oss-sec mailing list archives
Re: CVE request for vulnerability in OpenStack Glance
From: cve-assign () mitre org
Date: Thu, 19 Feb 2015 13:25:24 -0500 (EST)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Title: Glance import task leaks image in backend
https://review.openstack.org/#/c/122427/ Sep 18, 2014 ... an exception is raised and is not handled ... the uploaded image file stays in a storage and clogs it
Use CVE-2014-9684.
https://review.openstack.org/#/c/156553 Feb 17, 2015 ... Import task does not update the location of the image ... Image data remains in backend for deleted image
Use CVE-2015-1881. - -- CVE assignment team, MITRE CVE Numbering Authority M/S M300 202 Burlington Road, Bedford, MA 01730 USA [ PGP key available through http://cve.mitre.org/cve/request_id.html ] -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.14 (SunOS) iQEcBAEBAgAGBQJU5in4AAoJEKllVAevmvms/QgH/0y9Fj40y8JICaidw34EI1yI u0tXYxFQAMoVp53K/p4ypgQX7MMAo6AuoaO4eddpZiSl9cQ1cQxKGsnB9a2WDj0C zfWAjRInS8npK5/r3FGrOujQMB4l1f8s6ZoOL09hzlAT4Lp7U7Cg0WJblpy7Zn9Y U/acaglORheKVylWuY2NIuS9mHcHq9Ohq85eZXSQ3pc1q5gaW/lI33AEmrKgydj8 +kIT+Uu9PcoWE6NmXBswWQk9phmv3OPFDJLqQI+cch7UD+RP6D0I843b1wcLPt0U ryTmqy7UtIIw3fH7bdU6/q12176Pci0UjEVhR/WrmZf+CiP6kKJFgw62iPPCGfg= =+BQe -----END PGP SIGNATURE-----
Current thread:
- CVE request for vulnerability in OpenStack Glance Tristan Cacqueray (Jan 12)
- <Possible follow-ups>
- CVE request for vulnerability in OpenStack Glance Tristan Cacqueray (Jan 16)
- Re: CVE request for vulnerability in OpenStack Glance cve-assign (Jan 18)
- CVE request for vulnerability in OpenStack Glance Tristan Cacqueray (Feb 19)
- Re: CVE request for vulnerability in OpenStack Glance cve-assign (Feb 19)
- Re: CVE request for vulnerability in OpenStack Glance Tristan Cacqueray (Feb 19)
- Re: CVE request for vulnerability in OpenStack Glance cve-assign (Feb 19)
- Re: CVE request for vulnerability in OpenStack Glance cve-assign (Feb 19)