud Crowbar 9", product_id: "SUSE OpenStack Cloud Crowbar 9:openstack-nova-cells-18.3.1~dev82-3.37.6.noarch", }, product_reference: "openstack-nova-cells-18.3.1~dev82-3.37.6.noarch", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 9", }, { category: "default_component_of", full_product_name: { name: "openstack-nova-compute-18.3.1~dev82-3.37.6.noarch as component of SUSE OpenStack Cloud Crowbar 9", product_id: "SUSE OpenStack Cloud Crowbar 9:openstack-nova-compute-18.3.1~dev82-3.37.6.noarch", }, product_reference: "openstack-nova-compute-18.3.1~dev82-3.37.6.noarch", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 9", }, { category: "default_component_of", full_product_name: { name: "openstack-nova-conductor-18.3.1~dev82-3.37.6.noarch as component of SUSE OpenStack Cloud Crowbar 9", product_id: "SUSE OpenStack Cloud Crowbar 9:openstack-nova-conductor-18.3.1~dev82-3.37.6.noarch", }, product_reference: "openstack-nova-conductor-18.3.1~dev82-3.37.6.noarch", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 9", }, { category: "default_component_of", full_product_name: { name: "openstack-nova-console-18.3.1~dev82-3.37.6.noarch as component of SUSE OpenStack Cloud Crowbar 9", product_id: "SUSE OpenStack Cloud Crowbar 9:openstack-nova-console-18.3.1~dev82-3.37.6.noarch", }, product_reference: "openstack-nova-console-18.3.1~dev82-3.37.6.noarch", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 9", }, { category: "default_component_of", full_product_name: { name: "openstack-nova-novncproxy-18.3.1~dev82-3.37.6.noarch as component of SUSE OpenStack Cloud Crowbar 9", product_id: "SUSE OpenStack Cloud Crowbar 9:openstack-nova-novncproxy-18.3.1~dev82-3.37.6.noarch", }, product_reference: "openstack-nova-novncproxy-18.3.1~dev82-3.37.6.noarch", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 9", }, { category: "default_component_of", full_product_name: { name: "openstack-nova-placement-api-18.3.1~dev82-3.37.6.noarch as component of SUSE OpenStack Cloud Crowbar 9", product_id: "SUSE OpenStack Cloud Crowbar 9:openstack-nova-placement-api-18.3.1~dev82-3.37.6.noarch", }, product_reference: "openstack-nova-placement-api-18.3.1~dev82-3.37.6.noarch", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 9", }, { category: "default_component_of", full_product_name: { name: "openstack-nova-scheduler-18.3.1~dev82-3.37.6.noarch as component of SUSE OpenStack Cloud Crowbar 9", product_id: "SUSE OpenStack Cloud Crowbar 9:openstack-nova-scheduler-18.3.1~dev82-3.37.6.noarch", }, product_reference: "openstack-nova-scheduler-18.3.1~dev82-3.37.6.noarch", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 9", }, { category: "default_component_of", full_product_name: { name: "openstack-nova-serialproxy-18.3.1~dev82-3.37.6.noarch as component of SUSE OpenStack Cloud Crowbar 9", product_id: "SUSE OpenStack Cloud Crowbar 9:openstack-nova-serialproxy-18.3.1~dev82-3.37.6.noarch", }, product_reference: "openstack-nova-serialproxy-18.3.1~dev82-3.37.6.noarch", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 9", }, { category: "default_component_of", full_product_name: { name: "openstack-nova-vncproxy-18.3.1~dev82-3.37.6.noarch as component of SUSE OpenStack Cloud Crowbar 9", product_id: "SUSE OpenStack Cloud Crowbar 9:openstack-nova-vncproxy-18.3.1~dev82-3.37.6.noarch", }, product_reference: "openstack-nova-vncproxy-18.3.1~dev82-3.37.6.noarch", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 9", }, { category: "default_component_of", full_product_name: { name: "python-Django1-1.11.29-3.25.1.noarch as component of SUSE OpenStack Cloud Crowbar 9", product_id: "SUSE OpenStack Cloud Crowbar 9:python-Django1-1.11.29-3.25.1.noarch", }, product_reference: "python-Django1-1.11.29-3.25.1.noarch", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 9", }, { category: "default_component_of", full_product_name: { name: "python-elementpath-1.3.1-1.3.2.noarch as component of SUSE OpenStack Cloud Crowbar 9", product_id: "SUSE OpenStack Cloud Crowbar 9:python-elementpath-1.3.1-1.3.2.noarch", }, product_reference: "python-elementpath-1.3.1-1.3.2.noarch", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 9", }, { category: "default_component_of", full_product_name: { name: "python-horizon-14.1.1~dev11-3.24.6.noarch as component of SUSE OpenStack Cloud Crowbar 9", product_id: "SUSE OpenStack Cloud Crowbar 9:python-horizon-14.1.1~dev11-3.24.6.noarch", }, product_reference: "python-horizon-14.1.1~dev11-3.24.6.noarch", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 9", }, { category: "default_component_of", full_product_name: { name: "python-ironic-11.1.5~dev17-3.25.5.noarch as component of SUSE OpenStack Cloud Crowbar 9", product_id: "SUSE OpenStack Cloud Crowbar 9:python-ironic-11.1.5~dev17-3.25.5.noarch", }, product_reference: "python-ironic-11.1.5~dev17-3.25.5.noarch", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 9", }, { category: "default_component_of", full_product_name: { name: "python-neutron-13.0.8~dev164-3.37.4.noarch as component of SUSE OpenStack Cloud Crowbar 9", product_id: "SUSE OpenStack Cloud Crowbar 9:python-neutron-13.0.8~dev164-3.37.4.noarch", }, product_reference: "python-neutron-13.0.8~dev164-3.37.4.noarch", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 9", }, { category: "default_component_of", full_product_name: { name: "python-neutron-gbp-12.0.1~dev29-3.25.3.noarch as component of SUSE OpenStack Cloud Crowbar 9", product_id: "SUSE OpenStack Cloud Crowbar 9:python-neutron-gbp-12.0.1~dev29-3.25.3.noarch", }, product_reference: "python-neutron-gbp-12.0.1~dev29-3.25.3.noarch", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 9", }, { category: "default_component_of", full_product_name: { name: "python-nova-18.3.1~dev82-3.37.6.noarch as component of SUSE OpenStack Cloud Crowbar 9", product_id: "SUSE OpenStack Cloud Crowbar 9:python-nova-18.3.1~dev82-3.37.6.noarch", }, product_reference: "python-nova-18.3.1~dev82-3.37.6.noarch", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 9", }, { category: "default_component_of", full_product_name: { name: "python-openstack_auth-14.1.1~dev11-3.24.6.noarch as component of SUSE OpenStack Cloud Crowbar 9", product_id: "SUSE OpenStack Cloud Crowbar 9:python-openstack_auth-14.1.1~dev11-3.24.6.noarch", }, product_reference: "python-openstack_auth-14.1.1~dev11-3.24.6.noarch", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 9", }, { category: "default_component_of", full_product_name: { name: "python-py-1.5.4-3.3.2.noarch as component of SUSE OpenStack Cloud Crowbar 9", product_id: "SUSE OpenStack Cloud Crowbar 9:python-py-1.5.4-3.3.2.noarch", }, product_reference: "python-py-1.5.4-3.3.2.noarch", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 9", }, { category: "default_component_of", full_product_name: { name: "python-pysaml2-4.5.0-4.6.2.noarch as component of SUSE OpenStack Cloud Crowbar 9", product_id: "SUSE OpenStack Cloud Crowbar 9:python-pysaml2-4.5.0-4.6.2.noarch", }, product_reference: "python-pysaml2-4.5.0-4.6.2.noarch", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 9", }, { category: "default_component_of", full_product_name: { name: "python-xmlschema-1.0.18-1.3.2.noarch as component of SUSE OpenStack Cloud Crowbar 9", product_id: "SUSE OpenStack Cloud Crowbar 9:python-xmlschema-1.0.18-1.3.2.noarch", }, product_reference: "python-xmlschema-1.0.18-1.3.2.noarch", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 9", }, { category: "default_component_of", full_product_name: { name: "ruby2.1-rubygem-activerecord-session_store-0.1.2-4.3.2.x86_64 as component of SUSE OpenStack Cloud Crowbar 9", product_id: "SUSE OpenStack Cloud Crowbar 9:ruby2.1-rubygem-activerecord-session_store-0.1.2-4.3.2.x86_64", }, product_reference: "ruby2.1-rubygem-activerecord-session_store-0.1.2-4.3.2.x86_64", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 9", }, ], }, vulnerabilities: [ { cve: "CVE-2017-11481", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-11481", }, ], notes: [ { category: "general", text: "Kibana versions prior to 6.0.1 and 5.6.5 had a cross-site scripting (XSS) vulnerability via URL fields that could allow an attacker to obtain sensitive information from or perform destructive actions on behalf of other Kibana users.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE OpenStack Cloud 9:ardana-neutron-9.0+git.1615223676.777f0b3-3.25.2.noarch", "SUSE OpenStack Cloud 9:ardana-swift-9.0+git.1618235096.90974ed-3.10.2.noarch", "SUSE OpenStack Cloud 9:cassandra-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud 9:cassandra-tools-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud 9:grafana-6.7.4-3.23.2.x86_64", "SUSE OpenStack Cloud 9:kibana-4.6.6-4.9.2.x86_64", "SUSE OpenStack Cloud 9:openstack-dashboard-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-api-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-conductor-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-dhcp-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-ha-tool-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-l3-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-linuxbridge-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-macvtap-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-metadata-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-metering-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-openvswitch-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-server-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-cells-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-compute-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-conductor-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-console-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-novncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-placement-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-scheduler-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-serialproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-vncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:python-Django1-1.11.29-3.25.1.noarch", "SUSE OpenStack Cloud 9:python-elementpath-1.3.1-1.3.2.noarch", "SUSE OpenStack Cloud 9:python-horizon-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud 9:python-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:python-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:python-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud 9:python-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:python-openstack_auth-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud 9:python-py-1.5.4-3.3.2.noarch", "SUSE OpenStack Cloud 9:python-pysaml2-4.5.0-4.6.2.noarch", "SUSE OpenStack Cloud 9:python-xmlschema-1.0.18-1.3.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-barbican-x86_64-7.0.1~dev24-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-cinder-x86_64-13.0.10~dev20-3.26.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-designate-x86_64-7.0.2~dev2-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-glance-x86_64-17.0.1~dev30-3.21.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-heat-x86_64-11.0.4~dev4-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-horizon-x86_64-14.1.1~dev11-4.27.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-ironic-x86_64-11.1.5~dev17-4.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-keystone-x86_64-14.2.1~dev4-3.24.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-magnum-x86_64-7.2.1~dev1-4.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-manila-x86_64-7.4.2~dev60-3.29.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-monasca-ceilometer-x86_64-1.8.2~dev3-3.23.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-monasca-x86_64-2.7.1~dev10-3.21.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-neutron-x86_64-13.0.8~dev164-6.27.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-nova-x86_64-18.3.1~dev82-3.27.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-octavia-x86_64-3.2.3~dev7-4.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-sahara-x86_64-9.0.2~dev15-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-swift-x86_64-2.19.2~dev48-2.18.1.noarch", "SUSE OpenStack Cloud Crowbar 9:cassandra-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud Crowbar 9:cassandra-tools-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud Crowbar 9:crowbar-openstack-6.0+git.1616146717.a89ae0f4e-3.34.4.noarch", "SUSE OpenStack Cloud Crowbar 9:grafana-6.7.4-3.23.2.x86_64", "SUSE OpenStack Cloud Crowbar 9:kibana-4.6.6-4.9.2.x86_64", "SUSE OpenStack Cloud Crowbar 9:openstack-dashboard-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-api-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-conductor-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-dhcp-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-ha-tool-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-l3-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-linuxbridge-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-macvtap-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-metadata-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-metering-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-openvswitch-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-server-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-cells-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-compute-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-conductor-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-console-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-novncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-placement-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-scheduler-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-serialproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-vncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-Django1-1.11.29-3.25.1.noarch", "SUSE OpenStack Cloud Crowbar 9:python-elementpath-1.3.1-1.3.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-horizon-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud Crowbar 9:python-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-openstack_auth-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-py-1.5.4-3.3.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-pysaml2-4.5.0-4.6.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-xmlschema-1.0.18-1.3.2.noarch", "SUSE OpenStack Cloud Crowbar 9:ruby2.1-rubygem-activerecord-session_store-0.1.2-4.3.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-11481", url: "https://www.suse.com/security/cve/CVE-2017-11481", }, { category: "external", summary: "SUSE Bug 1044849 for CVE-2017-11481", url: "https://bugzilla.suse.com/1044849", }, { category: "external", summary: "SUSE Bug 1072315 for CVE-2017-11481", url: "https://bugzilla.suse.com/1072315", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE OpenStack Cloud 9:ardana-neutron-9.0+git.1615223676.777f0b3-3.25.2.noarch", "SUSE OpenStack Cloud 9:ardana-swift-9.0+git.1618235096.90974ed-3.10.2.noarch", "SUSE OpenStack Cloud 9:cassandra-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud 9:cassandra-tools-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud 9:grafana-6.7.4-3.23.2.x86_64", "SUSE OpenStack Cloud 9:kibana-4.6.6-4.9.2.x86_64", "SUSE OpenStack Cloud 9:openstack-dashboard-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-api-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-conductor-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-dhcp-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-ha-tool-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-l3-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-linuxbridge-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-macvtap-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-metadata-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-metering-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-openvswitch-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-server-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-cells-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-compute-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-conductor-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-console-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-novncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-placement-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-scheduler-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-serialproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-vncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:python-Django1-1.11.29-3.25.1.noarch", "SUSE OpenStack Cloud 9:python-elementpath-1.3.1-1.3.2.noarch", "SUSE OpenStack Cloud 9:python-horizon-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud 9:python-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:python-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:python-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud 9:python-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:python-openstack_auth-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud 9:python-py-1.5.4-3.3.2.noarch", "SUSE OpenStack Cloud 9:python-pysaml2-4.5.0-4.6.2.noarch", "SUSE OpenStack Cloud 9:python-xmlschema-1.0.18-1.3.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-barbican-x86_64-7.0.1~dev24-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-cinder-x86_64-13.0.10~dev20-3.26.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-designate-x86_64-7.0.2~dev2-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-glance-x86_64-17.0.1~dev30-3.21.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-heat-x86_64-11.0.4~dev4-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-horizon-x86_64-14.1.1~dev11-4.27.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-ironic-x86_64-11.1.5~dev17-4.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-keystone-x86_64-14.2.1~dev4-3.24.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-magnum-x86_64-7.2.1~dev1-4.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-manila-x86_64-7.4.2~dev60-3.29.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-monasca-ceilometer-x86_64-1.8.2~dev3-3.23.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-monasca-x86_64-2.7.1~dev10-3.21.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-neutron-x86_64-13.0.8~dev164-6.27.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-nova-x86_64-18.3.1~dev82-3.27.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-octavia-x86_64-3.2.3~dev7-4.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-sahara-x86_64-9.0.2~dev15-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-swift-x86_64-2.19.2~dev48-2.18.1.noarch", "SUSE OpenStack Cloud Crowbar 9:cassandra-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud Crowbar 9:cassandra-tools-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud Crowbar 9:crowbar-openstack-6.0+git.1616146717.a89ae0f4e-3.34.4.noarch", "SUSE OpenStack Cloud Crowbar 9:grafana-6.7.4-3.23.2.x86_64", "SUSE OpenStack Cloud Crowbar 9:kibana-4.6.6-4.9.2.x86_64", "SUSE OpenStack Cloud Crowbar 9:openstack-dashboard-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-api-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-conductor-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-dhcp-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-ha-tool-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-l3-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-linuxbridge-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-macvtap-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-metadata-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-metering-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-openvswitch-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-server-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-cells-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-compute-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-conductor-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-console-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-novncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-placement-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-scheduler-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-serialproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-vncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-Django1-1.11.29-3.25.1.noarch", "SUSE OpenStack Cloud Crowbar 9:python-elementpath-1.3.1-1.3.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-horizon-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud Crowbar 9:python-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-openstack_auth-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-py-1.5.4-3.3.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-pysaml2-4.5.0-4.6.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-xmlschema-1.0.18-1.3.2.noarch", "SUSE OpenStack Cloud Crowbar 9:ruby2.1-rubygem-activerecord-session_store-0.1.2-4.3.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N", version: "3.0", }, products: [ "SUSE OpenStack Cloud 9:ardana-neutron-9.0+git.1615223676.777f0b3-3.25.2.noarch", "SUSE OpenStack Cloud 9:ardana-swift-9.0+git.1618235096.90974ed-3.10.2.noarch", "SUSE OpenStack Cloud 9:cassandra-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud 9:cassandra-tools-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud 9:grafana-6.7.4-3.23.2.x86_64", "SUSE OpenStack Cloud 9:kibana-4.6.6-4.9.2.x86_64", "SUSE OpenStack Cloud 9:openstack-dashboard-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-api-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-conductor-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-dhcp-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-ha-tool-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-l3-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-linuxbridge-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-macvtap-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-metadata-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-metering-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-openvswitch-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-server-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-cells-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-compute-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-conductor-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-console-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-novncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-placement-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-scheduler-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-serialproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-vncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:python-Django1-1.11.29-3.25.1.noarch", "SUSE OpenStack Cloud 9:python-elementpath-1.3.1-1.3.2.noarch", "SUSE OpenStack Cloud 9:python-horizon-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud 9:python-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:python-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:python-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud 9:python-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:python-openstack_auth-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud 9:python-py-1.5.4-3.3.2.noarch", "SUSE OpenStack Cloud 9:python-pysaml2-4.5.0-4.6.2.noarch", "SUSE OpenStack Cloud 9:python-xmlschema-1.0.18-1.3.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-barbican-x86_64-7.0.1~dev24-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-cinder-x86_64-13.0.10~dev20-3.26.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-designate-x86_64-7.0.2~dev2-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-glance-x86_64-17.0.1~dev30-3.21.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-heat-x86_64-11.0.4~dev4-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-horizon-x86_64-14.1.1~dev11-4.27.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-ironic-x86_64-11.1.5~dev17-4.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-keystone-x86_64-14.2.1~dev4-3.24.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-magnum-x86_64-7.2.1~dev1-4.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-manila-x86_64-7.4.2~dev60-3.29.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-monasca-ceilometer-x86_64-1.8.2~dev3-3.23.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-monasca-x86_64-2.7.1~dev10-3.21.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-neutron-x86_64-13.0.8~dev164-6.27.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-nova-x86_64-18.3.1~dev82-3.27.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-octavia-x86_64-3.2.3~dev7-4.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-sahara-x86_64-9.0.2~dev15-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-swift-x86_64-2.19.2~dev48-2.18.1.noarch", "SUSE OpenStack Cloud Crowbar 9:cassandra-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud Crowbar 9:cassandra-tools-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud Crowbar 9:crowbar-openstack-6.0+git.1616146717.a89ae0f4e-3.34.4.noarch", "SUSE OpenStack Cloud Crowbar 9:grafana-6.7.4-3.23.2.x86_64", "SUSE OpenStack Cloud Crowbar 9:kibana-4.6.6-4.9.2.x86_64", "SUSE OpenStack Cloud Crowbar 9:openstack-dashboard-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-api-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-conductor-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-dhcp-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-ha-tool-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-l3-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-linuxbridge-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-macvtap-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-metadata-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-metering-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-openvswitch-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-server-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-cells-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-compute-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-conductor-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-console-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-novncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-placement-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-scheduler-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-serialproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-vncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-Django1-1.11.29-3.25.1.noarch", "SUSE OpenStack Cloud Crowbar 9:python-elementpath-1.3.1-1.3.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-horizon-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud Crowbar 9:python-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-openstack_auth-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-py-1.5.4-3.3.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-pysaml2-4.5.0-4.6.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-xmlschema-1.0.18-1.3.2.noarch", "SUSE OpenStack Cloud Crowbar 9:ruby2.1-rubygem-activerecord-session_store-0.1.2-4.3.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2021-06-11T13:13:53Z", details: "moderate", }, ], title: "CVE-2017-11481", }, { cve: "CVE-2017-11499", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-11499", }, ], notes: [ { category: "general", text: "Node.js v4.0 through v4.8.3, all versions of v5.x, v6.0 through v6.11.0, v7.0 through v7.10.0, and v8.0 through v8.1.3 was susceptible to hash flooding remote DoS attacks as the HashTable seed was constant across a given released version of Node.js. This was a result of building with V8 snapshots enabled by default which caused the initially randomized seed to be overwritten on startup.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE OpenStack Cloud 9:ardana-neutron-9.0+git.1615223676.777f0b3-3.25.2.noarch", "SUSE OpenStack Cloud 9:ardana-swift-9.0+git.1618235096.90974ed-3.10.2.noarch", "SUSE OpenStack Cloud 9:cassandra-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud 9:cassandra-tools-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud 9:grafana-6.7.4-3.23.2.x86_64", "SUSE OpenStack Cloud 9:kibana-4.6.6-4.9.2.x86_64", "SUSE OpenStack Cloud 9:openstack-dashboard-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-api-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-conductor-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-dhcp-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-ha-tool-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-l3-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-linuxbridge-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-macvtap-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-metadata-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-metering-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-openvswitch-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-server-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-cells-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-compute-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-conductor-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-console-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-novncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-placement-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-scheduler-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-serialproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-vncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:python-Django1-1.11.29-3.25.1.noarch", "SUSE OpenStack Cloud 9:python-elementpath-1.3.1-1.3.2.noarch", "SUSE OpenStack Cloud 9:python-horizon-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud 9:python-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:python-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:python-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud 9:python-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:python-openstack_auth-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud 9:python-py-1.5.4-3.3.2.noarch", "SUSE OpenStack Cloud 9:python-pysaml2-4.5.0-4.6.2.noarch", "SUSE OpenStack Cloud 9:python-xmlschema-1.0.18-1.3.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-barbican-x86_64-7.0.1~dev24-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-cinder-x86_64-13.0.10~dev20-3.26.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-designate-x86_64-7.0.2~dev2-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-glance-x86_64-17.0.1~dev30-3.21.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-heat-x86_64-11.0.4~dev4-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-horizon-x86_64-14.1.1~dev11-4.27.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-ironic-x86_64-11.1.5~dev17-4.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-keystone-x86_64-14.2.1~dev4-3.24.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-magnum-x86_64-7.2.1~dev1-4.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-manila-x86_64-7.4.2~dev60-3.29.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-monasca-ceilometer-x86_64-1.8.2~dev3-3.23.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-monasca-x86_64-2.7.1~dev10-3.21.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-neutron-x86_64-13.0.8~dev164-6.27.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-nova-x86_64-18.3.1~dev82-3.27.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-octavia-x86_64-3.2.3~dev7-4.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-sahara-x86_64-9.0.2~dev15-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-swift-x86_64-2.19.2~dev48-2.18.1.noarch", "SUSE OpenStack Cloud Crowbar 9:cassandra-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud Crowbar 9:cassandra-tools-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud Crowbar 9:crowbar-openstack-6.0+git.1616146717.a89ae0f4e-3.34.4.noarch", "SUSE OpenStack Cloud Crowbar 9:grafana-6.7.4-3.23.2.x86_64", "SUSE OpenStack Cloud Crowbar 9:kibana-4.6.6-4.9.2.x86_64", "SUSE OpenStack Cloud Crowbar 9:openstack-dashboard-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-api-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-conductor-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-dhcp-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-ha-tool-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-l3-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-linuxbridge-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-macvtap-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-metadata-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-metering-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-openvswitch-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-server-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-cells-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-compute-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-conductor-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-console-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-novncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-placement-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-scheduler-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-serialproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-vncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-Django1-1.11.29-3.25.1.noarch", "SUSE OpenStack Cloud Crowbar 9:python-elementpath-1.3.1-1.3.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-horizon-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud Crowbar 9:python-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-openstack_auth-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-py-1.5.4-3.3.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-pysaml2-4.5.0-4.6.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-xmlschema-1.0.18-1.3.2.noarch", "SUSE OpenStack Cloud Crowbar 9:ruby2.1-rubygem-activerecord-session_store-0.1.2-4.3.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-11499", url: "https://www.suse.com/security/cve/CVE-2017-11499", }, { category: "external", summary: "SUSE Bug 1044849 for CVE-2017-11499", url: "https://bugzilla.suse.com/1044849", }, { category: "external", summary: "SUSE Bug 1048299 for CVE-2017-11499", url: "https://bugzilla.suse.com/1048299", }, { category: "external", summary: "SUSE Bug 1051117 for CVE-2017-11499", url: "https://bugzilla.suse.com/1051117", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE OpenStack Cloud 9:ardana-neutron-9.0+git.1615223676.777f0b3-3.25.2.noarch", "SUSE OpenStack Cloud 9:ardana-swift-9.0+git.1618235096.90974ed-3.10.2.noarch", "SUSE OpenStack Cloud 9:cassandra-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud 9:cassandra-tools-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud 9:grafana-6.7.4-3.23.2.x86_64", "SUSE OpenStack Cloud 9:kibana-4.6.6-4.9.2.x86_64", "SUSE OpenStack Cloud 9:openstack-dashboard-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-api-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-conductor-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-dhcp-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-ha-tool-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-l3-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-linuxbridge-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-macvtap-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-metadata-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-metering-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-openvswitch-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-server-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-cells-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-compute-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-conductor-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-console-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-novncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-placement-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-scheduler-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-serialproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-vncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:python-Django1-1.11.29-3.25.1.noarch", "SUSE OpenStack Cloud 9:python-elementpath-1.3.1-1.3.2.noarch", "SUSE OpenStack Cloud 9:python-horizon-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud 9:python-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:python-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:python-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud 9:python-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:python-openstack_auth-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud 9:python-py-1.5.4-3.3.2.noarch", "SUSE OpenStack Cloud 9:python-pysaml2-4.5.0-4.6.2.noarch", "SUSE OpenStack Cloud 9:python-xmlschema-1.0.18-1.3.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-barbican-x86_64-7.0.1~dev24-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-cinder-x86_64-13.0.10~dev20-3.26.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-designate-x86_64-7.0.2~dev2-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-glance-x86_64-17.0.1~dev30-3.21.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-heat-x86_64-11.0.4~dev4-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-horizon-x86_64-14.1.1~dev11-4.27.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-ironic-x86_64-11.1.5~dev17-4.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-keystone-x86_64-14.2.1~dev4-3.24.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-magnum-x86_64-7.2.1~dev1-4.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-manila-x86_64-7.4.2~dev60-3.29.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-monasca-ceilometer-x86_64-1.8.2~dev3-3.23.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-monasca-x86_64-2.7.1~dev10-3.21.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-neutron-x86_64-13.0.8~dev164-6.27.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-nova-x86_64-18.3.1~dev82-3.27.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-octavia-x86_64-3.2.3~dev7-4.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-sahara-x86_64-9.0.2~dev15-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-swift-x86_64-2.19.2~dev48-2.18.1.noarch", "SUSE OpenStack Cloud Crowbar 9:cassandra-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud Crowbar 9:cassandra-tools-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud Crowbar 9:crowbar-openstack-6.0+git.1616146717.a89ae0f4e-3.34.4.noarch", "SUSE OpenStack Cloud Crowbar 9:grafana-6.7.4-3.23.2.x86_64", "SUSE OpenStack Cloud Crowbar 9:kibana-4.6.6-4.9.2.x86_64", "SUSE OpenStack Cloud Crowbar 9:openstack-dashboard-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-api-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-conductor-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-dhcp-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-ha-tool-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-l3-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-linuxbridge-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-macvtap-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-metadata-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-metering-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-openvswitch-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-server-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-cells-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-compute-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-conductor-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-console-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-novncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-placement-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-scheduler-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-serialproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-vncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-Django1-1.11.29-3.25.1.noarch", "SUSE OpenStack Cloud Crowbar 9:python-elementpath-1.3.1-1.3.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-horizon-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud Crowbar 9:python-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-openstack_auth-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-py-1.5.4-3.3.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-pysaml2-4.5.0-4.6.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-xmlschema-1.0.18-1.3.2.noarch", "SUSE OpenStack Cloud Crowbar 9:ruby2.1-rubygem-activerecord-session_store-0.1.2-4.3.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "SUSE OpenStack Cloud 9:ardana-neutron-9.0+git.1615223676.777f0b3-3.25.2.noarch", "SUSE OpenStack Cloud 9:ardana-swift-9.0+git.1618235096.90974ed-3.10.2.noarch", "SUSE OpenStack Cloud 9:cassandra-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud 9:cassandra-tools-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud 9:grafana-6.7.4-3.23.2.x86_64", "SUSE OpenStack Cloud 9:kibana-4.6.6-4.9.2.x86_64", "SUSE OpenStack Cloud 9:openstack-dashboard-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-api-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-conductor-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-dhcp-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-ha-tool-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-l3-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-linuxbridge-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-macvtap-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-metadata-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-metering-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-openvswitch-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-server-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-cells-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-compute-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-conductor-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-console-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-novncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-placement-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-scheduler-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-serialproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-vncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:python-Django1-1.11.29-3.25.1.noarch", "SUSE OpenStack Cloud 9:python-elementpath-1.3.1-1.3.2.noarch", "SUSE OpenStack Cloud 9:python-horizon-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud 9:python-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:python-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:python-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud 9:python-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:python-openstack_auth-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud 9:python-py-1.5.4-3.3.2.noarch", "SUSE OpenStack Cloud 9:python-pysaml2-4.5.0-4.6.2.noarch", "SUSE OpenStack Cloud 9:python-xmlschema-1.0.18-1.3.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-barbican-x86_64-7.0.1~dev24-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-cinder-x86_64-13.0.10~dev20-3.26.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-designate-x86_64-7.0.2~dev2-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-glance-x86_64-17.0.1~dev30-3.21.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-heat-x86_64-11.0.4~dev4-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-horizon-x86_64-14.1.1~dev11-4.27.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-ironic-x86_64-11.1.5~dev17-4.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-keystone-x86_64-14.2.1~dev4-3.24.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-magnum-x86_64-7.2.1~dev1-4.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-manila-x86_64-7.4.2~dev60-3.29.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-monasca-ceilometer-x86_64-1.8.2~dev3-3.23.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-monasca-x86_64-2.7.1~dev10-3.21.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-neutron-x86_64-13.0.8~dev164-6.27.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-nova-x86_64-18.3.1~dev82-3.27.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-octavia-x86_64-3.2.3~dev7-4.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-sahara-x86_64-9.0.2~dev15-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-swift-x86_64-2.19.2~dev48-2.18.1.noarch", "SUSE OpenStack Cloud Crowbar 9:cassandra-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud Crowbar 9:cassandra-tools-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud Crowbar 9:crowbar-openstack-6.0+git.1616146717.a89ae0f4e-3.34.4.noarch", "SUSE OpenStack Cloud Crowbar 9:grafana-6.7.4-3.23.2.x86_64", "SUSE OpenStack Cloud Crowbar 9:kibana-4.6.6-4.9.2.x86_64", "SUSE OpenStack Cloud Crowbar 9:openstack-dashboard-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-api-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-conductor-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-dhcp-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-ha-tool-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-l3-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-linuxbridge-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-macvtap-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-metadata-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-metering-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-openvswitch-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-server-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-cells-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-compute-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-conductor-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-console-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-novncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-placement-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-scheduler-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-serialproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-vncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-Django1-1.11.29-3.25.1.noarch", "SUSE OpenStack Cloud Crowbar 9:python-elementpath-1.3.1-1.3.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-horizon-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud Crowbar 9:python-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-openstack_auth-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-py-1.5.4-3.3.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-pysaml2-4.5.0-4.6.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-xmlschema-1.0.18-1.3.2.noarch", "SUSE OpenStack Cloud Crowbar 9:ruby2.1-rubygem-activerecord-session_store-0.1.2-4.3.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2021-06-11T13:13:53Z", details: "important", }, ], title: "CVE-2017-11499", }, { cve: "CVE-2018-18623", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-18623", }, ], notes: [ { category: "general", text: "Grafana 5.3.1 has XSS via the \"Dashboard > Text Panel\" screen. NOTE: this issue exists because of an incomplete fix for CVE-2018-12099.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE OpenStack Cloud 9:ardana-neutron-9.0+git.1615223676.777f0b3-3.25.2.noarch", "SUSE OpenStack Cloud 9:ardana-swift-9.0+git.1618235096.90974ed-3.10.2.noarch", "SUSE OpenStack Cloud 9:cassandra-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud 9:cassandra-tools-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud 9:grafana-6.7.4-3.23.2.x86_64", "SUSE OpenStack Cloud 9:kibana-4.6.6-4.9.2.x86_64", "SUSE OpenStack Cloud 9:openstack-dashboard-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-api-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-conductor-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-dhcp-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-ha-tool-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-l3-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-linuxbridge-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-macvtap-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-metadata-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-metering-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-openvswitch-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-server-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-cells-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-compute-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-conductor-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-console-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-novncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-placement-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-scheduler-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-serialproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-vncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:python-Django1-1.11.29-3.25.1.noarch", "SUSE OpenStack Cloud 9:python-elementpath-1.3.1-1.3.2.noarch", "SUSE OpenStack Cloud 9:python-horizon-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud 9:python-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:python-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:python-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud 9:python-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:python-openstack_auth-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud 9:python-py-1.5.4-3.3.2.noarch", "SUSE OpenStack Cloud 9:python-pysaml2-4.5.0-4.6.2.noarch", "SUSE OpenStack Cloud 9:python-xmlschema-1.0.18-1.3.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-barbican-x86_64-7.0.1~dev24-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-cinder-x86_64-13.0.10~dev20-3.26.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-designate-x86_64-7.0.2~dev2-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-glance-x86_64-17.0.1~dev30-3.21.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-heat-x86_64-11.0.4~dev4-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-horizon-x86_64-14.1.1~dev11-4.27.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-ironic-x86_64-11.1.5~dev17-4.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-keystone-x86_64-14.2.1~dev4-3.24.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-magnum-x86_64-7.2.1~dev1-4.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-manila-x86_64-7.4.2~dev60-3.29.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-monasca-ceilometer-x86_64-1.8.2~dev3-3.23.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-monasca-x86_64-2.7.1~dev10-3.21.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-neutron-x86_64-13.0.8~dev164-6.27.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-nova-x86_64-18.3.1~dev82-3.27.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-octavia-x86_64-3.2.3~dev7-4.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-sahara-x86_64-9.0.2~dev15-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-swift-x86_64-2.19.2~dev48-2.18.1.noarch", "SUSE OpenStack Cloud Crowbar 9:cassandra-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud Crowbar 9:cassandra-tools-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud Crowbar 9:crowbar-openstack-6.0+git.1616146717.a89ae0f4e-3.34.4.noarch", "SUSE OpenStack Cloud Crowbar 9:grafana-6.7.4-3.23.2.x86_64", "SUSE OpenStack Cloud Crowbar 9:kibana-4.6.6-4.9.2.x86_64", "SUSE OpenStack Cloud Crowbar 9:openstack-dashboard-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-api-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-conductor-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-dhcp-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-ha-tool-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-l3-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-linuxbridge-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-macvtap-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-metadata-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-metering-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-openvswitch-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-server-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-cells-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-compute-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-conductor-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-console-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-novncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-placement-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-scheduler-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-serialproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-vncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-Django1-1.11.29-3.25.1.noarch", "SUSE OpenStack Cloud Crowbar 9:python-elementpath-1.3.1-1.3.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-horizon-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud Crowbar 9:python-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-openstack_auth-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-py-1.5.4-3.3.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-pysaml2-4.5.0-4.6.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-xmlschema-1.0.18-1.3.2.noarch", "SUSE OpenStack Cloud Crowbar 9:ruby2.1-rubygem-activerecord-session_store-0.1.2-4.3.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-18623", url: "https://www.suse.com/security/cve/CVE-2018-18623", }, { category: "external", summary: "SUSE Bug 1172450 for CVE-2018-18623", url: "https://bugzilla.suse.com/1172450", }, { category: "external", summary: "SUSE Bug 1174583 for CVE-2018-18623", url: "https://bugzilla.suse.com/1174583", }, { category: "external", summary: "SUSE Bug 1175951 for CVE-2018-18623", url: "https://bugzilla.suse.com/1175951", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE OpenStack Cloud 9:ardana-neutron-9.0+git.1615223676.777f0b3-3.25.2.noarch", "SUSE OpenStack Cloud 9:ardana-swift-9.0+git.1618235096.90974ed-3.10.2.noarch", "SUSE OpenStack Cloud 9:cassandra-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud 9:cassandra-tools-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud 9:grafana-6.7.4-3.23.2.x86_64", "SUSE OpenStack Cloud 9:kibana-4.6.6-4.9.2.x86_64", "SUSE OpenStack Cloud 9:openstack-dashboard-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-api-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-conductor-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-dhcp-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-ha-tool-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-l3-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-linuxbridge-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-macvtap-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-metadata-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-metering-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-openvswitch-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-server-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-cells-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-compute-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-conductor-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-console-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-novncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-placement-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-scheduler-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-serialproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-vncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:python-Django1-1.11.29-3.25.1.noarch", "SUSE OpenStack Cloud 9:python-elementpath-1.3.1-1.3.2.noarch", "SUSE OpenStack Cloud 9:python-horizon-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud 9:python-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:python-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:python-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud 9:python-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:python-openstack_auth-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud 9:python-py-1.5.4-3.3.2.noarch", "SUSE OpenStack Cloud 9:python-pysaml2-4.5.0-4.6.2.noarch", "SUSE OpenStack Cloud 9:python-xmlschema-1.0.18-1.3.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-barbican-x86_64-7.0.1~dev24-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-cinder-x86_64-13.0.10~dev20-3.26.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-designate-x86_64-7.0.2~dev2-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-glance-x86_64-17.0.1~dev30-3.21.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-heat-x86_64-11.0.4~dev4-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-horizon-x86_64-14.1.1~dev11-4.27.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-ironic-x86_64-11.1.5~dev17-4.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-keystone-x86_64-14.2.1~dev4-3.24.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-magnum-x86_64-7.2.1~dev1-4.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-manila-x86_64-7.4.2~dev60-3.29.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-monasca-ceilometer-x86_64-1.8.2~dev3-3.23.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-monasca-x86_64-2.7.1~dev10-3.21.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-neutron-x86_64-13.0.8~dev164-6.27.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-nova-x86_64-18.3.1~dev82-3.27.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-octavia-x86_64-3.2.3~dev7-4.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-sahara-x86_64-9.0.2~dev15-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-swift-x86_64-2.19.2~dev48-2.18.1.noarch", "SUSE OpenStack Cloud Crowbar 9:cassandra-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud Crowbar 9:cassandra-tools-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud Crowbar 9:crowbar-openstack-6.0+git.1616146717.a89ae0f4e-3.34.4.noarch", "SUSE OpenStack Cloud Crowbar 9:grafana-6.7.4-3.23.2.x86_64", "SUSE OpenStack Cloud Crowbar 9:kibana-4.6.6-4.9.2.x86_64", "SUSE OpenStack Cloud Crowbar 9:openstack-dashboard-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-api-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-conductor-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-dhcp-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-ha-tool-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-l3-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-linuxbridge-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-macvtap-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-metadata-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-metering-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-openvswitch-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-server-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-cells-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-compute-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-conductor-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-console-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-novncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-placement-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-scheduler-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-serialproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-vncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-Django1-1.11.29-3.25.1.noarch", "SUSE OpenStack Cloud Crowbar 9:python-elementpath-1.3.1-1.3.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-horizon-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud Crowbar 9:python-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-openstack_auth-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-py-1.5.4-3.3.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-pysaml2-4.5.0-4.6.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-xmlschema-1.0.18-1.3.2.noarch", "SUSE OpenStack Cloud Crowbar 9:ruby2.1-rubygem-activerecord-session_store-0.1.2-4.3.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.1, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, products: [ "SUSE OpenStack Cloud 9:ardana-neutron-9.0+git.1615223676.777f0b3-3.25.2.noarch", "SUSE OpenStack Cloud 9:ardana-swift-9.0+git.1618235096.90974ed-3.10.2.noarch", "SUSE OpenStack Cloud 9:cassandra-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud 9:cassandra-tools-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud 9:grafana-6.7.4-3.23.2.x86_64", "SUSE OpenStack Cloud 9:kibana-4.6.6-4.9.2.x86_64", "SUSE OpenStack Cloud 9:openstack-dashboard-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-api-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-conductor-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-dhcp-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-ha-tool-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-l3-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-linuxbridge-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-macvtap-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-metadata-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-metering-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-openvswitch-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-server-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-cells-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-compute-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-conductor-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-console-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-novncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-placement-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-scheduler-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-serialproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-vncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:python-Django1-1.11.29-3.25.1.noarch", "SUSE OpenStack Cloud 9:python-elementpath-1.3.1-1.3.2.noarch", "SUSE OpenStack Cloud 9:python-horizon-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud 9:python-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:python-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:python-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud 9:python-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:python-openstack_auth-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud 9:python-py-1.5.4-3.3.2.noarch", "SUSE OpenStack Cloud 9:python-pysaml2-4.5.0-4.6.2.noarch", "SUSE OpenStack Cloud 9:python-xmlschema-1.0.18-1.3.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-barbican-x86_64-7.0.1~dev24-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-cinder-x86_64-13.0.10~dev20-3.26.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-designate-x86_64-7.0.2~dev2-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-glance-x86_64-17.0.1~dev30-3.21.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-heat-x86_64-11.0.4~dev4-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-horizon-x86_64-14.1.1~dev11-4.27.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-ironic-x86_64-11.1.5~dev17-4.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-keystone-x86_64-14.2.1~dev4-3.24.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-magnum-x86_64-7.2.1~dev1-4.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-manila-x86_64-7.4.2~dev60-3.29.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-monasca-ceilometer-x86_64-1.8.2~dev3-3.23.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-monasca-x86_64-2.7.1~dev10-3.21.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-neutron-x86_64-13.0.8~dev164-6.27.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-nova-x86_64-18.3.1~dev82-3.27.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-octavia-x86_64-3.2.3~dev7-4.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-sahara-x86_64-9.0.2~dev15-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-swift-x86_64-2.19.2~dev48-2.18.1.noarch", "SUSE OpenStack Cloud Crowbar 9:cassandra-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud Crowbar 9:cassandra-tools-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud Crowbar 9:crowbar-openstack-6.0+git.1616146717.a89ae0f4e-3.34.4.noarch", "SUSE OpenStack Cloud Crowbar 9:grafana-6.7.4-3.23.2.x86_64", "SUSE OpenStack Cloud Crowbar 9:kibana-4.6.6-4.9.2.x86_64", "SUSE OpenStack Cloud Crowbar 9:openstack-dashboard-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-api-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-conductor-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-dhcp-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-ha-tool-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-l3-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-linuxbridge-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-macvtap-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-metadata-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-metering-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-openvswitch-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-server-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-cells-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-compute-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-conductor-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-console-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-novncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-placement-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-scheduler-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-serialproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-vncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-Django1-1.11.29-3.25.1.noarch", "SUSE OpenStack Cloud Crowbar 9:python-elementpath-1.3.1-1.3.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-horizon-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud Crowbar 9:python-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-openstack_auth-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-py-1.5.4-3.3.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-pysaml2-4.5.0-4.6.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-xmlschema-1.0.18-1.3.2.noarch", "SUSE OpenStack Cloud Crowbar 9:ruby2.1-rubygem-activerecord-session_store-0.1.2-4.3.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2021-06-11T13:13:53Z", details: "moderate", }, ], title: "CVE-2018-18623", }, { cve: "CVE-2018-18624", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-18624", }, ], notes: [ { category: "general", text: "Grafana 5.3.1 has XSS via a column style on the \"Dashboard > Table Panel\" screen. NOTE: this issue exists because of an incomplete fix for CVE-2018-12099.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE OpenStack Cloud 9:ardana-neutron-9.0+git.1615223676.777f0b3-3.25.2.noarch", "SUSE OpenStack Cloud 9:ardana-swift-9.0+git.1618235096.90974ed-3.10.2.noarch", "SUSE OpenStack Cloud 9:cassandra-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud 9:cassandra-tools-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud 9:grafana-6.7.4-3.23.2.x86_64", "SUSE OpenStack Cloud 9:kibana-4.6.6-4.9.2.x86_64", "SUSE OpenStack Cloud 9:openstack-dashboard-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-api-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-conductor-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-dhcp-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-ha-tool-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-l3-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-linuxbridge-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-macvtap-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-metadata-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-metering-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-openvswitch-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-server-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-cells-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-compute-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-conductor-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-console-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-novncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-placement-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-scheduler-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-serialproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-vncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:python-Django1-1.11.29-3.25.1.noarch", "SUSE OpenStack Cloud 9:python-elementpath-1.3.1-1.3.2.noarch", "SUSE OpenStack Cloud 9:python-horizon-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud 9:python-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:python-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:python-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud 9:python-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:python-openstack_auth-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud 9:python-py-1.5.4-3.3.2.noarch", "SUSE OpenStack Cloud 9:python-pysaml2-4.5.0-4.6.2.noarch", "SUSE OpenStack Cloud 9:python-xmlschema-1.0.18-1.3.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-barbican-x86_64-7.0.1~dev24-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-cinder-x86_64-13.0.10~dev20-3.26.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-designate-x86_64-7.0.2~dev2-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-glance-x86_64-17.0.1~dev30-3.21.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-heat-x86_64-11.0.4~dev4-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-horizon-x86_64-14.1.1~dev11-4.27.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-ironic-x86_64-11.1.5~dev17-4.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-keystone-x86_64-14.2.1~dev4-3.24.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-magnum-x86_64-7.2.1~dev1-4.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-manila-x86_64-7.4.2~dev60-3.29.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-monasca-ceilometer-x86_64-1.8.2~dev3-3.23.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-monasca-x86_64-2.7.1~dev10-3.21.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-neutron-x86_64-13.0.8~dev164-6.27.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-nova-x86_64-18.3.1~dev82-3.27.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-octavia-x86_64-3.2.3~dev7-4.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-sahara-x86_64-9.0.2~dev15-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-swift-x86_64-2.19.2~dev48-2.18.1.noarch", "SUSE OpenStack Cloud Crowbar 9:cassandra-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud Crowbar 9:cassandra-tools-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud Crowbar 9:crowbar-openstack-6.0+git.1616146717.a89ae0f4e-3.34.4.noarch", "SUSE OpenStack Cloud Crowbar 9:grafana-6.7.4-3.23.2.x86_64", "SUSE OpenStack Cloud Crowbar 9:kibana-4.6.6-4.9.2.x86_64", "SUSE OpenStack Cloud Crowbar 9:openstack-dashboard-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-api-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-conductor-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-dhcp-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-ha-tool-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-l3-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-linuxbridge-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-macvtap-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-metadata-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-metering-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-openvswitch-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-server-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-cells-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-compute-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-conductor-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-console-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-novncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-placement-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-scheduler-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-serialproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-vncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-Django1-1.11.29-3.25.1.noarch", "SUSE OpenStack Cloud Crowbar 9:python-elementpath-1.3.1-1.3.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-horizon-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud Crowbar 9:python-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-openstack_auth-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-py-1.5.4-3.3.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-pysaml2-4.5.0-4.6.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-xmlschema-1.0.18-1.3.2.noarch", "SUSE OpenStack Cloud Crowbar 9:ruby2.1-rubygem-activerecord-session_store-0.1.2-4.3.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-18624", url: "https://www.suse.com/security/cve/CVE-2018-18624", }, { category: "external", summary: "SUSE Bug 1172450 for CVE-2018-18624", url: "https://bugzilla.suse.com/1172450", }, { category: "external", summary: "SUSE Bug 1174583 for CVE-2018-18624", url: "https://bugzilla.suse.com/1174583", }, { category: "external", summary: "SUSE Bug 1175951 for CVE-2018-18624", url: "https://bugzilla.suse.com/1175951", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE OpenStack Cloud 9:ardana-neutron-9.0+git.1615223676.777f0b3-3.25.2.noarch", "SUSE OpenStack Cloud 9:ardana-swift-9.0+git.1618235096.90974ed-3.10.2.noarch", "SUSE OpenStack Cloud 9:cassandra-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud 9:cassandra-tools-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud 9:grafana-6.7.4-3.23.2.x86_64", "SUSE OpenStack Cloud 9:kibana-4.6.6-4.9.2.x86_64", "SUSE OpenStack Cloud 9:openstack-dashboard-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-api-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-conductor-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-dhcp-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-ha-tool-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-l3-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-linuxbridge-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-macvtap-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-metadata-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-metering-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-openvswitch-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-server-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-cells-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-compute-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-conductor-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-console-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-novncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-placement-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-scheduler-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-serialproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-vncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:python-Django1-1.11.29-3.25.1.noarch", "SUSE OpenStack Cloud 9:python-elementpath-1.3.1-1.3.2.noarch", "SUSE OpenStack Cloud 9:python-horizon-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud 9:python-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:python-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:python-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud 9:python-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:python-openstack_auth-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud 9:python-py-1.5.4-3.3.2.noarch", "SUSE OpenStack Cloud 9:python-pysaml2-4.5.0-4.6.2.noarch", "SUSE OpenStack Cloud 9:python-xmlschema-1.0.18-1.3.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-barbican-x86_64-7.0.1~dev24-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-cinder-x86_64-13.0.10~dev20-3.26.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-designate-x86_64-7.0.2~dev2-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-glance-x86_64-17.0.1~dev30-3.21.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-heat-x86_64-11.0.4~dev4-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-horizon-x86_64-14.1.1~dev11-4.27.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-ironic-x86_64-11.1.5~dev17-4.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-keystone-x86_64-14.2.1~dev4-3.24.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-magnum-x86_64-7.2.1~dev1-4.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-manila-x86_64-7.4.2~dev60-3.29.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-monasca-ceilometer-x86_64-1.8.2~dev3-3.23.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-monasca-x86_64-2.7.1~dev10-3.21.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-neutron-x86_64-13.0.8~dev164-6.27.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-nova-x86_64-18.3.1~dev82-3.27.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-octavia-x86_64-3.2.3~dev7-4.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-sahara-x86_64-9.0.2~dev15-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-swift-x86_64-2.19.2~dev48-2.18.1.noarch", "SUSE OpenStack Cloud Crowbar 9:cassandra-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud Crowbar 9:cassandra-tools-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud Crowbar 9:crowbar-openstack-6.0+git.1616146717.a89ae0f4e-3.34.4.noarch", "SUSE OpenStack Cloud Crowbar 9:grafana-6.7.4-3.23.2.x86_64", "SUSE OpenStack Cloud Crowbar 9:kibana-4.6.6-4.9.2.x86_64", "SUSE OpenStack Cloud Crowbar 9:openstack-dashboard-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-api-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-conductor-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-dhcp-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-ha-tool-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-l3-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-linuxbridge-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-macvtap-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-metadata-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-metering-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-openvswitch-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-server-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-cells-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-compute-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-conductor-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-console-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-novncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-placement-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-scheduler-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-serialproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-vncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-Django1-1.11.29-3.25.1.noarch", "SUSE OpenStack Cloud Crowbar 9:python-elementpath-1.3.1-1.3.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-horizon-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud Crowbar 9:python-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-openstack_auth-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-py-1.5.4-3.3.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-pysaml2-4.5.0-4.6.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-xmlschema-1.0.18-1.3.2.noarch", "SUSE OpenStack Cloud Crowbar 9:ruby2.1-rubygem-activerecord-session_store-0.1.2-4.3.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.1, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, products: [ "SUSE OpenStack Cloud 9:ardana-neutron-9.0+git.1615223676.777f0b3-3.25.2.noarch", "SUSE OpenStack Cloud 9:ardana-swift-9.0+git.1618235096.90974ed-3.10.2.noarch", "SUSE OpenStack Cloud 9:cassandra-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud 9:cassandra-tools-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud 9:grafana-6.7.4-3.23.2.x86_64", "SUSE OpenStack Cloud 9:kibana-4.6.6-4.9.2.x86_64", "SUSE OpenStack Cloud 9:openstack-dashboard-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-api-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-conductor-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-dhcp-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-ha-tool-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-l3-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-linuxbridge-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-macvtap-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-metadata-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-metering-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-openvswitch-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-server-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-cells-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-compute-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-conductor-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-console-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-novncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-placement-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-scheduler-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-serialproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-vncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:python-Django1-1.11.29-3.25.1.noarch", "SUSE OpenStack Cloud 9:python-elementpath-1.3.1-1.3.2.noarch", "SUSE OpenStack Cloud 9:python-horizon-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud 9:python-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:python-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:python-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud 9:python-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:python-openstack_auth-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud 9:python-py-1.5.4-3.3.2.noarch", "SUSE OpenStack Cloud 9:python-pysaml2-4.5.0-4.6.2.noarch", "SUSE OpenStack Cloud 9:python-xmlschema-1.0.18-1.3.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-barbican-x86_64-7.0.1~dev24-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-cinder-x86_64-13.0.10~dev20-3.26.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-designate-x86_64-7.0.2~dev2-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-glance-x86_64-17.0.1~dev30-3.21.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-heat-x86_64-11.0.4~dev4-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-horizon-x86_64-14.1.1~dev11-4.27.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-ironic-x86_64-11.1.5~dev17-4.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-keystone-x86_64-14.2.1~dev4-3.24.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-magnum-x86_64-7.2.1~dev1-4.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-manila-x86_64-7.4.2~dev60-3.29.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-monasca-ceilometer-x86_64-1.8.2~dev3-3.23.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-monasca-x86_64-2.7.1~dev10-3.21.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-neutron-x86_64-13.0.8~dev164-6.27.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-nova-x86_64-18.3.1~dev82-3.27.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-octavia-x86_64-3.2.3~dev7-4.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-sahara-x86_64-9.0.2~dev15-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-swift-x86_64-2.19.2~dev48-2.18.1.noarch", "SUSE OpenStack Cloud Crowbar 9:cassandra-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud Crowbar 9:cassandra-tools-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud Crowbar 9:crowbar-openstack-6.0+git.1616146717.a89ae0f4e-3.34.4.noarch", "SUSE OpenStack Cloud Crowbar 9:grafana-6.7.4-3.23.2.x86_64", "SUSE OpenStack Cloud Crowbar 9:kibana-4.6.6-4.9.2.x86_64", "SUSE OpenStack Cloud Crowbar 9:openstack-dashboard-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-api-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-conductor-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-dhcp-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-ha-tool-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-l3-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-linuxbridge-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-macvtap-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-metadata-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-metering-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-openvswitch-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-server-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-cells-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-compute-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-conductor-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-console-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-novncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-placement-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-scheduler-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-serialproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-vncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-Django1-1.11.29-3.25.1.noarch", "SUSE OpenStack Cloud Crowbar 9:python-elementpath-1.3.1-1.3.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-horizon-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud Crowbar 9:python-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-openstack_auth-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-py-1.5.4-3.3.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-pysaml2-4.5.0-4.6.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-xmlschema-1.0.18-1.3.2.noarch", "SUSE OpenStack Cloud Crowbar 9:ruby2.1-rubygem-activerecord-session_store-0.1.2-4.3.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2021-06-11T13:13:53Z", details: "moderate", }, ], title: "CVE-2018-18624", }, { cve: "CVE-2018-18625", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-18625", }, ], notes: [ { category: "general", text: "Grafana 5.3.1 has XSS via a link on the \"Dashboard > All Panels > General\" screen. NOTE: this issue exists because of an incomplete fix for CVE-2018-12099.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE OpenStack Cloud 9:ardana-neutron-9.0+git.1615223676.777f0b3-3.25.2.noarch", "SUSE OpenStack Cloud 9:ardana-swift-9.0+git.1618235096.90974ed-3.10.2.noarch", "SUSE OpenStack Cloud 9:cassandra-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud 9:cassandra-tools-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud 9:grafana-6.7.4-3.23.2.x86_64", "SUSE OpenStack Cloud 9:kibana-4.6.6-4.9.2.x86_64", "SUSE OpenStack Cloud 9:openstack-dashboard-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-api-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-conductor-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-dhcp-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-ha-tool-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-l3-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-linuxbridge-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-macvtap-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-metadata-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-metering-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-openvswitch-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-server-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-cells-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-compute-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-conductor-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-console-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-novncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-placement-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-scheduler-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-serialproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-vncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:python-Django1-1.11.29-3.25.1.noarch", "SUSE OpenStack Cloud 9:python-elementpath-1.3.1-1.3.2.noarch", "SUSE OpenStack Cloud 9:python-horizon-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud 9:python-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:python-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:python-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud 9:python-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:python-openstack_auth-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud 9:python-py-1.5.4-3.3.2.noarch", "SUSE OpenStack Cloud 9:python-pysaml2-4.5.0-4.6.2.noarch", "SUSE OpenStack Cloud 9:python-xmlschema-1.0.18-1.3.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-barbican-x86_64-7.0.1~dev24-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-cinder-x86_64-13.0.10~dev20-3.26.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-designate-x86_64-7.0.2~dev2-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-glance-x86_64-17.0.1~dev30-3.21.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-heat-x86_64-11.0.4~dev4-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-horizon-x86_64-14.1.1~dev11-4.27.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-ironic-x86_64-11.1.5~dev17-4.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-keystone-x86_64-14.2.1~dev4-3.24.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-magnum-x86_64-7.2.1~dev1-4.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-manila-x86_64-7.4.2~dev60-3.29.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-monasca-ceilometer-x86_64-1.8.2~dev3-3.23.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-monasca-x86_64-2.7.1~dev10-3.21.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-neutron-x86_64-13.0.8~dev164-6.27.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-nova-x86_64-18.3.1~dev82-3.27.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-octavia-x86_64-3.2.3~dev7-4.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-sahara-x86_64-9.0.2~dev15-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-swift-x86_64-2.19.2~dev48-2.18.1.noarch", "SUSE OpenStack Cloud Crowbar 9:cassandra-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud Crowbar 9:cassandra-tools-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud Crowbar 9:crowbar-openstack-6.0+git.1616146717.a89ae0f4e-3.34.4.noarch", "SUSE OpenStack Cloud Crowbar 9:grafana-6.7.4-3.23.2.x86_64", "SUSE OpenStack Cloud Crowbar 9:kibana-4.6.6-4.9.2.x86_64", "SUSE OpenStack Cloud Crowbar 9:openstack-dashboard-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-api-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-conductor-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-dhcp-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-ha-tool-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-l3-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-linuxbridge-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-macvtap-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-metadata-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-metering-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-openvswitch-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-server-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-cells-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-compute-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-conductor-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-console-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-novncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-placement-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-scheduler-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-serialproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-vncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-Django1-1.11.29-3.25.1.noarch", "SUSE OpenStack Cloud Crowbar 9:python-elementpath-1.3.1-1.3.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-horizon-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud Crowbar 9:python-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-openstack_auth-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-py-1.5.4-3.3.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-pysaml2-4.5.0-4.6.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-xmlschema-1.0.18-1.3.2.noarch", "SUSE OpenStack Cloud Crowbar 9:ruby2.1-rubygem-activerecord-session_store-0.1.2-4.3.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-18625", url: "https://www.suse.com/security/cve/CVE-2018-18625", }, { category: "external", summary: "SUSE Bug 1172450 for CVE-2018-18625", url: "https://bugzilla.suse.com/1172450", }, { category: "external", summary: "SUSE Bug 1174583 for CVE-2018-18625", url: "https://bugzilla.suse.com/1174583", }, { category: "external", summary: "SUSE Bug 1175951 for CVE-2018-18625", url: "https://bugzilla.suse.com/1175951", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE OpenStack Cloud 9:ardana-neutron-9.0+git.1615223676.777f0b3-3.25.2.noarch", "SUSE OpenStack Cloud 9:ardana-swift-9.0+git.1618235096.90974ed-3.10.2.noarch", "SUSE OpenStack Cloud 9:cassandra-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud 9:cassandra-tools-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud 9:grafana-6.7.4-3.23.2.x86_64", "SUSE OpenStack Cloud 9:kibana-4.6.6-4.9.2.x86_64", "SUSE OpenStack Cloud 9:openstack-dashboard-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-api-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-conductor-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-dhcp-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-ha-tool-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-l3-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-linuxbridge-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-macvtap-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-metadata-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-metering-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-openvswitch-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-server-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-cells-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-compute-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-conductor-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-console-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-novncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-placement-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-scheduler-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-serialproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-vncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:python-Django1-1.11.29-3.25.1.noarch", "SUSE OpenStack Cloud 9:python-elementpath-1.3.1-1.3.2.noarch", "SUSE OpenStack Cloud 9:python-horizon-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud 9:python-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:python-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:python-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud 9:python-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:python-openstack_auth-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud 9:python-py-1.5.4-3.3.2.noarch", "SUSE OpenStack Cloud 9:python-pysaml2-4.5.0-4.6.2.noarch", "SUSE OpenStack Cloud 9:python-xmlschema-1.0.18-1.3.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-barbican-x86_64-7.0.1~dev24-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-cinder-x86_64-13.0.10~dev20-3.26.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-designate-x86_64-7.0.2~dev2-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-glance-x86_64-17.0.1~dev30-3.21.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-heat-x86_64-11.0.4~dev4-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-horizon-x86_64-14.1.1~dev11-4.27.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-ironic-x86_64-11.1.5~dev17-4.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-keystone-x86_64-14.2.1~dev4-3.24.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-magnum-x86_64-7.2.1~dev1-4.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-manila-x86_64-7.4.2~dev60-3.29.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-monasca-ceilometer-x86_64-1.8.2~dev3-3.23.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-monasca-x86_64-2.7.1~dev10-3.21.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-neutron-x86_64-13.0.8~dev164-6.27.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-nova-x86_64-18.3.1~dev82-3.27.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-octavia-x86_64-3.2.3~dev7-4.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-sahara-x86_64-9.0.2~dev15-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-swift-x86_64-2.19.2~dev48-2.18.1.noarch", "SUSE OpenStack Cloud Crowbar 9:cassandra-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud Crowbar 9:cassandra-tools-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud Crowbar 9:crowbar-openstack-6.0+git.1616146717.a89ae0f4e-3.34.4.noarch", "SUSE OpenStack Cloud Crowbar 9:grafana-6.7.4-3.23.2.x86_64", "SUSE OpenStack Cloud Crowbar 9:kibana-4.6.6-4.9.2.x86_64", "SUSE OpenStack Cloud Crowbar 9:openstack-dashboard-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-api-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-conductor-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-dhcp-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-ha-tool-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-l3-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-linuxbridge-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-macvtap-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-metadata-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-metering-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-openvswitch-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-server-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-cells-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-compute-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-conductor-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-console-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-novncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-placement-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-scheduler-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-serialproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-vncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-Django1-1.11.29-3.25.1.noarch", "SUSE OpenStack Cloud Crowbar 9:python-elementpath-1.3.1-1.3.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-horizon-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud Crowbar 9:python-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-openstack_auth-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-py-1.5.4-3.3.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-pysaml2-4.5.0-4.6.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-xmlschema-1.0.18-1.3.2.noarch", "SUSE OpenStack Cloud Crowbar 9:ruby2.1-rubygem-activerecord-session_store-0.1.2-4.3.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.1, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, products: [ "SUSE OpenStack Cloud 9:ardana-neutron-9.0+git.1615223676.777f0b3-3.25.2.noarch", "SUSE OpenStack Cloud 9:ardana-swift-9.0+git.1618235096.90974ed-3.10.2.noarch", "SUSE OpenStack Cloud 9:cassandra-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud 9:cassandra-tools-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud 9:grafana-6.7.4-3.23.2.x86_64", "SUSE OpenStack Cloud 9:kibana-4.6.6-4.9.2.x86_64", "SUSE OpenStack Cloud 9:openstack-dashboard-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-api-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-conductor-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-dhcp-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-ha-tool-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-l3-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-linuxbridge-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-macvtap-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-metadata-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-metering-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-openvswitch-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-server-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-cells-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-compute-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-conductor-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-console-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-novncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-placement-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-scheduler-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-serialproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-vncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:python-Django1-1.11.29-3.25.1.noarch", "SUSE OpenStack Cloud 9:python-elementpath-1.3.1-1.3.2.noarch", "SUSE OpenStack Cloud 9:python-horizon-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud 9:python-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:python-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:python-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud 9:python-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:python-openstack_auth-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud 9:python-py-1.5.4-3.3.2.noarch", "SUSE OpenStack Cloud 9:python-pysaml2-4.5.0-4.6.2.noarch", "SUSE OpenStack Cloud 9:python-xmlschema-1.0.18-1.3.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-barbican-x86_64-7.0.1~dev24-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-cinder-x86_64-13.0.10~dev20-3.26.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-designate-x86_64-7.0.2~dev2-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-glance-x86_64-17.0.1~dev30-3.21.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-heat-x86_64-11.0.4~dev4-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-horizon-x86_64-14.1.1~dev11-4.27.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-ironic-x86_64-11.1.5~dev17-4.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-keystone-x86_64-14.2.1~dev4-3.24.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-magnum-x86_64-7.2.1~dev1-4.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-manila-x86_64-7.4.2~dev60-3.29.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-monasca-ceilometer-x86_64-1.8.2~dev3-3.23.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-monasca-x86_64-2.7.1~dev10-3.21.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-neutron-x86_64-13.0.8~dev164-6.27.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-nova-x86_64-18.3.1~dev82-3.27.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-octavia-x86_64-3.2.3~dev7-4.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-sahara-x86_64-9.0.2~dev15-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-swift-x86_64-2.19.2~dev48-2.18.1.noarch", "SUSE OpenStack Cloud Crowbar 9:cassandra-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud Crowbar 9:cassandra-tools-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud Crowbar 9:crowbar-openstack-6.0+git.1616146717.a89ae0f4e-3.34.4.noarch", "SUSE OpenStack Cloud Crowbar 9:grafana-6.7.4-3.23.2.x86_64", "SUSE OpenStack Cloud Crowbar 9:kibana-4.6.6-4.9.2.x86_64", "SUSE OpenStack Cloud Crowbar 9:openstack-dashboard-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-api-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-conductor-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-dhcp-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-ha-tool-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-l3-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-linuxbridge-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-macvtap-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-metadata-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-metering-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-openvswitch-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-server-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-cells-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-compute-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-conductor-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-console-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-novncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-placement-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-scheduler-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-serialproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-vncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-Django1-1.11.29-3.25.1.noarch", "SUSE OpenStack Cloud Crowbar 9:python-elementpath-1.3.1-1.3.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-horizon-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud Crowbar 9:python-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-openstack_auth-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-py-1.5.4-3.3.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-pysaml2-4.5.0-4.6.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-xmlschema-1.0.18-1.3.2.noarch", "SUSE OpenStack Cloud Crowbar 9:ruby2.1-rubygem-activerecord-session_store-0.1.2-4.3.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2021-06-11T13:13:53Z", details: "moderate", }, ], title: "CVE-2018-18625", }, { cve: "CVE-2018-19039", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-19039", }, ], notes: [ { category: "general", text: "Grafana before 4.6.5 and 5.x before 5.3.3 allows remote authenticated users to read arbitrary files by leveraging Editor or Admin permissions.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE OpenStack Cloud 9:ardana-neutron-9.0+git.1615223676.777f0b3-3.25.2.noarch", "SUSE OpenStack Cloud 9:ardana-swift-9.0+git.1618235096.90974ed-3.10.2.noarch", "SUSE OpenStack Cloud 9:cassandra-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud 9:cassandra-tools-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud 9:grafana-6.7.4-3.23.2.x86_64", "SUSE OpenStack Cloud 9:kibana-4.6.6-4.9.2.x86_64", "SUSE OpenStack Cloud 9:openstack-dashboard-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-api-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-conductor-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-dhcp-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-ha-tool-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-l3-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-linuxbridge-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-macvtap-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-metadata-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-metering-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-openvswitch-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-server-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-cells-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-compute-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-conductor-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-console-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-novncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-placement-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-scheduler-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-serialproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-vncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:python-Django1-1.11.29-3.25.1.noarch", "SUSE OpenStack Cloud 9:python-elementpath-1.3.1-1.3.2.noarch", "SUSE OpenStack Cloud 9:python-horizon-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud 9:python-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:python-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:python-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud 9:python-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:python-openstack_auth-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud 9:python-py-1.5.4-3.3.2.noarch", "SUSE OpenStack Cloud 9:python-pysaml2-4.5.0-4.6.2.noarch", "SUSE OpenStack Cloud 9:python-xmlschema-1.0.18-1.3.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-barbican-x86_64-7.0.1~dev24-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-cinder-x86_64-13.0.10~dev20-3.26.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-designate-x86_64-7.0.2~dev2-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-glance-x86_64-17.0.1~dev30-3.21.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-heat-x86_64-11.0.4~dev4-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-horizon-x86_64-14.1.1~dev11-4.27.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-ironic-x86_64-11.1.5~dev17-4.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-keystone-x86_64-14.2.1~dev4-3.24.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-magnum-x86_64-7.2.1~dev1-4.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-manila-x86_64-7.4.2~dev60-3.29.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-monasca-ceilometer-x86_64-1.8.2~dev3-3.23.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-monasca-x86_64-2.7.1~dev10-3.21.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-neutron-x86_64-13.0.8~dev164-6.27.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-nova-x86_64-18.3.1~dev82-3.27.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-octavia-x86_64-3.2.3~dev7-4.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-sahara-x86_64-9.0.2~dev15-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-swift-x86_64-2.19.2~dev48-2.18.1.noarch", "SUSE OpenStack Cloud Crowbar 9:cassandra-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud Crowbar 9:cassandra-tools-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud Crowbar 9:crowbar-openstack-6.0+git.1616146717.a89ae0f4e-3.34.4.noarch", "SUSE OpenStack Cloud Crowbar 9:grafana-6.7.4-3.23.2.x86_64", "SUSE OpenStack Cloud Crowbar 9:kibana-4.6.6-4.9.2.x86_64", "SUSE OpenStack Cloud Crowbar 9:openstack-dashboard-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-api-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-conductor-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-dhcp-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-ha-tool-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-l3-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-linuxbridge-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-macvtap-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-metadata-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-metering-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-openvswitch-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-server-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-cells-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-compute-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-conductor-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-console-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-novncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-placement-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-scheduler-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-serialproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-vncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-Django1-1.11.29-3.25.1.noarch", "SUSE OpenStack Cloud Crowbar 9:python-elementpath-1.3.1-1.3.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-horizon-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud Crowbar 9:python-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-openstack_auth-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-py-1.5.4-3.3.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-pysaml2-4.5.0-4.6.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-xmlschema-1.0.18-1.3.2.noarch", "SUSE OpenStack Cloud Crowbar 9:ruby2.1-rubygem-activerecord-session_store-0.1.2-4.3.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-19039", url: "https://www.suse.com/security/cve/CVE-2018-19039", }, { category: "external", summary: "SUSE Bug 1115960 for CVE-2018-19039", url: "https://bugzilla.suse.com/1115960", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE OpenStack Cloud 9:ardana-neutron-9.0+git.1615223676.777f0b3-3.25.2.noarch", "SUSE OpenStack Cloud 9:ardana-swift-9.0+git.1618235096.90974ed-3.10.2.noarch", "SUSE OpenStack Cloud 9:cassandra-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud 9:cassandra-tools-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud 9:grafana-6.7.4-3.23.2.x86_64", "SUSE OpenStack Cloud 9:kibana-4.6.6-4.9.2.x86_64", "SUSE OpenStack Cloud 9:openstack-dashboard-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-api-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-conductor-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-dhcp-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-ha-tool-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-l3-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-linuxbridge-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-macvtap-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-metadata-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-metering-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-openvswitch-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-server-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-cells-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-compute-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-conductor-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-console-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-novncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-placement-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-scheduler-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-serialproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-vncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:python-Django1-1.11.29-3.25.1.noarch", "SUSE OpenStack Cloud 9:python-elementpath-1.3.1-1.3.2.noarch", "SUSE OpenStack Cloud 9:python-horizon-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud 9:python-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:python-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:python-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud 9:python-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:python-openstack_auth-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud 9:python-py-1.5.4-3.3.2.noarch", "SUSE OpenStack Cloud 9:python-pysaml2-4.5.0-4.6.2.noarch", "SUSE OpenStack Cloud 9:python-xmlschema-1.0.18-1.3.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-barbican-x86_64-7.0.1~dev24-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-cinder-x86_64-13.0.10~dev20-3.26.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-designate-x86_64-7.0.2~dev2-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-glance-x86_64-17.0.1~dev30-3.21.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-heat-x86_64-11.0.4~dev4-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-horizon-x86_64-14.1.1~dev11-4.27.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-ironic-x86_64-11.1.5~dev17-4.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-keystone-x86_64-14.2.1~dev4-3.24.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-magnum-x86_64-7.2.1~dev1-4.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-manila-x86_64-7.4.2~dev60-3.29.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-monasca-ceilometer-x86_64-1.8.2~dev3-3.23.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-monasca-x86_64-2.7.1~dev10-3.21.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-neutron-x86_64-13.0.8~dev164-6.27.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-nova-x86_64-18.3.1~dev82-3.27.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-octavia-x86_64-3.2.3~dev7-4.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-sahara-x86_64-9.0.2~dev15-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-swift-x86_64-2.19.2~dev48-2.18.1.noarch", "SUSE OpenStack Cloud Crowbar 9:cassandra-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud Crowbar 9:cassandra-tools-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud Crowbar 9:crowbar-openstack-6.0+git.1616146717.a89ae0f4e-3.34.4.noarch", "SUSE OpenStack Cloud Crowbar 9:grafana-6.7.4-3.23.2.x86_64", "SUSE OpenStack Cloud Crowbar 9:kibana-4.6.6-4.9.2.x86_64", "SUSE OpenStack Cloud Crowbar 9:openstack-dashboard-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-api-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-conductor-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-dhcp-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-ha-tool-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-l3-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-linuxbridge-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-macvtap-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-metadata-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-metering-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-openvswitch-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-server-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-cells-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-compute-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-conductor-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-console-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-novncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-placement-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-scheduler-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-serialproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-vncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-Django1-1.11.29-3.25.1.noarch", "SUSE OpenStack Cloud Crowbar 9:python-elementpath-1.3.1-1.3.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-horizon-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud Crowbar 9:python-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-openstack_auth-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-py-1.5.4-3.3.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-pysaml2-4.5.0-4.6.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-xmlschema-1.0.18-1.3.2.noarch", "SUSE OpenStack Cloud Crowbar 9:ruby2.1-rubygem-activerecord-session_store-0.1.2-4.3.