Vulnerability from csaf_suse
Published
2020-02-03 17:18
Modified
2020-02-03 17:18
Summary
Security update for crowbar-core, crowbar-openstack, openstack-neutron-fwaas, rubygem-crowbar-client
Notes
Title of the patch
Security update for crowbar-core, crowbar-openstack, openstack-neutron-fwaas, rubygem-crowbar-client
Description of the patch
This update for crowbar-core, crowbar-openstack, openstack-neutron-fwaas, rubygem-crowbar-client contains the following fixes:
Security fixes for rubygem-crowbar-client:
- CVE-2018-17954: Fixed an issue where crowbar was leaking the secret admin passwords to all nodes (bsc#1117080)
Changes in crowbar-core:
- Update to version 4.0+git.1578392992.fabfd186c:
* Avoid nil crash when provisioner attributes are not set (bsc#1160048)
- Update to version 4.0+git.1578294389.acc7385d5:
* Adding CVE-2019-16770 to the ignore list, regarding SOC-10999.
Changes in crowbar-openstack:
- Update to version 4.0+git.1579171175.d53ab6363:
* tempest: tempest run filters as templates (SOC-11052)
* Add tempest filters based on services (SOC-9801)
Changes in openstack-neutron-fwaas:
- Remove the patch that was deleting the tempest entry point and enable tempest tests.
Patchnames
SUSE-2020-311,SUSE-OpenStack-Cloud-7-2020-311
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "critical", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Security update for crowbar-core, crowbar-openstack, openstack-neutron-fwaas, rubygem-crowbar-client", title: "Title of the patch", }, { category: "description", text: "This update for crowbar-core, crowbar-openstack, openstack-neutron-fwaas, rubygem-crowbar-client contains the following fixes:\n\nSecurity fixes for rubygem-crowbar-client:\n\n- CVE-2018-17954: Fixed an issue where crowbar was leaking the secret admin passwords to all nodes (bsc#1117080)\n\nChanges in crowbar-core:\n- Update to version 4.0+git.1578392992.fabfd186c:\n * Avoid nil crash when provisioner attributes are not set (bsc#1160048)\n\n- Update to version 4.0+git.1578294389.acc7385d5:\n * Adding CVE-2019-16770 to the ignore list, regarding SOC-10999.\n\nChanges in crowbar-openstack:\n- Update to version 4.0+git.1579171175.d53ab6363:\n * tempest: tempest run filters as templates (SOC-11052)\n * Add tempest filters based on services (SOC-9801)\n\nChanges in openstack-neutron-fwaas:\n- Remove the patch that was deleting the tempest entry point and enable tempest tests.\n", title: "Description of the patch", }, { category: "details", text: "SUSE-2020-311,SUSE-OpenStack-Cloud-7-2020-311", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2020_0311-1.json", }, { category: "self", summary: "URL for SUSE-SU-2020:0311-1", url: "https://www.suse.com/support/update/announcement/2020/suse-su-20200311-1/", }, { category: "self", summary: "E-Mail link for SUSE-SU-2020:0311-1", url: "https://lists.suse.com/pipermail/sle-security-updates/2020-February/006446.html", }, { category: "self", summary: "SUSE Bug 1117080", url: "https://bugzilla.suse.com/1117080", }, { category: "self", summary: "SUSE Bug 1160048", url: "https://bugzilla.suse.com/1160048", }, { category: "self", summary: "SUSE CVE CVE-2018-17954 page", url: "https://www.suse.com/security/cve/CVE-2018-17954/", }, { category: "self", summary: "SUSE CVE CVE-2019-16770 page", url: "https://www.suse.com/security/cve/CVE-2019-16770/", }, ], title: "Security update for crowbar-core, crowbar-openstack, openstack-neutron-fwaas, rubygem-crowbar-client", tracking: { current_release_date: "2020-02-03T17:18:32Z", generator: { date: "2020-02-03T17:18:32Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "SUSE-SU-2020:0311-1", initial_release_date: "2020-02-03T17:18:32Z", revision_history: [ { date: "2020-02-03T17:18:32Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "crowbar-core-4.0+git.1578392992.fabfd186c-9.63.1.aarch64", product: { name: "crowbar-core-4.0+git.1578392992.fabfd186c-9.63.1.aarch64", product_id: "crowbar-core-4.0+git.1578392992.fabfd186c-9.63.1.aarch64", }, }, { category: "product_version", name: "crowbar-core-branding-upstream-4.0+git.1578392992.fabfd186c-9.63.1.aarch64", product: { name: "crowbar-core-branding-upstream-4.0+git.1578392992.fabfd186c-9.63.1.aarch64", product_id: "crowbar-core-branding-upstream-4.0+git.1578392992.fabfd186c-9.63.1.aarch64", }, }, { category: "product_version", name: "crowbar-core-devel-4.0+git.1578392992.fabfd186c-9.63.1.aarch64", product: { name: "crowbar-core-devel-4.0+git.1578392992.fabfd186c-9.63.1.aarch64", product_id: "crowbar-core-devel-4.0+git.1578392992.fabfd186c-9.63.1.aarch64", }, }, { category: "product_version", name: "ruby2.1-rubygem-crowbar-client-3.9.1-7.17.1.aarch64", product: { name: "ruby2.1-rubygem-crowbar-client-3.9.1-7.17.1.aarch64", product_id: "ruby2.1-rubygem-crowbar-client-3.9.1-7.17.1.aarch64", }, }, { category: "product_version", name: "ruby2.1-rubygem-crowbar-client-doc-3.9.1-7.17.1.aarch64", product: { name: "ruby2.1-rubygem-crowbar-client-doc-3.9.1-7.17.1.aarch64", product_id: "ruby2.1-rubygem-crowbar-client-doc-3.9.1-7.17.1.aarch64", }, }, { category: "product_version", name: "ruby2.1-rubygem-crowbar-client-testsuite-3.9.1-7.17.1.aarch64", product: { name: "ruby2.1-rubygem-crowbar-client-testsuite-3.9.1-7.17.1.aarch64", product_id: "ruby2.1-rubygem-crowbar-client-testsuite-3.9.1-7.17.1.aarch64", }, }, ], category: "architecture", name: "aarch64", }, { branches: [ { category: "product_version", name: "crowbar-openstack-4.0+git.1579171175.d53ab6363-9.68.1.noarch", product: { name: "crowbar-openstack-4.0+git.1579171175.d53ab6363-9.68.1.noarch", product_id: "crowbar-openstack-4.0+git.1579171175.d53ab6363-9.68.1.noarch", }, }, { category: "product_version", name: "openstack-neutron-fwaas-9.0.2~dev5-4.6.1.noarch", product: { name: "openstack-neutron-fwaas-9.0.2~dev5-4.6.1.noarch", product_id: "openstack-neutron-fwaas-9.0.2~dev5-4.6.1.noarch", }, }, { category: "product_version", name: "openstack-neutron-fwaas-doc-9.0.2~dev5-4.6.1.noarch", product: { name: "openstack-neutron-fwaas-doc-9.0.2~dev5-4.6.1.noarch", product_id: "openstack-neutron-fwaas-doc-9.0.2~dev5-4.6.1.noarch", }, }, { category: "product_version", name: "openstack-neutron-fwaas-test-9.0.2~dev5-4.6.1.noarch", product: { name: "openstack-neutron-fwaas-test-9.0.2~dev5-4.6.1.noarch", product_id: "openstack-neutron-fwaas-test-9.0.2~dev5-4.6.1.noarch", }, }, { category: "product_version", name: "python-neutron-fwaas-9.0.2~dev5-4.6.1.noarch", product: { name: "python-neutron-fwaas-9.0.2~dev5-4.6.1.noarch", product_id: "python-neutron-fwaas-9.0.2~dev5-4.6.1.noarch", }, }, ], category: "architecture", name: "noarch", }, { branches: [ { category: "product_version", name: "crowbar-core-4.0+git.1578392992.fabfd186c-9.63.1.ppc64le", product: { name: "crowbar-core-4.0+git.1578392992.fabfd186c-9.63.1.ppc64le", product_id: "crowbar-core-4.0+git.1578392992.fabfd186c-9.63.1.ppc64le", }, }, { category: "product_version", name: "crowbar-core-branding-upstream-4.0+git.1578392992.fabfd186c-9.63.1.ppc64le", product: { name: "crowbar-core-branding-upstream-4.0+git.1578392992.fabfd186c-9.63.1.ppc64le", product_id: "crowbar-core-branding-upstream-4.0+git.1578392992.fabfd186c-9.63.1.ppc64le", }, }, { category: "product_version", name: "crowbar-core-devel-4.0+git.1578392992.fabfd186c-9.63.1.ppc64le", product: { name: "crowbar-core-devel-4.0+git.1578392992.fabfd186c-9.63.1.ppc64le", product_id: "crowbar-core-devel-4.0+git.1578392992.fabfd186c-9.63.1.ppc64le", }, }, { category: "product_version", name: "ruby2.1-rubygem-crowbar-client-3.9.1-7.17.1.ppc64le", product: { name: "ruby2.1-rubygem-crowbar-client-3.9.1-7.17.1.ppc64le", product_id: "ruby2.1-rubygem-crowbar-client-3.9.1-7.17.1.ppc64le", }, }, { category: "product_version", name: "ruby2.1-rubygem-crowbar-client-doc-3.9.1-7.17.1.ppc64le", product: { name: "ruby2.1-rubygem-crowbar-client-doc-3.9.1-7.17.1.ppc64le", product_id: "ruby2.1-rubygem-crowbar-client-doc-3.9.1-7.17.1.ppc64le", }, }, { category: "product_version", name: "ruby2.1-rubygem-crowbar-client-testsuite-3.9.1-7.17.1.ppc64le", product: { name: "ruby2.1-rubygem-crowbar-client-testsuite-3.9.1-7.17.1.ppc64le", product_id: "ruby2.1-rubygem-crowbar-client-testsuite-3.9.1-7.17.1.ppc64le", }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "crowbar-core-4.0+git.1578392992.fabfd186c-9.63.1.s390x", product: { name: "crowbar-core-4.0+git.1578392992.fabfd186c-9.63.1.s390x", product_id: "crowbar-core-4.0+git.1578392992.fabfd186c-9.63.1.s390x", }, }, { category: "product_version", name: "crowbar-core-branding-upstream-4.0+git.1578392992.fabfd186c-9.63.1.s390x", product: { name: "crowbar-core-branding-upstream-4.0+git.1578392992.fabfd186c-9.63.1.s390x", product_id: "crowbar-core-branding-upstream-4.0+git.1578392992.fabfd186c-9.63.1.s390x", }, }, { category: "product_version", name: "crowbar-core-devel-4.0+git.1578392992.fabfd186c-9.63.1.s390x", product: { name: "crowbar-core-devel-4.0+git.1578392992.fabfd186c-9.63.1.s390x", product_id: "crowbar-core-devel-4.0+git.1578392992.fabfd186c-9.63.1.s390x", }, }, { category: "product_version", name: "ruby2.1-rubygem-crowbar-client-3.9.1-7.17.1.s390x", product: { name: "ruby2.1-rubygem-crowbar-client-3.9.1-7.17.1.s390x", product_id: "ruby2.1-rubygem-crowbar-client-3.9.1-7.17.1.s390x", }, }, { category: "product_version", name: "ruby2.1-rubygem-crowbar-client-doc-3.9.1-7.17.1.s390x", product: { name: "ruby2.1-rubygem-crowbar-client-doc-3.9.1-7.17.1.s390x", product_id: "ruby2.1-rubygem-crowbar-client-doc-3.9.1-7.17.1.s390x", }, }, { category: "product_version", name: "ruby2.1-rubygem-crowbar-client-testsuite-3.9.1-7.17.1.s390x", product: { name: "ruby2.1-rubygem-crowbar-client-testsuite-3.9.1-7.17.1.s390x", product_id: "ruby2.1-rubygem-crowbar-client-testsuite-3.9.1-7.17.1.s390x", }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "crowbar-core-4.0+git.1578392992.fabfd186c-9.63.1.x86_64", product: { name: "crowbar-core-4.0+git.1578392992.fabfd186c-9.63.1.x86_64", product_id: "crowbar-core-4.0+git.1578392992.fabfd186c-9.63.1.x86_64", }, }, { category: "product_version", name: "crowbar-core-branding-upstream-4.0+git.1578392992.fabfd186c-9.63.1.x86_64", product: { name: "crowbar-core-branding-upstream-4.0+git.1578392992.fabfd186c-9.63.1.x86_64", product_id: "crowbar-core-branding-upstream-4.0+git.1578392992.fabfd186c-9.63.1.x86_64", }, }, { category: "product_version", name: "crowbar-core-devel-4.0+git.1578392992.fabfd186c-9.63.1.x86_64", product: { name: "crowbar-core-devel-4.0+git.1578392992.fabfd186c-9.63.1.x86_64", product_id: "crowbar-core-devel-4.0+git.1578392992.fabfd186c-9.63.1.x86_64", }, }, { category: "product_version", name: "ruby2.1-rubygem-crowbar-client-3.9.1-7.17.1.x86_64", product: { name: "ruby2.1-rubygem-crowbar-client-3.9.1-7.17.1.x86_64", product_id: "ruby2.1-rubygem-crowbar-client-3.9.1-7.17.1.x86_64", }, }, { category: "product_version", name: "ruby2.1-rubygem-crowbar-client-doc-3.9.1-7.17.1.x86_64", product: { name: "ruby2.1-rubygem-crowbar-client-doc-3.9.1-7.17.1.x86_64", product_id: "ruby2.1-rubygem-crowbar-client-doc-3.9.1-7.17.1.x86_64", }, }, { category: "product_version", name: "ruby2.1-rubygem-crowbar-client-testsuite-3.9.1-7.17.1.x86_64", product: { name: "ruby2.1-rubygem-crowbar-client-testsuite-3.9.1-7.17.1.x86_64", product_id: "ruby2.1-rubygem-crowbar-client-testsuite-3.9.1-7.17.1.x86_64", }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_name", name: "SUSE OpenStack Cloud 7", product: { name: "SUSE OpenStack Cloud 7", product_id: "SUSE OpenStack Cloud 7", product_identification_helper: { cpe: "cpe:/o:suse:suse-openstack-cloud:7", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "crowbar-core-4.0+git.1578392992.fabfd186c-9.63.1.aarch64 as component of SUSE OpenStack Cloud 7", product_id: "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1578392992.fabfd186c-9.63.1.aarch64", }, product_reference: "crowbar-core-4.0+git.1578392992.fabfd186c-9.63.1.aarch64", relates_to_product_reference: "SUSE OpenStack Cloud 7", }, { category: "default_component_of", full_product_name: { name: "crowbar-core-4.0+git.1578392992.fabfd186c-9.63.1.s390x as component of SUSE OpenStack Cloud 7", product_id: "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1578392992.fabfd186c-9.63.1.s390x", }, product_reference: "crowbar-core-4.0+git.1578392992.fabfd186c-9.63.1.s390x", relates_to_product_reference: "SUSE OpenStack Cloud 7", }, { category: "default_component_of", full_product_name: { name: "crowbar-core-4.0+git.1578392992.fabfd186c-9.63.1.x86_64 as component of SUSE OpenStack Cloud 7", product_id: "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1578392992.fabfd186c-9.63.1.x86_64", }, product_reference: "crowbar-core-4.0+git.1578392992.fabfd186c-9.63.1.x86_64", relates_to_product_reference: "SUSE OpenStack Cloud 7", }, { category: "default_component_of", full_product_name: { name: "crowbar-core-branding-upstream-4.0+git.1578392992.fabfd186c-9.63.1.aarch64 as component of SUSE OpenStack Cloud 7", product_id: "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1578392992.fabfd186c-9.63.1.aarch64", }, product_reference: "crowbar-core-branding-upstream-4.0+git.1578392992.fabfd186c-9.63.1.aarch64", relates_to_product_reference: "SUSE OpenStack Cloud 7", }, { category: "default_component_of", full_product_name: { name: "crowbar-core-branding-upstream-4.0+git.1578392992.fabfd186c-9.63.1.s390x as component of SUSE OpenStack Cloud 7", product_id: "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1578392992.fabfd186c-9.63.1.s390x", }, product_reference: "crowbar-core-branding-upstream-4.0+git.1578392992.fabfd186c-9.63.1.s390x", relates_to_product_reference: "SUSE OpenStack Cloud 7", }, { category: "default_component_of", full_product_name: { name: "crowbar-core-branding-upstream-4.0+git.1578392992.fabfd186c-9.63.1.x86_64 as component of SUSE OpenStack Cloud 7", product_id: "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1578392992.fabfd186c-9.63.1.x86_64", }, product_reference: "crowbar-core-branding-upstream-4.0+git.1578392992.fabfd186c-9.63.1.x86_64", relates_to_product_reference: "SUSE OpenStack Cloud 7", }, { category: "default_component_of", full_product_name: { name: "crowbar-openstack-4.0+git.1579171175.d53ab6363-9.68.1.noarch as component of SUSE OpenStack Cloud 7", product_id: "SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1579171175.d53ab6363-9.68.1.noarch", }, product_reference: "crowbar-openstack-4.0+git.1579171175.d53ab6363-9.68.1.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 7", }, { category: "default_component_of", full_product_name: { name: "openstack-neutron-fwaas-9.0.2~dev5-4.6.1.noarch as component of SUSE OpenStack Cloud 7", product_id: "SUSE OpenStack Cloud 7:openstack-neutron-fwaas-9.0.2~dev5-4.6.1.noarch", }, product_reference: "openstack-neutron-fwaas-9.0.2~dev5-4.6.1.