Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Thu, 19 Feb 2015 13:25:24 -0500 (EST)
From: cve-assign@...re.org
To: tristan.cacqueray@...vance.com
Cc: cve-assign@...re.org, oss-security@...ts.openwall.com
Subject: Re: CVE request for vulnerability in OpenStack Glance

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

> Title: Glance import task leaks image in backend

>   https://review.openstack.org/#/c/122427/
>   Sep 18, 2014 ... an exception is raised and is not handled ...
>   the uploaded image file stays in a storage and clogs it

Use CVE-2014-9684.


>   https://review.openstack.org/#/c/156553
>   Feb 17, 2015 ... Import task does not update the location
>   of the image ... Image data remains in backend for
>   deleted image

Use CVE-2015-1881.

- -- 
CVE assignment team, MITRE CVE Numbering Authority
M/S M300
202 Burlington Road, Bedford, MA 01730 USA
[ PGP key available through http://cve.mitre.org/cve/request_id.html ]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.14 (SunOS)

iQEcBAEBAgAGBQJU5in4AAoJEKllVAevmvms/QgH/0y9Fj40y8JICaidw34EI1yI
u0tXYxFQAMoVp53K/p4ypgQX7MMAo6AuoaO4eddpZiSl9cQ1cQxKGsnB9a2WDj0C
zfWAjRInS8npK5/r3FGrOujQMB4l1f8s6ZoOL09hzlAT4Lp7U7Cg0WJblpy7Zn9Y
U/acaglORheKVylWuY2NIuS9mHcHq9Ohq85eZXSQ3pc1q5gaW/lI33AEmrKgydj8
+kIT+Uu9PcoWE6NmXBswWQk9phmv3OPFDJLqQI+cch7UD+RP6D0I843b1wcLPt0U
ryTmqy7UtIIw3fH7bdU6/q12176Pci0UjEVhR/WrmZf+CiP6kKJFgw62iPPCGfg=
=+BQe
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