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.0", }, products: [ "SUSE OpenStack Cloud 9:ardana-neutron-9.0+git.1615223676.777f0b3-3.25.2.noarch", "SUSE OpenStack Cloud 9:ardana-swift-9.0+git.1618235096.90974ed-3.10.2.noarch", "SUSE OpenStack Cloud 9:cassandra-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud 9:cassandra-tools-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud 9:grafana-6.7.4-3.23.2.x86_64", "SUSE OpenStack Cloud 9:kibana-4.6.6-4.9.2.x86_64", "SUSE OpenStack Cloud 9:openstack-dashboard-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-api-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-conductor-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-dhcp-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-ha-tool-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-l3-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-linuxbridge-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-macvtap-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-metadata-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-metering-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-openvswitch-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-server-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-cells-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-compute-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-conductor-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-console-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-novncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-placement-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-scheduler-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-serialproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-vncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:python-Django1-1.11.29-3.25.1.noarch", "SUSE OpenStack Cloud 9:python-elementpath-1.3.1-1.3.2.noarch", "SUSE OpenStack Cloud 9:python-horizon-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud 9:python-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:python-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:python-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud 9:python-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:python-openstack_auth-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud 9:python-py-1.5.4-3.3.2.noarch", "SUSE OpenStack Cloud 9:python-pysaml2-4.5.0-4.6.2.noarch", "SUSE OpenStack Cloud 9:python-xmlschema-1.0.18-1.3.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-barbican-x86_64-7.0.1~dev24-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-cinder-x86_64-13.0.10~dev20-3.26.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-designate-x86_64-7.0.2~dev2-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-glance-x86_64-17.0.1~dev30-3.21.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-heat-x86_64-11.0.4~dev4-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-horizon-x86_64-14.1.1~dev11-4.27.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-ironic-x86_64-11.1.5~dev17-4.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-keystone-x86_64-14.2.1~dev4-3.24.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-magnum-x86_64-7.2.1~dev1-4.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-manila-x86_64-7.4.2~dev60-3.29.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-monasca-ceilometer-x86_64-1.8.2~dev3-3.23.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-monasca-x86_64-2.7.1~dev10-3.21.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-neutron-x86_64-13.0.8~dev164-6.27.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-nova-x86_64-18.3.1~dev82-3.27.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-octavia-x86_64-3.2.3~dev7-4.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-sahara-x86_64-9.0.2~dev15-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-swift-x86_64-2.19.2~dev48-2.18.1.noarch", "SUSE OpenStack Cloud Crowbar 9:cassandra-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud Crowbar 9:cassandra-tools-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud Crowbar 9:crowbar-openstack-6.0+git.1616146717.a89ae0f4e-3.34.4.noarch", "SUSE OpenStack Cloud Crowbar 9:grafana-6.7.4-3.23.2.x86_64", "SUSE OpenStack Cloud Crowbar 9:kibana-4.6.6-4.9.2.x86_64", "SUSE OpenStack Cloud Crowbar 9:openstack-dashboard-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-api-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-conductor-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-dhcp-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-ha-tool-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-l3-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-linuxbridge-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-macvtap-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-metadata-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-metering-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-openvswitch-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-server-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-cells-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-compute-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-conductor-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-console-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-novncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-placement-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-scheduler-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-serialproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-vncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-Django1-1.11.29-3.25.1.noarch", "SUSE OpenStack Cloud Crowbar 9:python-elementpath-1.3.1-1.3.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-horizon-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud Crowbar 9:python-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-openstack_auth-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-py-1.5.4-3.3.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-pysaml2-4.5.0-4.6.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-xmlschema-1.0.18-1.3.2.noarch", "SUSE OpenStack Cloud Crowbar 9:ruby2.1-rubygem-activerecord-session_store-0.1.2-4.3.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2021-06-11T13:13:53Z", details: "moderate", }, ], title: "CVE-2018-19039", }, { cve: "CVE-2019-15043", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-15043", }, ], notes: [ { category: "general", text: "In Grafana 2.x through 6.x before 6.3.4, parts of the HTTP API allow unauthenticated use. This makes it possible to run a denial of service attack against the server running Grafana.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE OpenStack Cloud 9:ardana-neutron-9.0+git.1615223676.777f0b3-3.25.2.noarch", "SUSE OpenStack Cloud 9:ardana-swift-9.0+git.1618235096.90974ed-3.10.2.noarch", "SUSE OpenStack Cloud 9:cassandra-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud 9:cassandra-tools-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud 9:grafana-6.7.4-3.23.2.x86_64", "SUSE OpenStack Cloud 9:kibana-4.6.6-4.9.2.x86_64", "SUSE OpenStack Cloud 9:openstack-dashboard-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-api-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-conductor-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-dhcp-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-ha-tool-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-l3-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-linuxbridge-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-macvtap-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-metadata-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-metering-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-openvswitch-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-server-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-cells-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-compute-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-conductor-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-console-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-novncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-placement-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-scheduler-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-serialproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-vncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:python-Django1-1.11.29-3.25.1.noarch", "SUSE OpenStack Cloud 9:python-elementpath-1.3.1-1.3.2.noarch", "SUSE OpenStack Cloud 9:python-horizon-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud 9:python-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:python-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:python-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud 9:python-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:python-openstack_auth-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud 9:python-py-1.5.4-3.3.2.noarch", "SUSE OpenStack Cloud 9:python-pysaml2-4.5.0-4.6.2.noarch", "SUSE OpenStack Cloud 9:python-xmlschema-1.0.18-1.3.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-barbican-x86_64-7.0.1~dev24-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-cinder-x86_64-13.0.10~dev20-3.26.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-designate-x86_64-7.0.2~dev2-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-glance-x86_64-17.0.1~dev30-3.21.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-heat-x86_64-11.0.4~dev4-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-horizon-x86_64-14.1.1~dev11-4.27.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-ironic-x86_64-11.1.5~dev17-4.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-keystone-x86_64-14.2.1~dev4-3.24.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-magnum-x86_64-7.2.1~dev1-4.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-manila-x86_64-7.4.2~dev60-3.29.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-monasca-ceilometer-x86_64-1.8.2~dev3-3.23.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-monasca-x86_64-2.7.1~dev10-3.21.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-neutron-x86_64-13.0.8~dev164-6.27.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-nova-x86_64-18.3.1~dev82-3.27.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-octavia-x86_64-3.2.3~dev7-4.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-sahara-x86_64-9.0.2~dev15-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-swift-x86_64-2.19.2~dev48-2.18.1.noarch", "SUSE OpenStack Cloud Crowbar 9:cassandra-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud Crowbar 9:cassandra-tools-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud Crowbar 9:crowbar-openstack-6.0+git.1616146717.a89ae0f4e-3.34.4.noarch", "SUSE OpenStack Cloud Crowbar 9:grafana-6.7.4-3.23.2.x86_64", "SUSE OpenStack Cloud Crowbar 9:kibana-4.6.6-4.9.2.x86_64", "SUSE OpenStack Cloud Crowbar 9:openstack-dashboard-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-api-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-conductor-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-dhcp-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-ha-tool-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-l3-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-linuxbridge-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-macvtap-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-metadata-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-metering-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-openvswitch-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-server-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-cells-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-compute-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-conductor-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-console-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-novncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-placement-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-scheduler-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-serialproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-vncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-Django1-1.11.29-3.25.1.noarch", "SUSE OpenStack Cloud Crowbar 9:python-elementpath-1.3.1-1.3.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-horizon-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud Crowbar 9:python-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-openstack_auth-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-py-1.5.4-3.3.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-pysaml2-4.5.0-4.6.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-xmlschema-1.0.18-1.3.2.noarch", "SUSE OpenStack Cloud Crowbar 9:ruby2.1-rubygem-activerecord-session_store-0.1.2-4.3.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-15043", url: "https://www.suse.com/security/cve/CVE-2019-15043", }, { category: "external", summary: "SUSE Bug 1148383 for CVE-2019-15043", url: "https://bugzilla.suse.com/1148383", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE OpenStack Cloud 9:ardana-neutron-9.0+git.1615223676.777f0b3-3.25.2.noarch", "SUSE OpenStack Cloud 9:ardana-swift-9.0+git.1618235096.90974ed-3.10.2.noarch", "SUSE OpenStack Cloud 9:cassandra-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud 9:cassandra-tools-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud 9:grafana-6.7.4-3.23.2.x86_64", "SUSE OpenStack Cloud 9:kibana-4.6.6-4.9.2.x86_64", "SUSE OpenStack Cloud 9:openstack-dashboard-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-api-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-conductor-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-dhcp-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-ha-tool-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-l3-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-linuxbridge-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-macvtap-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-metadata-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-metering-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-openvswitch-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-server-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-cells-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-compute-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-conductor-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-console-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-novncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-placement-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-scheduler-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-serialproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-vncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:python-Django1-1.11.29-3.25.1.noarch", "SUSE OpenStack Cloud 9:python-elementpath-1.3.1-1.3.2.noarch", "SUSE OpenStack Cloud 9:python-horizon-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud 9:python-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:python-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:python-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud 9:python-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:python-openstack_auth-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud 9:python-py-1.5.4-3.3.2.noarch", "SUSE OpenStack Cloud 9:python-pysaml2-4.5.0-4.6.2.noarch", "SUSE OpenStack Cloud 9:python-xmlschema-1.0.18-1.3.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-barbican-x86_64-7.0.1~dev24-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-cinder-x86_64-13.0.10~dev20-3.26.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-designate-x86_64-7.0.2~dev2-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-glance-x86_64-17.0.1~dev30-3.21.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-heat-x86_64-11.0.4~dev4-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-horizon-x86_64-14.1.1~dev11-4.27.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-ironic-x86_64-11.1.5~dev17-4.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-keystone-x86_64-14.2.1~dev4-3.24.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-magnum-x86_64-7.2.1~dev1-4.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-manila-x86_64-7.4.2~dev60-3.29.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-monasca-ceilometer-x86_64-1.8.2~dev3-3.23.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-monasca-x86_64-2.7.1~dev10-3.21.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-neutron-x86_64-13.0.8~dev164-6.27.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-nova-x86_64-18.3.1~dev82-3.27.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-octavia-x86_64-3.2.3~dev7-4.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-sahara-x86_64-9.0.2~dev15-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-swift-x86_64-2.19.2~dev48-2.18.1.noarch", "SUSE OpenStack Cloud Crowbar 9:cassandra-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud Crowbar 9:cassandra-tools-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud Crowbar 9:crowbar-openstack-6.0+git.1616146717.a89ae0f4e-3.34.4.noarch", "SUSE OpenStack Cloud Crowbar 9:grafana-6.7.4-3.23.2.x86_64", "SUSE OpenStack Cloud Crowbar 9:kibana-4.6.6-4.9.2.x86_64", "SUSE OpenStack Cloud Crowbar 9:openstack-dashboard-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-api-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-conductor-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-dhcp-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-ha-tool-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-l3-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-linuxbridge-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-macvtap-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-metadata-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-metering-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-openvswitch-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-server-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-cells-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-compute-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-conductor-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-console-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-novncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-placement-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-scheduler-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-serialproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-vncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-Django1-1.11.29-3.25.1.noarch", "SUSE OpenStack Cloud Crowbar 9:python-elementpath-1.3.1-1.3.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-horizon-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud Crowbar 9:python-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-openstack_auth-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-py-1.5.4-3.3.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-pysaml2-4.5.0-4.6.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-xmlschema-1.0.18-1.3.2.noarch", "SUSE OpenStack Cloud Crowbar 9:ruby2.1-rubygem-activerecord-session_store-0.1.2-4.3.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.1, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H", version: "3.1", }, products: [ "SUSE OpenStack Cloud 9:ardana-neutron-9.0+git.1615223676.777f0b3-3.25.2.noarch", "SUSE OpenStack Cloud 9:ardana-swift-9.0+git.1618235096.90974ed-3.10.2.noarch", "SUSE OpenStack Cloud 9:cassandra-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud 9:cassandra-tools-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud 9:grafana-6.7.4-3.23.2.x86_64", "SUSE OpenStack Cloud 9:kibana-4.6.6-4.9.2.x86_64", "SUSE OpenStack Cloud 9:openstack-dashboard-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-api-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-conductor-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-dhcp-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-ha-tool-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-l3-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-linuxbridge-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-macvtap-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-metadata-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-metering-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-openvswitch-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-server-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-cells-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-compute-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-conductor-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-console-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-novncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-placement-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-scheduler-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-serialproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-vncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:python-Django1-1.11.29-3.25.1.noarch", "SUSE OpenStack Cloud 9:python-elementpath-1.3.1-1.3.2.noarch", "SUSE OpenStack Cloud 9:python-horizon-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud 9:python-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:python-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:python-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud 9:python-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:python-openstack_auth-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud 9:python-py-1.5.4-3.3.2.noarch", "SUSE OpenStack Cloud 9:python-pysaml2-4.5.0-4.6.2.noarch", "SUSE OpenStack Cloud 9:python-xmlschema-1.0.18-1.3.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-barbican-x86_64-7.0.1~dev24-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-cinder-x86_64-13.0.10~dev20-3.26.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-designate-x86_64-7.0.2~dev2-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-glance-x86_64-17.0.1~dev30-3.21.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-heat-x86_64-11.0.4~dev4-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-horizon-x86_64-14.1.1~dev11-4.27.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-ironic-x86_64-11.1.5~dev17-4.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-keystone-x86_64-14.2.1~dev4-3.24.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-magnum-x86_64-7.2.1~dev1-4.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-manila-x86_64-7.4.2~dev60-3.29.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-monasca-ceilometer-x86_64-1.8.2~dev3-3.23.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-monasca-x86_64-2.7.1~dev10-3.21.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-neutron-x86_64-13.0.8~dev164-6.27.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-nova-x86_64-18.3.1~dev82-3.27.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-octavia-x86_64-3.2.3~dev7-4.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-sahara-x86_64-9.0.2~dev15-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-swift-x86_64-2.19.2~dev48-2.18.1.noarch", "SUSE OpenStack Cloud Crowbar 9:cassandra-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud Crowbar 9:cassandra-tools-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud Crowbar 9:crowbar-openstack-6.0+git.1616146717.a89ae0f4e-3.34.4.noarch", "SUSE OpenStack Cloud Crowbar 9:grafana-6.7.4-3.23.2.x86_64", "SUSE OpenStack Cloud Crowbar 9:kibana-4.6.6-4.9.2.x86_64", "SUSE OpenStack Cloud Crowbar 9:openstack-dashboard-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-api-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-conductor-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-dhcp-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-ha-tool-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-l3-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-linuxbridge-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-macvtap-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-metadata-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-metering-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-openvswitch-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-server-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-cells-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-compute-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-conductor-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-console-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-novncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-placement-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-scheduler-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-serialproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-vncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-Django1-1.11.29-3.25.1.noarch", "SUSE OpenStack Cloud Crowbar 9:python-elementpath-1.3.1-1.3.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-horizon-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud Crowbar 9:python-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-openstack_auth-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-py-1.5.4-3.3.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-pysaml2-4.5.0-4.6.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-xmlschema-1.0.18-1.3.2.noarch", "SUSE OpenStack Cloud Crowbar 9:ruby2.1-rubygem-activerecord-session_store-0.1.2-4.3.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2021-06-11T13:13:53Z", details: "important", }, ], title: "CVE-2019-15043", }, { cve: "CVE-2019-25025", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-25025", }, ], notes: [ { category: "general", text: "The activerecord-session_store (aka Active Record Session Store) component through 1.1.3 for Ruby on Rails does not use a constant-time approach when delivering information about whether a guessed session ID is valid. Consequently, remote attackers can leverage timing discrepancies to achieve a correct guess in a relatively short amount of time. This is a related issue to CVE-2019-16782.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE OpenStack Cloud 9:ardana-neutron-9.0+git.1615223676.777f0b3-3.25.2.noarch", "SUSE OpenStack Cloud 9:ardana-swift-9.0+git.1618235096.90974ed-3.10.2.noarch", "SUSE OpenStack Cloud 9:cassandra-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud 9:cassandra-tools-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud 9:grafana-6.7.4-3.23.2.x86_64", "SUSE OpenStack Cloud 9:kibana-4.6.6-4.9.2.x86_64", "SUSE OpenStack Cloud 9:openstack-dashboard-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-api-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-conductor-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-dhcp-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-ha-tool-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-l3-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-linuxbridge-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-macvtap-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-metadata-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-metering-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-openvswitch-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-server-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-cells-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-compute-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-conductor-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-console-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-novncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-placement-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-scheduler-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-serialproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-vncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:python-Django1-1.11.29-3.25.1.noarch", "SUSE OpenStack Cloud 9:python-elementpath-1.3.1-1.3.2.noarch", "SUSE OpenStack Cloud 9:python-horizon-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud 9:python-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:python-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:python-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud 9:python-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:python-openstack_auth-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud 9:python-py-1.5.4-3.3.2.noarch", "SUSE OpenStack Cloud 9:python-pysaml2-4.5.0-4.6.2.noarch", "SUSE OpenStack Cloud 9:python-xmlschema-1.0.18-1.3.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-barbican-x86_64-7.0.1~dev24-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-cinder-x86_64-13.0.10~dev20-3.26.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-designate-x86_64-7.0.2~dev2-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-glance-x86_64-17.0.1~dev30-3.21.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-heat-x86_64-11.0.4~dev4-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-horizon-x86_64-14.1.1~dev11-4.27.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-ironic-x86_64-11.1.5~dev17-4.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-keystone-x86_64-14.2.1~dev4-3.24.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-magnum-x86_64-7.2.1~dev1-4.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-manila-x86_64-7.4.2~dev60-3.29.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-monasca-ceilometer-x86_64-1.8.2~dev3-3.23.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-monasca-x86_64-2.7.1~dev10-3.21.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-neutron-x86_64-13.0.8~dev164-6.27.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-nova-x86_64-18.3.1~dev82-3.27.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-octavia-x86_64-3.2.3~dev7-4.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-sahara-x86_64-9.0.2~dev15-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-swift-x86_64-2.19.2~dev48-2.18.1.noarch", "SUSE OpenStack Cloud Crowbar 9:cassandra-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud Crowbar 9:cassandra-tools-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud Crowbar 9:crowbar-openstack-6.0+git.1616146717.a89ae0f4e-3.34.4.noarch", "SUSE OpenStack Cloud Crowbar 9:grafana-6.7.4-3.23.2.x86_64", "SUSE OpenStack Cloud Crowbar 9:kibana-4.6.6-4.9.2.x86_64", "SUSE OpenStack Cloud Crowbar 9:openstack-dashboard-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-api-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-conductor-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-dhcp-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-ha-tool-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-l3-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-linuxbridge-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-macvtap-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-metadata-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-metering-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-openvswitch-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-server-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-cells-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-compute-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-conductor-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-console-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-novncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-placement-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-scheduler-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-serialproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-vncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-Django1-1.11.29-3.25.1.noarch", "SUSE OpenStack Cloud Crowbar 9:python-elementpath-1.3.1-1.3.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-horizon-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud Crowbar 9:python-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-openstack_auth-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-py-1.5.4-3.3.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-pysaml2-4.5.0-4.6.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-xmlschema-1.0.18-1.3.2.noarch", "SUSE OpenStack Cloud Crowbar 9:ruby2.1-rubygem-activerecord-session_store-0.1.2-4.3.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-25025", url: "https://www.suse.com/security/cve/CVE-2019-25025", }, { category: "external", summary: "SUSE Bug 1159548 for CVE-2019-25025", url: "https://bugzilla.suse.com/1159548", }, { category: "external", summary: "SUSE Bug 1183174 for CVE-2019-25025", url: "https://bugzilla.suse.com/1183174", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE OpenStack Cloud 9:ardana-neutron-9.0+git.1615223676.777f0b3-3.25.2.noarch", "SUSE OpenStack Cloud 9:ardana-swift-9.0+git.1618235096.90974ed-3.10.2.noarch", "SUSE OpenStack Cloud 9:cassandra-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud 9:cassandra-tools-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud 9:grafana-6.7.4-3.23.2.x86_64", "SUSE OpenStack Cloud 9:kibana-4.6.6-4.9.2.x86_64", "SUSE OpenStack Cloud 9:openstack-dashboard-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-api-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-conductor-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-dhcp-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-ha-tool-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-l3-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-linuxbridge-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-macvtap-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-metadata-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-metering-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-openvswitch-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-server-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-cells-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-compute-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-conductor-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-console-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-novncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-placement-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-scheduler-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-serialproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-vncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:python-Django1-1.11.29-3.25.1.noarch", "SUSE OpenStack Cloud 9:python-elementpath-1.3.1-1.3.2.noarch", "SUSE OpenStack Cloud 9:python-horizon-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud 9:python-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:python-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:python-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud 9:python-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:python-openstack_auth-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud 9:python-py-1.5.4-3.3.2.noarch", "SUSE OpenStack Cloud 9:python-pysaml2-4.5.0-4.6.2.noarch", "SUSE OpenStack Cloud 9:python-xmlschema-1.0.18-1.3.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-barbican-x86_64-7.0.1~dev24-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-cinder-x86_64-13.0.10~dev20-3.26.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-designate-x86_64-7.0.2~dev2-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-glance-x86_64-17.0.1~dev30-3.21.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-heat-x86_64-11.0.4~dev4-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-horizon-x86_64-14.1.1~dev11-4.27.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-ironic-x86_64-11.1.5~dev17-4.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-keystone-x86_64-14.2.1~dev4-3.24.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-magnum-x86_64-7.2.1~dev1-4.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-manila-x86_64-7.4.2~dev60-3.29.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-monasca-ceilometer-x86_64-1.8.2~dev3-3.23.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-monasca-x86_64-2.7.1~dev10-3.21.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-neutron-x86_64-13.0.8~dev164-6.27.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-nova-x86_64-18.3.1~dev82-3.27.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-octavia-x86_64-3.2.3~dev7-4.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-sahara-x86_64-9.0.2~dev15-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-swift-x86_64-2.19.2~dev48-2.18.1.noarch", "SUSE OpenStack Cloud Crowbar 9:cassandra-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud Crowbar 9:cassandra-tools-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud Crowbar 9:crowbar-openstack-6.0+git.1616146717.a89ae0f4e-3.34.4.noarch", "SUSE OpenStack Cloud Crowbar 9:grafana-6.7.4-3.23.2.x86_64", "SUSE OpenStack Cloud Crowbar 9:kibana-4.6.6-4.9.2.x86_64", "SUSE OpenStack Cloud Crowbar 9:openstack-dashboard-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-api-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-conductor-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-dhcp-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-ha-tool-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-l3-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-linuxbridge-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-macvtap-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-metadata-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-metering-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-openvswitch-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-server-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-cells-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-compute-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-conductor-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-console-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-novncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-placement-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-scheduler-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-serialproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-vncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-Django1-1.11.29-3.25.1.noarch", "SUSE OpenStack Cloud Crowbar 9:python-elementpath-1.3.1-1.3.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-horizon-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud Crowbar 9:python-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-openstack_auth-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-py-1.5.4-3.3.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-pysaml2-4.5.0-4.6.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-xmlschema-1.0.18-1.3.2.noarch", "SUSE OpenStack Cloud Crowbar 9:ruby2.1-rubygem-activerecord-session_store-0.1.2-4.3.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "SUSE OpenStack Cloud 9:ardana-neutron-9.0+git.1615223676.777f0b3-3.25.2.noarch", "SUSE OpenStack Cloud 9:ardana-swift-9.0+git.1618235096.90974ed-3.10.2.noarch", "SUSE OpenStack Cloud 9:cassandra-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud 9:cassandra-tools-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud 9:grafana-6.7.4-3.23.2.x86_64", "SUSE OpenStack Cloud 9:kibana-4.6.6-4.9.2.x86_64", "SUSE OpenStack Cloud 9:openstack-dashboard-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-api-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-conductor-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-dhcp-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-ha-tool-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-l3-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-linuxbridge-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-macvtap-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-metadata-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-metering-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-openvswitch-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-server-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-cells-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-compute-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-conductor-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-console-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-novncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-placement-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-scheduler-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-serialproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-vncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:python-Django1-1.11.29-3.25.1.noarch", "SUSE OpenStack Cloud 9:python-elementpath-1.3.1-1.3.2.noarch", "SUSE OpenStack Cloud 9:python-horizon-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud 9:python-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:python-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:python-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud 9:python-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:python-openstack_auth-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud 9:python-py-1.5.4-3.3.2.noarch", "SUSE OpenStack Cloud 9:python-pysaml2-4.5.0-4.6.2.noarch", "SUSE OpenStack Cloud 9:python-xmlschema-1.0.18-1.3.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-barbican-x86_64-7.0.1~dev24-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-cinder-x86_64-13.0.10~dev20-3.26.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-designate-x86_64-7.0.2~dev2-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-glance-x86_64-17.0.1~dev30-3.21.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-heat-x86_64-11.0.4~dev4-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-horizon-x86_64-14.1.1~dev11-4.27.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-ironic-x86_64-11.1.5~dev17-4.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-keystone-x86_64-14.2.1~dev4-3.24.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-magnum-x86_64-7.2.1~dev1-4.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-manila-x86_64-7.4.2~dev60-3.29.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-monasca-ceilometer-x86_64-1.8.2~dev3-3.23.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-monasca-x86_64-2.7.1~dev10-3.21.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-neutron-x86_64-13.0.8~dev164-6.27.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-nova-x86_64-18.3.1~dev82-3.27.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-octavia-x86_64-3.2.3~dev7-4.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-sahara-x86_64-9.0.2~dev15-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-swift-x86_64-2.19.2~dev48-2.18.1.noarch", "SUSE OpenStack Cloud Crowbar 9:cassandra-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud Crowbar 9:cassandra-tools-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud Crowbar 9:crowbar-openstack-6.0+git.1616146717.a89ae0f4e-3.34.4.noarch", "SUSE OpenStack Cloud Crowbar 9:grafana-6.7.4-3.23.2.x86_64", "SUSE OpenStack Cloud Crowbar 9:kibana-4.6.6-4.9.2.x86_64", "SUSE OpenStack Cloud Crowbar 9:openstack-dashboard-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-api-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-conductor-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-dhcp-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-ha-tool-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-l3-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-linuxbridge-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-macvtap-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-metadata-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-metering-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-openvswitch-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-server-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-cells-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-compute-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-conductor-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-console-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-novncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-placement-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-scheduler-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-serialproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-vncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-Django1-1.11.29-3.25.1.noarch", "SUSE OpenStack Cloud Crowbar 9:python-elementpath-1.3.1-1.3.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-horizon-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud Crowbar 9:python-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-openstack_auth-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-py-1.5.4-3.3.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-pysaml2-4.5.0-4.6.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-xmlschema-1.0.18-1.3.2.noarch", "SUSE OpenStack Cloud Crowbar 9:ruby2.1-rubygem-activerecord-session_store-0.1.2-4.3.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2021-06-11T13:13:53Z", details: "moderate", }, ], title: "CVE-2019-25025", }, { cve: "CVE-2020-10743", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-10743", }, ], notes: [ { category: "general", text: "It was discovered that OpenShift Container Platform's (OCP) distribution of Kibana could open in an iframe, which made it possible to intercept and manipulate requests. This flaw allows an attacker to trick a user into performing arbitrary actions in OCP's distribution of Kibana, such as clickjacking.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE OpenStack Cloud 9:ardana-neutron-9.0+git.1615223676.777f0b3-3.25.2.noarch", "SUSE OpenStack Cloud 9:ardana-swift-9.0+git.1618235096.90974ed-3.10.2.noarch", "SUSE OpenStack Cloud 9:cassandra-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud 9:cassandra-tools-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud 9:grafana-6.7.4-3.23.2.x86_64", "SUSE OpenStack Cloud 9:kibana-4.6.6-4.9.2.x86_64", "SUSE OpenStack Cloud 9:openstack-dashboard-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-api-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-conductor-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-dhcp-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-ha-tool-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-l3-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-linuxbridge-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-macvtap-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-metadata-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-metering-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-openvswitch-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-server-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-cells-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-compute-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-conductor-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-console-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-novncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-placement-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-scheduler-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-serialproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-vncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:python-Django1-1.11.29-3.25.1.noarch", "SUSE OpenStack Cloud 9:python-elementpath-1.3.1-1.3.2.noarch", "SUSE OpenStack Cloud 9:python-horizon-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud 9:python-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:python-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:python-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud 9:python-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:python-openstack_auth-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud 9:python-py-1.5.4-3.3.2.noarch", "SUSE OpenStack Cloud 9:python-pysaml2-4.5.0-4.6.2.noarch", "SUSE OpenStack Cloud 9:python-xmlschema-1.0.18-1.3.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-barbican-x86_64-7.0.1~dev24-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-cinder-x86_64-13.0.10~dev20-3.26.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-designate-x86_64-7.0.2~dev2-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-glance-x86_64-17.0.1~dev30-3.21.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-heat-x86_64-11.0.4~dev4-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-horizon-x86_64-14.1.1~dev11-4.27.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-ironic-x86_64-11.1.5~dev17-4.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-keystone-x86_64-14.2.1~dev4-3.24.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-magnum-x86_64-7.2.1~dev1-4.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-manila-x86_64-7.4.2~dev60-3.29.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-monasca-ceilometer-x86_64-1.8.2~dev3-3.23.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-monasca-x86_64-2.7.1~dev10-3.21.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-neutron-x86_64-13.0.8~dev164-6.27.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-nova-x86_64-18.3.1~dev82-3.27.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-octavia-x86_64-3.2.3~dev7-4.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-sahara-x86_64-9.0.2~dev15-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-swift-x86_64-2.19.2~dev48-2.18.1.noarch", "SUSE OpenStack Cloud Crowbar 9:cassandra-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud Crowbar 9:cassandra-tools-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud Crowbar 9:crowbar-openstack-6.0+git.1616146717.a89ae0f4e-3.34.4.noarch", "SUSE OpenStack Cloud Crowbar 9:grafana-6.7.4-3.23.2.x86_64", "SUSE OpenStack Cloud Crowbar 9:kibana-4.6.6-4.9.2.x86_64", "SUSE OpenStack Cloud Crowbar 9:openstack-dashboard-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-api-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-conductor-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-dhcp-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-ha-tool-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-l3-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-linuxbridge-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-macvtap-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-metadata-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-metering-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-openvswitch-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-server-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-cells-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-compute-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-conductor-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-console-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-novncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-placement-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-scheduler-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-serialproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-vncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-Django1-1.11.29-3.25.1.noarch", "SUSE OpenStack Cloud Crowbar 9:python-elementpath-1.3.1-1.3.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-horizon-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud Crowbar 9:python-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-openstack_auth-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-py-1.5.4-3.3.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-pysaml2-4.5.0-4.6.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-xmlschema-1.0.18-1.3.2.noarch", "SUSE OpenStack Cloud Crowbar 9:ruby2.1-rubygem-activerecord-session_store-0.1.2-4.3.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-10743", url: "https://www.suse.com/security/cve/CVE-2020-10743", }, { category: "external", summary: "SUSE Bug 1171909 for CVE-2020-10743", url: "https://bugzilla.suse.com/1171909", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE OpenStack Cloud 9:ardana-neutron-9.0+git.1615223676.777f0b3-3.25.2.noarch", "SUSE OpenStack Cloud 9:ardana-swift-9.0+git.1618235096.90974ed-3.10.2.noarch", "SUSE OpenStack Cloud 9:cassandra-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud 9:cassandra-tools-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud 9:grafana-6.7.4-3.23.2.x86_64", "SUSE OpenStack Cloud 9:kibana-4.6.6-4.9.2.x86_64", "SUSE OpenStack Cloud 9:openstack-dashboard-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-api-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-conductor-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-dhcp-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-ha-tool-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-l3-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-linuxbridge-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-macvtap-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-metadata-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-metering-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-openvswitch-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-server-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-cells-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-compute-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-conductor-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-console-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-novncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-placement-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-scheduler-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-serialproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-vncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:python-Django1-1.11.29-3.25.1.noarch", "SUSE OpenStack Cloud 9:python-elementpath-1.3.1-1.3.2.noarch", "SUSE OpenStack Cloud 9:python-horizon-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud 9:python-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:python-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:python-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud 9:python-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:python-openstack_auth-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud 9:python-py-1.5.4-3.3.2.noarch", "SUSE OpenStack Cloud 9:python-pysaml2-4.5.0-4.6.2.noarch", "SUSE OpenStack Cloud 9:python-xmlschema-1.0.18-1.3.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-barbican-x86_64-7.0.1~dev24-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-cinder-x86_64-13.0.10~dev20-3.26.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-designate-x86_64-7.0.2~dev2-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-glance-x86_64-17.0.1~dev30-3.21.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-heat-x86_64-11.0.4~dev4-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-horizon-x86_64-14.1.1~dev11-4.27.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-ironic-x86_64-11.1.5~dev17-4.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-keystone-x86_64-14.2.1~dev4-3.24.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-magnum-x86_64-7.2.1~dev1-4.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-manila-x86_64-7.4.2~dev60-3.29.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-monasca-ceilometer-x86_64-1.8.2~dev3-3.23.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-monasca-x86_64-2.7.1~dev10-3.21.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-neutron-x86_64-13.0.8~dev164-6.27.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-nova-x86_64-18.3.1~dev82-3.27.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-octavia-x86_64-3.2.3~dev7-4.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-sahara-x86_64-9.0.2~dev15-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-swift-x86_64-2.19.2~dev48-2.18.1.noarch", "SUSE OpenStack Cloud Crowbar 9:cassandra-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud Crowbar 9:cassandra-tools-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud Crowbar 9:crowbar-openstack-6.0+git.1616146717.a89ae0f4e-3.34.4.noarch", "SUSE OpenStack Cloud Crowbar 9:grafana-6.7.4-3.23.2.x86_64", "SUSE OpenStack Cloud Crowbar 9:kibana-4.6.6-4.9.2.x86_64", "SUSE OpenStack Cloud Crowbar 9:openstack-dashboard-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-api-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-conductor-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-dhcp-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-ha-tool-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-l3-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-linuxbridge-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-macvtap-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-metadata-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-metering-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-openvswitch-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-server-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-cells-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-compute-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-conductor-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-console-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-novncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-placement-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-scheduler-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-serialproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-vncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-Django1-1.11.29-3.25.1.noarch", "SUSE OpenStack Cloud Crowbar 9:python-elementpath-1.3.1-1.3.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-horizon-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud Crowbar 9:python-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-openstack_auth-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-py-1.5.4-3.3.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-pysaml2-4.5.0-4.6.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-xmlschema-1.0.18-1.3.2.noarch", "SUSE OpenStack Cloud Crowbar 9:ruby2.1-rubygem-activerecord-session_store-0.1.2-4.3.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 3.9, baseSeverity: "LOW", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N", version: "3.1", }, products: [ "SUSE OpenStack Cloud 9:ardana-neutron-9.0+git.1615223676.777f0b3-3.25.2.noarch", "SUSE OpenStack Cloud 9:ardana-swift-9.0+git.1618235096.90974ed-3.10.2.noarch", "SUSE OpenStack Cloud 9:cassandra-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud 9:cassandra-tools-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud 9:grafana-6.7.4-3.23.2.x86_64", "SUSE OpenStack Cloud 9:kibana-4.6.6-4.9.2.x86_64", "SUSE OpenStack Cloud 9:openstack-dashboard-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-api-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-conductor-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-dhcp-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-ha-tool-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-l3-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-linuxbridge-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-macvtap-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-metadata-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-metering-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-openvswitch-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-server-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-cells-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-compute-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-conductor-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-console-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-novncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-placement-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-scheduler-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-serialproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-vncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:python-Django1-1.11.29-3.25.1.noarch", "SUSE OpenStack Cloud 9:python-elementpath-1.3.1-1.3.2.noarch", "SUSE OpenStack Cloud 9:python-horizon-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud 9:python-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:python-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:python-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud 9:python-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:python-openstack_auth-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud 9:python-py-1.5.4-3.3.2.noarch", "SUSE OpenStack Cloud 9:python-pysaml2-4.5.0-4.6.2.noarch", "SUSE OpenStack Cloud 9:python-xmlschema-1.0.18-1.3.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-barbican-x86_64-7.0.1~dev24-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-cinder-x86_64-13.0.10~dev20-3.26.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-designate-x86_64-7.0.2~dev2-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-glance-x86_64-17.0.1~dev30-3.21.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-heat-x86_64-11.0.4~dev4-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-horizon-x86_64-14.1.1~dev11-4.27.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-ironic-x86_64-11.1.5~dev17-4.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-keystone-x86_64-14.2.1~dev4-3.24.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-magnum-x86_64-7.2.1~dev1-4.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-manila-x86_64-7.4.2~dev60-3.29.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-monasca-ceilometer-x86_64-1.8.2~dev3-3.23.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-monasca-x86_64-2.7.1~dev10-3.21.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-neutron-x86_64-13.0.8~dev164-6.27.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-nova-x86_64-18.3.1~dev82-3.27.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-octavia-x86_64-3.2.3~dev7-4.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-sahara-x86_64-9.0.2~dev15-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-swift-x86_64-2.19.2~dev48-2.18.1.noarch", "SUSE OpenStack Cloud Crowbar 9:cassandra-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud Crowbar 9:cassandra-tools-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud Crowbar 9:crowbar-openstack-6.0+git.1616146717.a89ae0f4e-3.34.4.noarch", "SUSE OpenStack Cloud Crowbar 9:grafana-6.7.4-3.23.2.x86_64", "SUSE OpenStack Cloud Crowbar 9:kibana-4.6.6-4.9.2.x86_64", "SUSE OpenStack Cloud Crowbar 9:openstack-dashboard-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-api-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-conductor-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-dhcp-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-ha-tool-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-l3-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-linuxbridge-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-macvtap-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-metadata-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-metering-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-openvswitch-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-server-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-cells-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-compute-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-conductor-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-console-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-novncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-placement-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-scheduler-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-serialproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-vncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-Django1-1.11.29-3.25.1.noarch", "SUSE OpenStack Cloud Crowbar 9:python-elementpath-1.3.1-1.3.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-horizon-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud Crowbar 9:python-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-openstack_auth-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-py-1.5.4-3.3.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-pysaml2-4.5.0-4.6.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-xmlschema-1.0.18-1.3.2.noarch", "SUSE OpenStack Cloud Crowbar 9:ruby2.1-rubygem-activerecord-session_store-0.1.2-4.3.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2021-06-11T13:13:53Z", details: "low", }, ], title: "CVE-2020-10743", }, { cve: "CVE-2020-11110", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-11110", }, ], notes: [ { category: "general", text: "Grafana through 6.7.1 allows stored XSS due to insufficient input protection in the originalUrl field, which allows an attacker to inject JavaScript code that will be executed after clicking on Open Original Dashboard after visiting the snapshot.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE OpenStack Cloud 9:ardana-neutron-9.0+git.1615223676.777f0b3-3.25.2.noarch", "SUSE OpenStack Cloud 9:ardana-swift-9.0+git.1618235096.90974ed-3.10.2.noarch", "SUSE OpenStack Cloud 9:cassandra-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud 9:cassandra-tools-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud 9:grafana-6.7.4-3.23.2.x86_64", "SUSE OpenStack Cloud 9:kibana-4.6.6-4.9.2.x86_64", "SUSE OpenStack Cloud 9:openstack-dashboard-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-api-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-conductor-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-dhcp-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-ha-tool-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-l3-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-linuxbridge-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-macvtap-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-metadata-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-metering-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-openvswitch-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-server-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-cells-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-compute-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-conductor-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-console-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-novncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-placement-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-scheduler-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-serialproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-vncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:python-Django1-1.11.29-3.25.1.noarch", "SUSE OpenStack Cloud 9:python-elementpath-1.3.1-1.3.2.noarch", "SUSE OpenStack Cloud 9:python-horizon-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud 9:python-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:python-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:python-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud 9:python-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:python-openstack_auth-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud 9:python-py-1.5.4-3.3.2.noarch", "SUSE OpenStack Cloud 9:python-pysaml2-4.5.0-4.6.2.noarch", "SUSE OpenStack Cloud 9:python-xmlschema-1.0.18-1.3.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-barbican-x86_64-7.0.1~dev24-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-cinder-x86_64-13.0.10~dev20-3.26.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-designate-x86_64-7.0.2~dev2-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-glance-x86_64-17.0.1~dev30-3.21.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-heat-x86_64-11.0.4~dev4-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-horizon-x86_64-14.1.1~dev11-4.27.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-ironic-x86_64-11.1.5~dev17-4.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-keystone-x86_64-14.2.1~dev4-3.24.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-magnum-x86_64-7.2.1~dev1-4.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-manila-x86_64-7.4.2~dev60-3.29.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-monasca-ceilometer-x86_64-1.8.2~dev3-3.23.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-monasca-x86_64-2.7.1~dev10-3.21.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-neutron-x86_64-13.0.8~dev164-6.27.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-nova-x86_64-18.3.1~dev82-3.27.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-octavia-x86_64-3.2.3~dev7-4.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-sahara-x86_64-9.0.2~dev15-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-swift-x86_64-2.19.2~dev48-2.18.1.noarch", "SUSE OpenStack Cloud Crowbar 9:cassandra-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud Crowbar 9:cassandra-tools-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud Crowbar 9:crowbar-openstack-6.0+git.1616146717.a89ae0f4e-3.34.4.noarch", "SUSE OpenStack Cloud Crowbar 9:grafana-6.7.4-3.23.2.x86_64", "SUSE OpenStack Cloud Crowbar 9:kibana-4.6.6-4.9.2.x86_64", "SUSE OpenStack Cloud Crowbar 9:openstack-dashboard-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-api-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-conductor-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-dhcp-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-ha-tool-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-l3-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-linuxbridge-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-macvtap-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-metadata-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-metering-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-openvswitch-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-server-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-cells-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-compute-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-conductor-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-console-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-novncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-placement-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-scheduler-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-serialproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-vncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-Django1-1.11.29-3.25.1.noarch", "SUSE OpenStack Cloud Crowbar 9:python-elementpath-1.3.1-1.3.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-horizon-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud Crowbar 9:python-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-openstack_auth-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-py-1.5.4-3.3.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-pysaml2-4.5.0-4.6.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-xmlschema-1.0.18-1.3.2.noarch", "SUSE OpenStack Cloud Crowbar 9:ruby2.1-rubygem-activerecord-session_store-0.1.2-4.3.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-11110", url: "https://www.suse.com/security/cve/CVE-2020-11110", }, { category: "external", summary: "SUSE Bug 1174583 for CVE-2020-11110", url: "https://bugzilla.suse.com/1174583", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE OpenStack Cloud 9:ardana-neutron-9.0+git.1615223676.777f0b3-3.25.2.noarch", "SUSE OpenStack Cloud 9:ardana-swift-9.0+git.1618235096.90974ed-3.10.2.noarch", "SUSE OpenStack Cloud 9:cassandra-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud 9:cassandra-tools-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud 9:grafana-6.7.4-3.23.2.x86_64", "SUSE OpenStack Cloud 9:kibana-4.6.6-4.9.2.x86_64", "SUSE OpenStack Cloud 9:openstack-dashboard-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-api-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-conductor-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-dhcp-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-ha-tool-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-l3-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-linuxbridge-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-macvtap-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-metadata-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-metering-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-openvswitch-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-server-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-cells-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-compute-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-conductor-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-console-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-novncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-placement-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-scheduler-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-serialproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-vncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:python-Django1-1.11.29-3.25.1.noarch", "SUSE OpenStack Cloud 9:python-elementpath-1.3.1-1.3.2.noarch", "SUSE OpenStack Cloud 9:python-horizon-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud 9:python-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:python-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:python-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud 9:python-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:python-openstack_auth-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud 9:python-py-1.5.4-3.3.2.noarch", "SUSE OpenStack Cloud 9:python-pysaml2-4.5.0-4.6.2.noarch", "SUSE OpenStack Cloud 9:python-xmlschema-1.0.18-1.3.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-barbican-x86_64-7.0.1~dev24-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-cinder-x86_64-13.0.10~dev20-3.26.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-designate-x86_64-7.0.2~dev2-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-glance-x86_64-17.0.1~dev30-3.21.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-heat-x86_64-11.0.4~dev4-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-horizon-x86_64-14.1.1~dev11-4.27.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-ironic-x86_64-11.1.5~dev17-4.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-keystone-x86_64-14.2.1~dev4-3.24.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-magnum-x86_64-7.2.1~dev1-4.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-manila-x86_64-7.4.2~dev60-3.29.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-monasca-ceilometer-x86_64-1.8.2~dev3-3.23.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-monasca-x86_64-2.7.1~dev10-3.21.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-neutron-x86_64-13.0.8~dev164-6.27.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-nova-x86_64-18.3.1~dev82-3.27.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-octavia-x86_64-3.2.3~dev7-4.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-sahara-x86_64-9.0.2~dev15-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-swift-x86_64-2.19.2~dev48-2.18.1.noarch", "SUSE OpenStack Cloud Crowbar 9:cassandra-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud Crowbar 9:cassandra-tools-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud Crowbar 9:crowbar-openstack-6.0+git.1616146717.a89ae0f4e-3.34.4.noarch", "SUSE OpenStack Cloud Crowbar 9:grafana-6.7.4-3.23.2.x86_64", "SUSE OpenStack Cloud Crowbar 9:kibana-4.6.6-4.9.2.x86_64", "SUSE OpenStack Cloud Crowbar 9:openstack-dashboard-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-api-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-conductor-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-dhcp-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-ha-tool-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-l3-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-linuxbridge-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-macvtap-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-metadata-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-metering-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-openvswitch-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-server-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-cells-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-compute-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-conductor-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-console-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-novncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-placement-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-scheduler-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-serialproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-vncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-Django1-1.11.29-3.25.1.noarch", "SUSE OpenStack Cloud Crowbar 9:python-elementpath-1.3.1-1.3.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-horizon-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud Crowbar 9:python-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-openstack_auth-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-py-1.5.4-3.3.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-pysaml2-4.5.0-4.6.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-xmlschema-1.0.18-1.3.2.noarch", "SUSE OpenStack Cloud Crowbar 9:ruby2.1-rubygem-activerecord-session_store-0.1.2-4.3.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.1, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, products: [ "SUSE OpenStack Cloud 9:ardana-neutron-9.0+git.1615223676.777f0b3-3.25.2.noarch", "SUSE OpenStack Cloud 9:ardana-swift-9.0+git.1618235096.90974ed-3.10.2.noarch", "SUSE OpenStack Cloud 9:cassandra-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud 9:cassandra-tools-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud 9:grafana-6.7.4-3.23.2.x86_64", "SUSE OpenStack Cloud 9:kibana-4.6.6-4.9.2.x86_64", "SUSE OpenStack Cloud 9:openstack-dashboard-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-api-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-conductor-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-dhcp-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-ha-tool-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-l3-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-linuxbridge-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-macvtap-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-metadata-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-metering-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-openvswitch-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-server-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-cells-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-compute-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-conductor-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-console-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-novncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-placement-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-scheduler-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-serialproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-vncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:python-Django1-1.11.29-3.25.1.noarch", "SUSE OpenStack Cloud 9:python-elementpath-1.3.1-1.3.2.noarch", "SUSE OpenStack Cloud 9:python-horizon-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud 9:python-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:python-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:python-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud 9:python-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:python-openstack_auth-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud 9:python-py-1.5.4-3.3.2.noarch", "SUSE OpenStack Cloud 9:python-pysaml2-4.5.0-4.6.2.noarch", "SUSE OpenStack Cloud 9:python-xmlschema-1.0.18-1.3.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-barbican-x86_64-7.0.1~dev24-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-cinder-x86_64-13.0.10~dev20-3.26.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-designate-x86_64-7.0.2~dev2-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-glance-x86_64-17.0.1~dev30-3.21.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-heat-x86_64-11.0.4~dev4-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-horizon-x86_64-14.1.1~dev11-4.27.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-ironic-x86_64-11.1.5~dev17-4.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-keystone-x86_64-14.2.1~dev4-3.24.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-magnum-x86_64-7.2.1~dev1-4.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-manila-x86_64-7.4.2~dev60-3.29.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-monasca-ceilometer-x86_64-1.8.2~dev3-3.23.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-monasca-x86_64-2.7.1~dev10-3.21.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-neutron-x86_64-13.0.8~dev164-6.27.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-nova-x86_64-18.3.1~dev82-3.27.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-octavia-x86_64-3.2.3~dev7-4.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-sahara-x86_64-9.0.2~dev15-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-swift-x86_64-2.19.2~dev48-2.18.1.noarch", "SUSE OpenStack Cloud Crowbar 9:cassandra-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud Crowbar 9:cassandra-tools-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud Crowbar 9:crowbar-openstack-6.0+git.1616146717.a89ae0f4e-3.34.4.noarch", "SUSE OpenStack Cloud Crowbar 9:grafana-6.7.4-3.23.2.x86_64", "SUSE OpenStack Cloud Crowbar 9:kibana-4.6.6-4.9.2.x86_64", "SUSE OpenStack Cloud Crowbar 9:openstack-dashboard-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-api-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-conductor-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-dhcp-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-ha-tool-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-l3-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-linuxbridge-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-macvtap-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-metadata-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-metering-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-openvswitch-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-server-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-cells-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-compute-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-conductor-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-console-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-novncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-placement-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-scheduler-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-serialproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-vncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-Django1-1.11.29-3.25.1.noarch", "SUSE OpenStack Cloud Crowbar 9:python-elementpath-1.3.1-1.3.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-horizon-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud Crowbar 9:python-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-openstack_auth-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-py-1.5.4-3.3.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-pysaml2-4.5.0-4.6.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-xmlschema-1.0.18-1.3.2.noarch", "SUSE OpenStack Cloud Crowbar 9:ruby2.1-rubygem-activerecord-session_store-0.1.2-4.3.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2021-06-11T13:13:53Z", details: "moderate", }, ], title: "CVE-2020-11110", }, { cve: "CVE-2020-12052", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-12052", }, ], notes: [ { category: "general", text: "Grafana version < 6.7.3 is vulnerable for annotation popup XSS.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE OpenStack Cloud 9:ardana-neutron-9.0+git.1615223676.777f0b3-3.25.2.noarch", "SUSE OpenStack Cloud 9:ardana-swift-9.0+git.1618235096.90974ed-3.10.2.noarch", "SUSE OpenStack Cloud 9:cassandra-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud 9:cassandra-tools-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud 9:grafana-6.7.4-3.23.2.x86_64", "SUSE OpenStack Cloud 9:kibana-4.6.6-4.9.2.x86_64", "SUSE OpenStack Cloud 9:openstack-dashboard-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-api-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-conductor-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-dhcp-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-ha-tool-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-l3-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-linuxbridge-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-macvtap-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-metadata-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-metering-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-openvswitch-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-server-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-cells-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-compute-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-conductor-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-console-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-novncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-placement-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-scheduler-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-serialproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-vncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:python-Django1-1.11.29-3.25.1.noarch", "SUSE OpenStack Cloud 9:python-elementpath-1.3.1-1.3.2.noarch", "SUSE OpenStack Cloud 9:python-horizon-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud 9:python-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:python-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:python-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud 9:python-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:python-openstack_auth-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud 9:python-py-1.5.4-3.3.2.noarch", "SUSE OpenStack Cloud 9:python-pysaml2-4.5.0-4.6.2.noarch", "SUSE OpenStack Cloud 9:python-xmlschema-1.0.18-1.3.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-barbican-x86_64-7.0.1~dev24-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-cinder-x86_64-13.0.10~dev20-3.26.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-designate-x86_64-7.0.2~dev2-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-glance-x86_64-17.0.1~dev30-3.21.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-heat-x86_64-11.0.4~dev4-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-horizon-x86_64-14.1.1~dev11-4.27.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-ironic-x86_64-11.1.5~dev17-4.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-keystone-x86_64-14.2.1~dev4-3.24.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-magnum-x86_64-7.2.1~dev1-4.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-manila-x86_64-7.4.2~dev60-3.29.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-monasca-ceilometer-x86_64-1.8.2~dev3-3.23.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-monasca-x86_64-2.7.1~dev10-3.21.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-neutron-x86_64-13.0.8~dev164-6.27.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-nova-x86_64-18.3.1~dev82-3.27.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-octavia-x86_64-3.2.3~dev7-4.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-sahara-x86_64-9.0.2~dev15-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-swift-x86_64-2.19.2~dev48-2.18.1.noarch", "SUSE OpenStack Cloud Crowbar 9:cassandra-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud Crowbar 9:cassandra-tools-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud Crowbar 9:crowbar-openstack-6.0+git.1616146717.a89ae0f4e-3.34.4.noarch", "SUSE OpenStack Cloud Crowbar 9:grafana-6.7.4-3.23.2.x86_64", "SUSE OpenStack Cloud Crowbar 9:kibana-4.6.6-4.9.2.x86_64", "SUSE OpenStack Cloud Crowbar 9:openstack-dashboard-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-api-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-conductor-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-dhcp-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-ha-tool-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-l3-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-linuxbridge-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-macvtap-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-metadata-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-metering-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-openvswitch-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-server-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-cells-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-compute-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-conductor-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-console-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-novncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-placement-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-scheduler-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-serialproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-vncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-Django1-1.11.29-3.25.1.noarch", "SUSE OpenStack Cloud Crowbar 9:python-elementpath-1.3.1-1.3.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-horizon-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud Crowbar 9:python-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-openstack_auth-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-py-1.5.4-3.3.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-pysaml2-4.5.0-4.6.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-xmlschema-1.0.18-1.3.2.noarch", "SUSE OpenStack Cloud Crowbar 9:ruby2.1-rubygem-activerecord-session_store-0.1.2-4.3.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-12052", url: "https://www.suse.com/security/cve/CVE-2020-12052", }, { category: "external", summary: "SUSE Bug 1170657 for CVE-2020-12052", url: "https://bugzilla.suse.com/1170657", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE OpenStack Cloud 9:ardana-neutron-9.0+git.1615223676.777f0b3-3.25.2.noarch", "SUSE OpenStack Cloud 9:ardana-swift-9.0+git.1618235096.90974ed-3.10.2.noarch", "SUSE OpenStack Cloud 9:cassandra-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud 9:cassandra-tools-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud 9:grafana-6.7.4-3.23.2.x86_64", "SUSE OpenStack Cloud 9:kibana-4.6.6-4.9.2.x86_64", "SUSE OpenStack Cloud 9:openstack-dashboard-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-api-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-conductor-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-dhcp-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-ha-tool-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-l3-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-linuxbridge-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-macvtap-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-metadata-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-metering-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-openvswitch-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-server-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-cells-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-compute-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-conductor-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-console-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-novncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-placement-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-scheduler-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-serialproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-vncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:python-Django1-1.11.29-3.25.1.noarch", "SUSE OpenStack Cloud 9:python-elementpath-1.3.1-1.3.2.noarch", "SUSE OpenStack Cloud 9:python-horizon-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud 9:python-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:python-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:python-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud 9:python-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:python-openstack_auth-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud 9:python-py-1.5.4-3.3.2.noarch", "SUSE OpenStack Cloud 9:python-pysaml2-4.5.0-4.6.2.noarch", "SUSE OpenStack Cloud 9:python-xmlschema-1.0.18-1.3.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-barbican-x86_64-7.0.1~dev24-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-cinder-x86_64-13.0.10~dev20-3.26.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-designate-x86_64-7.0.2~dev2-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-glance-x86_64-17.0.1~dev30-3.21.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-heat-x86_64-11.0.4~dev4-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-horizon-x86_64-14.1.1~dev11-4.27.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-ironic-x86_64-11.1.5~dev17-4.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-keystone-x86_64-14.2.1~dev4-3.24.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-magnum-x86_64-7.2.1~dev1-4.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-manila-x86_64-7.4.2~dev60-3.29.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-monasca-ceilometer-x86_64-1.8.2~dev3-3.23.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-monasca-x86_64-2.7.1~dev10-3.21.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-neutron-x86_64-13.0.8~dev164-6.27.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-nova-x86_64-18.3.1~dev82-3.27.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-octavia-x86_64-3.2.3~dev7-4.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-sahara-x86_64-9.0.2~dev15-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-swift-x86_64-2.19.2~dev48-2.18.1.noarch", "SUSE OpenStack Cloud Crowbar 9:cassandra-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud Crowbar 9:cassandra-tools-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud Crowbar 9:crowbar-openstack-6.0+git.1616146717.a89ae0f4e-3.34.4.noarch", "SUSE OpenStack Cloud Crowbar 9:grafana-6.7.4-3.23.2.x86_64", "SUSE OpenStack Cloud Crowbar 9:kibana-4.6.6-4.9.2.x86_64", "SUSE OpenStack Cloud Crowbar 9:openstack-dashboard-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-api-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-conductor-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-dhcp-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-ha-tool-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-l3-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-linuxbridge-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-macvtap-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-metadata-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-metering-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-openvswitch-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-server-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-cells-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-compute-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-conductor-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-console-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-novncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-placement-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-scheduler-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-serialproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-vncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-Django1-1.11.29-3.25.1.noarch", "SUSE OpenStack Cloud Crowbar 9:python-elementpath-1.3.1-1.3.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-horizon-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud Crowbar 9:python-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-openstack_auth-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-py-1.5.4-3.3.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-pysaml2-4.5.0-4.6.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-xmlschema-1.0.18-1.3.2.noarch", "SUSE OpenStack Cloud Crowbar 9:ruby2.1-rubygem-activerecord-session_store-0.1.2-4.3.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", version: "3.1", }, products: [ "SUSE OpenStack Cloud 9:ardana-neutron-9.0+git.1615223676.777f0b3-3.25.2.noarch", "SUSE OpenStack Cloud 9:ardana-swift-9.0+git.1618235096.90974ed-3.10.2.noarch", "SUSE OpenStack Cloud 9:cassandra-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud 9:cassandra-tools-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud 9:grafana-6.7.4-3.23.2.x86_64", "SUSE OpenStack Cloud 9:kibana-4.6.6-4.9.2.x86_64", "SUSE OpenStack Cloud 9:openstack-dashboard-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-api-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-conductor-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-dhcp-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-ha-tool-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-l3-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-linuxbridge-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-macvtap-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-metadata-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-metering-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-openvswitch-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-server-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-cells-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-compute-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-conductor-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-console-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-novncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-placement-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-scheduler-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-serialproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-vncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:python-Django1-1.11.29-3.25.1.noarch", "SUSE OpenStack Cloud 9:python-elementpath-1.3.1-1.3.2.noarch", "SUSE OpenStack Cloud 9:python-horizon-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud 9:python-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:python-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:python-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud 9:python-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:python-openstack_auth-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud 9:python-py-1.5.4-3.3.2.noarch", "SUSE OpenStack Cloud 9:python-pysaml2-4.5.0-4.6.2.noarch", "SUSE OpenStack Cloud 9:python-xmlschema-1.0.18-1.3.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-barbican-x86_64-7.0.1~dev24-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-cinder-x86_64-13.0.10~dev20-3.26.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-designate-x86_64-7.0.2~dev2-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-glance-x86_64-17.0.1~dev30-3.21.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-heat-x86_64-11.0.4~dev4-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-horizon-x86_64-14.1.1~dev11-4.27.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-ironic-x86_64-11.1.5~dev17-4.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-keystone-x86_64-14.2.1~dev4-3.24.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-magnum-x86_64-7.2.1~dev1-4.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-manila-x86_64-7.4.2~dev60-3.29.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-monasca-ceilometer-x86_64-1.8.2~dev3-3.23.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-monasca-x86_64-2.7.1~dev10-3.21.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-neutron-x86_64-13.0.8~dev164-6.27.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-nova-x86_64-18.3.1~dev82-3.27.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-octavia-x86_64-3.2.3~dev7-4.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-sahara-x86_64-9.0.2~dev15-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-swift-x86_64-2.19.2~dev48-2.18.1.noarch", "SUSE OpenStack Cloud Crowbar 9:cassandra-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud Crowbar 9:cassandra-tools-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud Crowbar 9:crowbar-openstack-6.0+git.1616146717.a89ae0f4e-3.34.4.noarch", "SUSE OpenStack Cloud Crowbar 9:grafana-6.7.4-3.23.2.x86_64", "SUSE OpenStack Cloud Crowbar 9:kibana-4.6.6-4.9.2.x86_64", "SUSE OpenStack Cloud Crowbar 9:openstack-dashboard-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-api-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-conductor-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-dhcp-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-ha-tool-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-l3-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-linuxbridge-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-macvtap-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-metadata-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-metering-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-openvswitch-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-server-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-cells-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-compute-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-conductor-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-console-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-novncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-placement-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-scheduler-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-serialproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-vncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-Django1-1.11.29-3.25.1.noarch", "SUSE OpenStack Cloud Crowbar 9:python-elementpath-1.3.1-1.3.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-horizon-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud Crowbar 9:python-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-openstack_auth-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-py-1.5.4-3.3.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-pysaml2-4.5.0-4.6.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-xmlschema-1.0.18-1.3.2.noarch", "SUSE OpenStack Cloud Crowbar 9:ruby2.1-rubygem-activerecord-session_store-0.1.2-4.3.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2021-06-11T13:13:53Z", details: "moderate", }, ], title: "CVE-2020-12052", }, { cve: "CVE-2020-13379", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-13379", }, ], notes: [ { category: "general", text: "The avatar feature in Grafana 3.0.1 through 7.0.1 has an SSRF Incorrect Access Control issue. This vulnerability allows any unauthenticated user/client to make Grafana send HTTP requests to any URL and return its result to the user/client. This can be used to gain information about the network that Grafana is running on. Furthermore, passing invalid URL objects could be used for DOS'ing Grafana via SegFault.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE OpenStack Cloud 9:ardana-neutron-9.0+git.1615223676.777f0b3-3.25.2.noarch", "SUSE OpenStack Cloud 9:ardana-swift-9.0+git.1618235096.90974ed-3.10.2.noarch", "SUSE OpenStack Cloud 9:cassandra-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud 9:cassandra-tools-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud 9:grafana-6.7.4-3.23.2.x86_64", "SUSE OpenStack Cloud 9:kibana-4.6.6-4.9.2.x86_64", "SUSE OpenStack Cloud 9:openstack-dashboard-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-api-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-conductor-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-dhcp-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-ha-tool-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-l3-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-linuxbridge-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-macvtap-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-metadata-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-metering-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-openvswitch-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-server-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-cells-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-compute-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-conductor-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-console-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-novncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-placement-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-scheduler-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-serialproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-vncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:python-Django1-1.11.29-3.25.1.noarch", "SUSE OpenStack Cloud 9:python-elementpath-1.3.1-1.3.2.noarch", "SUSE OpenStack Cloud 9:python-horizon-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud 9:python-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:python-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:python-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud 9:python-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:python-openstack_auth-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud 9:python-py-1.5.4-3.3.2.noarch", "SUSE OpenStack Cloud 9:python-pysaml2-4.5.0-4.6.2.noarch", "SUSE OpenStack Cloud 9:python-xmlschema-1.0.18-1.3.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-barbican-x86_64-7.0.1~dev24-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-cinder-x86_64-13.0.10~dev20-3.26.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-designate-x86_64-7.0.2~dev2-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-glance-x86_64-17.0.1~dev30-3.21.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-heat-x86_64-11.0.4~dev4-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-horizon-x86_64-14.1.1~dev11-4.27.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-ironic-x86_64-11.1.5~dev17-4.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-keystone-x86_64-14.2.1~dev4-3.24.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-magnum-x86_64-7.2.1~dev1-4.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-manila-x86_64-7.4.2~dev60-3.29.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-monasca-ceilometer-x86_64-1.8.2~dev3-3.23.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-monasca-x86_64-2.7.1~dev10-3.21.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-neutron-x86_64-13.0.8~dev164-6.27.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-nova-x86_64-18.3.1~dev82-3.27.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-octavia-x86_64-3.2.3~dev7-4.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-sahara-x86_64-9.0.2~dev15-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-swift-x86_64-2.19.2~dev48-2.18.1.noarch", "SUSE OpenStack Cloud Crowbar 9:cassandra-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud Crowbar 9:cassandra-tools-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud Crowbar 9:crowbar-openstack-6.0+git.1616146717.a89ae0f4e-3.34.4.noarch", "SUSE OpenStack Cloud Crowbar 9:grafana-6.7.4-3.23.2.x86_64", "SUSE OpenStack Cloud Crowbar 9:kibana-4.6.6-4.9.2.x86_64", "SUSE OpenStack Cloud Crowbar 9:openstack-dashboard-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-api-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-conductor-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-dhcp-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-ha-tool-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-l3-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-linuxbridge-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-macvtap-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-metadata-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-metering-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-openvswitch-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-server-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-cells-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-compute-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-conductor-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-console-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-novncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-placement-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-scheduler-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-serialproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-vncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-Django1-1.11.29-3.25.1.noarch", "SUSE OpenStack Cloud Crowbar 9:python-elementpath-1.3.1-1.3.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-horizon-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud Crowbar 9:python-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-openstack_auth-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-py-1.5.4-3.3.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-pysaml2-4.5.0-4.6.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-xmlschema-1.0.18-1.3.2.noarch", "SUSE OpenStack Cloud Crowbar 9:ruby2.1-rubygem-activerecord-session_store-0.1.2-4.3.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-13379", url: "https://www.suse.com/security/cve/CVE-2020-13379", }, { category: "external", summary: "SUSE Bug 1172409 for CVE-2020-13379", url: "https://bugzilla.suse.com/1172409", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE OpenStack Cloud 9:ardana-neutron-9.0+git.1615223676.777f0b3-3.25.2.noarch", "SUSE OpenStack Cloud 9:ardana-swift-9.0+git.1618235096.90974ed-3.10.2.noarch", "SUSE OpenStack Cloud 9:cassandra-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud 9:cassandra-tools-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud 9:grafana-6.7.4-3.23.2.x86_64", "SUSE OpenStack Cloud 9:kibana-4.6.6-4.9.2.x86_64", "SUSE OpenStack Cloud 9:openstack-dashboard-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-api-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-conductor-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-dhcp-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-ha-tool-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-l3-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-linuxbridge-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-macvtap-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-metadata-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-metering-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-openvswitch-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-server-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-cells-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-compute-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-conductor-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-console-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-novncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-placement-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-scheduler-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-serialproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-vncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:python-Django1-1.11.29-3.25.1.noarch", "SUSE OpenStack Cloud 9:python-elementpath-1.3.1-1.3.2.noarch", "SUSE OpenStack Cloud 9:python-horizon-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud 9:python-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:python-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:python-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud 9:python-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:python-openstack_auth-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud 9:python-py-1.5.4-3.3.2.noarch", "SUSE OpenStack Cloud 9:python-pysaml2-4.5.0-4.6.2.noarch", "SUSE OpenStack Cloud 9:python-xmlschema-1.0.18-1.3.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-barbican-x86_64-7.0.1~dev24-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-cinder-x86_64-13.0.10~dev20-3.26.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-designate-x86_64-7.0.2~dev2-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-glance-x86_64-17.0.1~dev30-3.21.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-heat-x86_64-11.0.4~dev4-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-horizon-x86_64-14.1.1~dev11-4.27.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-ironic-x86_64-11.1.5~dev17-4.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-keystone-x86_64-14.2.1~dev4-3.24.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-magnum-x86_64-7.2.1~dev1-4.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-manila-x86_64-7.4.2~dev60-3.29.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-monasca-ceilometer-x86_64-1.8.2~dev3-3.23.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-monasca-x86_64-2.7.1~dev10-3.21.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-neutron-x86_64-13.0.8~dev164-6.27.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-nova-x86_64-18.3.1~dev82-3.27.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-octavia-x86_64-3.2.3~dev7-4.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-sahara-x86_64-9.0.2~dev15-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-swift-x86_64-2.19.2~dev48-2.18.1.noarch", "SUSE OpenStack Cloud Crowbar 9:cassandra-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud Crowbar 9:cassandra-tools-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud Crowbar 9:crowbar-openstack-6.0+git.1616146717.a89ae0f4e-3.34.4.noarch", "SUSE OpenStack Cloud Crowbar 9:grafana-6.7.4-3.23.2.x86_64", "SUSE OpenStack Cloud Crowbar 9:kibana-4.6.6-4.9.2.x86_64", "SUSE OpenStack Cloud Crowbar 9:openstack-dashboard-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-api-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-conductor-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-dhcp-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-ha-tool-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-l3-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-linuxbridge-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-macvtap-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-metadata-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-metering-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-openvswitch-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-server-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-cells-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-compute-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-conductor-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-console-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-novncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-placement-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-scheduler-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-serialproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-vncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-Django1-1.11.29-3.25.1.noarch", "SUSE OpenStack Cloud Crowbar 9:python-elementpath-1.3.1-1.3.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-horizon-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud Crowbar 9:python-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-openstack_auth-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-py-1.5.4-3.3.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-pysaml2-4.5.0-4.6.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-xmlschema-1.0.18-1.3.2.noarch", "SUSE OpenStack Cloud Crowbar 9:ruby2.1-rubygem-activerecord-session_store-0.1.2-4.3.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "SUSE OpenStack Cloud 9:ardana-neutron-9.0+git.1615223676.777f0b3-3.25.2.noarch", "SUSE OpenStack Cloud 9:ardana-swift-9.0+git.1618235096.90974ed-3.10.2.noarch", "SUSE OpenStack Cloud 9:cassandra-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud 9:cassandra-tools-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud 9:grafana-6.7.4-3.23.2.x86_64", "SUSE OpenStack Cloud 9:kibana-4.6.6-4.9.2.x86_64", "SUSE OpenStack Cloud 9:openstack-dashboard-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-api-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-conductor-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-dhcp-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-ha-tool-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-l3-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-linuxbridge-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-macvtap-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-metadata-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-metering-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-openvswitch-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-server-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-cells-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-compute-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-conductor-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-console-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-novncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-placement-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-scheduler-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-serialproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-vncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:python-Django1-1.11.29-3.25.1.noarch", "SUSE OpenStack Cloud 9:python-elementpath-1.3.1-1.3.2.noarch", "SUSE OpenStack Cloud 9:python-horizon-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud 9:python-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:python-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:python-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud 9:python-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:python-openstack_auth-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud 9:python-py-1.5.4-3.3.2.noarch", "SUSE OpenStack Cloud 9:python-pysaml2-4.5.0-4.6.2.noarch", "SUSE OpenStack Cloud 9:python-xmlschema-1.0.18-1.3.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-barbican-x86_64-7.0.1~dev24-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-cinder-x86_64-13.0.10~dev20-3.26.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-designate-x86_64-7.0.2~dev2-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-glance-x86_64-17.0.1~dev30-3.21.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-heat-x86_64-11.0.4~dev4-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-horizon-x86_64-14.1.1~dev11-4.27.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-ironic-x86_64-11.1.5~dev17-4.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-keystone-x86_64-14.2.1~dev4-3.24.