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 7", }, { category: "default_component_of", full_product_name: { name: "openstack-neutron-fwaas-doc-9.0.2~dev5-4.6.1.noarch as component of SUSE OpenStack Cloud 7", product_id: "SUSE OpenStack Cloud 7:openstack-neutron-fwaas-doc-9.0.2~dev5-4.6.1.noarch", }, product_reference: "openstack-neutron-fwaas-doc-9.0.2~dev5-4.6.1.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 7", }, { category: "default_component_of", full_product_name: { name: "python-neutron-fwaas-9.0.2~dev5-4.6.1.noarch as component of SUSE OpenStack Cloud 7", product_id: "SUSE OpenStack Cloud 7:python-neutron-fwaas-9.0.2~dev5-4.6.1.noarch", }, product_reference: "python-neutron-fwaas-9.0.2~dev5-4.6.1.noarch", relates_to_product_reference: "SUSE OpenStack Cloud 7", }, { category: "default_component_of", full_product_name: { name: "ruby2.1-rubygem-crowbar-client-3.9.1-7.17.1.aarch64 as component of SUSE OpenStack Cloud 7", product_id: "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.1-7.17.1.aarch64", }, product_reference: "ruby2.1-rubygem-crowbar-client-3.9.1-7.17.1.aarch64", relates_to_product_reference: "SUSE OpenStack Cloud 7", }, { category: "default_component_of", full_product_name: { name: "ruby2.1-rubygem-crowbar-client-3.9.1-7.17.1.s390x as component of SUSE OpenStack Cloud 7", product_id: "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.1-7.17.1.s390x", }, product_reference: "ruby2.1-rubygem-crowbar-client-3.9.1-7.17.1.s390x", relates_to_product_reference: "SUSE OpenStack Cloud 7", }, { category: "default_component_of", full_product_name: { name: "ruby2.1-rubygem-crowbar-client-3.9.1-7.17.1.x86_64 as component of SUSE OpenStack Cloud 7", product_id: "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.1-7.17.1.x86_64", }, product_reference: "ruby2.1-rubygem-crowbar-client-3.9.1-7.17.1.x86_64", relates_to_product_reference: "SUSE OpenStack Cloud 7", }, ], }, vulnerabilities: [ { cve: "CVE-2018-17954", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-17954", }, ], notes: [ { category: "general", text: "An Improper Privilege Management in crowbar of SUSE OpenStack Cloud 7, SUSE OpenStack Cloud 8, SUSE OpenStack Cloud 9, SUSE OpenStack Cloud Crowbar 8, SUSE OpenStack Cloud Crowbar 9 allows root users on any crowbar managed node to cause become root on any other node. This issue affects: SUSE OpenStack Cloud 7 crowbar-core versions prior to 4.0+git.1578392992.fabfd186c-9.63.1, crowbar-. SUSE OpenStack Cloud 8 ardana-cinder versions prior to 8.0+git.1579279939.ee7da88-3.39.3, ardana-. SUSE OpenStack Cloud 9 ardana-ansible versions prior to 9.0+git.1581611758.f694f7d-3.16.1, ardana-. SUSE OpenStack Cloud Crowbar 8 crowbar-core versions prior to 5.0+git.1582968668.1a55c77c5-3.35.4, crowbar-. SUSE OpenStack Cloud Crowbar 9 crowbar-core versions prior to 6.0+git.1582892022.cbd70e833-3.19.3, crowbar-.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1578392992.fabfd186c-9.63.1.aarch64", "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1578392992.fabfd186c-9.63.1.s390x", "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1578392992.fabfd186c-9.63.1.x86_64", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1578392992.fabfd186c-9.63.1.aarch64", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1578392992.fabfd186c-9.63.1.s390x", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1578392992.fabfd186c-9.63.1.x86_64", "SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1579171175.d53ab6363-9.68.1.noarch", "SUSE OpenStack Cloud 7:openstack-neutron-fwaas-9.0.2~dev5-4.6.1.noarch", "SUSE OpenStack Cloud 7:openstack-neutron-fwaas-doc-9.0.2~dev5-4.6.1.noarch", "SUSE OpenStack Cloud 7:python-neutron-fwaas-9.0.2~dev5-4.6.1.noarch", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.1-7.17.1.aarch64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.1-7.17.