Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2017-1000433 (GCVE-0-2017-1000433)
Vulnerability from cvelistv5
Published
2018-01-02 23:00
Modified
2024-08-05 22:00
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
pysaml2 version 4.4.0 and older accept any password when run with python optimizations enabled. This allows attackers to log in as any user without knowing their password.
References
► | URL | Tags | |||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T22:00:41.084Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "[debian-lts-announce] 20180701 [SECURITY] [DLA 1410-1] python-pysaml2 security update", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00000.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://github.com/rohe/pysaml2/issues/451" }, { "name": "GLSA-201801-11", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201801-11" }, { "name": "[debian-lts-announce] 20210226 [SECURITY] [DLA 2577-1] python-pysaml2 security update", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2021/02/msg00038.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "dateAssigned": "2017-12-29T00:00:00", "datePublic": "2017-09-09T00:00:00", "descriptions": [ { "lang": "en", "value": "pysaml2 version 4.4.0 and older accept any password when run with python optimizations enabled. This allows attackers to log in as any user without knowing their password." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2021-02-26T06:06:17", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "[debian-lts-announce] 20180701 [SECURITY] [DLA 1410-1] python-pysaml2 security update", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00000.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://github.com/rohe/pysaml2/issues/451" }, { "name": "GLSA-201801-11", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201801-11" }, { "name": "[debian-lts-announce] 20210226 [SECURITY] [DLA 2577-1] python-pysaml2 security update", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.debian.org/debian-lts-announce/2021/02/msg00038.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "DATE_ASSIGNED": "2017-12-29", "ID": "CVE-2017-1000433", "REQUESTER": "predrag.gruevski@gmail.com", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "pysaml2 version 4.4.0 and older accept any password when run with python optimizations enabled. This allows attackers to log in as any user without knowing their password." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "[debian-lts-announce] 20180701 [SECURITY] [DLA 1410-1] python-pysaml2 security update", "refsource": "MLIST", "url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00000.html" }, { "name": "https://github.com/rohe/pysaml2/issues/451", "refsource": "CONFIRM", "url": "https://github.com/rohe/pysaml2/issues/451" }, { "name": "GLSA-201801-11", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201801-11" }, { "name": "[debian-lts-announce] 20210226 [SECURITY] [DLA 2577-1] python-pysaml2 security update", "refsource": "MLIST", "url": "https://lists.debian.org/debian-lts-announce/2021/02/msg00038.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2017-1000433", "datePublished": "2018-01-02T23:00:00", "dateReserved": "2018-01-02T00:00:00", "dateUpdated": "2024-08-05T22:00:41.084Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1", "vulnerability-lookup:meta": { "nvd": "{\"cve\":{\"id\":\"CVE-2017-1000433\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2018-01-02T23:29:00.337\",\"lastModified\":\"2024-11-21T03:04:44.003\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"pysaml2 version 4.4.0 and older accept any password when run with python optimizations enabled. This allows attackers to log in as any user without knowing their password.\"},{\"lang\":\"es\",\"value\":\"pysaml2, en su versi\u00f3n 4.4.0 y anteriores, acepta cualquier contrase\u00f1a cuando se ejecuta con las optimizaciones de python habilitadas. Esto permite que atacantes inicien sesi\u00f3n como cualquier usuario sin conocer su contrase\u00f1a.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":8.1,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.2,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:P/I:P/A:P\",\"baseScore\":6.8,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.6,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-287\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:pysaml2_project:pysaml2:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"4.4.0\",\"matchCriteriaId\":\"24F2FB4E-4F43-4B09-B01C-1B3FCB88AB2C\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DEECE5FC-CACF-4496-A3E7-164736409252\"}]}]}],\"references\":[{\"url\":\"https://github.com/rohe/pysaml2/issues/451\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2018/07/msg00000.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2021/02/msg00038.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://security.gentoo.org/glsa/201801-11\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/rohe/pysaml2/issues/451\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2018/07/msg00000.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2021/02/msg00038.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://security.gentoo.org/glsa/201801-11\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Third Party Advisory\"]}]}}" } }
pysec-2018-48
Vulnerability from pysec
Published
2018-01-02 23:29
Modified
2021-07-05 00:01
Details
pysaml2 version 4.4.0 and older accept any password when run with python optimizations enabled. This allows attackers to log in as any user without knowing their password.
Impacted products
Name | purl | pysaml2 | pkg:pypi/pysaml2 |
---|
Aliases
{ "affected": [ { "package": { "ecosystem": "PyPI", "name": "pysaml2", "purl": "pkg:pypi/pysaml2" }, "ranges": [ { "events": [ { "introduced": "0" }, { "fixed": "4.5.0" } ], "type": "ECOSYSTEM" } ], "versions": [ "0.4.3", "1.0.1", "1.0.2", "1.0.3", "1.1.0", "2.0.0", "2.1.0", "2.2.0", "2.3.0", "2.4.0", "3.0.0", "3.0.2", "4.0.0", "4.0.1", "4.0.2", "4.0.3", "4.0.4", "4.0.5", "4.0.5rc1", "4.1.0", "4.2.0", "4.3.0", "4.4.0" ] } ], "aliases": [ "CVE-2017-1000433", "GHSA-924m-4pmx-c67h" ], "details": "pysaml2 version 4.4.0 and older accept any password when run with python optimizations enabled. This allows attackers to log in as any user without knowing their password.", "id": "PYSEC-2018-48", "modified": "2021-07-05T00:01:25.224283Z", "published": "2018-01-02T23:29:00Z", "references": [ { "type": "REPORT", "url": "https://github.com/rohe/pysaml2/issues/451" }, { "type": "ADVISORY", "url": "https://security.gentoo.org/glsa/201801-11" }, { "type": "WEB", "url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00000.html" }, { "type": "WEB", "url": "https://lists.debian.org/debian-lts-announce/2021/02/msg00038.html" }, { "type": "ADVISORY", "url": "https://github.com/advisories/GHSA-924m-4pmx-c67h" } ] }
ghsa-924m-4pmx-c67h
Vulnerability from github
Published
2018-07-13 16:01
Modified
2024-10-21 21:09
Severity ?
8.1 (High) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
9.2 (Critical) - CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
9.2 (Critical) - CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
VLAI Severity ?
