Adds OSSA-2015-002
Related-Bug: #1408663 Change-Id: Id36443b17f18a0f0cbcfd731c4fd50d8f2ffd9d1
This commit is contained in:
parent
3ddd6ef25c
commit
f6b1f51a54
|
@ -0,0 +1,61 @@
|
||||||
|
date: 2015-01-15
|
||||||
|
|
||||||
|
id: OSSA-2015-002
|
||||||
|
|
||||||
|
title: 'Glance v2 API unrestricted path traversal through filesystem:// scheme'
|
||||||
|
|
||||||
|
description: 'Jin Liu from EMC reported that path traversal vulnerabilities in Glance
|
||||||
|
were not fully patched in OSSA 2014-041. By setting a malicious image
|
||||||
|
location to a filesystem:// scheme an authenticated user can still
|
||||||
|
download or delete any file on the Glance server for which the Glance
|
||||||
|
process user has access to. Only setups using the Glance V2 API are
|
||||||
|
affected by this flaw.'
|
||||||
|
|
||||||
|
errata: 'When the original advisory was published a CVE number was not assigned.
|
||||||
|
CVE-2015-1195 can now be used to track this vulnerability.'
|
||||||
|
|
||||||
|
affected-products:
|
||||||
|
|
||||||
|
- product: glance
|
||||||
|
version: up to 2014.1.3 and 2014.2 versions up to 2014.2.1
|
||||||
|
|
||||||
|
vulnerabilities:
|
||||||
|
|
||||||
|
- cve-id: CVE-2015-1195
|
||||||
|
|
||||||
|
reporters:
|
||||||
|
|
||||||
|
- name: 'Jin Liu'
|
||||||
|
affiliation: EMC
|
||||||
|
reported:
|
||||||
|
- CVE-2015-1195
|
||||||
|
|
||||||
|
issues:
|
||||||
|
|
||||||
|
links:
|
||||||
|
- https://launchpad.net/bugs/1408663
|
||||||
|
|
||||||
|
type: launchpad
|
||||||
|
|
||||||
|
reviews:
|
||||||
|
|
||||||
|
kilo:
|
||||||
|
- https://review.openstack.org/145640
|
||||||
|
|
||||||
|
juno:
|
||||||
|
- https://review.openstack.org/145916
|
||||||
|
|
||||||
|
icehouse:
|
||||||
|
- https://review.openstack.org/145974
|
||||||
|
|
||||||
|
type: gerrit
|
||||||
|
|
||||||
|
notes:
|
||||||
|
- 'This fix was included in the kilo-1 development milestone and will be included
|
||||||
|
in future 2014.2.2 (juno) and 2014.1.4 (icehouse) releases.'
|
||||||
|
- 'The OpenStack VMT recommends revoking all credentials stored in files
|
||||||
|
accessible by Glance as a precautionary measure.'
|
||||||
|
|
||||||
|
errata_history:
|
||||||
|
- 2015-01-19 - Errata 1
|
||||||
|
- 2015-01-15 - Original Version
|
Loading…
Reference in New Issue