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.1-7.17.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-17954", url: "https://www.suse.com/security/cve/CVE-2018-17954", }, { category: "external", summary: "SUSE Bug 1117080 for CVE-2018-17954", url: "https://bugzilla.suse.com/1117080", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1578392992.fabfd186c-9.63.1.aarch64", "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1578392992.fabfd186c-9.63.1.s390x", "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1578392992.fabfd186c-9.63.1.x86_64", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1578392992.fabfd186c-9.63.1.aarch64", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1578392992.fabfd186c-9.63.1.s390x", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1578392992.fabfd186c-9.63.1.x86_64", "SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1579171175.d53ab6363-9.68.1.noarch", "SUSE OpenStack Cloud 7:openstack-neutron-fwaas-9.0.2~dev5-4.6.1.noarch", "SUSE OpenStack Cloud 7:openstack-neutron-fwaas-doc-9.0.2~dev5-4.6.1.noarch", "SUSE OpenStack Cloud 7:python-neutron-fwaas-9.0.2~dev5-4.6.1.noarch", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.1-7.17.1.aarch64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.1-7.17.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.1-7.17.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1578392992.fabfd186c-9.63.1.aarch64", "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1578392992.fabfd186c-9.63.1.s390x", "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1578392992.fabfd186c-9.63.1.x86_64", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1578392992.fabfd186c-9.63.1.aarch64", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1578392992.fabfd186c-9.63.1.s390x", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1578392992.fabfd186c-9.63.1.x86_64", "SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1579171175.d53ab6363-9.68.1.noarch", "SUSE OpenStack Cloud 7:openstack-neutron-fwaas-9.0.2~dev5-4.6.1.noarch", "SUSE OpenStack Cloud 7:openstack-neutron-fwaas-doc-9.0.2~dev5-4.6.1.noarch", "SUSE OpenStack Cloud 7:python-neutron-fwaas-9.0.2~dev5-4.6.1.noarch", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.1-7.17.1.aarch64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.1-7.17.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.1-7.17.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2020-02-03T17:18:32Z", details: "important", }, ], title: "CVE-2018-17954", }, { cve: "CVE-2019-16770", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-16770", }, ], notes: [ { category: "general", text: "In Puma before versions 3.12.2 and 4.3.1, a poorly-behaved client could use keepalive requests to monopolize Puma's reactor and create a denial of service attack. If more keepalive connections to Puma are opened than there are threads available, additional connections will wait permanently if the attacker sends requests frequently enough. This vulnerability is patched in Puma 4.3.1 and 3.12.2.