========================================================================== Ubuntu Security Notice USN-4104-1 August 19, 2019
nova vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 19.04 - Ubuntu 18.04 LTS - Ubuntu 16.04 LTS Summary: Nova could be made to expose sensitive information. Software Description: - nova: OpenStack Compute cloud infrastructure Details: Donny Davis discovered that the Nova Compute service could return configuration or other information in response to a failed API request in some situations. A remote attacker could use this to expose sensitive information. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 19.04: nova-compute 2:19.0.1-0ubuntu2.1 python3-nova 2:19.0.1-0ubuntu2.1 Ubuntu 18.04 LTS: nova-compute 2:17.0.10-0ubuntu2.1 python-nova 2:17.0.10-0ubuntu2.1 Ubuntu 16.04 LTS: nova-compute 2:13.1.4-0ubuntu4.5 python-nova 2:13.1.4-0ubuntu4.5 In general, a standard system update will make all the necessary changes. References: https://usn.ubuntu.com/4104-1 CVE-2019-14433 Package Information: https://launchpad.net/ubuntu/+source/nova/2:19.0.1-0ubuntu2.1 https://launchpad.net/ubuntu/+source/nova/2:17.0.10-0ubuntu2.1 https://launchpad.net/ubuntu/+source/nova/2:13.1.4-0ubuntu4.5
signature.asc
Description: PGP signature
-- ubuntu-security-announce mailing list [email protected] Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce
