From aada49f83dc1537cb8159bf5ea4f32b7451879c4 Mon Sep 17 00:00:00 2001 From: Grant Murphy Date: Thu, 31 Jul 2014 11:33:01 +1000 Subject: [PATCH] incorrect year recorded for advisory --- OSSA-2014-001.json | 4 ++-- OSSA-2014-002.json | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/OSSA-2014-001.json b/OSSA-2014-001.json index e459944..3c8abca 100644 --- a/OSSA-2014-001.json +++ b/OSSA-2014-001.json @@ -1,6 +1,6 @@ { "advisory": { - "date": "2013-01-13", + "date": "2014-01-13", "description": "Daniel Berrange from Red Hat reported that the directories used to temporarily store live snapshots on Nova compute nodes were writable to all local users. A local attacker with shell access on compute nodes could therefore read and modify the contents of live snapshots before those are uploaded to the image service.", "id": "2014-001", "title": "Nova live snapshots use an insecure local directory", @@ -39,4 +39,4 @@ "impact": "moderate" } ] -} \ No newline at end of file +} diff --git a/OSSA-2014-002.json b/OSSA-2014-002.json index 79a62e9..981d5e3 100644 --- a/OSSA-2014-002.json +++ b/OSSA-2014-002.json @@ -1,6 +1,6 @@ { "advisory": { - "date": "2013-01-16", + "date": "2014-01-16", "description": "Samuel Merritt from SwiftStack reported a timing attack vulnerability in Swift TempURL middleware. By analyzing response times to arbitrary TempURL requests, an attacker may be able to guess valid secret URLs and get access to objects that were only intended to be publicly shared with specific recipients. In order to use this attack, the attacker needs to know the targeted object name, and the object account needs to have a TempURL key set. Only Swift setups enabling the TempURL middleware are affected.", "id": "2014-002", "title": "Swift TempURL timing attack", @@ -39,4 +39,4 @@ "impact": "moderate" } ] -} \ No newline at end of file +}