oss-sec mailing list archives
Re: CVE-2015-1850: OpenStack Cinder/Nova: Format-guessing and file disclosure in image convert
From: Jeremy Stanley <jeremy () openstack org>
Date: Sat, 13 Jun 2015 14:31:45 +0000
[cross-post to openstack-security ML dropped to avoid unwarranted crosstalk on oss-security] On 2015-06-13 13:58:42 +0100 (+0100), Dave Walker wrote:
I see that this is being brought to oss-sec', but seemingly not via the OpenStack Security Group or Vulnerability Management Team.
[...]
You said that this was raised upstream on 2015-01-27, do you have a Launchpad bug number or information on this discourse as to what was the outcome?
Since this is now public, I'm lifting the current embargo. See bug report at https://launchpad.net/bugs/1415087 for additional details. -- Jeremy Stanley
Attachment:
signature.asc
Description: Digital signature
Current thread:
- CVE-2015-1850: OpenStack Cinder/Nova: Format-guessing and file disclosure in image convert Bastian Blank (Jun 13)
- Re: CVE-2015-1850: OpenStack Cinder/Nova: Format-guessing and file disclosure in image convert Dave Walker (Jun 13)
- Re: CVE-2015-1850: OpenStack Cinder/Nova: Format-guessing and file disclosure in image convert Jeremy Stanley (Jun 13)
- Re: CVE-2015-1850: OpenStack Cinder/Nova: Format-guessing and file disclosure in image convert Dave Walker (Jun 13)