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-magnum-x86_64-7.2.1~dev1-4.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-manila-x86_64-7.4.2~dev60-3.29.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-monasca-ceilometer-x86_64-1.8.2~dev3-3.23.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-monasca-x86_64-2.7.1~dev10-3.21.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-neutron-x86_64-13.0.8~dev164-6.27.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-nova-x86_64-18.3.1~dev82-3.27.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-octavia-x86_64-3.2.3~dev7-4.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-sahara-x86_64-9.0.2~dev15-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-swift-x86_64-2.19.2~dev48-2.18.1.noarch", "SUSE OpenStack Cloud Crowbar 9:cassandra-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud Crowbar 9:cassandra-tools-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud Crowbar 9:crowbar-openstack-6.0+git.1616146717.a89ae0f4e-3.34.4.noarch", "SUSE OpenStack Cloud Crowbar 9:grafana-6.7.4-3.23.2.x86_64", "SUSE OpenStack Cloud Crowbar 9:kibana-4.6.6-4.9.2.x86_64", "SUSE OpenStack Cloud Crowbar 9:openstack-dashboard-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-api-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-conductor-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-dhcp-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-ha-tool-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-l3-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-linuxbridge-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-macvtap-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-metadata-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-metering-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-openvswitch-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-server-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-cells-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-compute-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-conductor-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-console-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-novncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-placement-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-scheduler-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-serialproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-vncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-Django1-1.11.29-3.25.1.noarch", "SUSE OpenStack Cloud Crowbar 9:python-elementpath-1.3.1-1.3.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-horizon-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud Crowbar 9:python-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-openstack_auth-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-py-1.5.4-3.3.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-pysaml2-4.5.0-4.6.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-xmlschema-1.0.18-1.3.2.noarch", "SUSE OpenStack Cloud Crowbar 9:ruby2.1-rubygem-activerecord-session_store-0.1.2-4.3.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2021-06-11T13:13:53Z", details: "important", }, ], title: "CVE-2020-13379", }, { cve: "CVE-2020-17516", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-17516", }, ], notes: [ { category: "general", text: "Apache Cassandra versions 2.1.0 to 2.1.22, 2.2.0 to 2.2.19, 3.0.0 to 3.0.23, and 3.11.0 to 3.11.9, when using 'dc' or 'rack' internode_encryption setting, allows both encrypted and unencrypted internode connections. A misconfigured node or a malicious user can use the unencrypted connection despite not being in the same rack or dc, and bypass mutual TLS requirement.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE OpenStack Cloud 9:ardana-neutron-9.0+git.1615223676.777f0b3-3.25.2.noarch", "SUSE OpenStack Cloud 9:ardana-swift-9.0+git.1618235096.90974ed-3.10.2.noarch", "SUSE OpenStack Cloud 9:cassandra-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud 9:cassandra-tools-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud 9:grafana-6.7.4-3.23.2.x86_64", "SUSE OpenStack Cloud 9:kibana-4.6.6-4.9.2.x86_64", "SUSE OpenStack Cloud 9:openstack-dashboard-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-api-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-conductor-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-dhcp-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-ha-tool-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-l3-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-linuxbridge-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-macvtap-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-metadata-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-metering-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-openvswitch-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-server-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-cells-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-compute-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-conductor-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-console-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-novncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-placement-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-scheduler-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-serialproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-vncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:python-Django1-1.11.29-3.25.1.noarch", "SUSE OpenStack Cloud 9:python-elementpath-1.3.1-1.3.2.noarch", "SUSE OpenStack Cloud 9:python-horizon-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud 9:python-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:python-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:python-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud 9:python-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:python-openstack_auth-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud 9:python-py-1.5.4-3.3.2.noarch", "SUSE OpenStack Cloud 9:python-pysaml2-4.5.0-4.6.2.noarch", "SUSE OpenStack Cloud 9:python-xmlschema-1.0.18-1.3.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-barbican-x86_64-7.0.1~dev24-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-cinder-x86_64-13.0.10~dev20-3.26.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-designate-x86_64-7.0.2~dev2-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-glance-x86_64-17.0.1~dev30-3.21.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-heat-x86_64-11.0.4~dev4-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-horizon-x86_64-14.1.1~dev11-4.27.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-ironic-x86_64-11.1.5~dev17-4.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-keystone-x86_64-14.2.1~dev4-3.24.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-magnum-x86_64-7.2.1~dev1-4.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-manila-x86_64-7.4.2~dev60-3.29.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-monasca-ceilometer-x86_64-1.8.2~dev3-3.23.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-monasca-x86_64-2.7.1~dev10-3.21.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-neutron-x86_64-13.0.8~dev164-6.27.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-nova-x86_64-18.3.1~dev82-3.27.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-octavia-x86_64-3.2.3~dev7-4.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-sahara-x86_64-9.0.2~dev15-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-swift-x86_64-2.19.2~dev48-2.18.1.noarch", "SUSE OpenStack Cloud Crowbar 9:cassandra-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud Crowbar 9:cassandra-tools-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud Crowbar 9:crowbar-openstack-6.0+git.1616146717.a89ae0f4e-3.34.4.noarch", "SUSE OpenStack Cloud Crowbar 9:grafana-6.7.4-3.23.2.x86_64", "SUSE OpenStack Cloud Crowbar 9:kibana-4.6.6-4.9.2.x86_64", "SUSE OpenStack Cloud Crowbar 9:openstack-dashboard-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-api-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-conductor-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-dhcp-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-ha-tool-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-l3-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-linuxbridge-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-macvtap-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-metadata-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-metering-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-openvswitch-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-server-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-cells-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-compute-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-conductor-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-console-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-novncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-placement-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-scheduler-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-serialproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-vncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-Django1-1.11.29-3.25.1.noarch", "SUSE OpenStack Cloud Crowbar 9:python-elementpath-1.3.1-1.3.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-horizon-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud Crowbar 9:python-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-openstack_auth-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-py-1.5.4-3.3.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-pysaml2-4.5.0-4.6.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-xmlschema-1.0.18-1.3.2.noarch", "SUSE OpenStack Cloud Crowbar 9:ruby2.1-rubygem-activerecord-session_store-0.1.2-4.3.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-17516", url: "https://www.suse.com/security/cve/CVE-2020-17516", }, { category: "external", summary: "SUSE Bug 1181689 for CVE-2020-17516", url: "https://bugzilla.suse.com/1181689", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE OpenStack Cloud 9:ardana-neutron-9.0+git.1615223676.777f0b3-3.25.2.noarch", "SUSE OpenStack Cloud 9:ardana-swift-9.0+git.1618235096.90974ed-3.10.2.noarch", "SUSE OpenStack Cloud 9:cassandra-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud 9:cassandra-tools-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud 9:grafana-6.7.4-3.23.2.x86_64", "SUSE OpenStack Cloud 9:kibana-4.6.6-4.9.2.x86_64", "SUSE OpenStack Cloud 9:openstack-dashboard-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-api-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-conductor-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-dhcp-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-ha-tool-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-l3-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-linuxbridge-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-macvtap-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-metadata-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-metering-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-openvswitch-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-server-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-cells-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-compute-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-conductor-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-console-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-novncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-placement-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-scheduler-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-serialproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-vncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:python-Django1-1.11.29-3.25.1.noarch", "SUSE OpenStack Cloud 9:python-elementpath-1.3.1-1.3.2.noarch", "SUSE OpenStack Cloud 9:python-horizon-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud 9:python-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:python-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:python-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud 9:python-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:python-openstack_auth-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud 9:python-py-1.5.4-3.3.2.noarch", "SUSE OpenStack Cloud 9:python-pysaml2-4.5.0-4.6.2.noarch", "SUSE OpenStack Cloud 9:python-xmlschema-1.0.18-1.3.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-barbican-x86_64-7.0.1~dev24-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-cinder-x86_64-13.0.10~dev20-3.26.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-designate-x86_64-7.0.2~dev2-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-glance-x86_64-17.0.1~dev30-3.21.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-heat-x86_64-11.0.4~dev4-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-horizon-x86_64-14.1.1~dev11-4.27.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-ironic-x86_64-11.1.5~dev17-4.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-keystone-x86_64-14.2.1~dev4-3.24.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-magnum-x86_64-7.2.1~dev1-4.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-manila-x86_64-7.4.2~dev60-3.29.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-monasca-ceilometer-x86_64-1.8.2~dev3-3.23.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-monasca-x86_64-2.7.1~dev10-3.21.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-neutron-x86_64-13.0.8~dev164-6.27.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-nova-x86_64-18.3.1~dev82-3.27.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-octavia-x86_64-3.2.3~dev7-4.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-sahara-x86_64-9.0.2~dev15-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-swift-x86_64-2.19.2~dev48-2.18.1.noarch", "SUSE OpenStack Cloud Crowbar 9:cassandra-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud Crowbar 9:cassandra-tools-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud Crowbar 9:crowbar-openstack-6.0+git.1616146717.a89ae0f4e-3.34.4.noarch", "SUSE OpenStack Cloud Crowbar 9:grafana-6.7.4-3.23.2.x86_64", "SUSE OpenStack Cloud Crowbar 9:kibana-4.6.6-4.9.2.x86_64", "SUSE OpenStack Cloud Crowbar 9:openstack-dashboard-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-api-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-conductor-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-dhcp-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-ha-tool-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-l3-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-linuxbridge-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-macvtap-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-metadata-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-metering-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-openvswitch-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-server-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-cells-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-compute-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-conductor-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-console-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-novncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-placement-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-scheduler-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-serialproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-vncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-Django1-1.11.29-3.25.1.noarch", "SUSE OpenStack Cloud Crowbar 9:python-elementpath-1.3.1-1.3.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-horizon-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud Crowbar 9:python-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-openstack_auth-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-py-1.5.4-3.3.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-pysaml2-4.5.0-4.6.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-xmlschema-1.0.18-1.3.2.noarch", "SUSE OpenStack Cloud Crowbar 9:ruby2.1-rubygem-activerecord-session_store-0.1.2-4.3.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "SUSE OpenStack Cloud 9:ardana-neutron-9.0+git.1615223676.777f0b3-3.25.2.noarch", "SUSE OpenStack Cloud 9:ardana-swift-9.0+git.1618235096.90974ed-3.10.2.noarch", "SUSE OpenStack Cloud 9:cassandra-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud 9:cassandra-tools-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud 9:grafana-6.7.4-3.23.2.x86_64", "SUSE OpenStack Cloud 9:kibana-4.6.6-4.9.2.x86_64", "SUSE OpenStack Cloud 9:openstack-dashboard-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-api-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-conductor-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-dhcp-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-ha-tool-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-l3-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-linuxbridge-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-macvtap-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-metadata-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-metering-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-openvswitch-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-server-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-cells-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-compute-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-conductor-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-console-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-novncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-placement-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-scheduler-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-serialproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-vncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:python-Django1-1.11.29-3.25.1.noarch", "SUSE OpenStack Cloud 9:python-elementpath-1.3.1-1.3.2.noarch", "SUSE OpenStack Cloud 9:python-horizon-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud 9:python-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:python-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:python-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud 9:python-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:python-openstack_auth-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud 9:python-py-1.5.4-3.3.2.noarch", "SUSE OpenStack Cloud 9:python-pysaml2-4.5.0-4.6.2.noarch", "SUSE OpenStack Cloud 9:python-xmlschema-1.0.18-1.3.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-barbican-x86_64-7.0.1~dev24-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-cinder-x86_64-13.0.10~dev20-3.26.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-designate-x86_64-7.0.2~dev2-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-glance-x86_64-17.0.1~dev30-3.21.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-heat-x86_64-11.0.4~dev4-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-horizon-x86_64-14.1.1~dev11-4.27.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-ironic-x86_64-11.1.5~dev17-4.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-keystone-x86_64-14.2.1~dev4-3.24.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-magnum-x86_64-7.2.1~dev1-4.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-manila-x86_64-7.4.2~dev60-3.29.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-monasca-ceilometer-x86_64-1.8.2~dev3-3.23.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-monasca-x86_64-2.7.1~dev10-3.21.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-neutron-x86_64-13.0.8~dev164-6.27.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-nova-x86_64-18.3.1~dev82-3.27.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-octavia-x86_64-3.2.3~dev7-4.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-sahara-x86_64-9.0.2~dev15-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-swift-x86_64-2.19.2~dev48-2.18.1.noarch", "SUSE OpenStack Cloud Crowbar 9:cassandra-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud Crowbar 9:cassandra-tools-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud Crowbar 9:crowbar-openstack-6.0+git.1616146717.a89ae0f4e-3.34.4.noarch", "SUSE OpenStack Cloud Crowbar 9:grafana-6.7.4-3.23.2.x86_64", "SUSE OpenStack Cloud Crowbar 9:kibana-4.6.6-4.9.2.x86_64", "SUSE OpenStack Cloud Crowbar 9:openstack-dashboard-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-api-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-conductor-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-dhcp-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-ha-tool-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-l3-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-linuxbridge-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-macvtap-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-metadata-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-metering-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-openvswitch-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-server-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-cells-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-compute-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-conductor-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-console-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-novncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-placement-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-scheduler-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-serialproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-vncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-Django1-1.11.29-3.25.1.noarch", "SUSE OpenStack Cloud Crowbar 9:python-elementpath-1.3.1-1.3.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-horizon-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud Crowbar 9:python-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-openstack_auth-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-py-1.5.4-3.3.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-pysaml2-4.5.0-4.6.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-xmlschema-1.0.18-1.3.2.noarch", "SUSE OpenStack Cloud Crowbar 9:ruby2.1-rubygem-activerecord-session_store-0.1.2-4.3.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2021-06-11T13:13:53Z", details: "moderate", }, ], title: "CVE-2020-17516", }, { cve: "CVE-2020-24303", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-24303", }, ], notes: [ { category: "general", text: "Grafana before 7.1.0-beta 1 allows XSS via a query alias for the ElasticSearch datasource.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE OpenStack Cloud 9:ardana-neutron-9.0+git.1615223676.777f0b3-3.25.2.noarch", "SUSE OpenStack Cloud 9:ardana-swift-9.0+git.1618235096.90974ed-3.10.2.noarch", "SUSE OpenStack Cloud 9:cassandra-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud 9:cassandra-tools-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud 9:grafana-6.7.4-3.23.2.x86_64", "SUSE OpenStack Cloud 9:kibana-4.6.6-4.9.2.x86_64", "SUSE OpenStack Cloud 9:openstack-dashboard-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-api-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-conductor-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-dhcp-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-ha-tool-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-l3-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-linuxbridge-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-macvtap-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-metadata-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-metering-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-openvswitch-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-server-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-cells-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-compute-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-conductor-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-console-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-novncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-placement-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-scheduler-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-serialproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-vncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:python-Django1-1.11.29-3.25.1.noarch", "SUSE OpenStack Cloud 9:python-elementpath-1.3.1-1.3.2.noarch", "SUSE OpenStack Cloud 9:python-horizon-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud 9:python-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:python-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:python-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud 9:python-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:python-openstack_auth-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud 9:python-py-1.5.4-3.3.2.noarch", "SUSE OpenStack Cloud 9:python-pysaml2-4.5.0-4.6.2.noarch", "SUSE OpenStack Cloud 9:python-xmlschema-1.0.18-1.3.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-barbican-x86_64-7.0.1~dev24-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-cinder-x86_64-13.0.10~dev20-3.26.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-designate-x86_64-7.0.2~dev2-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-glance-x86_64-17.0.1~dev30-3.21.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-heat-x86_64-11.0.4~dev4-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-horizon-x86_64-14.1.1~dev11-4.27.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-ironic-x86_64-11.1.5~dev17-4.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-keystone-x86_64-14.2.1~dev4-3.24.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-magnum-x86_64-7.2.1~dev1-4.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-manila-x86_64-7.4.2~dev60-3.29.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-monasca-ceilometer-x86_64-1.8.2~dev3-3.23.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-monasca-x86_64-2.7.1~dev10-3.21.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-neutron-x86_64-13.0.8~dev164-6.27.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-nova-x86_64-18.3.1~dev82-3.27.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-octavia-x86_64-3.2.3~dev7-4.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-sahara-x86_64-9.0.2~dev15-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-swift-x86_64-2.19.2~dev48-2.18.1.noarch", "SUSE OpenStack Cloud Crowbar 9:cassandra-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud Crowbar 9:cassandra-tools-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud Crowbar 9:crowbar-openstack-6.0+git.1616146717.a89ae0f4e-3.34.4.noarch", "SUSE OpenStack Cloud Crowbar 9:grafana-6.7.4-3.23.2.x86_64", "SUSE OpenStack Cloud Crowbar 9:kibana-4.6.6-4.9.2.x86_64", "SUSE OpenStack Cloud Crowbar 9:openstack-dashboard-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-api-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-conductor-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-dhcp-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-ha-tool-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-l3-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-linuxbridge-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-macvtap-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-metadata-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-metering-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-openvswitch-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-server-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-cells-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-compute-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-conductor-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-console-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-novncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-placement-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-scheduler-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-serialproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-vncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-Django1-1.11.29-3.25.1.noarch", "SUSE OpenStack Cloud Crowbar 9:python-elementpath-1.3.1-1.3.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-horizon-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud Crowbar 9:python-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-openstack_auth-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-py-1.5.4-3.3.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-pysaml2-4.5.0-4.6.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-xmlschema-1.0.18-1.3.2.noarch", "SUSE OpenStack Cloud Crowbar 9:ruby2.1-rubygem-activerecord-session_store-0.1.2-4.3.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-24303", url: "https://www.suse.com/security/cve/CVE-2020-24303", }, { category: "external", summary: "SUSE Bug 1178243 for CVE-2020-24303", url: "https://bugzilla.suse.com/1178243", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE OpenStack Cloud 9:ardana-neutron-9.0+git.1615223676.777f0b3-3.25.2.noarch", "SUSE OpenStack Cloud 9:ardana-swift-9.0+git.1618235096.90974ed-3.10.2.noarch", "SUSE OpenStack Cloud 9:cassandra-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud 9:cassandra-tools-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud 9:grafana-6.7.4-3.23.2.x86_64", "SUSE OpenStack Cloud 9:kibana-4.6.6-4.9.2.x86_64", "SUSE OpenStack Cloud 9:openstack-dashboard-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-api-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-conductor-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-dhcp-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-ha-tool-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-l3-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-linuxbridge-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-macvtap-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-metadata-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-metering-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-openvswitch-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-server-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-cells-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-compute-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-conductor-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-console-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-novncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-placement-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-scheduler-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-serialproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-vncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:python-Django1-1.11.29-3.25.1.noarch", "SUSE OpenStack Cloud 9:python-elementpath-1.3.1-1.3.2.noarch", "SUSE OpenStack Cloud 9:python-horizon-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud 9:python-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:python-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:python-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud 9:python-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:python-openstack_auth-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud 9:python-py-1.5.4-3.3.2.noarch", "SUSE OpenStack Cloud 9:python-pysaml2-4.5.0-4.6.2.noarch", "SUSE OpenStack Cloud 9:python-xmlschema-1.0.18-1.3.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-barbican-x86_64-7.0.1~dev24-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-cinder-x86_64-13.0.10~dev20-3.26.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-designate-x86_64-7.0.2~dev2-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-glance-x86_64-17.0.1~dev30-3.21.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-heat-x86_64-11.0.4~dev4-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-horizon-x86_64-14.1.1~dev11-4.27.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-ironic-x86_64-11.1.5~dev17-4.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-keystone-x86_64-14.2.1~dev4-3.24.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-magnum-x86_64-7.2.1~dev1-4.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-manila-x86_64-7.4.2~dev60-3.29.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-monasca-ceilometer-x86_64-1.8.2~dev3-3.23.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-monasca-x86_64-2.7.1~dev10-3.21.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-neutron-x86_64-13.0.8~dev164-6.27.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-nova-x86_64-18.3.1~dev82-3.27.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-octavia-x86_64-3.2.3~dev7-4.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-sahara-x86_64-9.0.2~dev15-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-swift-x86_64-2.19.2~dev48-2.18.1.noarch", "SUSE OpenStack Cloud Crowbar 9:cassandra-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud Crowbar 9:cassandra-tools-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud Crowbar 9:crowbar-openstack-6.0+git.1616146717.a89ae0f4e-3.34.4.noarch", "SUSE OpenStack Cloud Crowbar 9:grafana-6.7.4-3.23.2.x86_64", "SUSE OpenStack Cloud Crowbar 9:kibana-4.6.6-4.9.2.x86_64", "SUSE OpenStack Cloud Crowbar 9:openstack-dashboard-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-api-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-conductor-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-dhcp-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-ha-tool-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-l3-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-linuxbridge-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-macvtap-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-metadata-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-metering-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-openvswitch-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-server-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-cells-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-compute-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-conductor-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-console-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-novncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-placement-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-scheduler-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-serialproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-vncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-Django1-1.11.29-3.25.1.noarch", "SUSE OpenStack Cloud Crowbar 9:python-elementpath-1.3.1-1.3.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-horizon-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud Crowbar 9:python-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-openstack_auth-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-py-1.5.4-3.3.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-pysaml2-4.5.0-4.6.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-xmlschema-1.0.18-1.3.2.noarch", "SUSE OpenStack Cloud Crowbar 9:ruby2.1-rubygem-activerecord-session_store-0.1.2-4.3.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, products: [ "SUSE OpenStack Cloud 9:ardana-neutron-9.0+git.1615223676.777f0b3-3.25.2.noarch", "SUSE OpenStack Cloud 9:ardana-swift-9.0+git.1618235096.90974ed-3.10.2.noarch", "SUSE OpenStack Cloud 9:cassandra-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud 9:cassandra-tools-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud 9:grafana-6.7.4-3.23.2.x86_64", "SUSE OpenStack Cloud 9:kibana-4.6.6-4.9.2.x86_64", "SUSE OpenStack Cloud 9:openstack-dashboard-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-api-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-conductor-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-dhcp-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-ha-tool-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-l3-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-linuxbridge-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-macvtap-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-metadata-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-metering-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-openvswitch-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-server-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-cells-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-compute-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-conductor-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-console-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-novncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-placement-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-scheduler-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-serialproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-vncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:python-Django1-1.11.29-3.25.1.noarch", "SUSE OpenStack Cloud 9:python-elementpath-1.3.1-1.3.2.noarch", "SUSE OpenStack Cloud 9:python-horizon-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud 9:python-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:python-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:python-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud 9:python-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:python-openstack_auth-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud 9:python-py-1.5.4-3.3.2.noarch", "SUSE OpenStack Cloud 9:python-pysaml2-4.5.0-4.6.2.noarch", "SUSE OpenStack Cloud 9:python-xmlschema-1.0.18-1.3.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-barbican-x86_64-7.0.1~dev24-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-cinder-x86_64-13.0.10~dev20-3.26.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-designate-x86_64-7.0.2~dev2-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-glance-x86_64-17.0.1~dev30-3.21.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-heat-x86_64-11.0.4~dev4-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-horizon-x86_64-14.1.1~dev11-4.27.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-ironic-x86_64-11.1.5~dev17-4.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-keystone-x86_64-14.2.1~dev4-3.24.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-magnum-x86_64-7.2.1~dev1-4.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-manila-x86_64-7.4.2~dev60-3.29.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-monasca-ceilometer-x86_64-1.8.2~dev3-3.23.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-monasca-x86_64-2.7.1~dev10-3.21.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-neutron-x86_64-13.0.8~dev164-6.27.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-nova-x86_64-18.3.1~dev82-3.27.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-octavia-x86_64-3.2.3~dev7-4.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-sahara-x86_64-9.0.2~dev15-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-swift-x86_64-2.19.2~dev48-2.18.1.noarch", "SUSE OpenStack Cloud Crowbar 9:cassandra-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud Crowbar 9:cassandra-tools-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud Crowbar 9:crowbar-openstack-6.0+git.1616146717.a89ae0f4e-3.34.4.noarch", "SUSE OpenStack Cloud Crowbar 9:grafana-6.7.4-3.23.2.x86_64", "SUSE OpenStack Cloud Crowbar 9:kibana-4.6.6-4.9.2.x86_64", "SUSE OpenStack Cloud Crowbar 9:openstack-dashboard-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-api-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-conductor-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-dhcp-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-ha-tool-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-l3-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-linuxbridge-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-macvtap-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-metadata-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-metering-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-openvswitch-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-server-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-cells-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-compute-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-conductor-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-console-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-novncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-placement-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-scheduler-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-serialproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-vncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-Django1-1.11.29-3.25.1.noarch", "SUSE OpenStack Cloud Crowbar 9:python-elementpath-1.3.1-1.3.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-horizon-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud Crowbar 9:python-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-openstack_auth-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-py-1.5.4-3.3.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-pysaml2-4.5.0-4.6.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-xmlschema-1.0.18-1.3.2.noarch", "SUSE OpenStack Cloud Crowbar 9:ruby2.1-rubygem-activerecord-session_store-0.1.2-4.3.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2021-06-11T13:13:53Z", details: "moderate", }, ], title: "CVE-2020-24303", }, { cve: "CVE-2020-29651", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-29651", }, ], notes: [ { category: "general", text: "A denial of service via regular expression in the py.path.svnwc component of py (aka python-py) through 1.9.0 could be used by attackers to cause a compute-time denial of service attack by supplying malicious input to the blame functionality.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE OpenStack Cloud 9:ardana-neutron-9.0+git.1615223676.777f0b3-3.25.2.noarch", "SUSE OpenStack Cloud 9:ardana-swift-9.0+git.1618235096.90974ed-3.10.2.noarch", "SUSE OpenStack Cloud 9:cassandra-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud 9:cassandra-tools-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud 9:grafana-6.7.4-3.23.2.x86_64", "SUSE OpenStack Cloud 9:kibana-4.6.6-4.9.2.x86_64", "SUSE OpenStack Cloud 9:openstack-dashboard-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-api-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-conductor-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-dhcp-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-ha-tool-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-l3-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-linuxbridge-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-macvtap-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-metadata-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-metering-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-openvswitch-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-server-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-cells-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-compute-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-conductor-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-console-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-novncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-placement-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-scheduler-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-serialproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-vncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:python-Django1-1.11.29-3.25.1.noarch", "SUSE OpenStack Cloud 9:python-elementpath-1.3.1-1.3.2.noarch", "SUSE OpenStack Cloud 9:python-horizon-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud 9:python-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:python-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:python-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud 9:python-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:python-openstack_auth-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud 9:python-py-1.5.4-3.3.2.noarch", "SUSE OpenStack Cloud 9:python-pysaml2-4.5.0-4.6.2.noarch", "SUSE OpenStack Cloud 9:python-xmlschema-1.0.18-1.3.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-barbican-x86_64-7.0.1~dev24-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-cinder-x86_64-13.0.10~dev20-3.26.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-designate-x86_64-7.0.2~dev2-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-glance-x86_64-17.0.1~dev30-3.21.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-heat-x86_64-11.0.4~dev4-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-horizon-x86_64-14.1.1~dev11-4.27.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-ironic-x86_64-11.1.5~dev17-4.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-keystone-x86_64-14.2.1~dev4-3.24.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-magnum-x86_64-7.2.1~dev1-4.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-manila-x86_64-7.4.2~dev60-3.29.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-monasca-ceilometer-x86_64-1.8.2~dev3-3.23.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-monasca-x86_64-2.7.1~dev10-3.21.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-neutron-x86_64-13.0.8~dev164-6.27.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-nova-x86_64-18.3.1~dev82-3.27.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-octavia-x86_64-3.2.3~dev7-4.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-sahara-x86_64-9.0.2~dev15-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-swift-x86_64-2.19.2~dev48-2.18.1.noarch", "SUSE OpenStack Cloud Crowbar 9:cassandra-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud Crowbar 9:cassandra-tools-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud Crowbar 9:crowbar-openstack-6.0+git.1616146717.a89ae0f4e-3.34.4.noarch", "SUSE OpenStack Cloud Crowbar 9:grafana-6.7.4-3.23.2.x86_64", "SUSE OpenStack Cloud Crowbar 9:kibana-4.6.6-4.9.2.x86_64", "SUSE OpenStack Cloud Crowbar 9:openstack-dashboard-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-api-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-conductor-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-dhcp-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-ha-tool-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-l3-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-linuxbridge-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-macvtap-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-metadata-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-metering-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-openvswitch-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-server-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-cells-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-compute-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-conductor-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-console-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-novncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-placement-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-scheduler-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-serialproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-vncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-Django1-1.11.29-3.25.1.noarch", "SUSE OpenStack Cloud Crowbar 9:python-elementpath-1.3.1-1.3.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-horizon-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud Crowbar 9:python-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-openstack_auth-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-py-1.5.4-3.3.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-pysaml2-4.5.0-4.6.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-xmlschema-1.0.18-1.3.2.noarch", "SUSE OpenStack Cloud Crowbar 9:ruby2.1-rubygem-activerecord-session_store-0.1.2-4.3.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-29651", url: "https://www.suse.com/security/cve/CVE-2020-29651", }, { category: "external", summary: "SUSE Bug 1179805 for CVE-2020-29651", url: "https://bugzilla.suse.com/1179805", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE OpenStack Cloud 9:ardana-neutron-9.0+git.1615223676.777f0b3-3.25.2.noarch", "SUSE OpenStack Cloud 9:ardana-swift-9.0+git.1618235096.90974ed-3.10.2.noarch", "SUSE OpenStack Cloud 9:cassandra-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud 9:cassandra-tools-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud 9:grafana-6.7.4-3.23.2.x86_64", "SUSE OpenStack Cloud 9:kibana-4.6.6-4.9.2.x86_64", "SUSE OpenStack Cloud 9:openstack-dashboard-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-api-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-conductor-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-dhcp-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-ha-tool-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-l3-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-linuxbridge-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-macvtap-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-metadata-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-metering-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-openvswitch-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-server-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-cells-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-compute-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-conductor-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-console-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-novncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-placement-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-scheduler-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-serialproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-vncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:python-Django1-1.11.29-3.25.1.noarch", "SUSE OpenStack Cloud 9:python-elementpath-1.3.1-1.3.2.noarch", "SUSE OpenStack Cloud 9:python-horizon-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud 9:python-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:python-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:python-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud 9:python-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:python-openstack_auth-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud 9:python-py-1.5.4-3.3.2.noarch", "SUSE OpenStack Cloud 9:python-pysaml2-4.5.0-4.6.2.noarch", "SUSE OpenStack Cloud 9:python-xmlschema-1.0.18-1.3.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-barbican-x86_64-7.0.1~dev24-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-cinder-x86_64-13.0.10~dev20-3.26.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-designate-x86_64-7.0.2~dev2-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-glance-x86_64-17.0.1~dev30-3.21.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-heat-x86_64-11.0.4~dev4-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-horizon-x86_64-14.1.1~dev11-4.27.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-ironic-x86_64-11.1.5~dev17-4.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-keystone-x86_64-14.2.1~dev4-3.24.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-magnum-x86_64-7.2.1~dev1-4.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-manila-x86_64-7.4.2~dev60-3.29.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-monasca-ceilometer-x86_64-1.8.2~dev3-3.23.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-monasca-x86_64-2.7.1~dev10-3.21.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-neutron-x86_64-13.0.8~dev164-6.27.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-nova-x86_64-18.3.1~dev82-3.27.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-octavia-x86_64-3.2.3~dev7-4.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-sahara-x86_64-9.0.2~dev15-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-swift-x86_64-2.19.2~dev48-2.18.1.noarch", "SUSE OpenStack Cloud Crowbar 9:cassandra-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud Crowbar 9:cassandra-tools-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud Crowbar 9:crowbar-openstack-6.0+git.1616146717.a89ae0f4e-3.34.4.noarch", "SUSE OpenStack Cloud Crowbar 9:grafana-6.7.4-3.23.2.x86_64", "SUSE OpenStack Cloud Crowbar 9:kibana-4.6.6-4.9.2.x86_64", "SUSE OpenStack Cloud Crowbar 9:openstack-dashboard-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-api-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-conductor-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-dhcp-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-ha-tool-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-l3-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-linuxbridge-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-macvtap-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-metadata-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-metering-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-openvswitch-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-server-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-cells-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-compute-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-conductor-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-console-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-novncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-placement-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-scheduler-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-serialproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-vncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-Django1-1.11.29-3.25.1.noarch", "SUSE OpenStack Cloud Crowbar 9:python-elementpath-1.3.1-1.3.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-horizon-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud Crowbar 9:python-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-openstack_auth-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-py-1.5.4-3.3.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-pysaml2-4.5.0-4.6.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-xmlschema-1.0.18-1.3.2.noarch", "SUSE OpenStack Cloud Crowbar 9:ruby2.1-rubygem-activerecord-session_store-0.1.2-4.3.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE OpenStack Cloud 9:ardana-neutron-9.0+git.1615223676.777f0b3-3.25.2.noarch", "SUSE OpenStack Cloud 9:ardana-swift-9.0+git.1618235096.90974ed-3.10.2.noarch", "SUSE OpenStack Cloud 9:cassandra-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud 9:cassandra-tools-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud 9:grafana-6.7.4-3.23.2.x86_64", "SUSE OpenStack Cloud 9:kibana-4.6.6-4.9.2.x86_64", "SUSE OpenStack Cloud 9:openstack-dashboard-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-api-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-conductor-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-dhcp-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-ha-tool-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-l3-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-linuxbridge-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-macvtap-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-metadata-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-metering-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-openvswitch-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-server-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-cells-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-compute-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-conductor-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-console-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-novncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-placement-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-scheduler-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-serialproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-vncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:python-Django1-1.11.29-3.25.1.noarch", "SUSE OpenStack Cloud 9:python-elementpath-1.3.1-1.3.2.noarch", "SUSE OpenStack Cloud 9:python-horizon-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud 9:python-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:python-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:python-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud 9:python-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:python-openstack_auth-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud 9:python-py-1.5.4-3.3.2.noarch", "SUSE OpenStack Cloud 9:python-pysaml2-4.5.0-4.6.2.noarch", "SUSE OpenStack Cloud 9:python-xmlschema-1.0.18-1.3.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-barbican-x86_64-7.0.1~dev24-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-cinder-x86_64-13.0.10~dev20-3.26.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-designate-x86_64-7.0.2~dev2-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-glance-x86_64-17.0.1~dev30-3.21.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-heat-x86_64-11.0.4~dev4-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-horizon-x86_64-14.1.1~dev11-4.27.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-ironic-x86_64-11.1.5~dev17-4.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-keystone-x86_64-14.2.1~dev4-3.24.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-magnum-x86_64-7.2.1~dev1-4.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-manila-x86_64-7.4.2~dev60-3.29.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-monasca-ceilometer-x86_64-1.8.2~dev3-3.23.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-monasca-x86_64-2.7.1~dev10-3.21.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-neutron-x86_64-13.0.8~dev164-6.27.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-nova-x86_64-18.3.1~dev82-3.27.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-octavia-x86_64-3.2.3~dev7-4.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-sahara-x86_64-9.0.2~dev15-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-swift-x86_64-2.19.2~dev48-2.18.1.noarch", "SUSE OpenStack Cloud Crowbar 9:cassandra-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud Crowbar 9:cassandra-tools-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud Crowbar 9:crowbar-openstack-6.0+git.1616146717.a89ae0f4e-3.34.4.noarch", "SUSE OpenStack Cloud Crowbar 9:grafana-6.7.4-3.23.2.x86_64", "SUSE OpenStack Cloud Crowbar 9:kibana-4.6.6-4.9.2.x86_64", "SUSE OpenStack Cloud Crowbar 9:openstack-dashboard-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-api-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-conductor-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-dhcp-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-ha-tool-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-l3-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-linuxbridge-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-macvtap-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-metadata-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-metering-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-openvswitch-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-server-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-cells-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-compute-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-conductor-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-console-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-novncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-placement-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-scheduler-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-serialproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-vncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-Django1-1.11.29-3.25.1.noarch", "SUSE OpenStack Cloud Crowbar 9:python-elementpath-1.3.1-1.3.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-horizon-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud Crowbar 9:python-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-openstack_auth-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-py-1.5.4-3.3.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-pysaml2-4.5.0-4.6.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-xmlschema-1.0.18-1.3.2.noarch", "SUSE OpenStack Cloud Crowbar 9:ruby2.1-rubygem-activerecord-session_store-0.1.2-4.3.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2021-06-11T13:13:53Z", details: "moderate", }, ], title: "CVE-2020-29651", }, { cve: "CVE-2021-21238", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-21238", }, ], notes: [ { category: "general", text: "PySAML2 is a pure python implementation of SAML Version 2 Standard. PySAML2 before 6.5.0 has an improper verification of cryptographic signature vulnerability. All users of pysaml2 that need to validate signed SAML documents are impacted. The vulnerability is a variant of XML Signature wrapping because it did not validate the SAML document against an XML schema. This allowed invalid XML documents to be processed and such a document can trick pysaml2 with a wrapped signature. This is fixed in PySAML2 6.5.0.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE OpenStack Cloud 9:ardana-neutron-9.0+git.1615223676.777f0b3-3.25.2.noarch", "SUSE OpenStack Cloud 9:ardana-swift-9.0+git.1618235096.90974ed-3.10.2.noarch", "SUSE OpenStack Cloud 9:cassandra-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud 9:cassandra-tools-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud 9:grafana-6.7.4-3.23.2.x86_64", "SUSE OpenStack Cloud 9:kibana-4.6.6-4.9.2.x86_64", "SUSE OpenStack Cloud 9:openstack-dashboard-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-api-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-conductor-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-dhcp-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-ha-tool-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-l3-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-linuxbridge-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-macvtap-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-metadata-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-metering-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-openvswitch-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-server-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-cells-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-compute-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-conductor-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-console-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-novncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-placement-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-scheduler-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-serialproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-vncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:python-Django1-1.11.29-3.25.1.noarch", "SUSE OpenStack Cloud 9:python-elementpath-1.3.1-1.3.2.noarch", "SUSE OpenStack Cloud 9:python-horizon-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud 9:python-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:python-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:python-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud 9:python-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:python-openstack_auth-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud 9:python-py-1.5.4-3.3.2.noarch", "SUSE OpenStack Cloud 9:python-pysaml2-4.5.0-4.6.2.noarch", "SUSE OpenStack Cloud 9:python-xmlschema-1.0.18-1.3.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-barbican-x86_64-7.0.1~dev24-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-cinder-x86_64-13.0.10~dev20-3.26.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-designate-x86_64-7.0.2~dev2-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-glance-x86_64-17.0.1~dev30-3.21.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-heat-x86_64-11.0.4~dev4-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-horizon-x86_64-14.1.1~dev11-4.27.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-ironic-x86_64-11.1.5~dev17-4.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-keystone-x86_64-14.2.1~dev4-3.24.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-magnum-x86_64-7.2.1~dev1-4.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-manila-x86_64-7.4.2~dev60-3.29.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-monasca-ceilometer-x86_64-1.8.2~dev3-3.23.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-monasca-x86_64-2.7.1~dev10-3.21.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-neutron-x86_64-13.0.8~dev164-6.27.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-nova-x86_64-18.3.1~dev82-3.27.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-octavia-x86_64-3.2.3~dev7-4.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-sahara-x86_64-9.0.2~dev15-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-swift-x86_64-2.19.2~dev48-2.18.1.noarch", "SUSE OpenStack Cloud Crowbar 9:cassandra-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud Crowbar 9:cassandra-tools-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud Crowbar 9:crowbar-openstack-6.0+git.1616146717.a89ae0f4e-3.34.4.noarch", "SUSE OpenStack Cloud Crowbar 9:grafana-6.7.4-3.23.2.x86_64", "SUSE OpenStack Cloud Crowbar 9:kibana-4.6.6-4.9.2.x86_64", "SUSE OpenStack Cloud Crowbar 9:openstack-dashboard-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-api-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-conductor-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-dhcp-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-ha-tool-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-l3-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-linuxbridge-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-macvtap-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-metadata-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-metering-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-openvswitch-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-server-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-cells-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-compute-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-conductor-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-console-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-novncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-placement-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-scheduler-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-serialproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-vncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-Django1-1.11.29-3.25.1.noarch", "SUSE OpenStack Cloud Crowbar 9:python-elementpath-1.3.1-1.3.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-horizon-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud Crowbar 9:python-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-openstack_auth-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-py-1.5.4-3.3.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-pysaml2-4.5.0-4.6.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-xmlschema-1.0.18-1.3.2.noarch", "SUSE OpenStack Cloud Crowbar 9:ruby2.1-rubygem-activerecord-session_store-0.1.2-4.3.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-21238", url: "https://www.suse.com/security/cve/CVE-2021-21238", }, { category: "external", summary: "SUSE Bug 1181277 for CVE-2021-21238", url: "https://bugzilla.suse.com/1181277", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE OpenStack Cloud 9:ardana-neutron-9.0+git.1615223676.777f0b3-3.25.2.noarch", "SUSE OpenStack Cloud 9:ardana-swift-9.0+git.1618235096.90974ed-3.10.2.noarch", "SUSE OpenStack Cloud 9:cassandra-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud 9:cassandra-tools-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud 9:grafana-6.7.4-3.23.2.x86_64", "SUSE OpenStack Cloud 9:kibana-4.6.6-4.9.2.x86_64", "SUSE OpenStack Cloud 9:openstack-dashboard-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-api-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-conductor-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-dhcp-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-ha-tool-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-l3-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-linuxbridge-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-macvtap-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-metadata-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-metering-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-openvswitch-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-server-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-cells-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-compute-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-conductor-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-console-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-novncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-placement-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-scheduler-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-serialproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-vncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:python-Django1-1.11.29-3.25.1.noarch", "SUSE OpenStack Cloud 9:python-elementpath-1.3.1-1.3.2.noarch", "SUSE OpenStack Cloud 9:python-horizon-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud 9:python-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:python-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:python-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud 9:python-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:python-openstack_auth-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud 9:python-py-1.5.4-3.3.2.noarch", "SUSE OpenStack Cloud 9:python-pysaml2-4.5.0-4.6.2.noarch", "SUSE OpenStack Cloud 9:python-xmlschema-1.0.18-1.3.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-barbican-x86_64-7.0.1~dev24-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-cinder-x86_64-13.0.10~dev20-3.26.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-designate-x86_64-7.0.2~dev2-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-glance-x86_64-17.0.1~dev30-3.21.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-heat-x86_64-11.0.4~dev4-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-horizon-x86_64-14.1.1~dev11-4.27.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-ironic-x86_64-11.1.5~dev17-4.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-keystone-x86_64-14.2.1~dev4-3.24.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-magnum-x86_64-7.2.1~dev1-4.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-manila-x86_64-7.4.2~dev60-3.29.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-monasca-ceilometer-x86_64-1.8.2~dev3-3.23.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-monasca-x86_64-2.7.1~dev10-3.21.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-neutron-x86_64-13.0.8~dev164-6.27.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-nova-x86_64-18.3.1~dev82-3.27.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-octavia-x86_64-3.2.3~dev7-4.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-sahara-x86_64-9.0.2~dev15-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-swift-x86_64-2.19.2~dev48-2.18.1.noarch", "SUSE OpenStack Cloud Crowbar 9:cassandra-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud Crowbar 9:cassandra-tools-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud Crowbar 9:crowbar-openstack-6.0+git.1616146717.a89ae0f4e-3.34.4.noarch", "SUSE OpenStack Cloud Crowbar 9:grafana-6.7.4-3.23.2.x86_64", "SUSE OpenStack Cloud Crowbar 9:kibana-4.6.6-4.9.2.x86_64", "SUSE OpenStack Cloud Crowbar 9:openstack-dashboard-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-api-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-conductor-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-dhcp-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-ha-tool-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-l3-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-linuxbridge-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-macvtap-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-metadata-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-metering-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-openvswitch-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-server-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-cells-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-compute-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-conductor-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-console-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-novncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-placement-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-scheduler-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-serialproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-vncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-Django1-1.11.29-3.25.1.noarch", "SUSE OpenStack Cloud Crowbar 9:python-elementpath-1.3.1-1.3.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-horizon-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud Crowbar 9:python-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-openstack_auth-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-py-1.5.4-3.3.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-pysaml2-4.5.0-4.6.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-xmlschema-1.0.18-1.3.2.noarch", "SUSE OpenStack Cloud Crowbar 9:ruby2.1-rubygem-activerecord-session_store-0.1.2-4.3.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", version: "3.1", }, products: [ "SUSE OpenStack Cloud 9:ardana-neutron-9.0+git.1615223676.777f0b3-3.25.2.noarch", "SUSE OpenStack Cloud 9:ardana-swift-9.0+git.1618235096.90974ed-3.10.2.noarch", "SUSE OpenStack Cloud 9:cassandra-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud 9:cassandra-tools-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud 9:grafana-6.7.4-3.23.2.x86_64", "SUSE OpenStack Cloud 9:kibana-4.6.6-4.9.2.x86_64", "SUSE OpenStack Cloud 9:openstack-dashboard-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-api-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-conductor-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-dhcp-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-ha-tool-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-l3-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-linuxbridge-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-macvtap-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-metadata-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-metering-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-openvswitch-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-server-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-cells-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-compute-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-conductor-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-console-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-novncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-placement-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-scheduler-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-serialproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-vncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:python-Django1-1.11.29-3.25.1.noarch", "SUSE OpenStack Cloud 9:python-elementpath-1.3.1-1.3.2.noarch", "SUSE OpenStack Cloud 9:python-horizon-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud 9:python-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:python-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:python-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud 9:python-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:python-openstack_auth-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud 9:python-py-1.5.4-3.3.2.noarch", "SUSE OpenStack Cloud 9:python-pysaml2-4.5.0-4.6.2.noarch", "SUSE OpenStack Cloud 9:python-xmlschema-1.0.18-1.3.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-barbican-x86_64-7.0.1~dev24-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-cinder-x86_64-13.0.10~dev20-3.26.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-designate-x86_64-7.0.2~dev2-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-glance-x86_64-17.0.1~dev30-3.21.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-heat-x86_64-11.0.4~dev4-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-horizon-x86_64-14.1.1~dev11-4.27.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-ironic-x86_64-11.1.5~dev17-4.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-keystone-x86_64-14.2.1~dev4-3.24.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-magnum-x86_64-7.2.1~dev1-4.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-manila-x86_64-7.4.2~dev60-3.29.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-monasca-ceilometer-x86_64-1.8.2~dev3-3.23.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-monasca-x86_64-2.7.1~dev10-3.21.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-neutron-x86_64-13.0.8~dev164-6.27.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-nova-x86_64-18.3.1~dev82-3.27.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-octavia-x86_64-3.2.3~dev7-4.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-sahara-x86_64-9.0.2~dev15-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-swift-x86_64-2.19.2~dev48-2.18.1.noarch", "SUSE OpenStack Cloud Crowbar 9:cassandra-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud Crowbar 9:cassandra-tools-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud Crowbar 9:crowbar-openstack-6.0+git.1616146717.a89ae0f4e-3.34.4.noarch", "SUSE OpenStack Cloud Crowbar 9:grafana-6.7.4-3.23.2.x86_64", "SUSE OpenStack Cloud Crowbar 9:kibana-4.6.6-4.9.2.x86_64", "SUSE OpenStack Cloud Crowbar 9:openstack-dashboard-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-api-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-conductor-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-dhcp-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-ha-tool-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-l3-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-linuxbridge-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-macvtap-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-metadata-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-metering-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-openvswitch-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-server-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-cells-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-compute-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-conductor-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-console-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-novncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-placement-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-scheduler-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-serialproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-vncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-Django1-1.11.29-3.25.1.noarch", "SUSE OpenStack Cloud Crowbar 9:python-elementpath-1.3.1-1.3.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-horizon-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud Crowbar 9:python-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-openstack_auth-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-py-1.5.4-3.3.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-pysaml2-4.5.0-4.6.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-xmlschema-1.0.18-1.3.2.noarch", "SUSE OpenStack Cloud Crowbar 9:ruby2.1-rubygem-activerecord-session_store-0.1.2-4.3.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2021-06-11T13:13:53Z", details: "moderate", }, ], title: "CVE-2021-21238", }, { cve: "CVE-2021-21239", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-21239", }, ], notes: [ { category: "general", text: "PySAML2 is a pure python implementation of SAML Version 2 Standard. PySAML2 before 6.5.0 has an improper verification of cryptographic signature vulnerability. Users of pysaml2 that use the default CryptoBackendXmlSec1 backend and need to verify signed SAML documents are impacted. PySAML2 does not ensure that a signed SAML document is correctly signed. The default CryptoBackendXmlSec1 backend is using the xmlsec1 binary to verify the signature of signed SAML documents, but by default xmlsec1 accepts any type of key found within the given document. xmlsec1 needs to be configured explicitly to only use only _x509 certificates_ for the verification process of the SAML document signature. This is fixed in PySAML2 6.5.0.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE OpenStack Cloud 9:ardana-neutron-9.0+git.1615223676.777f0b3-3.25.2.noarch", "SUSE OpenStack Cloud 9:ardana-swift-9.0+git.1618235096.90974ed-3.10.2.noarch", "SUSE OpenStack Cloud 9:cassandra-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud 9:cassandra-tools-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud 9:grafana-6.7.4-3.23.2.x86_64", "SUSE OpenStack Cloud 9:kibana-4.6.6-4.9.2.x86_64", "SUSE OpenStack Cloud 9:openstack-dashboard-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-api-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-conductor-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-dhcp-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-ha-tool-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-l3-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-linuxbridge-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-macvtap-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-metadata-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-metering-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-openvswitch-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-server-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-cells-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-compute-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-conductor-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-console-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-novncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-placement-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-scheduler-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-serialproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-vncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:python-Django1-1.11.29-3.25.1.noarch", "SUSE OpenStack Cloud 9:python-elementpath-1.3.1-1.3.2.noarch", "SUSE OpenStack Cloud 9:python-horizon-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud 9:python-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:python-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:python-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud 9:python-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:python-openstack_auth-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud 9:python-py-1.5.4-3.3.2.noarch", "SUSE OpenStack Cloud 9:python-pysaml2-4.5.0-4.6.2.noarch", "SUSE OpenStack Cloud 9:python-xmlschema-1.0.18-1.3.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-barbican-x86_64-7.0.1~dev24-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-cinder-x86_64-13.0.10~dev20-3.26.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-designate-x86_64-7.0.2~dev2-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-glance-x86_64-17.0.1~dev30-3.21.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-heat-x86_64-11.0.4~dev4-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-horizon-x86_64-14.1.1~dev11-4.27.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-ironic-x86_64-11.1.5~dev17-4.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-keystone-x86_64-14.2.1~dev4-3.24.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-magnum-x86_64-7.2.1~dev1-4.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-manila-x86_64-7.4.2~dev60-3.29.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-monasca-ceilometer-x86_64-1.8.2~dev3-3.23.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-monasca-x86_64-2.7.1~dev10-3.21.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-neutron-x86_64-13.0.8~dev164-6.27.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-nova-x86_64-18.3.1~dev82-3.27.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-octavia-x86_64-3.2.3~dev7-4.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-sahara-x86_64-9.0.2~dev15-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-swift-x86_64-2.19.2~dev48-2.18.1.noarch", "SUSE OpenStack Cloud Crowbar 9:cassandra-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud Crowbar 9:cassandra-tools-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud Crowbar 9:crowbar-openstack-6.0+git.1616146717.a89ae0f4e-3.34.4.noarch", "SUSE OpenStack Cloud Crowbar 9:grafana-6.7.4-3.23.2.x86_64", "SUSE OpenStack Cloud Crowbar 9:kibana-4.6.6-4.9.2.x86_64", "SUSE OpenStack Cloud Crowbar 9:openstack-dashboard-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-api-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-conductor-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-dhcp-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-ha-tool-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-l3-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-linuxbridge-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-macvtap-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-metadata-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-metering-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-openvswitch-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-server-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-cells-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-compute-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-conductor-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-console-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-novncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-placement-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-scheduler-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-serialproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-vncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-Django1-1.11.29-3.25.1.noarch", "SUSE OpenStack Cloud Crowbar 9:python-elementpath-1.3.1-1.3.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-horizon-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud Crowbar 9:python-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-openstack_auth-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-py-1.5.4-3.3.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-pysaml2-4.5.0-4.6.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-xmlschema-1.0.18-1.3.2.noarch", "SUSE OpenStack Cloud Crowbar 9:ruby2.1-rubygem-activerecord-session_store-0.1.2-4.3.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-21239", url: "https://www.suse.com/security/cve/CVE-2021-21239", }, { category: "external", summary: "SUSE Bug 1181278 for CVE-2021-21239", url: "https://bugzilla.suse.com/1181278", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE OpenStack Cloud 9:ardana-neutron-9.0+git.1615223676.777f0b3-3.25.2.noarch", "SUSE OpenStack Cloud 9:ardana-swift-9.0+git.1618235096.90974ed-3.10.2.noarch", "SUSE OpenStack Cloud 9:cassandra-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud 9:cassandra-tools-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud 9:grafana-6.7.4-3.23.2.x86_64", "SUSE OpenStack Cloud 9:kibana-4.6.6-4.9.2.x86_64", "SUSE OpenStack Cloud 9:openstack-dashboard-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-api-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-conductor-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-dhcp-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-ha-tool-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-l3-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-linuxbridge-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-macvtap-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-metadata-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-metering-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-openvswitch-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-server-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-cells-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-compute-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-conductor-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-console-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-novncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-placement-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-scheduler-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-serialproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-vncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:python-Django1-1.11.29-3.25.1.noarch", "SUSE OpenStack Cloud 9:python-elementpath-1.3.1-1.3.2.noarch", "SUSE OpenStack Cloud 9:python-horizon-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud 9:python-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:python-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:python-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud 9:python-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:python-openstack_auth-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud 9:python-py-1.5.4-3.3.2.noarch", "SUSE OpenStack Cloud 9:python-pysaml2-4.5.0-4.6.2.noarch", "SUSE OpenStack Cloud 9:python-xmlschema-1.0.18-1.3.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-barbican-x86_64-7.0.1~dev24-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-cinder-x86_64-13.0.10~dev20-3.26.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-designate-x86_64-7.0.2~dev2-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-glance-x86_64-17.0.1~dev30-3.21.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-heat-x86_64-11.0.4~dev4-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-horizon-x86_64-14.1.1~dev11-4.27.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-ironic-x86_64-11.1.5~dev17-4.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-keystone-x86_64-14.2.1~dev4-3.24.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-magnum-x86_64-7.2.1~dev1-4.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-manila-x86_64-7.4.2~dev60-3.29.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-monasca-ceilometer-x86_64-1.8.2~dev3-3.23.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-monasca-x86_64-2.7.1~dev10-3.21.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-neutron-x86_64-13.0.8~dev164-6.27.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-nova-x86_64-18.3.1~dev82-3.27.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-octavia-x86_64-3.2.3~dev7-4.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-sahara-x86_64-9.0.2~dev15-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-swift-x86_64-2.19.2~dev48-2.18.1.noarch", "SUSE OpenStack Cloud Crowbar 9:cassandra-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud Crowbar 9:cassandra-tools-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud Crowbar 9:crowbar-openstack-6.0+git.1616146717.a89ae0f4e-3.34.4.noarch", "SUSE OpenStack Cloud Crowbar 9:grafana-6.7.4-3.23.2.x86_64", "SUSE OpenStack Cloud Crowbar 9:kibana-4.6.6-4.9.2.x86_64", "SUSE OpenStack Cloud Crowbar 9:openstack-dashboard-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-api-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-conductor-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-dhcp-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-ha-tool-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-l3-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-linuxbridge-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-macvtap-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-metadata-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-metering-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-openvswitch-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-server-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-cells-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-compute-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-conductor-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-console-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-novncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-placement-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-scheduler-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-serialproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-vncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-Django1-1.11.29-3.25.1.noarch", "SUSE OpenStack Cloud Crowbar 9:python-elementpath-1.3.1-1.3.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-horizon-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud Crowbar 9:python-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-openstack_auth-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-py-1.5.4-3.3.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-pysaml2-4.5.0-4.6.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-xmlschema-1.0.18-1.3.2.noarch", "SUSE OpenStack Cloud Crowbar 9:ruby2.1-rubygem-activerecord-session_store-0.1.2-4.3.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", version: "3.1", }, products: [ "SUSE OpenStack Cloud 9:ardana-neutron-9.0+git.1615223676.777f0b3-3.25.2.noarch", "SUSE OpenStack Cloud 9:ardana-swift-9.0+git.1618235096.90974ed-3.10.2.noarch", "SUSE OpenStack Cloud 9:cassandra-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud 9:cassandra-tools-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud 9:grafana-6.7.4-3.23.2.x86_64", "SUSE OpenStack Cloud 9:kibana-4.6.6-4.9.2.x86_64", "SUSE OpenStack Cloud 9:openstack-dashboard-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-api-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-conductor-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-dhcp-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-ha-tool-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-l3-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-linuxbridge-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-macvtap-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-metadata-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-metering-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-openvswitch-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-server-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-cells-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-compute-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-conductor-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-console-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-novncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-placement-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-scheduler-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-serialproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-vncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:python-Django1-1.11.29-3.25.1.noarch", "SUSE OpenStack Cloud 9:python-elementpath-1.3.1-1.3.2.noarch", "SUSE OpenStack Cloud 9:python-horizon-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud 9:python-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:python-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:python-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud 9:python-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:python-openstack_auth-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud 9:python-py-1.5.4-3.3.2.noarch", "SUSE OpenStack Cloud 9:python-pysaml2-4.5.0-4.6.2.noarch", "SUSE OpenStack Cloud 9:python-xmlschema-1.0.18-1.3.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-barbican-x86_64-7.0.1~dev24-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-cinder-x86_64-13.0.10~dev20-3.26.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-designate-x86_64-7.0.2~dev2-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-glance-x86_64-17.0.1~dev30-3.21.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-heat-x86_64-11.0.4~dev4-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-horizon-x86_64-14.1.1~dev11-4.27.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-ironic-x86_64-11.1.5~dev17-4.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-keystone-x86_64-14.2.1~dev4-3.24.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-magnum-x86_64-7.2.1~dev1-4.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-manila-x86_64-7.4.2~dev60-3.29.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-monasca-ceilometer-x86_64-1.8.2~dev3-3.23.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-monasca-x86_64-2.7.1~dev10-3.21.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-neutron-x86_64-13.0.8~dev164-6.27.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-nova-x86_64-18.3.1~dev82-3.27.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-octavia-x86_64-3.2.3~dev7-4.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-sahara-x86_64-9.0.2~dev15-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-swift-x86_64-2.19.2~dev48-2.18.1.noarch", "SUSE OpenStack Cloud Crowbar 9:cassandra-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud Crowbar 9:cassandra-tools-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud Crowbar 9:crowbar-openstack-6.0+git.1616146717.a89ae0f4e-3.34.4.noarch", "SUSE OpenStack Cloud Crowbar 9:grafana-6.7.4-3.23.2.x86_64", "SUSE OpenStack Cloud Crowbar 9:kibana-4.6.6-4.9.2.x86_64", "SUSE OpenStack Cloud Crowbar 9:openstack-dashboard-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-api-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-conductor-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-dhcp-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-ha-tool-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-l3-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-linuxbridge-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-macvtap-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-metadata-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-metering-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-openvswitch-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-server-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-cells-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-compute-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-conductor-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-console-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-novncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-placement-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-scheduler-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-serialproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-vncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-Django1-1.11.29-3.25.1.noarch", "SUSE OpenStack Cloud Crowbar 9:python-elementpath-1.3.1-1.3.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-horizon-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud Crowbar 9:python-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-openstack_auth-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-py-1.5.4-3.3.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-pysaml2-4.5.0-4.6.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-xmlschema-1.0.18-1.3.2.noarch", "SUSE OpenStack Cloud Crowbar 9:ruby2.1-rubygem-activerecord-session_store-0.1.2-4.3.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2021-06-11T13:13:53Z", details: "moderate", }, ], title: "CVE-2021-21239", }, { cve: "CVE-2021-23336", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-23336", }, ], notes: [ { category: "general", text: "The package python/cpython from 0 and before 3.6.13, from 3.7.0 and before 3.7.10, from 3.8.0 and before 3.8.8, from 3.9.0 and before 3.9.2 are vulnerable to Web Cache Poisoning via urllib.parse.parse_qsl and urllib.parse.parse_qs by using a vector called parameter cloaking. When the attacker can separate query parameters using a semicolon (;), they can cause a difference in the interpretation of the request between the proxy (running with default configuration) and the server. This can result in malicious requests being cached as completely safe ones, as the proxy would usually not see the semicolon as a separator, and therefore would not include it in a cache key of an unkeyed parameter.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE OpenStack Cloud 9:ardana-neutron-9.0+git.1615223676.777f0b3-3.25.2.noarch", "SUSE OpenStack Cloud 9:ardana-swift-9.0+git.1618235096.90974ed-3.10.2.noarch", "SUSE OpenStack Cloud 9:cassandra-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud 9:cassandra-tools-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud 9:grafana-6.7.4-3.23.2.x86_64", "SUSE OpenStack Cloud 9:kibana-4.6.6-4.9.2.x86_64", "SUSE OpenStack Cloud 9:openstack-dashboard-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-api-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-conductor-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-dhcp-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-ha-tool-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-l3-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-linuxbridge-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-macvtap-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-metadata-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-metering-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-openvswitch-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-server-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-cells-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-compute-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-conductor-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-console-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-novncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-placement-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-scheduler-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-serialproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-vncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:python-Django1-1.11.29-3.25.1.noarch", "SUSE OpenStack Cloud 9:python-elementpath-1.3.1-1.3.2.noarch", "SUSE OpenStack Cloud 9:python-horizon-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud 9:python-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:python-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:python-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud 9:python-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:python-openstack_auth-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud 9:python-py-1.5.4-3.3.2.noarch", "SUSE OpenStack Cloud 9:python-pysaml2-4.5.0-4.6.2.noarch", "SUSE OpenStack Cloud 9:python-xmlschema-1.0.18-1.3.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-barbican-x86_64-7.0.1~dev24-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-cinder-x86_64-13.0.10~dev20-3.26.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-designate-x86_64-7.0.2~dev2-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-glance-x86_64-17.0.1~dev30-3.21.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-heat-x86_64-11.0.4~dev4-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-horizon-x86_64-14.1.1~dev11-4.27.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-ironic-x86_64-11.1.5~dev17-4.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-keystone-x86_64-14.2.1~dev4-3.24.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-magnum-x86_64-7.2.1~dev1-4.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-manila-x86_64-7.4.2~dev60-3.29.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-monasca-ceilometer-x86_64-1.8.2~dev3-3.23.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-monasca-x86_64-2.7.1~dev10-3.21.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-neutron-x86_64-13.0.8~dev164-6.27.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-nova-x86_64-18.3.1~dev82-3.27.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-octavia-x86_64-3.2.3~dev7-4.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-sahara-x86_64-9.0.2~dev15-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-swift-x86_64-2.19.2~dev48-2.18.1.noarch", "SUSE OpenStack Cloud Crowbar 9:cassandra-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud Crowbar 9:cassandra-tools-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud Crowbar 9:crowbar-openstack-6.0+git.1616146717.a89ae0f4e-3.34.4.noarch", "SUSE OpenStack Cloud Crowbar 9:grafana-6.7.4-3.23.2.x86_64", "SUSE OpenStack Cloud Crowbar 9:kibana-4.6.6-4.9.2.x86_64", "SUSE OpenStack Cloud Crowbar 9:openstack-dashboard-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-api-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-conductor-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-dhcp-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-ha-tool-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-l3-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-linuxbridge-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-macvtap-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-metadata-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-metering-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-openvswitch-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-server-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-cells-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-compute-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-conductor-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-console-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-novncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-placement-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-scheduler-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-serialproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-vncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-Django1-1.11.29-3.25.1.noarch", "SUSE OpenStack Cloud Crowbar 9:python-elementpath-1.3.1-1.3.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-horizon-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud Crowbar 9:python-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-openstack_auth-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-py-1.5.4-3.3.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-pysaml2-4.5.0-4.6.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-xmlschema-1.0.18-1.3.2.noarch", "SUSE OpenStack Cloud Crowbar 9:ruby2.1-rubygem-activerecord-session_store-0.1.2-4.3.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-23336", url: "https://www.suse.com/security/cve/CVE-2021-23336", }, { category: "external", summary: "SUSE Bug 1182179 for CVE-2021-23336", url: "https://bugzilla.suse.com/1182179", }, { category: "external", summary: "SUSE Bug 1182379 for CVE-2021-23336", url: "https://bugzilla.suse.com/1182379", }, { category: "external", summary: "SUSE Bug 1182433 for CVE-2021-23336", url: "https://bugzilla.suse.com/1182433", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE OpenStack Cloud 9:ardana-neutron-9.0+git.1615223676.777f0b3-3.25.2.noarch", "SUSE OpenStack Cloud 9:ardana-swift-9.0+git.1618235096.90974ed-3.10.2.noarch", "SUSE OpenStack Cloud 9:cassandra-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud 9:cassandra-tools-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud 9:grafana-6.7.4-3.23.2.x86_64", "SUSE OpenStack Cloud 9:kibana-4.6.6-4.9.2.x86_64", "SUSE OpenStack Cloud 9:openstack-dashboard-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-api-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-conductor-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-dhcp-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-ha-tool-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-l3-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-linuxbridge-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-macvtap-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-metadata-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-metering-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-openvswitch-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-server-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-cells-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-compute-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-conductor-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-console-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-novncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-placement-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-scheduler-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-serialproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-vncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:python-Django1-1.11.29-3.25.1.noarch", "SUSE OpenStack Cloud 9:python-elementpath-1.3.1-1.3.2.noarch", "SUSE OpenStack Cloud 9:python-horizon-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud 9:python-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:python-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:python-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud 9:python-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:python-openstack_auth-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud 9:python-py-1.5.4-3.3.2.noarch", "SUSE OpenStack Cloud 9:python-pysaml2-4.5.0-4.6.2.noarch", "SUSE OpenStack Cloud 9:python-xmlschema-1.0.18-1.3.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-barbican-x86_64-7.0.1~dev24-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-cinder-x86_64-13.0.10~dev20-3.26.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-designate-x86_64-7.0.2~dev2-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-glance-x86_64-17.0.1~dev30-3.21.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-heat-x86_64-11.0.4~dev4-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-horizon-x86_64-14.1.1~dev11-4.27.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-ironic-x86_64-11.1.5~dev17-4.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-keystone-x86_64-14.2.1~dev4-3.24.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-magnum-x86_64-7.2.1~dev1-4.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-manila-x86_64-7.4.2~dev60-3.29.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-monasca-ceilometer-x86_64-1.8.2~dev3-3.23.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-monasca-x86_64-2.7.1~dev10-3.21.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-neutron-x86_64-13.0.8~dev164-6.27.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-nova-x86_64-18.3.1~dev82-3.27.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-octavia-x86_64-3.2.3~dev7-4.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-sahara-x86_64-9.0.2~dev15-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-swift-x86_64-2.19.2~dev48-2.18.1.noarch", "SUSE OpenStack Cloud Crowbar 9:cassandra-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud Crowbar 9:cassandra-tools-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud Crowbar 9:crowbar-openstack-6.0+git.1616146717.a89ae0f4e-3.34.4.noarch", "SUSE OpenStack Cloud Crowbar 9:grafana-6.7.4-3.23.2.x86_64", "SUSE OpenStack Cloud Crowbar 9:kibana-4.6.6-4.9.2.x86_64", "SUSE OpenStack Cloud Crowbar 9:openstack-dashboard-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-api-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-conductor-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-dhcp-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-ha-tool-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-l3-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-linuxbridge-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-macvtap-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-metadata-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-metering-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-openvswitch-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-server-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-cells-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-compute-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-conductor-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-console-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-novncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-placement-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-scheduler-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-serialproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-vncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-Django1-1.11.29-3.25.1.noarch", "SUSE OpenStack Cloud Crowbar 9:python-elementpath-1.3.1-1.3.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-horizon-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud Crowbar 9:python-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-openstack_auth-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-py-1.5.4-3.3.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-pysaml2-4.5.0-4.6.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-xmlschema-1.0.18-1.3.2.noarch", "SUSE OpenStack Cloud Crowbar 9:ruby2.1-rubygem-activerecord-session_store-0.1.2-4.3.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:H", version: "3.1", }, products: [ "SUSE OpenStack Cloud 9:ardana-neutron-9.0+git.1615223676.777f0b3-3.25.2.noarch", "SUSE OpenStack Cloud 9:ardana-swift-9.0+git.1618235096.90974ed-3.10.2.noarch", "SUSE OpenStack Cloud 9:cassandra-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud 9:cassandra-tools-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud 9:grafana-6.7.4-3.23.2.x86_64", "SUSE OpenStack Cloud 9:kibana-4.6.6-4.9.2.x86_64", "SUSE OpenStack Cloud 9:openstack-dashboard-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-api-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-conductor-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-dhcp-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-ha-tool-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-l3-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-linuxbridge-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-macvtap-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-metadata-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-metering-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-openvswitch-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-server-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-cells-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-compute-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-conductor-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-console-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-novncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-placement-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-scheduler-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-serialproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-vncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:python-Django1-1.11.29-3.25.1.noarch", "SUSE OpenStack Cloud 9:python-elementpath-1.3.1-1.3.2.noarch", "SUSE OpenStack Cloud 9:python-horizon-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud 9:python-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:python-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:python-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud 9:python-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:python-openstack_auth-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud 9:python-py-1.5.4-3.3.2.noarch", "SUSE OpenStack Cloud 9:python-pysaml2-4.5.0-4.6.2.noarch", "SUSE OpenStack Cloud 9:python-xmlschema-1.0.18-1.3.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-barbican-x86_64-7.0.1~dev24-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-cinder-x86_64-13.0.10~dev20-3.26.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-designate-x86_64-7.0.2~dev2-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-glance-x86_64-17.0.1~dev30-3.21.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-heat-x86_64-11.0.4~dev4-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-horizon-x86_64-14.1.1~dev11-4.27.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-ironic-x86_64-11.1.5~dev17-4.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-keystone-x86_64-14.2.1~dev4-3.24.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-magnum-x86_64-7.2.1~dev1-4.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-manila-x86_64-7.4.2~dev60-3.29.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-monasca-ceilometer-x86_64-1.8.2~dev3-3.23.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-monasca-x86_64-2.7.1~dev10-3.21.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-neutron-x86_64-13.0.8~dev164-6.27.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-nova-x86_64-18.3.1~dev82-3.27.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-octavia-x86_64-3.2.3~dev7-4.