Summary
pysaml2 Improper Authentication vulnerability
Details
pysaml2 version 4.4.0 and older accept any password when run with python optimizations enabled. This allows attackers to log in as any user without knowing their password.
{ "affected": [ { "package": { "ecosystem": "PyPI", "name": "pysaml2" }, "ranges": [ { "events": [ { "introduced": "0" }, { "fixed": "4.5.0" } ], "type": "ECOSYSTEM" } ] } ], "aliases": [ "CVE-2017-1000433" ], "database_specific": { "cwe_ids": [ "CWE-287" ], "github_reviewed": true, "github_reviewed_at": "2020-06-16T21:27:01Z", "nvd_published_at": "2018-01-02T23:29:00Z", "severity": "CRITICAL" }, "details": "pysaml2 version 4.4.0 and older accept any password when run with python optimizations enabled. This allows attackers to log in as any user without knowing their password.", "id": "GHSA-924m-4pmx-c67h", "modified": "2024-10-21T21:09:04Z", "published": "2018-07-13T16:01:17Z", "references": [ { "type": "ADVISORY", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-1000433" }, { "type": "WEB", "url": "https://github.com/rohe/pysaml2/issues/451" }, { "type": "WEB", "url": "https://github.com/IdentityPython/pysaml2/pull/454" }, { "type": "WEB", "url": "https://github.com/IdentityPython/pysaml2/commit/6312a41e037954850867f29d329e5007df1424a5" }, { "type": "ADVISORY", "url": "https://github.com/advisories/GHSA-924m-4pmx-c67h" }, { "type": "WEB", "url": "https://github.com/pypa/advisory-database/tree/main/vulns/pysaml2/PYSEC-2018-48.yaml" }, { "type": "PACKAGE", "url": "https://github.com/rohe/pysaml2" }, { "type": "WEB", "url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00000.html" }, { "type": "WEB", "url": "https://lists.debian.org/debian-lts-announce/2021/02/msg00038.html" }, { "type": "WEB", "url": "https://security.gentoo.org/glsa/201801-11" } ], "schema_version": "1.4.0", "severity": [ { "score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "type": "CVSS_V3" }, { "score": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N", "type": "CVSS_V4" } ], "summary": "pysaml2 Improper Authentication vulnerability" }
gsd-2017-1000433
Vulnerability from gsd
Modified
2023-12-13 01:21
Details
pysaml2 version 4.4.0 and older accept any password when run with python optimizations enabled. This allows attackers to log in as any user without knowing their password.
Aliases
Aliases
{ "GSD": { "alias": "CVE-2017-1000433", "description": "pysaml2 version 4.4.0 and older accept any password when run with python optimizations enabled. This allows attackers to log in as any user without knowing their password.", "id": "GSD-2017-1000433", "references": [ "https://www.suse.com/security/cve/CVE-2017-1000433.html", "https://ubuntu.com/security/CVE-2017-1000433" ] }, "gsd": { "metadata": { "exploitCode": "unknown", "remediation": "unknown", "reportConfidence": "confirmed", "type": "vulnerability" }, "osvSchema": { "aliases": [ "CVE-2017-1000433" ], "details": "pysaml2 version 4.4.0 and older accept any password when run with python optimizations enabled. This allows attackers to log in as any user without knowing their password.", "id": "GSD-2017-1000433", "modified": "2023-12-13T01:21:02.145891Z", "schema_version": "1.4.0" } }, "namespaces": { "cve.org": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "DATE_ASSIGNED": "2017-12-29", "ID": "CVE-2017-1000433", "REQUESTER": "predrag.gruevski@gmail.com", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "pysaml2 version 4.4.0 and older accept any password when run with python optimizations enabled. This allows attackers to log in as any user without knowing their password." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "[debian-lts-announce] 20180701 [SECURITY] [DLA 1410-1] python-pysaml2 security update", "refsource": "MLIST", "url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00000.html" }, { "name": "https://github.com/rohe/pysaml2/issues/451", "refsource": "CONFIRM", "url": "https://github.com/rohe/pysaml2/issues/451" }, { "name": "GLSA-201801-11", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201801-11" }, { "name": "[debian-lts-announce] 20210226 [SECURITY] [DLA 2577-1] python-pysaml2 security update", "refsource": "MLIST", "url": "https://lists.debian.org/debian-lts-announce/2021/02/msg00038.html" } ] } }, "gitlab.com": { "advisories": [ { "affected_range": "\u003c=4.4.0", "affected_versions": "All versions up to 4.4.0", "cvss_v2": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "cvss_v3": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "cwe_ids": [ "CWE-1035", "CWE-287", "CWE-937" ], "date": "2019-10-03", "description": "pysaml2 accept any password when run with python optimizations enabled. This allows attackers to log in as any user without knowing their password.", "fixed_versions": [ "4.5.0" ], "identifier": "CVE-2017-1000433", "identifiers": [ "CVE-2017-1000433" ], "not_impacted": "All versions after 4.4.0", "package_slug": "pypi/pysaml2", "pubdate": "2018-01-02", "solution": "Upgrade to version 4.5.0 or above.", "title": "Improper Authentication", "urls": [ "https://nvd.nist.gov/vuln/detail/CVE-2017-1000433", "https://github.com/rohe/pysaml2/issues/451", "https://security.gentoo.org/glsa/201801-11" ], "uuid": "f8d0fb5d-536c-4143-a443-882f6371e5ef" } ] }, "nvd.nist.gov": { "configurations": { "CVE_data_version": "4.0", "nodes": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:pysaml2_project:pysaml2:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "4.4.0", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" } ] }, "cve": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2017-1000433" }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "en", "value": "pysaml2 version 4.4.0 and older accept any password when run with python optimizations enabled. This allows attackers to log in as any user without knowing their password." