Re: CVE request for vulnerability in OpenStack Glance

[cve-assign () mitre org]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

> Title: Glance import task leaks image in backend

>   https://review.openstack.org/#/c/122427/
>   Sep 18, 2014 ... an exception is raised and is not handled ...
>   the uploaded image file stays in a storage and clogs it

Use CVE-2014-9684.


>   https://review.openstack.org/#/c/156553
>   Feb 17, 2015 ... Import task does not update the location
>   of the image ... Image data remains in backend for
>   deleted image

Use CVE-2015-1881.

- -- 
CVE assignment team, MITRE CVE Numbering Authority
M/S M300
202 Burlington Road, Bedford, MA 01730 USA
[ PGP key available through http://cve.mitre.org/cve/request_id.html ]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.14 (SunOS)

iQEcBAEBAgAGBQJU5in4AAoJEKllVAevmvms/QgH/0y9Fj40y8JICaidw34EI1yI
u0tXYxFQAMoVp53K/p4ypgQX7MMAo6AuoaO4eddpZiSl9cQ1cQxKGsnB9a2WDj0C
zfWAjRInS8npK5/r3FGrOujQMB4l1f8s6ZoOL09hzlAT4Lp7U7Cg0WJblpy7Zn9Y
U/acaglORheKVylWuY2NIuS9mHcHq9Ohq85eZXSQ3pc1q5gaW/lI33AEmrKgydj8
+kIT+Uu9PcoWE6NmXBswWQk9phmv3OPFDJLqQI+cch7UD+RP6D0I843b1wcLPt0U
ryTmqy7UtIIw3fH7bdU6/q12176Pci0UjEVhR/WrmZf+CiP6kKJFgw62iPPCGfg=
=+BQe
-----END PGP SIGNATURE-----