Ubuntu alert USN-4104-1 (nova)
| From: | Steve Beattie <steve.beattie@canonical.com> | |
| To: | ubuntu-security-announce@lists.ubuntu.com | |
| Subject: | [USN-4104-1] Nova vulnerability | |
| Date: | Mon, 19 Aug 2019 16:20:33 -0700 | |
| Message-ID: | <20190819232033.GA4254@nxnw.org> |
========================================================================== Ubuntu Security Notice USN-4104-1 August 19, 2019 nova vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 19.04 - Ubuntu 18.04 LTS - Ubuntu 16.04 LTS Summary: Nova could be made to expose sensitive information. Software Description: - nova: OpenStack Compute cloud infrastructure Details: Donny Davis discovered that the Nova Compute service could return configuration or other information in response to a failed API request in some situations. A remote attacker could use this to expose sensitive information. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 19.04: nova-compute 2:19.0.1-0ubuntu2.1 python3-nova 2:19.0.1-0ubuntu2.1 Ubuntu 18.04 LTS: nova-compute 2:17.0.10-0ubuntu2.1 python-nova 2:17.0.10-0ubuntu2.1 Ubuntu 16.04 LTS: nova-compute 2:13.1.4-0ubuntu4.5 python-nova 2:13.1.4-0ubuntu4.5 In general, a standard system update will make all the necessary changes. References: https://usn.ubuntu.com/4104-1 CVE-2019-14433 Package Information: https://launchpad.net/ubuntu/+source/nova/2:19.0.1-0ubunt... https://launchpad.net/ubuntu/+source/nova/2:17.0.10-0ubun... https://launchpad.net/ubuntu/+source/nova/2:13.1.4-0ubunt... -- ubuntu-security-announce mailing list ubuntu-security-announce@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security...