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-sahara-x86_64-9.0.2~dev15-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-swift-x86_64-2.19.2~dev48-2.18.1.noarch", "SUSE OpenStack Cloud Crowbar 9:cassandra-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud Crowbar 9:cassandra-tools-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud Crowbar 9:crowbar-openstack-6.0+git.1616146717.a89ae0f4e-3.34.4.noarch", "SUSE OpenStack Cloud Crowbar 9:grafana-6.7.4-3.23.2.x86_64", "SUSE OpenStack Cloud Crowbar 9:kibana-4.6.6-4.9.2.x86_64", "SUSE OpenStack Cloud Crowbar 9:openstack-dashboard-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-api-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-conductor-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-dhcp-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-ha-tool-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-l3-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-linuxbridge-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-macvtap-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-metadata-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-metering-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-openvswitch-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-server-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-cells-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-compute-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-conductor-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-console-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-novncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-placement-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-scheduler-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-serialproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-vncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-Django1-1.11.29-3.25.1.noarch", "SUSE OpenStack Cloud Crowbar 9:python-elementpath-1.3.1-1.3.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-horizon-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud Crowbar 9:python-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-openstack_auth-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-py-1.5.4-3.3.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-pysaml2-4.5.0-4.6.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-xmlschema-1.0.18-1.3.2.noarch", "SUSE OpenStack Cloud Crowbar 9:ruby2.1-rubygem-activerecord-session_store-0.1.2-4.3.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2021-06-11T13:13:53Z", details: "moderate", }, ], title: "CVE-2021-23336", }, { cve: "CVE-2021-27358", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-27358", }, ], notes: [ { category: "general", text: "The snapshot feature in Grafana 6.7.3 through 7.4.1 can allow an unauthenticated remote attackers to trigger a Denial of Service via a remote API call if a commonly used configuration is set.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE OpenStack Cloud 9:ardana-neutron-9.0+git.1615223676.777f0b3-3.25.2.noarch", "SUSE OpenStack Cloud 9:ardana-swift-9.0+git.1618235096.90974ed-3.10.2.noarch", "SUSE OpenStack Cloud 9:cassandra-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud 9:cassandra-tools-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud 9:grafana-6.7.4-3.23.2.x86_64", "SUSE OpenStack Cloud 9:kibana-4.6.6-4.9.2.x86_64", "SUSE OpenStack Cloud 9:openstack-dashboard-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-api-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-conductor-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-dhcp-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-ha-tool-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-l3-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-linuxbridge-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-macvtap-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-metadata-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-metering-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-openvswitch-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-server-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-cells-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-compute-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-conductor-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-console-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-novncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-placement-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-scheduler-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-serialproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-vncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:python-Django1-1.11.29-3.25.1.noarch", "SUSE OpenStack Cloud 9:python-elementpath-1.3.1-1.3.2.noarch", "SUSE OpenStack Cloud 9:python-horizon-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud 9:python-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:python-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:python-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud 9:python-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:python-openstack_auth-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud 9:python-py-1.5.4-3.3.2.noarch", "SUSE OpenStack Cloud 9:python-pysaml2-4.5.0-4.6.2.noarch", "SUSE OpenStack Cloud 9:python-xmlschema-1.0.18-1.3.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-barbican-x86_64-7.0.1~dev24-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-cinder-x86_64-13.0.10~dev20-3.26.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-designate-x86_64-7.0.2~dev2-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-glance-x86_64-17.0.1~dev30-3.21.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-heat-x86_64-11.0.4~dev4-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-horizon-x86_64-14.1.1~dev11-4.27.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-ironic-x86_64-11.1.5~dev17-4.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-keystone-x86_64-14.2.1~dev4-3.24.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-magnum-x86_64-7.2.1~dev1-4.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-manila-x86_64-7.4.2~dev60-3.29.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-monasca-ceilometer-x86_64-1.8.2~dev3-3.23.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-monasca-x86_64-2.7.1~dev10-3.21.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-neutron-x86_64-13.0.8~dev164-6.27.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-nova-x86_64-18.3.1~dev82-3.27.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-octavia-x86_64-3.2.3~dev7-4.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-sahara-x86_64-9.0.2~dev15-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-swift-x86_64-2.19.2~dev48-2.18.1.noarch", "SUSE OpenStack Cloud Crowbar 9:cassandra-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud Crowbar 9:cassandra-tools-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud Crowbar 9:crowbar-openstack-6.0+git.1616146717.a89ae0f4e-3.34.4.noarch", "SUSE OpenStack Cloud Crowbar 9:grafana-6.7.4-3.23.2.x86_64", "SUSE OpenStack Cloud Crowbar 9:kibana-4.6.6-4.9.2.x86_64", "SUSE OpenStack Cloud Crowbar 9:openstack-dashboard-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-api-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-conductor-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-dhcp-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-ha-tool-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-l3-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-linuxbridge-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-macvtap-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-metadata-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-metering-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-openvswitch-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-server-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-cells-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-compute-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-conductor-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-console-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-novncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-placement-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-scheduler-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-serialproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-vncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-Django1-1.11.29-3.25.1.noarch", "SUSE OpenStack Cloud Crowbar 9:python-elementpath-1.3.1-1.3.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-horizon-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud Crowbar 9:python-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-openstack_auth-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-py-1.5.4-3.3.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-pysaml2-4.5.0-4.6.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-xmlschema-1.0.18-1.3.2.noarch", "SUSE OpenStack Cloud Crowbar 9:ruby2.1-rubygem-activerecord-session_store-0.1.2-4.3.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-27358", url: "https://www.suse.com/security/cve/CVE-2021-27358", }, { category: "external", summary: "SUSE Bug 1183803 for CVE-2021-27358", url: "https://bugzilla.suse.com/1183803", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE OpenStack Cloud 9:ardana-neutron-9.0+git.1615223676.777f0b3-3.25.2.noarch", "SUSE OpenStack Cloud 9:ardana-swift-9.0+git.1618235096.90974ed-3.10.2.noarch", "SUSE OpenStack Cloud 9:cassandra-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud 9:cassandra-tools-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud 9:grafana-6.7.4-3.23.2.x86_64", "SUSE OpenStack Cloud 9:kibana-4.6.6-4.9.2.x86_64", "SUSE OpenStack Cloud 9:openstack-dashboard-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-api-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-conductor-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-dhcp-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-ha-tool-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-l3-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-linuxbridge-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-macvtap-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-metadata-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-metering-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-openvswitch-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-server-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-cells-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-compute-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-conductor-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-console-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-novncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-placement-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-scheduler-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-serialproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-vncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:python-Django1-1.11.29-3.25.1.noarch", "SUSE OpenStack Cloud 9:python-elementpath-1.3.1-1.3.2.noarch", "SUSE OpenStack Cloud 9:python-horizon-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud 9:python-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:python-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:python-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud 9:python-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:python-openstack_auth-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud 9:python-py-1.5.4-3.3.2.noarch", "SUSE OpenStack Cloud 9:python-pysaml2-4.5.0-4.6.2.noarch", "SUSE OpenStack Cloud 9:python-xmlschema-1.0.18-1.3.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-barbican-x86_64-7.0.1~dev24-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-cinder-x86_64-13.0.10~dev20-3.26.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-designate-x86_64-7.0.2~dev2-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-glance-x86_64-17.0.1~dev30-3.21.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-heat-x86_64-11.0.4~dev4-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-horizon-x86_64-14.1.1~dev11-4.27.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-ironic-x86_64-11.1.5~dev17-4.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-keystone-x86_64-14.2.1~dev4-3.24.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-magnum-x86_64-7.2.1~dev1-4.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-manila-x86_64-7.4.2~dev60-3.29.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-monasca-ceilometer-x86_64-1.8.2~dev3-3.23.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-monasca-x86_64-2.7.1~dev10-3.21.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-neutron-x86_64-13.0.8~dev164-6.27.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-nova-x86_64-18.3.1~dev82-3.27.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-octavia-x86_64-3.2.3~dev7-4.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-sahara-x86_64-9.0.2~dev15-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-swift-x86_64-2.19.2~dev48-2.18.1.noarch", "SUSE OpenStack Cloud Crowbar 9:cassandra-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud Crowbar 9:cassandra-tools-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud Crowbar 9:crowbar-openstack-6.0+git.1616146717.a89ae0f4e-3.34.4.noarch", "SUSE OpenStack Cloud Crowbar 9:grafana-6.7.4-3.23.2.x86_64", "SUSE OpenStack Cloud Crowbar 9:kibana-4.6.6-4.9.2.x86_64", "SUSE OpenStack Cloud Crowbar 9:openstack-dashboard-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-api-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-conductor-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-dhcp-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-ha-tool-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-l3-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-linuxbridge-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-macvtap-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-metadata-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-metering-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-openvswitch-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-server-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-cells-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-compute-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-conductor-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-console-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-novncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-placement-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-scheduler-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-serialproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-vncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-Django1-1.11.29-3.25.1.noarch", "SUSE OpenStack Cloud Crowbar 9:python-elementpath-1.3.1-1.3.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-horizon-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud Crowbar 9:python-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-openstack_auth-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-py-1.5.4-3.3.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-pysaml2-4.5.0-4.6.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-xmlschema-1.0.18-1.3.2.noarch", "SUSE OpenStack Cloud Crowbar 9:ruby2.1-rubygem-activerecord-session_store-0.1.2-4.3.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE OpenStack Cloud 9:ardana-neutron-9.0+git.1615223676.777f0b3-3.25.2.noarch", "SUSE OpenStack Cloud 9:ardana-swift-9.0+git.1618235096.90974ed-3.10.2.noarch", "SUSE OpenStack Cloud 9:cassandra-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud 9:cassandra-tools-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud 9:grafana-6.7.4-3.23.2.x86_64", "SUSE OpenStack Cloud 9:kibana-4.6.6-4.9.2.x86_64", "SUSE OpenStack Cloud 9:openstack-dashboard-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-api-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-conductor-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-dhcp-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-ha-tool-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-l3-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-linuxbridge-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-macvtap-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-metadata-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-metering-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-openvswitch-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-server-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-cells-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-compute-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-conductor-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-console-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-novncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-placement-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-scheduler-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-serialproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-vncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:python-Django1-1.11.29-3.25.1.noarch", "SUSE OpenStack Cloud 9:python-elementpath-1.3.1-1.3.2.noarch", "SUSE OpenStack Cloud 9:python-horizon-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud 9:python-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:python-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:python-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud 9:python-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:python-openstack_auth-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud 9:python-py-1.5.4-3.3.2.noarch", "SUSE OpenStack Cloud 9:python-pysaml2-4.5.0-4.6.2.noarch", "SUSE OpenStack Cloud 9:python-xmlschema-1.0.18-1.3.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-barbican-x86_64-7.0.1~dev24-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-cinder-x86_64-13.0.10~dev20-3.26.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-designate-x86_64-7.0.2~dev2-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-glance-x86_64-17.0.1~dev30-3.21.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-heat-x86_64-11.0.4~dev4-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-horizon-x86_64-14.1.1~dev11-4.27.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-ironic-x86_64-11.1.5~dev17-4.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-keystone-x86_64-14.2.1~dev4-3.24.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-magnum-x86_64-7.2.1~dev1-4.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-manila-x86_64-7.4.2~dev60-3.29.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-monasca-ceilometer-x86_64-1.8.2~dev3-3.23.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-monasca-x86_64-2.7.1~dev10-3.21.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-neutron-x86_64-13.0.8~dev164-6.27.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-nova-x86_64-18.3.1~dev82-3.27.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-octavia-x86_64-3.2.3~dev7-4.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-sahara-x86_64-9.0.2~dev15-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-swift-x86_64-2.19.2~dev48-2.18.1.noarch", "SUSE OpenStack Cloud Crowbar 9:cassandra-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud Crowbar 9:cassandra-tools-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud Crowbar 9:crowbar-openstack-6.0+git.1616146717.a89ae0f4e-3.34.4.noarch", "SUSE OpenStack Cloud Crowbar 9:grafana-6.7.4-3.23.2.x86_64", "SUSE OpenStack Cloud Crowbar 9:kibana-4.6.6-4.9.2.x86_64", "SUSE OpenStack Cloud Crowbar 9:openstack-dashboard-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-api-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-conductor-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-dhcp-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-ha-tool-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-l3-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-linuxbridge-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-macvtap-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-metadata-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-metering-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-openvswitch-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-server-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-cells-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-compute-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-conductor-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-console-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-novncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-placement-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-scheduler-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-serialproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-vncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-Django1-1.11.29-3.25.1.noarch", "SUSE OpenStack Cloud Crowbar 9:python-elementpath-1.3.1-1.3.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-horizon-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud Crowbar 9:python-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-openstack_auth-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-py-1.5.4-3.3.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-pysaml2-4.5.0-4.6.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-xmlschema-1.0.18-1.3.2.noarch", "SUSE OpenStack Cloud Crowbar 9:ruby2.1-rubygem-activerecord-session_store-0.1.2-4.3.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2021-06-11T13:13:53Z", details: "important", }, ], title: "CVE-2021-27358", }, { cve: "CVE-2021-28658", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-28658", }, ], notes: [ { category: "general", text: "In Django 2.2 before 2.2.20, 3.0 before 3.0.14, and 3.1 before 3.1.8, MultiPartParser allowed directory traversal via uploaded files with suitably crafted file names. Built-in upload handlers were not affected by this vulnerability.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE OpenStack Cloud 9:ardana-neutron-9.0+git.1615223676.777f0b3-3.25.2.noarch", "SUSE OpenStack Cloud 9:ardana-swift-9.0+git.1618235096.90974ed-3.10.2.noarch", "SUSE OpenStack Cloud 9:cassandra-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud 9:cassandra-tools-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud 9:grafana-6.7.4-3.23.2.x86_64", "SUSE OpenStack Cloud 9:kibana-4.6.6-4.9.2.x86_64", "SUSE OpenStack Cloud 9:openstack-dashboard-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-api-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-conductor-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-dhcp-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-ha-tool-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-l3-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-linuxbridge-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-macvtap-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-metadata-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-metering-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-openvswitch-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-server-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-cells-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-compute-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-conductor-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-console-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-novncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-placement-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-scheduler-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-serialproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-vncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:python-Django1-1.11.29-3.25.1.noarch", "SUSE OpenStack Cloud 9:python-elementpath-1.3.1-1.3.2.noarch", "SUSE OpenStack Cloud 9:python-horizon-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud 9:python-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:python-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:python-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud 9:python-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:python-openstack_auth-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud 9:python-py-1.5.4-3.3.2.noarch", "SUSE OpenStack Cloud 9:python-pysaml2-4.5.0-4.6.2.noarch", "SUSE OpenStack Cloud 9:python-xmlschema-1.0.18-1.3.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-barbican-x86_64-7.0.1~dev24-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-cinder-x86_64-13.0.10~dev20-3.26.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-designate-x86_64-7.0.2~dev2-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-glance-x86_64-17.0.1~dev30-3.21.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-heat-x86_64-11.0.4~dev4-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-horizon-x86_64-14.1.1~dev11-4.27.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-ironic-x86_64-11.1.5~dev17-4.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-keystone-x86_64-14.2.1~dev4-3.24.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-magnum-x86_64-7.2.1~dev1-4.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-manila-x86_64-7.4.2~dev60-3.29.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-monasca-ceilometer-x86_64-1.8.2~dev3-3.23.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-monasca-x86_64-2.7.1~dev10-3.21.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-neutron-x86_64-13.0.8~dev164-6.27.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-nova-x86_64-18.3.1~dev82-3.27.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-octavia-x86_64-3.2.3~dev7-4.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-sahara-x86_64-9.0.2~dev15-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-swift-x86_64-2.19.2~dev48-2.18.1.noarch", "SUSE OpenStack Cloud Crowbar 9:cassandra-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud Crowbar 9:cassandra-tools-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud Crowbar 9:crowbar-openstack-6.0+git.1616146717.a89ae0f4e-3.34.4.noarch", "SUSE OpenStack Cloud Crowbar 9:grafana-6.7.4-3.23.2.x86_64", "SUSE OpenStack Cloud Crowbar 9:kibana-4.6.6-4.9.2.x86_64", "SUSE OpenStack Cloud Crowbar 9:openstack-dashboard-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-api-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-conductor-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-dhcp-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-ha-tool-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-l3-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-linuxbridge-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-macvtap-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-metadata-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-metering-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-openvswitch-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-server-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-cells-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-compute-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-conductor-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-console-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-novncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-placement-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-scheduler-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-serialproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-vncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-Django1-1.11.29-3.25.1.noarch", "SUSE OpenStack Cloud Crowbar 9:python-elementpath-1.3.1-1.3.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-horizon-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud Crowbar 9:python-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-openstack_auth-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-py-1.5.4-3.3.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-pysaml2-4.5.0-4.6.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-xmlschema-1.0.18-1.3.2.noarch", "SUSE OpenStack Cloud Crowbar 9:ruby2.1-rubygem-activerecord-session_store-0.1.2-4.3.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-28658", url: "https://www.suse.com/security/cve/CVE-2021-28658", }, { category: "external", summary: "SUSE Bug 1184148 for CVE-2021-28658", url: "https://bugzilla.suse.com/1184148", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE OpenStack Cloud 9:ardana-neutron-9.0+git.1615223676.777f0b3-3.25.2.noarch", "SUSE OpenStack Cloud 9:ardana-swift-9.0+git.1618235096.90974ed-3.10.2.noarch", "SUSE OpenStack Cloud 9:cassandra-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud 9:cassandra-tools-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud 9:grafana-6.7.4-3.23.2.x86_64", "SUSE OpenStack Cloud 9:kibana-4.6.6-4.9.2.x86_64", "SUSE OpenStack Cloud 9:openstack-dashboard-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-api-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-conductor-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-dhcp-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-ha-tool-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-l3-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-linuxbridge-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-macvtap-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-metadata-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-metering-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-openvswitch-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-server-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-cells-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-compute-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-conductor-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-console-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-novncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-placement-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-scheduler-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-serialproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-vncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:python-Django1-1.11.29-3.25.1.noarch", "SUSE OpenStack Cloud 9:python-elementpath-1.3.1-1.3.2.noarch", "SUSE OpenStack Cloud 9:python-horizon-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud 9:python-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:python-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:python-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud 9:python-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:python-openstack_auth-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud 9:python-py-1.5.4-3.3.2.noarch", "SUSE OpenStack Cloud 9:python-pysaml2-4.5.0-4.6.2.noarch", "SUSE OpenStack Cloud 9:python-xmlschema-1.0.18-1.3.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-barbican-x86_64-7.0.1~dev24-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-cinder-x86_64-13.0.10~dev20-3.26.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-designate-x86_64-7.0.2~dev2-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-glance-x86_64-17.0.1~dev30-3.21.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-heat-x86_64-11.0.4~dev4-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-horizon-x86_64-14.1.1~dev11-4.27.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-ironic-x86_64-11.1.5~dev17-4.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-keystone-x86_64-14.2.1~dev4-3.24.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-magnum-x86_64-7.2.1~dev1-4.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-manila-x86_64-7.4.2~dev60-3.29.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-monasca-ceilometer-x86_64-1.8.2~dev3-3.23.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-monasca-x86_64-2.7.1~dev10-3.21.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-neutron-x86_64-13.0.8~dev164-6.27.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-nova-x86_64-18.3.1~dev82-3.27.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-octavia-x86_64-3.2.3~dev7-4.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-sahara-x86_64-9.0.2~dev15-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-swift-x86_64-2.19.2~dev48-2.18.1.noarch", "SUSE OpenStack Cloud Crowbar 9:cassandra-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud Crowbar 9:cassandra-tools-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud Crowbar 9:crowbar-openstack-6.0+git.1616146717.a89ae0f4e-3.34.4.noarch", "SUSE OpenStack Cloud Crowbar 9:grafana-6.7.4-3.23.2.x86_64", "SUSE OpenStack Cloud Crowbar 9:kibana-4.6.6-4.9.2.x86_64", "SUSE OpenStack Cloud Crowbar 9:openstack-dashboard-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-api-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-conductor-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-dhcp-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-ha-tool-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-l3-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-linuxbridge-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-macvtap-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-metadata-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-metering-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-openvswitch-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-server-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-cells-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-compute-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-conductor-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-console-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-novncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-placement-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-scheduler-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-serialproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-vncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-Django1-1.11.29-3.25.1.noarch", "SUSE OpenStack Cloud Crowbar 9:python-elementpath-1.3.1-1.3.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-horizon-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud Crowbar 9:python-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-openstack_auth-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-py-1.5.4-3.3.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-pysaml2-4.5.0-4.6.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-xmlschema-1.0.18-1.3.2.noarch", "SUSE OpenStack Cloud Crowbar 9:ruby2.1-rubygem-activerecord-session_store-0.1.2-4.3.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 3.3, baseSeverity: "LOW", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", version: "3.1", }, products: [ "SUSE OpenStack Cloud 9:ardana-neutron-9.0+git.1615223676.777f0b3-3.25.2.noarch", "SUSE OpenStack Cloud 9:ardana-swift-9.0+git.1618235096.90974ed-3.10.2.noarch", "SUSE OpenStack Cloud 9:cassandra-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud 9:cassandra-tools-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud 9:grafana-6.7.4-3.23.2.x86_64", "SUSE OpenStack Cloud 9:kibana-4.6.6-4.9.2.x86_64", "SUSE OpenStack Cloud 9:openstack-dashboard-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-api-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-conductor-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-dhcp-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-ha-tool-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-l3-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-linuxbridge-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-macvtap-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-metadata-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-metering-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-openvswitch-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-server-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-cells-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-compute-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-conductor-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-console-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-novncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-placement-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-scheduler-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-serialproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-vncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:python-Django1-1.11.29-3.25.1.noarch", "SUSE OpenStack Cloud 9:python-elementpath-1.3.1-1.3.2.noarch", "SUSE OpenStack Cloud 9:python-horizon-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud 9:python-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:python-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:python-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud 9:python-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:python-openstack_auth-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud 9:python-py-1.5.4-3.3.2.noarch", "SUSE OpenStack Cloud 9:python-pysaml2-4.5.0-4.6.2.noarch", "SUSE OpenStack Cloud 9:python-xmlschema-1.0.18-1.3.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-barbican-x86_64-7.0.1~dev24-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-cinder-x86_64-13.0.10~dev20-3.26.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-designate-x86_64-7.0.2~dev2-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-glance-x86_64-17.0.1~dev30-3.21.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-heat-x86_64-11.0.4~dev4-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-horizon-x86_64-14.1.1~dev11-4.27.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-ironic-x86_64-11.1.5~dev17-4.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-keystone-x86_64-14.2.1~dev4-3.24.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-magnum-x86_64-7.2.1~dev1-4.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-manila-x86_64-7.4.2~dev60-3.29.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-monasca-ceilometer-x86_64-1.8.2~dev3-3.23.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-monasca-x86_64-2.7.1~dev10-3.21.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-neutron-x86_64-13.0.8~dev164-6.27.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-nova-x86_64-18.3.1~dev82-3.27.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-octavia-x86_64-3.2.3~dev7-4.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-sahara-x86_64-9.0.2~dev15-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-swift-x86_64-2.19.2~dev48-2.18.1.noarch", "SUSE OpenStack Cloud Crowbar 9:cassandra-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud Crowbar 9:cassandra-tools-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud Crowbar 9:crowbar-openstack-6.0+git.1616146717.a89ae0f4e-3.34.4.noarch", "SUSE OpenStack Cloud Crowbar 9:grafana-6.7.4-3.23.2.x86_64", "SUSE OpenStack Cloud Crowbar 9:kibana-4.6.6-4.9.2.x86_64", "SUSE OpenStack Cloud Crowbar 9:openstack-dashboard-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-api-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-conductor-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-dhcp-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-ha-tool-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-l3-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-linuxbridge-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-macvtap-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-metadata-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-metering-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-openvswitch-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-server-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-cells-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-compute-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-conductor-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-console-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-novncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-placement-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-scheduler-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-serialproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-vncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-Django1-1.11.29-3.25.1.noarch", "SUSE OpenStack Cloud Crowbar 9:python-elementpath-1.3.1-1.3.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-horizon-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud Crowbar 9:python-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-openstack_auth-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-py-1.5.4-3.3.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-pysaml2-4.5.0-4.6.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-xmlschema-1.0.18-1.3.2.noarch", "SUSE OpenStack Cloud Crowbar 9:ruby2.1-rubygem-activerecord-session_store-0.1.2-4.3.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2021-06-11T13:13:53Z", details: "low", }, ], title: "CVE-2021-28658", }, { cve: "CVE-2021-31542", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-31542", }, ], notes: [ { category: "general", text: "In Django 2.2 before 2.2.21, 3.1 before 3.1.9, and 3.2 before 3.2.1, MultiPartParser, UploadedFile, and FieldFile allowed directory traversal via uploaded files with suitably crafted file names.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE OpenStack Cloud 9:ardana-neutron-9.0+git.1615223676.777f0b3-3.25.2.noarch", "SUSE OpenStack Cloud 9:ardana-swift-9.0+git.1618235096.90974ed-3.10.2.noarch", "SUSE OpenStack Cloud 9:cassandra-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud 9:cassandra-tools-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud 9:grafana-6.7.4-3.23.2.x86_64", "SUSE OpenStack Cloud 9:kibana-4.6.6-4.9.2.x86_64", "SUSE OpenStack Cloud 9:openstack-dashboard-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-api-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-conductor-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-dhcp-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-ha-tool-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-l3-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-linuxbridge-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-macvtap-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-metadata-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-metering-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-openvswitch-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-server-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-cells-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-compute-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-conductor-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-console-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-novncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-placement-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-scheduler-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-serialproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-vncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:python-Django1-1.11.29-3.25.1.noarch", "SUSE OpenStack Cloud 9:python-elementpath-1.3.1-1.3.2.noarch", "SUSE OpenStack Cloud 9:python-horizon-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud 9:python-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:python-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:python-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud 9:python-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:python-openstack_auth-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud 9:python-py-1.5.4-3.3.2.noarch", "SUSE OpenStack Cloud 9:python-pysaml2-4.5.0-4.6.2.noarch", "SUSE OpenStack Cloud 9:python-xmlschema-1.0.18-1.3.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-barbican-x86_64-7.0.1~dev24-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-cinder-x86_64-13.0.10~dev20-3.26.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-designate-x86_64-7.0.2~dev2-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-glance-x86_64-17.0.1~dev30-3.21.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-heat-x86_64-11.0.4~dev4-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-horizon-x86_64-14.1.1~dev11-4.27.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-ironic-x86_64-11.1.5~dev17-4.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-keystone-x86_64-14.2.1~dev4-3.24.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-magnum-x86_64-7.2.1~dev1-4.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-manila-x86_64-7.4.2~dev60-3.29.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-monasca-ceilometer-x86_64-1.8.2~dev3-3.23.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-monasca-x86_64-2.7.1~dev10-3.21.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-neutron-x86_64-13.0.8~dev164-6.27.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-nova-x86_64-18.3.1~dev82-3.27.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-octavia-x86_64-3.2.3~dev7-4.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-sahara-x86_64-9.0.2~dev15-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-swift-x86_64-2.19.2~dev48-2.18.1.noarch", "SUSE OpenStack Cloud Crowbar 9:cassandra-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud Crowbar 9:cassandra-tools-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud Crowbar 9:crowbar-openstack-6.0+git.1616146717.a89ae0f4e-3.34.4.noarch", "SUSE OpenStack Cloud Crowbar 9:grafana-6.7.4-3.23.2.x86_64", "SUSE OpenStack Cloud Crowbar 9:kibana-4.6.6-4.9.2.x86_64", "SUSE OpenStack Cloud Crowbar 9:openstack-dashboard-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-api-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-conductor-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-dhcp-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-ha-tool-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-l3-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-linuxbridge-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-macvtap-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-metadata-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-metering-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-openvswitch-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-server-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-cells-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-compute-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-conductor-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-console-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-novncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-placement-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-scheduler-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-serialproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-vncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-Django1-1.11.29-3.25.1.noarch", "SUSE OpenStack Cloud Crowbar 9:python-elementpath-1.3.1-1.3.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-horizon-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud Crowbar 9:python-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-openstack_auth-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-py-1.5.4-3.3.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-pysaml2-4.5.0-4.6.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-xmlschema-1.0.18-1.3.2.noarch", "SUSE OpenStack Cloud Crowbar 9:ruby2.1-rubygem-activerecord-session_store-0.1.2-4.3.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-31542", url: "https://www.suse.com/security/cve/CVE-2021-31542", }, { category: "external", summary: "SUSE Bug 1185623 for CVE-2021-31542", url: "https://bugzilla.suse.com/1185623", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE OpenStack Cloud 9:ardana-neutron-9.0+git.1615223676.777f0b3-3.25.2.noarch", "SUSE OpenStack Cloud 9:ardana-swift-9.0+git.1618235096.90974ed-3.10.2.noarch", "SUSE OpenStack Cloud 9:cassandra-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud 9:cassandra-tools-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud 9:grafana-6.7.4-3.23.2.x86_64", "SUSE OpenStack Cloud 9:kibana-4.6.6-4.9.2.x86_64", "SUSE OpenStack Cloud 9:openstack-dashboard-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-api-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-conductor-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-dhcp-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-ha-tool-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-l3-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-linuxbridge-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-macvtap-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-metadata-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-metering-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-openvswitch-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-server-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-cells-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-compute-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-conductor-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-console-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-novncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-placement-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-scheduler-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-serialproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-vncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:python-Django1-1.11.29-3.25.1.noarch", "SUSE OpenStack Cloud 9:python-elementpath-1.3.1-1.3.2.noarch", "SUSE OpenStack Cloud 9:python-horizon-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud 9:python-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:python-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:python-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud 9:python-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:python-openstack_auth-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud 9:python-py-1.5.4-3.3.2.noarch", "SUSE OpenStack Cloud 9:python-pysaml2-4.5.0-4.6.2.noarch", "SUSE OpenStack Cloud 9:python-xmlschema-1.0.18-1.3.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-barbican-x86_64-7.0.1~dev24-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-cinder-x86_64-13.0.10~dev20-3.26.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-designate-x86_64-7.0.2~dev2-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-glance-x86_64-17.0.1~dev30-3.21.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-heat-x86_64-11.0.4~dev4-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-horizon-x86_64-14.1.1~dev11-4.27.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-ironic-x86_64-11.1.5~dev17-4.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-keystone-x86_64-14.2.1~dev4-3.24.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-magnum-x86_64-7.2.1~dev1-4.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-manila-x86_64-7.4.2~dev60-3.29.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-monasca-ceilometer-x86_64-1.8.2~dev3-3.23.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-monasca-x86_64-2.7.1~dev10-3.21.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-neutron-x86_64-13.0.8~dev164-6.27.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-nova-x86_64-18.3.1~dev82-3.27.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-octavia-x86_64-3.2.3~dev7-4.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-sahara-x86_64-9.0.2~dev15-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-swift-x86_64-2.19.2~dev48-2.18.1.noarch", "SUSE OpenStack Cloud Crowbar 9:cassandra-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud Crowbar 9:cassandra-tools-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud Crowbar 9:crowbar-openstack-6.0+git.1616146717.a89ae0f4e-3.34.4.noarch", "SUSE OpenStack Cloud Crowbar 9:grafana-6.7.4-3.23.2.x86_64", "SUSE OpenStack Cloud Crowbar 9:kibana-4.6.6-4.9.2.x86_64", "SUSE OpenStack Cloud Crowbar 9:openstack-dashboard-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-api-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-conductor-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-dhcp-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-ha-tool-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-l3-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-linuxbridge-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-macvtap-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-metadata-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-metering-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-openvswitch-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-server-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-cells-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-compute-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-conductor-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-console-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-novncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-placement-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-scheduler-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-serialproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-vncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-Django1-1.11.29-3.25.1.noarch", "SUSE OpenStack Cloud Crowbar 9:python-elementpath-1.3.1-1.3.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-horizon-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud Crowbar 9:python-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-openstack_auth-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-py-1.5.4-3.3.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-pysaml2-4.5.0-4.6.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-xmlschema-1.0.18-1.3.2.noarch", "SUSE OpenStack Cloud Crowbar 9:ruby2.1-rubygem-activerecord-session_store-0.1.2-4.3.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "SUSE OpenStack Cloud 9:ardana-neutron-9.0+git.1615223676.777f0b3-3.25.2.noarch", "SUSE OpenStack Cloud 9:ardana-swift-9.0+git.1618235096.90974ed-3.10.2.noarch", "SUSE OpenStack Cloud 9:cassandra-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud 9:cassandra-tools-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud 9:grafana-6.7.4-3.23.2.x86_64", "SUSE OpenStack Cloud 9:kibana-4.6.6-4.9.2.x86_64", "SUSE OpenStack Cloud 9:openstack-dashboard-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-api-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-conductor-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-dhcp-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-ha-tool-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-l3-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-linuxbridge-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-macvtap-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-metadata-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-metering-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-openvswitch-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-server-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-cells-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-compute-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-conductor-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-console-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-novncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-placement-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-scheduler-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-serialproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-vncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:python-Django1-1.11.29-3.25.1.noarch", "SUSE OpenStack Cloud 9:python-elementpath-1.3.1-1.3.2.noarch", "SUSE OpenStack Cloud 9:python-horizon-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud 9:python-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:python-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:python-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud 9:python-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:python-openstack_auth-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud 9:python-py-1.5.4-3.3.2.noarch", "SUSE OpenStack Cloud 9:python-pysaml2-4.5.0-4.6.2.noarch", "SUSE OpenStack Cloud 9:python-xmlschema-1.0.18-1.3.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-barbican-x86_64-7.0.1~dev24-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-cinder-x86_64-13.0.10~dev20-3.26.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-designate-x86_64-7.0.2~dev2-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-glance-x86_64-17.0.1~dev30-3.21.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-heat-x86_64-11.0.4~dev4-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-horizon-x86_64-14.1.1~dev11-4.27.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-ironic-x86_64-11.1.5~dev17-4.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-keystone-x86_64-14.2.1~dev4-3.24.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-magnum-x86_64-7.2.1~dev1-4.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-manila-x86_64-7.4.2~dev60-3.29.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-monasca-ceilometer-x86_64-1.8.2~dev3-3.23.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-monasca-x86_64-2.7.1~dev10-3.21.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-neutron-x86_64-13.0.8~dev164-6.27.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-nova-x86_64-18.3.1~dev82-3.27.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-octavia-x86_64-3.2.3~dev7-4.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-sahara-x86_64-9.0.2~dev15-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-swift-x86_64-2.19.2~dev48-2.18.1.noarch", "SUSE OpenStack Cloud Crowbar 9:cassandra-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud Crowbar 9:cassandra-tools-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud Crowbar 9:crowbar-openstack-6.0+git.1616146717.a89ae0f4e-3.34.4.noarch", "SUSE OpenStack Cloud Crowbar 9:grafana-6.7.4-3.23.2.x86_64", "SUSE OpenStack Cloud Crowbar 9:kibana-4.6.6-4.9.2.x86_64", "SUSE OpenStack Cloud Crowbar 9:openstack-dashboard-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-api-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-conductor-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-dhcp-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-ha-tool-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-l3-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-linuxbridge-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-macvtap-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-metadata-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-metering-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-openvswitch-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-server-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-cells-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-compute-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-conductor-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-console-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-novncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-placement-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-scheduler-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-serialproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-vncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-Django1-1.11.29-3.25.1.noarch", "SUSE OpenStack Cloud Crowbar 9:python-elementpath-1.3.1-1.3.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-horizon-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud Crowbar 9:python-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-openstack_auth-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-py-1.5.4-3.3.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-pysaml2-4.5.0-4.6.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-xmlschema-1.0.18-1.3.2.noarch", "SUSE OpenStack Cloud Crowbar 9:ruby2.1-rubygem-activerecord-session_store-0.1.2-4.3.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2021-06-11T13:13:53Z", details: "moderate", }, ], title: "CVE-2021-31542", }, { cve: "CVE-2021-33203", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-33203", }, ], notes: [ { category: "general", text: "Django before 2.2.24, 3.x before 3.1.12, and 3.2.x before 3.2.4 has a potential directory traversal via django.contrib.admindocs. Staff members could use the TemplateDetailView view to check the existence of arbitrary files. Additionally, if (and only if) the default admindocs templates have been customized by application developers to also show file contents, then not only the existence but also the file contents would have been exposed. In other words, there is directory traversal outside of the template root directories.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE OpenStack Cloud 9:ardana-neutron-9.0+git.1615223676.777f0b3-3.25.2.noarch", "SUSE OpenStack Cloud 9:ardana-swift-9.0+git.1618235096.90974ed-3.10.2.noarch", "SUSE OpenStack Cloud 9:cassandra-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud 9:cassandra-tools-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud 9:grafana-6.7.4-3.23.2.x86_64", "SUSE OpenStack Cloud 9:kibana-4.6.6-4.9.2.x86_64", "SUSE OpenStack Cloud 9:openstack-dashboard-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-api-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-conductor-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-dhcp-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-ha-tool-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-l3-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-linuxbridge-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-macvtap-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-metadata-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-metering-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-openvswitch-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-server-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-cells-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-compute-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-conductor-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-console-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-novncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-placement-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-scheduler-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-serialproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-vncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:python-Django1-1.11.29-3.25.1.noarch", "SUSE OpenStack Cloud 9:python-elementpath-1.3.1-1.3.2.noarch", "SUSE OpenStack Cloud 9:python-horizon-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud 9:python-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:python-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:python-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud 9:python-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:python-openstack_auth-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud 9:python-py-1.5.4-3.3.2.noarch", "SUSE OpenStack Cloud 9:python-pysaml2-4.5.0-4.6.2.noarch", "SUSE OpenStack Cloud 9:python-xmlschema-1.0.18-1.3.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-barbican-x86_64-7.0.1~dev24-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-cinder-x86_64-13.0.10~dev20-3.26.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-designate-x86_64-7.0.2~dev2-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-glance-x86_64-17.0.1~dev30-3.21.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-heat-x86_64-11.0.4~dev4-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-horizon-x86_64-14.1.1~dev11-4.27.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-ironic-x86_64-11.1.5~dev17-4.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-keystone-x86_64-14.2.1~dev4-3.24.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-magnum-x86_64-7.2.1~dev1-4.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-manila-x86_64-7.4.2~dev60-3.29.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-monasca-ceilometer-x86_64-1.8.2~dev3-3.23.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-monasca-x86_64-2.7.1~dev10-3.21.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-neutron-x86_64-13.0.8~dev164-6.27.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-nova-x86_64-18.3.1~dev82-3.27.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-octavia-x86_64-3.2.3~dev7-4.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-sahara-x86_64-9.0.2~dev15-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-swift-x86_64-2.19.2~dev48-2.18.1.noarch", "SUSE OpenStack Cloud Crowbar 9:cassandra-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud Crowbar 9:cassandra-tools-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud Crowbar 9:crowbar-openstack-6.0+git.1616146717.a89ae0f4e-3.34.4.noarch", "SUSE OpenStack Cloud Crowbar 9:grafana-6.7.4-3.23.2.x86_64", "SUSE OpenStack Cloud Crowbar 9:kibana-4.6.6-4.9.2.x86_64", "SUSE OpenStack Cloud Crowbar 9:openstack-dashboard-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-api-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-conductor-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-dhcp-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-ha-tool-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-l3-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-linuxbridge-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-macvtap-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-metadata-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-metering-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-openvswitch-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-server-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-cells-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-compute-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-conductor-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-console-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-novncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-placement-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-scheduler-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-serialproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-vncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-Django1-1.11.29-3.25.1.noarch", "SUSE OpenStack Cloud Crowbar 9:python-elementpath-1.3.1-1.3.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-horizon-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud Crowbar 9:python-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-openstack_auth-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-py-1.5.4-3.3.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-pysaml2-4.5.0-4.6.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-xmlschema-1.0.18-1.3.2.noarch", "SUSE OpenStack Cloud Crowbar 9:ruby2.1-rubygem-activerecord-session_store-0.1.2-4.3.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-33203", url: "https://www.suse.com/security/cve/CVE-2021-33203", }, { category: "external", summary: "SUSE Bug 1186608 for CVE-2021-33203", url: "https://bugzilla.suse.com/1186608", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE OpenStack Cloud 9:ardana-neutron-9.0+git.1615223676.777f0b3-3.25.2.noarch", "SUSE OpenStack Cloud 9:ardana-swift-9.0+git.1618235096.90974ed-3.10.2.noarch", "SUSE OpenStack Cloud 9:cassandra-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud 9:cassandra-tools-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud 9:grafana-6.7.4-3.23.2.x86_64", "SUSE OpenStack Cloud 9:kibana-4.6.6-4.9.2.x86_64", "SUSE OpenStack Cloud 9:openstack-dashboard-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-api-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-conductor-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-dhcp-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-ha-tool-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-l3-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-linuxbridge-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-macvtap-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-metadata-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-metering-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-openvswitch-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-server-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-cells-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-compute-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-conductor-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-console-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-novncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-placement-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-scheduler-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-serialproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-vncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:python-Django1-1.11.29-3.25.1.noarch", "SUSE OpenStack Cloud 9:python-elementpath-1.3.1-1.3.2.noarch", "SUSE OpenStack Cloud 9:python-horizon-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud 9:python-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:python-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:python-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud 9:python-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:python-openstack_auth-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud 9:python-py-1.5.4-3.3.2.noarch", "SUSE OpenStack Cloud 9:python-pysaml2-4.5.0-4.6.2.noarch", "SUSE OpenStack Cloud 9:python-xmlschema-1.0.18-1.3.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-barbican-x86_64-7.0.1~dev24-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-cinder-x86_64-13.0.10~dev20-3.26.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-designate-x86_64-7.0.2~dev2-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-glance-x86_64-17.0.1~dev30-3.21.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-heat-x86_64-11.0.4~dev4-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-horizon-x86_64-14.1.1~dev11-4.27.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-ironic-x86_64-11.1.5~dev17-4.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-keystone-x86_64-14.2.1~dev4-3.24.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-magnum-x86_64-7.2.1~dev1-4.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-manila-x86_64-7.4.2~dev60-3.29.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-monasca-ceilometer-x86_64-1.8.2~dev3-3.23.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-monasca-x86_64-2.7.1~dev10-3.21.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-neutron-x86_64-13.0.8~dev164-6.27.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-nova-x86_64-18.3.1~dev82-3.27.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-octavia-x86_64-3.2.3~dev7-4.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-sahara-x86_64-9.0.2~dev15-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-swift-x86_64-2.19.2~dev48-2.18.1.noarch", "SUSE OpenStack Cloud Crowbar 9:cassandra-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud Crowbar 9:cassandra-tools-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud Crowbar 9:crowbar-openstack-6.0+git.1616146717.a89ae0f4e-3.34.4.noarch", "SUSE OpenStack Cloud Crowbar 9:grafana-6.7.4-3.23.2.x86_64", "SUSE OpenStack Cloud Crowbar 9:kibana-4.6.6-4.9.2.x86_64", "SUSE OpenStack Cloud Crowbar 9:openstack-dashboard-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-api-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-conductor-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-dhcp-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-ha-tool-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-l3-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-linuxbridge-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-macvtap-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-metadata-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-metering-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-openvswitch-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-server-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-cells-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-compute-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-conductor-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-console-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-novncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-placement-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-scheduler-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-serialproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-vncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-Django1-1.11.29-3.25.1.noarch", "SUSE OpenStack Cloud Crowbar 9:python-elementpath-1.3.1-1.3.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-horizon-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud Crowbar 9:python-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-openstack_auth-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-py-1.5.4-3.3.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-pysaml2-4.5.0-4.6.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-xmlschema-1.0.18-1.3.2.noarch", "SUSE OpenStack Cloud Crowbar 9:ruby2.1-rubygem-activerecord-session_store-0.1.2-4.3.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "SUSE OpenStack Cloud 9:ardana-neutron-9.0+git.1615223676.777f0b3-3.25.2.noarch", "SUSE OpenStack Cloud 9:ardana-swift-9.0+git.1618235096.90974ed-3.10.2.noarch", "SUSE OpenStack Cloud 9:cassandra-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud 9:cassandra-tools-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud 9:grafana-6.7.4-3.23.2.x86_64", "SUSE OpenStack Cloud 9:kibana-4.6.6-4.9.2.x86_64", "SUSE OpenStack Cloud 9:openstack-dashboard-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-api-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-conductor-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-dhcp-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-ha-tool-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-l3-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-linuxbridge-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-macvtap-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-metadata-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-metering-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-openvswitch-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-server-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-cells-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-compute-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-conductor-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-console-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-novncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-placement-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-scheduler-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-serialproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-vncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:python-Django1-1.11.29-3.25.1.noarch", "SUSE OpenStack Cloud 9:python-elementpath-1.3.1-1.3.2.noarch", "SUSE OpenStack Cloud 9:python-horizon-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud 9:python-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:python-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:python-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud 9:python-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:python-openstack_auth-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud 9:python-py-1.5.4-3.3.2.noarch", "SUSE OpenStack Cloud 9:python-pysaml2-4.5.0-4.6.2.noarch", "SUSE OpenStack Cloud 9:python-xmlschema-1.0.18-1.3.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-barbican-x86_64-7.0.1~dev24-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-cinder-x86_64-13.0.10~dev20-3.26.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-designate-x86_64-7.0.2~dev2-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-glance-x86_64-17.0.1~dev30-3.21.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-heat-x86_64-11.0.4~dev4-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-horizon-x86_64-14.1.1~dev11-4.27.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-ironic-x86_64-11.1.5~dev17-4.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-keystone-x86_64-14.2.1~dev4-3.24.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-magnum-x86_64-7.2.1~dev1-4.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-manila-x86_64-7.4.2~dev60-3.29.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-monasca-ceilometer-x86_64-1.8.2~dev3-3.23.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-monasca-x86_64-2.7.1~dev10-3.21.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-neutron-x86_64-13.0.8~dev164-6.27.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-nova-x86_64-18.3.1~dev82-3.27.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-octavia-x86_64-3.2.3~dev7-4.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-sahara-x86_64-9.0.2~dev15-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-swift-x86_64-2.19.2~dev48-2.18.1.noarch", "SUSE OpenStack Cloud Crowbar 9:cassandra-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud Crowbar 9:cassandra-tools-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud Crowbar 9:crowbar-openstack-6.0+git.1616146717.a89ae0f4e-3.34.4.noarch", "SUSE OpenStack Cloud Crowbar 9:grafana-6.7.4-3.23.2.x86_64", "SUSE OpenStack Cloud Crowbar 9:kibana-4.6.6-4.9.2.x86_64", "SUSE OpenStack Cloud Crowbar 9:openstack-dashboard-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-api-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-conductor-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-dhcp-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-ha-tool-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-l3-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-linuxbridge-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-macvtap-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-metadata-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-metering-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-openvswitch-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-server-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-cells-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-compute-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-conductor-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-console-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-novncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-placement-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-scheduler-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-serialproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-vncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-Django1-1.11.29-3.25.1.noarch", "SUSE OpenStack Cloud Crowbar 9:python-elementpath-1.3.1-1.3.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-horizon-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud Crowbar 9:python-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-openstack_auth-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-py-1.5.4-3.3.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-pysaml2-4.5.0-4.6.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-xmlschema-1.0.18-1.3.2.noarch", "SUSE OpenStack Cloud Crowbar 9:ruby2.1-rubygem-activerecord-session_store-0.1.2-4.3.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2021-06-11T13:13:53Z", details: "moderate", }, ], title: "CVE-2021-33203", }, { cve: "CVE-2021-33571", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-33571", }, ], notes: [ { category: "general", text: "In Django 2.2 before 2.2.24, 3.x before 3.1.12, and 3.2 before 3.2.4, URLValidator, validate_ipv4_address, and validate_ipv46_address do not prohibit leading zero characters in octal literals. This may allow a bypass of access control that is based on IP addresses. (validate_ipv4_address and validate_ipv46_address are unaffected with Python 3.9.5+..) .", title: "CVE description", }, ], product_status: { recommended: [ "SUSE OpenStack Cloud 9:ardana-neutron-9.0+git.1615223676.777f0b3-3.25.2.noarch", "SUSE OpenStack Cloud 9:ardana-swift-9.0+git.1618235096.90974ed-3.10.2.noarch", "SUSE OpenStack Cloud 9:cassandra-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud 9:cassandra-tools-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud 9:grafana-6.7.4-3.23.2.x86_64", "SUSE OpenStack Cloud 9:kibana-4.6.6-4.9.2.x86_64", "SUSE OpenStack Cloud 9:openstack-dashboard-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-api-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-conductor-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-dhcp-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-ha-tool-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-l3-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-linuxbridge-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-macvtap-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-metadata-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-metering-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-openvswitch-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-server-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-cells-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-compute-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-conductor-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-console-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-novncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-placement-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-scheduler-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-serialproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-vncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:python-Django1-1.11.29-3.25.1.noarch", "SUSE OpenStack Cloud 9:python-elementpath-1.3.1-1.3.2.noarch", "SUSE OpenStack Cloud 9:python-horizon-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud 9:python-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:python-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:python-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud 9:python-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:python-openstack_auth-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud 9:python-py-1.5.4-3.3.2.noarch", "SUSE OpenStack Cloud 9:python-pysaml2-4.5.0-4.6.2.noarch", "SUSE OpenStack Cloud 9:python-xmlschema-1.0.18-1.3.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-barbican-x86_64-7.0.1~dev24-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-cinder-x86_64-13.0.10~dev20-3.26.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-designate-x86_64-7.0.2~dev2-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-glance-x86_64-17.0.1~dev30-3.21.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-heat-x86_64-11.0.4~dev4-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-horizon-x86_64-14.1.1~dev11-4.27.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-ironic-x86_64-11.1.5~dev17-4.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-keystone-x86_64-14.2.1~dev4-3.24.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-magnum-x86_64-7.2.1~dev1-4.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-manila-x86_64-7.4.2~dev60-3.29.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-monasca-ceilometer-x86_64-1.8.2~dev3-3.23.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-monasca-x86_64-2.7.1~dev10-3.21.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-neutron-x86_64-13.0.8~dev164-6.27.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-nova-x86_64-18.3.1~dev82-3.27.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-octavia-x86_64-3.2.3~dev7-4.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-sahara-x86_64-9.0.2~dev15-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-swift-x86_64-2.19.2~dev48-2.18.1.noarch", "SUSE OpenStack Cloud Crowbar 9:cassandra-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud Crowbar 9:cassandra-tools-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud Crowbar 9:crowbar-openstack-6.0+git.1616146717.a89ae0f4e-3.34.4.noarch", "SUSE OpenStack Cloud Crowbar 9:grafana-6.7.4-3.23.2.x86_64", "SUSE OpenStack Cloud Crowbar 9:kibana-4.6.6-4.9.2.x86_64", "SUSE OpenStack Cloud Crowbar 9:openstack-dashboard-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-api-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-conductor-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-dhcp-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-ha-tool-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-l3-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-linuxbridge-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-macvtap-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-metadata-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-metering-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-openvswitch-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-server-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-cells-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-compute-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-conductor-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-console-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-novncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-placement-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-scheduler-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-serialproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-vncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-Django1-1.11.29-3.25.1.noarch", "SUSE OpenStack Cloud Crowbar 9:python-elementpath-1.3.1-1.3.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-horizon-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud Crowbar 9:python-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-openstack_auth-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-py-1.5.4-3.3.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-pysaml2-4.5.0-4.6.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-xmlschema-1.0.18-1.3.2.noarch", "SUSE OpenStack Cloud Crowbar 9:ruby2.1-rubygem-activerecord-session_store-0.1.2-4.3.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-33571", url: "https://www.suse.com/security/cve/CVE-2021-33571", }, { category: "external", summary: "SUSE Bug 1186611 for CVE-2021-33571", url: "https://bugzilla.suse.com/1186611", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE OpenStack Cloud 9:ardana-neutron-9.0+git.1615223676.777f0b3-3.25.2.noarch", "SUSE OpenStack Cloud 9:ardana-swift-9.0+git.1618235096.90974ed-3.10.2.noarch", "SUSE OpenStack Cloud 9:cassandra-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud 9:cassandra-tools-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud 9:grafana-6.7.4-3.23.2.x86_64", "SUSE OpenStack Cloud 9:kibana-4.6.6-4.9.2.x86_64", "SUSE OpenStack Cloud 9:openstack-dashboard-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-api-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-conductor-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-dhcp-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-ha-tool-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-l3-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-linuxbridge-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-macvtap-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-metadata-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-metering-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-openvswitch-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-server-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-cells-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-compute-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-conductor-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-console-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-novncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-placement-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-scheduler-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-serialproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-vncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:python-Django1-1.11.29-3.25.1.noarch", "SUSE OpenStack Cloud 9:python-elementpath-1.3.1-1.3.2.noarch", "SUSE OpenStack Cloud 9:python-horizon-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud 9:python-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:python-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:python-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud 9:python-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:python-openstack_auth-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud 9:python-py-1.5.4-3.3.2.noarch", "SUSE OpenStack Cloud 9:python-pysaml2-4.5.0-4.6.2.noarch", "SUSE OpenStack Cloud 9:python-xmlschema-1.0.18-1.3.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-barbican-x86_64-7.0.1~dev24-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-cinder-x86_64-13.0.10~dev20-3.26.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-designate-x86_64-7.0.2~dev2-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-glance-x86_64-17.0.1~dev30-3.21.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-heat-x86_64-11.0.4~dev4-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-horizon-x86_64-14.1.1~dev11-4.27.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-ironic-x86_64-11.1.5~dev17-4.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-keystone-x86_64-14.2.1~dev4-3.24.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-magnum-x86_64-7.2.1~dev1-4.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-manila-x86_64-7.4.2~dev60-3.29.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-monasca-ceilometer-x86_64-1.8.2~dev3-3.23.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-monasca-x86_64-2.7.1~dev10-3.21.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-neutron-x86_64-13.0.8~dev164-6.27.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-nova-x86_64-18.3.1~dev82-3.27.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-octavia-x86_64-3.2.3~dev7-4.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-sahara-x86_64-9.0.2~dev15-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-swift-x86_64-2.19.2~dev48-2.18.1.noarch", "SUSE OpenStack Cloud Crowbar 9:cassandra-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud Crowbar 9:cassandra-tools-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud Crowbar 9:crowbar-openstack-6.0+git.1616146717.a89ae0f4e-3.34.4.noarch", "SUSE OpenStack Cloud Crowbar 9:grafana-6.7.4-3.23.2.x86_64", "SUSE OpenStack Cloud Crowbar 9:kibana-4.6.6-4.9.2.x86_64", "SUSE OpenStack Cloud Crowbar 9:openstack-dashboard-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-api-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-conductor-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-dhcp-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-ha-tool-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-l3-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-linuxbridge-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-macvtap-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-metadata-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-metering-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-openvswitch-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-server-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-cells-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-compute-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-conductor-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-console-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-novncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-placement-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-scheduler-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-serialproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-vncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-Django1-1.11.29-3.25.1.noarch", "SUSE OpenStack Cloud Crowbar 9:python-elementpath-1.3.1-1.3.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-horizon-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud Crowbar 9:python-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-openstack_auth-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-py-1.5.4-3.3.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-pysaml2-4.5.0-4.6.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-xmlschema-1.0.18-1.3.2.noarch", "SUSE OpenStack Cloud Crowbar 9:ruby2.1-rubygem-activerecord-session_store-0.1.2-4.3.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", version: "3.1", }, products: [ "SUSE OpenStack Cloud 9:ardana-neutron-9.0+git.1615223676.777f0b3-3.25.2.noarch", "SUSE OpenStack Cloud 9:ardana-swift-9.0+git.1618235096.90974ed-3.10.2.noarch", "SUSE OpenStack Cloud 9:cassandra-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud 9:cassandra-tools-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud 9:grafana-6.7.4-3.23.2.x86_64", "SUSE OpenStack Cloud 9:kibana-4.6.6-4.9.2.x86_64", "SUSE OpenStack Cloud 9:openstack-dashboard-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-api-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-conductor-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-dhcp-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-ha-tool-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-l3-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-linuxbridge-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-macvtap-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-metadata-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-metering-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-openvswitch-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-server-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:openstack-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-cells-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-compute-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-conductor-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-console-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-novncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-placement-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-scheduler-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-serialproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:openstack-nova-vncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:python-Django1-1.11.29-3.25.1.noarch", "SUSE OpenStack Cloud 9:python-elementpath-1.3.1-1.3.2.noarch", "SUSE OpenStack Cloud 9:python-horizon-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud 9:python-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud 9:python-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud 9:python-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud 9:python-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud 9:python-openstack_auth-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud 9:python-py-1.5.4-3.3.2.noarch", "SUSE OpenStack Cloud 9:python-pysaml2-4.5.0-4.6.2.noarch", "SUSE OpenStack Cloud 9:python-xmlschema-1.0.18-1.3.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-barbican-x86_64-7.0.1~dev24-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-cinder-x86_64-13.0.10~dev20-3.26.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-designate-x86_64-7.0.2~dev2-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-glance-x86_64-17.0.1~dev30-3.21.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-heat-x86_64-11.0.4~dev4-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-horizon-x86_64-14.1.1~dev11-4.27.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-ironic-x86_64-11.1.5~dev17-4.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-keystone-x86_64-14.2.1~dev4-3.24.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-magnum-x86_64-7.2.1~dev1-4.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-manila-x86_64-7.4.2~dev60-3.29.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-monasca-ceilometer-x86_64-1.8.2~dev3-3.23.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-monasca-x86_64-2.7.1~dev10-3.21.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-neutron-x86_64-13.0.8~dev164-6.27.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-nova-x86_64-18.3.1~dev82-3.27.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-octavia-x86_64-3.2.3~dev7-4.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-sahara-x86_64-9.0.2~dev15-3.23.1.noarch", "SUSE OpenStack Cloud 9:venv-openstack-swift-x86_64-2.19.2~dev48-2.18.1.noarch", "SUSE OpenStack Cloud Crowbar 9:cassandra-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud Crowbar 9:cassandra-tools-3.11.10-3.3.3.x86_64", "SUSE OpenStack Cloud Crowbar 9:crowbar-openstack-6.0+git.1616146717.a89ae0f4e-3.34.4.noarch", "SUSE OpenStack Cloud Crowbar 9:grafana-6.7.4-3.23.2.x86_64", "SUSE OpenStack Cloud Crowbar 9:kibana-4.6.6-4.9.2.x86_64", "SUSE OpenStack Cloud Crowbar 9:openstack-dashboard-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-api-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-conductor-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-dhcp-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-ha-tool-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-l3-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-linuxbridge-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-macvtap-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-metadata-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-metering-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-openvswitch-agent-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-server-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-cells-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-compute-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-conductor-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-console-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-novncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-placement-api-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-scheduler-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-serialproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-vncproxy-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-Django1-1.11.29-3.25.1.noarch", "SUSE OpenStack Cloud Crowbar 9:python-elementpath-1.3.1-1.3.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-horizon-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-ironic-11.1.5~dev17-3.25.5.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-13.0.8~dev164-3.37.4.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-gbp-12.0.1~dev29-3.25.3.noarch", "SUSE OpenStack Cloud Crowbar 9:python-nova-18.3.1~dev82-3.37.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-openstack_auth-14.1.1~dev11-3.24.6.noarch", "SUSE OpenStack Cloud Crowbar 9:python-py-1.5.4-3.3.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-pysaml2-4.5.0-4.6.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-xmlschema-1.0.18-1.3.2.noarch", "SUSE OpenStack Cloud Crowbar 9:ruby2.1-rubygem-activerecord-session_store-0.1.2-4.3.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2021-06-11T13:13:53Z", details: "important", }, ], title: "CVE-2021-33571", }, ], }
suse-su-2020:3897-1
Vulnerability from csaf_suse
Published
2020-12-21 12:51
Modified
2020-12-21 12:51
Summary
Security update for ardana-cassandra, ardana-mq, ardana-osconfig, ardana-tempest, crowbar-core, crowbar-openstack, grafana, influxdb, openstack-cinder, openstack-heat, openstack-heat-gbp, openstack-heat-templates, openstack-horizon-plugin-gbp-ui, openstack-ironic-python-agent, openstack-manila, openstack-neutron, openstack-neutron-gbp, openstack-neutron-vpnaas, openstack-nova, python-Jinja2, python-pysaml2, python-pytest, python-urllib3, release-notes-suse-openstack-cloud, spark
Notes
Title of the patch
Security update for ardana-cassandra, ardana-mq, ardana-osconfig, ardana-tempest, crowbar-core, crowbar-openstack, grafana, influxdb, openstack-cinder, openstack-heat, openstack-heat-gbp, openstack-heat-templates, openstack-horizon-plugin-gbp-ui, openstack-ironic-python-agent, openstack-manila, openstack-neutron, openstack-neutron-gbp, openstack-neutron-vpnaas, openstack-nova, python-Jinja2, python-pysaml2, python-pytest, python-urllib3, release-notes-suse-openstack-cloud, spark
Description of the patch
This update for ardana-cassandra, ardana-mq, ardana-osconfig, ardana-tempest, crowbar-core, crowbar-openstack, grafana, influxdb, openstack-cinder, openstack-heat, openstack-heat-gbp, openstack-heat-templates, openstack-horizon-plugin-gbp-ui, openstack-ironic-python-agent, openstack-manila, openstack-neutron, openstack-neutron-gbp, openstack-neutron-vpnaas, openstack-nova, python-Jinja2, python-pysaml2, python-pytest, python-urllib3, release-notes-suse-openstack-cloud, spark fixes the following issues:
Security changes included on this update:
grafana:
- CVE-2020-24303: Fixed an XXS with series overides. (bsc#1178243)
influxdb:
- CVE-2019-20933: Fixed an authentication bypass. (bsc#1178988)
python-Jinja2:
- CVE-2019-10906,CVE-2019-8341,CVE-2016-10745: 'SandboxedEnvironment' securely handles 'str.format_map' in order
to prevent code execution through untrusted format strings. (bsc#1132323, bsc#1125815, bsc#1132174)
python-pysaml2:
- CVE-2020-5390: Fixed an issue where there was no check that the signature in a SAML document is enveloped. (bsc#1160851)
python-urllib3:
- CVE-2020-26137: Fixed a CRLF injection via HTTP request method. (bsc#1177120)
Non-security changes included in this update:
Changes in ardana-cassandra:
- Update to version 9.0+git.1600802664.7e480a2:
* Remove freezer related backup/restore code (SOC-7751)
Changes in ardana-mq:
- Update to version 9.0+git.1605174486.a78ddce:
* Re-enable mirroring of fanout and reply queues (bsc#1177611)
Changes in ardana-osconfig:
- Update to version 9.0+git.1601621747.a87e5a0:
* HOS8 check needs to be a shell rather than command (SOC-11184)
Changes in ardana-tempest:
- Update to version 9.0+git.1603378983.fc0bca9:
* Enable VPNaaS testing (SOC-8764)
- Update to version 9.0+git.1599855218.875b2f3:
* unblacklist some revert tests (SOC-9178)
Changes in crowbar-core:
- Update to version 6.0+git.1606314264.bf9ada813:
* ntp: Do not use rate-limiting (bsc#1179161)
- Update to version 6.0+git.1600414599.150832ca2:
* Ignore CVE-2020-15169 (SOC-11391)
Changes in crowbar-openstack:
- Update to version 6.0+git.1604573541.bb18c172d:
* rabbitmq: Fix crm running check (SOC-11240)
- Update to version 6.0+git.1604491402.b4dbba849:
* Remove aspiers from CODEOWNERS
* Remove cmurphy from CODEOWNERS
Changes in grafana:
- Fix bsc#1178243 CVE-2020-24303 by adding
25401-Fix-XSS-vulnerability-with-series-overrides.patch
Changes in influxdb:
- Add CVE-2019-20933.patch (bsc#1178988, CVE-2019-20933) to
fix authentication bypass
- Declare license files correctly
Changes in openstack-cinder:
- Update to version cinder-13.0.10.dev20:
* PowerMax Driver - Legacy volumes fail to live migrate
- Update to version cinder-13.0.10.dev19:
* RBD: Cleanup temporary file during exception
- Update to version cinder-13.0.10.dev17:
* Remove experimental job legacy-tempest-dsvm-zeromq-multibackend
Changes in openstack-cinder:
- Update to version cinder-13.0.10.dev20:
* PowerMax Driver - Legacy volumes fail to live migrate
- Update to version cinder-13.0.10.dev19:
* RBD: Cleanup temporary file during exception
- Update to version cinder-13.0.10.dev17:
* Remove experimental job legacy-tempest-dsvm-zeromq-multibackend
Changes in openstack-heat:
- Update to version openstack-heat-11.0.4.dev4:
* Check external resources after creation
- Update to version openstack-heat-11.0.4.dev2:
* Don't store signal\_url for ec2 signaling of deployments
* Allow scale-down of ASG as part of update
11.0.3
Changes in openstack-heat:
- Update to version openstack-heat-11.0.4.dev4:
* Check external resources after creation
- Update to version openstack-heat-11.0.4.dev2:
* Don't store signal\_url for ec2 signaling of deployments
* Allow scale-down of ASG as part of update
11.0.3
Changes in openstack-heat-gbp:
- Update to version group-based-policy-automation-12.0.1.dev2:
* Add support for victoria
- Update to version group-based-policy-automation-12.0.1.dev1:
* Add network\_id field for L2 Policy Heat Extensions
12.0.0
* Add support for ussuri
* Fix master/train gate
* Add support for train
10.0.0
* Upgrade for stable/stein branch
9.0.0
* Updated with 'stable/rocky' branch
* Replace openstack.org URLs with 'git+https://'
* OpenDev Migration Patch
Changes in openstack-heat-templates:
- Update to version 0.0.0+git.1605509190.64f020b:
* Fix software config on rdo
* optimize size and time using --no-cache-dir
* add template for servers using Octavia
- Update to version 0.0.0+git.1604032742.c5733ee:
* Move heat-templates-check job to zuul v3
Changes in openstack-horizon-plugin-gbp-ui:
- Update to version group-based-policy-ui-12.0.1.dev3:
* Remove mox3 from requirements
- Update to version group-based-policy-ui-12.0.1.dev2:
* Fix python namespacing
* Add stable victoria
12.0.0
* Add support for ussuri
* Fix master/train gate
* Add support for train
10.0.0
* Upgrade for stable/stein branch
9.0.0
* Upgrading for stable/rocky branch
* Added Python3 support
* OpenDev Migration Patch
Changes in openstack-ironic-python-agent:
- Update to version ironic-python-agent-3.3.4.dev6:
* Fix: make Intel CNA hardware manager none generic
Changes in openstack-manila:
- Update to version manila-7.4.2.dev57:
* fix reno file location and indention
- Update to version manila-7.4.2.dev56:
* [Glusterfs] Fix delete share, Couldn't find the 'gluster\_used\_vols'
- Update to version manila-7.4.2.dev55:
* [Glusterfs] Fix delete share, mount point not disconnected
Changes in openstack-manila:
- Update to version manila-7.4.2.dev57:
* fix reno file location and indention
- Update to version manila-7.4.2.dev56:
* [Glusterfs] Fix delete share, Couldn't find the 'gluster\_used\_vols'
- Update to version manila-7.4.2.dev55:
* [Glusterfs] Fix delete share, mount point not disconnected
Changes in openstack-neutron:
- Update to version neutron-13.0.8.dev135:
* Rehome api tests for propagate\_uplink\_status
- Update to version neutron-13.0.8.dev134:
* Revert '[Security] fix allowed-address-pair 0.0.0.0/0 issue'
- Update to version neutron-13.0.8.dev132:
* Drop invalid rootwrap filters
* ovs firewall: fix mac learning on the ingress rule table when ovs offload enabled
* Add update\_id for ResourceUpdate
- Update to version neutron-13.0.8.dev126:
* 'ping'/'ping6' command support in rootwrap filters
- Update to version neutron-13.0.8.dev124:
* Import 'oslo\_config.cfg' before 'eventlet'
* [OvS] Handle re\_added multi ports
- Update to version neutron-13.0.8.dev120:
* Local mac direct flow for non-openflow firewall
* Replace ctype.CDLL by ctypes.PyDLL in linux.ip\_lib
- Update to version neutron-13.0.8.dev116:
* Support gateway which is not in subnet CIDR in ha\_router
* Ensure fip ip rules deleted when fip removed
- Update to version neutron-13.0.8.dev112:
* windows: fix terminating processes
* [stable/rocky] Drop rally job
* Don't raise FileNotFoundError during disabling keepalived
* Load the glibc library only once for Pyroute2
- Update to version neutron-13.0.8.dev106:
* Do not fail deleting namespace if it does not exist
- Update to version neutron-13.0.8.dev104:
* Avoid raising NetworkInterfaceNotFound exception in DHCP agent logs
- Update to version neutron-13.0.8.dev103:
* Use dict .get() to avoid a KeyError in the segment plugin
- Update to version neutron-13.0.8.dev101:
* Pass context in l3 flavor notifications
* Handle properly existing LLA address during l3 agent restart
- Update to version neutron-13.0.8.dev97:
* Add 'keepalived\_use\_no\_track' config option
Changes in openstack-neutron:
- Update to version neutron-13.0.8.dev135:
* Rehome api tests for propagate\_uplink\_status
- Update to version neutron-13.0.8.dev134:
* Revert '[Security] fix allowed-address-pair 0.0.0.0/0 issue'
- Update to version neutron-13.0.8.dev132:
* Drop invalid rootwrap filters
* ovs firewall: fix mac learning on the ingress rule table when ovs offload enabled
* Add update\_id for ResourceUpdate
- Update to version neutron-13.0.8.dev126:
* 'ping'/'ping6' command support in rootwrap filters
- Update to version neutron-13.0.8.dev124:
* Import 'oslo\_config.cfg' before 'eventlet'
* [OvS] Handle re\_added multi ports
- Update to version neutron-13.0.8.dev120:
* Local mac direct flow for non-openflow firewall
* Replace ctype.CDLL by ctypes.PyDLL in linux.ip\_lib
- Update to version neutron-13.0.8.dev116:
* Support gateway which is not in subnet CIDR in ha\_router
* Ensure fip ip rules deleted when fip removed
- Update to version neutron-13.0.8.dev112:
* windows: fix terminating processes
* [stable/rocky] Drop rally job
* Don't raise FileNotFoundError during disabling keepalived
* Load the glibc library only once for Pyroute2
- Update to version neutron-13.0.8.dev106:
* Do not fail deleting namespace if it does not exist
- Update to version neutron-13.0.8.dev104:
* Avoid raising NetworkInterfaceNotFound exception in DHCP agent logs
- Update to version neutron-13.0.8.dev103:
* Use dict .get() to avoid a KeyError in the segment plugin
- Update to version neutron-13.0.8.dev101:
* Pass context in l3 flavor notifications
* Handle properly existing LLA address during l3 agent restart
- Update to version neutron-13.0.8.dev97:
* Add 'keepalived\_use\_no\_track' config option
Changes in openstack-neutron-gbp:
- Update to version group-based-policy-12.0.1.dev5:
* Fix ICMP type and ICMP code fields for named and numbered ICMP Protocol
2014.2.0rc1
- Update to version group-based-policy-12.0.1.dev4:
* Fix erroneous comma (,) in the LOG.exception call
2014.2rc1
- Update to version group-based-policy-12.0.1.dev3:
* Fix top of tree in gate
* Endpoint level qos changes
12.0.0
* Add support for ussuri
* Update subnets for SVI port corresponding to bound port
* Fix the intermittent QOS UT failure
* Fixed the QOS UT failure
* Use train branch instead of stein
* Add support for train
* Prepare for removal of CommonDbMixin
* Make AIM dsvm job voting
* Add support for upstream Stein release
* Fix python2/3 compatibility
* Fix DNS Domain Name in endpoint file
* When a subnet added to a bound SVI port, ensure it is added to SVI port
* Add support for qos
* Fix DNS issue in endpoint file
* [AIM] Add pre-existing BD to network extension
* Remove get\_current\_session
* Remove get\_current\_session method
* [AIM] Add EPG contract masters to network extension
* Revert 'Remove get\_current\_session method'
* Remove get\_current\_session method
* Support Dual Stack on SVI nets along with BGP
9.0.0
* Add support for upstream Rocky release
* Cleanup Queens (part 2)
* Fix missing DB migration
* Make aim functional gate job voting
* Added Python3 support
* [AIM] Sanitize the AIM tenant description field
* Fix field sizes for VM names
* Bind baremetal VNIC trunk ports
* Fix missing trunk\_details for a trunk without subports
* [AIM] Insert remote\_group\_id to SG rules properly
* Revert '[AIM] Convert remote\_ips for SG rules properly'
* Cleanup Queens
* [AIM] Convert remote\_ips for SG rules properly
* Clean up baremetal port handling
* [AIM] Clean up the mock and stop the looping thread in the UT env
* Don't stop this looping thread when an exception is thrown
* [AIM] Fix router\_id allocation for SVI
* Support non SVI static VLAN type segments with OpFlex agent
* Baremetal VNIC Trunk support
* [AIM] Don't queue notifications (4 of 4)
* [AIM] Don't queue registry callbacks (3 of 4)
* [AIM] Enable Neutron transaction guards (2 of 4)
* Don't call GBP or Neutron APIs from GBP PD precommit methods
* [AIM] Retry L3 Plugin Operations
* [AIM] Fix most common random UT failures
* [AIM] Fixed external subnet ANY\_CIDRs for l3out EPGs for SVI
* Revert 'Nested domain parameters support for openShift networks'
* Fix for unbinding baremetal VNIC ports
* Nested domain parameters support for openShift networks
* Fix tox coverage job
* Add suport for baremetal vnic\_type
2014.2.rc1
Changes in openstack-neutron-vpnaas:
- Remove remove-tempest-entry-point.patch thus enabling the
tempest_vpnaas plugin for tempest testing. (SCRD-8681)
- Package the neutron-vpnaas/tests/ directory contents in a new RPM
RPM package, python-neutron-vpnaas-tempest-plugin, that depend on
python-neutron-vpnaas, which provides the main neutron-vpnaas
code base. Additionally this new package can now safely depend on
the python-neutron-tempest-plugin package, providing the required
neutron_tempest_plugin module, without causing tempest packages
to be installed when python-neutron-vpnaas installed. (SOC-8764)
NOTE: This implicitly enables the neutron_tempest_plugin.
- Corrected LBaaS references to VPNaaS.
Changes in openstack-nova:
- Update to version nova-18.3.1.dev77:
* Follow up for cherry-pick check for merge patch
- Update to version nova-18.3.1.dev76:
* post live migration: don't call Neutron needlessly
- Update to version nova-18.3.1.dev74:
* libvirt: Do not reference VIR\_ERR\_DEVICE\_MISSING when libvirt is smaller than v4.1.0
- Update to version nova-18.3.1.dev72:
* libvirt: Handle VIR\_ERR\_DEVICE\_MISSING when detaching devices
- Update to version nova-18.3.1.dev70:
* compute: Don't delete the original attachment during pre LM rollback
* Add regression tests for bug #1889108
* compute: refactor volume bdm rollback error handling
- Update to version nova-18.3.1.dev64:
* compute: Use source\_bdms to reset attachment\_ids during LM rollback
* Robustify attachment tracking in CinderFixtureNewAttachFlow
- Update to version nova-18.3.1.dev60:
* Improve CinderFixtureNewAttachFlow
- Update to version nova-18.3.1.dev58:
* Removed the host FQDN from the exception message
- Update to version nova-18.3.1.dev56:
* libvirt: Provide VIR\_MIGRATE\_PARAM\_PERSIST\_XML during live migration
Changes in openstack-nova:
- Update to version nova-18.3.1.dev77:
* Follow up for cherry-pick check for merge patch
- Update to version nova-18.3.1.dev76:
* post live migration: don't call Neutron needlessly
- Update to version nova-18.3.1.dev74:
* libvirt: Do not reference VIR\_ERR\_DEVICE\_MISSING when libvirt is smaller than v4.1.0
- Update to version nova-18.3.1.dev72:
* libvirt: Handle VIR\_ERR\_DEVICE\_MISSING when detaching devices
- Update to version nova-18.3.1.dev70:
* compute: Don't delete the original attachment during pre LM rollback
* Add regression tests for bug #1889108
* compute: refactor volume bdm rollback error handling
- Update to version nova-18.3.1.dev64:
* compute: Use source\_bdms to reset attachment\_ids during LM rollback
* Robustify attachment tracking in CinderFixtureNewAttachFlow
- Update to version nova-18.3.1.dev60:
* Improve CinderFixtureNewAttachFlow
- Update to version nova-18.3.1.dev58:
* Removed the host FQDN from the exception message
- Rebased patches:
+ 0004-Provide-VIR_MIGRATE_PARAM_PERSIST_XML-during-live-migration.patch dropped (merged upstream)
- Update to version nova-18.3.1.dev56:
* libvirt: Provide VIR\_MIGRATE\_PARAM\_PERSIST\_XML during live migration
Changes in python-Jinja2:
- Trim bias from descriptions. Make sure % is escaped.
- update to version 2.10.1 (bsc#1132323, CVE-2019-10906, bsc#1125815, CVE-2019-8341):
* 'SandboxedEnvironment' securely handles 'str.format_map' in order
to prevent code execution through untrusted format strings. The
sandbox already handled 'str.format'.
- Activate test suite
- Add minimum build dependency to match runtime dependency
- Fix fdupes call
- Remove superfluous devel dependency for noarch package
- Update to 2.9.5 (bsc#1132174, CVE-2016-10745)
Changes in python-pysaml2:
- Add 0001-Fix-XML-Signature-Wrapping-XSW-vulnerabilities.patch
(CVE-2020-5390, bsc#1160851)
Changes in python-pytest:
- update to 3.7.4
- drop 0001-Use-unittest.mock-if-is-only-aviable.patch
* Fix possible infinite recursion when writing .pyc files
* Cache plugin now obeys the -q flag when --last-failed and
--failed-first flags are used.
* Fix bad console output when using console_output_style=classic
* Fixtures during teardown can again use capsys and capfd to inspect
output captured during tests.
* Fix bugs where unicode arguments could not be passed to testdir.runpytest
on Python 2.
* Fix double collection of tests within packages when the filename starts
with a capital letter
* Fix collection error when specifying test functions directly in the command
line using test.py::test syntax together with --doctest-modules
* Fix stdout/stderr not getting captured when real-time cli logging is active.
* Fix bug where --show-capture=no option would still show logs printed during
fixture teardown.
* Fix issue where teardown of fixtures of consecutive sub-packages were
executed once, at the end of the outer package.
- update to 3.7.2
- add 0001-Use-unittest.mock-if-is-only-aviable.patch
* Fix filterwarnings not being registered as a builtin mark.
* Fix test collection from packages mixed with normal directories.
* Fix infinite recursion during collection if a pytest_ignore_collect
hook returns False instead of None.
* Fix bug where decorated fixtures would lose functionality
* Fix bug where importing modules or other objects with prefix pytest_ prefix
would raise a PluginValidationError.
* Fix AttributeError during teardown of TestCase subclasses which raise
an exception during __init__.
* Fix traceback reporting for exceptions with __cause__ cycles.
Changes in python-pytest:
- update to 3.7.4
- drop 0001-Use-unittest.mock-if-is-only-aviable.patch
* Fix possible infinite recursion when writing .pyc files
* Cache plugin now obeys the -q flag when --last-failed and
--failed-first flags are used.
* Fix bad console output when using console_output_style=classic
* Fixtures during teardown can again use capsys and capfd to inspect
output captured during tests.
* Fix bugs where unicode arguments could not be passed to testdir.runpytest
on Python 2.
* Fix double collection of tests within packages when the filename starts
with a capital letter
* Fix collection error when specifying test functions directly in the command
line using test.py::test syntax together with --doctest-modules
* Fix stdout/stderr not getting captured when real-time cli logging is active.
* Fix bug where --show-capture=no option would still show logs printed during
fixture teardown.
* Fix issue where teardown of fixtures of consecutive sub-packages were
executed once, at the end of the outer package.
- update to 3.7.2
- add 0001-Use-unittest.mock-if-is-only-aviable.patch
* Fix filterwarnings not being registered as a builtin mark.
* Fix test collection from packages mixed with normal directories.
* Fix infinite recursion during collection if a pytest_ignore_collect
hook returns False instead of None.
* Fix bug where decorated fixtures would lose functionality
* Fix bug where importing modules or other objects with prefix pytest_ prefix
would raise a PluginValidationError.
* Fix AttributeError during teardown of TestCase subclasses which raise
an exception during __init__.
* Fix traceback reporting for exceptions with __cause__ cycles.
Changes in python-urllib3:
- Update urllib3-fix-test-urls.patch. Adjust to match upstream solution.
- Add urllib3-fix-test-urls.patch. Fix tests failing on python checks for
CVE-2019-9740.
