Author: carnil
Date: 2017-11-26 20:16:30 +0000 (Sun, 26 Nov 2017)
New Revision: 58038
Modified:
data/CVE/list
Log:
Update information for CVE-2017-15114/tripleo-heat-templates
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-11-26 20:15:20 UTC (rev 58037)
+++ data/CVE/list 2017-11-26 20:16:30 UTC (rev 58038)
@@ -5312,10 +5312,13 @@
NOTE:
https://git.kernel.org/linus/df80cd9b28b9ebaa284a41df611dbf3a2d05ca74
(v4.14-rc6)
CVE-2017-15114 [Passwordless access for non-libvirt related services when
using shared certificate authority]
RESERVED
- - tripleo-heat-templates <undetermined>
+ - tripleo-heat-templates <not-affected> (Vulnerability introduced later)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1510015
- NOTE: https://review.openstack.org/#/c/519015/
- TODO: check, possibly not yet having se_tls_for_live_migration
+ NOTE: Bug: https://bugs.launchpad.net/tripleo/+bug/1730370
+ NOTE: TLS libvirt live migration disabled in:
https://review.openstack.org/#/c/519015/
+ NOTE: TLS libvirt live migration introduced in:
https://git.openstack.org/cgit/openstack/tripleo-heat-templates/commit/?id=fa740c5e49994ffdd3a5aa1f43a0305c8e5a0b3a
+ NOTE: Re-enabled libvirt TLS with SASL auth:
+ NOTE: https://bugs.launchpad.net/tripleo/+bug/1732479
CVE-2017-15113
RESERVED
NOT-FOR-US: ovirt-engine
_______________________________________________
Secure-testing-commits mailing list
[email protected]
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