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1578392992.fabfd186c-9.63.1.aarch64", "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1578392992.fabfd186c-9.63.1.s390x", "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1578392992.fabfd186c-9.63.1.x86_64", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1578392992.fabfd186c-9.63.1.aarch64", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1578392992.fabfd186c-9.63.1.s390x", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1578392992.fabfd186c-9.63.1.x86_64", "SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1579171175.d53ab6363-9.68.1.noarch", "SUSE OpenStack Cloud 7:openstack-neutron-fwaas-9.0.2~dev5-4.6.1.noarch", "SUSE OpenStack Cloud 7:openstack-neutron-fwaas-doc-9.0.2~dev5-4.6.1.noarch", "SUSE OpenStack Cloud 7:python-neutron-fwaas-9.0.2~dev5-4.6.1.noarch", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.1-7.17.1.aarch64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.1-7.17.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.1-7.17.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-16770", url: "https://www.suse.com/security/cve/CVE-2019-16770", }, { category: "external", summary: "SUSE Bug 1158675 for CVE-2019-16770", url: "https://bugzilla.suse.com/1158675", }, { category: "external", summary: "SUSE Bug 1188527 for CVE-2019-16770", url: "https://bugzilla.suse.com/1188527", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1578392992.fabfd186c-9.63.1.aarch64", "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1578392992.fabfd186c-9.63.1.s390x", "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1578392992.fabfd186c-9.63.1.x86_64", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1578392992.fabfd186c-9.63.1.aarch64", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1578392992.fabfd186c-9.63.1.s390x", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1578392992.fabfd186c-9.63.1.x86_64", "SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1579171175.d53ab6363-9.68.1.noarch", "SUSE OpenStack Cloud 7:openstack-neutron-fwaas-9.0.2~dev5-4.6.1.noarch", "SUSE OpenStack Cloud 7:openstack-neutron-fwaas-doc-9.0.2~dev5-4.6.1.noarch", "SUSE OpenStack Cloud 7:python-neutron-fwaas-9.0.2~dev5-4.6.1.noarch", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.1-7.17.1.aarch64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.1-7.17.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.1-7.17.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1578392992.fabfd186c-9.63.1.aarch64", "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1578392992.fabfd186c-9.63.1.s390x", "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1578392992.fabfd186c-9.63.1.x86_64", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1578392992.fabfd186c-9.63.1.aarch64", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1578392992.fabfd186c-9.63.1.s390x", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1578392992.fabfd186c-9.63.1.x86_64", "SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1579171175.d53ab6363-9.68.1.noarch", "SUSE OpenStack Cloud 7:openstack-neutron-fwaas-9.0.2~dev5-4.6.1.noarch", "SUSE OpenStack Cloud 7:openstack-neutron-fwaas-doc-9.0.2~dev5-4.6.1.noarch", "SUSE OpenStack Cloud 7:python-neutron-fwaas-9.0.2~dev5-4.6.1.noarch", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.1-7.17.1.aarch64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.1-7.17.1.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.1-7.17.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2020-02-03T17:18:32Z", details: "important", }, ], title: "CVE-2019-16770", }, ], }
Log in or create an account to share your comment.
Security Advisory comment format.
This schema specifies the format of a comment related to a security advisory.
Title of the comment
Description of the comment
Loading…
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.