- Add urllib3-cve-2020-26137.patch. Don't allow control chars in request
method. (bsc#1177120, CVE-2020-26137)
Changes in release-notes-suse-openstack-cloud:
- Update to version 9.20200917:
* Change wording to correctly refer to future SES versions
* Update adoc/limitations.adoc
* Add SES version limitation, remove deprecated note about Octavia for Crowbar
- Update to version 9.20200917:
* Announce Upgrade is now available (SOC-9781)
Changes in spark:
- Add _constraints to prevent build from running out of disk space
Patchnames
SUSE-2020-3897,SUSE-OpenStack-Cloud-9-2020-3897,SUSE-OpenStack-Cloud-Crowbar-9-2020-3897
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Security update for ardana-cassandra, ardana-mq, ardana-osconfig, ardana-tempest, crowbar-core, crowbar-openstack, grafana, influxdb, openstack-cinder, openstack-heat, openstack-heat-gbp, openstack-heat-templates, openstack-horizon-plugin-gbp-ui, openstack-ironic-python-agent, openstack-manila, openstack-neutron, openstack-neutron-gbp, openstack-neutron-vpnaas, openstack-nova, python-Jinja2, python-pysaml2, python-pytest, python-urllib3, release-notes-suse-openstack-cloud, spark", title: "Title of the patch", }, { category: "description", text: "This update for ardana-cassandra, ardana-mq, ardana-osconfig, ardana-tempest, crowbar-core, crowbar-openstack, grafana, influxdb, openstack-cinder, openstack-heat, openstack-heat-gbp, openstack-heat-templates, openstack-horizon-plugin-gbp-ui, openstack-ironic-python-agent, openstack-manila, openstack-neutron, openstack-neutron-gbp, openstack-neutron-vpnaas, openstack-nova, python-Jinja2, python-pysaml2, python-pytest, python-urllib3, release-notes-suse-openstack-cloud, spark fixes the following issues:\n\nSecurity changes included on this update:\n\ngrafana:\n- CVE-2020-24303: Fixed an XXS with series overides. (bsc#1178243)\n\ninfluxdb:\n- CVE-2019-20933: Fixed an authentication bypass. (bsc#1178988)\n\npython-Jinja2:\n- CVE-2019-10906,CVE-2019-8341,CVE-2016-10745: 'SandboxedEnvironment' securely handles 'str.format_map' in order\n to prevent code execution through untrusted format strings. (bsc#1132323, bsc#1125815, bsc#1132174)\n\npython-pysaml2:\n- CVE-2020-5390: Fixed an issue where there was no check that the signature in a SAML document is enveloped. (bsc#1160851)\n\npython-urllib3:\n- CVE-2020-26137: Fixed a CRLF injection via HTTP request method. (bsc#1177120)\n\nNon-security changes included in this update:\n\nChanges in ardana-cassandra:\n- Update to version 9.0+git.1600802664.7e480a2:\n * Remove freezer related backup/restore code (SOC-7751)\n\nChanges in ardana-mq:\n- Update to version 9.0+git.1605174486.a78ddce:\n * Re-enable mirroring of fanout and reply queues (bsc#1177611)\n\nChanges in ardana-osconfig:\n- Update to version 9.0+git.1601621747.a87e5a0:\n * HOS8 check needs to be a shell rather than command (SOC-11184)\n\nChanges in ardana-tempest:\n- Update to version 9.0+git.1603378983.fc0bca9:\n * Enable VPNaaS testing (SOC-8764)\n\n- Update to version 9.0+git.1599855218.875b2f3:\n * unblacklist some revert tests (SOC-9178)\n\nChanges in crowbar-core:\n- Update to version 6.0+git.1606314264.bf9ada813:\n * ntp: Do not use rate-limiting (bsc#1179161)\n\n- Update to version 6.0+git.1600414599.150832ca2:\n * Ignore CVE-2020-15169 (SOC-11391)\n\nChanges in crowbar-openstack:\n- Update to version 6.0+git.1604573541.bb18c172d:\n * rabbitmq: Fix crm running check (SOC-11240)\n\n- Update to version 6.0+git.1604491402.b4dbba849:\n * Remove aspiers from CODEOWNERS\n * Remove cmurphy from CODEOWNERS\n\nChanges in grafana:\n- Fix bsc#1178243 CVE-2020-24303 by adding\n 25401-Fix-XSS-vulnerability-with-series-overrides.patch \n\nChanges in influxdb:\n- Add CVE-2019-20933.patch (bsc#1178988, CVE-2019-20933) to\n fix authentication bypass \n- Declare license files correctly\n\nChanges in openstack-cinder:\n- Update to version cinder-13.0.10.dev20:\n * PowerMax Driver - Legacy volumes fail to live migrate\n\n- Update to version cinder-13.0.10.dev19:\n * RBD: Cleanup temporary file during exception\n\n- Update to version cinder-13.0.10.dev17:\n * Remove experimental job legacy-tempest-dsvm-zeromq-multibackend\n\nChanges in openstack-cinder:\n- Update to version cinder-13.0.10.dev20:\n * PowerMax Driver - Legacy volumes fail to live migrate\n\n- Update to version cinder-13.0.10.dev19:\n * RBD: Cleanup temporary file during exception\n\n- Update to version cinder-13.0.10.dev17:\n * Remove experimental job legacy-tempest-dsvm-zeromq-multibackend\n\nChanges in openstack-heat:\n- Update to version openstack-heat-11.0.4.dev4:\n * Check external resources after creation\n\n- Update to version openstack-heat-11.0.4.dev2:\n * Don't store signal\\_url for ec2 signaling of deployments\n * Allow scale-down of ASG as part of update\n 11.0.3\n\nChanges in openstack-heat:\n- Update to version openstack-heat-11.0.4.dev4:\n * Check external resources after creation\n\n- Update to version openstack-heat-11.0.4.dev2:\n * Don't store signal\\_url for ec2 signaling of deployments\n * Allow scale-down of ASG as part of update\n 11.0.3\n\nChanges in openstack-heat-gbp:\n- Update to version group-based-policy-automation-12.0.1.dev2:\n * Add support for victoria\n\n- Update to version group-based-policy-automation-12.0.1.dev1:\n * Add network\\_id field for L2 Policy Heat Extensions\n 12.0.0\n * Add support for ussuri\n * Fix master/train gate\n * Add support for train\n 10.0.0\n * Upgrade for stable/stein branch\n 9.0.0\n * Updated with 'stable/rocky' branch\n * Replace openstack.org URLs with 'git+https://'\n * OpenDev Migration Patch\n\nChanges in openstack-heat-templates:\n- Update to version 0.0.0+git.1605509190.64f020b:\n * Fix software config on rdo\n * optimize size and time using --no-cache-dir\n * add template for servers using Octavia\n\n- Update to version 0.0.0+git.1604032742.c5733ee:\n * Move heat-templates-check job to zuul v3\n\nChanges in openstack-horizon-plugin-gbp-ui:\n- Update to version group-based-policy-ui-12.0.1.dev3:\n * Remove mox3 from requirements\n\n- Update to version group-based-policy-ui-12.0.1.dev2:\n * Fix python namespacing\n * Add stable victoria\n 12.0.0\n * Add support for ussuri\n * Fix master/train gate\n * Add support for train\n 10.0.0\n * Upgrade for stable/stein branch\n 9.0.0\n * Upgrading for stable/rocky branch\n * Added Python3 support\n * OpenDev Migration Patch\n\nChanges in openstack-ironic-python-agent:\n- Update to version ironic-python-agent-3.3.4.dev6:\n * Fix: make Intel CNA hardware manager none generic\n\nChanges in openstack-manila:\n- Update to version manila-7.4.2.dev57:\n * fix reno file location and indention\n\n- Update to version manila-7.4.2.dev56:\n * [Glusterfs] Fix delete share, Couldn't find the 'gluster\\_used\\_vols'\n\n- Update to version manila-7.4.2.dev55:\n * [Glusterfs] Fix delete share, mount point not disconnected\n\nChanges in openstack-manila:\n- Update to version manila-7.4.2.dev57:\n * fix reno file location and indention\n\n- Update to version manila-7.4.2.dev56:\n * [Glusterfs] Fix delete share, Couldn't find the 'gluster\\_used\\_vols'\n\n- Update to version manila-7.4.2.dev55:\n * [Glusterfs] Fix delete share, mount point not disconnected\n\nChanges in openstack-neutron:\n- Update to version neutron-13.0.8.dev135:\n * Rehome api tests for propagate\\_uplink\\_status\n\n- Update to version neutron-13.0.8.dev134:\n * Revert '[Security] fix allowed-address-pair 0.0.0.0/0 issue'\n\n- Update to version neutron-13.0.8.dev132:\n * Drop invalid rootwrap filters\n * ovs firewall: fix mac learning on the ingress rule table when ovs offload enabled\n * Add update\\_id for ResourceUpdate\n\n- Update to version neutron-13.0.8.dev126:\n * 'ping'/'ping6' command support in rootwrap filters\n\n- Update to version neutron-13.0.8.dev124:\n * Import 'oslo\\_config.cfg' before 'eventlet'\n * [OvS] Handle re\\_added multi ports\n\n- Update to version neutron-13.0.8.dev120:\n * Local mac direct flow for non-openflow firewall\n * Replace ctype.CDLL by ctypes.PyDLL in linux.ip\\_lib\n\n- Update to version neutron-13.0.8.dev116:\n * Support gateway which is not in subnet CIDR in ha\\_router\n * Ensure fip ip rules deleted when fip removed\n\n- Update to version neutron-13.0.8.dev112:\n * windows: fix terminating processes\n * [stable/rocky] Drop rally job\n * Don't raise FileNotFoundError during disabling keepalived\n * Load the glibc library only once for Pyroute2\n\n- Update to version neutron-13.0.8.dev106:\n * Do not fail deleting namespace if it does not exist\n\n- Update to version neutron-13.0.8.dev104:\n * Avoid raising NetworkInterfaceNotFound exception in DHCP agent logs\n\n- Update to version neutron-13.0.8.dev103:\n * Use dict .get() to avoid a KeyError in the segment plugin\n\n- Update to version neutron-13.0.8.dev101:\n * Pass context in l3 flavor notifications\n * Handle properly existing LLA address during l3 agent restart\n\n- Update to version neutron-13.0.8.dev97:\n * Add 'keepalived\\_use\\_no\\_track' config option\n\nChanges in openstack-neutron:\n- Update to version neutron-13.0.8.dev135:\n * Rehome api tests for propagate\\_uplink\\_status\n\n- Update to version neutron-13.0.8.dev134:\n * Revert '[Security] fix allowed-address-pair 0.0.0.0/0 issue'\n\n- Update to version neutron-13.0.8.dev132:\n * Drop invalid rootwrap filters\n * ovs firewall: fix mac learning on the ingress rule table when ovs offload enabled\n * Add update\\_id for ResourceUpdate\n\n- Update to version neutron-13.0.8.dev126:\n * 'ping'/'ping6' command support in rootwrap filters\n\n- Update to version neutron-13.0.8.dev124:\n * Import 'oslo\\_config.cfg' before 'eventlet'\n * [OvS] Handle re\\_added multi ports\n\n- Update to version neutron-13.0.8.dev120:\n * Local mac direct flow for non-openflow firewall\n * Replace ctype.CDLL by ctypes.PyDLL in linux.ip\\_lib\n\n- Update to version neutron-13.0.8.dev116:\n * Support gateway which is not in subnet CIDR in ha\\_router\n * Ensure fip ip rules deleted when fip removed\n\n- Update to version neutron-13.0.8.dev112:\n * windows: fix terminating processes\n * [stable/rocky] Drop rally job\n * Don't raise FileNotFoundError during disabling keepalived\n * Load the glibc library only once for Pyroute2\n\n- Update to version neutron-13.0.8.dev106:\n * Do not fail deleting namespace if it does not exist\n\n- Update to version neutron-13.0.8.dev104:\n * Avoid raising NetworkInterfaceNotFound exception in DHCP agent logs\n\n- Update to version neutron-13.0.8.dev103:\n * Use dict .get() to avoid a KeyError in the segment plugin\n\n- Update to version neutron-13.0.8.dev101:\n * Pass context in l3 flavor notifications\n * Handle properly existing LLA address during l3 agent restart\n\n- Update to version neutron-13.0.8.dev97:\n * Add 'keepalived\\_use\\_no\\_track' config option\n\nChanges in openstack-neutron-gbp:\n- Update to version group-based-policy-12.0.1.dev5:\n * Fix ICMP type and ICMP code fields for named and numbered ICMP Protocol\n 2014.2.0rc1\n\n- Update to version group-based-policy-12.0.1.dev4:\n * Fix erroneous comma (,) in the LOG.exception call\n 2014.2rc1\n\n- Update to version group-based-policy-12.0.1.dev3:\n * Fix top of tree in gate\n * Endpoint level qos changes\n 12.0.0\n * Add support for ussuri\n * Update subnets for SVI port corresponding to bound port\n * Fix the intermittent QOS UT failure\n * Fixed the QOS UT failure\n * Use train branch instead of stein\n * Add support for train\n * Prepare for removal of CommonDbMixin\n * Make AIM dsvm job voting\n * Add support for upstream Stein release\n * Fix python2/3 compatibility\n * Fix DNS Domain Name in endpoint file\n * When a subnet added to a bound SVI port, ensure it is added to SVI port\n * Add support for qos\n * Fix DNS issue in endpoint file\n * [AIM] Add pre-existing BD to network extension\n * Remove get\\_current\\_session\n * Remove get\\_current\\_session method\n * [AIM] Add EPG contract masters to network extension\n * Revert 'Remove get\\_current\\_session method'\n * Remove get\\_current\\_session method\n * Support Dual Stack on SVI nets along with BGP\n 9.0.0\n * Add support for upstream Rocky release\n * Cleanup Queens (part 2)\n * Fix missing DB migration\n * Make aim functional gate job voting\n * Added Python3 support\n * [AIM] Sanitize the AIM tenant description field\n * Fix field sizes for VM names\n * Bind baremetal VNIC trunk ports\n * Fix missing trunk\\_details for a trunk without subports\n * [AIM] Insert remote\\_group\\_id to SG rules properly\n * Revert '[AIM] Convert remote\\_ips for SG rules properly'\n * Cleanup Queens\n * [AIM] Convert remote\\_ips for SG rules properly\n * Clean up baremetal port handling\n * [AIM] Clean up the mock and stop the looping thread in the UT env\n * Don't stop this looping thread when an exception is thrown\n * [AIM] Fix router\\_id allocation for SVI\n * Support non SVI static VLAN type segments with OpFlex agent\n * Baremetal VNIC Trunk support\n * [AIM] Don't queue notifications (4 of 4)\n * [AIM] Don't queue registry callbacks (3 of 4)\n * [AIM] Enable Neutron transaction guards (2 of 4)\n * Don't call GBP or Neutron APIs from GBP PD precommit methods\n * [AIM] Retry L3 Plugin Operations\n * [AIM] Fix most common random UT failures\n * [AIM] Fixed external subnet ANY\\_CIDRs for l3out EPGs for SVI\n * Revert 'Nested domain parameters support for openShift networks'\n * Fix for unbinding baremetal VNIC ports\n * Nested domain parameters support for openShift networks\n * Fix tox coverage job\n * Add suport for baremetal vnic\\_type\n 2014.2.rc1\n\nChanges in openstack-neutron-vpnaas:\n- Remove remove-tempest-entry-point.patch thus enabling the\n tempest_vpnaas plugin for tempest testing. (SCRD-8681)\n- Package the neutron-vpnaas/tests/ directory contents in a new RPM\n RPM package, python-neutron-vpnaas-tempest-plugin, that depend on\n python-neutron-vpnaas, which provides the main neutron-vpnaas\n code base. Additionally this new package can now safely depend on\n the python-neutron-tempest-plugin package, providing the required\n neutron_tempest_plugin module, without causing tempest packages\n to be installed when python-neutron-vpnaas installed. (SOC-8764)\n NOTE: This implicitly enables the neutron_tempest_plugin.\n- Corrected LBaaS references to VPNaaS.\n\nChanges in openstack-nova:\n- Update to version nova-18.3.1.dev77:\n * Follow up for cherry-pick check for merge patch\n\n- Update to version nova-18.3.1.dev76:\n * post live migration: don't call Neutron needlessly\n\n- Update to version nova-18.3.1.dev74:\n * libvirt: Do not reference VIR\\_ERR\\_DEVICE\\_MISSING when libvirt is smaller than v4.1.0\n\n- Update to version nova-18.3.1.dev72:\n * libvirt: Handle VIR\\_ERR\\_DEVICE\\_MISSING when detaching devices\n\n- Update to version nova-18.3.1.dev70:\n * compute: Don't delete the original attachment during pre LM rollback\n * Add regression tests for bug #1889108\n * compute: refactor volume bdm rollback error handling\n\n- Update to version nova-18.3.1.dev64:\n * compute: Use source\\_bdms to reset attachment\\_ids during LM rollback\n * Robustify attachment tracking in CinderFixtureNewAttachFlow\n\n- Update to version nova-18.3.1.dev60:\n * Improve CinderFixtureNewAttachFlow\n\n- Update to version nova-18.3.1.dev58:\n * Removed the host FQDN from the exception message\n\n- Update to version nova-18.3.1.dev56:\n * libvirt: Provide VIR\\_MIGRATE\\_PARAM\\_PERSIST\\_XML during live migration\n\nChanges in openstack-nova:\n- Update to version nova-18.3.1.dev77:\n * Follow up for cherry-pick check for merge patch\n\n- Update to version nova-18.3.1.dev76:\n * post live migration: don't call Neutron needlessly\n\n- Update to version nova-18.3.1.dev74:\n * libvirt: Do not reference VIR\\_ERR\\_DEVICE\\_MISSING when libvirt is smaller than v4.1.0\n\n- Update to version nova-18.3.1.dev72:\n * libvirt: Handle VIR\\_ERR\\_DEVICE\\_MISSING when detaching devices\n\n- Update to version nova-18.3.1.dev70:\n * compute: Don't delete the original attachment during pre LM rollback\n * Add regression tests for bug #1889108\n * compute: refactor volume bdm rollback error handling\n\n- Update to version nova-18.3.1.dev64:\n * compute: Use source\\_bdms to reset attachment\\_ids during LM rollback\n * Robustify attachment tracking in CinderFixtureNewAttachFlow\n\n- Update to version nova-18.3.1.dev60:\n * Improve CinderFixtureNewAttachFlow\n\n- Update to version nova-18.3.1.dev58:\n * Removed the host FQDN from the exception message\n\n- Rebased patches:\n + 0004-Provide-VIR_MIGRATE_PARAM_PERSIST_XML-during-live-migration.patch dropped (merged upstream)\n\n- Update to version nova-18.3.1.dev56:\n * libvirt: Provide VIR\\_MIGRATE\\_PARAM\\_PERSIST\\_XML during live migration\n\nChanges in python-Jinja2:\n- Trim bias from descriptions. Make sure % is escaped.\n\n- update to version 2.10.1 (bsc#1132323, CVE-2019-10906, bsc#1125815, CVE-2019-8341):\n * 'SandboxedEnvironment' securely handles 'str.format_map' in order\n to prevent code execution through untrusted format strings. The\n sandbox already handled 'str.format'.\n\n- Activate test suite\n- Add minimum build dependency to match runtime dependency\n\n- Fix fdupes call\n\n- Remove superfluous devel dependency for noarch package\n\n- Update to 2.9.5 (bsc#1132174, CVE-2016-10745)\nChanges in python-pysaml2:\n- Add 0001-Fix-XML-Signature-Wrapping-XSW-vulnerabilities.patch\n (CVE-2020-5390, bsc#1160851)\n\nChanges in python-pytest:\n- update to 3.7.4\n- drop 0001-Use-unittest.mock-if-is-only-aviable.patch\n * Fix possible infinite recursion when writing .pyc files\n * Cache plugin now obeys the -q flag when --last-failed and\n --failed-first flags are used.\n * Fix bad console output when using console_output_style=classic\n * Fixtures during teardown can again use capsys and capfd to inspect\n output captured during tests.\n * Fix bugs where unicode arguments could not be passed to testdir.runpytest\n on Python 2.\n * Fix double collection of tests within packages when the filename starts\n with a capital letter\n * Fix collection error when specifying test functions directly in the command\n line using test.py::test syntax together with --doctest-modules\n * Fix stdout/stderr not getting captured when real-time cli logging is active.\n * Fix bug where --show-capture=no option would still show logs printed during\n fixture teardown.\n * Fix issue where teardown of fixtures of consecutive sub-packages were\n executed once, at the end of the outer package.\n\n- update to 3.7.2\n- add 0001-Use-unittest.mock-if-is-only-aviable.patch\n * Fix filterwarnings not being registered as a builtin mark.\n * Fix test collection from packages mixed with normal directories.\n * Fix infinite recursion during collection if a pytest_ignore_collect\n hook returns False instead of None.\n * Fix bug where decorated fixtures would lose functionality\n * Fix bug where importing modules or other objects with prefix pytest_ prefix\n would raise a PluginValidationError.\n * Fix AttributeError during teardown of TestCase subclasses which raise\n an exception during __init__.\n * Fix traceback reporting for exceptions with __cause__ cycles.\n\nChanges in python-pytest:\n- update to 3.7.4\n- drop 0001-Use-unittest.mock-if-is-only-aviable.patch\n * Fix possible infinite recursion when writing .pyc files\n * Cache plugin now obeys the -q flag when --last-failed and\n --failed-first flags are used.\n * Fix bad console output when using console_output_style=classic\n * Fixtures during teardown can again use capsys and capfd to inspect\n output captured during tests.\n * Fix bugs where unicode arguments could not be passed to testdir.runpytest\n on Python 2.\n * Fix double collection of tests within packages when the filename starts\n with a capital letter\n * Fix collection error when specifying test functions directly in the command\n line using test.py::test syntax together with --doctest-modules\n * Fix stdout/stderr not getting captured when real-time cli logging is active.\n * Fix bug where --show-capture=no option would still show logs printed during\n fixture teardown.\n * Fix issue where teardown of fixtures of consecutive sub-packages were\n executed once, at the end of the outer package.\n\n- update to 3.7.2\n- add 0001-Use-unittest.mock-if-is-only-aviable.patch\n * Fix filterwarnings not being registered as a builtin mark.\n * Fix test collection from packages mixed with normal directories.\n * Fix infinite recursion during collection if a pytest_ignore_collect\n hook returns False instead of None.\n * Fix bug where decorated fixtures would lose functionality\n * Fix bug where importing modules or other objects with prefix pytest_ prefix\n would raise a PluginValidationError.\n * Fix AttributeError during teardown of TestCase subclasses which raise\n an exception during __init__.\n * Fix traceback reporting for exceptions with __cause__ cycles.\n\nChanges in python-urllib3:\n- Update urllib3-fix-test-urls.patch. Adjust to match upstream solution.\n\n- Add urllib3-fix-test-urls.patch. Fix tests failing on python checks for\n CVE-2019-9740.\n\n- Add urllib3-cve-2020-26137.patch. Don't allow control chars in request\n method. (bsc#1177120, CVE-2020-26137)\n\nChanges in release-notes-suse-openstack-cloud:\n- Update to version 9.20200917:\n * Change wording to correctly refer to future SES versions\n * Update adoc/limitations.adoc\n * Add SES version limitation, remove deprecated note about Octavia for Crowbar\n\n- Update to version 9.20200917:\n * Announce Upgrade is now available (SOC-9781)\n\nChanges in spark:\n- Add _constraints to prevent build from running out of disk space \n\n ", title: "Description of the patch", }, { category: "details", text: "SUSE-2020-3897,SUSE-OpenStack-Cloud-9-2020-3897,SUSE-OpenStack-Cloud-Crowbar-9-2020-3897", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2020_3897-1.json", }, { category: "self", summary: "URL for SUSE-SU-2020:3897-1", url: "https://www.suse.com/support/update/announcement/2020/suse-su-20203897-1/", }, { category: "self", summary: "E-Mail link for SUSE-SU-2020:3897-1", url: "https://lists.suse.com/pipermail/sle-security-updates/2020-December/008099.html", }, { category: "self", summary: "SUSE Bug 1125815", url: "https://bugzilla.suse.com/1125815", }, { category: "self", summary: "SUSE Bug 1132174", url: "https://bugzilla.suse.com/1132174", }, { category: "self", summary: "SUSE Bug 1132323", url: "https://bugzilla.suse.com/1132323", }, { category: "self", summary: "SUSE Bug 1160851", url: "https://bugzilla.suse.com/1160851", }, { category: "self", summary: "SUSE Bug 1177120", url: "https://bugzilla.suse.com/1177120", }, { category: "self", summary: "SUSE Bug 1177611", url: "https://bugzilla.suse.com/1177611", }, { category: "self", summary: "SUSE Bug 1178243", url: "https://bugzilla.suse.com/1178243", }, { category: "self", summary: "SUSE Bug 1178988", url: "https://bugzilla.suse.com/1178988", }, { category: "self", summary: "SUSE CVE CVE-2016-10745 page", url: "https://www.suse.com/security/cve/CVE-2016-10745/", }, { category: "self", summary: "SUSE CVE CVE-2019-10906 page", url: "https://www.suse.com/security/cve/CVE-2019-10906/", }, { category: "self", summary: "SUSE CVE CVE-2019-20933 page", url: "https://www.suse.com/security/cve/CVE-2019-20933/", }, { category: "self", summary: "SUSE CVE CVE-2019-8341 page", url: "https://www.suse.com/security/cve/CVE-2019-8341/", }, { category: "self", summary: "SUSE CVE CVE-2020-24303 page", url: "https://www.suse.com/security/cve/CVE-2020-24303/", }, { category: "self", summary: "SUSE CVE CVE-2020-26137 page", url: "https://www.suse.com/security/cve/CVE-2020-26137/", }, { category: "self", summary: "SUSE CVE CVE-2020-5390 page", url: "https://www.suse.com/security/cve/CVE-2020-5390/", }, ], title: "Security update for ardana-cassandra, ardana-mq, ardana-osconfig, ardana-tempest, crowbar-core, crowbar-openstack, grafana, influxdb, openstack-cinder, openstack-heat, openstack-heat-gbp, openstack-heat-templates, openstack-horizon-plugin-gbp-ui, openstack-ironic-python-agent, openstack-manila, openstack-neutron, openstack-neutron-gbp, openstack-neutron-vpnaas, openstack-nova, python-Jinja2, python-pysaml2, python-pytest, python-urllib3, release-notes-suse-openstack-cloud, spark", tracking: { current_release_date: "2020-12-21T12:51:34Z", generator: { date: "2020-12-21T12:51:34Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "SUSE-SU-2020:3897-1", initial_release_date: "2020-12-21T12:51:34Z", revision_history: [ { date: "2020-12-21T12:51:34Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "crowbar-core-6.0+git.1606314264.bf9ada813-3.31.2.aarch64", product: { name: "crowbar-core-6.0+git.1606314264.bf9ada813-3.31.2.aarch64", product_id: "crowbar-core-6.0+git.1606314264.bf9ada813-3.31.2.aarch64", }, }, { category: "product_version", name: "crowbar-core-branding-upstream-6.0+git.1606314264.bf9ada813-3.31.2.aarch64", product: { name: "crowbar-core-branding-upstream-6.0+git.1606314264.bf9ada813-3.31.2.aarch64", product_id: "crowbar-core-branding-upstream-6.0+git.1606314264.bf9ada813-3.31.2.aarch64", }, }, { category: "product_version", name: "crowbar-core-devel-6.0+git.1606314264.bf9ada813-3.31.2.aarch64", product: { name: "crowbar-core-devel-6.0+git.1606314264.bf9ada813-3.31.2.aarch64", product_id: "crowbar-core-devel-6.0+git.1606314264.bf9ada813-3.31.2.aarch64", }, }, { category: "product_version", name: "grafana-6.7.4-3.20.1.aarch64", product: { name: "grafana-6.7.4-3.20.1.aarch64", product_id: "grafana-6.7.4-3.20.1.aarch64", }, }, { category: "product_version", name: "influxdb-1.3.8-4.3.3.aarch64", product: { name: "influxdb-1.3.8-4.3.3.aarch64", product_id: "influxdb-1.3.8-4.3.3.aarch64", }, }, { category: "product_version", name: "influxdb-devel-1.3.8-4.3.3.aarch64", product: { name: "influxdb-devel-1.3.8-4.3.3.aarch64", product_id: "influxdb-devel-1.3.8-4.3.3.aarch64", }, }, ], category: "architecture", name: "aarch64", }, { branches: [ { category: "product_version", name: "ardana-cassandra-9.0+git.1600802664.7e480a2-3.6.2.noarch", product: { name: "ardana-cassandra-9.0+git.1600802664.7e480a2-3.6.2.noarch", product_id: "ardana-cassandra-9.0+git.1600802664.7e480a2-3.6.2.noarch", }, }, { category: "product_version", name: "ardana-mq-9.0+git.1605174486.a78ddce-3.19.2.noarch", product: { name: "ardana-mq-9.0+git.1605174486.a78ddce-3.19.2.noarch", product_id: "ardana-mq-9.0+git.1605174486.a78ddce-3.19.2.noarch", }, }, { category: "product_version", name: "ardana-osconfig-9.0+git.1601621747.a87e5a0-3.22.2.noarch", product: { name: "ardana-osconfig-9.0+git.1601621747.a87e5a0-3.22.2.noarch", product_id: "ardana-osconfig-9.0+git.1601621747.a87e5a0-3.22.2.noarch", }, }, { category: "product_version", name: "ardana-tempest-9.0+git.1603378983.fc0bca9-3.19.2.noarch", product: { name: "ardana-tempest-9.0+git.1603378983.fc0bca9-3.19.2.noarch", product_id: "ardana-tempest-9.0+git.1603378983.fc0bca9-3.19.2.noarch", }, }, { category: "product_version", name: "crowbar-openstack-6.0+git.1604573541.bb18c172d-3.28.3.noarch", product: { name: "crowbar-openstack-6.0+git.1604573541.bb18c172d-3.28.3.noarch", product_id: "crowbar-openstack-6.0+git.1604573541.bb18c172d-3.28.3.noarch", }, }, { category: "product_version", name: "openstack-cinder-13.0.10~dev20-3.28.2.noarch", product: { name: "openstack-cinder-13.0.10~dev20-3.28.2.noarch", product_id: "openstack-cinder-13.0.10~dev20-3.28.2.noarch", }, }, { category: "product_version", name: "openstack-cinder-api-13.0.10~dev20-3.28.2.noarch", product: { name: "openstack-cinder-api-13.0.10~dev20-3.28.2.noarch", product_id: "openstack-cinder-api-13.0.10~dev20-3.28.2.noarch", }, }, { category: "product_version", name: "openstack-cinder-backup-13.0.10~dev20-3.28.2.noarch", product: { name: "openstack-cinder-backup-13.0.10~dev20-3.28.2.noarch", product_id: "openstack-cinder-backup-13.0.10~dev20-3.28.2.noarch", }, }, { category: "product_version", name: "openstack-cinder-scheduler-13.0.10~dev20-3.28.2.noarch", product: { name: "openstack-cinder-scheduler-13.0.10~dev20-3.28.2.noarch", product_id: "openstack-cinder-scheduler-13.0.10~dev20-3.28.2.noarch", }, }, { category: "product_version", name: "openstack-cinder-test-13.0.10~dev20-3.28.2.noarch", product: { name: "openstack-cinder-test-13.0.10~dev20-3.28.2.noarch", product_id: "openstack-cinder-test-13.0.10~dev20-3.28.2.noarch", }, }, { category: "product_version", name: "openstack-cinder-volume-13.0.10~dev20-3.28.2.noarch", product: { name: "openstack-cinder-volume-13.0.10~dev20-3.28.2.noarch", product_id: "openstack-cinder-volume-13.0.10~dev20-3.28.2.noarch", }, }, { category: "product_version", name: "openstack-heat-11.0.4~dev4-3.19.2.noarch", product: { name: "openstack-heat-11.0.4~dev4-3.19.2.noarch", product_id: "openstack-heat-11.0.4~dev4-3.19.2.noarch", }, }, { category: "product_version", name: "openstack-heat-api-11.0.4~dev4-3.19.2.noarch", product: { name: "openstack-heat-api-11.0.4~dev4-3.19.2.noarch", product_id: "openstack-heat-api-11.0.4~dev4-3.19.2.noarch", }, }, { category: "product_version", name: "openstack-heat-api-cfn-11.0.4~dev4-3.19.2.noarch", product: { name: "openstack-heat-api-cfn-11.0.4~dev4-3.19.2.noarch", product_id: "openstack-heat-api-cfn-11.0.4~dev4-3.19.2.noarch", }, }, { category: "product_version", name: "openstack-heat-engine-11.0.4~dev4-3.19.2.noarch", product: { name: "openstack-heat-engine-11.0.4~dev4-3.19.2.noarch", product_id: "openstack-heat-engine-11.0.4~dev4-3.19.2.noarch", }, }, { category: "product_version", name: "openstack-heat-gbp-12.0.1~dev2-3.3.4.noarch", product: { name: "openstack-heat-gbp-12.0.1~dev2-3.3.4.noarch", product_id: "openstack-heat-gbp-12.0.1~dev2-3.3.4.noarch", }, }, { category: "product_version", name: "openstack-heat-gbp-test-12.0.1~dev2-3.3.4.noarch", product: { name: "openstack-heat-gbp-test-12.0.1~dev2-3.3.4.noarch", product_id: "openstack-heat-gbp-test-12.0.1~dev2-3.3.4.noarch", }, }, { category: "product_version", name: "openstack-heat-plugin-heat_docker-11.0.4~dev4-3.19.2.noarch", product: { name: "openstack-heat-plugin-heat_docker-11.0.4~dev4-3.19.2.noarch", product_id: "openstack-heat-plugin-heat_docker-11.0.4~dev4-3.19.2.noarch", }, }, { category: "product_version", name: "openstack-heat-templates-0.0.0+git.1605509190.64f020b6-3.9.3.noarch", product: { name: "openstack-heat-templates-0.0.0+git.1605509190.64f020b6-3.9.3.noarch", product_id: "openstack-heat-templates-0.0.0+git.1605509190.64f020b6-3.9.3.noarch", }, }, { category: "product_version", name: "openstack-heat-test-11.0.4~dev4-3.19.2.noarch", product: { name: "openstack-heat-test-11.0.4~dev4-3.19.2.noarch", product_id: "openstack-heat-test-11.0.4~dev4-3.19.2.noarch", }, }, { category: "product_version", name: "openstack-horizon-plugin-gbp-ui-12.0.1~dev3-3.3.4.noarch", product: { name: "openstack-horizon-plugin-gbp-ui-12.0.1~dev3-3.3.4.noarch", product_id: "openstack-horizon-plugin-gbp-ui-12.0.1~dev3-3.3.4.noarch", }, }, { category: "product_version", name: "openstack-horizon-plugin-gbp-ui-test-12.0.1~dev3-3.3.4.noarch", product: { name: "openstack-horizon-plugin-gbp-ui-test-12.0.1~dev3-3.3.4.noarch", product_id: "openstack-horizon-plugin-gbp-ui-test-12.0.1~dev3-3.3.4.noarch", }, }, { category: "product_version", name: "openstack-ironic-python-agent-3.3.4~dev6-3.19.4.noarch", product: { name: "openstack-ironic-python-agent-3.3.4~dev6-3.19.4.noarch", product_id: "openstack-ironic-python-agent-3.3.4~dev6-3.19.4.noarch", }, }, { category: "product_version", name: "openstack-manila-7.4.2~dev57-4.30.2.noarch", product: { name: "openstack-manila-7.4.2~dev57-4.30.2.noarch", product_id: "openstack-manila-7.4.2~dev57-4.30.2.noarch", }, }, { category: "product_version", name: "openstack-manila-api-7.4.2~dev57-4.30.2.noarch", product: { name: "openstack-manila-api-7.4.2~dev57-4.30.2.noarch", product_id: "openstack-manila-api-7.4.2~dev57-4.30.2.noarch", }, }, { category: "product_version", name: "openstack-manila-data-7.4.2~dev57-4.30.2.noarch", product: { name: "openstack-manila-data-7.4.2~dev57-4.30.2.noarch", product_id: "openstack-manila-data-7.4.2~dev57-4.30.2.noarch", }, }, { category: "product_version", name: "openstack-manila-scheduler-7.4.2~dev57-4.30.2.noarch", product: { name: "openstack-manila-scheduler-7.4.2~dev57-4.30.2.noarch", product_id: "openstack-manila-scheduler-7.4.2~dev57-4.30.2.noarch", }, }, { category: "product_version", name: "openstack-manila-share-7.4.2~dev57-4.30.2.noarch", product: { name: "openstack-manila-share-7.4.2~dev57-4.30.2.noarch", product_id: "openstack-manila-share-7.4.2~dev57-4.30.2.noarch", }, }, { category: "product_version", name: "openstack-manila-test-7.4.2~dev57-4.30.2.noarch", product: { name: "openstack-manila-test-7.4.2~dev57-4.30.2.noarch", product_id: "openstack-manila-test-7.4.2~dev57-4.30.2.noarch", }, }, { category: "product_version", name: "openstack-neutron-13.0.8~dev135-3.31.2.noarch", product: { name: "openstack-neutron-13.0.8~dev135-3.31.2.noarch", product_id: "openstack-neutron-13.0.8~dev135-3.31.2.noarch", }, }, { category: "product_version", name: "openstack-neutron-dhcp-agent-13.0.8~dev135-3.31.2.noarch", product: { name: "openstack-neutron-dhcp-agent-13.0.8~dev135-3.31.2.noarch", product_id: "openstack-neutron-dhcp-agent-13.0.8~dev135-3.31.2.noarch", }, }, { category: "product_version", name: "openstack-neutron-gbp-12.0.1~dev5-3.19.4.noarch", product: { name: "openstack-neutron-gbp-12.0.1~dev5-3.19.4.noarch", product_id: "openstack-neutron-gbp-12.0.1~dev5-3.19.4.noarch", }, }, { category: "product_version", name: "openstack-neutron-gbp-test-12.0.1~dev5-3.19.4.noarch", product: { name: "openstack-neutron-gbp-test-12.0.1~dev5-3.19.4.noarch", product_id: "openstack-neutron-gbp-test-12.0.1~dev5-3.19.4.noarch", }, }, { category: "product_version", name: "openstack-neutron-ha-tool-13.0.8~dev135-3.31.2.noarch", product: { name: "openstack-neutron-ha-tool-13.0.8~dev135-3.31.2.noarch", product_id: "openstack-neutron-ha-tool-13.0.8~dev135-3.31.2.noarch", }, }, { category: "product_version", name: "openstack-neutron-l3-agent-13.0.8~dev135-3.31.2.noarch", product: { name: "openstack-neutron-l3-agent-13.0.8~dev135-3.31.2.noarch", product_id: "openstack-neutron-l3-agent-13.0.8~dev135-3.31.2.noarch", }, }, { category: "product_version", name: "openstack-neutron-linuxbridge-agent-13.0.8~dev135-3.31.2.noarch", product: { name: "openstack-neutron-linuxbridge-agent-13.0.8~dev135-3.31.2.noarch", product_id: "openstack-neutron-linuxbridge-agent-13.0.8~dev135-3.31.2.noarch", }, }, { category: "product_version", name: "openstack-neutron-macvtap-agent-13.0.8~dev135-3.31.2.noarch", product: { name: "openstack-neutron-macvtap-agent-13.0.8~dev135-3.31.2.noarch", product_id: "openstack-neutron-macvtap-agent-13.0.8~dev135-3.31.2.noarch", }, }, { category: "product_version", name: "openstack-neutron-metadata-agent-13.0.8~dev135-3.31.2.noarch", product: { name: "openstack-neutron-metadata-agent-13.0.8~dev135-3.31.2.noarch", product_id: "openstack-neutron-metadata-agent-13.0.8~dev135-3.31.2.noarch", }, }, { category: "product_version", name: "openstack-neutron-metering-agent-13.0.8~dev135-3.31.2.noarch", product: { name: "openstack-neutron-metering-agent-13.0.8~dev135-3.31.2.noarch", product_id: "openstack-neutron-metering-agent-13.0.8~dev135-3.31.2.noarch", }, }, { category: "product_version", name: "openstack-neutron-openvswitch-agent-13.0.8~dev135-3.31.2.noarch", product: { name: "openstack-neutron-openvswitch-agent-13.0.8~dev135-3.31.2.noarch", product_id: "openstack-neutron-openvswitch-agent-13.0.8~dev135-3.31.2.noarch", }, }, { category: "product_version", name: "openstack-neutron-server-13.0.8~dev135-3.31.2.noarch", product: { name: "openstack-neutron-server-13.0.8~dev135-3.31.2.noarch", product_id: "openstack-neutron-server-13.0.8~dev135-3.31.2.noarch", }, }, { category: "product_version", name: "openstack-neutron-test-13.0.8~dev135-3.31.2.noarch", product: { name: "openstack-neutron-test-13.0.8~dev135-3.31.2.noarch", product_id: "openstack-neutron-test-13.0.8~dev135-3.31.2.noarch", }, }, { category: "product_version", name: "openstack-neutron-vpnaas-13.0.2~dev6-3.9.2.noarch", product: { name: "openstack-neutron-vpnaas-13.0.2~dev6-3.9.2.noarch", product_id: "openstack-neutron-vpnaas-13.0.2~dev6-3.9.2.noarch", }, }, { category: "product_version", name: "openstack-neutron-vyatta-agent-13.0.2~dev6-3.9.2.noarch", product: { name: "openstack-neutron-vyatta-agent-13.0.2~dev6-3.9.2.noarch", product_id: "openstack-neutron-vyatta-agent-13.0.2~dev6-3.9.2.noarch", }, }, { category: "product_version", name: "openstack-nova-18.3.1~dev77-3.31.2.noarch", product: { name: "openstack-nova-18.3.1~dev77-3.31.2.noarch", product_id: "openstack-nova-18.3.1~dev77-3.31.2.noarch", }, }, { category: "product_version", name: "openstack-nova-api-18.3.1~dev77-3.31.2.noarch", product: { name: "openstack-nova-api-18.3.1~dev77-3.31.2.noarch", product_id: "openstack-nova-api-18.3.1~dev77-3.31.2.noarch", }, }, { category: "product_version", name: "openstack-nova-cells-18.3.1~dev77-3.31.2.noarch", product: { name: "openstack-nova-cells-18.3.1~dev77-3.31.2.noarch", product_id: "openstack-nova-cells-18.3.1~dev77-3.31.2.noarch", }, }, { category: "product_version", name: "openstack-nova-compute-18.3.1~dev77-3.31.2.noarch", product: { name: "openstack-nova-compute-18.3.1~dev77-3.31.2.noarch", product_id: "openstack-nova-compute-18.3.1~dev77-3.31.2.noarch", }, }, { category: "product_version", name: "openstack-nova-conductor-18.3.1~dev77-3.31.2.noarch", product: { name: "openstack-nova-conductor-18.3.1~dev77-3.31.2.noarch", product_id: "openstack-nova-conductor-18.3.1~dev77-3.31.2.noarch", }, }, { category: "product_version", name: "openstack-nova-console-18.3.1~dev77-3.31.2.noarch", product: { name: "openstack-nova-console-18.3.1~dev77-3.31.2.noarch", product_id: "openstack-nova-console-18.3.1~dev77-3.31.2.noarch", }, }, { category: "product_version", name: "openstack-nova-consoleauth-18.3.1~dev77-3.31.2.noarch", product: { name: "openstack-nova-consoleauth-18.3.1~dev77-3.31.2.noarch", product_id: "openstack-nova-consoleauth-18.3.1~dev77-3.31.2.noarch", }, }, { category: "product_version", name: "openstack-nova-network-18.3.1~dev77-3.31.2.noarch", product: { name: "openstack-nova-network-18.3.1~dev77-3.31.2.noarch", product_id: "openstack-nova-network-18.3.1~dev77-3.31.2.noarch", }, }, { category: "product_version", name: "openstack-nova-novncproxy-18.3.1~dev77-3.31.2.noarch", product: { name: "openstack-nova-novncproxy-18.3.1~dev77-3.31.2.noarch", product_id: "openstack-nova-novncproxy-18.3.1~dev77-3.31.2.noarch", }, }, { category: "product_version", name: "openstack-nova-placement-api-18.3.1~dev77-3.31.2.noarch", product: { name: "openstack-nova-placement-api-18.3.1~dev77-3.31.2.noarch", product_id: "openstack-nova-placement-api-18.3.1~dev77-3.31.2.noarch", }, }, { category: "product_version", name: "openstack-nova-scheduler-18.3.1~dev77-3.31.2.noarch", product: { name: "openstack-nova-scheduler-18.3.1~dev77-3.31.2.noarch", product_id: "openstack-nova-scheduler-18.3.1~dev77-3.31.2.noarch", }, }, { category: "product_version", name: "openstack-nova-serialproxy-18.3.1~dev77-3.31.2.noarch", product: { name: "openstack-nova-serialproxy-18.3.1~dev77-3.31.2.noarch", product_id: "openstack-nova-serialproxy-18.3.1~dev77-3.31.2.noarch", }, }, { category: "product_version", name: "openstack-nova-test-18.3.1~dev77-3.31.2.noarch", product: { name: "openstack-nova-test-18.3.1~dev77-3.31.2.noarch", product_id: "openstack-nova-test-18.3.1~dev77-3.31.2.noarch", }, }, { category: "product_version", name: "openstack-nova-vncproxy-18.3.1~dev77-3.31.2.noarch", product: { name: "openstack-nova-vncproxy-18.3.1~dev77-3.31.2.noarch", product_id: "openstack-nova-vncproxy-18.3.1~dev77-3.31.2.noarch", }, }, { category: "product_version", name: "python-Jinja2-2.10.1-3.3.3.noarch", product: { name: "python-Jinja2-2.10.1-3.3.3.noarch", product_id: "python-Jinja2-2.10.1-3.3.3.noarch", }, }, { category: "product_version", name: "python-Jinja2-emacs-2.10.1-3.3.3.noarch", product: { name: "python-Jinja2-emacs-2.10.1-3.3.3.noarch", product_id: "python-Jinja2-emacs-2.10.1-3.3.3.noarch", }, }, { category: "product_version", name: "python-Jinja2-vim-2.10.1-3.3.3.noarch", product: { name: "python-Jinja2-vim-2.10.1-3.3.3.noarch", product_id: "python-Jinja2-vim-2.10.1-3.3.3.noarch", }, }, { category: "product_version", name: "python-cinder-13.0.10~dev20-3.28.2.noarch", product: { name: "python-cinder-13.0.10~dev20-3.28.2.noarch", product_id: "python-cinder-13.0.10~dev20-3.28.2.noarch", }, }, { category: "product_version", name: "python-heat-11.0.4~dev4-3.19.2.noarch", product: { name: "python-heat-11.0.4~dev4-3.19.2.noarch", product_id: "python-heat-11.0.4~dev4-3.19.2.noarch", }, }, { category: "product_version", name: "python-heat-gbp-12.0.1~dev2-3.3.4.noarch", product: { name: "python-heat-gbp-12.0.1~dev2-3.3.4.noarch", product_id: "python-heat-gbp-12.0.1~dev2-3.3.4.noarch", }, }, { category: "product_version", name: "python-horizon-plugin-gbp-ui-12.0.1~dev3-3.3.4.noarch", product: { name: "python-horizon-plugin-gbp-ui-12.0.1~dev3-3.3.4.noarch", product_id: "python-horizon-plugin-gbp-ui-12.0.1~dev3-3.3.4.noarch", }, }, { category: "product_version", name: "python-manila-7.4.2~dev57-4.30.2.noarch", product: { name: "python-manila-7.4.2~dev57-4.30.2.noarch", product_id: "python-manila-7.4.2~dev57-4.30.2.noarch", }, }, { category: "product_version", name: "python-neutron-13.0.8~dev135-3.31.2.noarch", product: { name: "python-neutron-13.0.8~dev135-3.31.2.noarch", product_id: "python-neutron-13.0.8~dev135-3.31.2.noarch", }, }, { category: "product_version", name: "python-neutron-gbp-12.0.1~dev5-3.19.4.noarch", product: { name: "python-neutron-gbp-12.0.1~dev5-3.19.4.noarch", product_id: "python-neutron-gbp-12.0.1~dev5-3.19.4.noarch", }, }, { category: "product_version", name: "python-neutron-vpnaas-13.0.2~dev6-3.9.2.noarch", product: { name: "python-neutron-vpnaas-13.0.2~dev6-3.9.2.noarch", product_id: "python-neutron-vpnaas-13.0.2~dev6-3.9.2.noarch", }, }, { category: "product_version", name: "python-neutron-vpnaas-tempest-plugin-13.0.2~dev6-3.9.2.noarch", product: { name: "python-neutron-vpnaas-tempest-plugin-13.0.2~dev6-3.9.2.noarch", product_id: "python-neutron-vpnaas-tempest-plugin-13.0.2~dev6-3.9.2.noarch", }, }, { category: "product_version", name: "python-nova-18.3.1~dev77-3.31.2.noarch", product: { name: "python-nova-18.3.1~dev77-3.31.2.noarch", product_id: "python-nova-18.3.1~dev77-3.31.2.noarch", }, }, { category: "product_version", name: "python-pysaml2-4.5.0-4.3.3.noarch", product: { name: "python-pysaml2-4.5.0-4.3.3.noarch", product_id: "python-pysaml2-4.5.0-4.3.3.noarch", }, }, { category: "product_version", name: "python-pytest-3.7.4-3.3.3.noarch", product: { name: "python-pytest-3.7.4-3.3.3.noarch", product_id: "python-pytest-3.7.4-3.3.3.noarch", }, }, { category: "product_version", name: "python-urllib3-1.23-3.15.3.noarch", product: { name: "python-urllib3-1.23-3.15.3.noarch", product_id: "python-urllib3-1.23-3.15.3.noarch", }, }, { category: "product_version", name: "python3-Jinja2-2.10.1-3.3.3.noarch", product: { name: "python3-Jinja2-2.10.1-3.3.3.noarch", product_id: "python3-Jinja2-2.10.1-3.3.3.noarch", }, }, { category: "product_version", name: "python3-pysaml2-4.5.0-4.3.3.noarch", product: { name: "python3-pysaml2-4.5.0-4.3.3.noarch", product_id: "python3-pysaml2-4.5.0-4.3.3.noarch", }, }, { category: "product_version", name: "python3-pytest-3.7.4-3.3.3.noarch", product: { name: "python3-pytest-3.7.4-3.3.3.noarch", product_id: "python3-pytest-3.7.4-3.3.3.noarch", }, }, { category: "product_version", name: "python3-urllib3-1.23-3.15.3.noarch", product: { name: "python3-urllib3-1.23-3.15.3.noarch", product_id: "python3-urllib3-1.23-3.15.3.noarch", }, }, { category: "product_version", name: "release-notes-suse-openstack-cloud-9.20200917-3.24.3.noarch", product: { name: "release-notes-suse-openstack-cloud-9.20200917-3.24.3.noarch", product_id: "release-notes-suse-openstack-cloud-9.20200917-3.24.3.noarch", }, }, { category: "product_version", name: "spark-2.2.3-5.3.3.noarch", product: { name: "spark-2.2.3-5.3.3.noarch", product_id: "spark-2.2.3-5.3.3.noarch", }, }, { category: "product_version", name: "venv-openstack-barbican-x86_64-7.0.1~dev24-3.21.2.noarch", product: { name: "venv-openstack-barbican-x86_64-7.0.1~dev24-3.21.2.noarch", product_id: "venv-openstack-barbican-x86_64-7.0.1~dev24-3.21.2.noarch", }, }, { category: "product_version", name: "venv-openstack-cinder-x86_64-13.0.10~dev20-3.24.2.noarch", product: { name: "venv-openstack-cinder-x86_64-13.0.10~dev20-3.24.2.noarch", product_id: "venv-openstack-cinder-x86_64-13.0.10~dev20-3.24.2.noarch", }, }, { category: "product_version", name: "venv-openstack-designate-x86_64-7.0.2~dev2-3.21.2.noarch", product: { name: "venv-openstack-designate-x86_64-7.0.2~dev2-3.21.2.noarch", product_id: "venv-openstack-designate-x86_64-7.0.2~dev2-3.21.2.noarch", }, }, { category: "product_version", name: "venv-openstack-glance-x86_64-17.0.1~dev30-3.19.2.noarch", product: { name: "venv-openstack-glance-x86_64-17.0.1~dev30-3.19.2.noarch", product_id: "venv-openstack-glance-x86_64-17.0.1~dev30-3.19.2.noarch", }, }, { category: "product_version", name: "venv-openstack-heat-x86_64-11.0.4~dev4-3.21.2.noarch", product: { name: "venv-openstack-heat-x86_64-11.0.4~dev4-3.21.2.noarch", product_id: "venv-openstack-heat-x86_64-11.0.4~dev4-3.21.2.noarch", }, }, { category: "product_version", name: "venv-openstack-horizon-x86_64-14.1.1~dev7-4.23.2.noarch", product: { name: "venv-openstack-horizon-x86_64-14.1.1~dev7-4.23.2.noarch", product_id: "venv-openstack-horizon-x86_64-14.1.1~dev7-4.23.2.noarch", }, }, { category: "product_version", name: "venv-openstack-ironic-x86_64-11.1.5~dev16-4.19.2.noarch", product: { name: "venv-openstack-ironic-x86_64-11.1.5~dev16-4.19.2.noarch", product_id: "venv-openstack-ironic-x86_64-11.1.5~dev16-4.19.2.noarch", }, }, { category: "product_version", name: "venv-openstack-keystone-x86_64-14.2.1~dev4-3.21.2.noarch", product: { name: "venv-openstack-keystone-x86_64-14.2.1~dev4-3.21.2.noarch", product_id: "venv-openstack-keystone-x86_64-14.2.1~dev4-3.21.2.noarch", }, }, { category: "product_version", name: "venv-openstack-magnum-x86_64-7.2.1~dev1-4.21.2.noarch", product: { name: "venv-openstack-magnum-x86_64-7.2.1~dev1-4.21.2.noarch", product_id: "venv-openstack-magnum-x86_64-7.2.1~dev1-4.21.2.noarch", }, }, { category: "product_version", name: "venv-openstack-manila-x86_64-7.4.2~dev57-3.25.2.noarch", product: { name: "venv-openstack-manila-x86_64-7.4.2~dev57-3.25.2.noarch", product_id: "venv-openstack-manila-x86_64-7.4.2~dev57-3.25.2.noarch", }, }, { category: "product_version", name: "venv-openstack-monasca-ceilometer-x86_64-1.8.2~dev3-3.21.2.noarch", product: { name: "venv-openstack-monasca-ceilometer-x86_64-1.8.2~dev3-3.21.2.noarch", product_id: "venv-openstack-monasca-ceilometer-x86_64-1.8.2~dev3-3.21.2.noarch", }, }, { category: "product_version", name: "venv-openstack-monasca-x86_64-2.7.1~dev10-3.19.2.noarch", product: { name: "venv-openstack-monasca-x86_64-2.7.1~dev10-3.19.2.noarch", product_id: "venv-openstack-monasca-x86_64-2.7.1~dev10-3.19.2.noarch", }, }, { category: "product_version", name: "venv-openstack-neutron-x86_64-13.0.8~dev135-6.23.2.noarch", product: { name: "venv-openstack-neutron-x86_64-13.0.8~dev135-6.23.2.noarch", product_id: "venv-openstack-neutron-x86_64-13.0.8~dev135-6.23.2.noarch", }, }, { category: "product_version", name: "venv-openstack-nova-x86_64-18.3.1~dev77-3.23.2.noarch", product: { name: "venv-openstack-nova-x86_64-18.3.1~dev77-3.23.2.noarch", product_id: "venv-openstack-nova-x86_64-18.3.1~dev77-3.23.2.noarch", }, }, { category: "product_version", name: "venv-openstack-octavia-x86_64-3.2.3~dev7-4.21.2.noarch", product: { name: "venv-openstack-octavia-x86_64-3.2.3~dev7-4.21.2.noarch", product_id: "venv-openstack-octavia-x86_64-3.2.3~dev7-4.21.2.noarch", }, }, { category: "product_version", name: "venv-openstack-sahara-x86_64-9.0.2~dev15-3.21.2.noarch", product: { name: "venv-openstack-sahara-x86_64-9.0.2~dev15-3.21.2.noarch", product_id: "venv-openstack-sahara-x86_64-9.0.2~dev15-3.21.2.noarch", }, }, { category: "product_version", name: "venv-openstack-swift-x86_64-2.19.2~dev48-2.16.2.noarch", product: { name: "venv-openstack-swift-x86_64-2.19.2~dev48-2.16.2.noarch", product_id: "venv-openstack-swift-x86_64-2.19.2~dev48-2.16.2.noarch", }, }, ], category: "architecture", name: "noarch", }, { branches: [ { category: "product_version", name: "crowbar-core-6.0+git.1606314264.bf9ada813-3.31.2.ppc64le", product: { name: "crowbar-core-6.0+git.1606314264.bf9ada813-3.31.2.ppc64le", product_id: "crowbar-core-6.0+git.1606314264.bf9ada813-3.31.2.ppc64le", }, }, { category: "product_version", name: "crowbar-core-branding-upstream-6.0+git.1606314264.bf9ada813-3.31.2.ppc64le", product: { name: "crowbar-core-branding-upstream-6.0+git.1606314264.bf9ada813-3.31.2.ppc64le", product_id: "crowbar-core-branding-upstream-6.0+git.1606314264.bf9ada813-3.31.2.ppc64le", }, }, { category: "product_version", name: "crowbar-core-devel-6.0+git.1606314264.bf9ada813-3.31.2.ppc64le", product: { name: "crowbar-core-devel-6.0+git.1606314264.bf9ada813-3.31.2.ppc64le", product_id: "crowbar-core-devel-6.0+git.1606314264.bf9ada813-3.31.2.ppc64le", }, }, { category: "product_version", name: "grafana-6.7.4-3.20.1.ppc64le", product: { name: "grafana-6.7.4-3.20.1.ppc64le", product_id: "grafana-6.7.4-3.20.1.ppc64le", }, }, { category: "product_version", name: "influxdb-1.3.8-4.3.3.ppc64le", product: { name: "influxdb-1.3.8-4.3.3.ppc64le", product_id: "influxdb-1.3.8-4.3.3.ppc64le", }, }, { category: "product_version", name: "influxdb-devel-1.3.8-4.3.3.ppc64le", product: { name: "influxdb-devel-1.3.8-4.3.3.ppc64le", product_id: "influxdb-devel-1.3.8-4.3.3.ppc64le", }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "crowbar-core-6.0+git.1606314264.bf9ada813-3.31.2.s390x", product: { name: "crowbar-core-6.0+git.1606314264.bf9ada813-3.31.2.s390x", product_id: "crowbar-core-6.0+git.1606314264.bf9ada813-3.31.2.s390x", }, }, { category: "product_version", name: "crowbar-core-branding-upstream-6.0+git.1606314264.bf9ada813-3.31.2.s390x", product: { name: "crowbar-core-branding-upstream-6.0+git.1606314264.bf9ada813-3.31.2.s390x", product_id: "crowbar-core-branding-upstream-6.0+git.1606314264.bf9ada813-3.31.2.s390x", }, }, { category: "product_version", name: "crowbar-core-devel-6.0+git.1606314264.bf9ada813-3.31.2.s390x", product: { name: "crowbar-core-devel-6.0+git.1606314264.bf9ada813-3.31.2.s390x", product_id: "crowbar-core-devel-6.0+git.1606314264.bf9ada813-3.31.2.s390x", }, }, { category: "product_version", name: "grafana-6.7.4-3.20.1.s390x", product: { name: "grafana-6.7.4-3.20.1.s390x", product_id: "grafana-6.7.4-3.20.1.s390x", }, }, { category: "product_version", name: "influxdb-1.3.8-4.3.3.s390x", product: { name: "influxdb-1.3.8-4.3.3.s390x", product_id: "influxdb-1.3.8-4.3.3.s390x", }, }, { category: "product_version", name: "influxdb-devel-1.3.8-4.3.3.s390x", product: { name: "influxdb-devel-1.3.8-4.3.3.s390x", product_id: "influxdb-devel-1.3.8-4.3.3.s390x", }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "crowbar-core-6.0+git.1606314264.bf9ada813-3.31.2.x86_64", product: { name: "crowbar-core-6.0+git.1606314264.bf9ada813-3.31.2.x86_64", product_id: "crowbar-core-6.0+git.1606314264.bf9ada813-3.31.2.x86_64", }, }, { category: "product_version", name: "crowbar-core-branding-upstream-6.0+git.1606314264.bf9ada813-3.31.2.x86_64", product: { name: "crowbar-core-branding-upstream-6.0+git.1606314264.bf9ada813-3.31.2.x86_64", product_id: "crowbar-core-branding-upstream-6.0+git.1606314264.bf9ada813-3.31.2.x86_64", }, }, { category: "product_version", name: "crowbar-core-devel-6.0+git.1606314264.bf9ada813-3.31.2.x86_64", product: { name: "crowbar-core-devel-6.0+git.1606314264.bf9ada813-3.31.2.x86_64", product_id: "crowbar-core-devel-6.0+git.1606314264.bf9ada813-3.31.2.x86_64", }, }, { category: "product_version", name: "grafana-6.7.4-3.20.1.x86_64", product: { name: "grafana-6.7.4-3.20.1.x86_64", product_id: "grafana-6.7.4-3.20.1.x86_64", }, }, { category: "product_version", name: "influxdb-1.3.8-4.3.3.x86_64", product: { name: "influxdb-1.3.8-4.3.3.x86_64", product_id: "influxdb-1.3.8-4.3.3.x86_64", }, }, { category: "product_version", name: "influxdb-devel-1.3.8-4.3.3.x86_64", product: { name: "influxdb-devel-1.3.8-4.3.3.x86_64", product_id: "influxdb-devel-1.3.8-4.3.3.x86_64", }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_name", name: "SUSE OpenStack Cloud 9", product: { name: "SUSE OpenStack Cloud 9", product_id: "SUSE OpenStack Cloud 9", product_identification_helper: { cpe: "cpe:/o:suse:suse-openstack-cloud:9", }, }, }, { category: "product_name", name: "SUSE OpenStack Cloud Crowbar 9", product: { name: "SUSE OpenStack Cloud Crowbar 9", product_id: "SUSE OpenStack Cloud Crowbar 9", product_identification_helper: { cpe: "cpe:/o:suse:suse-openstack-cloud-crowbar:9", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "ardana-cassandra-9.0+git.1600802664.7e480a2-3.6.2.noarch as component of SUSE OpenStack Cloud 9", product_id: "SUSE OpenStack Cloud 9:ardana-cassandra-9.0+git.1600802664.7e480a2-3.6.2.noarch", }, product_reference: "ardana-cassandra-9.0+git.1600802664.7e480a2-3.6.2.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 9", }, { category: "default_component_of", full_product_name: { name: "ardana-mq-9.0+git.1605174486.a78ddce-3.19.2.noarch as component of SUSE OpenStack Cloud 9", product_id: "SUSE OpenStack Cloud 9:ardana-mq-9.0+git.1605174486.a78ddce-3.19.2.noarch", }, product_reference: "ardana-mq-9.0+git.1605174486.a78ddce-3.19.2.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 9", }, { category: "default_component_of", full_product_name: { name: "ardana-osconfig-9.0+git.1601621747.a87e5a0-3.22.2.noarch as component of SUSE OpenStack Cloud 9", product_id: "SUSE OpenStack Cloud 9:ardana-osconfig-9.0+git.1601621747.a87e5a0-3.22.2.noarch", }, product_reference: "ardana-osconfig-9.0+git.1601621747.a87e5a0-3.22.2.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 9", }, { category: "default_component_of", full_product_name: { name: "ardana-tempest-9.0+git.1603378983.fc0bca9-3.19.2.noarch as component of SUSE OpenStack Cloud 9", product_id: "SUSE OpenStack Cloud 9:ardana-tempest-9.0+git.1603378983.fc0bca9-3.19.2.noarch", }, product_reference: "ardana-tempest-9.0+git.1603378983.fc0bca9-3.19.2.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 9", }, { category: "default_component_of", full_product_name: { name: "grafana-6.7.4-3.20.1.x86_64 as component of SUSE OpenStack Cloud 9", product_id: "SUSE OpenStack Cloud 9:grafana-6.7.4-3.20.1.x86_64", }, product_reference: "grafana-6.7.4-3.20.1.x86_64", relates_to_product_reference: "SUSE OpenStack Cloud 9", }, { category: "default_component_of", full_product_name: { name: "influxdb-1.3.8-4.3.3.x86_64 as component of SUSE OpenStack Cloud 9", product_id: "SUSE OpenStack Cloud 9:influxdb-1.3.8-4.3.3.x86_64", }, product_reference: "influxdb-1.3.8-4.3.3.x86_64", relates_to_product_reference: "SUSE OpenStack Cloud 9", }, { category: "default_component_of", full_product_name: { name: "openstack-cinder-13.0.10~dev20-3.28.2.noarch as component of SUSE OpenStack Cloud 9", product_id: "SUSE OpenStack Cloud 9:openstack-cinder-13.0.10~dev20-3.28.2.noarch", }, product_reference: "openstack-cinder-13.0.10~dev20-3.28.2.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 9", }, { category: "default_component_of", full_product_name: { name: "openstack-cinder-api-13.0.10~dev20-3.28.2.noarch as component of SUSE OpenStack Cloud 9", product_id: "SUSE OpenStack Cloud 9:openstack-cinder-api-13.0.10~dev20-3.28.2.noarch", }, product_reference: "openstack-cinder-api-13.0.10~dev20-3.28.2.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 9", }, { category: "default_component_of", full_product_name: { name: "openstack-cinder-backup-13.0.10~dev20-3.28.2.noarch as component of SUSE OpenStack Cloud 9", product_id: "SUSE OpenStack Cloud 9:openstack-cinder-backup-13.0.10~dev20-3.28.2.noarch", }, product_reference: "openstack-cinder-backup-13.0.10~dev20-3.28.2.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 9", }, { category: "default_component_of", full_product_name: { name: "openstack-cinder-scheduler-13.0.10~dev20-3.28.2.noarch as component of SUSE OpenStack Cloud 9", product_id: "SUSE OpenStack Cloud 9:openstack-cinder-scheduler-13.0.10~dev20-3.28.2.noarch", }, product_reference: "openstack-cinder-scheduler-13.0.10~dev20-3.28.2.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 9", }, { category: "default_component_of", full_product_name: { name: "openstack-cinder-volume-13.0.10~dev20-3.28.2.noarch as component of SUSE OpenStack Cloud 9", product_id: "SUSE OpenStack Cloud 9:openstack-cinder-volume-13.0.10~dev20-3.28.2.noarch", }, product_reference: "openstack-cinder-volume-13.0.10~dev20-3.28.2.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 9", }, { category: "default_component_of", full_product_name: { name: "openstack-heat-11.0.4~dev4-3.19.2.noarch as component of SUSE OpenStack Cloud 9", product_id: "SUSE OpenStack Cloud 9:openstack-heat-11.0.4~dev4-3.19.2.noarch", }, product_reference: "openstack-heat-11.0.4~dev4-3.19.2.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 9", }, { category: "default_component_of", full_product_name: { name: "openstack-heat-api-11.0.4~dev4-3.19.2.noarch as component of SUSE OpenStack Cloud 9", product_id: "SUSE OpenStack Cloud 9:openstack-heat-api-11.0.4~dev4-3.19.2.noarch", }, product_reference: "openstack-heat-api-11.0.4~dev4-3.19.2.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 9", }, { category: "default_component_of", full_product_name: { name: "openstack-heat-api-cfn-11.0.4~dev4-3.19.2.noarch as component of SUSE OpenStack Cloud 9", product_id: "SUSE OpenStack Cloud 9:openstack-heat-api-cfn-11.0.4~dev4-3.19.2.noarch", }, product_reference: "openstack-heat-api-cfn-11.0.4~dev4-3.19.2.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 9", }, { category: "default_component_of", full_product_name: { name: "openstack-heat-engine-11.0.4~dev4-3.19.2.noarch as component of SUSE OpenStack Cloud 9", product_id: "SUSE OpenStack Cloud 9:openstack-heat-engine-11.0.4~dev4-3.19.2.noarch", }, product_reference: "openstack-heat-engine-11.0.4~dev4-3.19.2.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 9", }, { category: "default_component_of", full_product_name: { name: "openstack-heat-gbp-12.0.1~dev2-3.3.4.noarch as component of SUSE OpenStack Cloud 9", product_id: "SUSE OpenStack Cloud 9:openstack-heat-gbp-12.0.1~dev2-3.3.4.noarch", }, product_reference: "openstack-heat-gbp-12.0.1~dev2-3.3.4.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 9", }, { category: "default_component_of", full_product_name: { name: "openstack-heat-plugin-heat_docker-11.0.4~dev4-3.19.2.noarch as component of SUSE OpenStack Cloud 9", product_id: "SUSE OpenStack Cloud 9:openstack-heat-plugin-heat_docker-11.0.4~dev4-3.19.2.noarch", }, product_reference: "openstack-heat-plugin-heat_docker-11.0.4~dev4-3.19.2.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 9", }, { category: "default_component_of", full_product_name: { name: "openstack-heat-templates-0.0.0+git.1605509190.64f020b6-3.9.3.noarch as component of SUSE OpenStack Cloud 9", product_id: "SUSE OpenStack Cloud 9:openstack-heat-templates-0.0.0+git.1605509190.64f020b6-3.9.3.noarch", }, product_reference: "openstack-heat-templates-0.0.0+git.1605509190.64f020b6-3.9.3.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 9", }, { category: "default_component_of", full_product_name: { name: "openstack-horizon-plugin-gbp-ui-12.0.1~dev3-3.3.4.noarch as component of SUSE OpenStack Cloud 9", product_id: "SUSE OpenStack Cloud 9:openstack-horizon-plugin-gbp-ui-12.0.1~dev3-3.3.4.noarch", }, product_reference: "openstack-horizon-plugin-gbp-ui-12.0.1~dev3-3.3.4.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 9", }, { category: "default_component_of", full_product_name: { name: "openstack-ironic-python-agent-3.3.4~dev6-3.19.4.noarch as component of SUSE OpenStack Cloud 9", product_id: "SUSE OpenStack Cloud 9:openstack-ironic-python-agent-3.3.4~dev6-3.19.4.noarch", }, product_reference: "openstack-ironic-python-agent-3.3.4~dev6-3.19.4.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 9", }, { category: "default_component_of", full_product_name: { name: "openstack-manila-7.4.2~dev57-4.30.2.noarch as component of SUSE OpenStack Cloud 9", product_id: "SUSE OpenStack Cloud 9:openstack-manila-7.4.2~dev57-4.30.2.noarch", }, product_reference: "openstack-manila-7.4.2~dev57-4.30.2.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 9", }, { category: "default_component_of", full_product_name: { name: "openstack-manila-api-7.4.2~dev57-4.30.2.noarch as component of SUSE OpenStack Cloud 9", product_id: "SUSE OpenStack Cloud 9:openstack-manila-api-7.4.2~dev57-4.30.2.noarch", }, product_reference: "openstack-manila-api-7.4.2~dev57-4.30.2.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 9", }, { category: "default_component_of", full_product_name: { name: "openstack-manila-data-7.4.2~dev57-4.30.2.noarch as component of SUSE OpenStack Cloud 9", product_id: "SUSE OpenStack Cloud 9:openstack-manila-data-7.4.2~dev57-4.30.2.noarch", }, product_reference: "openstack-manila-data-7.4.2~dev57-4.30.2.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 9", }, { category: "default_component_of", full_product_name: { name: "openstack-manila-scheduler-7.4.2~dev57-4.30.2.noarch as component of SUSE OpenStack Cloud 9", product_id: "SUSE OpenStack Cloud 9:openstack-manila-scheduler-7.4.2~dev57-4.30.2.noarch", }, product_reference: "openstack-manila-scheduler-7.4.2~dev57-4.30.2.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 9", }, { category: "default_component_of", full_product_name: { name: "openstack-manila-share-7.4.2~dev57-4.30.2.noarch as component of SUSE OpenStack Cloud 9", product_id: "SUSE OpenStack Cloud 9:openstack-manila-share-7.4.2~dev57-4.30.2.noarch", }, product_reference: "openstack-manila-share-7.4.2~dev57-4.30.2.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 9", }, { category: "default_component_of", full_product_name: { name: "openstack-neutron-13.0.8~dev135-3.31.2.noarch as component of SUSE OpenStack Cloud 9", product_id: "SUSE OpenStack Cloud 9:openstack-neutron-13.0.8~dev135-3.31.2.noarch", }, product_reference: "openstack-neutron-13.0.8~dev135-3.31.2.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 9", }, { category: "default_component_of", full_product_name: { name: "openstack-neutron-dhcp-agent-13.0.8~dev135-3.31.2.noarch as component of SUSE OpenStack Cloud 9", product_id: "SUSE OpenStack Cloud 9:openstack-neutron-dhcp-agent-13.0.8~dev135-3.31.2.noarch", }, product_reference: "openstack-neutron-dhcp-agent-13.0.8~dev135-3.31.2.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 9", }, { category: "default_component_of", full_product_name: { name: "openstack-neutron-gbp-12.0.1~dev5-3.19.4.noarch as component of SUSE OpenStack Cloud 9", product_id: "SUSE OpenStack Cloud 9:openstack-neutron-gbp-12.0.1~dev5-3.19.4.noarch", }, product_reference: "openstack-neutron-gbp-12.0.1~dev5-3.19.4.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 9", }, { category: "default_component_of", full_product_name: { name: "openstack-neutron-ha-tool-13.0.8~dev135-3.31.2.noarch as component of SUSE OpenStack Cloud 9", product_id: "SUSE OpenStack Cloud 9:openstack-neutron-ha-tool-13.0.8~dev135-3.31.2.noarch", }, product_reference: "openstack-neutron-ha-tool-13.0.8~dev135-3.31.2.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 9", }, { category: "default_component_of", full_product_name: { name: "openstack-neutron-l3-agent-13.0.8~dev135-3.31.2.noarch as component of SUSE OpenStack Cloud 9", product_id: "SUSE OpenStack Cloud 9:openstack-neutron-l3-agent-13.0.8~dev135-3.31.2.noarch", }, product_reference: "openstack-neutron-l3-agent-13.0.8~dev135-3.31.2.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 9", }, { category: "default_component_of", full_product_name: { name: "openstack-neutron-linuxbridge-agent-13.0.8~dev135-3.31.2.noarch as component of SUSE OpenStack Cloud 9", product_id: "SUSE OpenStack Cloud 9:openstack-neutron-linuxbridge-agent-13.0.8~dev135-3.31.2.noarch", }, product_reference: "openstack-neutron-linuxbridge-agent-13.0.8~dev135-3.31.2.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 9", }, { category: "default_component_of", full_product_name: { name: "openstack-neutron-macvtap-agent-13.0.8~dev135-3.31.2.noarch as component of SUSE OpenStack Cloud 9", product_id: "SUSE OpenStack Cloud 9:openstack-neutron-macvtap-agent-13.0.8~dev135-3.31.2.noarch", }, product_reference: "openstack-neutron-macvtap-agent-13.0.8~dev135-3.31.2.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 9", }, { category: "default_component_of", full_product_name: { name: "openstack-neutron-metadata-agent-13.0.8~dev135-3.31.2.noarch as component of SUSE OpenStack Cloud 9", product_id: "SUSE OpenStack Cloud 9:openstack-neutron-metadata-agent-13.0.8~dev135-3.31.2.noarch", }, product_reference: "openstack-neutron-metadata-agent-13.0.8~dev135-3.31.2.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 9", }, { category: "default_component_of", full_product_name: { name: "openstack-neutron-metering-agent-13.0.8~dev135-3.31.2.noarch as component of SUSE OpenStack Cloud 9", product_id: "SUSE OpenStack Cloud 9:openstack-neutron-metering-agent-13.0.8~dev135-3.31.2.noarch", }, product_reference: "openstack-neutron-metering-agent-13.0.8~dev135-3.31.2.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 9", }, { category: "default_component_of", full_product_name: { name: "openstack-neutron-openvswitch-agent-13.0.8~dev135-3.31.2.noarch as component of SUSE OpenStack Cloud 9", product_id: "SUSE OpenStack Cloud 9:openstack-neutron-openvswitch-agent-13.0.8~dev135-3.31.2.noarch", }, product_reference: "openstack-neutron-openvswitch-agent-13.0.8~dev135-3.31.2.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 9", }, { category: "default_component_of", full_product_name: { name: "openstack-neutron-server-13.0.8~dev135-3.31.2.noarch as component of SUSE OpenStack Cloud 9", product_id: "SUSE OpenStack Cloud 9:openstack-neutron-server-13.0.8~dev135-3.31.2.noarch", }, product_reference: "openstack-neutron-server-13.0.8~dev135-3.31.2.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 9", }, { category: "default_component_of", full_product_name: { name: "openstack-neutron-vpnaas-13.0.2~dev6-3.9.2.noarch as component of SUSE OpenStack Cloud 9", product_id: "SUSE OpenStack Cloud 9:openstack-neutron-vpnaas-13.0.2~dev6-3.9.2.noarch", }, product_reference: "openstack-neutron-vpnaas-13.0.2~dev6-3.9.2.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 9", }, { category: "default_component_of", full_product_name: { name: "openstack-neutron-vyatta-agent-13.0.2~dev6-3.9.2.noarch as component of SUSE OpenStack Cloud 9", product_id: "SUSE OpenStack Cloud 9:openstack-neutron-vyatta-agent-13.0.2~dev6-3.9.2.noarch", }, product_reference: "openstack-neutron-vyatta-agent-13.0.2~dev6-3.9.2.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 9", }, { category: "default_component_of", full_product_name: { name: "openstack-nova-18.3.1~dev77-3.31.2.noarch as component of SUSE OpenStack Cloud 9", product_id: "SUSE OpenStack Cloud 9:openstack-nova-18.3.1~dev77-3.31.2.noarch", }, product_reference: "openstack-nova-18.3.1~dev77-3.31.2.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 9", }, { category: "default_component_of", full_product_name: { name: "openstack-nova-api-18.3.1~dev77-3.31.2.noarch as component of SUSE OpenStack Cloud 9", product_id: "SUSE OpenStack Cloud 9:openstack-nova-api-18.3.1~dev77-3.31.2.noarch", }, product_reference: "openstack-nova-api-18.3.1~dev77-3.31.2.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 9", }, { category: "default_component_of", full_product_name: { name: "openstack-nova-cells-18.3.1~dev77-3.31.2.noarch as component of SUSE OpenStack Cloud 9", product_id: "SUSE OpenStack Cloud 9:openstack-nova-cells-18.3.1~dev77-3.31.2.noarch", }, product_reference: "openstack-nova-cells-18.3.1~dev77-3.31.2.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 9", }, { category: "default_component_of", full_product_name: { name: "openstack-nova-compute-18.3.1~dev77-3.31.2.noarch as component of SUSE OpenStack Cloud 9", product_id: "SUSE OpenStack Cloud 9:openstack-nova-compute-18.3.1~dev77-3.31.2.noarch", }, product_reference: "openstack-nova-compute-18.3.1~dev77-3.31.2.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 9", }, { category: "default_component_of", full_product_name: { name: "openstack-nova-conductor-18.3.1~dev77-3.31.2.noarch as component of SUSE OpenStack Cloud 9", product_id: "SUSE OpenStack Cloud 9:openstack-nova-conductor-18.3.1~dev77-3.31.2.noarch", }, product_reference: "openstack-nova-conductor-18.3.1~dev77-3.31.2.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 9", }, { category: "default_component_of", full_product_name: { name: "openstack-nova-console-18.3.1~dev77-3.31.2.noarch as component of SUSE OpenStack Cloud 9", product_id: "SUSE OpenStack Cloud 9:openstack-nova-console-18.3.1~dev77-3.31.2.noarch", }, product_reference: "openstack-nova-console-18.3.1~dev77-3.31.2.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 9", }, { category: "default_component_of", full_product_name: { name: "openstack-nova-novncproxy-18.3.1~dev77-3.31.2.noarch as component of SUSE OpenStack Cloud 9", product_id: "SUSE OpenStack Cloud 9:openstack-nova-novncproxy-18.3.1~dev77-3.31.2.noarch", }, product_reference: "openstack-nova-novncproxy-18.3.1~dev77-3.31.2.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 9", }, { category: "default_component_of", full_product_name: { name: "openstack-nova-placement-api-18.3.1~dev77-3.31.2.noarch as component of SUSE OpenStack Cloud 9", product_id: "SUSE OpenStack Cloud 9:openstack-nova-placement-api-18.3.1~dev77-3.31.2.noarch", }, product_reference: "openstack-nova-placement-api-18.3.1~dev77-3.31.2.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 9", }, { category: "default_component_of", full_product_name: { name: "openstack-nova-scheduler-18.3.1~dev77-3.31.2.noarch as component of SUSE OpenStack Cloud 9", product_id: "SUSE OpenStack Cloud 9:openstack-nova-scheduler-18.3.1~dev77-3.31.2.noarch", }, product_reference: "openstack-nova-scheduler-18.3.1~dev77-3.31.2.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 9", }, { category: "default_component_of", full_product_name: { name: "openstack-nova-serialproxy-18.3.1~dev77-3.31.2.noarch as component of SUSE OpenStack Cloud 9", product_id: "SUSE OpenStack Cloud 9:openstack-nova-serialproxy-18.3.1~dev77-3.31.2.noarch", }, product_reference: "openstack-nova-serialproxy-18.3.1~dev77-3.31.2.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 9", }, { category: "default_component_of", full_product_name: { name: "openstack-nova-vncproxy-18.3.1~dev77-3.31.2.noarch as component of SUSE OpenStack Cloud 9", product_id: "SUSE OpenStack Cloud 9:openstack-nova-vncproxy-18.3.1~dev77-3.31.2.noarch", }, product_reference: "openstack-nova-vncproxy-18.3.1~dev77-3.31.2.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 9", }, { category: "default_component_of", full_product_name: { name: "python-Jinja2-2.10.1-3.3.3.noarch as component of SUSE OpenStack Cloud 9", product_id: "SUSE OpenStack Cloud 9:python-Jinja2-2.10.1-3.3.3.noarch", }, product_reference: "python-Jinja2-2.10.1-3.3.3.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 9", }, { category: "default_component_of", full_product_name: { name: "python-cinder-13.0.10~dev20-3.28.2.noarch as component of SUSE OpenStack Cloud 9", product_id: "SUSE OpenStack Cloud 9:python-cinder-13.0.10~dev20-3.28.2.noarch", }, product_reference: "python-cinder-13.0.10~dev20-3.28.2.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 9", }, { category: "default_component_of", full_product_name: { name: "python-heat-11.0.4~dev4-3.19.2.noarch as component of SUSE OpenStack Cloud 9", product_id: "SUSE OpenStack Cloud 9:python-heat-11.0.4~dev4-3.19.2.noarch", }, product_reference: "python-heat-11.0.4~dev4-3.19.2.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 9", }, { category: "default_component_of", full_product_name: { name: "python-heat-gbp-12.0.1~dev2-3.3.4.noarch as component of SUSE OpenStack Cloud 9", product_id: "SUSE OpenStack Cloud 9:python-heat-gbp-12.0.1~dev2-3.3.4.noarch", }, product_reference: "python-heat-gbp-12.0.1~dev2-3.3.4.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 9", }, { category: "default_component_of", full_product_name: { name: "python-horizon-plugin-gbp-ui-12.0.1~dev3-3.3.4.noarch as component of SUSE OpenStack Cloud 9", product_id: "SUSE OpenStack Cloud 9:python-horizon-plugin-gbp-ui-12.0.1~dev3-3.3.4.noarch", }, product_reference: "python-horizon-plugin-gbp-ui-12.0.1~dev3-3.3.4.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 9", }, { category: "default_component_of", full_product_name: { name: "python-manila-7.4.2~dev57-4.30.2.noarch as component of SUSE OpenStack Cloud 9", product_id: "SUSE OpenStack Cloud 9:python-manila-7.4.2~dev57-4.30.2.noarch", }, product_reference: "python-manila-7.4.2~dev57-4.30.2.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 9", }, { category: "default_component_of", full_product_name: { name: "python-neutron-13.0.8~dev135-3.31.2.noarch as component of SUSE OpenStack Cloud 9", product_id: "SUSE OpenStack Cloud 9:python-neutron-13.0.8~dev135-3.31.2.noarch", }, product_reference: "python-neutron-13.0.8~dev135-3.31.2.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 9", }, { category: "default_component_of", full_product_name: { name: "python-neutron-gbp-12.0.1~dev5-3.19.4.noarch as component of SUSE OpenStack Cloud 9", product_id: "SUSE OpenStack Cloud 9:python-neutron-gbp-12.0.1~dev5-3.19.4.noarch", }, product_reference: "python-neutron-gbp-12.0.1~dev5-3.19.4.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 9", }, { category: "default_component_of", full_product_name: { name: "python-neutron-vpnaas-13.0.2~dev6-3.9.2.noarch as component of SUSE OpenStack Cloud 9", product_id: "SUSE OpenStack Cloud 9:python-neutron-vpnaas-13.0.2~dev6-3.9.2.noarch", }, product_reference: "python-neutron-vpnaas-13.0.2~dev6-3.9.2.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 9", }, { category: "default_component_of", full_product_name: { name: "python-neutron-vpnaas-tempest-plugin-13.0.2~dev6-3.9.2.noarch as component of SUSE OpenStack Cloud 9", product_id: "SUSE OpenStack Cloud 9:python-neutron-vpnaas-tempest-plugin-13.0.2~dev6-3.9.2.noarch", }, product_reference: "python-neutron-vpnaas-tempest-plugin-13.0.2~dev6-3.9.2.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 9", }, { category: "default_component_of", full_product_name: { name: "python-nova-18.3.1~dev77-3.31.2.noarch as component of SUSE OpenStack Cloud 9", product_id: "SUSE OpenStack Cloud 9:python-nova-18.3.1~dev77-3.31.2.noarch", }, product_reference: "python-nova-18.3.1~dev77-3.31.2.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 9", }, { category: "default_component_of", full_product_name: { name: "python-pysaml2-4.5.0-4.3.3.noarch as component of SUSE OpenStack Cloud 9", product_id: "SUSE OpenStack Cloud 9:python-pysaml2-4.5.0-4.3.3.noarch", }, product_reference: "python-pysaml2-4.5.0-4.3.3.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 9", }, { category: "default_component_of", full_product_name: { name: "python-pytest-3.7.4-3.3.3.noarch as component of SUSE OpenStack Cloud 9", product_id: "SUSE OpenStack Cloud 9:python-pytest-3.7.4-3.3.3.noarch", }, product_reference: "python-pytest-3.7.4-3.3.3.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 9", }, { category: "default_component_of", full_product_name: { name: "python-urllib3-1.23-3.15.3.noarch as component of SUSE OpenStack Cloud 9", product_id: "SUSE OpenStack Cloud 9:python-urllib3-1.23-3.15.3.noarch", }, product_reference: "python-urllib3-1.23-3.15.3.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 9", }, { category: "default_component_of", full_product_name: { name: "release-notes-suse-openstack-cloud-9.20200917-3.24.3.noarch as component of SUSE OpenStack Cloud 9", product_id: "SUSE OpenStack Cloud 9:release-notes-suse-openstack-cloud-9.20200917-3.24.3.noarch", }, product_reference: "release-notes-suse-openstack-cloud-9.20200917-3.24.3.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 9", }, { category: "default_component_of", full_product_name: { name: "spark-2.2.3-5.3.3.noarch as component of SUSE OpenStack Cloud 9", product_id: "SUSE OpenStack Cloud 9:spark-2.2.3-5.3.3.noarch", }, product_reference: "spark-2.2.3-5.3.3.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 9", }, { category: "default_component_of", full_product_name: { name: "venv-openstack-barbican-x86_64-7.0.1~dev24-3.21.2.noarch as component of SUSE OpenStack Cloud 9", product_id: "SUSE OpenStack Cloud 9:venv-openstack-barbican-x86_64-7.0.1~dev24-3.21.2.noarch", }, product_reference: "venv-openstack-barbican-x86_64-7.0.1~dev24-3.21.2.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 9", }, { category: "default_component_of", full_product_name: { name: "venv-openstack-cinder-x86_64-13.0.10~dev20-3.24.2.noarch as component of SUSE OpenStack Cloud 9", product_id: "SUSE OpenStack Cloud 9:venv-openstack-cinder-x86_64-13.0.10~dev20-3.24.2.noarch", }, product_reference: "venv-openstack-cinder-x86_64-13.0.10~dev20-3.24.2.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 9", }, { category: "default_component_of", full_product_name: { name: "venv-openstack-designate-x86_64-7.0.2~dev2-3.21.2.noarch as component of SUSE OpenStack Cloud 9", product_id: "SUSE OpenStack Cloud 9:venv-openstack-designate-x86_64-7.0.2~dev2-3.21.2.noarch", }, product_reference: "venv-openstack-designate-x86_64-7.0.2~dev2-3.21.2.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 9", }, { category: "default_component_of", full_product_name: { name: "venv-openstack-glance-x86_64-17.0.1~dev30-3.19.2.noarch as component of SUSE OpenStack Cloud 9", product_id: "SUSE OpenStack Cloud 9:venv-openstack-glance-x86_64-17.0.1~dev30-3.19.2.noarch", }, product_reference: "venv-openstack-glance-x86_64-17.0.1~dev30-3.19.2.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 9", }, { category: "default_component_of", full_product_name: { name: "venv-openstack-heat-x86_64-11.0.4~dev4-3.21.2.noarch as component of SUSE OpenStack Cloud 9", product_id: "SUSE OpenStack Cloud 9:venv-openstack-heat-x86_64-11.0.4~dev4-3.21.2.noarch", }, product_reference: "venv-openstack-heat-x86_64-11.0.4~dev4-3.21.2.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 9", }, { category: "default_component_of", full_product_name: { name: "venv-openstack-horizon-x86_64-14.1.1~dev7-4.23.2.noarch as component of SUSE OpenStack Cloud 9", product_id: "SUSE OpenStack Cloud 9:venv-openstack-horizon-x86_64-14.1.1~dev7-4.23.2.noarch", }, product_reference: "venv-openstack-horizon-x86_64-14.1.1~dev7-4.23.2.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 9", }, { category: "default_component_of", full_product_name: { name: "venv-openstack-ironic-x86_64-11.1.5~dev16-4.19.2.noarch as component of SUSE OpenStack Cloud 9", product_id: "SUSE OpenStack Cloud 9:venv-openstack-ironic-x86_64-11.1.5~dev16-4.19.2.noarch", }, product_reference: "venv-openstack-ironic-x86_64-11.1.5~dev16-4.19.2.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 9", }, { category: "default_component_of", full_product_name: { name: "venv-openstack-keystone-x86_64-14.2.1~dev4-3.21.2.noarch as component of SUSE OpenStack Cloud 9", product_id: "SUSE OpenStack Cloud 9:venv-openstack-keystone-x86_64-14.2.1~dev4-3.21.2.noarch", }, product_reference: "venv-openstack-keystone-x86_64-14.2.1~dev4-3.21.2.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 9", }, { category: "default_component_of", full_product_name: { name: "venv-openstack-magnum-x86_64-7.2.1~dev1-4.21.2.noarch as component of SUSE OpenStack Cloud 9", product_id: "SUSE OpenStack Cloud 9:venv-openstack-magnum-x86_64-7.2.1~dev1-4.21.2.noarch", }, product_reference: "venv-openstack-magnum-x86_64-7.2.1~dev1-4.21.2.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 9", }, { category: "default_component_of", full_product_name: { name: "venv-openstack-manila-x86_64-7.4.2~dev57-3.25.2.noarch as component of SUSE OpenStack Cloud 9", product_id: "SUSE OpenStack Cloud 9:venv-openstack-manila-x86_64-7.4.2~dev57-3.25.2.noarch", }, product_reference: "venv-openstack-manila-x86_64-7.4.2~dev57-3.25.2.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 9", }, { category: "default_component_of", full_product_name: { name: "venv-openstack-monasca-ceilometer-x86_64-1.8.2~dev3-3.21.2.noarch as component of SUSE OpenStack Cloud 9", product_id: "SUSE OpenStack Cloud 9:venv-openstack-monasca-ceilometer-x86_64-1.8.2~dev3-3.21.2.noarch", }, product_reference: "venv-openstack-monasca-ceilometer-x86_64-1.8.2~dev3-3.21.2.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 9", }, { category: "default_component_of", full_product_name: { name: "venv-openstack-monasca-x86_64-2.7.1~dev10-3.19.2.noarch as component of SUSE OpenStack Cloud 9", product_id: "SUSE OpenStack Cloud 9:venv-openstack-monasca-x86_64-2.7.1~dev10-3.19.2.noarch", }, product_reference: "venv-openstack-monasca-x86_64-2.7.1~dev10-3.19.2.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 9", }, { category: "default_component_of", full_product_name: { name: "venv-openstack-neutron-x86_64-13.0.8~dev135-6.23.2.noarch as component of SUSE OpenStack Cloud 9", product_id: "SUSE OpenStack Cloud 9:venv-openstack-neutron-x86_64-13.0.8~dev135-6.23.2.noarch", }, product_reference: "venv-openstack-neutron-x86_64-13.0.8~dev135-6.23.2.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 9", }, { category: "default_component_of", full_product_name: { name: "venv-openstack-nova-x86_64-18.3.1~dev77-3.23.2.noarch as component of SUSE OpenStack Cloud 9", product_id: "SUSE OpenStack Cloud 9:venv-openstack-nova-x86_64-18.3.1~dev77-3.23.2.noarch", }, product_reference: "venv-openstack-nova-x86_64-18.3.1~dev77-3.23.2.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 9", }, { category: "default_component_of", full_product_name: { name: "venv-openstack-octavia-x86_64-3.2.3~dev7-4.21.2.noarch as component of SUSE OpenStack Cloud 9", product_id: "SUSE OpenStack Cloud 9:venv-openstack-octavia-x86_64-3.2.3~dev7-4.21.2.noarch", }, product_reference: "venv-openstack-octavia-x86_64-3.2.3~dev7-4.21.2.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 9", }, { category: "default_component_of", full_product_name: { name: "venv-openstack-sahara-x86_64-9.0.2~dev15-3.21.2.noarch as component of SUSE OpenStack Cloud 9", product_id: "SUSE OpenStack Cloud 9:venv-openstack-sahara-x86_64-9.0.2~dev15-3.21.2.noarch", }, product_reference: "venv-openstack-sahara-x86_64-9.0.2~dev15-3.21.2.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 9", }, { category: "default_component_of", full_product_name: { name: "venv-openstack-swift-x86_64-2.19.2~dev48-2.16.2.noarch as component of SUSE OpenStack Cloud 9", product_id: "SUSE OpenStack Cloud 9:venv-openstack-swift-x86_64-2.19.2~dev48-2.16.2.noarch", }, product_reference: "venv-openstack-swift-x86_64-2.19.2~dev48-2.16.2.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 9", }, { category: "default_component_of", full_product_name: { name: "crowbar-core-6.0+git.1606314264.bf9ada813-3.31.2.x86_64 as component of SUSE OpenStack Cloud Crowbar 9", product_id: "SUSE OpenStack Cloud Crowbar 9:crowbar-core-6.0+git.1606314264.bf9ada813-3.31.2.x86_64", }, product_reference: "crowbar-core-6.0+git.1606314264.bf9ada813-3.31.2.x86_64", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 9", }, { category: "default_component_of", full_product_name: { name: "crowbar-core-branding-upstream-6.0+git.1606314264.bf9ada813-3.31.2.x86_64 as component of SUSE OpenStack Cloud Crowbar 9", product_id: "SUSE OpenStack Cloud Crowbar 9:crowbar-core-branding-upstream-6.0+git.1606314264.bf9ada813-3.31.2.x86_64", }, product_reference: "crowbar-core-branding-upstream-6.0+git.1606314264.bf9ada813-3.31.2.x86_64", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 9", }, { category: "default_component_of", full_product_name: { name: "crowbar-openstack-6.0+git.1604573541.bb18c172d-3.28.3.noarch as component of SUSE OpenStack Cloud Crowbar 9", product_id: "SUSE OpenStack Cloud Crowbar 9:crowbar-openstack-6.0+git.1604573541.bb18c172d-3.28.3.noarch", }, product_reference: "crowbar-openstack-6.0+git.1604573541.bb18c172d-3.28.3.noarch", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 9", }, { category: "default_component_of", full_product_name: { name: "grafana-6.7.4-3.20.1.x86_64 as component of SUSE OpenStack Cloud Crowbar 9", product_id: "SUSE OpenStack Cloud Crowbar 9:grafana-6.7.4-3.20.1.x86_64", }, product_reference: "grafana-6.7.4-3.20.1.x86_64", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 9", }, { category: "default_component_of", full_product_name: { name: "influxdb-1.3.8-4.3.3.x86_64 as component of SUSE OpenStack Cloud Crowbar 9", product_id: "SUSE OpenStack Cloud Crowbar 9:influxdb-1.3.8-4.3.3.x86_64", }, product_reference: "influxdb-1.3.8-4.3.3.x86_64", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 9", }, { category: "default_component_of", full_product_name: { name: "openstack-cinder-13.0.10~dev20-3.28.2.noarch as component of SUSE OpenStack Cloud Crowbar 9", product_id: "SUSE OpenStack Cloud Crowbar 9:openstack-cinder-13.0.10~dev20-3.28.2.noarch", }, product_reference: "openstack-cinder-13.0.10~dev20-3.28.2.noarch", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 9", }, { category: "default_component_of", full_product_name: { name: "openstack-cinder-api-13.0.10~dev20-3.28.2.noarch as component of SUSE OpenStack Cloud Crowbar 9", product_id: "SUSE OpenStack Cloud Crowbar 9:openstack-cinder-api-13.0.10~dev20-3.28.2.noarch", }, product_reference: "openstack-cinder-api-13.0.10~dev20-3.28.2.noarch", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 9", }, { category: "default_component_of", full_product_name: { name: "openstack-cinder-backup-13.0.10~dev20-3.28.2.noarch as component of SUSE OpenStack Cloud Crowbar 9", product_id: "SUSE OpenStack Cloud Crowbar 9:openstack-cinder-backup-13.0.10~dev20-3.28.2.noarch", }, product_reference: "openstack-cinder-backup-13.0.10~dev20-3.28.2.noarch", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 9", }, { category: "default_component_of", full_product_name: { name: "openstack-cinder-scheduler-13.0.10~dev20-3.28.2.noarch as component of SUSE OpenStack Cloud Crowbar 9", product_id: "SUSE OpenStack Cloud Crowbar 9:openstack-cinder-scheduler-13.0.10~dev20-3.28.2.noarch", }, product_reference: "openstack-cinder-scheduler-13.0.10~dev20-3.28.2.noarch", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 9", }, { category: "default_component_of", full_product_name: { name: "openstack-cinder-volume-13.0.10~dev20-3.28.2.noarch as component of SUSE OpenStack Cloud Crowbar 9", product_id: "SUSE OpenStack Cloud Crowbar 9:openstack-cinder-volume-13.0.10~dev20-3.28.2.noarch", }, product_reference: "openstack-cinder-volume-13.0.10~dev20-3.28.2.noarch", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 9", }, { category: "default_component_of", full_product_name: { name: "openstack-heat-11.0.4~dev4-3.19.2.noarch as component of SUSE OpenStack Cloud Crowbar 9", product_id: "SUSE OpenStack Cloud Crowbar 9:openstack-heat-11.0.4~dev4-3.19.2.noarch", }, product_reference: "openstack-heat-11.0.4~dev4-3.19.2.noarch", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 9", }, { category: "default_component_of", full_product_name: { name: "openstack-heat-api-11.0.4~dev4-3.19.2.noarch as component of SUSE OpenStack Cloud Crowbar 9", product_id: "SUSE OpenStack Cloud Crowbar 9:openstack-heat-api-11.0.4~dev4-3.19.2.noarch", }, product_reference: "openstack-heat-api-11.0.4~dev4-3.19.2.noarch", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 9", }, { category: "default_component_of", full_product_name: { name: "openstack-heat-api-cfn-11.0.4~dev4-3.19.2.noarch as component of SUSE OpenStack Cloud Crowbar 9", product_id: "SUSE OpenStack Cloud Crowbar 9:openstack-heat-api-cfn-11.0.4~dev4-3.19.2.noarch", }, product_reference: "openstack-heat-api-cfn-11.0.4~dev4-3.19.2.noarch", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 9", }, { category: "default_component_of", full_product_name: { name: "openstack-heat-engine-11.0.4~dev4-3.19.2.noarch as component of SUSE OpenStack Cloud Crowbar 9", product_id: "SUSE OpenStack Cloud Crowbar 9:openstack-heat-engine-11.0.4~dev4-3.19.2.noarch", }, product_reference: "openstack-heat-engine-11.0.4~dev4-3.19.2.noarch", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 9", }, { category: "default_component_of", full_product_name: { name: "openstack-heat-gbp-12.0.1~dev2-3.3.4.noarch as component of SUSE OpenStack Cloud Crowbar 9", product_id: "SUSE OpenStack Cloud Crowbar 9:openstack-heat-gbp-12.0.1~dev2-3.3.4.noarch", }, product_reference: "openstack-heat-gbp-12.0.1~dev2-3.3.4.noarch", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 9", }, { category: "default_component_of", full_product_name: { name: "openstack-heat-plugin-heat_docker-11.0.4~dev4-3.19.2.noarch as component of SUSE OpenStack Cloud Crowbar 9", product_id: "SUSE OpenStack Cloud Crowbar 9:openstack-heat-plugin-heat_docker-11.0.4~dev4-3.19.2.noarch", }, product_reference: "openstack-heat-plugin-heat_docker-11.0.4~dev4-3.19.2.noarch", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 9", }, { category: "default_component_of", full_product_name: { name: "openstack-heat-templates-0.0.0+git.1605509190.64f020b6-3.9.3.noarch as component of SUSE OpenStack Cloud Crowbar 9", product_id: "SUSE OpenStack Cloud Crowbar 9:openstack-heat-templates-0.0.0+git.1605509190.64f020b6-3.9.3.noarch", }, product_reference: "openstack-heat-templates-0.0.0+git.1605509190.64f020b6-3.9.3.noarch", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 9", }, { category: "default_component_of", full_product_name: { name: "openstack-horizon-plugin-gbp-ui-12.0.1~dev3-3.3.4.noarch as component of SUSE OpenStack Cloud Crowbar 9", product_id: "SUSE OpenStack Cloud Crowbar 9:openstack-horizon-plugin-gbp-ui-12.0.1~dev3-3.3.4.noarch", }, product_reference: "openstack-horizon-plugin-gbp-ui-12.0.1~dev3-3.3.4.noarch", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 9", }, { category: "default_component_of", full_product_name: { name: "openstack-ironic-python-agent-3.3.4~dev6-3.19.4.noarch as component of SUSE OpenStack Cloud Crowbar 9", product_id: "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-python-agent-3.3.4~dev6-3.19.4.noarch", }, product_reference: "openstack-ironic-python-agent-3.3.4~dev6-3.19.4.noarch", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 9", }, { category: "default_component_of", full_product_name: { name: "openstack-manila-7.4.2~dev57-4.30.2.noarch as component of SUSE OpenStack Cloud Crowbar 9", product_id: "SUSE OpenStack Cloud Crowbar 9:openstack-manila-7.4.2~dev57-4.30.2.noarch", }, product_reference: "openstack-manila-7.4.2~dev57-4.30.2.noarch", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 9", }, { category: "default_component_of", full_product_name: { name: "openstack-manila-api-7.4.2~dev57-4.30.2.noarch as component of SUSE OpenStack Cloud Crowbar 9", product_id: "SUSE OpenStack Cloud Crowbar 9:openstack-manila-api-7.4.2~dev57-4.30.2.noarch", }, product_reference: "openstack-manila-api-7.4.2~dev57-4.30.2.noarch", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 9", }, { category: "default_component_of", full_product_name: { name: "openstack-manila-data-7.4.2~dev57-4.30.2.noarch as component of SUSE OpenStack Cloud Crowbar 9", product_id: "SUSE OpenStack Cloud Crowbar 9:openstack-manila-data-7.4.2~dev57-4.30.2.noarch", }, product_reference: "openstack-manila-data-7.4.2~dev57-4.30.2.noarch", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 9", }, { category: "default_component_of", full_product_name: { name: "openstack-manila-scheduler-7.4.2~dev57-4.30.2.noarch as component of SUSE OpenStack Cloud Crowbar 9", product_id: "SUSE OpenStack Cloud Crowbar 9:openstack-manila-scheduler-7.4.2~dev57-4.30.2.noarch", }, product_reference: "openstack-manila-scheduler-7.4.2~dev57-4.30.2.noarch", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 9", }, { category: "default_component_of", full_product_name: { name: "openstack-manila-share-7.4.2~dev57-4.30.2.noarch as component of SUSE OpenStack Cloud Crowbar 9", product_id: "SUSE OpenStack Cloud Crowbar 9:openstack-manila-share-7.4.2~dev57-4.30.2.noarch", }, product_reference: "openstack-manila-share-7.4.2~dev57-4.30.2.noarch", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 9", }, { category: "default_component_of", full_product_name: { name: "openstack-neutron-13.0.8~dev135-3.31.2.noarch as component of SUSE OpenStack Cloud Crowbar 9", product_id: "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-13.0.8~dev135-3.31.2.noarch", }, product_reference: "openstack-neutron-13.0.8~dev135-3.31.2.noarch", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 9", }, { category: "default_component_of", full_product_name: { name: "openstack-neutron-dhcp-agent-13.0.8~dev135-3.31.2.noarch as component of SUSE OpenStack Cloud Crowbar 9", product_id: "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-dhcp-agent-13.0.8~dev135-3.31.2.noarch", }, product_reference: "openstack-neutron-dhcp-agent-13.0.8~dev135-3.31.2.noarch", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 9", }, { category: "default_component_of", full_product_name: { name: "openstack-neutron-gbp-12.0.1~dev5-3.19.4.noarch as component of SUSE OpenStack Cloud Crowbar 9", product_id: "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-gbp-12.0.1~dev5-3.19.4.noarch", }, product_reference: "openstack-neutron-gbp-12.0.1~dev5-3.19.4.noarch", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 9", }, { category: "default_component_of", full_product_name: { name: "openstack-neutron-ha-tool-13.0.8~dev135-3.31.2.noarch as component of SUSE OpenStack Cloud Crowbar 9", product_id: "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-ha-tool-13.0.8~dev135-3.31.2.noarch", }, product_reference: "openstack-neutron-ha-tool-13.0.8~dev135-3.31.2.noarch", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 9", }, { category: "default_component_of", full_product_name: { name: "openstack-neutron-l3-agent-13.0.8~dev135-3.31.2.noarch as component of SUSE OpenStack Cloud Crowbar 9", product_id: "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-l3-agent-13.0.8~dev135-3.31.2.noarch", }, product_reference: "openstack-neutron-l3-agent-13.0.8~dev135-3.31.2.noarch", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 9", }, { category: "default_component_of", full_product_name: { name: "openstack-neutron-linuxbridge-agent-13.0.8~dev135-3.31.2.noarch as component of SUSE OpenStack Cloud Crowbar 9", product_id: "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-linuxbridge-agent-13.0.8~dev135-3.31.2.noarch", }, product_reference: "openstack-neutron-linuxbridge-agent-13.0.8~dev135-3.31.2.noarch", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 9", }, { category: "default_component_of", full_product_name: { name: "openstack-neutron-macvtap-agent-13.0.8~dev135-3.31.2.noarch as component of SUSE OpenStack Cloud Crowbar 9", product_id: "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-macvtap-agent-13.0.8~dev135-3.31.2.noarch", }, product_reference: "openstack-neutron-macvtap-agent-13.0.8~dev135-3.31.2.noarch", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 9", }, { category: "default_component_of", full_product_name: { name: "openstack-neutron-metadata-agent-13.0.8~dev135-3.31.2.noarch as component of SUSE OpenStack Cloud Crowbar 9", product_id: "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-metadata-agent-13.0.8~dev135-3.31.2.noarch", }, product_reference: "openstack-neutron-metadata-agent-13.0.8~dev135-3.31.2.noarch", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 9", }, { category: "default_component_of", full_product_name: { name: "openstack-neutron-metering-agent-13.0.8~dev135-3.31.2.noarch as component of SUSE OpenStack Cloud Crowbar 9", product_id: "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-metering-agent-13.0.8~dev135-3.31.2.noarch", }, product_reference: "openstack-neutron-metering-agent-13.0.8~dev135-3.31.2.noarch", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 9", }, { category: "default_component_of", full_product_name: { name: "openstack-neutron-openvswitch-agent-13.0.8~dev135-3.31.2.noarch as component of SUSE OpenStack Cloud Crowbar 9", product_id: "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-openvswitch-agent-13.0.8~dev135-3.31.2.noarch", }, product_reference: "openstack-neutron-openvswitch-agent-13.0.8~dev135-3.31.2.noarch", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 9", }, { category: "default_component_of", full_product_name: { name: "openstack-neutron-server-13.0.8~dev135-3.31.2.noarch as component of SUSE OpenStack Cloud Crowbar 9", product_id: "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-server-13.0.8~dev135-3.31.2.noarch", }, product_reference: "openstack-neutron-server-13.0.8~dev135-3.31.2.noarch", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 9", }, { category: "default_component_of", full_product_name: { name: "openstack-neutron-vpnaas-13.0.2~dev6-3.9.2.noarch as component of SUSE OpenStack Cloud Crowbar 9", product_id: "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-vpnaas-13.0.2~dev6-3.9.2.noarch", }, product_reference: "openstack-neutron-vpnaas-13.0.2~dev6-3.9.2.noarch", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 9", }, { category: "default_component_of", full_product_name: { name: "openstack-neutron-vyatta-agent-13.0.2~dev6-3.9.2.noarch as component of SUSE OpenStack Cloud Crowbar 9", product_id: "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-vyatta-agent-13.0.2~dev6-3.9.2.noarch", }, product_reference: "openstack-neutron-vyatta-agent-13.0.2~dev6-3.9.2.noarch", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 9", }, { category: "default_component_of", full_product_name: { name: "openstack-nova-18.3.1~dev77-3.31.2.noarch as component of SUSE OpenStack Cloud Crowbar 9", product_id: "SUSE OpenStack Cloud Crowbar 9:openstack-nova-18.3.1~dev77-3.31.2.noarch", }, product_reference: "openstack-nova-18.3.1~dev77-3.31.2.noarch", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 9", }, { category: "default_component_of", full_product_name: { name: "openstack-nova-api-18.3.1~dev77-3.31.2.noarch as component of SUSE OpenStack Cloud Crowbar 9", product_id: "SUSE OpenStack Cloud Crowbar 9:openstack-nova-api-18.3.1~dev77-3.31.2.noarch", }, product_reference: "openstack-nova-api-18.3.1~dev77-3.31.2.noarch", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 9", }, { category: "default_component_of", full_product_name: { name: "openstack-nova-cells-18.3.1~dev77-3.31.2.noarch as component of SUSE OpenStack Cloud Crowbar 9", product_id: "SUSE OpenStack Cloud Crowbar 9:openstack-nova-cells-18.3.1~dev77-3.31.2.noarch", }, product_reference: "openstack-nova-cells-18.3.1~dev77-3.31.2.noarch", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 9", }, { category: "default_component_of", full_product_name: { name: "openstack-nova-compute-18.3.1~dev77-3.31.2.noarch as component of SUSE OpenStack Cloud Crowbar 9", product_id: "SUSE OpenStack Cloud Crowbar 9:openstack-nova-compute-18.3.1~dev77-3.31.2.noarch", }, product_reference: "openstack-nova-compute-18.3.1~dev77-3.31.2.noarch", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 9", }, { category: "default_component_of", full_product_name: { name: "openstack-nova-conductor-18.3.1~dev77-3.31.2.noarch as component of SUSE OpenStack Cloud Crowbar 9", product_id: "SUSE OpenStack Cloud Crowbar 9:openstack-nova-conductor-18.3.1~dev77-3.31.2.noarch", }, product_reference: "openstack-nova-conductor-18.3.1~dev77-3.31.2.noarch", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 9", }, { category: "default_component_of", full_product_name: { name: "openstack-nova-console-18.3.1~dev77-3.31.2.noarch as component of SUSE OpenStack Cloud Crowbar 9", product_id: "SUSE OpenStack Cloud Crowbar 9:openstack-nova-console-18.3.1~dev77-3.31.2.noarch", }, product_reference: "openstack-nova-console-18.3.1~dev77-3.31.2.noarch", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 9", }, { category: "default_component_of", full_product_name: { name: "openstack-nova-novncproxy-18.3.1~dev77-3.31.2.noarch as component of SUSE OpenStack Cloud Crowbar 9", product_id: "SUSE OpenStack Cloud Crowbar 9:openstack-nova-novncproxy-18.3.1~dev77-3.31.2.noarch", }, product_reference: "openstack-nova-novncproxy-18.3.1~dev77-3.31.2.noarch", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 9", }, { category: "default_component_of", full_product_name: { name: "openstack-nova-placement-api-18.3.1~dev77-3.31.2.noarch as component of SUSE OpenStack Cloud Crowbar 9", product_id: "SUSE OpenStack Cloud Crowbar 9:openstack-nova-placement-api-18.3.1~dev77-3.31.2.noarch", }, product_reference: "openstack-nova-placement-api-18.3.1~dev77-3.31.2.noarch", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 9", }, { category: "default_component_of", full_product_name: { name: "openstack-nova-scheduler-18.3.1~dev77-3.31.2.noarch as component of SUSE OpenStack Cloud Crowbar 9", product_id: "SUSE OpenStack Cloud Crowbar 9:openstack-nova-scheduler-18.3.1~dev77-3.31.2.noarch", }, product_reference: "openstack-nova-scheduler-18.3.1~dev77-3.31.2.noarch", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 9", }, { category: "default_component_of", full_product_name: { name: "openstack-nova-serialproxy-18.3.1~dev77-3.31.2.noarch as component of SUSE OpenStack Cloud Crowbar 9", product_id: "SUSE OpenStack Cloud Crowbar 9:openstack-nova-serialproxy-18.3.1~dev77-3.31.2.noarch", }, product_reference: "openstack-nova-serialproxy-18.3.1~dev77-3.31.2.noarch", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 9", }, { category: "default_component_of", full_product_name: { name: "openstack-nova-vncproxy-18.3.1~dev77-3.31.2.noarch as component of SUSE OpenStack Cloud Crowbar 9", product_id: "SUSE OpenStack Cloud Crowbar 9:openstack-nova-vncproxy-18.3.1~dev77-3.31.2.noarch", }, product_reference: "openstack-nova-vncproxy-18.3.1~dev77-3.31.2.noarch", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 9", }, { category: "default_component_of", full_product_name: { name: "python-Jinja2-2.10.1-3.3.3.noarch as component of SUSE OpenStack Cloud Crowbar 9", product_id: "SUSE OpenStack Cloud Crowbar 9:python-Jinja2-2.10.1-3.3.3.noarch", }, product_reference: "python-Jinja2-2.10.1-3.3.3.noarch", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 9", }, { category: "default_component_of", full_product_name: { name: "python-cinder-13.0.10~dev20-3.28.2.noarch as component of SUSE OpenStack Cloud Crowbar 9", product_id: "SUSE OpenStack Cloud Crowbar 9:python-cinder-13.0.10~dev20-3.28.2.noarch", }, product_reference: "python-cinder-13.0.10~dev20-3.28.2.noarch", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 9", }, { category: "default_component_of", full_product_name: { name: "python-heat-11.0.4~dev4-3.19.2.noarch as component of SUSE OpenStack Cloud Crowbar 9", product_id: "SUSE OpenStack Cloud Crowbar 9:python-heat-11.0.4~dev4-3.19.2.noarch", }, product_reference: "python-heat-11.0.4~dev4-3.19.2.noarch", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 9", }, { category: "default_component_of", full_product_name: { name: "python-heat-gbp-12.0.1~dev2-3.3.4.noarch as component of SUSE OpenStack Cloud Crowbar 9", product_id: "SUSE OpenStack Cloud Crowbar 9:python-heat-gbp-12.0.1~dev2-3.3.4.noarch", }, product_reference: "python-heat-gbp-12.0.1~dev2-3.3.4.noarch", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 9", }, { category: "default_component_of", full_product_name: { name: "python-horizon-plugin-gbp-ui-12.0.1~dev3-3.3.4.noarch as component of SUSE OpenStack Cloud Crowbar 9", product_id: "SUSE OpenStack Cloud Crowbar 9:python-horizon-plugin-gbp-ui-12.0.1~dev3-3.3.4.noarch", }, product_reference: "python-horizon-plugin-gbp-ui-12.0.1~dev3-3.3.4.noarch", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 9", }, { category: "default_component_of", full_product_name: { name: "python-manila-7.4.2~dev57-4.30.2.noarch as component of SUSE OpenStack Cloud Crowbar 9", product_id: "SUSE OpenStack Cloud Crowbar 9:python-manila-7.4.2~dev57-4.30.2.noarch", }, product_reference: "python-manila-7.4.2~dev57-4.30.2.noarch", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 9", }, { category: "default_component_of", full_product_name: { name: "python-neutron-13.0.8~dev135-3.31.2.noarch as component of SUSE OpenStack Cloud Crowbar 9", product_id: "SUSE OpenStack Cloud Crowbar 9:python-neutron-13.0.8~dev135-3.31.2.noarch", }, product_reference: "python-neutron-13.0.8~dev135-3.31.2.noarch", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 9", }, { category: "default_component_of", full_product_name: { name: "python-neutron-gbp-12.0.1~dev5-3.19.4.noarch as component of SUSE OpenStack Cloud Crowbar 9", product_id: "SUSE OpenStack Cloud Crowbar 9:python-neutron-gbp-12.0.1~dev5-3.19.4.noarch", }, product_reference: "python-neutron-gbp-12.0.1~dev5-3.19.4.noarch", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 9", }, { category: "default_component_of", full_product_name: { name: "python-neutron-vpnaas-13.0.2~dev6-3.9.2.noarch as component of SUSE OpenStack Cloud Crowbar 9", product_id: "SUSE OpenStack Cloud Crowbar 9:python-neutron-vpnaas-13.0.2~dev6-3.9.2.noarch", }, product_reference: "python-neutron-vpnaas-13.0.2~dev6-3.9.2.noarch", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 9", }, { category: "default_component_of", full_product_name: { name: "python-neutron-vpnaas-tempest-plugin-13.0.2~dev6-3.9.2.noarch as component of SUSE OpenStack Cloud Crowbar 9", product_id: "SUSE OpenStack Cloud Crowbar 9:python-neutron-vpnaas-tempest-plugin-13.0.2~dev6-3.9.2.noarch", }, product_reference: "python-neutron-vpnaas-tempest-plugin-13.0.2~dev6-3.9.2.noarch", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 9", }, { category: "default_component_of", full_product_name: { name: "python-nova-18.3.1~dev77-3.31.2.noarch as component of SUSE OpenStack Cloud Crowbar 9", product_id: "SUSE OpenStack Cloud Crowbar 9:python-nova-18.3.1~dev77-3.31.2.noarch", }, product_reference: "python-nova-18.3.1~dev77-3.31.2.noarch", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 9", }, { category: "default_component_of", full_product_name: { name: "python-pysaml2-4.5.0-4.3.3.noarch as component of SUSE OpenStack Cloud Crowbar 9", product_id: "SUSE OpenStack Cloud Crowbar 9:python-pysaml2-4.5.0-4.3.3.noarch", }, product_reference: "python-pysaml2-4.5.0-4.3.3.noarch", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 9", }, { category: "default_component_of", full_product_name: { name: "python-pytest-3.7.4-3.3.3.noarch as component of SUSE OpenStack Cloud Crowbar 9", product_id: "SUSE OpenStack Cloud Crowbar 9:python-pytest-3.7.4-3.3.3.noarch", }, product_reference: "python-pytest-3.7.4-3.3.3.noarch", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 9", }, { category: "default_component_of", full_product_name: { name: "python-urllib3-1.23-3.15.3.noarch as component of SUSE OpenStack Cloud Crowbar 9", product_id: "SUSE OpenStack Cloud Crowbar 9:python-urllib3-1.23-3.15.3.noarch", }, product_reference: "python-urllib3-1.23-3.15.3.noarch", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 9", }, { category: "default_component_of", full_product_name: { name: "release-notes-suse-openstack-cloud-9.20200917-3.24.3.noarch as component of SUSE OpenStack Cloud Crowbar 9", product_id: "SUSE OpenStack Cloud Crowbar 9:release-notes-suse-openstack-cloud-9.20200917-3.24.3.noarch", }, product_reference: "release-notes-suse-openstack-cloud-9.20200917-3.24.3.noarch", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 9", }, { category: "default_component_of", full_product_name: { name: "spark-2.2.3-5.3.3.noarch as component of SUSE OpenStack Cloud Crowbar 9", product_id: "SUSE OpenStack Cloud Crowbar 9:spark-2.2.3-5.3.3.noarch", }, product_reference: "spark-2.2.3-5.3.3.noarch", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 9", }, ], }, vulnerabilities: [ { cve: "CVE-2016-10745", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2016-10745", }, ], notes: [ { category: "general", text: "In Pallets Jinja before 2.8.1, str.format allows a sandbox escape.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE OpenStack Cloud 9:ardana-cassandra-9.0+git.1600802664.7e480a2-3.6.2.noarch", "SUSE OpenStack Cloud 9:ardana-mq-9.0+git.1605174486.a78ddce-3.19.2.noarch", "SUSE OpenStack Cloud 9:ardana-osconfig-9.0+git.1601621747.a87e5a0-3.22.2.noarch", "SUSE OpenStack Cloud 9:ardana-tempest-9.0+git.1603378983.fc0bca9-3.19.2.noarch", "SUSE OpenStack Cloud 9:grafana-6.7.4-3.20.1.x86_64", "SUSE OpenStack Cloud 9:influxdb-1.3.8-4.3.3.x86_64", "SUSE OpenStack Cloud 9:openstack-cinder-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud 9:openstack-cinder-api-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud 9:openstack-cinder-backup-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud 9:openstack-cinder-scheduler-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud 9:openstack-cinder-volume-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud 9:openstack-heat-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud 9:openstack-heat-api-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud 9:openstack-heat-api-cfn-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud 9:openstack-heat-engine-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud 9:openstack-heat-gbp-12.0.1~dev2-3.3.4.noarch", "SUSE OpenStack Cloud 9:openstack-heat-plugin-heat_docker-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud 9:openstack-heat-templates-0.0.0+git.1605509190.64f020b6-3.9.3.noarch", "SUSE OpenStack Cloud 9:openstack-horizon-plugin-gbp-ui-12.0.1~dev3-3.3.4.