incorrect year recorded for advisory
This commit is contained in:
parent
250af08bd6
commit
aada49f83d
|
@ -1,6 +1,6 @@
|
|||
{
|
||||
"advisory": {
|
||||
"date": "2013-01-13",
|
||||
"date": "2014-01-13",
|
||||
"description": "Daniel Berrange from Red Hat reported that the directories used to temporarily store live snapshots on Nova compute nodes were writable to all local users. A local attacker with shell access on compute nodes could therefore read and modify the contents of live snapshots before those are uploaded to the image service.",
|
||||
"id": "2014-001",
|
||||
"title": "Nova live snapshots use an insecure local directory",
|
||||
|
@ -39,4 +39,4 @@
|
|||
"impact": "moderate"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
{
|
||||
"advisory": {
|
||||
"date": "2013-01-16",
|
||||
"date": "2014-01-16",
|
||||
"description": "Samuel Merritt from SwiftStack reported a timing attack vulnerability in Swift TempURL middleware. By analyzing response times to arbitrary TempURL requests, an attacker may be able to guess valid secret URLs and get access to objects that were only intended to be publicly shared with specific recipients. In order to use this attack, the attacker needs to know the targeted object name, and the object account needs to have a TempURL key set. Only Swift setups enabling the TempURL middleware are affected.",
|
||||
"id": "2014-002",
|
||||
"title": "Swift TempURL timing attack",
|
||||
|
@ -39,4 +39,4 @@
|
|||
"impact": "moderate"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue