-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3109-1 [email protected] https://www.debian.org/lts/security/ Emilio Pozuelo Monfort September 15, 2022 https://wiki.debian.org/LTS - -------------------------------------------------------------------------
Package : nova Version : 2:18.1.0-6+deb10u1 CVE ID : CVE-2019-14433 Debian Bug : 934114 It was found that authenticated users could trigger a fault in Nova, a cloud computing fabric controller, to cause information leak. In addition, this update includes some fixes for volume live migration, as well as the addition of a /healthcheck URL for monitoring. For Debian 10 buster, this problem has been fixed in version 2:18.1.0-6+deb10u1. We recommend that you upgrade your nova packages. For the detailed security status of nova please refer to its security tracker page at: https://security-tracker.debian.org/tracker/nova Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEcJymx+vmJZxd92Q+nUbEiOQ2gwIFAmMi14oACgkQnUbEiOQ2 gwIFgA/+IurymzQ//A6Du09G67P3G9+dNxALBMouzYUBsMuldTsJOHEwn/vn3AOE vsLDKAm0+PVx3UUvoFdC4xrJ34Byx437xb9nMSVaisC5JU8M/QV20HBtP/Vk89q2 OoTxsYJcVIFQZbnqeJuetcIzXaND0v9r3hsK+bCNYqbLzjLBZU1qMfJt9bJwv5lV wlNqCR0QL/et4pKmoDjK9o097oH9eAVB3ilaI/Rx5P9agK9bgU0A7stZN782y0T9 4T0FEv4BMmBys6Qr+FeCVW+LEzHAUvdTAUmlChkbyX2r1Sa4TIYQgzKEIoWT1UB8 JRwqtx27alN9sVsy5Zt9PANveRNPJi4tVtilS4qQzn86e5LU+FePktwEvgoqYQPa 3cDItH11w6vV67ycx2mplAPih2u6h0BPBbfLG7x8RQTzC7eQVni4bZ1u5BK8evvj UIa1VaEhvZmo/Vbg5DIo/fsTNEXJlskbZ5qbq60PjeUmC4C6whgRI4FCw/ipV1Am 9N8OCM1v15m6/+SFbNgO4vhCFHpIdyJ0I4KrYe8sQMqIEC2Y65fao8HLlNiMBsIO pw4BeZL2gd+UwQyKqikroPStr/2Q2l22+4PFLPQn4Yb7hBkWpL9SSCZ8JuvOMpOc kUhSuWnQKbU9ZMY7A/gayEclPgzODTDkKTvuriOUM+qvLbINdqw= =1Krd -----END PGP SIGNATURE-----