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-python-agent-3.3.4~dev6-3.19.4.noarch", "SUSE OpenStack Cloud 9:openstack-manila-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud 9:openstack-manila-api-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud 9:openstack-manila-data-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud 9:openstack-manila-scheduler-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud 9:openstack-manila-share-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-dhcp-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-gbp-12.0.1~dev5-3.19.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-ha-tool-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-l3-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-linuxbridge-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-macvtap-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-metadata-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-metering-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-openvswitch-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-server-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-vpnaas-13.0.2~dev6-3.9.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-vyatta-agent-13.0.2~dev6-3.9.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-api-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-cells-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-compute-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-conductor-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-console-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-novncproxy-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-placement-api-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-scheduler-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-serialproxy-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-vncproxy-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:python-Jinja2-2.10.1-3.3.3.noarch", "SUSE OpenStack Cloud 9:python-cinder-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud 9:python-heat-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud 9:python-heat-gbp-12.0.1~dev2-3.3.4.noarch", "SUSE OpenStack Cloud 9:python-horizon-plugin-gbp-ui-12.0.1~dev3-3.3.4.noarch", "SUSE OpenStack Cloud 9:python-manila-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud 9:python-neutron-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:python-neutron-gbp-12.0.1~dev5-3.19.4.noarch", "SUSE OpenStack Cloud 9:python-neutron-vpnaas-13.0.2~dev6-3.9.2.noarch", "SUSE OpenStack Cloud 9:python-neutron-vpnaas-tempest-plugin-13.0.2~dev6-3.9.2.noarch", "SUSE OpenStack Cloud 9:python-nova-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:python-pysaml2-4.5.0-4.3.3.noarch", "SUSE OpenStack Cloud 9:python-pytest-3.7.4-3.3.3.noarch", "SUSE OpenStack Cloud 9:python-urllib3-1.23-3.15.3.noarch", "SUSE OpenStack Cloud 9:release-notes-suse-openstack-cloud-9.20200917-3.24.3.noarch", "SUSE OpenStack Cloud 9:spark-2.2.3-5.3.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-barbican-x86_64-7.0.1~dev24-3.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-cinder-x86_64-13.0.10~dev20-3.24.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-designate-x86_64-7.0.2~dev2-3.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-glance-x86_64-17.0.1~dev30-3.19.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-heat-x86_64-11.0.4~dev4-3.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-horizon-x86_64-14.1.1~dev7-4.23.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-ironic-x86_64-11.1.5~dev16-4.19.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-keystone-x86_64-14.2.1~dev4-3.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-magnum-x86_64-7.2.1~dev1-4.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-manila-x86_64-7.4.2~dev57-3.25.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-monasca-ceilometer-x86_64-1.8.2~dev3-3.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-monasca-x86_64-2.7.1~dev10-3.19.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-neutron-x86_64-13.0.8~dev135-6.23.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-nova-x86_64-18.3.1~dev77-3.23.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-octavia-x86_64-3.2.3~dev7-4.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-sahara-x86_64-9.0.2~dev15-3.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-swift-x86_64-2.19.2~dev48-2.16.2.noarch", "SUSE OpenStack Cloud Crowbar 9:crowbar-core-6.0+git.1606314264.bf9ada813-3.31.2.x86_64", "SUSE OpenStack Cloud Crowbar 9:crowbar-core-branding-upstream-6.0+git.1606314264.bf9ada813-3.31.2.x86_64", "SUSE OpenStack Cloud Crowbar 9:crowbar-openstack-6.0+git.1604573541.bb18c172d-3.28.3.noarch", "SUSE OpenStack Cloud Crowbar 9:grafana-6.7.4-3.20.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:influxdb-1.3.8-4.3.3.x86_64", "SUSE OpenStack Cloud Crowbar 9:openstack-cinder-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-cinder-api-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-cinder-backup-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-cinder-scheduler-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-cinder-volume-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-heat-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-heat-api-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-heat-api-cfn-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-heat-engine-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-heat-gbp-12.0.1~dev2-3.3.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-heat-plugin-heat_docker-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-heat-templates-0.0.0+git.1605509190.64f020b6-3.9.3.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-horizon-plugin-gbp-ui-12.0.1~dev3-3.3.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-python-agent-3.3.4~dev6-3.19.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-manila-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-manila-api-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-manila-data-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-manila-scheduler-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-manila-share-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-dhcp-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-gbp-12.0.1~dev5-3.19.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-ha-tool-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-l3-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-linuxbridge-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-macvtap-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-metadata-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-metering-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-openvswitch-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-server-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-vpnaas-13.0.2~dev6-3.9.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-vyatta-agent-13.0.2~dev6-3.9.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-api-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-cells-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-compute-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-conductor-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-console-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-novncproxy-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-placement-api-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-scheduler-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-serialproxy-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-vncproxy-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-Jinja2-2.10.1-3.3.3.noarch", "SUSE OpenStack Cloud Crowbar 9:python-cinder-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-heat-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-heat-gbp-12.0.1~dev2-3.3.4.noarch", "SUSE OpenStack Cloud Crowbar 9:python-horizon-plugin-gbp-ui-12.0.1~dev3-3.3.4.noarch", "SUSE OpenStack Cloud Crowbar 9:python-manila-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-gbp-12.0.1~dev5-3.19.4.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-vpnaas-13.0.2~dev6-3.9.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-vpnaas-tempest-plugin-13.0.2~dev6-3.9.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-nova-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-pysaml2-4.5.0-4.3.3.noarch", "SUSE OpenStack Cloud Crowbar 9:python-pytest-3.7.4-3.3.3.noarch", "SUSE OpenStack Cloud Crowbar 9:python-urllib3-1.23-3.15.3.noarch", "SUSE OpenStack Cloud Crowbar 9:release-notes-suse-openstack-cloud-9.20200917-3.24.3.noarch", "SUSE OpenStack Cloud Crowbar 9:spark-2.2.3-5.3.3.noarch", ], }, references: [ { category: "external", summary: "CVE-2016-10745", url: "https://www.suse.com/security/cve/CVE-2016-10745", }, { category: "external", summary: "SUSE Bug 1132174 for CVE-2016-10745", url: "https://bugzilla.suse.com/1132174", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE OpenStack Cloud 9:ardana-cassandra-9.0+git.1600802664.7e480a2-3.6.2.noarch", "SUSE OpenStack Cloud 9:ardana-mq-9.0+git.1605174486.a78ddce-3.19.2.noarch", "SUSE OpenStack Cloud 9:ardana-osconfig-9.0+git.1601621747.a87e5a0-3.22.2.noarch", "SUSE OpenStack Cloud 9:ardana-tempest-9.0+git.1603378983.fc0bca9-3.19.2.noarch", "SUSE OpenStack Cloud 9:grafana-6.7.4-3.20.1.x86_64", "SUSE OpenStack Cloud 9:influxdb-1.3.8-4.3.3.x86_64", "SUSE OpenStack Cloud 9:openstack-cinder-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud 9:openstack-cinder-api-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud 9:openstack-cinder-backup-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud 9:openstack-cinder-scheduler-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud 9:openstack-cinder-volume-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud 9:openstack-heat-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud 9:openstack-heat-api-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud 9:openstack-heat-api-cfn-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud 9:openstack-heat-engine-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud 9:openstack-heat-gbp-12.0.1~dev2-3.3.4.noarch", "SUSE OpenStack Cloud 9:openstack-heat-plugin-heat_docker-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud 9:openstack-heat-templates-0.0.0+git.1605509190.64f020b6-3.9.3.noarch", "SUSE OpenStack Cloud 9:openstack-horizon-plugin-gbp-ui-12.0.1~dev3-3.3.4.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-python-agent-3.3.4~dev6-3.19.4.noarch", "SUSE OpenStack Cloud 9:openstack-manila-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud 9:openstack-manila-api-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud 9:openstack-manila-data-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud 9:openstack-manila-scheduler-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud 9:openstack-manila-share-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-dhcp-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-gbp-12.0.1~dev5-3.19.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-ha-tool-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-l3-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-linuxbridge-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-macvtap-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-metadata-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-metering-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-openvswitch-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-server-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-vpnaas-13.0.2~dev6-3.9.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-vyatta-agent-13.0.2~dev6-3.9.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-api-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-cells-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-compute-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-conductor-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-console-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-novncproxy-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-placement-api-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-scheduler-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-serialproxy-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-vncproxy-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:python-Jinja2-2.10.1-3.3.3.noarch", "SUSE OpenStack Cloud 9:python-cinder-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud 9:python-heat-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud 9:python-heat-gbp-12.0.1~dev2-3.3.4.noarch", "SUSE OpenStack Cloud 9:python-horizon-plugin-gbp-ui-12.0.1~dev3-3.3.4.noarch", "SUSE OpenStack Cloud 9:python-manila-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud 9:python-neutron-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:python-neutron-gbp-12.0.1~dev5-3.19.4.noarch", "SUSE OpenStack Cloud 9:python-neutron-vpnaas-13.0.2~dev6-3.9.2.noarch", "SUSE OpenStack Cloud 9:python-neutron-vpnaas-tempest-plugin-13.0.2~dev6-3.9.2.noarch", "SUSE OpenStack Cloud 9:python-nova-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:python-pysaml2-4.5.0-4.3.3.noarch", "SUSE OpenStack Cloud 9:python-pytest-3.7.4-3.3.3.noarch", "SUSE OpenStack Cloud 9:python-urllib3-1.23-3.15.3.noarch", "SUSE OpenStack Cloud 9:release-notes-suse-openstack-cloud-9.20200917-3.24.3.noarch", "SUSE OpenStack Cloud 9:spark-2.2.3-5.3.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-barbican-x86_64-7.0.1~dev24-3.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-cinder-x86_64-13.0.10~dev20-3.24.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-designate-x86_64-7.0.2~dev2-3.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-glance-x86_64-17.0.1~dev30-3.19.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-heat-x86_64-11.0.4~dev4-3.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-horizon-x86_64-14.1.1~dev7-4.23.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-ironic-x86_64-11.1.5~dev16-4.19.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-keystone-x86_64-14.2.1~dev4-3.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-magnum-x86_64-7.2.1~dev1-4.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-manila-x86_64-7.4.2~dev57-3.25.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-monasca-ceilometer-x86_64-1.8.2~dev3-3.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-monasca-x86_64-2.7.1~dev10-3.19.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-neutron-x86_64-13.0.8~dev135-6.23.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-nova-x86_64-18.3.1~dev77-3.23.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-octavia-x86_64-3.2.3~dev7-4.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-sahara-x86_64-9.0.2~dev15-3.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-swift-x86_64-2.19.2~dev48-2.16.2.noarch", "SUSE OpenStack Cloud Crowbar 9:crowbar-core-6.0+git.1606314264.bf9ada813-3.31.2.x86_64", "SUSE OpenStack Cloud Crowbar 9:crowbar-core-branding-upstream-6.0+git.1606314264.bf9ada813-3.31.2.x86_64", "SUSE OpenStack Cloud Crowbar 9:crowbar-openstack-6.0+git.1604573541.bb18c172d-3.28.3.noarch", "SUSE OpenStack Cloud Crowbar 9:grafana-6.7.4-3.20.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:influxdb-1.3.8-4.3.3.x86_64", "SUSE OpenStack Cloud Crowbar 9:openstack-cinder-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-cinder-api-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-cinder-backup-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-cinder-scheduler-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-cinder-volume-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-heat-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-heat-api-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-heat-api-cfn-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-heat-engine-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-heat-gbp-12.0.1~dev2-3.3.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-heat-plugin-heat_docker-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-heat-templates-0.0.0+git.1605509190.64f020b6-3.9.3.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-horizon-plugin-gbp-ui-12.0.1~dev3-3.3.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-python-agent-3.3.4~dev6-3.19.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-manila-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-manila-api-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-manila-data-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-manila-scheduler-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-manila-share-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-dhcp-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-gbp-12.0.1~dev5-3.19.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-ha-tool-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-l3-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-linuxbridge-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-macvtap-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-metadata-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-metering-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-openvswitch-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-server-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-vpnaas-13.0.2~dev6-3.9.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-vyatta-agent-13.0.2~dev6-3.9.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-api-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-cells-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-compute-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-conductor-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-console-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-novncproxy-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-placement-api-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-scheduler-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-serialproxy-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-vncproxy-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-Jinja2-2.10.1-3.3.3.noarch", "SUSE OpenStack Cloud Crowbar 9:python-cinder-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-heat-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-heat-gbp-12.0.1~dev2-3.3.4.noarch", "SUSE OpenStack Cloud Crowbar 9:python-horizon-plugin-gbp-ui-12.0.1~dev3-3.3.4.noarch", "SUSE OpenStack Cloud Crowbar 9:python-manila-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-gbp-12.0.1~dev5-3.19.4.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-vpnaas-13.0.2~dev6-3.9.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-vpnaas-tempest-plugin-13.0.2~dev6-3.9.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-nova-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-pysaml2-4.5.0-4.3.3.noarch", "SUSE OpenStack Cloud Crowbar 9:python-pytest-3.7.4-3.3.3.noarch", "SUSE OpenStack Cloud Crowbar 9:python-urllib3-1.23-3.15.3.noarch", "SUSE OpenStack Cloud Crowbar 9:release-notes-suse-openstack-cloud-9.20200917-3.24.3.noarch", "SUSE OpenStack Cloud Crowbar 9:spark-2.2.3-5.3.3.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 8.7, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:L", version: "3.0", }, products: [ "SUSE OpenStack Cloud 9:ardana-cassandra-9.0+git.1600802664.7e480a2-3.6.2.noarch", "SUSE OpenStack Cloud 9:ardana-mq-9.0+git.1605174486.a78ddce-3.19.2.noarch", "SUSE OpenStack Cloud 9:ardana-osconfig-9.0+git.1601621747.a87e5a0-3.22.2.noarch", "SUSE OpenStack Cloud 9:ardana-tempest-9.0+git.1603378983.fc0bca9-3.19.2.noarch", "SUSE OpenStack Cloud 9:grafana-6.7.4-3.20.1.x86_64", "SUSE OpenStack Cloud 9:influxdb-1.3.8-4.3.3.x86_64", "SUSE OpenStack Cloud 9:openstack-cinder-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud 9:openstack-cinder-api-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud 9:openstack-cinder-backup-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud 9:openstack-cinder-scheduler-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud 9:openstack-cinder-volume-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud 9:openstack-heat-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud 9:openstack-heat-api-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud 9:openstack-heat-api-cfn-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud 9:openstack-heat-engine-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud 9:openstack-heat-gbp-12.0.1~dev2-3.3.4.noarch", "SUSE OpenStack Cloud 9:openstack-heat-plugin-heat_docker-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud 9:openstack-heat-templates-0.0.0+git.1605509190.64f020b6-3.9.3.noarch", "SUSE OpenStack Cloud 9:openstack-horizon-plugin-gbp-ui-12.0.1~dev3-3.3.4.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-python-agent-3.3.4~dev6-3.19.4.noarch", "SUSE OpenStack Cloud 9:openstack-manila-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud 9:openstack-manila-api-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud 9:openstack-manila-data-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud 9:openstack-manila-scheduler-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud 9:openstack-manila-share-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-dhcp-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-gbp-12.0.1~dev5-3.19.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-ha-tool-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-l3-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-linuxbridge-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-macvtap-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-metadata-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-metering-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-openvswitch-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-server-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-vpnaas-13.0.2~dev6-3.9.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-vyatta-agent-13.0.2~dev6-3.9.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-api-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-cells-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-compute-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-conductor-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-console-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-novncproxy-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-placement-api-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-scheduler-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-serialproxy-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-vncproxy-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:python-Jinja2-2.10.1-3.3.3.noarch", "SUSE OpenStack Cloud 9:python-cinder-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud 9:python-heat-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud 9:python-heat-gbp-12.0.1~dev2-3.3.4.noarch", "SUSE OpenStack Cloud 9:python-horizon-plugin-gbp-ui-12.0.1~dev3-3.3.4.noarch", "SUSE OpenStack Cloud 9:python-manila-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud 9:python-neutron-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:python-neutron-gbp-12.0.1~dev5-3.19.4.noarch", "SUSE OpenStack Cloud 9:python-neutron-vpnaas-13.0.2~dev6-3.9.2.noarch", "SUSE OpenStack Cloud 9:python-neutron-vpnaas-tempest-plugin-13.0.2~dev6-3.9.2.noarch", "SUSE OpenStack Cloud 9:python-nova-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:python-pysaml2-4.5.0-4.3.3.noarch", "SUSE OpenStack Cloud 9:python-pytest-3.7.4-3.3.3.noarch", "SUSE OpenStack Cloud 9:python-urllib3-1.23-3.15.3.noarch", "SUSE OpenStack Cloud 9:release-notes-suse-openstack-cloud-9.20200917-3.24.3.noarch", "SUSE OpenStack Cloud 9:spark-2.2.3-5.3.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-barbican-x86_64-7.0.1~dev24-3.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-cinder-x86_64-13.0.10~dev20-3.24.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-designate-x86_64-7.0.2~dev2-3.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-glance-x86_64-17.0.1~dev30-3.19.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-heat-x86_64-11.0.4~dev4-3.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-horizon-x86_64-14.1.1~dev7-4.23.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-ironic-x86_64-11.1.5~dev16-4.19.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-keystone-x86_64-14.2.1~dev4-3.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-magnum-x86_64-7.2.1~dev1-4.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-manila-x86_64-7.4.2~dev57-3.25.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-monasca-ceilometer-x86_64-1.8.2~dev3-3.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-monasca-x86_64-2.7.1~dev10-3.19.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-neutron-x86_64-13.0.8~dev135-6.23.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-nova-x86_64-18.3.1~dev77-3.23.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-octavia-x86_64-3.2.3~dev7-4.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-sahara-x86_64-9.0.2~dev15-3.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-swift-x86_64-2.19.2~dev48-2.16.2.noarch", "SUSE OpenStack Cloud Crowbar 9:crowbar-core-6.0+git.1606314264.bf9ada813-3.31.2.x86_64", "SUSE OpenStack Cloud Crowbar 9:crowbar-core-branding-upstream-6.0+git.1606314264.bf9ada813-3.31.2.x86_64", "SUSE OpenStack Cloud Crowbar 9:crowbar-openstack-6.0+git.1604573541.bb18c172d-3.28.3.noarch", "SUSE OpenStack Cloud Crowbar 9:grafana-6.7.4-3.20.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:influxdb-1.3.8-4.3.3.x86_64", "SUSE OpenStack Cloud Crowbar 9:openstack-cinder-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-cinder-api-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-cinder-backup-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-cinder-scheduler-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-cinder-volume-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-heat-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-heat-api-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-heat-api-cfn-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-heat-engine-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-heat-gbp-12.0.1~dev2-3.3.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-heat-plugin-heat_docker-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-heat-templates-0.0.0+git.1605509190.64f020b6-3.9.3.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-horizon-plugin-gbp-ui-12.0.1~dev3-3.3.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-python-agent-3.3.4~dev6-3.19.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-manila-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-manila-api-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-manila-data-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-manila-scheduler-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-manila-share-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-dhcp-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-gbp-12.0.1~dev5-3.19.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-ha-tool-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-l3-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-linuxbridge-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-macvtap-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-metadata-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-metering-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-openvswitch-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-server-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-vpnaas-13.0.2~dev6-3.9.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-vyatta-agent-13.0.2~dev6-3.9.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-api-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-cells-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-compute-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-conductor-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-console-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-novncproxy-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-placement-api-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-scheduler-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-serialproxy-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-vncproxy-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-Jinja2-2.10.1-3.3.3.noarch", "SUSE OpenStack Cloud Crowbar 9:python-cinder-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-heat-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-heat-gbp-12.0.1~dev2-3.3.4.noarch", "SUSE OpenStack Cloud Crowbar 9:python-horizon-plugin-gbp-ui-12.0.1~dev3-3.3.4.noarch", "SUSE OpenStack Cloud Crowbar 9:python-manila-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-gbp-12.0.1~dev5-3.19.4.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-vpnaas-13.0.2~dev6-3.9.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-vpnaas-tempest-plugin-13.0.2~dev6-3.9.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-nova-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-pysaml2-4.5.0-4.3.3.noarch", "SUSE OpenStack Cloud Crowbar 9:python-pytest-3.7.4-3.3.3.noarch", "SUSE OpenStack Cloud Crowbar 9:python-urllib3-1.23-3.15.3.noarch", "SUSE OpenStack Cloud Crowbar 9:release-notes-suse-openstack-cloud-9.20200917-3.24.3.noarch", "SUSE OpenStack Cloud Crowbar 9:spark-2.2.3-5.3.3.noarch", ], }, ], threats: [ { category: "impact", date: "2020-12-21T12:51:34Z", details: "important", }, ], title: "CVE-2016-10745", }, { cve: "CVE-2019-10906", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-10906", }, ], notes: [ { category: "general", text: "In Pallets Jinja before 2.10.1, str.format_map allows a sandbox escape.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE OpenStack Cloud 9:ardana-cassandra-9.0+git.1600802664.7e480a2-3.6.2.noarch", "SUSE OpenStack Cloud 9:ardana-mq-9.0+git.1605174486.a78ddce-3.19.2.noarch", "SUSE OpenStack Cloud 9:ardana-osconfig-9.0+git.1601621747.a87e5a0-3.22.2.noarch", "SUSE OpenStack Cloud 9:ardana-tempest-9.0+git.1603378983.fc0bca9-3.19.2.noarch", "SUSE OpenStack Cloud 9:grafana-6.7.4-3.20.1.x86_64", "SUSE OpenStack Cloud 9:influxdb-1.3.8-4.3.3.x86_64", "SUSE OpenStack Cloud 9:openstack-cinder-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud 9:openstack-cinder-api-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud 9:openstack-cinder-backup-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud 9:openstack-cinder-scheduler-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud 9:openstack-cinder-volume-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud 9:openstack-heat-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud 9:openstack-heat-api-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud 9:openstack-heat-api-cfn-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud 9:openstack-heat-engine-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud 9:openstack-heat-gbp-12.0.1~dev2-3.3.4.noarch", "SUSE OpenStack Cloud 9:openstack-heat-plugin-heat_docker-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud 9:openstack-heat-templates-0.0.0+git.1605509190.64f020b6-3.9.3.noarch", "SUSE OpenStack Cloud 9:openstack-horizon-plugin-gbp-ui-12.0.1~dev3-3.3.4.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-python-agent-3.3.4~dev6-3.19.4.noarch", "SUSE OpenStack Cloud 9:openstack-manila-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud 9:openstack-manila-api-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud 9:openstack-manila-data-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud 9:openstack-manila-scheduler-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud 9:openstack-manila-share-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-dhcp-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-gbp-12.0.1~dev5-3.19.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-ha-tool-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-l3-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-linuxbridge-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-macvtap-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-metadata-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-metering-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-openvswitch-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-server-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-vpnaas-13.0.2~dev6-3.9.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-vyatta-agent-13.0.2~dev6-3.9.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-api-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-cells-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-compute-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-conductor-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-console-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-novncproxy-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-placement-api-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-scheduler-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-serialproxy-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-vncproxy-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:python-Jinja2-2.10.1-3.3.3.noarch", "SUSE OpenStack Cloud 9:python-cinder-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud 9:python-heat-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud 9:python-heat-gbp-12.0.1~dev2-3.3.4.noarch", "SUSE OpenStack Cloud 9:python-horizon-plugin-gbp-ui-12.0.1~dev3-3.3.4.noarch", "SUSE OpenStack Cloud 9:python-manila-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud 9:python-neutron-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:python-neutron-gbp-12.0.1~dev5-3.19.4.noarch", "SUSE OpenStack Cloud 9:python-neutron-vpnaas-13.0.2~dev6-3.9.2.noarch", "SUSE OpenStack Cloud 9:python-neutron-vpnaas-tempest-plugin-13.0.2~dev6-3.9.2.noarch", "SUSE OpenStack Cloud 9:python-nova-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:python-pysaml2-4.5.0-4.3.3.noarch", "SUSE OpenStack Cloud 9:python-pytest-3.7.4-3.3.3.noarch", "SUSE OpenStack Cloud 9:python-urllib3-1.23-3.15.3.noarch", "SUSE OpenStack Cloud 9:release-notes-suse-openstack-cloud-9.20200917-3.24.3.noarch", "SUSE OpenStack Cloud 9:spark-2.2.3-5.3.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-barbican-x86_64-7.0.1~dev24-3.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-cinder-x86_64-13.0.10~dev20-3.24.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-designate-x86_64-7.0.2~dev2-3.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-glance-x86_64-17.0.1~dev30-3.19.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-heat-x86_64-11.0.4~dev4-3.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-horizon-x86_64-14.1.1~dev7-4.23.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-ironic-x86_64-11.1.5~dev16-4.19.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-keystone-x86_64-14.2.1~dev4-3.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-magnum-x86_64-7.2.1~dev1-4.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-manila-x86_64-7.4.2~dev57-3.25.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-monasca-ceilometer-x86_64-1.8.2~dev3-3.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-monasca-x86_64-2.7.1~dev10-3.19.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-neutron-x86_64-13.0.8~dev135-6.23.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-nova-x86_64-18.3.1~dev77-3.23.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-octavia-x86_64-3.2.3~dev7-4.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-sahara-x86_64-9.0.2~dev15-3.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-swift-x86_64-2.19.2~dev48-2.16.2.noarch", "SUSE OpenStack Cloud Crowbar 9:crowbar-core-6.0+git.1606314264.bf9ada813-3.31.2.x86_64", "SUSE OpenStack Cloud Crowbar 9:crowbar-core-branding-upstream-6.0+git.1606314264.bf9ada813-3.31.2.x86_64", "SUSE OpenStack Cloud Crowbar 9:crowbar-openstack-6.0+git.1604573541.bb18c172d-3.28.3.noarch", "SUSE OpenStack Cloud Crowbar 9:grafana-6.7.4-3.20.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:influxdb-1.3.8-4.3.3.x86_64", "SUSE OpenStack Cloud Crowbar 9:openstack-cinder-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-cinder-api-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-cinder-backup-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-cinder-scheduler-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-cinder-volume-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-heat-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-heat-api-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-heat-api-cfn-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-heat-engine-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-heat-gbp-12.0.1~dev2-3.3.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-heat-plugin-heat_docker-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-heat-templates-0.0.0+git.1605509190.64f020b6-3.9.3.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-horizon-plugin-gbp-ui-12.0.1~dev3-3.3.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-python-agent-3.3.4~dev6-3.19.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-manila-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-manila-api-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-manila-data-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-manila-scheduler-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-manila-share-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-dhcp-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-gbp-12.0.1~dev5-3.19.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-ha-tool-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-l3-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-linuxbridge-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-macvtap-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-metadata-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-metering-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-openvswitch-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-server-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-vpnaas-13.0.2~dev6-3.9.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-vyatta-agent-13.0.2~dev6-3.9.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-api-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-cells-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-compute-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-conductor-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-console-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-novncproxy-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-placement-api-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-scheduler-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-serialproxy-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-vncproxy-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-Jinja2-2.10.1-3.3.3.noarch", "SUSE OpenStack Cloud Crowbar 9:python-cinder-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-heat-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-heat-gbp-12.0.1~dev2-3.3.4.noarch", "SUSE OpenStack Cloud Crowbar 9:python-horizon-plugin-gbp-ui-12.0.1~dev3-3.3.4.noarch", "SUSE OpenStack Cloud Crowbar 9:python-manila-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-gbp-12.0.1~dev5-3.19.4.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-vpnaas-13.0.2~dev6-3.9.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-vpnaas-tempest-plugin-13.0.2~dev6-3.9.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-nova-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-pysaml2-4.5.0-4.3.3.noarch", "SUSE OpenStack Cloud Crowbar 9:python-pytest-3.7.4-3.3.3.noarch", "SUSE OpenStack Cloud Crowbar 9:python-urllib3-1.23-3.15.3.noarch", "SUSE OpenStack Cloud Crowbar 9:release-notes-suse-openstack-cloud-9.20200917-3.24.3.noarch", "SUSE OpenStack Cloud Crowbar 9:spark-2.2.3-5.3.3.noarch", ], }, references: [ { category: "external", summary: "CVE-2019-10906", url: "https://www.suse.com/security/cve/CVE-2019-10906", }, { category: "external", summary: "SUSE Bug 1132323 for CVE-2019-10906", url: "https://bugzilla.suse.com/1132323", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE OpenStack Cloud 9:ardana-cassandra-9.0+git.1600802664.7e480a2-3.6.2.noarch", "SUSE OpenStack Cloud 9:ardana-mq-9.0+git.1605174486.a78ddce-3.19.2.noarch", "SUSE OpenStack Cloud 9:ardana-osconfig-9.0+git.1601621747.a87e5a0-3.22.2.noarch", "SUSE OpenStack Cloud 9:ardana-tempest-9.0+git.1603378983.fc0bca9-3.19.2.noarch", "SUSE OpenStack Cloud 9:grafana-6.7.4-3.20.1.x86_64", "SUSE OpenStack Cloud 9:influxdb-1.3.8-4.3.3.x86_64", "SUSE OpenStack Cloud 9:openstack-cinder-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud 9:openstack-cinder-api-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud 9:openstack-cinder-backup-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud 9:openstack-cinder-scheduler-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud 9:openstack-cinder-volume-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud 9:openstack-heat-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud 9:openstack-heat-api-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud 9:openstack-heat-api-cfn-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud 9:openstack-heat-engine-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud 9:openstack-heat-gbp-12.0.1~dev2-3.3.4.noarch", "SUSE OpenStack Cloud 9:openstack-heat-plugin-heat_docker-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud 9:openstack-heat-templates-0.0.0+git.1605509190.64f020b6-3.9.3.noarch", "SUSE OpenStack Cloud 9:openstack-horizon-plugin-gbp-ui-12.0.1~dev3-3.3.4.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-python-agent-3.3.4~dev6-3.19.4.noarch", "SUSE OpenStack Cloud 9:openstack-manila-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud 9:openstack-manila-api-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud 9:openstack-manila-data-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud 9:openstack-manila-scheduler-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud 9:openstack-manila-share-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-dhcp-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-gbp-12.0.1~dev5-3.19.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-ha-tool-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-l3-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-linuxbridge-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-macvtap-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-metadata-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-metering-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-openvswitch-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-server-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-vpnaas-13.0.2~dev6-3.9.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-vyatta-agent-13.0.2~dev6-3.9.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-api-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-cells-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-compute-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-conductor-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-console-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-novncproxy-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-placement-api-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-scheduler-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-serialproxy-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-vncproxy-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:python-Jinja2-2.10.1-3.3.3.noarch", "SUSE OpenStack Cloud 9:python-cinder-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud 9:python-heat-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud 9:python-heat-gbp-12.0.1~dev2-3.3.4.noarch", "SUSE OpenStack Cloud 9:python-horizon-plugin-gbp-ui-12.0.1~dev3-3.3.4.noarch", "SUSE OpenStack Cloud 9:python-manila-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud 9:python-neutron-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:python-neutron-gbp-12.0.1~dev5-3.19.4.noarch", "SUSE OpenStack Cloud 9:python-neutron-vpnaas-13.0.2~dev6-3.9.2.noarch", "SUSE OpenStack Cloud 9:python-neutron-vpnaas-tempest-plugin-13.0.2~dev6-3.9.2.noarch", "SUSE OpenStack Cloud 9:python-nova-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:python-pysaml2-4.5.0-4.3.3.noarch", "SUSE OpenStack Cloud 9:python-pytest-3.7.4-3.3.3.noarch", "SUSE OpenStack Cloud 9:python-urllib3-1.23-3.15.3.noarch", "SUSE OpenStack Cloud 9:release-notes-suse-openstack-cloud-9.20200917-3.24.3.noarch", "SUSE OpenStack Cloud 9:spark-2.2.3-5.3.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-barbican-x86_64-7.0.1~dev24-3.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-cinder-x86_64-13.0.10~dev20-3.24.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-designate-x86_64-7.0.2~dev2-3.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-glance-x86_64-17.0.1~dev30-3.19.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-heat-x86_64-11.0.4~dev4-3.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-horizon-x86_64-14.1.1~dev7-4.23.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-ironic-x86_64-11.1.5~dev16-4.19.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-keystone-x86_64-14.2.1~dev4-3.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-magnum-x86_64-7.2.1~dev1-4.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-manila-x86_64-7.4.2~dev57-3.25.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-monasca-ceilometer-x86_64-1.8.2~dev3-3.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-monasca-x86_64-2.7.1~dev10-3.19.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-neutron-x86_64-13.0.8~dev135-6.23.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-nova-x86_64-18.3.1~dev77-3.23.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-octavia-x86_64-3.2.3~dev7-4.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-sahara-x86_64-9.0.2~dev15-3.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-swift-x86_64-2.19.2~dev48-2.16.2.noarch", "SUSE OpenStack Cloud Crowbar 9:crowbar-core-6.0+git.1606314264.bf9ada813-3.31.2.x86_64", "SUSE OpenStack Cloud Crowbar 9:crowbar-core-branding-upstream-6.0+git.1606314264.bf9ada813-3.31.2.x86_64", "SUSE OpenStack Cloud Crowbar 9:crowbar-openstack-6.0+git.1604573541.bb18c172d-3.28.3.noarch", "SUSE OpenStack Cloud Crowbar 9:grafana-6.7.4-3.20.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:influxdb-1.3.8-4.3.3.x86_64", "SUSE OpenStack Cloud Crowbar 9:openstack-cinder-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-cinder-api-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-cinder-backup-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-cinder-scheduler-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-cinder-volume-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-heat-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-heat-api-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-heat-api-cfn-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-heat-engine-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-heat-gbp-12.0.1~dev2-3.3.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-heat-plugin-heat_docker-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-heat-templates-0.0.0+git.1605509190.64f020b6-3.9.3.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-horizon-plugin-gbp-ui-12.0.1~dev3-3.3.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-python-agent-3.3.4~dev6-3.19.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-manila-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-manila-api-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-manila-data-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-manila-scheduler-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-manila-share-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-dhcp-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-gbp-12.0.1~dev5-3.19.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-ha-tool-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-l3-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-linuxbridge-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-macvtap-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-metadata-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-metering-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-openvswitch-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-server-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-vpnaas-13.0.2~dev6-3.9.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-vyatta-agent-13.0.2~dev6-3.9.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-api-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-cells-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-compute-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-conductor-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-console-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-novncproxy-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-placement-api-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-scheduler-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-serialproxy-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-vncproxy-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-Jinja2-2.10.1-3.3.3.noarch", "SUSE OpenStack Cloud Crowbar 9:python-cinder-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-heat-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-heat-gbp-12.0.1~dev2-3.3.4.noarch", "SUSE OpenStack Cloud Crowbar 9:python-horizon-plugin-gbp-ui-12.0.1~dev3-3.3.4.noarch", "SUSE OpenStack Cloud Crowbar 9:python-manila-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-gbp-12.0.1~dev5-3.19.4.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-vpnaas-13.0.2~dev6-3.9.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-vpnaas-tempest-plugin-13.0.2~dev6-3.9.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-nova-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-pysaml2-4.5.0-4.3.3.noarch", "SUSE OpenStack Cloud Crowbar 9:python-pytest-3.7.4-3.3.3.noarch", "SUSE OpenStack Cloud Crowbar 9:python-urllib3-1.23-3.15.3.noarch", "SUSE OpenStack Cloud Crowbar 9:release-notes-suse-openstack-cloud-9.20200917-3.24.3.noarch", "SUSE OpenStack Cloud Crowbar 9:spark-2.2.3-5.3.3.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 8.1, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:L", version: "3.1", }, products: [ "SUSE OpenStack Cloud 9:ardana-cassandra-9.0+git.1600802664.7e480a2-3.6.2.noarch", "SUSE OpenStack Cloud 9:ardana-mq-9.0+git.1605174486.a78ddce-3.19.2.noarch", "SUSE OpenStack Cloud 9:ardana-osconfig-9.0+git.1601621747.a87e5a0-3.22.2.noarch", "SUSE OpenStack Cloud 9:ardana-tempest-9.0+git.1603378983.fc0bca9-3.19.2.noarch", "SUSE OpenStack Cloud 9:grafana-6.7.4-3.20.1.x86_64", "SUSE OpenStack Cloud 9:influxdb-1.3.8-4.3.3.x86_64", "SUSE OpenStack Cloud 9:openstack-cinder-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud 9:openstack-cinder-api-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud 9:openstack-cinder-backup-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud 9:openstack-cinder-scheduler-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud 9:openstack-cinder-volume-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud 9:openstack-heat-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud 9:openstack-heat-api-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud 9:openstack-heat-api-cfn-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud 9:openstack-heat-engine-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud 9:openstack-heat-gbp-12.0.1~dev2-3.3.4.noarch", "SUSE OpenStack Cloud 9:openstack-heat-plugin-heat_docker-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud 9:openstack-heat-templates-0.0.0+git.1605509190.64f020b6-3.9.3.noarch", "SUSE OpenStack Cloud 9:openstack-horizon-plugin-gbp-ui-12.0.1~dev3-3.3.4.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-python-agent-3.3.4~dev6-3.19.4.noarch", "SUSE OpenStack Cloud 9:openstack-manila-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud 9:openstack-manila-api-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud 9:openstack-manila-data-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud 9:openstack-manila-scheduler-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud 9:openstack-manila-share-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-dhcp-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-gbp-12.0.1~dev5-3.19.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-ha-tool-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-l3-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-linuxbridge-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-macvtap-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-metadata-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-metering-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-openvswitch-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-server-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-vpnaas-13.0.2~dev6-3.9.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-vyatta-agent-13.0.2~dev6-3.9.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-api-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-cells-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-compute-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-conductor-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-console-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-novncproxy-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-placement-api-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-scheduler-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-serialproxy-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-vncproxy-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:python-Jinja2-2.10.1-3.3.3.noarch", "SUSE OpenStack Cloud 9:python-cinder-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud 9:python-heat-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud 9:python-heat-gbp-12.0.1~dev2-3.3.4.noarch", "SUSE OpenStack Cloud 9:python-horizon-plugin-gbp-ui-12.0.1~dev3-3.3.4.noarch", "SUSE OpenStack Cloud 9:python-manila-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud 9:python-neutron-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:python-neutron-gbp-12.0.1~dev5-3.19.4.noarch", "SUSE OpenStack Cloud 9:python-neutron-vpnaas-13.0.2~dev6-3.9.2.noarch", "SUSE OpenStack Cloud 9:python-neutron-vpnaas-tempest-plugin-13.0.2~dev6-3.9.2.noarch", "SUSE OpenStack Cloud 9:python-nova-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:python-pysaml2-4.5.0-4.3.3.noarch", "SUSE OpenStack Cloud 9:python-pytest-3.7.4-3.3.3.noarch", "SUSE OpenStack Cloud 9:python-urllib3-1.23-3.15.3.noarch", "SUSE OpenStack Cloud 9:release-notes-suse-openstack-cloud-9.20200917-3.24.3.noarch", "SUSE OpenStack Cloud 9:spark-2.2.3-5.3.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-barbican-x86_64-7.0.1~dev24-3.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-cinder-x86_64-13.0.10~dev20-3.24.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-designate-x86_64-7.0.2~dev2-3.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-glance-x86_64-17.0.1~dev30-3.19.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-heat-x86_64-11.0.4~dev4-3.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-horizon-x86_64-14.1.1~dev7-4.23.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-ironic-x86_64-11.1.5~dev16-4.19.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-keystone-x86_64-14.2.1~dev4-3.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-magnum-x86_64-7.2.1~dev1-4.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-manila-x86_64-7.4.2~dev57-3.25.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-monasca-ceilometer-x86_64-1.8.2~dev3-3.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-monasca-x86_64-2.7.1~dev10-3.19.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-neutron-x86_64-13.0.8~dev135-6.23.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-nova-x86_64-18.3.1~dev77-3.23.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-octavia-x86_64-3.2.3~dev7-4.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-sahara-x86_64-9.0.2~dev15-3.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-swift-x86_64-2.19.2~dev48-2.16.2.noarch", "SUSE OpenStack Cloud Crowbar 9:crowbar-core-6.0+git.1606314264.bf9ada813-3.31.2.x86_64", "SUSE OpenStack Cloud Crowbar 9:crowbar-core-branding-upstream-6.0+git.1606314264.bf9ada813-3.31.2.x86_64", "SUSE OpenStack Cloud Crowbar 9:crowbar-openstack-6.0+git.1604573541.bb18c172d-3.28.3.noarch", "SUSE OpenStack Cloud Crowbar 9:grafana-6.7.4-3.20.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:influxdb-1.3.8-4.3.3.x86_64", "SUSE OpenStack Cloud Crowbar 9:openstack-cinder-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-cinder-api-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-cinder-backup-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-cinder-scheduler-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-cinder-volume-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-heat-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-heat-api-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-heat-api-cfn-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-heat-engine-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-heat-gbp-12.0.1~dev2-3.3.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-heat-plugin-heat_docker-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-heat-templates-0.0.0+git.1605509190.64f020b6-3.9.3.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-horizon-plugin-gbp-ui-12.0.1~dev3-3.3.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-python-agent-3.3.4~dev6-3.19.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-manila-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-manila-api-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-manila-data-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-manila-scheduler-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-manila-share-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-dhcp-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-gbp-12.0.1~dev5-3.19.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-ha-tool-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-l3-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-linuxbridge-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-macvtap-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-metadata-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-metering-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-openvswitch-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-server-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-vpnaas-13.0.2~dev6-3.9.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-vyatta-agent-13.0.2~dev6-3.9.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-api-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-cells-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-compute-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-conductor-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-console-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-novncproxy-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-placement-api-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-scheduler-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-serialproxy-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-vncproxy-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-Jinja2-2.10.1-3.3.3.noarch", "SUSE OpenStack Cloud Crowbar 9:python-cinder-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-heat-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-heat-gbp-12.0.1~dev2-3.3.4.noarch", "SUSE OpenStack Cloud Crowbar 9:python-horizon-plugin-gbp-ui-12.0.1~dev3-3.3.4.noarch", "SUSE OpenStack Cloud Crowbar 9:python-manila-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-gbp-12.0.1~dev5-3.19.4.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-vpnaas-13.0.2~dev6-3.9.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-vpnaas-tempest-plugin-13.0.2~dev6-3.9.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-nova-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-pysaml2-4.5.0-4.3.3.noarch", "SUSE OpenStack Cloud Crowbar 9:python-pytest-3.7.4-3.3.3.noarch", "SUSE OpenStack Cloud Crowbar 9:python-urllib3-1.23-3.15.3.noarch", "SUSE OpenStack Cloud Crowbar 9:release-notes-suse-openstack-cloud-9.20200917-3.24.3.noarch", "SUSE OpenStack Cloud Crowbar 9:spark-2.2.3-5.3.3.noarch", ], }, ], threats: [ { category: "impact", date: "2020-12-21T12:51:34Z", details: "important", }, ], title: "CVE-2019-10906", }, { cve: "CVE-2019-20933", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-20933", }, ], notes: [ { category: "general", text: "InfluxDB before 1.7.6 has an authentication bypass vulnerability in the authenticate function in services/httpd/handler.go because a JWT token may have an empty SharedSecret (aka shared secret).", title: "CVE description", }, ], product_status: { recommended: [ "SUSE OpenStack Cloud 9:ardana-cassandra-9.0+git.1600802664.7e480a2-3.6.2.noarch", "SUSE OpenStack Cloud 9:ardana-mq-9.0+git.1605174486.a78ddce-3.19.2.noarch", "SUSE OpenStack Cloud 9:ardana-osconfig-9.0+git.1601621747.a87e5a0-3.22.2.noarch", "SUSE OpenStack Cloud 9:ardana-tempest-9.0+git.1603378983.fc0bca9-3.19.2.noarch", "SUSE OpenStack Cloud 9:grafana-6.7.4-3.20.1.x86_64", "SUSE OpenStack Cloud 9:influxdb-1.3.8-4.3.3.x86_64", "SUSE OpenStack Cloud 9:openstack-cinder-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud 9:openstack-cinder-api-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud 9:openstack-cinder-backup-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud 9:openstack-cinder-scheduler-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud 9:openstack-cinder-volume-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud 9:openstack-heat-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud 9:openstack-heat-api-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud 9:openstack-heat-api-cfn-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud 9:openstack-heat-engine-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud 9:openstack-heat-gbp-12.0.1~dev2-3.3.4.noarch", "SUSE OpenStack Cloud 9:openstack-heat-plugin-heat_docker-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud 9:openstack-heat-templates-0.0.0+git.1605509190.64f020b6-3.9.3.noarch", "SUSE OpenStack Cloud 9:openstack-horizon-plugin-gbp-ui-12.0.1~dev3-3.3.4.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-python-agent-3.3.4~dev6-3.19.4.noarch", "SUSE OpenStack Cloud 9:openstack-manila-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud 9:openstack-manila-api-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud 9:openstack-manila-data-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud 9:openstack-manila-scheduler-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud 9:openstack-manila-share-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-dhcp-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-gbp-12.0.1~dev5-3.19.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-ha-tool-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-l3-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-linuxbridge-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-macvtap-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-metadata-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-metering-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-openvswitch-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-server-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-vpnaas-13.0.2~dev6-3.9.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-vyatta-agent-13.0.2~dev6-3.9.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-api-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-cells-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-compute-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-conductor-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-console-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-novncproxy-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-placement-api-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-scheduler-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-serialproxy-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-vncproxy-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:python-Jinja2-2.10.1-3.3.3.noarch", "SUSE OpenStack Cloud 9:python-cinder-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud 9:python-heat-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud 9:python-heat-gbp-12.0.1~dev2-3.3.4.noarch", "SUSE OpenStack Cloud 9:python-horizon-plugin-gbp-ui-12.0.1~dev3-3.3.4.noarch", "SUSE OpenStack Cloud 9:python-manila-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud 9:python-neutron-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:python-neutron-gbp-12.0.1~dev5-3.19.4.noarch", "SUSE OpenStack Cloud 9:python-neutron-vpnaas-13.0.2~dev6-3.9.2.noarch", "SUSE OpenStack Cloud 9:python-neutron-vpnaas-tempest-plugin-13.0.2~dev6-3.9.2.noarch", "SUSE OpenStack Cloud 9:python-nova-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:python-pysaml2-4.5.0-4.3.3.noarch", "SUSE OpenStack Cloud 9:python-pytest-3.7.4-3.3.3.noarch", "SUSE OpenStack Cloud 9:python-urllib3-1.23-3.15.3.noarch", "SUSE OpenStack Cloud 9:release-notes-suse-openstack-cloud-9.20200917-3.24.3.noarch", "SUSE OpenStack Cloud 9:spark-2.2.3-5.3.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-barbican-x86_64-7.0.1~dev24-3.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-cinder-x86_64-13.0.10~dev20-3.24.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-designate-x86_64-7.0.2~dev2-3.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-glance-x86_64-17.0.1~dev30-3.19.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-heat-x86_64-11.0.4~dev4-3.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-horizon-x86_64-14.1.1~dev7-4.23.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-ironic-x86_64-11.1.5~dev16-4.19.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-keystone-x86_64-14.2.1~dev4-3.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-magnum-x86_64-7.2.1~dev1-4.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-manila-x86_64-7.4.2~dev57-3.25.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-monasca-ceilometer-x86_64-1.8.2~dev3-3.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-monasca-x86_64-2.7.1~dev10-3.19.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-neutron-x86_64-13.0.8~dev135-6.23.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-nova-x86_64-18.3.1~dev77-3.23.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-octavia-x86_64-3.2.3~dev7-4.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-sahara-x86_64-9.0.2~dev15-3.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-swift-x86_64-2.19.2~dev48-2.16.2.noarch", "SUSE OpenStack Cloud Crowbar 9:crowbar-core-6.0+git.1606314264.bf9ada813-3.31.2.x86_64", "SUSE OpenStack Cloud Crowbar 9:crowbar-core-branding-upstream-6.0+git.1606314264.bf9ada813-3.31.2.x86_64", "SUSE OpenStack Cloud Crowbar 9:crowbar-openstack-6.0+git.1604573541.bb18c172d-3.28.3.noarch", "SUSE OpenStack Cloud Crowbar 9:grafana-6.7.4-3.20.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:influxdb-1.3.8-4.3.3.x86_64", "SUSE OpenStack Cloud Crowbar 9:openstack-cinder-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-cinder-api-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-cinder-backup-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-cinder-scheduler-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-cinder-volume-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-heat-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-heat-api-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-heat-api-cfn-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-heat-engine-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-heat-gbp-12.0.1~dev2-3.3.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-heat-plugin-heat_docker-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-heat-templates-0.0.0+git.1605509190.64f020b6-3.9.3.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-horizon-plugin-gbp-ui-12.0.1~dev3-3.3.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-python-agent-3.3.4~dev6-3.19.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-manila-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-manila-api-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-manila-data-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-manila-scheduler-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-manila-share-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-dhcp-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-gbp-12.0.1~dev5-3.19.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-ha-tool-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-l3-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-linuxbridge-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-macvtap-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-metadata-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-metering-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-openvswitch-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-server-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-vpnaas-13.0.2~dev6-3.9.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-vyatta-agent-13.0.2~dev6-3.9.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-api-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-cells-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-compute-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-conductor-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-console-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-novncproxy-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-placement-api-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-scheduler-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-serialproxy-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-vncproxy-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-Jinja2-2.10.1-3.3.3.noarch", "SUSE OpenStack Cloud Crowbar 9:python-cinder-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-heat-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-heat-gbp-12.0.1~dev2-3.3.4.noarch", "SUSE OpenStack Cloud Crowbar 9:python-horizon-plugin-gbp-ui-12.0.1~dev3-3.3.4.noarch", "SUSE OpenStack Cloud Crowbar 9:python-manila-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-gbp-12.0.1~dev5-3.19.4.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-vpnaas-13.0.2~dev6-3.9.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-vpnaas-tempest-plugin-13.0.2~dev6-3.9.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-nova-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-pysaml2-4.5.0-4.3.3.noarch", "SUSE OpenStack Cloud Crowbar 9:python-pytest-3.7.4-3.3.3.noarch", "SUSE OpenStack Cloud Crowbar 9:python-urllib3-1.23-3.15.3.noarch", "SUSE OpenStack Cloud Crowbar 9:release-notes-suse-openstack-cloud-9.20200917-3.24.3.noarch", "SUSE OpenStack Cloud Crowbar 9:spark-2.2.3-5.3.3.noarch", ], }, references: [ { category: "external", summary: "CVE-2019-20933", url: "https://www.suse.com/security/cve/CVE-2019-20933", }, { category: "external", summary: "SUSE Bug 1178988 for CVE-2019-20933", url: "https://bugzilla.suse.com/1178988", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE OpenStack Cloud 9:ardana-cassandra-9.0+git.1600802664.7e480a2-3.6.2.noarch", "SUSE OpenStack Cloud 9:ardana-mq-9.0+git.1605174486.a78ddce-3.19.2.noarch", "SUSE OpenStack Cloud 9:ardana-osconfig-9.0+git.1601621747.a87e5a0-3.22.2.noarch", "SUSE OpenStack Cloud 9:ardana-tempest-9.0+git.1603378983.fc0bca9-3.19.2.noarch", "SUSE OpenStack Cloud 9:grafana-6.7.4-3.20.1.x86_64", "SUSE OpenStack Cloud 9:influxdb-1.3.8-4.3.3.x86_64", "SUSE OpenStack Cloud 9:openstack-cinder-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud 9:openstack-cinder-api-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud 9:openstack-cinder-backup-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud 9:openstack-cinder-scheduler-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud 9:openstack-cinder-volume-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud 9:openstack-heat-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud 9:openstack-heat-api-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud 9:openstack-heat-api-cfn-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud 9:openstack-heat-engine-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud 9:openstack-heat-gbp-12.0.1~dev2-3.3.4.noarch", "SUSE OpenStack Cloud 9:openstack-heat-plugin-heat_docker-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud 9:openstack-heat-templates-0.0.0+git.1605509190.64f020b6-3.9.3.noarch", "SUSE OpenStack Cloud 9:openstack-horizon-plugin-gbp-ui-12.0.1~dev3-3.3.4.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-python-agent-3.3.4~dev6-3.19.4.noarch", "SUSE OpenStack Cloud 9:openstack-manila-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud 9:openstack-manila-api-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud 9:openstack-manila-data-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud 9:openstack-manila-scheduler-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud 9:openstack-manila-share-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-dhcp-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-gbp-12.0.1~dev5-3.19.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-ha-tool-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-l3-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-linuxbridge-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-macvtap-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-metadata-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-metering-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-openvswitch-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-server-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-vpnaas-13.0.2~dev6-3.9.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-vyatta-agent-13.0.2~dev6-3.9.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-api-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-cells-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-compute-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-conductor-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-console-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-novncproxy-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-placement-api-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-scheduler-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-serialproxy-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-vncproxy-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:python-Jinja2-2.10.1-3.3.3.noarch", "SUSE OpenStack Cloud 9:python-cinder-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud 9:python-heat-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud 9:python-heat-gbp-12.0.1~dev2-3.3.4.noarch", "SUSE OpenStack Cloud 9:python-horizon-plugin-gbp-ui-12.0.1~dev3-3.3.4.noarch", "SUSE OpenStack Cloud 9:python-manila-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud 9:python-neutron-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:python-neutron-gbp-12.0.1~dev5-3.19.4.noarch", "SUSE OpenStack Cloud 9:python-neutron-vpnaas-13.0.2~dev6-3.9.2.noarch", "SUSE OpenStack Cloud 9:python-neutron-vpnaas-tempest-plugin-13.0.2~dev6-3.9.2.noarch", "SUSE OpenStack Cloud 9:python-nova-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:python-pysaml2-4.5.0-4.3.3.noarch", "SUSE OpenStack Cloud 9:python-pytest-3.7.4-3.3.3.noarch", "SUSE OpenStack Cloud 9:python-urllib3-1.23-3.15.3.noarch", "SUSE OpenStack Cloud 9:release-notes-suse-openstack-cloud-9.20200917-3.24.3.noarch", "SUSE OpenStack Cloud 9:spark-2.2.3-5.3.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-barbican-x86_64-7.0.1~dev24-3.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-cinder-x86_64-13.0.10~dev20-3.24.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-designate-x86_64-7.0.2~dev2-3.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-glance-x86_64-17.0.1~dev30-3.19.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-heat-x86_64-11.0.4~dev4-3.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-horizon-x86_64-14.1.1~dev7-4.23.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-ironic-x86_64-11.1.5~dev16-4.19.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-keystone-x86_64-14.2.1~dev4-3.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-magnum-x86_64-7.2.1~dev1-4.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-manila-x86_64-7.4.2~dev57-3.25.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-monasca-ceilometer-x86_64-1.8.2~dev3-3.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-monasca-x86_64-2.7.1~dev10-3.19.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-neutron-x86_64-13.0.8~dev135-6.23.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-nova-x86_64-18.3.1~dev77-3.23.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-octavia-x86_64-3.2.3~dev7-4.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-sahara-x86_64-9.0.2~dev15-3.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-swift-x86_64-2.19.2~dev48-2.16.2.noarch", "SUSE OpenStack Cloud Crowbar 9:crowbar-core-6.0+git.1606314264.bf9ada813-3.31.2.x86_64", "SUSE OpenStack Cloud Crowbar 9:crowbar-core-branding-upstream-6.0+git.1606314264.bf9ada813-3.31.2.x86_64", "SUSE OpenStack Cloud Crowbar 9:crowbar-openstack-6.0+git.1604573541.bb18c172d-3.28.3.noarch", "SUSE OpenStack Cloud Crowbar 9:grafana-6.7.4-3.20.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:influxdb-1.3.8-4.3.3.x86_64", "SUSE OpenStack Cloud Crowbar 9:openstack-cinder-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-cinder-api-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-cinder-backup-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-cinder-scheduler-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-cinder-volume-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-heat-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-heat-api-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-heat-api-cfn-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-heat-engine-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-heat-gbp-12.0.1~dev2-3.3.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-heat-plugin-heat_docker-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-heat-templates-0.0.0+git.1605509190.64f020b6-3.9.3.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-horizon-plugin-gbp-ui-12.0.1~dev3-3.3.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-python-agent-3.3.4~dev6-3.19.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-manila-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-manila-api-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-manila-data-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-manila-scheduler-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-manila-share-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-dhcp-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-gbp-12.0.1~dev5-3.19.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-ha-tool-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-l3-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-linuxbridge-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-macvtap-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-metadata-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-metering-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-openvswitch-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-server-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-vpnaas-13.0.2~dev6-3.9.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-vyatta-agent-13.0.2~dev6-3.9.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-api-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-cells-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-compute-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-conductor-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-console-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-novncproxy-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-placement-api-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-scheduler-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-serialproxy-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-vncproxy-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-Jinja2-2.10.1-3.3.3.noarch", "SUSE OpenStack Cloud Crowbar 9:python-cinder-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-heat-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-heat-gbp-12.0.1~dev2-3.3.4.noarch", "SUSE OpenStack Cloud Crowbar 9:python-horizon-plugin-gbp-ui-12.0.1~dev3-3.3.4.noarch", "SUSE OpenStack Cloud Crowbar 9:python-manila-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-gbp-12.0.1~dev5-3.19.4.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-vpnaas-13.0.2~dev6-3.9.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-vpnaas-tempest-plugin-13.0.2~dev6-3.9.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-nova-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-pysaml2-4.5.0-4.3.3.noarch", "SUSE OpenStack Cloud Crowbar 9:python-pytest-3.7.4-3.3.3.noarch", "SUSE OpenStack Cloud Crowbar 9:python-urllib3-1.23-3.15.3.noarch", "SUSE OpenStack Cloud Crowbar 9:release-notes-suse-openstack-cloud-9.20200917-3.24.3.noarch", "SUSE OpenStack Cloud Crowbar 9:spark-2.2.3-5.3.3.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "SUSE OpenStack Cloud 9:ardana-cassandra-9.0+git.1600802664.7e480a2-3.6.2.noarch", "SUSE OpenStack Cloud 9:ardana-mq-9.0+git.1605174486.a78ddce-3.19.2.noarch", "SUSE OpenStack Cloud 9:ardana-osconfig-9.0+git.1601621747.a87e5a0-3.22.2.noarch", "SUSE OpenStack Cloud 9:ardana-tempest-9.0+git.1603378983.fc0bca9-3.19.2.noarch", "SUSE OpenStack Cloud 9:grafana-6.7.4-3.20.1.x86_64", "SUSE OpenStack Cloud 9:influxdb-1.3.8-4.3.3.x86_64", "SUSE OpenStack Cloud 9:openstack-cinder-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud 9:openstack-cinder-api-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud 9:openstack-cinder-backup-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud 9:openstack-cinder-scheduler-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud 9:openstack-cinder-volume-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud 9:openstack-heat-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud 9:openstack-heat-api-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud 9:openstack-heat-api-cfn-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud 9:openstack-heat-engine-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud 9:openstack-heat-gbp-12.0.1~dev2-3.3.4.noarch", "SUSE OpenStack Cloud 9:openstack-heat-plugin-heat_docker-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud 9:openstack-heat-templates-0.0.0+git.1605509190.64f020b6-3.9.3.noarch", "SUSE OpenStack Cloud 9:openstack-horizon-plugin-gbp-ui-12.0.1~dev3-3.3.4.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-python-agent-3.3.4~dev6-3.19.4.noarch", "SUSE OpenStack Cloud 9:openstack-manila-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud 9:openstack-manila-api-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud 9:openstack-manila-data-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud 9:openstack-manila-scheduler-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud 9:openstack-manila-share-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-dhcp-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-gbp-12.0.1~dev5-3.19.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-ha-tool-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-l3-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-linuxbridge-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-macvtap-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-metadata-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-metering-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-openvswitch-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-server-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-vpnaas-13.0.2~dev6-3.9.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-vyatta-agent-13.0.2~dev6-3.9.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-api-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-cells-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-compute-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-conductor-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-console-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-novncproxy-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-placement-api-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-scheduler-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-serialproxy-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-vncproxy-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:python-Jinja2-2.10.1-3.3.3.noarch", "SUSE OpenStack Cloud 9:python-cinder-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud 9:python-heat-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud 9:python-heat-gbp-12.0.1~dev2-3.3.4.noarch", "SUSE OpenStack Cloud 9:python-horizon-plugin-gbp-ui-12.0.1~dev3-3.3.4.noarch", "SUSE OpenStack Cloud 9:python-manila-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud 9:python-neutron-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:python-neutron-gbp-12.0.1~dev5-3.19.4.noarch", "SUSE OpenStack Cloud 9:python-neutron-vpnaas-13.0.2~dev6-3.9.2.noarch", "SUSE OpenStack Cloud 9:python-neutron-vpnaas-tempest-plugin-13.0.2~dev6-3.9.2.noarch", "SUSE OpenStack Cloud 9:python-nova-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:python-pysaml2-4.5.0-4.3.3.noarch", "SUSE OpenStack Cloud 9:python-pytest-3.7.4-3.3.3.noarch", "SUSE OpenStack Cloud 9:python-urllib3-1.23-3.15.3.noarch", "SUSE OpenStack Cloud 9:release-notes-suse-openstack-cloud-9.20200917-3.24.3.noarch", "SUSE OpenStack Cloud 9:spark-2.2.3-5.3.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-barbican-x86_64-7.0.1~dev24-3.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-cinder-x86_64-13.0.10~dev20-3.24.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-designate-x86_64-7.0.2~dev2-3.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-glance-x86_64-17.0.1~dev30-3.19.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-heat-x86_64-11.0.4~dev4-3.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-horizon-x86_64-14.1.1~dev7-4.23.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-ironic-x86_64-11.1.5~dev16-4.19.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-keystone-x86_64-14.2.1~dev4-3.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-magnum-x86_64-7.2.1~dev1-4.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-manila-x86_64-7.4.2~dev57-3.25.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-monasca-ceilometer-x86_64-1.8.2~dev3-3.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-monasca-x86_64-2.7.1~dev10-3.19.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-neutron-x86_64-13.0.8~dev135-6.23.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-nova-x86_64-18.3.1~dev77-3.23.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-octavia-x86_64-3.2.3~dev7-4.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-sahara-x86_64-9.0.2~dev15-3.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-swift-x86_64-2.19.2~dev48-2.16.2.noarch", "SUSE OpenStack Cloud Crowbar 9:crowbar-core-6.0+git.1606314264.bf9ada813-3.31.2.x86_64", "SUSE OpenStack Cloud Crowbar 9:crowbar-core-branding-upstream-6.0+git.1606314264.bf9ada813-3.31.2.x86_64", "SUSE OpenStack Cloud Crowbar 9:crowbar-openstack-6.0+git.1604573541.bb18c172d-3.28.3.noarch", "SUSE OpenStack Cloud Crowbar 9:grafana-6.7.4-3.20.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:influxdb-1.3.8-4.3.3.x86_64", "SUSE OpenStack Cloud Crowbar 9:openstack-cinder-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-cinder-api-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-cinder-backup-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-cinder-scheduler-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-cinder-volume-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-heat-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-heat-api-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-heat-api-cfn-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-heat-engine-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-heat-gbp-12.0.1~dev2-3.3.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-heat-plugin-heat_docker-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-heat-templates-0.0.0+git.1605509190.64f020b6-3.9.3.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-horizon-plugin-gbp-ui-12.0.1~dev3-3.3.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-python-agent-3.3.4~dev6-3.19.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-manila-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-manila-api-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-manila-data-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-manila-scheduler-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-manila-share-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-dhcp-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-gbp-12.0.1~dev5-3.19.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-ha-tool-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-l3-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-linuxbridge-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-macvtap-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-metadata-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-metering-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-openvswitch-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-server-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-vpnaas-13.0.2~dev6-3.9.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-vyatta-agent-13.0.2~dev6-3.9.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-api-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-cells-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-compute-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-conductor-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-console-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-novncproxy-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-placement-api-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-scheduler-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-serialproxy-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-vncproxy-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-Jinja2-2.10.1-3.3.3.noarch", "SUSE OpenStack Cloud Crowbar 9:python-cinder-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-heat-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-heat-gbp-12.0.1~dev2-3.3.4.noarch", "SUSE OpenStack Cloud Crowbar 9:python-horizon-plugin-gbp-ui-12.0.1~dev3-3.3.4.noarch", "SUSE OpenStack Cloud Crowbar 9:python-manila-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-gbp-12.0.1~dev5-3.19.4.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-vpnaas-13.0.2~dev6-3.9.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-vpnaas-tempest-plugin-13.0.2~dev6-3.9.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-nova-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-pysaml2-4.5.0-4.3.3.noarch", "SUSE OpenStack Cloud Crowbar 9:python-pytest-3.7.4-3.3.3.noarch", "SUSE OpenStack Cloud Crowbar 9:python-urllib3-1.23-3.15.3.noarch", "SUSE OpenStack Cloud Crowbar 9:release-notes-suse-openstack-cloud-9.20200917-3.24.3.noarch", "SUSE OpenStack Cloud Crowbar 9:spark-2.2.3-5.3.3.noarch", ], }, ], threats: [ { category: "impact", date: "2020-12-21T12:51:34Z", details: "important", }, ], title: "CVE-2019-20933", }, { cve: "CVE-2019-8341", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-8341", }, ], notes: [ { category: "general", text: "** DISPUTED ** An issue was discovered in Jinja2 2.10. The from_string function is prone to Server Side Template Injection (SSTI) where it takes the \"source\" parameter as a template object, renders it, and then returns it. The attacker can exploit it with {{INJECTION COMMANDS}} in a URI. NOTE: The maintainer and multiple third parties believe that this vulnerability isn't valid because users shouldn't use untrusted templates without sandboxing.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE OpenStack Cloud 9:ardana-cassandra-9.0+git.1600802664.7e480a2-3.6.2.noarch", "SUSE OpenStack Cloud 9:ardana-mq-9.0+git.1605174486.a78ddce-3.19.2.noarch", "SUSE OpenStack Cloud 9:ardana-osconfig-9.0+git.1601621747.a87e5a0-3.22.2.noarch", "SUSE OpenStack Cloud 9:ardana-tempest-9.0+git.1603378983.fc0bca9-3.19.2.noarch", "SUSE OpenStack Cloud 9:grafana-6.7.4-3.20.1.x86_64", "SUSE OpenStack Cloud 9:influxdb-1.3.8-4.3.3.x86_64", "SUSE OpenStack Cloud 9:openstack-cinder-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud 9:openstack-cinder-api-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud 9:openstack-cinder-backup-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud 9:openstack-cinder-scheduler-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud 9:openstack-cinder-volume-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud 9:openstack-heat-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud 9:openstack-heat-api-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud 9:openstack-heat-api-cfn-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud 9:openstack-heat-engine-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud 9:openstack-heat-gbp-12.0.1~dev2-3.3.4.noarch", "SUSE OpenStack Cloud 9:openstack-heat-plugin-heat_docker-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud 9:openstack-heat-templates-0.0.0+git.1605509190.64f020b6-3.9.3.noarch", "SUSE OpenStack Cloud 9:openstack-horizon-plugin-gbp-ui-12.0.1~dev3-3.3.4.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-python-agent-3.3.4~dev6-3.19.4.noarch", "SUSE OpenStack Cloud 9:openstack-manila-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud 9:openstack-manila-api-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud 9:openstack-manila-data-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud 9:openstack-manila-scheduler-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud 9:openstack-manila-share-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-dhcp-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-gbp-12.0.1~dev5-3.19.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-ha-tool-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-l3-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-linuxbridge-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-macvtap-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-metadata-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-metering-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-openvswitch-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-server-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-vpnaas-13.0.2~dev6-3.9.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-vyatta-agent-13.0.2~dev6-3.9.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-api-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-cells-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-compute-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-conductor-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-console-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-novncproxy-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-placement-api-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-scheduler-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-serialproxy-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-vncproxy-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:python-Jinja2-2.10.1-3.3.3.noarch", "SUSE OpenStack Cloud 9:python-cinder-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud 9:python-heat-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud 9:python-heat-gbp-12.0.1~dev2-3.3.4.noarch", "SUSE OpenStack Cloud 9:python-horizon-plugin-gbp-ui-12.0.1~dev3-3.3.4.noarch", "SUSE OpenStack Cloud 9:python-manila-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud 9:python-neutron-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:python-neutron-gbp-12.0.1~dev5-3.19.4.noarch", "SUSE OpenStack Cloud 9:python-neutron-vpnaas-13.0.2~dev6-3.9.2.noarch", "SUSE OpenStack Cloud 9:python-neutron-vpnaas-tempest-plugin-13.0.2~dev6-3.9.2.noarch", "SUSE OpenStack Cloud 9:python-nova-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:python-pysaml2-4.5.0-4.3.3.noarch", "SUSE OpenStack Cloud 9:python-pytest-3.7.4-3.3.3.noarch", "SUSE OpenStack Cloud 9:python-urllib3-1.23-3.15.3.noarch", "SUSE OpenStack Cloud 9:release-notes-suse-openstack-cloud-9.20200917-3.24.3.noarch", "SUSE OpenStack Cloud 9:spark-2.2.3-5.3.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-barbican-x86_64-7.0.1~dev24-3.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-cinder-x86_64-13.0.10~dev20-3.24.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-designate-x86_64-7.0.2~dev2-3.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-glance-x86_64-17.0.1~dev30-3.19.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-heat-x86_64-11.0.4~dev4-3.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-horizon-x86_64-14.1.1~dev7-4.23.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-ironic-x86_64-11.1.5~dev16-4.19.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-keystone-x86_64-14.2.1~dev4-3.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-magnum-x86_64-7.2.1~dev1-4.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-manila-x86_64-7.4.2~dev57-3.25.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-monasca-ceilometer-x86_64-1.8.2~dev3-3.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-monasca-x86_64-2.7.1~dev10-3.19.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-neutron-x86_64-13.0.8~dev135-6.23.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-nova-x86_64-18.3.1~dev77-3.23.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-octavia-x86_64-3.2.3~dev7-4.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-sahara-x86_64-9.0.2~dev15-3.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-swift-x86_64-2.19.2~dev48-2.16.2.noarch", "SUSE OpenStack Cloud Crowbar 9:crowbar-core-6.0+git.1606314264.bf9ada813-3.31.2.x86_64", "SUSE OpenStack Cloud Crowbar 9:crowbar-core-branding-upstream-6.0+git.1606314264.bf9ada813-3.31.2.x86_64", "SUSE OpenStack Cloud Crowbar 9:crowbar-openstack-6.0+git.1604573541.bb18c172d-3.28.3.noarch", "SUSE OpenStack Cloud Crowbar 9:grafana-6.7.4-3.20.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:influxdb-1.3.8-4.3.3.x86_64", "SUSE OpenStack Cloud Crowbar 9:openstack-cinder-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-cinder-api-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-cinder-backup-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-cinder-scheduler-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-cinder-volume-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-heat-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-heat-api-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-heat-api-cfn-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-heat-engine-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-heat-gbp-12.0.1~dev2-3.3.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-heat-plugin-heat_docker-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-heat-templates-0.0.0+git.1605509190.64f020b6-3.9.3.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-horizon-plugin-gbp-ui-12.0.1~dev3-3.3.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-python-agent-3.3.4~dev6-3.19.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-manila-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-manila-api-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-manila-data-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-manila-scheduler-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-manila-share-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-dhcp-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-gbp-12.0.1~dev5-3.19.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-ha-tool-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-l3-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-linuxbridge-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-macvtap-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-metadata-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-metering-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-openvswitch-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-server-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-vpnaas-13.0.2~dev6-3.9.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-vyatta-agent-13.0.2~dev6-3.9.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-api-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-cells-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-compute-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-conductor-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-console-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-novncproxy-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-placement-api-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-scheduler-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-serialproxy-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-vncproxy-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-Jinja2-2.10.1-3.3.3.noarch", "SUSE OpenStack Cloud Crowbar 9:python-cinder-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-heat-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-heat-gbp-12.0.1~dev2-3.3.4.noarch", "SUSE OpenStack Cloud Crowbar 9:python-horizon-plugin-gbp-ui-12.0.1~dev3-3.3.4.noarch", "SUSE OpenStack Cloud Crowbar 9:python-manila-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-gbp-12.0.1~dev5-3.19.4.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-vpnaas-13.0.2~dev6-3.9.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-vpnaas-tempest-plugin-13.0.2~dev6-3.9.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-nova-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-pysaml2-4.5.0-4.3.3.noarch", "SUSE OpenStack Cloud Crowbar 9:python-pytest-3.7.4-3.3.3.noarch", "SUSE OpenStack Cloud Crowbar 9:python-urllib3-1.23-3.15.3.noarch", "SUSE OpenStack Cloud Crowbar 9:release-notes-suse-openstack-cloud-9.20200917-3.24.3.noarch", "SUSE OpenStack Cloud Crowbar 9:spark-2.2.3-5.3.3.noarch", ], }, references: [ { category: "external", summary: "CVE-2019-8341", url: "https://www.suse.com/security/cve/CVE-2019-8341", }, { category: "external", summary: "SUSE Bug 1125815 for CVE-2019-8341", url: "https://bugzilla.suse.com/1125815", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE OpenStack Cloud 9:ardana-cassandra-9.0+git.1600802664.7e480a2-3.6.2.noarch", "SUSE OpenStack Cloud 9:ardana-mq-9.0+git.1605174486.a78ddce-3.19.2.noarch", "SUSE OpenStack Cloud 9:ardana-osconfig-9.0+git.1601621747.a87e5a0-3.22.2.noarch", "SUSE OpenStack Cloud 9:ardana-tempest-9.0+git.1603378983.fc0bca9-3.19.2.noarch", "SUSE OpenStack Cloud 9:grafana-6.7.4-3.20.1.x86_64", "SUSE OpenStack Cloud 9:influxdb-1.3.8-4.3.3.x86_64", "SUSE OpenStack Cloud 9:openstack-cinder-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud 9:openstack-cinder-api-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud 9:openstack-cinder-backup-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud 9:openstack-cinder-scheduler-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud 9:openstack-cinder-volume-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud 9:openstack-heat-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud 9:openstack-heat-api-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud 9:openstack-heat-api-cfn-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud 9:openstack-heat-engine-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud 9:openstack-heat-gbp-12.0.1~dev2-3.3.4.noarch", "SUSE OpenStack Cloud 9:openstack-heat-plugin-heat_docker-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud 9:openstack-heat-templates-0.0.0+git.1605509190.64f020b6-3.9.3.noarch", "SUSE OpenStack Cloud 9:openstack-horizon-plugin-gbp-ui-12.0.1~dev3-3.3.4.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-python-agent-3.3.4~dev6-3.19.4.noarch", "SUSE OpenStack Cloud 9:openstack-manila-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud 9:openstack-manila-api-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud 9:openstack-manila-data-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud 9:openstack-manila-scheduler-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud 9:openstack-manila-share-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-dhcp-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-gbp-12.0.1~dev5-3.19.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-ha-tool-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-l3-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-linuxbridge-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-macvtap-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-metadata-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-metering-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-openvswitch-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-server-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-vpnaas-13.0.2~dev6-3.9.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-vyatta-agent-13.0.2~dev6-3.9.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-api-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-cells-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-compute-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-conductor-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-console-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-novncproxy-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-placement-api-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-scheduler-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-serialproxy-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-vncproxy-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:python-Jinja2-2.10.1-3.3.3.noarch", "SUSE OpenStack Cloud 9:python-cinder-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud 9:python-heat-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud 9:python-heat-gbp-12.0.1~dev2-3.3.4.noarch", "SUSE OpenStack Cloud 9:python-horizon-plugin-gbp-ui-12.0.1~dev3-3.3.4.noarch", "SUSE OpenStack Cloud 9:python-manila-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud 9:python-neutron-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:python-neutron-gbp-12.0.1~dev5-3.19.4.noarch", "SUSE OpenStack Cloud 9:python-neutron-vpnaas-13.0.2~dev6-3.9.2.noarch", "SUSE OpenStack Cloud 9:python-neutron-vpnaas-tempest-plugin-13.0.2~dev6-3.9.2.noarch", "SUSE OpenStack Cloud 9:python-nova-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:python-pysaml2-4.5.0-4.3.3.noarch", "SUSE OpenStack Cloud 9:python-pytest-3.7.4-3.3.3.noarch", "SUSE OpenStack Cloud 9:python-urllib3-1.23-3.15.3.noarch", "SUSE OpenStack Cloud 9:release-notes-suse-openstack-cloud-9.20200917-3.24.3.noarch", "SUSE OpenStack Cloud 9:spark-2.2.3-5.3.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-barbican-x86_64-7.0.1~dev24-3.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-cinder-x86_64-13.0.10~dev20-3.24.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-designate-x86_64-7.0.2~dev2-3.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-glance-x86_64-17.0.1~dev30-3.19.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-heat-x86_64-11.0.4~dev4-3.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-horizon-x86_64-14.1.1~dev7-4.23.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-ironic-x86_64-11.1.5~dev16-4.19.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-keystone-x86_64-14.2.1~dev4-3.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-magnum-x86_64-7.2.1~dev1-4.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-manila-x86_64-7.4.2~dev57-3.25.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-monasca-ceilometer-x86_64-1.8.2~dev3-3.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-monasca-x86_64-2.7.1~dev10-3.19.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-neutron-x86_64-13.0.8~dev135-6.23.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-nova-x86_64-18.3.1~dev77-3.23.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-octavia-x86_64-3.2.3~dev7-4.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-sahara-x86_64-9.0.2~dev15-3.