This is an automated email from the ASF dual-hosted git repository.
rohit pushed a commit to branch staging-site
in repository https://gitbox.apache.org/repos/asf/cloudstack-www.git
The following commit(s) were added to refs/heads/staging-site by this push:
new d3c86513 blog: publish security release advisory
d3c86513 is described below
commit d3c86513440e8be7459abdbc7107516f204845d2
Author: Rohit Yadav <rohit.ya...@shapeblue.com>
AuthorDate: Thu Apr 4 10:54:08 2024 +0530
blog: publish security release advisory
Signed-off-by: Rohit Yadav <rohit.ya...@shapeblue.com>
---
.../index.md | 64 ++++++++++++++++++++++
1 file changed, 64 insertions(+)
diff --git
a/blog/2024-04-04-security-release-advisory-4.19.0.1-4.18.1.1/index.md
b/blog/2024-04-04-security-release-advisory-4.19.0.1-4.18.1.1/index.md
new file mode 100644
index 00000000..afa7f788
--- /dev/null
+++ b/blog/2024-04-04-security-release-advisory-4.19.0.1-4.18.1.1/index.md
@@ -0,0 +1,64 @@
+---
+layout: post
+title: "[ADVISORY] Apache CloudStack Security Releases 4.18.1.1 and 4.19.0.1"
+tags: [announcement]
+authors: [rohit]
+slug: security-release-advisory-4.19.0.1-4.18.1.1
+---
+
+Apache CloudStack security releases 4.18.1.1 and 4.19.0.1 address the CVEs
+listed below. Affected users are recommended to upgrade their CloudStack
+installations.
+
+<!-- truncate -->
+
+[**CVE-2024-29006**](https://www.cve.org/CVERecord?id=CVE-2024-29006):
x-forwarded-for HTTP header parsed by default
+
+Severity: moderate
+
+Description: By default the CloudStack management server honours the
+x-forwarded-for HTTP header and logs it as the source IP of an API
+request. This could lead to authentication bypass and other
+operational problems should an attacker decide to spoof their IP
+address this way.
+
+Affected versions: Apache CloudStack 4.11.0.0 through 4.18.1.0, and 4.19.0.0
+
+Credit: Yuyang Xiao < superxyy...@gmail.com > (finder)
+
+[**CVE-2024-29007**](https://www.cve.org/CVERecord?id=CVE-2024-29007): When
+downloading templates or ISOs, the management server and SSVM follow HTTP
+redirects with potentially dangerous consequences
+
+Severity: moderate
+
+Affected versions: Apache CloudStack 4.9.1.0 through 4.18.1.0, and 4.19.0.0
+
+Description: The CloudStack management server and secondary storage VM could be
+tricked into making requests to restricted or random resources by
+means of following 301 HTTP redirects presented by external servers
+when downloading templates or ISOs. Users are recommended to upgrade
+to version 4.18.1.1 or 4.19.0.1, which fixes this issue.
+
+Credit: Yuyang Xiao < superxyy...@gmail.com > (finder)
+
+[**CVE-2024-29008**](https://www.cve.org/CVERecord?id=CVE-2024-29008): The
+extraconfig feature can be abused to load hypervisor resources on a VM instance
+
+Severity: critical
+
+Affected versions: Apache CloudStack 4.14.0.0 through 4.18.1.0, and 4.19.0.0
+
+Description: A problem has been identified in the CloudStack additional VM
+configuration (extraconfig) feature which can be misused by anyone who
+has privilege to deploy a VM instance or configure settings of an
+already deployed VM instance, to configure additional VM configuration
+even when the feature is not explicitly enabled by the administrator.
+In a KVM based CloudStack environment, an attacker can exploit this
+issue to attach host devices such as storage disks, and PCI and USB
+devices such as network adapters and GPUs, in a regular VM instance
+that can be further exploited to gain access to the underlying network
+and storage infrastructure resources, and access any VM instance disks
+on the local storage.
+
+Credit: Wei Zhou < ustcweiz...@gmail.com > (finder)