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "en", "value": "CWE-287" } ] } ] }, "references": { "reference_data": [ { "name": "https://github.com/rohe/pysaml2/issues/451", "refsource": "CONFIRM", "tags": [ "Patch", "Third Party Advisory", "VDB Entry" ], "url": "https://github.com/rohe/pysaml2/issues/451" }, { "name": "GLSA-201801-11", "refsource": "GENTOO", "tags": [ "Issue Tracking", "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201801-11" }, { "name": "[debian-lts-announce] 20180701 [SECURITY] [DLA 1410-1] python-pysaml2 security update", "refsource": "MLIST", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00000.html" }, { "name": "[debian-lts-announce] 20210226 [SECURITY] [DLA 2577-1] python-pysaml2 security update", "refsource": "MLIST", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "https://lists.debian.org/debian-lts-announce/2021/02/msg00038.html" } ] } }, "impact": { "baseMetricV2": { "acInsufInfo": false, "cvssV2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": false }, "baseMetricV3": { "cvssV3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.2, "impactScore": 5.9 } }, "lastModifiedDate": "2021-03-04T21:16Z", "publishedDate": "2018-01-02T23:29Z" } } }
suse-su-2019:1450-1
Vulnerability from csaf_suse
Published
2019-06-07 11:00
Modified
2019-06-07 11:00
Summary
Security update for Cloud7 packages
Notes
Title of the patch
Security update for Cloud7 packages
Description of the patch
This update provides fixes for the following packages issues:
caasp-openstack-heat-templates:
- Update to version 1.0+git.1553079189.3bf8922:
* SCRD-2813 Add support for CPI parameters
- Update to version 1.0+git.1547562889.43707e7:
* Switch LB protocol from HTTP to HTTPS
crowbar:
- Update to version 4.0+git.1551088848.823bcaa3:
* install-chef-suse: filter comments from authorized_keys file
crowbar-core:
- Update to version 4.0+git.1556285635.ab602dd4d:
* network: run wicked ifdown for interface cleanup (bsc#1063535)
- Update to version 4.0+git.1554931881.d98412e0e:
* Fix cloud-mkcloud9-job-backup-restore (SCRD-7126)
- Update to version 4.0+git.1552239940.5bc9aaac4:
* crowbar: Do not rely on Chef::Util::FileEdit to write the file (bsc#1127752)
- Update to version 4.0+git.1550493400.9787ea9ad:
* upgrade: Delay status switch after upgrade ends
- Update to version 4.0+git.1549474445.d9a35cf52:
* fix hound warning
* Support RAID 0
- Packaged default upgrade timeouts file
- Update to version 4.0+git.1549136953.afcde921f:
* apache2: enable sslsessioncache
- Update to version 4.0+git.1548859099.0edbbfdc2:
* upgrade: Add default upgrade timeouts file
crowbar-ha:
- Update to version 4.0+git.1556181005.47c643d:
* pacemaker: wait more for founder if SBD is configured (SCRD-8462)
* pacemaker: don't check cluster members on founder (SCRD-8462)
- Update to version 4.0+git.1554215159.8a42a71:
* improve galera HA setup (bsc#1122875)
crowbar-openstack:
- Update to version 4.0+git.1554887450.ff7c30c1c:
* neutron: Added option to use L3 HA with Keepalived
- Update to version 4.0+git.1554843756.5622551da:
* ironic: Fix regression in helper
- Update to version 4.0+git.1554814630.ec3c89f25:
* ceilometer: Install package which contains cron file (bsc#1130414)
- Update to version 4.0+git.1551459192.89433e13b:
* rabbit: fix mirroring regex
- Update to version 4.0+git.1550582615.f6b433ec7:
* ceilometer: Use pacemaker to handle expirer cron link (bsc#1113107)
- Update to version 4.0+git.1550262335.9667fa580:
* mysql: Do not set a custom logfile for mysqld (bsc#1112767)
* mysql: create .my.cnf in root home directory for mysql cmdline
- Update to version 4.0+git.1549986893.df836d6cc:
* mariadb: Remove installing the xtrabackup package
* ssl: Fix ACL setup in ssl_setup provider (bsc#1123709)
galera-python-clustercheck:
- readtimeout.patch: Add socket read timeout (bsc#1122053)
openstack-ceilometer:
- Install openstack-ceilometer-expirer.cron into /usr/share/ceilometer
This is needed in a clustered environment where multiple
ceilometer-collector services are installed on different nodes
(and due to that multiple expirer cron jobs installed). That
can lead to deadlocks when the cron jobs run in parallel on
the different nodes (bsc#1113107)
openstack-heat-gbp:
- switch to newton branch
python-PyKMIP:
- Fix a denial-of-service bug by setting the server socket timeout (bsc#1120767 CVE-2018-1000872)
python-pysaml2:
- Fix for the authentication bypass due to optimizations (CVE-2017-1000433, bsc#1074662)
rubygem-crowbar-client:
- Update to 3.9.0
- Add support for the restricted APIs
- Add --raw to 'proposal show' and 'proposal edit'
- Correctly parse error messages that we don't handle natively
- Better upgrade repocheck output
- Update to 3.7.0
- upgrade: Use cloud_version config for upgrade
- ses: Add ses upload subcommand
- Add cloud_version config field.
- Wrap os-release file parsing for better reuse.
- upgrade: Fix repocheck component in error message
- upgrade: Better repocheck output
- updated to version 3.6.1
* Hide the database step when it is not used (bsc#1118004)
* Fix help strings
* Describe how to upgrade more nodes with one command
Patchnames
SUSE-2019-1450,SUSE-OpenStack-Cloud-7-2019-1450,SUSE-Storage-4-2019-1450
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ "document": { "aggregate_severity": { "namespace": "https://www.suse.com/support/security/rating/", "text": "moderate" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright 2024 SUSE LLC. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "Security update for Cloud7 packages", "title": "Title of the patch" }, { "category": "description", "text": "This update provides fixes for the following packages issues:\n\ncaasp-openstack-heat-templates:\n\n- Update to version 1.0+git.1553079189.3bf8922:\n * SCRD-2813 Add support for CPI parameters\n- Update to version 1.0+git.1547562889.43707e7:\n * Switch LB protocol from HTTP to HTTPS\n\ncrowbar:\n\n- Update to version 4.0+git.1551088848.823bcaa3:\n * install-chef-suse: filter comments from authorized_keys file\n\ncrowbar-core:\n\n- Update to version 4.0+git.1556285635.ab602dd4d:\n * network: run wicked ifdown for interface cleanup (bsc#1063535)\n- Update to version 4.0+git.1554931881.d98412e0e:\n * Fix cloud-mkcloud9-job-backup-restore (SCRD-7126)\n- Update to version 4.0+git.1552239940.5bc9aaac4:\n * crowbar: Do not rely on Chef::Util::FileEdit to write the file (bsc#1127752)\n- Update to version 4.0+git.1550493400.9787ea9ad:\n * upgrade: Delay status switch after upgrade ends\n- Update to version 4.0+git.1549474445.d9a35cf52:\n * fix hound warning\n * Support RAID 0\n- Packaged default upgrade timeouts file \n- Update to version 4.0+git.1549136953.afcde921f:\n * apache2: enable sslsessioncache\n- Update to version 4.0+git.1548859099.0edbbfdc2:\n * upgrade: Add default upgrade timeouts file\n\ncrowbar-ha:\n\n- Update to version 4.0+git.1556181005.47c643d:\n * pacemaker: wait more for founder if SBD is configured (SCRD-8462)\n * pacemaker: don\u0027t check cluster members on founder (SCRD-8462)\n- Update to version 4.0+git.1554215159.8a42a71:\n * improve galera HA setup (bsc#1122875)\n\ncrowbar-openstack:\n\n- Update to version 4.0+git.1554887450.ff7c30c1c:\n * neutron: Added option to use L3 HA with Keepalived\n- Update to version 4.0+git.1554843756.5622551da:\n * ironic: Fix regression in helper\n- Update to version 4.0+git.1554814630.ec3c89f25:\n * ceilometer: Install package which contains cron file (bsc#1130414)\n- Update to version 4.0+git.1551459192.89433e13b:\n * rabbit: fix mirroring regex\n- Update to version 4.0+git.1550582615.f6b433ec7:\n * ceilometer: Use pacemaker to handle expirer cron link (bsc#1113107)\n- Update to version 4.0+git.1550262335.9667fa580:\n * mysql: Do not set a custom logfile for mysqld (bsc#1112767)\n * mysql: create .my.cnf in root home directory for mysql cmdline\n- Update to version 4.0+git.1549986893.df836d6cc:\n * mariadb: Remove installing the xtrabackup package\n * ssl: Fix ACL setup in ssl_setup provider (bsc#1123709)\n \ngalera-python-clustercheck:\n\n- readtimeout.patch: Add socket read timeout (bsc#1122053)\n\nopenstack-ceilometer:\n\n- Install openstack-ceilometer-expirer.cron into /usr/share/ceilometer\n This is needed in a clustered environment where multiple\n ceilometer-collector services are installed on different nodes\n (and due to that multiple expirer cron jobs installed). That\n can lead to deadlocks when the cron jobs run in parallel on\n the different nodes (bsc#1113107)\n\nopenstack-heat-gbp:\n\n- switch to newton branch\n\npython-PyKMIP:\n\n- Fix a denial-of-service bug by setting the server socket timeout (bsc#1120767 CVE-2018-1000872) \n\npython-pysaml2:\n\n- Fix for the authentication bypass due to optimizations (CVE-2017-1000433, bsc#1074662)\n\nrubygem-crowbar-client:\n\n- Update to 3.9.0\n - Add support for the restricted APIs\n - Add --raw to \u0027proposal show\u0027 and \u0027proposal edit\u0027\n - Correctly parse error messages that we don\u0027t handle natively\n - Better upgrade repocheck output\n- Update to 3.7.0\n - upgrade: Use cloud_version config for upgrade\n - ses: Add ses upload subcommand\n - Add cloud_version config field.\n - Wrap os-release file parsing for better reuse.\n - upgrade: Fix repocheck component in error message\n - upgrade: Better repocheck output\n- updated to version 3.6.1\n * Hide the database step when it is not used (bsc#1118004)\n * Fix help strings\n * Describe how to upgrade more nodes with one command\n", "title": "Description of the patch" }, { "category": "details", "text": "SUSE-2019-1450,SUSE-OpenStack-Cloud-7-2019-1450,SUSE-Storage-4-2019-1450", "title": "Patchnames" }, { "category": "legal_disclaimer", "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", "title": "Terms of use" } ], "publisher": { "category": "vendor", "contact_details": "https://www.suse.com/support/security/contact/", "name": "SUSE Product Security Team", "namespace": "https://www.suse.com/" }, "references": [ { "category": "external", "summary": "SUSE ratings", "url": "https://www.suse.com/support/security/rating/" }, { "category": "self", "summary": "URL