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-swift-x86_64-2.19.2~dev48-2.16.2.noarch", "SUSE OpenStack Cloud Crowbar 9:crowbar-core-6.0+git.1606314264.bf9ada813-3.31.2.x86_64", "SUSE OpenStack Cloud Crowbar 9:crowbar-core-branding-upstream-6.0+git.1606314264.bf9ada813-3.31.2.x86_64", "SUSE OpenStack Cloud Crowbar 9:crowbar-openstack-6.0+git.1604573541.bb18c172d-3.28.3.noarch", "SUSE OpenStack Cloud Crowbar 9:grafana-6.7.4-3.20.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:influxdb-1.3.8-4.3.3.x86_64", "SUSE OpenStack Cloud Crowbar 9:openstack-cinder-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-cinder-api-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-cinder-backup-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-cinder-scheduler-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-cinder-volume-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-heat-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-heat-api-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-heat-api-cfn-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-heat-engine-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-heat-gbp-12.0.1~dev2-3.3.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-heat-plugin-heat_docker-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-heat-templates-0.0.0+git.1605509190.64f020b6-3.9.3.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-horizon-plugin-gbp-ui-12.0.1~dev3-3.3.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-python-agent-3.3.4~dev6-3.19.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-manila-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-manila-api-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-manila-data-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-manila-scheduler-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-manila-share-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-dhcp-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-gbp-12.0.1~dev5-3.19.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-ha-tool-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-l3-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-linuxbridge-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-macvtap-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-metadata-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-metering-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-openvswitch-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-server-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-vpnaas-13.0.2~dev6-3.9.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-vyatta-agent-13.0.2~dev6-3.9.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-api-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-cells-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-compute-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-conductor-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-console-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-novncproxy-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-placement-api-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-scheduler-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-serialproxy-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-vncproxy-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-Jinja2-2.10.1-3.3.3.noarch", "SUSE OpenStack Cloud Crowbar 9:python-cinder-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-heat-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-heat-gbp-12.0.1~dev2-3.3.4.noarch", "SUSE OpenStack Cloud Crowbar 9:python-horizon-plugin-gbp-ui-12.0.1~dev3-3.3.4.noarch", "SUSE OpenStack Cloud Crowbar 9:python-manila-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-gbp-12.0.1~dev5-3.19.4.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-vpnaas-13.0.2~dev6-3.9.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-vpnaas-tempest-plugin-13.0.2~dev6-3.9.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-nova-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-pysaml2-4.5.0-4.3.3.noarch", "SUSE OpenStack Cloud Crowbar 9:python-pytest-3.7.4-3.3.3.noarch", "SUSE OpenStack Cloud Crowbar 9:python-urllib3-1.23-3.15.3.noarch", "SUSE OpenStack Cloud Crowbar 9:release-notes-suse-openstack-cloud-9.20200917-3.24.3.noarch", "SUSE OpenStack Cloud Crowbar 9:spark-2.2.3-5.3.3.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 8.2, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N", version: "3.0", }, products: [ "SUSE OpenStack Cloud 9:ardana-cassandra-9.0+git.1600802664.7e480a2-3.6.2.noarch", "SUSE OpenStack Cloud 9:ardana-mq-9.0+git.1605174486.a78ddce-3.19.2.noarch", "SUSE OpenStack Cloud 9:ardana-osconfig-9.0+git.1601621747.a87e5a0-3.22.2.noarch", "SUSE OpenStack Cloud 9:ardana-tempest-9.0+git.1603378983.fc0bca9-3.19.2.noarch", "SUSE OpenStack Cloud 9:grafana-6.7.4-3.20.1.x86_64", "SUSE OpenStack Cloud 9:influxdb-1.3.8-4.3.3.x86_64", "SUSE OpenStack Cloud 9:openstack-cinder-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud 9:openstack-cinder-api-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud 9:openstack-cinder-backup-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud 9:openstack-cinder-scheduler-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud 9:openstack-cinder-volume-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud 9:openstack-heat-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud 9:openstack-heat-api-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud 9:openstack-heat-api-cfn-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud 9:openstack-heat-engine-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud 9:openstack-heat-gbp-12.0.1~dev2-3.3.4.noarch", "SUSE OpenStack Cloud 9:openstack-heat-plugin-heat_docker-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud 9:openstack-heat-templates-0.0.0+git.1605509190.64f020b6-3.9.3.noarch", "SUSE OpenStack Cloud 9:openstack-horizon-plugin-gbp-ui-12.0.1~dev3-3.3.4.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-python-agent-3.3.4~dev6-3.19.4.noarch", "SUSE OpenStack Cloud 9:openstack-manila-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud 9:openstack-manila-api-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud 9:openstack-manila-data-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud 9:openstack-manila-scheduler-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud 9:openstack-manila-share-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-dhcp-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-gbp-12.0.1~dev5-3.19.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-ha-tool-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-l3-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-linuxbridge-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-macvtap-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-metadata-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-metering-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-openvswitch-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-server-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-vpnaas-13.0.2~dev6-3.9.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-vyatta-agent-13.0.2~dev6-3.9.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-api-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-cells-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-compute-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-conductor-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-console-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-novncproxy-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-placement-api-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-scheduler-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-serialproxy-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-vncproxy-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:python-Jinja2-2.10.1-3.3.3.noarch", "SUSE OpenStack Cloud 9:python-cinder-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud 9:python-heat-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud 9:python-heat-gbp-12.0.1~dev2-3.3.4.noarch", "SUSE OpenStack Cloud 9:python-horizon-plugin-gbp-ui-12.0.1~dev3-3.3.4.noarch", "SUSE OpenStack Cloud 9:python-manila-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud 9:python-neutron-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:python-neutron-gbp-12.0.1~dev5-3.19.4.noarch", "SUSE OpenStack Cloud 9:python-neutron-vpnaas-13.0.2~dev6-3.9.2.noarch", "SUSE OpenStack Cloud 9:python-neutron-vpnaas-tempest-plugin-13.0.2~dev6-3.9.2.noarch", "SUSE OpenStack Cloud 9:python-nova-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:python-pysaml2-4.5.0-4.3.3.noarch", "SUSE OpenStack Cloud 9:python-pytest-3.7.4-3.3.3.noarch", "SUSE OpenStack Cloud 9:python-urllib3-1.23-3.15.3.noarch", "SUSE OpenStack Cloud 9:release-notes-suse-openstack-cloud-9.20200917-3.24.3.noarch", "SUSE OpenStack Cloud 9:spark-2.2.3-5.3.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-barbican-x86_64-7.0.1~dev24-3.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-cinder-x86_64-13.0.10~dev20-3.24.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-designate-x86_64-7.0.2~dev2-3.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-glance-x86_64-17.0.1~dev30-3.19.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-heat-x86_64-11.0.4~dev4-3.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-horizon-x86_64-14.1.1~dev7-4.23.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-ironic-x86_64-11.1.5~dev16-4.19.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-keystone-x86_64-14.2.1~dev4-3.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-magnum-x86_64-7.2.1~dev1-4.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-manila-x86_64-7.4.2~dev57-3.25.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-monasca-ceilometer-x86_64-1.8.2~dev3-3.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-monasca-x86_64-2.7.1~dev10-3.19.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-neutron-x86_64-13.0.8~dev135-6.23.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-nova-x86_64-18.3.1~dev77-3.23.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-octavia-x86_64-3.2.3~dev7-4.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-sahara-x86_64-9.0.2~dev15-3.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-swift-x86_64-2.19.2~dev48-2.16.2.noarch", "SUSE OpenStack Cloud Crowbar 9:crowbar-core-6.0+git.1606314264.bf9ada813-3.31.2.x86_64", "SUSE OpenStack Cloud Crowbar 9:crowbar-core-branding-upstream-6.0+git.1606314264.bf9ada813-3.31.2.x86_64", "SUSE OpenStack Cloud Crowbar 9:crowbar-openstack-6.0+git.1604573541.bb18c172d-3.28.3.noarch", "SUSE OpenStack Cloud Crowbar 9:grafana-6.7.4-3.20.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:influxdb-1.3.8-4.3.3.x86_64", "SUSE OpenStack Cloud Crowbar 9:openstack-cinder-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-cinder-api-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-cinder-backup-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-cinder-scheduler-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-cinder-volume-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-heat-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-heat-api-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-heat-api-cfn-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-heat-engine-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-heat-gbp-12.0.1~dev2-3.3.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-heat-plugin-heat_docker-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-heat-templates-0.0.0+git.1605509190.64f020b6-3.9.3.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-horizon-plugin-gbp-ui-12.0.1~dev3-3.3.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-python-agent-3.3.4~dev6-3.19.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-manila-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-manila-api-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-manila-data-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-manila-scheduler-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-manila-share-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-dhcp-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-gbp-12.0.1~dev5-3.19.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-ha-tool-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-l3-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-linuxbridge-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-macvtap-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-metadata-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-metering-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-openvswitch-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-server-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-vpnaas-13.0.2~dev6-3.9.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-vyatta-agent-13.0.2~dev6-3.9.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-api-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-cells-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-compute-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-conductor-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-console-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-novncproxy-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-placement-api-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-scheduler-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-serialproxy-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-vncproxy-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-Jinja2-2.10.1-3.3.3.noarch", "SUSE OpenStack Cloud Crowbar 9:python-cinder-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-heat-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-heat-gbp-12.0.1~dev2-3.3.4.noarch", "SUSE OpenStack Cloud Crowbar 9:python-horizon-plugin-gbp-ui-12.0.1~dev3-3.3.4.noarch", "SUSE OpenStack Cloud Crowbar 9:python-manila-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-gbp-12.0.1~dev5-3.19.4.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-vpnaas-13.0.2~dev6-3.9.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-vpnaas-tempest-plugin-13.0.2~dev6-3.9.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-nova-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-pysaml2-4.5.0-4.3.3.noarch", "SUSE OpenStack Cloud Crowbar 9:python-pytest-3.7.4-3.3.3.noarch", "SUSE OpenStack Cloud Crowbar 9:python-urllib3-1.23-3.15.3.noarch", "SUSE OpenStack Cloud Crowbar 9:release-notes-suse-openstack-cloud-9.20200917-3.24.3.noarch", "SUSE OpenStack Cloud Crowbar 9:spark-2.2.3-5.3.3.noarch", ], }, ], threats: [ { category: "impact", date: "2020-12-21T12:51:34Z", details: "important", }, ], title: "CVE-2019-8341", }, { cve: "CVE-2020-24303", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-24303", }, ], notes: [ { category: "general", text: "Grafana before 7.1.0-beta 1 allows XSS via a query alias for the ElasticSearch datasource.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE OpenStack Cloud 9:ardana-cassandra-9.0+git.1600802664.7e480a2-3.6.2.noarch", "SUSE OpenStack Cloud 9:ardana-mq-9.0+git.1605174486.a78ddce-3.19.2.noarch", "SUSE OpenStack Cloud 9:ardana-osconfig-9.0+git.1601621747.a87e5a0-3.22.2.noarch", "SUSE OpenStack Cloud 9:ardana-tempest-9.0+git.1603378983.fc0bca9-3.19.2.noarch", "SUSE OpenStack Cloud 9:grafana-6.7.4-3.20.1.x86_64", "SUSE OpenStack Cloud 9:influxdb-1.3.8-4.3.3.x86_64", "SUSE OpenStack Cloud 9:openstack-cinder-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud 9:openstack-cinder-api-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud 9:openstack-cinder-backup-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud 9:openstack-cinder-scheduler-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud 9:openstack-cinder-volume-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud 9:openstack-heat-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud 9:openstack-heat-api-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud 9:openstack-heat-api-cfn-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud 9:openstack-heat-engine-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud 9:openstack-heat-gbp-12.0.1~dev2-3.3.4.noarch", "SUSE OpenStack Cloud 9:openstack-heat-plugin-heat_docker-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud 9:openstack-heat-templates-0.0.0+git.1605509190.64f020b6-3.9.3.noarch", "SUSE OpenStack Cloud 9:openstack-horizon-plugin-gbp-ui-12.0.1~dev3-3.3.4.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-python-agent-3.3.4~dev6-3.19.4.noarch", "SUSE OpenStack Cloud 9:openstack-manila-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud 9:openstack-manila-api-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud 9:openstack-manila-data-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud 9:openstack-manila-scheduler-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud 9:openstack-manila-share-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-dhcp-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-gbp-12.0.1~dev5-3.19.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-ha-tool-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-l3-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-linuxbridge-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-macvtap-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-metadata-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-metering-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-openvswitch-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-server-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-vpnaas-13.0.2~dev6-3.9.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-vyatta-agent-13.0.2~dev6-3.9.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-api-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-cells-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-compute-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-conductor-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-console-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-novncproxy-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-placement-api-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-scheduler-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-serialproxy-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-vncproxy-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:python-Jinja2-2.10.1-3.3.3.noarch", "SUSE OpenStack Cloud 9:python-cinder-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud 9:python-heat-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud 9:python-heat-gbp-12.0.1~dev2-3.3.4.noarch", "SUSE OpenStack Cloud 9:python-horizon-plugin-gbp-ui-12.0.1~dev3-3.3.4.noarch", "SUSE OpenStack Cloud 9:python-manila-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud 9:python-neutron-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:python-neutron-gbp-12.0.1~dev5-3.19.4.noarch", "SUSE OpenStack Cloud 9:python-neutron-vpnaas-13.0.2~dev6-3.9.2.noarch", "SUSE OpenStack Cloud 9:python-neutron-vpnaas-tempest-plugin-13.0.2~dev6-3.9.2.noarch", "SUSE OpenStack Cloud 9:python-nova-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:python-pysaml2-4.5.0-4.3.3.noarch", "SUSE OpenStack Cloud 9:python-pytest-3.7.4-3.3.3.noarch", "SUSE OpenStack Cloud 9:python-urllib3-1.23-3.15.3.noarch", "SUSE OpenStack Cloud 9:release-notes-suse-openstack-cloud-9.20200917-3.24.3.noarch", "SUSE OpenStack Cloud 9:spark-2.2.3-5.3.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-barbican-x86_64-7.0.1~dev24-3.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-cinder-x86_64-13.0.10~dev20-3.24.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-designate-x86_64-7.0.2~dev2-3.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-glance-x86_64-17.0.1~dev30-3.19.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-heat-x86_64-11.0.4~dev4-3.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-horizon-x86_64-14.1.1~dev7-4.23.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-ironic-x86_64-11.1.5~dev16-4.19.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-keystone-x86_64-14.2.1~dev4-3.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-magnum-x86_64-7.2.1~dev1-4.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-manila-x86_64-7.4.2~dev57-3.25.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-monasca-ceilometer-x86_64-1.8.2~dev3-3.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-monasca-x86_64-2.7.1~dev10-3.19.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-neutron-x86_64-13.0.8~dev135-6.23.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-nova-x86_64-18.3.1~dev77-3.23.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-octavia-x86_64-3.2.3~dev7-4.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-sahara-x86_64-9.0.2~dev15-3.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-swift-x86_64-2.19.2~dev48-2.16.2.noarch", "SUSE OpenStack Cloud Crowbar 9:crowbar-core-6.0+git.1606314264.bf9ada813-3.31.2.x86_64", "SUSE OpenStack Cloud Crowbar 9:crowbar-core-branding-upstream-6.0+git.1606314264.bf9ada813-3.31.2.x86_64", "SUSE OpenStack Cloud Crowbar 9:crowbar-openstack-6.0+git.1604573541.bb18c172d-3.28.3.noarch", "SUSE OpenStack Cloud Crowbar 9:grafana-6.7.4-3.20.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:influxdb-1.3.8-4.3.3.x86_64", "SUSE OpenStack Cloud Crowbar 9:openstack-cinder-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-cinder-api-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-cinder-backup-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-cinder-scheduler-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-cinder-volume-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-heat-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-heat-api-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-heat-api-cfn-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-heat-engine-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-heat-gbp-12.0.1~dev2-3.3.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-heat-plugin-heat_docker-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-heat-templates-0.0.0+git.1605509190.64f020b6-3.9.3.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-horizon-plugin-gbp-ui-12.0.1~dev3-3.3.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-python-agent-3.3.4~dev6-3.19.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-manila-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-manila-api-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-manila-data-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-manila-scheduler-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-manila-share-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-dhcp-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-gbp-12.0.1~dev5-3.19.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-ha-tool-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-l3-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-linuxbridge-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-macvtap-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-metadata-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-metering-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-openvswitch-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-server-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-vpnaas-13.0.2~dev6-3.9.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-vyatta-agent-13.0.2~dev6-3.9.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-api-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-cells-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-compute-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-conductor-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-console-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-novncproxy-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-placement-api-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-scheduler-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-serialproxy-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-vncproxy-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-Jinja2-2.10.1-3.3.3.noarch", "SUSE OpenStack Cloud Crowbar 9:python-cinder-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-heat-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-heat-gbp-12.0.1~dev2-3.3.4.noarch", "SUSE OpenStack Cloud Crowbar 9:python-horizon-plugin-gbp-ui-12.0.1~dev3-3.3.4.noarch", "SUSE OpenStack Cloud Crowbar 9:python-manila-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-gbp-12.0.1~dev5-3.19.4.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-vpnaas-13.0.2~dev6-3.9.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-vpnaas-tempest-plugin-13.0.2~dev6-3.9.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-nova-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-pysaml2-4.5.0-4.3.3.noarch", "SUSE OpenStack Cloud Crowbar 9:python-pytest-3.7.4-3.3.3.noarch", "SUSE OpenStack Cloud Crowbar 9:python-urllib3-1.23-3.15.3.noarch", "SUSE OpenStack Cloud Crowbar 9:release-notes-suse-openstack-cloud-9.20200917-3.24.3.noarch", "SUSE OpenStack Cloud Crowbar 9:spark-2.2.3-5.3.3.noarch", ], }, references: [ { category: "external", summary: "CVE-2020-24303", url: "https://www.suse.com/security/cve/CVE-2020-24303", }, { category: "external", summary: "SUSE Bug 1178243 for CVE-2020-24303", url: "https://bugzilla.suse.com/1178243", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE OpenStack Cloud 9:ardana-cassandra-9.0+git.1600802664.7e480a2-3.6.2.noarch", "SUSE OpenStack Cloud 9:ardana-mq-9.0+git.1605174486.a78ddce-3.19.2.noarch", "SUSE OpenStack Cloud 9:ardana-osconfig-9.0+git.1601621747.a87e5a0-3.22.2.noarch", "SUSE OpenStack Cloud 9:ardana-tempest-9.0+git.1603378983.fc0bca9-3.19.2.noarch", "SUSE OpenStack Cloud 9:grafana-6.7.4-3.20.1.x86_64", "SUSE OpenStack Cloud 9:influxdb-1.3.8-4.3.3.x86_64", "SUSE OpenStack Cloud 9:openstack-cinder-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud 9:openstack-cinder-api-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud 9:openstack-cinder-backup-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud 9:openstack-cinder-scheduler-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud 9:openstack-cinder-volume-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud 9:openstack-heat-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud 9:openstack-heat-api-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud 9:openstack-heat-api-cfn-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud 9:openstack-heat-engine-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud 9:openstack-heat-gbp-12.0.1~dev2-3.3.4.noarch", "SUSE OpenStack Cloud 9:openstack-heat-plugin-heat_docker-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud 9:openstack-heat-templates-0.0.0+git.1605509190.64f020b6-3.9.3.noarch", "SUSE OpenStack Cloud 9:openstack-horizon-plugin-gbp-ui-12.0.1~dev3-3.3.4.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-python-agent-3.3.4~dev6-3.19.4.noarch", "SUSE OpenStack Cloud 9:openstack-manila-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud 9:openstack-manila-api-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud 9:openstack-manila-data-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud 9:openstack-manila-scheduler-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud 9:openstack-manila-share-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-dhcp-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-gbp-12.0.1~dev5-3.19.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-ha-tool-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-l3-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-linuxbridge-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-macvtap-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-metadata-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-metering-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-openvswitch-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-server-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-vpnaas-13.0.2~dev6-3.9.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-vyatta-agent-13.0.2~dev6-3.9.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-api-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-cells-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-compute-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-conductor-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-console-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-novncproxy-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-placement-api-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-scheduler-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-serialproxy-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-vncproxy-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:python-Jinja2-2.10.1-3.3.3.noarch", "SUSE OpenStack Cloud 9:python-cinder-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud 9:python-heat-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud 9:python-heat-gbp-12.0.1~dev2-3.3.4.noarch", "SUSE OpenStack Cloud 9:python-horizon-plugin-gbp-ui-12.0.1~dev3-3.3.4.noarch", "SUSE OpenStack Cloud 9:python-manila-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud 9:python-neutron-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:python-neutron-gbp-12.0.1~dev5-3.19.4.noarch", "SUSE OpenStack Cloud 9:python-neutron-vpnaas-13.0.2~dev6-3.9.2.noarch", "SUSE OpenStack Cloud 9:python-neutron-vpnaas-tempest-plugin-13.0.2~dev6-3.9.2.noarch", "SUSE OpenStack Cloud 9:python-nova-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:python-pysaml2-4.5.0-4.3.3.noarch", "SUSE OpenStack Cloud 9:python-pytest-3.7.4-3.3.3.noarch", "SUSE OpenStack Cloud 9:python-urllib3-1.23-3.15.3.noarch", "SUSE OpenStack Cloud 9:release-notes-suse-openstack-cloud-9.20200917-3.24.3.noarch", "SUSE OpenStack Cloud 9:spark-2.2.3-5.3.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-barbican-x86_64-7.0.1~dev24-3.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-cinder-x86_64-13.0.10~dev20-3.24.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-designate-x86_64-7.0.2~dev2-3.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-glance-x86_64-17.0.1~dev30-3.19.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-heat-x86_64-11.0.4~dev4-3.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-horizon-x86_64-14.1.1~dev7-4.23.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-ironic-x86_64-11.1.5~dev16-4.19.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-keystone-x86_64-14.2.1~dev4-3.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-magnum-x86_64-7.2.1~dev1-4.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-manila-x86_64-7.4.2~dev57-3.25.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-monasca-ceilometer-x86_64-1.8.2~dev3-3.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-monasca-x86_64-2.7.1~dev10-3.19.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-neutron-x86_64-13.0.8~dev135-6.23.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-nova-x86_64-18.3.1~dev77-3.23.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-octavia-x86_64-3.2.3~dev7-4.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-sahara-x86_64-9.0.2~dev15-3.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-swift-x86_64-2.19.2~dev48-2.16.2.noarch", "SUSE OpenStack Cloud Crowbar 9:crowbar-core-6.0+git.1606314264.bf9ada813-3.31.2.x86_64", "SUSE OpenStack Cloud Crowbar 9:crowbar-core-branding-upstream-6.0+git.1606314264.bf9ada813-3.31.2.x86_64", "SUSE OpenStack Cloud Crowbar 9:crowbar-openstack-6.0+git.1604573541.bb18c172d-3.28.3.noarch", "SUSE OpenStack Cloud Crowbar 9:grafana-6.7.4-3.20.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:influxdb-1.3.8-4.3.3.x86_64", "SUSE OpenStack Cloud Crowbar 9:openstack-cinder-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-cinder-api-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-cinder-backup-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-cinder-scheduler-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-cinder-volume-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-heat-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-heat-api-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-heat-api-cfn-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-heat-engine-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-heat-gbp-12.0.1~dev2-3.3.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-heat-plugin-heat_docker-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-heat-templates-0.0.0+git.1605509190.64f020b6-3.9.3.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-horizon-plugin-gbp-ui-12.0.1~dev3-3.3.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-python-agent-3.3.4~dev6-3.19.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-manila-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-manila-api-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-manila-data-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-manila-scheduler-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-manila-share-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-dhcp-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-gbp-12.0.1~dev5-3.19.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-ha-tool-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-l3-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-linuxbridge-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-macvtap-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-metadata-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-metering-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-openvswitch-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-server-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-vpnaas-13.0.2~dev6-3.9.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-vyatta-agent-13.0.2~dev6-3.9.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-api-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-cells-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-compute-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-conductor-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-console-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-novncproxy-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-placement-api-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-scheduler-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-serialproxy-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-vncproxy-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-Jinja2-2.10.1-3.3.3.noarch", "SUSE OpenStack Cloud Crowbar 9:python-cinder-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-heat-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-heat-gbp-12.0.1~dev2-3.3.4.noarch", "SUSE OpenStack Cloud Crowbar 9:python-horizon-plugin-gbp-ui-12.0.1~dev3-3.3.4.noarch", "SUSE OpenStack Cloud Crowbar 9:python-manila-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-gbp-12.0.1~dev5-3.19.4.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-vpnaas-13.0.2~dev6-3.9.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-vpnaas-tempest-plugin-13.0.2~dev6-3.9.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-nova-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-pysaml2-4.5.0-4.3.3.noarch", "SUSE OpenStack Cloud Crowbar 9:python-pytest-3.7.4-3.3.3.noarch", "SUSE OpenStack Cloud Crowbar 9:python-urllib3-1.23-3.15.3.noarch", "SUSE OpenStack Cloud Crowbar 9:release-notes-suse-openstack-cloud-9.20200917-3.24.3.noarch", "SUSE OpenStack Cloud Crowbar 9:spark-2.2.3-5.3.3.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 5.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, products: [ "SUSE OpenStack Cloud 9:ardana-cassandra-9.0+git.1600802664.7e480a2-3.6.2.noarch", "SUSE OpenStack Cloud 9:ardana-mq-9.0+git.1605174486.a78ddce-3.19.2.noarch", "SUSE OpenStack Cloud 9:ardana-osconfig-9.0+git.1601621747.a87e5a0-3.22.2.noarch", "SUSE OpenStack Cloud 9:ardana-tempest-9.0+git.1603378983.fc0bca9-3.19.2.noarch", "SUSE OpenStack Cloud 9:grafana-6.7.4-3.20.1.x86_64", "SUSE OpenStack Cloud 9:influxdb-1.3.8-4.3.3.x86_64", "SUSE OpenStack Cloud 9:openstack-cinder-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud 9:openstack-cinder-api-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud 9:openstack-cinder-backup-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud 9:openstack-cinder-scheduler-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud 9:openstack-cinder-volume-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud 9:openstack-heat-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud 9:openstack-heat-api-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud 9:openstack-heat-api-cfn-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud 9:openstack-heat-engine-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud 9:openstack-heat-gbp-12.0.1~dev2-3.3.4.noarch", "SUSE OpenStack Cloud 9:openstack-heat-plugin-heat_docker-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud 9:openstack-heat-templates-0.0.0+git.1605509190.64f020b6-3.9.3.noarch", "SUSE OpenStack Cloud 9:openstack-horizon-plugin-gbp-ui-12.0.1~dev3-3.3.4.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-python-agent-3.3.4~dev6-3.19.4.noarch", "SUSE OpenStack Cloud 9:openstack-manila-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud 9:openstack-manila-api-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud 9:openstack-manila-data-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud 9:openstack-manila-scheduler-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud 9:openstack-manila-share-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-dhcp-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-gbp-12.0.1~dev5-3.19.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-ha-tool-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-l3-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-linuxbridge-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-macvtap-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-metadata-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-metering-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-openvswitch-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-server-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-vpnaas-13.0.2~dev6-3.9.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-vyatta-agent-13.0.2~dev6-3.9.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-api-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-cells-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-compute-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-conductor-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-console-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-novncproxy-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-placement-api-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-scheduler-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-serialproxy-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-vncproxy-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:python-Jinja2-2.10.1-3.3.3.noarch", "SUSE OpenStack Cloud 9:python-cinder-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud 9:python-heat-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud 9:python-heat-gbp-12.0.1~dev2-3.3.4.noarch", "SUSE OpenStack Cloud 9:python-horizon-plugin-gbp-ui-12.0.1~dev3-3.3.4.noarch", "SUSE OpenStack Cloud 9:python-manila-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud 9:python-neutron-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:python-neutron-gbp-12.0.1~dev5-3.19.4.noarch", "SUSE OpenStack Cloud 9:python-neutron-vpnaas-13.0.2~dev6-3.9.2.noarch", "SUSE OpenStack Cloud 9:python-neutron-vpnaas-tempest-plugin-13.0.2~dev6-3.9.2.noarch", "SUSE OpenStack Cloud 9:python-nova-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:python-pysaml2-4.5.0-4.3.3.noarch", "SUSE OpenStack Cloud 9:python-pytest-3.7.4-3.3.3.noarch", "SUSE OpenStack Cloud 9:python-urllib3-1.23-3.15.3.noarch", "SUSE OpenStack Cloud 9:release-notes-suse-openstack-cloud-9.20200917-3.24.3.noarch", "SUSE OpenStack Cloud 9:spark-2.2.3-5.3.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-barbican-x86_64-7.0.1~dev24-3.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-cinder-x86_64-13.0.10~dev20-3.24.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-designate-x86_64-7.0.2~dev2-3.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-glance-x86_64-17.0.1~dev30-3.19.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-heat-x86_64-11.0.4~dev4-3.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-horizon-x86_64-14.1.1~dev7-4.23.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-ironic-x86_64-11.1.5~dev16-4.19.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-keystone-x86_64-14.2.1~dev4-3.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-magnum-x86_64-7.2.1~dev1-4.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-manila-x86_64-7.4.2~dev57-3.25.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-monasca-ceilometer-x86_64-1.8.2~dev3-3.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-monasca-x86_64-2.7.1~dev10-3.19.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-neutron-x86_64-13.0.8~dev135-6.23.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-nova-x86_64-18.3.1~dev77-3.23.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-octavia-x86_64-3.2.3~dev7-4.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-sahara-x86_64-9.0.2~dev15-3.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-swift-x86_64-2.19.2~dev48-2.16.2.noarch", "SUSE OpenStack Cloud Crowbar 9:crowbar-core-6.0+git.1606314264.bf9ada813-3.31.2.x86_64", "SUSE OpenStack Cloud Crowbar 9:crowbar-core-branding-upstream-6.0+git.1606314264.bf9ada813-3.31.2.x86_64", "SUSE OpenStack Cloud Crowbar 9:crowbar-openstack-6.0+git.1604573541.bb18c172d-3.28.3.noarch", "SUSE OpenStack Cloud Crowbar 9:grafana-6.7.4-3.20.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:influxdb-1.3.8-4.3.3.x86_64", "SUSE OpenStack Cloud Crowbar 9:openstack-cinder-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-cinder-api-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-cinder-backup-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-cinder-scheduler-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-cinder-volume-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-heat-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-heat-api-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-heat-api-cfn-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-heat-engine-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-heat-gbp-12.0.1~dev2-3.3.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-heat-plugin-heat_docker-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-heat-templates-0.0.0+git.1605509190.64f020b6-3.9.3.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-horizon-plugin-gbp-ui-12.0.1~dev3-3.3.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-python-agent-3.3.4~dev6-3.19.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-manila-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-manila-api-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-manila-data-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-manila-scheduler-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-manila-share-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-dhcp-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-gbp-12.0.1~dev5-3.19.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-ha-tool-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-l3-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-linuxbridge-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-macvtap-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-metadata-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-metering-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-openvswitch-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-server-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-vpnaas-13.0.2~dev6-3.9.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-vyatta-agent-13.0.2~dev6-3.9.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-api-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-cells-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-compute-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-conductor-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-console-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-novncproxy-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-placement-api-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-scheduler-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-serialproxy-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-vncproxy-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-Jinja2-2.10.1-3.3.3.noarch", "SUSE OpenStack Cloud Crowbar 9:python-cinder-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-heat-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-heat-gbp-12.0.1~dev2-3.3.4.noarch", "SUSE OpenStack Cloud Crowbar 9:python-horizon-plugin-gbp-ui-12.0.1~dev3-3.3.4.noarch", "SUSE OpenStack Cloud Crowbar 9:python-manila-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-gbp-12.0.1~dev5-3.19.4.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-vpnaas-13.0.2~dev6-3.9.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-vpnaas-tempest-plugin-13.0.2~dev6-3.9.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-nova-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-pysaml2-4.5.0-4.3.3.noarch", "SUSE OpenStack Cloud Crowbar 9:python-pytest-3.7.4-3.3.3.noarch", "SUSE OpenStack Cloud Crowbar 9:python-urllib3-1.23-3.15.3.noarch", "SUSE OpenStack Cloud Crowbar 9:release-notes-suse-openstack-cloud-9.20200917-3.24.3.noarch", "SUSE OpenStack Cloud Crowbar 9:spark-2.2.3-5.3.3.noarch", ], }, ], threats: [ { category: "impact", date: "2020-12-21T12:51:34Z", details: "moderate", }, ], title: "CVE-2020-24303", }, { cve: "CVE-2020-26137", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-26137", }, ], notes: [ { category: "general", text: "urllib3 before 1.25.9 allows CRLF injection if the attacker controls the HTTP request method, as demonstrated by inserting CR and LF control characters in the first argument of putrequest(). NOTE: this is similar to CVE-2020-26116.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE OpenStack Cloud 9:ardana-cassandra-9.0+git.1600802664.7e480a2-3.6.2.noarch", "SUSE OpenStack Cloud 9:ardana-mq-9.0+git.1605174486.a78ddce-3.19.2.noarch", "SUSE OpenStack Cloud 9:ardana-osconfig-9.0+git.1601621747.a87e5a0-3.22.2.noarch", "SUSE OpenStack Cloud 9:ardana-tempest-9.0+git.1603378983.fc0bca9-3.19.2.noarch", "SUSE OpenStack Cloud 9:grafana-6.7.4-3.20.1.x86_64", "SUSE OpenStack Cloud 9:influxdb-1.3.8-4.3.3.x86_64", "SUSE OpenStack Cloud 9:openstack-cinder-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud 9:openstack-cinder-api-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud 9:openstack-cinder-backup-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud 9:openstack-cinder-scheduler-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud 9:openstack-cinder-volume-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud 9:openstack-heat-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud 9:openstack-heat-api-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud 9:openstack-heat-api-cfn-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud 9:openstack-heat-engine-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud 9:openstack-heat-gbp-12.0.1~dev2-3.3.4.noarch", "SUSE OpenStack Cloud 9:openstack-heat-plugin-heat_docker-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud 9:openstack-heat-templates-0.0.0+git.1605509190.64f020b6-3.9.3.noarch", "SUSE OpenStack Cloud 9:openstack-horizon-plugin-gbp-ui-12.0.1~dev3-3.3.4.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-python-agent-3.3.4~dev6-3.19.4.noarch", "SUSE OpenStack Cloud 9:openstack-manila-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud 9:openstack-manila-api-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud 9:openstack-manila-data-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud 9:openstack-manila-scheduler-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud 9:openstack-manila-share-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-dhcp-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-gbp-12.0.1~dev5-3.19.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-ha-tool-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-l3-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-linuxbridge-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-macvtap-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-metadata-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-metering-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-openvswitch-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-server-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-vpnaas-13.0.2~dev6-3.9.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-vyatta-agent-13.0.2~dev6-3.9.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-api-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-cells-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-compute-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-conductor-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-console-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-novncproxy-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-placement-api-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-scheduler-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-serialproxy-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-vncproxy-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:python-Jinja2-2.10.1-3.3.3.noarch", "SUSE OpenStack Cloud 9:python-cinder-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud 9:python-heat-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud 9:python-heat-gbp-12.0.1~dev2-3.3.4.noarch", "SUSE OpenStack Cloud 9:python-horizon-plugin-gbp-ui-12.0.1~dev3-3.3.4.noarch", "SUSE OpenStack Cloud 9:python-manila-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud 9:python-neutron-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:python-neutron-gbp-12.0.1~dev5-3.19.4.noarch", "SUSE OpenStack Cloud 9:python-neutron-vpnaas-13.0.2~dev6-3.9.2.noarch", "SUSE OpenStack Cloud 9:python-neutron-vpnaas-tempest-plugin-13.0.2~dev6-3.9.2.noarch", "SUSE OpenStack Cloud 9:python-nova-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:python-pysaml2-4.5.0-4.3.3.noarch", "SUSE OpenStack Cloud 9:python-pytest-3.7.4-3.3.3.noarch", "SUSE OpenStack Cloud 9:python-urllib3-1.23-3.15.3.noarch", "SUSE OpenStack Cloud 9:release-notes-suse-openstack-cloud-9.20200917-3.24.3.noarch", "SUSE OpenStack Cloud 9:spark-2.2.3-5.3.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-barbican-x86_64-7.0.1~dev24-3.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-cinder-x86_64-13.0.10~dev20-3.24.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-designate-x86_64-7.0.2~dev2-3.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-glance-x86_64-17.0.1~dev30-3.19.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-heat-x86_64-11.0.4~dev4-3.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-horizon-x86_64-14.1.1~dev7-4.23.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-ironic-x86_64-11.1.5~dev16-4.19.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-keystone-x86_64-14.2.1~dev4-3.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-magnum-x86_64-7.2.1~dev1-4.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-manila-x86_64-7.4.2~dev57-3.25.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-monasca-ceilometer-x86_64-1.8.2~dev3-3.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-monasca-x86_64-2.7.1~dev10-3.19.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-neutron-x86_64-13.0.8~dev135-6.23.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-nova-x86_64-18.3.1~dev77-3.23.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-octavia-x86_64-3.2.3~dev7-4.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-sahara-x86_64-9.0.2~dev15-3.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-swift-x86_64-2.19.2~dev48-2.16.2.noarch", "SUSE OpenStack Cloud Crowbar 9:crowbar-core-6.0+git.1606314264.bf9ada813-3.31.2.x86_64", "SUSE OpenStack Cloud Crowbar 9:crowbar-core-branding-upstream-6.0+git.1606314264.bf9ada813-3.31.2.x86_64", "SUSE OpenStack Cloud Crowbar 9:crowbar-openstack-6.0+git.1604573541.bb18c172d-3.28.3.noarch", "SUSE OpenStack Cloud Crowbar 9:grafana-6.7.4-3.20.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:influxdb-1.3.8-4.3.3.x86_64", "SUSE OpenStack Cloud Crowbar 9:openstack-cinder-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-cinder-api-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-cinder-backup-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-cinder-scheduler-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-cinder-volume-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-heat-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-heat-api-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-heat-api-cfn-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-heat-engine-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-heat-gbp-12.0.1~dev2-3.3.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-heat-plugin-heat_docker-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-heat-templates-0.0.0+git.1605509190.64f020b6-3.9.3.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-horizon-plugin-gbp-ui-12.0.1~dev3-3.3.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-python-agent-3.3.4~dev6-3.19.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-manila-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-manila-api-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-manila-data-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-manila-scheduler-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-manila-share-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-dhcp-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-gbp-12.0.1~dev5-3.19.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-ha-tool-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-l3-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-linuxbridge-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-macvtap-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-metadata-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-metering-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-openvswitch-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-server-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-vpnaas-13.0.2~dev6-3.9.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-vyatta-agent-13.0.2~dev6-3.9.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-api-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-cells-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-compute-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-conductor-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-console-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-novncproxy-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-placement-api-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-scheduler-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-serialproxy-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-vncproxy-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-Jinja2-2.10.1-3.3.3.noarch", "SUSE OpenStack Cloud Crowbar 9:python-cinder-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-heat-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-heat-gbp-12.0.1~dev2-3.3.4.noarch", "SUSE OpenStack Cloud Crowbar 9:python-horizon-plugin-gbp-ui-12.0.1~dev3-3.3.4.noarch", "SUSE OpenStack Cloud Crowbar 9:python-manila-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-gbp-12.0.1~dev5-3.19.4.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-vpnaas-13.0.2~dev6-3.9.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-vpnaas-tempest-plugin-13.0.2~dev6-3.9.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-nova-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-pysaml2-4.5.0-4.3.3.noarch", "SUSE OpenStack Cloud Crowbar 9:python-pytest-3.7.4-3.3.3.noarch", "SUSE OpenStack Cloud Crowbar 9:python-urllib3-1.23-3.15.3.noarch", "SUSE OpenStack Cloud Crowbar 9:release-notes-suse-openstack-cloud-9.20200917-3.24.3.noarch", "SUSE OpenStack Cloud Crowbar 9:spark-2.2.3-5.3.3.noarch", ], }, references: [ { category: "external", summary: "CVE-2020-26137", url: "https://www.suse.com/security/cve/CVE-2020-26137", }, { category: "external", summary: "SUSE Bug 1177120 for CVE-2020-26137", url: "https://bugzilla.suse.com/1177120", }, { category: "external", summary: "SUSE Bug 1177211 for CVE-2020-26137", url: "https://bugzilla.suse.com/1177211", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE OpenStack Cloud 9:ardana-cassandra-9.0+git.1600802664.7e480a2-3.6.2.noarch", "SUSE OpenStack Cloud 9:ardana-mq-9.0+git.1605174486.a78ddce-3.19.2.noarch", "SUSE OpenStack Cloud 9:ardana-osconfig-9.0+git.1601621747.a87e5a0-3.22.2.noarch", "SUSE OpenStack Cloud 9:ardana-tempest-9.0+git.1603378983.fc0bca9-3.19.2.noarch", "SUSE OpenStack Cloud 9:grafana-6.7.4-3.20.1.x86_64", "SUSE OpenStack Cloud 9:influxdb-1.3.8-4.3.3.x86_64", "SUSE OpenStack Cloud 9:openstack-cinder-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud 9:openstack-cinder-api-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud 9:openstack-cinder-backup-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud 9:openstack-cinder-scheduler-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud 9:openstack-cinder-volume-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud 9:openstack-heat-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud 9:openstack-heat-api-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud 9:openstack-heat-api-cfn-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud 9:openstack-heat-engine-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud 9:openstack-heat-gbp-12.0.1~dev2-3.3.4.noarch", "SUSE OpenStack Cloud 9:openstack-heat-plugin-heat_docker-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud 9:openstack-heat-templates-0.0.0+git.1605509190.64f020b6-3.9.3.noarch", "SUSE OpenStack Cloud 9:openstack-horizon-plugin-gbp-ui-12.0.1~dev3-3.3.4.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-python-agent-3.3.4~dev6-3.19.4.noarch", "SUSE OpenStack Cloud 9:openstack-manila-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud 9:openstack-manila-api-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud 9:openstack-manila-data-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud 9:openstack-manila-scheduler-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud 9:openstack-manila-share-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-dhcp-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-gbp-12.0.1~dev5-3.19.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-ha-tool-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-l3-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-linuxbridge-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-macvtap-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-metadata-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-metering-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-openvswitch-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-server-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-vpnaas-13.0.2~dev6-3.9.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-vyatta-agent-13.0.2~dev6-3.9.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-api-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-cells-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-compute-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-conductor-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-console-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-novncproxy-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-placement-api-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-scheduler-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-serialproxy-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-vncproxy-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:python-Jinja2-2.10.1-3.3.3.noarch", "SUSE OpenStack Cloud 9:python-cinder-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud 9:python-heat-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud 9:python-heat-gbp-12.0.1~dev2-3.3.4.noarch", "SUSE OpenStack Cloud 9:python-horizon-plugin-gbp-ui-12.0.1~dev3-3.3.4.noarch", "SUSE OpenStack Cloud 9:python-manila-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud 9:python-neutron-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:python-neutron-gbp-12.0.1~dev5-3.19.4.noarch", "SUSE OpenStack Cloud 9:python-neutron-vpnaas-13.0.2~dev6-3.9.2.noarch", "SUSE OpenStack Cloud 9:python-neutron-vpnaas-tempest-plugin-13.0.2~dev6-3.9.2.noarch", "SUSE OpenStack Cloud 9:python-nova-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:python-pysaml2-4.5.0-4.3.3.noarch", "SUSE OpenStack Cloud 9:python-pytest-3.7.4-3.3.3.noarch", "SUSE OpenStack Cloud 9:python-urllib3-1.23-3.15.3.noarch", "SUSE OpenStack Cloud 9:release-notes-suse-openstack-cloud-9.20200917-3.24.3.noarch", "SUSE OpenStack Cloud 9:spark-2.2.3-5.3.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-barbican-x86_64-7.0.1~dev24-3.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-cinder-x86_64-13.0.10~dev20-3.24.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-designate-x86_64-7.0.2~dev2-3.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-glance-x86_64-17.0.1~dev30-3.19.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-heat-x86_64-11.0.4~dev4-3.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-horizon-x86_64-14.1.1~dev7-4.23.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-ironic-x86_64-11.1.5~dev16-4.19.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-keystone-x86_64-14.2.1~dev4-3.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-magnum-x86_64-7.2.1~dev1-4.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-manila-x86_64-7.4.2~dev57-3.25.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-monasca-ceilometer-x86_64-1.8.2~dev3-3.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-monasca-x86_64-2.7.1~dev10-3.19.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-neutron-x86_64-13.0.8~dev135-6.23.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-nova-x86_64-18.3.1~dev77-3.23.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-octavia-x86_64-3.2.3~dev7-4.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-sahara-x86_64-9.0.2~dev15-3.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-swift-x86_64-2.19.2~dev48-2.16.2.noarch", "SUSE OpenStack Cloud Crowbar 9:crowbar-core-6.0+git.1606314264.bf9ada813-3.31.2.x86_64", "SUSE OpenStack Cloud Crowbar 9:crowbar-core-branding-upstream-6.0+git.1606314264.bf9ada813-3.31.2.x86_64", "SUSE OpenStack Cloud Crowbar 9:crowbar-openstack-6.0+git.1604573541.bb18c172d-3.28.3.noarch", "SUSE OpenStack Cloud Crowbar 9:grafana-6.7.4-3.20.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:influxdb-1.3.8-4.3.3.x86_64", "SUSE OpenStack Cloud Crowbar 9:openstack-cinder-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-cinder-api-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-cinder-backup-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-cinder-scheduler-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-cinder-volume-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-heat-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-heat-api-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-heat-api-cfn-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-heat-engine-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-heat-gbp-12.0.1~dev2-3.3.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-heat-plugin-heat_docker-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-heat-templates-0.0.0+git.1605509190.64f020b6-3.9.3.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-horizon-plugin-gbp-ui-12.0.1~dev3-3.3.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-python-agent-3.3.4~dev6-3.19.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-manila-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-manila-api-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-manila-data-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-manila-scheduler-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-manila-share-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-dhcp-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-gbp-12.0.1~dev5-3.19.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-ha-tool-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-l3-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-linuxbridge-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-macvtap-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-metadata-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-metering-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-openvswitch-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-server-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-vpnaas-13.0.2~dev6-3.9.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-vyatta-agent-13.0.2~dev6-3.9.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-api-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-cells-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-compute-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-conductor-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-console-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-novncproxy-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-placement-api-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-scheduler-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-serialproxy-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-vncproxy-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-Jinja2-2.10.1-3.3.3.noarch", "SUSE OpenStack Cloud Crowbar 9:python-cinder-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-heat-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-heat-gbp-12.0.1~dev2-3.3.4.noarch", "SUSE OpenStack Cloud Crowbar 9:python-horizon-plugin-gbp-ui-12.0.1~dev3-3.3.4.noarch", "SUSE OpenStack Cloud Crowbar 9:python-manila-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-gbp-12.0.1~dev5-3.19.4.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-vpnaas-13.0.2~dev6-3.9.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-vpnaas-tempest-plugin-13.0.2~dev6-3.9.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-nova-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-pysaml2-4.5.0-4.3.3.noarch", "SUSE OpenStack Cloud Crowbar 9:python-pytest-3.7.4-3.3.3.noarch", "SUSE OpenStack Cloud Crowbar 9:python-urllib3-1.23-3.15.3.noarch", "SUSE OpenStack Cloud Crowbar 9:release-notes-suse-openstack-cloud-9.20200917-3.24.3.noarch", "SUSE OpenStack Cloud Crowbar 9:spark-2.2.3-5.3.3.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 5.8, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N", version: "3.1", }, products: [ "SUSE OpenStack Cloud 9:ardana-cassandra-9.0+git.1600802664.7e480a2-3.6.2.noarch", "SUSE OpenStack Cloud 9:ardana-mq-9.0+git.1605174486.a78ddce-3.19.2.noarch", "SUSE OpenStack Cloud 9:ardana-osconfig-9.0+git.1601621747.a87e5a0-3.22.2.noarch", "SUSE OpenStack Cloud 9:ardana-tempest-9.0+git.1603378983.fc0bca9-3.19.2.noarch", "SUSE OpenStack Cloud 9:grafana-6.7.4-3.20.1.x86_64", "SUSE OpenStack Cloud 9:influxdb-1.3.8-4.3.3.x86_64", "SUSE OpenStack Cloud 9:openstack-cinder-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud 9:openstack-cinder-api-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud 9:openstack-cinder-backup-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud 9:openstack-cinder-scheduler-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud 9:openstack-cinder-volume-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud 9:openstack-heat-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud 9:openstack-heat-api-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud 9:openstack-heat-api-cfn-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud 9:openstack-heat-engine-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud 9:openstack-heat-gbp-12.0.1~dev2-3.3.4.noarch", "SUSE OpenStack Cloud 9:openstack-heat-plugin-heat_docker-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud 9:openstack-heat-templates-0.0.0+git.1605509190.64f020b6-3.9.3.noarch", "SUSE OpenStack Cloud 9:openstack-horizon-plugin-gbp-ui-12.0.1~dev3-3.3.4.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-python-agent-3.3.4~dev6-3.19.4.noarch", "SUSE OpenStack Cloud 9:openstack-manila-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud 9:openstack-manila-api-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud 9:openstack-manila-data-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud 9:openstack-manila-scheduler-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud 9:openstack-manila-share-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-dhcp-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-gbp-12.0.1~dev5-3.19.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-ha-tool-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-l3-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-linuxbridge-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-macvtap-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-metadata-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-metering-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-openvswitch-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-server-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-vpnaas-13.0.2~dev6-3.9.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-vyatta-agent-13.0.2~dev6-3.9.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-api-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-cells-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-compute-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-conductor-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-console-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-novncproxy-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-placement-api-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-scheduler-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-serialproxy-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-vncproxy-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:python-Jinja2-2.10.1-3.3.3.noarch", "SUSE OpenStack Cloud 9:python-cinder-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud 9:python-heat-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud 9:python-heat-gbp-12.0.1~dev2-3.3.4.noarch", "SUSE OpenStack Cloud 9:python-horizon-plugin-gbp-ui-12.0.1~dev3-3.3.4.noarch", "SUSE OpenStack Cloud 9:python-manila-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud 9:python-neutron-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:python-neutron-gbp-12.0.1~dev5-3.19.4.noarch", "SUSE OpenStack Cloud 9:python-neutron-vpnaas-13.0.2~dev6-3.9.2.noarch", "SUSE OpenStack Cloud 9:python-neutron-vpnaas-tempest-plugin-13.0.2~dev6-3.9.2.noarch", "SUSE OpenStack Cloud 9:python-nova-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:python-pysaml2-4.5.0-4.3.3.noarch", "SUSE OpenStack Cloud 9:python-pytest-3.7.4-3.3.3.noarch", "SUSE OpenStack Cloud 9:python-urllib3-1.23-3.15.3.noarch", "SUSE OpenStack Cloud 9:release-notes-suse-openstack-cloud-9.20200917-3.24.3.noarch", "SUSE OpenStack Cloud 9:spark-2.2.3-5.3.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-barbican-x86_64-7.0.1~dev24-3.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-cinder-x86_64-13.0.10~dev20-3.24.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-designate-x86_64-7.0.2~dev2-3.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-glance-x86_64-17.0.1~dev30-3.19.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-heat-x86_64-11.0.4~dev4-3.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-horizon-x86_64-14.1.1~dev7-4.23.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-ironic-x86_64-11.1.5~dev16-4.19.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-keystone-x86_64-14.2.1~dev4-3.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-magnum-x86_64-7.2.1~dev1-4.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-manila-x86_64-7.4.2~dev57-3.25.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-monasca-ceilometer-x86_64-1.8.2~dev3-3.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-monasca-x86_64-2.7.1~dev10-3.19.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-neutron-x86_64-13.0.8~dev135-6.23.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-nova-x86_64-18.3.1~dev77-3.23.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-octavia-x86_64-3.2.3~dev7-4.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-sahara-x86_64-9.0.2~dev15-3.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-swift-x86_64-2.19.2~dev48-2.16.2.noarch", "SUSE OpenStack Cloud Crowbar 9:crowbar-core-6.0+git.1606314264.bf9ada813-3.31.2.x86_64", "SUSE OpenStack Cloud Crowbar 9:crowbar-core-branding-upstream-6.0+git.1606314264.bf9ada813-3.31.2.x86_64", "SUSE OpenStack Cloud Crowbar 9:crowbar-openstack-6.0+git.1604573541.bb18c172d-3.28.3.noarch", "SUSE OpenStack Cloud Crowbar 9:grafana-6.7.4-3.20.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:influxdb-1.3.8-4.3.3.x86_64", "SUSE OpenStack Cloud Crowbar 9:openstack-cinder-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-cinder-api-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-cinder-backup-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-cinder-scheduler-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-cinder-volume-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-heat-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-heat-api-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-heat-api-cfn-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-heat-engine-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-heat-gbp-12.0.1~dev2-3.3.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-heat-plugin-heat_docker-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-heat-templates-0.0.0+git.1605509190.64f020b6-3.9.3.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-horizon-plugin-gbp-ui-12.0.1~dev3-3.3.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-python-agent-3.3.4~dev6-3.19.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-manila-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-manila-api-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-manila-data-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-manila-scheduler-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-manila-share-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-dhcp-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-gbp-12.0.1~dev5-3.19.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-ha-tool-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-l3-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-linuxbridge-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-macvtap-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-metadata-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-metering-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-openvswitch-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-server-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-vpnaas-13.0.2~dev6-3.9.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-vyatta-agent-13.0.2~dev6-3.9.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-api-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-cells-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-compute-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-conductor-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-console-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-novncproxy-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-placement-api-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-scheduler-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-serialproxy-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-vncproxy-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-Jinja2-2.10.1-3.3.3.noarch", "SUSE OpenStack Cloud Crowbar 9:python-cinder-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-heat-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-heat-gbp-12.0.1~dev2-3.3.4.noarch", "SUSE OpenStack Cloud Crowbar 9:python-horizon-plugin-gbp-ui-12.0.1~dev3-3.3.4.noarch", "SUSE OpenStack Cloud Crowbar 9:python-manila-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-gbp-12.0.1~dev5-3.19.4.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-vpnaas-13.0.2~dev6-3.9.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-vpnaas-tempest-plugin-13.0.2~dev6-3.9.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-nova-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-pysaml2-4.5.0-4.3.3.noarch", "SUSE OpenStack Cloud Crowbar 9:python-pytest-3.7.4-3.3.3.noarch", "SUSE OpenStack Cloud Crowbar 9:python-urllib3-1.23-3.15.3.noarch", "SUSE OpenStack Cloud Crowbar 9:release-notes-suse-openstack-cloud-9.20200917-3.24.3.noarch", "SUSE OpenStack Cloud Crowbar 9:spark-2.2.3-5.3.3.noarch", ], }, ], threats: [ { category: "impact", date: "2020-12-21T12:51:34Z", details: "moderate", }, ], title: "CVE-2020-26137", }, { cve: "CVE-2020-5390", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-5390", }, ], notes: [ { category: "general", text: "PySAML2 before 5.0.0 does not check that the signature in a SAML document is enveloped and thus signature wrapping is effective, i.e., it is affected by XML Signature Wrapping (XSW). The signature information and the node/object that is signed can be in different places and thus the signature verification will succeed, but the wrong data will be used. This specifically affects the verification of assertion that have been signed.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE OpenStack Cloud 9:ardana-cassandra-9.0+git.1600802664.7e480a2-3.6.2.noarch", "SUSE OpenStack Cloud 9:ardana-mq-9.0+git.1605174486.a78ddce-3.19.2.noarch", "SUSE OpenStack Cloud 9:ardana-osconfig-9.0+git.1601621747.a87e5a0-3.22.2.noarch", "SUSE OpenStack Cloud 9:ardana-tempest-9.0+git.1603378983.fc0bca9-3.19.2.noarch", "SUSE OpenStack Cloud 9:grafana-6.7.4-3.20.1.x86_64", "SUSE OpenStack Cloud 9:influxdb-1.3.8-4.3.3.x86_64", "SUSE OpenStack Cloud 9:openstack-cinder-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud 9:openstack-cinder-api-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud 9:openstack-cinder-backup-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud 9:openstack-cinder-scheduler-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud 9:openstack-cinder-volume-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud 9:openstack-heat-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud 9:openstack-heat-api-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud 9:openstack-heat-api-cfn-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud 9:openstack-heat-engine-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud 9:openstack-heat-gbp-12.0.1~dev2-3.3.4.noarch", "SUSE OpenStack Cloud 9:openstack-heat-plugin-heat_docker-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud 9:openstack-heat-templates-0.0.0+git.1605509190.64f020b6-3.9.3.noarch", "SUSE OpenStack Cloud 9:openstack-horizon-plugin-gbp-ui-12.0.1~dev3-3.3.4.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-python-agent-3.3.4~dev6-3.19.4.noarch", "SUSE OpenStack Cloud 9:openstack-manila-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud 9:openstack-manila-api-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud 9:openstack-manila-data-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud 9:openstack-manila-scheduler-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud 9:openstack-manila-share-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-dhcp-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-gbp-12.0.1~dev5-3.19.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-ha-tool-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-l3-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-linuxbridge-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-macvtap-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-metadata-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-metering-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-openvswitch-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-server-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-vpnaas-13.0.2~dev6-3.9.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-vyatta-agent-13.0.2~dev6-3.9.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-api-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-cells-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-compute-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-conductor-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-console-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-novncproxy-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-placement-api-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-scheduler-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-serialproxy-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-vncproxy-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:python-Jinja2-2.10.1-3.3.3.noarch", "SUSE OpenStack Cloud 9:python-cinder-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud 9:python-heat-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud 9:python-heat-gbp-12.0.1~dev2-3.3.4.noarch", "SUSE OpenStack Cloud 9:python-horizon-plugin-gbp-ui-12.0.1~dev3-3.3.4.noarch", "SUSE OpenStack Cloud 9:python-manila-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud 9:python-neutron-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:python-neutron-gbp-12.0.1~dev5-3.19.4.noarch", "SUSE OpenStack Cloud 9:python-neutron-vpnaas-13.0.2~dev6-3.9.2.noarch", "SUSE OpenStack Cloud 9:python-neutron-vpnaas-tempest-plugin-13.0.2~dev6-3.9.2.noarch", "SUSE OpenStack Cloud 9:python-nova-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:python-pysaml2-4.5.0-4.3.3.noarch", "SUSE OpenStack Cloud 9:python-pytest-3.7.4-3.3.3.noarch", "SUSE OpenStack Cloud 9:python-urllib3-1.23-3.15.3.noarch", "SUSE OpenStack Cloud 9:release-notes-suse-openstack-cloud-9.20200917-3.24.3.noarch", "SUSE OpenStack Cloud 9:spark-2.2.3-5.3.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-barbican-x86_64-7.0.1~dev24-3.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-cinder-x86_64-13.0.10~dev20-3.24.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-designate-x86_64-7.0.2~dev2-3.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-glance-x86_64-17.0.1~dev30-3.19.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-heat-x86_64-11.0.4~dev4-3.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-horizon-x86_64-14.1.1~dev7-4.23.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-ironic-x86_64-11.1.5~dev16-4.19.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-keystone-x86_64-14.2.1~dev4-3.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-magnum-x86_64-7.2.1~dev1-4.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-manila-x86_64-7.4.2~dev57-3.25.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-monasca-ceilometer-x86_64-1.8.2~dev3-3.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-monasca-x86_64-2.7.1~dev10-3.19.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-neutron-x86_64-13.0.8~dev135-6.23.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-nova-x86_64-18.3.1~dev77-3.23.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-octavia-x86_64-3.2.3~dev7-4.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-sahara-x86_64-9.0.2~dev15-3.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-swift-x86_64-2.19.2~dev48-2.16.2.noarch", "SUSE OpenStack Cloud Crowbar 9:crowbar-core-6.0+git.1606314264.bf9ada813-3.31.2.x86_64", "SUSE OpenStack Cloud Crowbar 9:crowbar-core-branding-upstream-6.0+git.1606314264.bf9ada813-3.31.2.x86_64", "SUSE OpenStack Cloud Crowbar 9:crowbar-openstack-6.0+git.1604573541.bb18c172d-3.28.3.noarch", "SUSE OpenStack Cloud Crowbar 9:grafana-6.7.4-3.20.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:influxdb-1.3.8-4.3.3.x86_64", "SUSE OpenStack Cloud Crowbar 9:openstack-cinder-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-cinder-api-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-cinder-backup-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-cinder-scheduler-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-cinder-volume-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-heat-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-heat-api-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-heat-api-cfn-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-heat-engine-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-heat-gbp-12.0.1~dev2-3.3.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-heat-plugin-heat_docker-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-heat-templates-0.0.0+git.1605509190.64f020b6-3.9.3.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-horizon-plugin-gbp-ui-12.0.1~dev3-3.3.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-python-agent-3.3.4~dev6-3.19.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-manila-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-manila-api-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-manila-data-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-manila-scheduler-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-manila-share-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-dhcp-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-gbp-12.0.1~dev5-3.19.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-ha-tool-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-l3-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-linuxbridge-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-macvtap-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-metadata-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-metering-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-openvswitch-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-server-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-vpnaas-13.0.2~dev6-3.9.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-vyatta-agent-13.0.2~dev6-3.9.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-api-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-cells-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-compute-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-conductor-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-console-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-novncproxy-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-placement-api-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-scheduler-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-serialproxy-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-vncproxy-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-Jinja2-2.10.1-3.3.3.noarch", "SUSE OpenStack Cloud Crowbar 9:python-cinder-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-heat-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-heat-gbp-12.0.1~dev2-3.3.4.noarch", "SUSE OpenStack Cloud Crowbar 9:python-horizon-plugin-gbp-ui-12.0.1~dev3-3.3.4.noarch", "SUSE OpenStack Cloud Crowbar 9:python-manila-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-gbp-12.0.1~dev5-3.19.4.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-vpnaas-13.0.2~dev6-3.9.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-vpnaas-tempest-plugin-13.0.2~dev6-3.9.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-nova-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-pysaml2-4.5.0-4.3.3.noarch", "SUSE OpenStack Cloud Crowbar 9:python-pytest-3.7.4-3.3.3.noarch", "SUSE OpenStack Cloud Crowbar 9:python-urllib3-1.23-3.15.3.noarch", "SUSE OpenStack Cloud Crowbar 9:release-notes-suse-openstack-cloud-9.20200917-3.24.3.noarch", "SUSE OpenStack Cloud Crowbar 9:spark-2.2.3-5.3.3.noarch", ], }, references: [ { category: "external", summary: "CVE-2020-5390", url: "https://www.suse.com/security/cve/CVE-2020-5390", }, { category: "external", summary: "SUSE Bug 1160851 for CVE-2020-5390", url: "https://bugzilla.suse.com/1160851", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE OpenStack Cloud 9:ardana-cassandra-9.0+git.1600802664.7e480a2-3.6.2.noarch", "SUSE OpenStack Cloud 9:ardana-mq-9.0+git.1605174486.a78ddce-3.19.2.noarch", "SUSE OpenStack Cloud 9:ardana-osconfig-9.0+git.1601621747.a87e5a0-3.22.2.noarch", "SUSE OpenStack Cloud 9:ardana-tempest-9.0+git.1603378983.fc0bca9-3.19.2.noarch", "SUSE OpenStack Cloud 9:grafana-6.7.4-3.20.1.x86_64", "SUSE OpenStack Cloud 9:influxdb-1.3.8-4.3.3.x86_64", "SUSE OpenStack Cloud 9:openstack-cinder-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud 9:openstack-cinder-api-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud 9:openstack-cinder-backup-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud 9:openstack-cinder-scheduler-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud 9:openstack-cinder-volume-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud 9:openstack-heat-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud 9:openstack-heat-api-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud 9:openstack-heat-api-cfn-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud 9:openstack-heat-engine-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud 9:openstack-heat-gbp-12.0.1~dev2-3.3.4.noarch", "SUSE OpenStack Cloud 9:openstack-heat-plugin-heat_docker-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud 9:openstack-heat-templates-0.0.0+git.1605509190.64f020b6-3.9.3.noarch", "SUSE OpenStack Cloud 9:openstack-horizon-plugin-gbp-ui-12.0.1~dev3-3.3.4.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-python-agent-3.3.4~dev6-3.19.4.noarch", "SUSE OpenStack Cloud 9:openstack-manila-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud 9:openstack-manila-api-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud 9:openstack-manila-data-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud 9:openstack-manila-scheduler-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud 9:openstack-manila-share-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-dhcp-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-gbp-12.0.1~dev5-3.19.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-ha-tool-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-l3-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-linuxbridge-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-macvtap-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-metadata-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-metering-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-openvswitch-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-server-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-vpnaas-13.0.2~dev6-3.9.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-vyatta-agent-13.0.2~dev6-3.9.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-api-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-cells-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-compute-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-conductor-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-console-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-novncproxy-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-placement-api-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-scheduler-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-serialproxy-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-vncproxy-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:python-Jinja2-2.10.1-3.3.3.noarch", "SUSE OpenStack Cloud 9:python-cinder-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud 9:python-heat-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud 9:python-heat-gbp-12.0.1~dev2-3.3.4.noarch", "SUSE OpenStack Cloud 9:python-horizon-plugin-gbp-ui-12.0.1~dev3-3.3.4.noarch", "SUSE OpenStack Cloud 9:python-manila-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud 9:python-neutron-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:python-neutron-gbp-12.0.1~dev5-3.19.4.noarch", "SUSE OpenStack Cloud 9:python-neutron-vpnaas-13.0.2~dev6-3.9.2.noarch", "SUSE OpenStack Cloud 9:python-neutron-vpnaas-tempest-plugin-13.0.2~dev6-3.9.2.noarch", "SUSE OpenStack Cloud 9:python-nova-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:python-pysaml2-4.5.0-4.3.3.noarch", "SUSE OpenStack Cloud 9:python-pytest-3.7.4-3.3.3.noarch", "SUSE OpenStack Cloud 9:python-urllib3-1.23-3.15.3.noarch", "SUSE OpenStack Cloud 9:release-notes-suse-openstack-cloud-9.20200917-3.24.3.noarch", "SUSE OpenStack Cloud 9:spark-2.2.3-5.3.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-barbican-x86_64-7.0.1~dev24-3.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-cinder-x86_64-13.0.10~dev20-3.24.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-designate-x86_64-7.0.2~dev2-3.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-glance-x86_64-17.0.1~dev30-3.19.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-heat-x86_64-11.0.4~dev4-3.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-horizon-x86_64-14.1.1~dev7-4.23.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-ironic-x86_64-11.1.5~dev16-4.19.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-keystone-x86_64-14.2.1~dev4-3.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-magnum-x86_64-7.2.1~dev1-4.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-manila-x86_64-7.4.2~dev57-3.25.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-monasca-ceilometer-x86_64-1.8.2~dev3-3.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-monasca-x86_64-2.7.1~dev10-3.19.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-neutron-x86_64-13.0.8~dev135-6.23.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-nova-x86_64-18.3.1~dev77-3.23.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-octavia-x86_64-3.2.3~dev7-4.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-sahara-x86_64-9.0.2~dev15-3.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-swift-x86_64-2.19.2~dev48-2.16.2.noarch", "SUSE OpenStack Cloud Crowbar 9:crowbar-core-6.0+git.1606314264.bf9ada813-3.31.2.x86_64", "SUSE OpenStack Cloud Crowbar 9:crowbar-core-branding-upstream-6.0+git.1606314264.bf9ada813-3.31.2.x86_64", "SUSE OpenStack Cloud Crowbar 9:crowbar-openstack-6.0+git.1604573541.bb18c172d-3.28.3.noarch", "SUSE OpenStack Cloud Crowbar 9:grafana-6.7.4-3.20.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:influxdb-1.3.8-4.3.3.x86_64", "SUSE OpenStack Cloud Crowbar 9:openstack-cinder-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-cinder-api-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-cinder-backup-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-cinder-scheduler-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-cinder-volume-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-heat-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-heat-api-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-heat-api-cfn-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-heat-engine-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-heat-gbp-12.0.1~dev2-3.3.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-heat-plugin-heat_docker-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-heat-templates-0.0.0+git.1605509190.64f020b6-3.9.3.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-horizon-plugin-gbp-ui-12.0.1~dev3-3.3.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-python-agent-3.3.4~dev6-3.19.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-manila-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-manila-api-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-manila-data-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-manila-scheduler-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-manila-share-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-dhcp-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-gbp-12.0.1~dev5-3.19.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-ha-tool-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-l3-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-linuxbridge-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-macvtap-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-metadata-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-metering-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-openvswitch-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-server-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-vpnaas-13.0.2~dev6-3.9.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-vyatta-agent-13.0.2~dev6-3.9.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-api-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-cells-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-compute-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-conductor-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-console-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-novncproxy-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-placement-api-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-scheduler-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-serialproxy-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-vncproxy-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-Jinja2-2.10.1-3.3.3.noarch", "SUSE OpenStack Cloud Crowbar 9:python-cinder-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-heat-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-heat-gbp-12.0.1~dev2-3.3.4.noarch", "SUSE OpenStack Cloud Crowbar 9:python-horizon-plugin-gbp-ui-12.0.1~dev3-3.3.4.noarch", "SUSE OpenStack Cloud Crowbar 9:python-manila-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-gbp-12.0.1~dev5-3.19.4.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-vpnaas-13.0.2~dev6-3.9.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-vpnaas-tempest-plugin-13.0.2~dev6-3.9.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-nova-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-pysaml2-4.5.0-4.3.3.noarch", "SUSE OpenStack Cloud Crowbar 9:python-pytest-3.7.4-3.3.3.noarch", "SUSE OpenStack Cloud Crowbar 9:python-urllib3-1.23-3.15.3.noarch", "SUSE OpenStack Cloud Crowbar 9:release-notes-suse-openstack-cloud-9.20200917-3.24.3.noarch", "SUSE OpenStack Cloud Crowbar 9:spark-2.2.3-5.3.3.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", version: "3.1", }, products: [ "SUSE OpenStack Cloud 9:ardana-cassandra-9.0+git.1600802664.7e480a2-3.6.2.noarch", "SUSE OpenStack Cloud 9:ardana-mq-9.0+git.1605174486.a78ddce-3.19.2.noarch", "SUSE OpenStack Cloud 9:ardana-osconfig-9.0+git.1601621747.a87e5a0-3.22.2.noarch", "SUSE OpenStack Cloud 9:ardana-tempest-9.0+git.1603378983.fc0bca9-3.19.2.noarch", "SUSE OpenStack Cloud 9:grafana-6.7.4-3.20.1.x86_64", "SUSE OpenStack Cloud 9:influxdb-1.3.8-4.3.3.x86_64", "SUSE OpenStack Cloud 9:openstack-cinder-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud 9:openstack-cinder-api-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud 9:openstack-cinder-backup-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud 9:openstack-cinder-scheduler-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud 9:openstack-cinder-volume-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud 9:openstack-heat-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud 9:openstack-heat-api-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud 9:openstack-heat-api-cfn-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud 9:openstack-heat-engine-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud 9:openstack-heat-gbp-12.0.1~dev2-3.3.4.noarch", "SUSE OpenStack Cloud 9:openstack-heat-plugin-heat_docker-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud 9:openstack-heat-templates-0.0.0+git.1605509190.64f020b6-3.9.3.noarch", "SUSE OpenStack Cloud 9:openstack-horizon-plugin-gbp-ui-12.0.1~dev3-3.3.4.noarch", "SUSE OpenStack Cloud 9:openstack-ironic-python-agent-3.3.4~dev6-3.19.4.noarch", "SUSE OpenStack Cloud 9:openstack-manila-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud 9:openstack-manila-api-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud 9:openstack-manila-data-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud 9:openstack-manila-scheduler-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud 9:openstack-manila-share-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-dhcp-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-gbp-12.0.1~dev5-3.19.4.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-ha-tool-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-l3-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-linuxbridge-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-macvtap-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-metadata-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-metering-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-openvswitch-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-server-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-vpnaas-13.0.2~dev6-3.9.2.noarch", "SUSE OpenStack Cloud 9:openstack-neutron-vyatta-agent-13.0.2~dev6-3.9.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-api-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-cells-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-compute-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-conductor-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-console-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-novncproxy-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-placement-api-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-scheduler-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-serialproxy-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:openstack-nova-vncproxy-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:python-Jinja2-2.10.1-3.3.3.noarch", "SUSE OpenStack Cloud 9:python-cinder-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud 9:python-heat-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud 9:python-heat-gbp-12.0.1~dev2-3.3.4.noarch", "SUSE OpenStack Cloud 9:python-horizon-plugin-gbp-ui-12.0.1~dev3-3.3.4.noarch", "SUSE OpenStack Cloud 9:python-manila-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud 9:python-neutron-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud 9:python-neutron-gbp-12.0.1~dev5-3.19.4.noarch", "SUSE OpenStack Cloud 9:python-neutron-vpnaas-13.0.2~dev6-3.9.2.noarch", "SUSE OpenStack Cloud 9:python-neutron-vpnaas-tempest-plugin-13.0.2~dev6-3.9.2.noarch", "SUSE OpenStack Cloud 9:python-nova-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud 9:python-pysaml2-4.5.0-4.3.3.noarch", "SUSE OpenStack Cloud 9:python-pytest-3.7.4-3.3.3.noarch", "SUSE OpenStack Cloud 9:python-urllib3-1.23-3.15.3.noarch", "SUSE OpenStack Cloud 9:release-notes-suse-openstack-cloud-9.20200917-3.24.3.noarch", "SUSE OpenStack Cloud 9:spark-2.2.3-5.3.3.noarch", "SUSE OpenStack Cloud 9:venv-openstack-barbican-x86_64-7.0.1~dev24-3.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-cinder-x86_64-13.0.10~dev20-3.24.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-designate-x86_64-7.0.2~dev2-3.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-glance-x86_64-17.0.1~dev30-3.19.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-heat-x86_64-11.0.4~dev4-3.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-horizon-x86_64-14.1.1~dev7-4.23.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-ironic-x86_64-11.1.5~dev16-4.19.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-keystone-x86_64-14.2.1~dev4-3.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-magnum-x86_64-7.2.1~dev1-4.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-manila-x86_64-7.4.2~dev57-3.25.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-monasca-ceilometer-x86_64-1.8.2~dev3-3.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-monasca-x86_64-2.7.1~dev10-3.19.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-neutron-x86_64-13.0.8~dev135-6.23.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-nova-x86_64-18.3.1~dev77-3.23.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-octavia-x86_64-3.2.3~dev7-4.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-sahara-x86_64-9.0.2~dev15-3.21.2.noarch", "SUSE OpenStack Cloud 9:venv-openstack-swift-x86_64-2.19.2~dev48-2.16.2.noarch", "SUSE OpenStack Cloud Crowbar 9:crowbar-core-6.0+git.1606314264.bf9ada813-3.31.2.x86_64", "SUSE OpenStack Cloud Crowbar 9:crowbar-core-branding-upstream-6.0+git.1606314264.bf9ada813-3.31.2.x86_64", "SUSE OpenStack Cloud Crowbar 9:crowbar-openstack-6.0+git.1604573541.bb18c172d-3.28.3.noarch", "SUSE OpenStack Cloud Crowbar 9:grafana-6.7.4-3.20.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:influxdb-1.3.8-4.3.3.x86_64", "SUSE OpenStack Cloud Crowbar 9:openstack-cinder-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-cinder-api-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-cinder-backup-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-cinder-scheduler-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-cinder-volume-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-heat-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-heat-api-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-heat-api-cfn-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-heat-engine-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-heat-gbp-12.0.1~dev2-3.3.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-heat-plugin-heat_docker-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-heat-templates-0.0.0+git.1605509190.64f020b6-3.9.3.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-horizon-plugin-gbp-ui-12.0.1~dev3-3.3.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-ironic-python-agent-3.3.4~dev6-3.19.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-manila-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-manila-api-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-manila-data-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-manila-scheduler-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-manila-share-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-dhcp-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-gbp-12.0.1~dev5-3.19.4.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-ha-tool-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-l3-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-linuxbridge-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-macvtap-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-metadata-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-metering-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-openvswitch-agent-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-server-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-vpnaas-13.0.2~dev6-3.9.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-neutron-vyatta-agent-13.0.2~dev6-3.9.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-api-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-cells-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-compute-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-conductor-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-console-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-novncproxy-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-placement-api-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-scheduler-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-serialproxy-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:openstack-nova-vncproxy-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-Jinja2-2.10.1-3.3.3.noarch", "SUSE OpenStack Cloud Crowbar 9:python-cinder-13.0.10~dev20-3.28.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-heat-11.0.4~dev4-3.19.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-heat-gbp-12.0.1~dev2-3.3.4.noarch", "SUSE OpenStack Cloud Crowbar 9:python-horizon-plugin-gbp-ui-12.0.1~dev3-3.3.4.noarch", "SUSE OpenStack Cloud Crowbar 9:python-manila-7.4.2~dev57-4.30.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-13.0.8~dev135-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-gbp-12.0.1~dev5-3.19.4.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-vpnaas-13.0.2~dev6-3.9.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-neutron-vpnaas-tempest-plugin-13.0.2~dev6-3.9.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-nova-18.3.1~dev77-3.31.2.noarch", "SUSE OpenStack Cloud Crowbar 9:python-pysaml2-4.5.0-4.3.3.noarch", "SUSE OpenStack Cloud Crowbar 9:python-pytest-3.7.4-3.3.3.noarch", "SUSE OpenStack Cloud Crowbar 9:python-urllib3-1.23-3.15.3.noarch", "SUSE OpenStack Cloud Crowbar 9:release-notes-suse-openstack-cloud-9.20200917-3.24.3.noarch", "SUSE OpenStack Cloud Crowbar 9:spark-2.2.3-5.3.3.noarch", ], }, ], threats: [ { category: "impact", date: "2020-12-21T12:51:34Z", details: "moderate", }, ], title: "CVE-2020-5390", }, ], }
gsd-2020-24303
Vulnerability from gsd
Modified
2023-12-13 01:22
Details
Grafana before 7.1.0-beta 1 allows XSS via a query alias for the ElasticSearch datasource.
