Date: Tue, 19 Aug 2014 21:50:58 -0400 (EDT) From: cve-assign@...re.org To: tristan.cacqueray@...vance.com Cc: cve-assign@...re.org, oss-security@...ts.openwall.com Subject: Re: CVE request for vulnerability in OpenStack Glance -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 > Title: Glance store DoS through disk space exhaustion > Versions: up to 2013.2.3 and 2014.1 to 2014.1.2 > > By uploading a large enough image to a Glance store, an authenticated > user may fill the store space because the image_size_cap configuration > option is not honored. > > https://launchpad.net/bugs/1315321 > > This vulnerability seems to be introduced in Grizzly at least, and as > we don't support grizzly anymore we'll mark every versions up to > 2013.2.3 affected. Use CVE-2014-5356. - -- CVE assignment team, MITRE CVE Numbering Authority M/S M300 202 Burlington Road, Bedford, MA 01730 USA [ PGP key available through http://cve.mitre.org/cve/request_id.html ] -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.14 (SunOS) iQEcBAEBAgAGBQJT8/3qAAoJEKllVAevmvmsQ14IAJDCmC7pBQh9cgdWn7s4w7OT eI0hfxyR1WW2nsxeaWYrV/h9OHz8p2QdOibXcIXwGu8gjcFOZcnR1nMm6m3Xf1yf 1Y8/ZTKrN9aYEQrvH3FCiT7NKDDVmrOAeJQS8GSYyiuxOfyIhBGiDhQI5HKTiX15 HVE8Kfuy0kPGqHeNZAiR/Q3Gaedw/2RvPQ76I7I+6/O3SuSxdPuRV1Yz/ma7pshS NZ/NV9MF03RGpUWCsIkFQdy5vLV0rMMFLSav++BMwc2ngn/JdN+8dqvSZAdJum+6 K+F0DNdlAOkApNfGdr0QbKBQIWi51Yby0H1WeanCf6TDnZ7bK+BcyFs3VKH1Wkk= =PD5Z -----END PGP SIGNATURE-----
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.