of this CSAF notice", "url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2019_1450-1.json" }, { "category": "self", "summary": "URL for SUSE-SU-2019:1450-1", "url": "https://www.suse.com/support/update/announcement/2019/suse-su-20191450-1/" }, { "category": "self", "summary": "E-Mail link for SUSE-SU-2019:1450-1", "url": "https://lists.suse.com/pipermail/sle-security-updates/2019-June/005539.html" }, { "category": "self", "summary": "SUSE Bug 1063535", "url": "https://bugzilla.suse.com/1063535" }, { "category": "self", "summary": "SUSE Bug 1074662", "url": "https://bugzilla.suse.com/1074662" }, { "category": "self", "summary": "SUSE Bug 1112767", "url": "https://bugzilla.suse.com/1112767" }, { "category": "self", "summary": "SUSE Bug 1113107", "url": "https://bugzilla.suse.com/1113107" }, { "category": "self", "summary": "SUSE Bug 1118004", "url": "https://bugzilla.suse.com/1118004" }, { "category": "self", "summary": "SUSE Bug 1120767", "url": "https://bugzilla.suse.com/1120767" }, { "category": "self", "summary": "SUSE Bug 1122053", "url": "https://bugzilla.suse.com/1122053" }, { "category": "self", "summary": "SUSE Bug 1122875", "url": "https://bugzilla.suse.com/1122875" }, { "category": "self", "summary": "SUSE Bug 1123709", "url": "https://bugzilla.suse.com/1123709" }, { "category": "self", "summary": "SUSE Bug 1127558", "url": "https://bugzilla.suse.com/1127558" }, { "category": "self", "summary": "SUSE Bug 1127752", "url": "https://bugzilla.suse.com/1127752" }, { "category": "self", "summary": "SUSE Bug 1128954", "url": "https://bugzilla.suse.com/1128954" }, { "category": "self", "summary": "SUSE Bug 1128987", "url": "https://bugzilla.suse.com/1128987" }, { "category": "self", "summary": "SUSE Bug 1130414", "url": "https://bugzilla.suse.com/1130414" }, { "category": "self", "summary": "SUSE Bug 1131053", "url": "https://bugzilla.suse.com/1131053" }, { "category": "self", "summary": "SUSE CVE CVE-2017-1000433 page", "url": "https://www.suse.com/security/cve/CVE-2017-1000433/" }, { "category": "self", "summary": "SUSE CVE CVE-2018-1000872 page", "url": "https://www.suse.com/security/cve/CVE-2018-1000872/" }, { "category": "self", "summary": "SUSE Bug SCRD-2813", "url": "https://bugzilla.suse.com/SCRD-2813" }, { "category": "self", "summary": "SUSE Bug SCRD-7126", "url": "https://bugzilla.suse.com/SCRD-7126" }, { "category": "self", "summary": "SUSE Bug SCRD-8462", "url": "https://bugzilla.suse.com/SCRD-8462" } ], "title": "Security update for Cloud7 packages", "tracking": { "current_release_date": "2019-06-07T11:00:52Z", "generator": { "date": "2019-06-07T11:00:52Z", "engine": { "name": "cve-database.git:bin/generate-csaf.pl", "version": "1" } }, "id": "SUSE-SU-2019:1450-1", "initial_release_date": "2019-06-07T11:00:52Z", "revision_history": [ { "date": "2019-06-07T11:00:52Z", "number": "1", "summary": "Current version" } ], "status": "final", "version": "1" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_version", "name": "crowbar-core-4.0+git.1556285635.ab602dd4d-9.46.3.aarch64", "product": { "name": "crowbar-core-4.0+git.1556285635.ab602dd4d-9.46.3.aarch64", "product_id": "crowbar-core-4.0+git.1556285635.ab602dd4d-9.46.3.aarch64" } }, { "category": "product_version", "name": "crowbar-core-branding-upstream-4.0+git.1556285635.ab602dd4d-9.46.3.aarch64", "product": { "name": "crowbar-core-branding-upstream-4.0+git.1556285635.ab602dd4d-9.46.3.aarch64", "product_id": "crowbar-core-branding-upstream-4.0+git.1556285635.ab602dd4d-9.46.3.aarch64" } }, { "category": "product_version", "name": "crowbar-core-devel-4.0+git.1556285635.ab602dd4d-9.46.3.aarch64", "product": { "name": "crowbar-core-devel-4.0+git.1556285635.ab602dd4d-9.46.3.aarch64", "product_id": "crowbar-core-devel-4.0+git.1556285635.ab602dd4d-9.46.3.aarch64" } }, { "category": "product_version", "name": "ruby2.1-rubygem-crowbar-client-3.9.0-7.14.2.aarch64", "product": { "name": "ruby2.1-rubygem-crowbar-client-3.9.0-7.14.2.aarch64", "product_id": "ruby2.1-rubygem-crowbar-client-3.9.0-7.14.2.aarch64" } }, { "category": "product_version", "name": "ruby2.1-rubygem-crowbar-client-doc-3.9.0-7.14.2.aarch64", "product": { "name": "ruby2.1-rubygem-crowbar-client-doc-3.9.0-7.14.2.aarch64", "product_id": "ruby2.1-rubygem-crowbar-client-doc-3.9.0-7.14.2.aarch64" } }, { "category": "product_version", "name": "ruby2.1-rubygem-crowbar-client-testsuite-3.9.0-7.14.2.aarch64", "product": { "name": "ruby2.1-rubygem-crowbar-client-testsuite-3.9.0-7.14.2.aarch64", "product_id": "ruby2.1-rubygem-crowbar-client-testsuite-3.9.0-7.14.2.aarch64" } } ], "category": "architecture", "name": "aarch64" }, { "branches": [ { "category": "product_version", "name": "caasp-openstack-heat-templates-1.0+git.1553079189.3bf8922-1.6.2.noarch", "product": { "name": "caasp-openstack-heat-templates-1.0+git.1553079189.3bf8922-1.6.2.noarch", "product_id": "caasp-openstack-heat-templates-1.0+git.1553079189.3bf8922-1.6.2.noarch" } }, { "category": "product_version", "name": "crowbar-4.0+git.1551088848.823bcaa3-7.29.2.noarch", "product": { "name": "crowbar-4.0+git.1551088848.823bcaa3-7.29.2.noarch", "product_id": "crowbar-4.0+git.1551088848.823bcaa3-7.29.2.noarch" } }, { "category": "product_version", "name": "crowbar-devel-4.0+git.1551088848.823bcaa3-7.29.2.noarch", "product": { "name": "crowbar-devel-4.0+git.1551088848.823bcaa3-7.29.2.noarch", "product_id": "crowbar-devel-4.0+git.1551088848.823bcaa3-7.29.2.noarch" } }, { "category": "product_version", "name": "crowbar-ha-4.0+git.1556181005.47c643d-4.46.3.noarch", "product": { "name": "crowbar-ha-4.0+git.1556181005.47c643d-4.46.3.noarch", "product_id": "crowbar-ha-4.0+git.1556181005.47c643d-4.46.3.noarch" } }, { "category": "product_version", "name": "crowbar-openstack-4.0+git.1554887450.ff7c30c1c-9.51.3.noarch", "product": { "name": "crowbar-openstack-4.0+git.1554887450.ff7c30c1c-9.51.3.noarch", "product_id": "crowbar-openstack-4.0+git.1554887450.ff7c30c1c-9.51.3.noarch" } }, { "category": "product_version", "name": "galera-python-clustercheck-0.0+git.1506329536.8f5878c-1.6.2.noarch", "product": { "name": "galera-python-clustercheck-0.0+git.1506329536.8f5878c-1.6.2.noarch", "product_id": "galera-python-clustercheck-0.0+git.1506329536.8f5878c-1.6.2.noarch" } }, { "category": "product_version", "name": "openstack-ceilometer-7.1.1~dev4-4.15.3.noarch", "product": { "name": "openstack-ceilometer-7.1.1~dev4-4.15.3.noarch", "product_id": "openstack-ceilometer-7.1.1~dev4-4.15.3.noarch" } }, { "category": "product_version", "name": "openstack-ceilometer-agent-central-7.1.1~dev4-4.15.3.noarch", "product": { "name": "openstack-ceilometer-agent-central-7.1.1~dev4-4.15.3.noarch", "product_id": "openstack-ceilometer-agent-central-7.1.1~dev4-4.15.3.noarch" } }, { "category": "product_version", "name": "openstack-ceilometer-agent-compute-7.1.1~dev4-4.15.3.noarch", "product": { "name": "openstack-ceilometer-agent-compute-7.1.1~dev4-4.15.3.noarch", "product_id": "openstack-ceilometer-agent-compute-7.1.1~dev4-4.15.3.noarch" } }, { "category": "product_version", "name": "openstack-ceilometer-agent-ipmi-7.1.1~dev4-4.15.3.noarch", "product": { "name": "openstack-ceilometer-agent-ipmi-7.1.1~dev4-4.15.3.noarch", "product_id": "openstack-ceilometer-agent-ipmi-7.1.1~dev4-4.15.3.noarch" } }, { "category": "product_version", "name": "openstack-ceilometer-agent-notification-7.1.1~dev4-4.15.3.noarch", "product": { "name": "openstack-ceilometer-agent-notification-7.1.1~dev4-4.15.3.noarch", "product_id": "openstack-ceilometer-agent-notification-7.1.1~dev4-4.15.3.noarch" } }, { "category": "product_version", "name": "openstack-ceilometer-api-7.1.1~dev4-4.15.3.noarch", "product": { "name": "openstack-ceilometer-api-7.1.1~dev4-4.15.3.noarch", "product_id": "openstack-ceilometer-api-7.1.1~dev4-4.15.3.noarch" } }, { "category": "product_version", "name": "openstack-ceilometer-collector-7.1.1~dev4-4.15.3.noarch", "product": { "name": "openstack-ceilometer-collector-7.1.1~dev4-4.15.3.noarch", "product_id": "openstack-ceilometer-collector-7.1.1~dev4-4.15.3.noarch" } }, { "category": "product_version", "name": "openstack-ceilometer-doc-7.1.1~dev4-4.15.3.noarch", "product": { "name": "openstack-ceilometer-doc-7.1.1~dev4-4.15.3.noarch", "product_id": "openstack-ceilometer-doc-7.1.1~dev4-4.15.3.noarch" } }, { "category": "product_version", "name": "openstack-ceilometer-polling-7.1.1~dev4-4.15.3.noarch", "product": { "name": "openstack-ceilometer-polling-7.1.1~dev4-4.15.3.noarch", "product_id": "openstack-ceilometer-polling-7.1.1~dev4-4.15.3.noarch" } }, { "category": "product_version", "name": "openstack-ceilometer-test-7.1.1~dev4-4.15.3.noarch", "product": { "name": "openstack-ceilometer-test-7.1.1~dev4-4.15.3.noarch", "product_id": "openstack-ceilometer-test-7.1.1~dev4-4.15.3.noarch" } }, { "category": "product_version", "name": "openstack-heat-gbp-5.1.1~dev1-2.6.3.noarch", "product": { "name": "openstack-heat-gbp-5.1.1~dev1-2.6.3.noarch", "product_id": "openstack-heat-gbp-5.1.1~dev1-2.6.3.noarch" } }, { "category": "product_version", "name": "openstack-heat-gbp-test-5.1.1~dev1-2.6.3.noarch", "product": { "name": "openstack-heat-gbp-test-5.1.1~dev1-2.6.3.noarch", "product_id": "openstack-heat-gbp-test-5.1.1~dev1-2.6.3.noarch" } }, { "category": "product_version", "name": "python-PyKMIP-0.5.0-3.3.3.noarch", "product": { "name": "python-PyKMIP-0.5.0-3.3.3.noarch", "product_id": "python-PyKMIP-0.5.0-3.3.3.noarch" } }, { "category": "product_version", "name": "python-ceilometer-7.1.1~dev4-4.15.3.noarch", "product": { "name": "python-ceilometer-7.1.1~dev4-4.15.3.noarch", "product_id": "python-ceilometer-7.1.1~dev4-4.15.3.noarch" } }, { "category": "product_version", "name": "python-heat-gbp-5.1.1~dev1-2.6.3.noarch", "product": { "name": "python-heat-gbp-5.1.1~dev1-2.6.3.noarch", "product_id": "python-heat-gbp-5.1.1~dev1-2.6.3.noarch" } }, { "category": "product_version", "name": "python-pysaml2-4.0.2-3.6.3.noarch", "product": { "name": "python-pysaml2-4.0.2-3.6.3.noarch", "product_id": "python-pysaml2-4.0.2-3.6.3.noarch" } } ], "category": "architecture", "name": "noarch" }, { "branches": [ { "category": "product_version", "name": "crowbar-core-4.0+git.1556285635.ab602dd4d-9.46.3.ppc64le", "product": { "name": "crowbar-core-4.0+git.1556285635.ab602dd4d-9.46.3.ppc64le", "product_id": "crowbar-core-4.0+git.1556285635.ab602dd4d-9.46.3.ppc64le" } }, { "category": "product_version", "name": "crowbar-core-branding-upstream-4.0+git.1556285635.ab602dd4d-9.46.3.ppc64le", "product": { "name": "crowbar-core-branding-upstream-4.0+git.1556285635.ab602dd4d-9.46.3.ppc64le", "product_id": "crowbar-core-branding-upstream-4.0+git.1556285635.ab602dd4d-9.46.3.ppc64le" } }, { "category": "product_version", "name": "crowbar-core-devel-4.0+git.1556285635.ab602dd4d-9.46.3.ppc64le", "product": { "name": "crowbar-core-devel-4.0+git.1556285635.ab602dd4d-9.46.3.ppc64le", "product_id": "crowbar-core-devel-4.0+git.1556285635.ab602dd4d-9.46.3.ppc64le" } }, { "category": "product_version", "name": "ruby2.1-rubygem-crowbar-client-3.9.0-7.14.2.ppc64le", "product": { "name": "ruby2.1-rubygem-crowbar-client-3.9.0-7.14.2.ppc64le", "product_id": "ruby2.1-rubygem-crowbar-client-3.9.0-7.14.2.ppc64le" } }, { "category": "product_version", "name": "ruby2.1-rubygem-crowbar-client-doc-3.9.0-7.14.2.ppc64le", "product": { "name": "ruby2.1-rubygem-crowbar-client-doc-3.9.0-7.14.2.ppc64le", "product_id": "ruby2.1-rubygem-crowbar-client-doc-3.9.0-7.14.2.ppc64le" } }, { "category": "product_version", "name": "ruby2.1-rubygem-crowbar-client-testsuite-3.9.0-7.14.2.ppc64le", "product": { "name": "ruby2.1-rubygem-crowbar-client-testsuite-3.9.0-7.14.2.ppc64le", "product_id": "ruby2.1-rubygem-crowbar-client-testsuite-3.9.0-7.14.2.ppc64le" } } ], "category": "architecture", "name": "ppc64le" }, { "branches": [ { "category": "product_version", "name": "crowbar-core-4.0+git.1556285635.ab602dd4d-9.46.3.s390x", "product": { "name": "crowbar-core-4.0+git.1556285635.ab602dd4d-9.46.3.s390x", "product_id": "crowbar-core-4.0+git.1556285635.ab602dd4d-9.46.3.s390x" } }, { "category": "product_version", "name": "crowbar-core-branding-upstream-4.0+git.1556285635.ab602dd4d-9.46.3.s390x", "product": { "name": "crowbar-core-branding-upstream-4.0+git.1556285635.ab602dd4d-9.46.3.s390x", "product_id": "crowbar-core-branding-upstream-4.0+git.1556285635.ab602dd4d-9.46.3.s390x" } }, { "category": "product_version", "name": "crowbar-core-devel-4.0+git.1556285635.ab602dd4d-9.46.3.s390x", "product": { "name": "crowbar-core-devel-4.0+git.1556285635.ab602dd4d-9.46.3.s390x", "product_id": "crowbar-core-devel-4.0+git.1556285635.ab602dd4d-9.46.3.s390x" } }, { "category": "product_version", "name": "ruby2.1-rubygem-crowbar-client-3.9.0-7.14.2.s390x", "product": { "name": "ruby2.1-rubygem-crowbar-client-3.9.0-7.14.2.s390x", "product_id": "ruby2.1-rubygem-crowbar-client-3.9.0-7.14.2.s390x" } }, { "category": "product_version", "name": "ruby2.1-rubygem-crowbar-client-doc-3.9.0-7.14.2.s390x", "product": { "name": "ruby2.1-rubygem-crowbar-client-doc-3.9.0-7.14.2.s390x", "product_id": "ruby2.1-rubygem-crowbar-client-doc-3.9.0-7.14.2.s390x" } }, { "category": "product_version", "name": "ruby2.1-rubygem-crowbar-client-testsuite-3.9.0-7.14.2.s390x", "product": { "name": "ruby2.1-rubygem-crowbar-client-testsuite-3.9.0-7.14.2.s390x", "product_id": "ruby2.1-rubygem-crowbar-client-testsuite-3.9.0-7.14.2.s390x" } } ], "category": "architecture", "name": "s390x" }, { "branches": [ { "category": "product_version", "name": "crowbar-core-4.0+git.1556285635.ab602dd4d-9.46.3.x86_64", "product": { "name": "crowbar-core-4.0+git.1556285635.ab602dd4d-9.46.3.x86_64", "product_id": "crowbar-core-4.0+git.1556285635.ab602dd4d-9.46.3.x86_64" } }, { "category": "product_version", "name": "crowbar-core-branding-upstream-4.0+git.1556285635.ab602dd4d-9.46.3.x86_64", "product": { "name": "crowbar-core-branding-upstream-4.0+git.1556285635.ab602dd4d-9.46.3.x86_64", "product_id": "crowbar-core-branding-upstream-4.0+git.1556285635.ab602dd4d-9.46.3.x86_64" } }, { "category": "product_version", "name": "crowbar-core-devel-4.0+git.1556285635.ab602dd4d-9.46.3.x86_64", "product": { "name": "crowbar-core-devel-4.0+git.1556285635.ab602dd4d-9.46.3.x86_64", "product_id": "crowbar-core-devel-4.0+git.1556285635.ab602dd4d-9.46.3.x86_64" } }, { "category": "product_version", "name": "ruby2.1-rubygem-crowbar-client-3.9.0-7.14.2.x86_64", "product": { "name": "ruby2.1-rubygem-crowbar-client-3.9.0-7.14.2.x86_64", "product_id": "ruby2.1-rubygem-crowbar-client-3.9.0-7.14.2.x86_64" } }, { "category": "product_version", "name": "ruby2.1-rubygem-crowbar-client-doc-3.9.0-7.14.2.x86_64", "product": { "name": "ruby2.1-rubygem-crowbar-client-doc-3.9.0-7.14.2.x86_64", "product_id": "ruby2.1-rubygem-crowbar-client-doc-3.9.0-7.14.2.x86_64" } }, { "category": "product_version", "name": "ruby2.1-rubygem-crowbar-client-testsuite-3.9.0-7.14.2.x86_64", "product": { "name": "ruby2.1-rubygem-crowbar-client-testsuite-3.9.0-7.14.2.x86_64", "product_id": "ruby2.1-rubygem-crowbar-client-testsuite-3.9.0-7.14.2.x86_64" } } ], "category": "architecture", "name": "x86_64" }, { "branches": [ { "category": "product_name", "name": "SUSE OpenStack Cloud 7", "product": { "name": "SUSE OpenStack Cloud 7", "product_id": "SUSE OpenStack Cloud 7", "product_identification_helper": { "cpe": "cpe:/o:suse:suse-openstack-cloud:7" } } }, { "category": "product_name", "name": "SUSE Enterprise Storage 4", "product": { "name": "SUSE Enterprise Storage 4", "product_id": "SUSE Enterprise Storage 4", "product_identification_helper": { "cpe": "cpe:/o:suse:ses:4" } } } ], "category": "product_family", "name": "SUSE Linux