Aliases
Aliases
{ GSD: { alias: "CVE-2020-24303", description: "Grafana before 7.1.0-beta 1 allows XSS via a query alias for the ElasticSearch datasource.", id: "GSD-2020-24303", references: [ "https://www.suse.com/security/cve/CVE-2020-24303.html", "https://access.redhat.com/errata/RHSA-2021:1859", "https://linux.oracle.com/cve/CVE-2020-24303.html", ], }, gsd: { metadata: { exploitCode: "unknown", remediation: "unknown", reportConfidence: "confirmed", type: "vulnerability", }, osvSchema: { aliases: [ "CVE-2020-24303", ], details: "Grafana before 7.1.0-beta 1 allows XSS via a query alias for the ElasticSearch datasource.", id: "GSD-2020-24303", modified: "2023-12-13T01:22:12.359753Z", schema_version: "1.4.0", }, }, namespaces: { "cve.org": { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2020-24303", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Grafana before 7.1.0-beta 1 allows XSS via a query alias for the ElasticSearch datasource.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://github.com/grafana/grafana/blob/master/CHANGELOG.md#710-beta-1-2020-07-01", refsource: "MISC", url: "https://github.com/grafana/grafana/blob/master/CHANGELOG.md#710-beta-1-2020-07-01", }, { name: "https://github.com/grafana/grafana/pull/25401", refsource: "MISC", url: "https://github.com/grafana/grafana/pull/25401", }, { name: "https://security.netapp.com/advisory/ntap-20201123-0002/", refsource: "CONFIRM", url: "https://security.netapp.com/advisory/ntap-20201123-0002/", }, ], }, }, "nvd.nist.gov": { configurations: { CVE_data_version: "4.0", nodes: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:a:grafana:grafana:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "7.0.5", vulnerable: true, }, ], operator: "OR", }, ], }, cve: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2020-24303", }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "en", value: "Grafana before 7.1.0-beta 1 allows XSS via a query alias for the ElasticSearch datasource.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "en", value: "CWE-79", }, ], }, ], }, references: { reference_data: [ { name: "https://github.com/grafana/grafana/blob/master/CHANGELOG.md#710-beta-1-2020-07-01", refsource: "MISC", tags: [ "Release Notes", "Third Party Advisory", ], url: "https://github.com/grafana/grafana/blob/master/CHANGELOG.md#710-beta-1-2020-07-01", }, { name: "https://github.com/grafana/grafana/pull/25401", refsource: "MISC", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/grafana/grafana/pull/25401", }, { name: "https://security.netapp.com/advisory/ntap-20201123-0002/", refsource: "CONFIRM", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20201123-0002/", }, ], }, }, impact: { baseMetricV2: { acInsufInfo: false, cvssV2: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:N/I:P/A:N", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, severity: "MEDIUM", userInteractionRequired: true, }, baseMetricV3: { cvssV3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 2.7, }, }, lastModifiedDate: "2022-06-03T18:56Z", publishedDate: "2020-10-28T14:15Z", }, }, }
rhsa-2021:1859
Vulnerability from csaf_redhat
Published
2021-05-18 14:45
Modified
2025-03-15 21:37
Summary
Red Hat Security Advisory: grafana security, bug fix, and enhancement update
Notes
Topic
An update for grafana is now available for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB.
The following packages have been upgraded to a later upstream version: grafana (7.3.6). (BZ#1850471)
Security Fix(es):
* crewjam/saml: authentication bypass in saml authentication (CVE-2020-27846)
* grafana: XSS via a query alias for the Elasticsearch and Testdata datasource (CVE-2020-24303)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.4 Release Notes linked from the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Moderate", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An update for grafana is now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB. \n\nThe following packages have been upgraded to a later upstream version: grafana (7.3.6). (BZ#1850471)\n\nSecurity Fix(es):\n\n* crewjam/saml: authentication bypass in saml authentication (CVE-2020-27846)\n\n* grafana: XSS via a query alias for the Elasticsearch and Testdata datasource (CVE-2020-24303)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 8.4 Release Notes linked from the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2021:1859", url: "https://access.redhat.com/errata/RHSA-2021:1859", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#moderate", url: "https://access.redhat.com/security/updates/classification/#moderate", }, { category: "external", summary: "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.4_release_notes/", url: "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.4_release_notes/", }, { category: "external", summary: "1843170", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1843170", }, { category: "external", summary: "1850471", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1850471", }, { category: "external", summary: "1892418", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1892418", }, { category: "external", summary: "1907670", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1907670", }, { category: "external", summary: "1916083", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1916083", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2021/rhsa-2021_1859.json", }, ], title: "Red Hat Security Advisory: grafana security, bug fix, and enhancement update", tracking: { current_release_date: "2025-03-15T21:37:36+00:00", generator: { date: "2025-03-15T21:37:36+00:00", engine: { name: "Red Hat SDEngine", version: "4.4.1", }, }, id: "RHSA-2021:1859", initial_release_date: "2021-05-18T14:45:11+00:00", revision_history: [ { date: "2021-05-18T14:45:11+00:00", number: "1", summary: "Initial version", }, { date: "2021-05-18T14:45:11+00:00", number: "2", summary: "Last updated version", }, { date: "2025-03-15T21:37:36+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Enterprise Linux AppStream (v. 8)", product: { name: "Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.4.0.GA", product_identification_helper: { cpe: "cpe:/a:redhat:enterprise_linux:8::appstream", }, }, }, ], category: "product_family", name: "Red Hat Enterprise Linux", }, { branches: [ { category: "product_version", name: "grafana-0:7.3.6-2.el8.src", product: { name: "grafana-0:7.3.6-2.el8.src", product_id: "grafana-0:7.3.6-2.el8.src", product_identification_helper: { purl: "pkg:rpm/redhat/grafana@7.3.6-2.el8?arch=src", }, }, }, ], category: "architecture", name: "src", }, { branches: [ { category: "product_version", name: "grafana-0:7.3.6-2.el8.aarch64", product: { name: "grafana-0:7.3.6-2.el8.aarch64", product_id: "grafana-0:7.3.6-2.el8.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/grafana@7.3.6-2.el8?arch=aarch64", }, }, }, { category: "product_version", name: "grafana-debuginfo-0:7.3.6-2.el8.aarch64", product: { name: "grafana-debuginfo-0:7.3.6-2.el8.aarch64", product_id: "grafana-debuginfo-0:7.3.6-2.el8.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/grafana-debuginfo@7.3.6-2.el8?arch=aarch64", }, }, }, ], category: "architecture", name: "aarch64", }, { branches: [ { category: "product_version", name: "grafana-0:7.3.6-2.el8.ppc64le", product: { name: "grafana-0:7.3.6-2.el8.ppc64le", product_id: "grafana-0:7.3.6-2.el8.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/grafana@7.3.6-2.el8?arch=ppc64le", }, }, }, { category: "product_version", name: "grafana-debuginfo-0:7.3.6-2.el8.ppc64le", product: { name: "grafana-debuginfo-0:7.3.6-2.el8.ppc64le", product_id: "grafana-debuginfo-0:7.3.6-2.el8.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/grafana-debuginfo@7.3.6-2.el8?arch=ppc64le", }, }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "grafana-0:7.3.6-2.el8.x86_64", product: { name: "grafana-0:7.3.6-2.el8.x86_64", product_id: "grafana-0:7.3.6-2.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/grafana@7.3.6-2.el8?arch=x86_64", }, }, }, { category: "product_version", name: "grafana-debuginfo-0:7.3.6-2.el8.x86_64", product: { name: "grafana-debuginfo-0:7.3.6-2.el8.x86_64", product_id: "grafana-debuginfo-0:7.3.6-2.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/grafana-debuginfo@7.3.6-2.el8?arch=x86_64", }, }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_version", name: "grafana-0:7.3.6-2.el8.s390x", product: { name: "grafana-0:7.3.6-2.el8.s390x", product_id: "grafana-0:7.3.6-2.el8.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/grafana@7.3.6-2.el8?arch=s390x", }, }, }, { category: "product_version", name: "grafana-debuginfo-0:7.3.6-2.el8.s390x", product: { name: "grafana-debuginfo-0:7.3.6-2.el8.s390x", product_id: "grafana-debuginfo-0:7.3.6-2.el8.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/grafana-debuginfo@7.3.6-2.el8?arch=s390x", }, }, }, ], category: "architecture", name: "s390x", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "grafana-0:7.3.6-2.el8.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.4.0.GA:grafana-0:7.3.6-2.el8.aarch64", }, product_reference: "grafana-0:7.3.6-2.el8.aarch64", relates_to_product_reference: "AppStream-8.4.0.GA", }, { category: "default_component_of", full_product_name: { name: "grafana-0:7.3.6-2.el8.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.4.0.GA:grafana-0:7.3.6-2.el8.ppc64le", }, product_reference: "grafana-0:7.3.6-2.el8.ppc64le", relates_to_product_reference: "AppStream-8.4.0.GA", }, { category: "default_component_of", full_product_name: { name: "grafana-0:7.3.6-2.el8.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.4.0.GA:grafana-0:7.3.6-2.el8.s390x", }, product_reference: "grafana-0:7.3.6-2.el8.s390x", relates_to_product_reference: "AppStream-8.4.0.GA", }, { category: "default_component_of", full_product_name: { name: "grafana-0:7.3.6-2.el8.src as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.4.0.GA:grafana-0:7.3.6-2.el8.src", }, product_reference: "grafana-0:7.3.6-2.el8.src", relates_to_product_reference: "AppStream-8.4.0.GA", }, { category: "default_component_of", full_product_name: { name: "grafana-0:7.3.6-2.el8.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.4.0.GA:grafana-0:7.3.6-2.el8.x86_64", }, product_reference: "grafana-0:7.3.6-2.el8.x86_64", relates_to_product_reference: "AppStream-8.4.0.GA", }, { category: "default_component_of", full_product_name: { name: "grafana-debuginfo-0:7.3.6-2.el8.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.4.0.GA:grafana-debuginfo-0:7.3.6-2.el8.aarch64", }, product_reference: "grafana-debuginfo-0:7.3.6-2.el8.aarch64", relates_to_product_reference: "AppStream-8.4.0.GA", }, { category: "default_component_of", full_product_name: { name: "grafana-debuginfo-0:7.3.6-2.el8.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.4.0.GA:grafana-debuginfo-0:7.3.6-2.el8.ppc64le", }, product_reference: "grafana-debuginfo-0:7.3.6-2.el8.ppc64le", relates_to_product_reference: "AppStream-8.4.0.GA", }, { category: "default_component_of", full_product_name: { name: "grafana-debuginfo-0:7.3.6-2.el8.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.4.0.GA:grafana-debuginfo-0:7.3.6-2.el8.s390x", }, product_reference: "grafana-debuginfo-0:7.3.6-2.el8.s390x", relates_to_product_reference: "AppStream-8.4.0.GA", }, { category: "default_component_of", full_product_name: { name: "grafana-debuginfo-0:7.3.6-2.el8.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.4.0.GA:grafana-debuginfo-0:7.3.6-2.el8.x86_64", }, product_reference: "grafana-debuginfo-0:7.3.6-2.el8.x86_64", relates_to_product_reference: "AppStream-8.4.0.GA", }, ], }, vulnerabilities: [ { cve: "CVE-2020-24303", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2020-10-28T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1892418", }, ], notes: [ { category: "description", text: "A flaw was found in grafana. A XSS via a query alias for the ElasticSearch datasource is allowed.", title: "Vulnerability description", }, { category: "summary", text: "grafana: XSS via a query alias for the Elasticsearch and Testdata datasource", title: "Vulnerability summary", }, { category: "other", text: "A vulnerable version of Grafana is shipped in OpenShift 3.11 - 4.5 and OpenShift ServiceMesh, however Prometheus is used as a data source and modification to Elasticsearch or Testdata requires full control of the grafana component. Access is restricted to authenticated users only by OpenShift OAuth. As OpenShift and OpenShift ServiceMesh still packages the vulnerable code, the components are affected but with impact Low. OpenShift 4.6 uses version 7.2.0 of Grafana in openshift4/ose-grafana-container and is not affected.\n\nRed Hat Ceph Storage 3 and 4 ship a vulnerable version of grafana, however, Prometheus is used as the data source., and thus the impact is rated as low. \n\nRed Hat Gluster Storage 3 ships vulnerable version of grafana, however Graphite is the only supported data source and hence this issue has been rated as having a security impact of Low.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-8.4.0.GA:grafana-0:7.3.6-2.el8.aarch64", "AppStream-8.4.0.GA:grafana-0:7.3.6-2.el8.ppc64le", "AppStream-8.4.0.GA:grafana-0:7.3.6-2.el8.s390x", "AppStream-8.4.0.GA:grafana-0:7.3.6-2.el8.src", "AppStream-8.4.0.GA:grafana-0:7.3.6-2.el8.x86_64", "AppStream-8.4.0.GA:grafana-debuginfo-0:7.3.6-2.el8.aarch64", "AppStream-8.4.0.GA:grafana-debuginfo-0:7.3.6-2.el8.ppc64le", "AppStream-8.4.0.GA:grafana-debuginfo-0:7.3.6-2.el8.s390x", "AppStream-8.4.0.GA:grafana-debuginfo-0:7.3.6-2.el8.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-24303", }, { category: "external", summary: "RHBZ#1892418", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1892418", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-24303", url: "https://www.cve.org/CVERecord?id=CVE-2020-24303", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-24303", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-24303", }, { category: "external", summary: "https://github.com/grafana/grafana/pull/25401", url: "https://github.com/grafana/grafana/pull/25401", }, ], release_date: "2020-06-08T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-05-18T14:45:11+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-8.4.0.GA:grafana-0:7.3.6-2.el8.aarch64", "AppStream-8.4.0.GA:grafana-0:7.3.6-2.el8.ppc64le", "AppStream-8.4.0.GA:grafana-0:7.3.6-2.el8.s390x", "AppStream-8.4.0.GA:grafana-0:7.3.6-2.el8.src", "AppStream-8.4.0.GA:grafana-0:7.3.6-2.el8.x86_64", "AppStream-8.4.0.GA:grafana-debuginfo-0:7.3.6-2.el8.aarch64", "AppStream-8.4.0.GA:grafana-debuginfo-0:7.3.6-2.el8.ppc64le", "AppStream-8.4.0.GA:grafana-debuginfo-0:7.3.6-2.el8.s390x", "AppStream-8.4.0.GA:grafana-debuginfo-0:7.3.6-2.el8.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:1859", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, products: [ "AppStream-8.4.0.GA:grafana-0:7.3.6-2.el8.aarch64", "AppStream-8.4.0.GA:grafana-0:7.3.6-2.el8.ppc64le", "AppStream-8.4.0.GA:grafana-0:7.3.6-2.el8.s390x", "AppStream-8.4.0.GA:grafana-0:7.3.6-2.el8.src", "AppStream-8.4.0.GA:grafana-0:7.3.6-2.el8.x86_64", "AppStream-8.4.0.GA:grafana-debuginfo-0:7.3.6-2.el8.aarch64", "AppStream-8.4.0.GA:grafana-debuginfo-0:7.3.6-2.el8.ppc64le", "AppStream-8.4.0.GA:grafana-debuginfo-0:7.3.6-2.el8.s390x", "AppStream-8.4.0.GA:grafana-debuginfo-0:7.3.6-2.el8.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "grafana: XSS via a query alias for the Elasticsearch and Testdata datasource", }, { cve: "CVE-2020-27846", cwe: { id: "CWE-115", name: "Misinterpretation of Input", }, discovery_date: "2020-12-15T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1907670", }, ], notes: [ { category: "description", text: "A signature verification vulnerability exists in crewjam/saml. This flaw allows an attacker to bypass SAML Authentication. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.", title: "Vulnerability description", }, { category: "summary", text: "crewjam/saml: authentication bypass in saml authentication", title: "Vulnerability summary", }, { category: "other", text: "Grafana in the OpenShift Container Platform (OCP) and OpenShift ServiceMesh) uses oauth-proxy as an Auth Proxy, and therefore does not make use of the vulnerable SAML Authentication in the github.com/crewjam/saml module used by Grafana. Additionally, SAML is only available in the enterprise version of grafana, but as the code is still packaged, it has been marked Low impact.\n\nRed Hat Gluster Storage 3, Red Hat Ceph Storage 2, 3 and 4 ships old versions of grafana where ‘crewjam/saml’ module is not included. Therefore these products are not affected by this vulnerability.\n\ngrafana as shipped with Red Hat Enterprise Linux 8 packages a vulnerable version of crewjam/saml but does not use it, as SAML is only available for the Enterprise version of grafana. For this reason, this flaw has been marked Low impact.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-8.4.0.GA:grafana-0:7.3.6-2.el8.aarch64", "AppStream-8.4.0.GA:grafana-0:7.3.6-2.el8.ppc64le", "AppStream-8.4.0.GA:grafana-0:7.3.6-2.el8.s390x", "AppStream-8.4.0.GA:grafana-0:7.3.6-2.el8.src", "AppStream-8.4.0.GA:grafana-0:7.3.6-2.el8.x86_64", "AppStream-8.4.0.GA:grafana-debuginfo-0:7.3.6-2.el8.aarch64", "AppStream-8.4.0.GA:grafana-debuginfo-0:7.3.6-2.el8.ppc64le", "AppStream-8.4.0.GA:grafana-debuginfo-0:7.3.6-2.el8.s390x", "AppStream-8.4.0.GA:grafana-debuginfo-0:7.3.6-2.el8.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-27846", }, { category: "external", summary: "RHBZ#1907670", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1907670", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-27846", url: "https://www.cve.org/CVERecord?id=CVE-2020-27846", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-27846", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-27846", }, { category: "external", summary: "https://github.com/crewjam/saml/security/advisories/GHSA-4hq8-gmxx-h6w9", url: "https://github.com/crewjam/saml/security/advisories/GHSA-4hq8-gmxx-h6w9", }, { category: "external", summary: "https://grafana.com/blog/2020/12/17/grafana-6.7.5-7.2.3-and-7.3.6-released-with-important-security-fix-for-grafana-enterprise/", url: "https://grafana.com/blog/2020/12/17/grafana-6.7.5-7.2.3-and-7.3.6-released-with-important-security-fix-for-grafana-enterprise/", }, { category: "external", summary: "https://mattermost.com/blog/coordinated-disclosure-go-xml-vulnerabilities/", url: "https://mattermost.com/blog/coordinated-disclosure-go-xml-vulnerabilities/", }, ], release_date: "2020-12-17T13:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-05-18T14:45:11+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-8.4.0.GA:grafana-0:7.3.6-2.el8.aarch64", "AppStream-8.4.0.GA:grafana-0:7.3.6-2.el8.ppc64le", "AppStream-8.4.0.GA:grafana-0:7.3.6-2.el8.s390x", "AppStream-8.4.0.GA:grafana-0:7.3.6-2.el8.src", "AppStream-8.4.0.GA:grafana-0:7.3.6-2.el8.x86_64", "AppStream-8.4.0.GA:grafana-debuginfo-0:7.3.6-2.el8.aarch64", "AppStream-8.4.0.GA:grafana-debuginfo-0:7.3.6-2.el8.ppc64le", "AppStream-8.4.0.GA:grafana-debuginfo-0:7.3.6-2.el8.s390x", "AppStream-8.4.0.GA:grafana-debuginfo-0:7.3.6-2.el8.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:1859", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "AppStream-8.4.0.GA:grafana-0:7.3.6-2.el8.aarch64", "AppStream-8.4.0.GA:grafana-0:7.3.6-2.el8.ppc64le", "AppStream-8.4.0.GA:grafana-0:7.3.6-2.el8.s390x", "AppStream-8.4.0.GA:grafana-0:7.3.6-2.el8.src", "AppStream-8.4.0.GA:grafana-0:7.3.6-2.el8.x86_64", "AppStream-8.4.0.GA:grafana-debuginfo-0:7.3.6-2.el8.aarch64", "AppStream-8.4.0.GA:grafana-debuginfo-0:7.3.6-2.el8.ppc64le", "AppStream-8.4.0.GA:grafana-debuginfo-0:7.3.6-2.el8.s390x", "AppStream-8.4.0.GA:grafana-debuginfo-0:7.3.6-2.el8.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "crewjam/saml: authentication bypass in saml authentication", }, ], }
rhsa-2021_1859
Vulnerability from csaf_redhat
Published
2021-05-18 14:45
Modified
2024-11-22 16:09
Summary
Red Hat Security Advisory: grafana security, bug fix, and enhancement update
Notes
Topic
An update for grafana is now available for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB.
The following packages have been upgraded to a later upstream version: grafana (7.3.6). (BZ#1850471)
Security Fix(es):
* crewjam/saml: authentication bypass in saml authentication (CVE-2020-27846)
* grafana: XSS via a query alias for the Elasticsearch and Testdata datasource (CVE-2020-24303)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.4 Release Notes linked from the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Moderate", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An update for grafana is now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB. \n\nThe following packages have been upgraded to a later upstream version: grafana (7.3.6). (BZ#1850471)\n\nSecurity Fix(es):\n\n* crewjam/saml: authentication bypass in saml authentication (CVE-2020-27846)\n\n* grafana: XSS via a query alias for the Elasticsearch and Testdata datasource (CVE-2020-24303)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 8.4 Release Notes linked from the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2021:1859", url: "https://access.redhat.com/errata/RHSA-2021:1859", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#moderate", url: "https://access.redhat.com/security/updates/classification/#moderate", }, { category: "external", summary: "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.4_release_notes/", url: "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.4_release_notes/", }, { category: "external", summary: "1843170", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1843170", }, { category: "external", summary: "1850471", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1850471", }, { category: "external", summary: "1892418", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1892418", }, { category: "external", summary: "1907670", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1907670", }, { category: "external", summary: "1916083", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1916083", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2021/rhsa-2021_1859.json", }, ], title: "Red Hat Security Advisory: grafana security, bug fix, and enhancement update", tracking: { current_release_date: "2024-11-22T16:09:00+00:00", generator: { date: "2024-11-22T16:09:00+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.1", }, }, id: "RHSA-2021:1859", initial_release_date: "2021-05-18T14:45:11+00:00", revision_history: [ { date: "2021-05-18T14:45:11+00:00", number: "1", summary: "Initial version", }, { date: "2021-05-18T14:45:11+00:00", number: "2", summary: "Last updated version", }, { date: "2024-11-22T16:09:00+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Enterprise Linux AppStream (v. 8)", product: { name: "Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.4.0.GA", product_identification_helper: { cpe: "cpe:/a:redhat:enterprise_linux:8::appstream", }, }, }, ], category: "product_family", name: "Red Hat Enterprise Linux", }, { branches: [ { category: "product_version", name: "grafana-0:7.3.6-2.el8.src", product: { name: "grafana-0:7.3.6-2.el8.src", product_id: "grafana-0:7.3.6-2.el8.src", product_identification_helper: { purl: "pkg:rpm/redhat/grafana@7.3.6-2.el8?arch=src", }, }, }, ], category: "architecture", name: "src", }, { branches: [ { category: "product_version", name: "grafana-0:7.3.6-2.el8.aarch64", product: { name: "grafana-0:7.3.6-2.el8.aarch64", product_id: "grafana-0:7.3.6-2.el8.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/grafana@7.3.6-2.el8?arch=aarch64", }, }, }, { category: "product_version", name: "grafana-debuginfo-0:7.3.6-2.el8.aarch64", product: { name: "grafana-debuginfo-0:7.3.6-2.el8.aarch64", product_id: "grafana-debuginfo-0:7.3.6-2.el8.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/grafana-debuginfo@7.3.6-2.el8?arch=aarch64", }, }, }, ], category: "architecture", name: "aarch64", }, { branches: [ { category: "product_version", name: "grafana-0:7.3.6-2.el8.ppc64le", product: { name: "grafana-0:7.3.6-2.el8.ppc64le", product_id: "grafana-0:7.3.6-2.el8.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/grafana@7.3.6-2.el8?arch=ppc64le", }, }, }, { category: "product_version", name: "grafana-debuginfo-0:7.3.6-2.el8.ppc64le", product: { name: "grafana-debuginfo-0:7.3.6-2.el8.ppc64le", product_id: "grafana-debuginfo-0:7.3.6-2.el8.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/grafana-debuginfo@7.3.6-2.el8?arch=ppc64le", }, }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "grafana-0:7.3.6-2.el8.x86_64", product: { name: "grafana-0:7.3.6-2.el8.x86_64", product_id: "grafana-0:7.3.6-2.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/grafana@7.3.6-2.el8?arch=x86_64", }, }, }, { category: "product_version", name: "grafana-debuginfo-0:7.3.6-2.el8.x86_64", product: { name: "grafana-debuginfo-0:7.3.6-2.el8.x86_64", product_id: "grafana-debuginfo-0:7.3.6-2.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/grafana-debuginfo@7.3.6-2.el8?arch=x86_64", }, }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_version", name: "grafana-0:7.3.6-2.el8.s390x", product: { name: "grafana-0:7.3.6-2.el8.s390x", product_id: "grafana-0:7.3.6-2.el8.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/grafana@7.3.6-2.el8?arch=s390x", }, }, }, { category: "product_version", name: "grafana-debuginfo-0:7.3.6-2.el8.s390x", product: { name: "grafana-debuginfo-0:7.3.6-2.el8.s390x", product_id: "grafana-debuginfo-0:7.3.6-2.el8.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/grafana-debuginfo@7.3.6-2.el8?arch=s390x", }, }, }, ], category: "architecture", name: "s390x", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "grafana-0:7.3.6-2.el8.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.4.0.GA:grafana-0:7.3.6-2.el8.aarch64", }, product_reference: "grafana-0:7.3.6-2.el8.aarch64", relates_to_product_reference: "AppStream-8.4.0.GA", }, { category: "default_component_of", full_product_name: { name: "grafana-0:7.3.6-2.el8.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.4.0.GA:grafana-0:7.3.6-2.el8.ppc64le", }, product_reference: "grafana-0:7.3.6-2.el8.ppc64le", relates_to_product_reference: "AppStream-8.4.0.GA", }, { category: "default_component_of", full_product_name: { name: "grafana-0:7.3.6-2.el8.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.4.0.GA:grafana-0:7.3.6-2.el8.s390x", }, product_reference: "grafana-0:7.3.6-2.el8.s390x", relates_to_product_reference: "AppStream-8.4.0.GA", }, { category: "default_component_of", full_product_name: { name: "grafana-0:7.3.6-2.el8.src as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.4.0.GA:grafana-0:7.3.6-2.el8.src", }, product_reference: "grafana-0:7.3.6-2.el8.src", relates_to_product_reference: "AppStream-8.4.0.GA", }, { category: "default_component_of", full_product_name: { name: "grafana-0:7.3.6-2.el8.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.4.0.GA:grafana-0:7.3.6-2.el8.x86_64", }, product_reference: "grafana-0:7.3.6-2.el8.x86_64", relates_to_product_reference: "AppStream-8.4.0.GA", }, { category: "default_component_of", full_product_name: { name: "grafana-debuginfo-0:7.3.6-2.el8.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.4.0.GA:grafana-debuginfo-0:7.3.6-2.el8.aarch64", }, product_reference: "grafana-debuginfo-0:7.3.6-2.el8.aarch64", relates_to_product_reference: "AppStream-8.4.0.GA", }, { category: "default_component_of", full_product_name: { name: "grafana-debuginfo-0:7.3.6-2.el8.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.4.0.GA:grafana-debuginfo-0:7.3.6-2.el8.ppc64le", }, product_reference: "grafana-debuginfo-0:7.3.6-2.el8.ppc64le", relates_to_product_reference: "AppStream-8.4.0.GA", }, { category: "default_component_of", full_product_name: { name: "grafana-debuginfo-0:7.3.6-2.el8.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.4.0.GA:grafana-debuginfo-0:7.3.6-2.el8.s390x", }, product_reference: "grafana-debuginfo-0:7.3.6-2.el8.s390x", relates_to_product_reference: "AppStream-8.4.0.GA", }, { category: "default_component_of", full_product_name: { name: "grafana-debuginfo-0:7.3.6-2.el8.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.4.0.GA:grafana-debuginfo-0:7.3.6-2.el8.x86_64", }, product_reference: "grafana-debuginfo-0:7.3.6-2.el8.x86_64", relates_to_product_reference: "AppStream-8.4.0.GA", }, ], }, vulnerabilities: [ { cve: "CVE-2020-24303", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2020-10-28T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1892418", }, ], notes: [ { category: "description", text: "A flaw was found in grafana. A XSS via a query alias for the ElasticSearch datasource is allowed.", title: "Vulnerability description", }, { category: "summary", text: "grafana: XSS via a query alias for the Elasticsearch and Testdata datasource", title: "Vulnerability summary", }, { category: "other", text: "A vulnerable version of Grafana is shipped in OpenShift 3.11 - 4.5 and OpenShift ServiceMesh, however Prometheus is used as a data source and modification to Elasticsearch or Testdata requires full control of the grafana component. Access is restricted to authenticated users only by OpenShift OAuth. As OpenShift and OpenShift ServiceMesh still packages the vulnerable code, the components are affected but with impact Low. OpenShift 4.6 uses version 7.2.0 of Grafana in openshift4/ose-grafana-container and is not affected.\n\nRed Hat Ceph Storage 3 and 4 ship a vulnerable version of grafana, however, Prometheus is used as the data source., and thus the impact is rated as low. \n\nRed Hat Gluster Storage 3 ships vulnerable version of grafana, however Graphite is the only supported data source and hence this issue has been rated as having a security impact of Low.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-8.4.0.GA:grafana-0:7.3.6-2.el8.aarch64", "AppStream-8.4.0.GA:grafana-0:7.3.6-2.el8.ppc64le", "AppStream-8.4.0.GA:grafana-0:7.3.6-2.el8.s390x", "AppStream-8.4.0.GA:grafana-0:7.3.6-2.el8.src", "AppStream-8.4.0.GA:grafana-0:7.3.6-2.el8.x86_64", "AppStream-8.4.0.GA:grafana-debuginfo-0:7.3.6-2.el8.aarch64", "AppStream-8.4.0.GA:grafana-debuginfo-0:7.3.6-2.el8.ppc64le", "AppStream-8.4.0.GA:grafana-debuginfo-0:7.3.6-2.el8.s390x", "AppStream-8.4.0.GA:grafana-debuginfo-0:7.3.6-2.el8.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-24303", }, { category: "external", summary: "RHBZ#1892418", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1892418", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-24303", url: "https://www.cve.org/CVERecord?id=CVE-2020-24303", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-24303", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-24303", }, { category: "external", summary: "https://github.com/grafana/grafana/pull/25401", url: "https://github.com/grafana/grafana/pull/25401", }, ], release_date: "2020-06-08T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-05-18T14:45:11+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-8.4.0.GA:grafana-0:7.3.6-2.el8.aarch64", "AppStream-8.4.0.GA:grafana-0:7.3.6-2.el8.ppc64le", "AppStream-8.4.0.GA:grafana-0:7.3.6-2.el8.s390x", "AppStream-8.4.0.GA:grafana-0:7.3.6-2.el8.src", "AppStream-8.4.0.GA:grafana-0:7.3.6-2.el8.x86_64", "AppStream-8.4.0.GA:grafana-debuginfo-0:7.3.6-2.el8.aarch64", "AppStream-8.4.0.GA:grafana-debuginfo-0:7.3.6-2.el8.ppc64le", "AppStream-8.4.0.GA:grafana-debuginfo-0:7.3.6-2.el8.s390x", "AppStream-8.4.0.GA:grafana-debuginfo-0:7.3.6-2.el8.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:1859", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, products: [ "AppStream-8.4.0.GA:grafana-0:7.3.6-2.el8.aarch64", "AppStream-8.4.0.GA:grafana-0:7.3.6-2.el8.ppc64le", "AppStream-8.4.0.GA:grafana-0:7.3.6-2.el8.s390x", "AppStream-8.4.0.GA:grafana-0:7.3.6-2.el8.src", "AppStream-8.4.0.GA:grafana-0:7.3.6-2.el8.x86_64", "AppStream-8.4.0.GA:grafana-debuginfo-0:7.3.6-2.el8.aarch64", "AppStream-8.4.0.GA:grafana-debuginfo-0:7.3.6-2.el8.ppc64le", "AppStream-8.4.0.GA:grafana-debuginfo-0:7.3.6-2.el8.s390x", "AppStream-8.4.0.GA:grafana-debuginfo-0:7.3.6-2.el8.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "grafana: XSS via a query alias for the Elasticsearch and Testdata datasource", }, { cve: "CVE-2020-27846", cwe: { id: "CWE-115", name: "Misinterpretation of Input", }, discovery_date: "2020-12-15T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1907670", }, ], notes: [ { category: "description", text: "A signature verification vulnerability exists in crewjam/saml. This flaw allows an attacker to bypass SAML Authentication. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.", title: "Vulnerability description", }, { category: "summary", text: "crewjam/saml: authentication bypass in saml authentication", title: "Vulnerability summary", }, { category: "other", text: "Grafana in the OpenShift Container Platform (OCP) and OpenShift ServiceMesh) uses oauth-proxy as an Auth Proxy, and therefore does not make use of the vulnerable SAML Authentication in the github.com/crewjam/saml module used by Grafana. Additionally, SAML is only available in the enterprise version of grafana, but as the code is still packaged, it has been marked Low impact.\n\nRed Hat Gluster Storage 3, Red Hat Ceph Storage 2, 3 and 4 ships old versions of grafana where ‘crewjam/saml’ module is not included. Therefore these products are not affected by this vulnerability.\n\ngrafana as shipped with Red Hat Enterprise Linux 8 packages a vulnerable version of crewjam/saml but does not use it, as SAML is only available for the Enterprise version of grafana. For this reason, this flaw has been marked Low impact.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-8.4.0.GA:grafana-0:7.3.6-2.el8.aarch64", "AppStream-8.4.0.GA:grafana-0:7.3.6-2.el8.ppc64le", "AppStream-8.4.0.GA:grafana-0:7.3.6-2.el8.s390x", "AppStream-8.4.0.GA:grafana-0:7.3.6-2.el8.src", "AppStream-8.4.0.GA:grafana-0:7.3.6-2.el8.x86_64", "AppStream-8.4.0.GA:grafana-debuginfo-0:7.3.6-2.el8.aarch64", "AppStream-8.4.0.GA:grafana-debuginfo-0:7.3.6-2.el8.ppc64le", "AppStream-8.4.0.GA:grafana-debuginfo-0:7.3.6-2.el8.s390x", "AppStream-8.4.0.GA:grafana-debuginfo-0:7.3.6-2.el8.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-27846", }, { category: "external", summary: "RHBZ#1907670", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1907670", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-27846", url: "https://www.cve.org/CVERecord?id=CVE-2020-27846", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-27846", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-27846", }, { category: "external", summary: "https://github.com/crewjam/saml/security/advisories/GHSA-4hq8-gmxx-h6w9", url: "https://github.com/crewjam/saml/security/advisories/GHSA-4hq8-gmxx-h6w9", }, { category: "external", summary: "https://grafana.com/blog/2020/12/17/grafana-6.7.5-7.2.3-and-7.3.6-released-with-important-security-fix-for-grafana-enterprise/", url: "https://grafana.com/blog/2020/12/17/grafana-6.7.5-7.2.3-and-7.3.6-released-with-important-security-fix-for-grafana-enterprise/", }, { category: "external", summary: "https://mattermost.com/blog/coordinated-disclosure-go-xml-vulnerabilities/", url: "https://mattermost.com/blog/coordinated-disclosure-go-xml-vulnerabilities/", }, ], release_date: "2020-12-17T13:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-05-18T14:45:11+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-8.4.0.GA:grafana-0:7.3.6-2.el8.aarch64", "AppStream-8.4.0.GA:grafana-0:7.3.6-2.el8.ppc64le", "AppStream-8.4.0.GA:grafana-0:7.3.6-2.el8.s390x", "AppStream-8.4.0.GA:grafana-0:7.3.6-2.el8.src", "AppStream-8.4.0.GA:grafana-0:7.3.6-2.el8.x86_64", "AppStream-8.4.0.GA:grafana-debuginfo-0:7.3.6-2.el8.aarch64", "AppStream-8.4.0.GA:grafana-debuginfo-0:7.3.6-2.el8.ppc64le", "AppStream-8.4.0.GA:grafana-debuginfo-0:7.3.6-2.el8.s390x", "AppStream-8.4.0.GA:grafana-debuginfo-0:7.3.6-2.el8.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:1859", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "AppStream-8.4.0.GA:grafana-0:7.3.6-2.el8.aarch64", "AppStream-8.4.0.GA:grafana-0:7.3.6-2.el8.ppc64le", "AppStream-8.4.0.GA:grafana-0:7.3.6-2.el8.s390x", "AppStream-8.4.0.GA:grafana-0:7.3.6-2.el8.src", "AppStream-8.4.0.GA:grafana-0:7.3.6-2.el8.x86_64", "AppStream-8.4.0.GA:grafana-debuginfo-0:7.3.6-2.el8.aarch64", "AppStream-8.4.0.GA:grafana-debuginfo-0:7.3.6-2.el8.ppc64le", "AppStream-8.4.0.GA:grafana-debuginfo-0:7.3.6-2.el8.s390x", "AppStream-8.4.0.GA:grafana-debuginfo-0:7.3.6-2.el8.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "crewjam/saml: authentication bypass in saml authentication", }, ], }
RHSA-2021:1859
Vulnerability from csaf_redhat
Published
2021-05-18 14:45
Modified
2025-03-15 21:37
Summary
Red Hat Security Advisory: grafana security, bug fix, and enhancement update
Notes
Topic
An update for grafana is now available for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB.
The following packages have been upgraded to a later upstream version: grafana (7.3.6). (BZ#1850471)
Security Fix(es):
* crewjam/saml: authentication bypass in saml authentication (CVE-2020-27846)
* grafana: XSS via a query alias for the Elasticsearch and Testdata datasource (CVE-2020-24303)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.4 Release Notes linked from the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Moderate", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An update for grafana is now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB. \n\nThe following packages have been upgraded to a later upstream version: grafana (7.3.6). (BZ#1850471)\n\nSecurity Fix(es):\n\n* crewjam/saml: authentication bypass in saml authentication (CVE-2020-27846)\n\n* grafana: XSS via a query alias for the Elasticsearch and Testdata datasource (CVE-2020-24303)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 8.4 Release Notes linked from the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2021:1859", url: "https://access.redhat.com/errata/RHSA-2021:1859", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#moderate", url: "https://access.redhat.com/security/updates/classification/#moderate", }, { category: "external", summary: "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.4_release_notes/", url: "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.4_release_notes/", }, { category: "external", summary: "1843170", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1843170", }, { category: "external", summary: "1850471", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1850471", }, { category: "external", summary: "1892418", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1892418", }, { category: "external", summary: "1907670", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1907670", }, { category: "external", summary: "1916083", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1916083", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2021/rhsa-2021_1859.json", }, ], title: "Red Hat Security Advisory: grafana security, bug fix, and enhancement update", tracking: { current_release_date: "2025-03-15T21:37:36+00:00", generator: { date: "2025-03-15T21:37:36+00:00", engine: { name: "Red Hat SDEngine", version: "4.4.1", }, }, id: "RHSA-2021:1859", initial_release_date: "2021-05-18T14:45:11+00:00", revision_history: [ { date: "2021-05-18T14:45:11+00:00", number: "1", summary: "Initial version", }, { date: "2021-05-18T14:45:11+00:00", number: "2", summary: "Last updated version", }, { date: "2025-03-15T21:37:36+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Enterprise Linux AppStream (v. 8)", product: { name: "Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.4.0.GA", product_identification_helper: { cpe: "cpe:/a:redhat:enterprise_linux:8::appstream", }, }, }, ], category: "product_family", name: "Red Hat Enterprise Linux", }, { branches: [ { category: "product_version", name: "grafana-0:7.3.6-2.el8.src", product: { name: "grafana-0:7.3.6-2.el8.src", product_id: "grafana-0:7.3.6-2.el8.src", product_identification_helper: { purl: "pkg:rpm/redhat/grafana@7.3.6-2.el8?arch=src", }, }, }, ], category: "architecture", name: "src", }, { branches: [ { category: "product_version", name: "grafana-0:7.3.6-2.el8.aarch64", product: { name: "grafana-0:7.3.6-2.el8.aarch64", product_id: "grafana-0:7.3.6-2.el8.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/grafana@7.3.6-2.el8?arch=aarch64", }, }, }, { category: "product_version", name: "grafana-debuginfo-0:7.3.6-2.el8.aarch64", product: { name: "grafana-debuginfo-0:7.3.6-2.el8.aarch64", product_id: "grafana-debuginfo-0:7.3.6-2.el8.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/grafana-debuginfo@7.3.6-2.el8?arch=aarch64", }, }, }, ], category: "architecture", name: "aarch64", }, { branches: [ { category: "product_version", name: "grafana-0:7.3.6-2.el8.ppc64le", product: { name: "grafana-0:7.3.6-2.el8.ppc64le", product_id: "grafana-0:7.3.6-2.el8.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/grafana@7.3.6-2.el8?arch=ppc64le", }, }, }, { category: "product_version", name: "grafana-debuginfo-0:7.3.6-2.el8.ppc64le", product: { name: "grafana-debuginfo-0:7.3.6-2.el8.ppc64le", product_id: "grafana-debuginfo-0:7.3.6-2.el8.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/grafana-debuginfo@7.3.6-2.el8?arch=ppc64le", }, }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "grafana-0:7.3.6-2.el8.x86_64", product: { name: "grafana-0:7.3.6-2.el8.x86_64", product_id: "grafana-0:7.3.6-2.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/grafana@7.3.6-2.el8?arch=x86_64", }, }, }, { category: "product_version", name: "grafana-debuginfo-0:7.3.6-2.el8.x86_64", product: { name: "grafana-debuginfo-0:7.3.6-2.el8.x86_64", product_id: "grafana-debuginfo-0:7.3.6-2.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/grafana-debuginfo@7.3.6-2.el8?arch=x86_64", }, }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_version", name: "grafana-0:7.3.6-2.el8.s390x", product: { name: "grafana-0:7.3.6-2.el8.s390x", product_id: "grafana-0:7.3.6-2.el8.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/grafana@7.3.6-2.el8?arch=s390x", }, }, }, { category: "product_version", name: "grafana-debuginfo-0:7.3.6-2.el8.s390x", product: { name: "grafana-debuginfo-0:7.3.6-2.el8.s390x", product_id: "grafana-debuginfo-0:7.3.6-2.el8.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/grafana-debuginfo@7.3.6-2.el8?arch=s390x", }, }, }, ], category: "architecture", name: "s390x", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "grafana-0:7.3.6-2.el8.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.4.0.GA:grafana-0:7.3.6-2.el8.aarch64", }, product_reference: "grafana-0:7.3.6-2.el8.aarch64", relates_to_product_reference: "AppStream-8.4.0.GA", }, { category: "default_component_of", full_product_name: { name: "grafana-0:7.3.6-2.el8.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.4.0.GA:grafana-0:7.3.6-2.el8.ppc64le", }, product_reference: "grafana-0:7.3.6-2.el8.ppc64le", relates_to_product_reference: "AppStream-8.4.0.GA", }, { category: "default_component_of", full_product_name: { name: "grafana-0:7.3.6-2.el8.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.4.0.GA:grafana-0:7.3.6-2.el8.s390x", }, product_reference: "grafana-0:7.3.6-2.el8.s390x", relates_to_product_reference: "AppStream-8.4.0.GA", }, { category: "default_component_of", full_product_name: { name: "grafana-0:7.3.6-2.el8.src as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.4.0.GA:grafana-0:7.3.6-2.el8.src", }, product_reference: "grafana-0:7.3.6-2.el8.src", relates_to_product_reference: "AppStream-8.4.0.GA", }, { category: "default_component_of", full_product_name: { name: "grafana-0:7.3.6-2.el8.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.4.0.GA:grafana-0:7.3.6-2.el8.x86_64", }, product_reference: "grafana-0:7.3.6-2.el8.x86_64", relates_to_product_reference: "AppStream-8.4.0.GA", }, { category: "default_component_of", full_product_name: { name: "grafana-debuginfo-0:7.3.6-2.el8.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.4.0.GA:grafana-debuginfo-0:7.3.6-2.el8.aarch64", }, product_reference: "grafana-debuginfo-0:7.3.6-2.el8.aarch64", relates_to_product_reference: "AppStream-8.4.0.GA", }, { category: "default_component_of", full_product_name: { name: "grafana-debuginfo-0:7.3.6-2.el8.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.4.0.GA:grafana-debuginfo-0:7.3.6-2.el8.ppc64le", }, product_reference: "grafana-debuginfo-0:7.3.6-2.el8.ppc64le", relates_to_product_reference: "AppStream-8.4.0.GA", }, { category: "default_component_of", full_product_name: { name: "grafana-debuginfo-0:7.3.6-2.el8.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.4.0.GA:grafana-debuginfo-0:7.3.6-2.el8.s390x", }, product_reference: "grafana-debuginfo-0:7.3.6-2.el8.s390x", relates_to_product_reference: "AppStream-8.4.0.GA", }, { category: "default_component_of", full_product_name: { name: "grafana-debuginfo-0:7.3.6-2.el8.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.4.0.GA:grafana-debuginfo-0:7.3.6-2.el8.x86_64", }, product_reference: "grafana-debuginfo-0:7.3.6-2.el8.x86_64", relates_to_product_reference: "AppStream-8.4.0.GA", }, ], }, vulnerabilities: [ { cve: "CVE-2020-24303", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2020-10-28T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1892418", }, ], notes: [ { category: "description", text: "A flaw was found in grafana. A XSS via a query alias for the ElasticSearch datasource is allowed.", title: "Vulnerability description", }, { category: "summary", text: "grafana: XSS via a query alias for the Elasticsearch and Testdata datasource", title: "Vulnerability summary", }, { category: "other", text: "A vulnerable version of Grafana is shipped in OpenShift 3.11 - 4.5 and OpenShift ServiceMesh, however Prometheus is used as a data source and modification to Elasticsearch or Testdata requires full control of the grafana component. Access is restricted to authenticated users only by OpenShift OAuth. As OpenShift and OpenShift ServiceMesh still packages the vulnerable code, the components are affected but with impact Low. OpenShift 4.6 uses version 7.2.0 of Grafana in openshift4/ose-grafana-container and is not affected.\n\nRed Hat Ceph Storage 3 and 4 ship a vulnerable version of grafana, however, Prometheus is used as the data source., and thus the impact is rated as low. \n\nRed Hat Gluster Storage 3 ships vulnerable version of grafana, however Graphite is the only supported data source and hence this issue has been rated as having a security impact of Low.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-8.4.0.GA:grafana-0:7.3.6-2.el8.aarch64", "AppStream-8.4.0.GA:grafana-0:7.3.6-2.el8.ppc64le", "AppStream-8.4.0.GA:grafana-0:7.3.6-2.el8.s390x", "AppStream-8.4.0.GA:grafana-0:7.3.6-2.el8.src", "AppStream-8.4.0.GA:grafana-0:7.3.6-2.el8.x86_64", "AppStream-8.4.0.GA:grafana-debuginfo-0:7.3.6-2.el8.aarch64", "AppStream-8.4.0.GA:grafana-debuginfo-0:7.3.6-2.el8.ppc64le", "AppStream-8.4.0.GA:grafana-debuginfo-0:7.3.6-2.el8.s390x", "AppStream-8.4.0.GA:grafana-debuginfo-0:7.3.6-2.el8.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-24303", }, { category: "external", summary: "RHBZ#1892418", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1892418", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-24303", url: "https://www.cve.org/CVERecord?id=CVE-2020-24303", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-24303", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-24303", }, { category: "external", summary: "https://github.com/grafana/grafana/pull/25401", url: "https://github.com/grafana/grafana/pull/25401", }, ], release_date: "2020-06-08T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-05-18T14:45:11+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-8.4.0.GA:grafana-0:7.3.6-2.el8.aarch64", "AppStream-8.4.0.GA:grafana-0:7.3.6-2.el8.ppc64le", "AppStream-8.4.0.GA:grafana-0:7.3.6-2.el8.s390x", "AppStream-8.4.0.GA:grafana-0:7.3.6-2.el8.src", "AppStream-8.4.0.GA:grafana-0:7.3.6-2.el8.x86_64", "AppStream-8.4.0.GA:grafana-debuginfo-0:7.3.6-2.el8.aarch64", "AppStream-8.4.0.GA:grafana-debuginfo-0:7.3.6-2.el8.ppc64le", "AppStream-8.4.0.GA:grafana-debuginfo-0:7.3.6-2.el8.s390x", "AppStream-8.4.0.GA:grafana-debuginfo-0:7.3.6-2.el8.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:1859", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, products: [ "AppStream-8.4.0.GA:grafana-0:7.3.6-2.el8.aarch64", "AppStream-8.4.0.GA:grafana-0:7.3.6-2.el8.ppc64le", "AppStream-8.4.0.GA:grafana-0:7.3.6-2.el8.s390x", "AppStream-8.4.0.GA:grafana-0:7.3.6-2.el8.src", "AppStream-8.4.0.GA:grafana-0:7.3.6-2.el8.x86_64", "AppStream-8.4.0.GA:grafana-debuginfo-0:7.3.6-2.el8.aarch64", "AppStream-8.4.0.GA:grafana-debuginfo-0:7.3.6-2.el8.ppc64le", "AppStream-8.4.0.GA:grafana-debuginfo-0:7.3.6-2.el8.s390x", "AppStream-8.4.0.GA:grafana-debuginfo-0:7.3.6-2.el8.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "grafana: XSS via a query alias for the Elasticsearch and Testdata datasource", }, { cve: "CVE-2020-27846", cwe: { id: "CWE-115", name: "Misinterpretation of Input", }, discovery_date: "2020-12-15T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1907670", }, ], notes: [ { category: "description", text: "A signature verification vulnerability exists in crewjam/saml. This flaw allows an attacker to bypass SAML Authentication. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.", title: "Vulnerability description", }, { category: "summary", text: "crewjam/saml: authentication bypass in saml authentication", title: "Vulnerability summary", }, { category: "other", text: "Grafana in the OpenShift Container Platform (OCP) and OpenShift ServiceMesh) uses oauth-proxy as an Auth Proxy, and therefore does not make use of the vulnerable SAML Authentication in the github.com/crewjam/saml module used by Grafana. Additionally, SAML is only available in the enterprise version of grafana, but as the code is still packaged, it has been marked Low impact.\n\nRed Hat Gluster Storage 3, Red Hat Ceph Storage 2, 3 and 4 ships old versions of grafana where ‘crewjam/saml’ module is not included. Therefore these products are not affected by this vulnerability.\n\ngrafana as shipped with Red Hat Enterprise Linux 8 packages a vulnerable version of crewjam/saml but does not use it, as SAML is only available for the Enterprise version of grafana. For this reason, this flaw has been marked Low impact.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-8.4.0.GA:grafana-0:7.3.6-2.el8.aarch64", "AppStream-8.4.0.GA:grafana-0:7.3.6-2.el8.ppc64le", "AppStream-8.4.0.GA:grafana-0:7.3.6-2.el8.s390x", "AppStream-8.4.0.GA:grafana-0:7.3.6-2.el8.src", "AppStream-8.4.0.GA:grafana-0:7.3.6-2.el8.x86_64", "AppStream-8.4.0.GA:grafana-debuginfo-0:7.3.6-2.el8.aarch64", "AppStream-8.4.0.GA:grafana-debuginfo-0:7.3.6-2.el8.ppc64le", "AppStream-8.4.0.GA:grafana-debuginfo-0:7.3.6-2.el8.s390x", "AppStream-8.4.0.GA:grafana-debuginfo-0:7.3.6-2.el8.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-27846", }, { category: "external", summary: "RHBZ#1907670", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1907670", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-27846", url: "https://www.cve.org/CVERecord?id=CVE-2020-27846", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-27846", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-27846", }, { category: "external", summary: "https://github.com/crewjam/saml/security/advisories/GHSA-4hq8-gmxx-h6w9", url: "https://github.com/crewjam/saml/security/advisories/GHSA-4hq8-gmxx-h6w9", }, { category: "external", summary: "https://grafana.com/blog/2020/12/17/grafana-6.7.5-7.2.3-and-7.3.6-released-with-important-security-fix-for-grafana-enterprise/", url: "https://grafana.com/blog/2020/12/17/grafana-6.7.5-7.2.3-and-7.3.6-released-with-important-security-fix-for-grafana-enterprise/", }, { category: "external", summary: "https://mattermost.com/blog/coordinated-disclosure-go-xml-vulnerabilities/", url: "https://mattermost.com/blog/coordinated-disclosure-go-xml-vulnerabilities/", }, ], release_date: "2020-12-17T13:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-05-18T14:45:11+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-8.4.0.GA:grafana-0:7.3.6-2.el8.aarch64", "AppStream-8.4.0.GA:grafana-0:7.3.6-2.el8.ppc64le", "AppStream-8.4.0.GA:grafana-0:7.3.6-2.el8.s390x", "AppStream-8.4.0.GA:grafana-0:7.3.6-2.el8.src", "AppStream-8.4.0.GA:grafana-0:7.3.6-2.el8.x86_64", "AppStream-8.4.0.GA:grafana-debuginfo-0:7.3.6-2.el8.aarch64", "AppStream-8.4.0.GA:grafana-debuginfo-0:7.3.6-2.el8.ppc64le", "AppStream-8.4.0.GA:grafana-debuginfo-0:7.3.6-2.el8.s390x", "AppStream-8.4.0.GA:grafana-debuginfo-0:7.3.6-2.el8.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:1859", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "AppStream-8.4.0.GA:grafana-0:7.3.6-2.el8.aarch64", "AppStream-8.4.0.GA:grafana-0:7.3.6-2.el8.ppc64le", "AppStream-8.4.0.GA:grafana-0:7.3.6-2.el8.s390x", "AppStream-8.4.0.GA:grafana-0:7.3.6-2.el8.src", "AppStream-8.4.0.GA:grafana-0:7.3.6-2.el8.x86_64", "AppStream-8.4.0.GA:grafana-debuginfo-0:7.3.6-2.el8.aarch64", "AppStream-8.4.0.GA:grafana-debuginfo-0:7.3.6-2.el8.ppc64le", "AppStream-8.4.0.GA:grafana-debuginfo-0:7.3.6-2.el8.s390x", "AppStream-8.4.0.GA:grafana-debuginfo-0:7.3.6-2.el8.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "crewjam/saml: authentication bypass in saml authentication", }, ], }
fkie_cve-2020-24303
Vulnerability from fkie_nvd
Published
2020-10-28 14:15
Modified
2024-11-21 05:14
Severity ?
Summary
Grafana before 7.1.0-beta 1 allows XSS via a query alias for the ElasticSearch datasource.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://github.com/grafana/grafana/blob/master/CHANGELOG.md#710-beta-1-2020-07-01 | Release Notes, Third Party Advisory | |
| cve@mitre.org | https://github.com/grafana/grafana/pull/25401 | Patch, Third Party Advisory | |
| cve@mitre.org | https://security.netapp.com/advisory/ntap-20201123-0002/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/grafana/grafana/blob/master/CHANGELOG.md#710-beta-1-2020-07-01 | Release Notes, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/grafana/grafana/pull/25401 | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.netapp.com/advisory/ntap-20201123-0002/ | Third Party Advisory |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:grafana:grafana:*:*:*:*:*:*:*:*", matchCriteriaId: "EB6DBF52-7C99-4B79-B3E6-17F724A47483", versionEndIncluding: "7.0.5", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Grafana before 7.1.0-beta 1 allows XSS via a query alias for the ElasticSearch datasource.", }, { lang: "es", value: "Grafana versiones anteriores a 7.1.0-beta 1, permite un ataque de tipo XSS por medio de un alias de consulta de la fuente de datos de ElasticSearch", }, ], id: "CVE-2020-24303", lastModified: "2024-11-21T05:14:34.773", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:N/I:P/A:N", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 2.7, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-10-28T14:15:12.330", references: [ { source: "cve@mitre.org", tags: [ "Release Notes", "Third Party Advisory", ], url: "https://github.com/grafana/grafana/blob/master/CHANGELOG.md#710-beta-1-2020-07-01", }, { source: "cve@mitre.org", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/grafana/grafana/pull/25401", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20201123-0002/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", "Third Party Advisory", ], url: "https://github.com/grafana/grafana/blob/master/CHANGELOG.md#710-beta-1-2020-07-01", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/grafana/grafana/pull/25401", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20201123-0002/", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-79", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Log in or create an account to share your comment.
Security Advisory comment format.
This schema specifies the format of a comment related to a security advisory.
UUIDv4 of the comment
UUIDv4 of the Vulnerability-Lookup instance
When the comment was created originally
When the comment was last updated
Title of the comment
Description of the comment
The identifier of the vulnerability (CVE ID, GHSA-ID, PYSEC ID, etc.).
Loading…
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.