diff options
author | Jean-Pierre Giraud <jean-pierregiraud@neuf.fr> | 2023-02-02 01:03:23 +0100 |
---|---|---|
committer | Jean-Pierre Giraud <jean-pierregiraud@neuf.fr> | 2023-02-02 01:03:23 +0100 |
commit | 7d04c516e27a7e264a9f8ddbb75d9d5727fd4fcc (patch) | |
tree | 7b891cc27f2c7d6384a34854f667a10fe8653117 | |
parent | 3d263cf076152e82cf021484ea38a52d64051f66 (diff) |
[SECURITY] [DSA 5337-1] nova security update
-rw-r--r-- | english/security/2023/dsa-5337.data | 13 | ||||
-rw-r--r-- | english/security/2023/dsa-5337.wml | 21 |
2 files changed, 34 insertions, 0 deletions
diff --git a/english/security/2023/dsa-5337.data b/english/security/2023/dsa-5337.data new file mode 100644 index 00000000000..67ec8821440 --- /dev/null +++ b/english/security/2023/dsa-5337.data @@ -0,0 +1,13 @@ +<define-tag pagetitle>DSA-5337-1 nova</define-tag> +<define-tag report_date>2023-2-01</define-tag> +<define-tag secrefs>CVE-2022-47951 Bug#1029561</define-tag> +<define-tag packages>nova</define-tag> +<define-tag isvulnerable>yes</define-tag> +<define-tag fixed>yes</define-tag> +<define-tag fixed-section>no</define-tag> + +#use wml::debian::security + + + +</dl> diff --git a/english/security/2023/dsa-5337.wml b/english/security/2023/dsa-5337.wml new file mode 100644 index 00000000000..b970ac8e259 --- /dev/null +++ b/english/security/2023/dsa-5337.wml @@ -0,0 +1,21 @@ +<define-tag description>security update</define-tag> +<define-tag moreinfo> +<p>Guillaume Espanel, Pierre Libeau, Arnaud Morin and Damien Rannou +discovered that missing input sanitising in the handling of VMDK images +in OpenStack Compute (codenamed Nova) may result in information +disclosure.</p> + +<p>For the stable distribution (bullseye), this problem has been fixed in +version 2:22.0.1-2+deb11u1.</p> + +<p>We recommend that you upgrade your nova packages.</p> + +<p>For the detailed security status of nova please refer to +its security tracker page at: +<a href="https://security-tracker.debian.org/tracker/nova">\ +https://security-tracker.debian.org/tracker/nova</a></p> +</define-tag> + +# do not modify the following line +#include "$(ENGLISHDIR)/security/2023/dsa-5337.data" +# $Id: $ |