Enterprise" } ], "category": "vendor", "name": "SUSE" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "caasp-openstack-heat-templates-1.0+git.1553079189.3bf8922-1.6.2.noarch as component of SUSE OpenStack Cloud 7", "product_id": "SUSE OpenStack Cloud 7:caasp-openstack-heat-templates-1.0+git.1553079189.3bf8922-1.6.2.noarch" }, "product_reference": "caasp-openstack-heat-templates-1.0+git.1553079189.3bf8922-1.6.2.noarch", "relates_to_product_reference": "SUSE OpenStack Cloud 7" }, { "category": "default_component_of", "full_product_name": { "name": "crowbar-4.0+git.1551088848.823bcaa3-7.29.2.noarch as component of SUSE OpenStack Cloud 7", "product_id": "SUSE OpenStack Cloud 7:crowbar-4.0+git.1551088848.823bcaa3-7.29.2.noarch" }, "product_reference": "crowbar-4.0+git.1551088848.823bcaa3-7.29.2.noarch", "relates_to_product_reference": "SUSE OpenStack Cloud 7" }, { "category": "default_component_of", "full_product_name": { "name": "crowbar-core-4.0+git.1556285635.ab602dd4d-9.46.3.aarch64 as component of SUSE OpenStack Cloud 7", "product_id": "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1556285635.ab602dd4d-9.46.3.aarch64" }, "product_reference": "crowbar-core-4.0+git.1556285635.ab602dd4d-9.46.3.aarch64", "relates_to_product_reference": "SUSE OpenStack Cloud 7" }, { "category": "default_component_of", "full_product_name": { "name": "crowbar-core-4.0+git.1556285635.ab602dd4d-9.46.3.s390x as component of SUSE OpenStack Cloud 7", "product_id": "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1556285635.ab602dd4d-9.46.3.s390x" }, "product_reference": "crowbar-core-4.0+git.1556285635.ab602dd4d-9.46.3.s390x", "relates_to_product_reference": "SUSE OpenStack Cloud 7" }, { "category": "default_component_of", "full_product_name": { "name": "crowbar-core-4.0+git.1556285635.ab602dd4d-9.46.3.x86_64 as component of SUSE OpenStack Cloud 7", "product_id": "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1556285635.ab602dd4d-9.46.3.x86_64" }, "product_reference": "crowbar-core-4.0+git.1556285635.ab602dd4d-9.46.3.x86_64", "relates_to_product_reference": "SUSE OpenStack Cloud 7" }, { "category": "default_component_of", "full_product_name": { "name": "crowbar-core-branding-upstream-4.0+git.1556285635.ab602dd4d-9.46.3.aarch64 as component of SUSE OpenStack Cloud 7", "product_id": "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1556285635.ab602dd4d-9.46.3.aarch64" }, "product_reference": "crowbar-core-branding-upstream-4.0+git.1556285635.ab602dd4d-9.46.3.aarch64", "relates_to_product_reference": "SUSE OpenStack Cloud 7" }, { "category": "default_component_of", "full_product_name": { "name": "crowbar-core-branding-upstream-4.0+git.1556285635.ab602dd4d-9.46.3.s390x as component of SUSE OpenStack Cloud 7", "product_id": "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1556285635.ab602dd4d-9.46.3.s390x" }, "product_reference": "crowbar-core-branding-upstream-4.0+git.1556285635.ab602dd4d-9.46.3.s390x", "relates_to_product_reference": "SUSE OpenStack Cloud 7" }, { "category": "default_component_of", "full_product_name": { "name": "crowbar-core-branding-upstream-4.0+git.1556285635.ab602dd4d-9.46.3.x86_64 as component of SUSE OpenStack Cloud 7", "product_id": "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1556285635.ab602dd4d-9.46.3.x86_64" }, "product_reference": "crowbar-core-branding-upstream-4.0+git.1556285635.ab602dd4d-9.46.3.x86_64", "relates_to_product_reference": "SUSE OpenStack Cloud 7" }, { "category": "default_component_of", "full_product_name": { "name": "crowbar-devel-4.0+git.1551088848.823bcaa3-7.29.2.noarch as component of SUSE OpenStack Cloud 7", "product_id": "SUSE OpenStack Cloud 7:crowbar-devel-4.0+git.1551088848.823bcaa3-7.29.2.noarch" }, "product_reference": "crowbar-devel-4.0+git.1551088848.823bcaa3-7.29.2.noarch", "relates_to_product_reference": "SUSE OpenStack Cloud 7" }, { "category": "default_component_of", "full_product_name": { "name": "crowbar-ha-4.0+git.1556181005.47c643d-4.46.3.noarch as component of SUSE OpenStack Cloud 7", "product_id": "SUSE OpenStack Cloud 7:crowbar-ha-4.0+git.1556181005.47c643d-4.46.3.noarch" }, "product_reference": "crowbar-ha-4.0+git.1556181005.47c643d-4.46.3.noarch", "relates_to_product_reference": "SUSE OpenStack Cloud 7" }, { "category": "default_component_of", "full_product_name": { "name": "crowbar-openstack-4.0+git.1554887450.ff7c30c1c-9.51.3.noarch as component of SUSE OpenStack Cloud 7", "product_id": "SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1554887450.ff7c30c1c-9.51.3.noarch" }, "product_reference": "crowbar-openstack-4.0+git.1554887450.ff7c30c1c-9.51.3.noarch", "relates_to_product_reference": "SUSE OpenStack Cloud 7" }, { "category": "default_component_of", "full_product_name": { "name": "galera-python-clustercheck-0.0+git.1506329536.8f5878c-1.6.2.noarch as component of SUSE OpenStack Cloud 7", "product_id": "SUSE OpenStack Cloud 7:galera-python-clustercheck-0.0+git.1506329536.8f5878c-1.6.2.noarch" }, "product_reference": "galera-python-clustercheck-0.0+git.1506329536.8f5878c-1.6.2.noarch", "relates_to_product_reference": "SUSE OpenStack Cloud 7" }, { "category": "default_component_of", "full_product_name": { "name": "openstack-ceilometer-7.1.1~dev4-4.15.3.noarch as component of SUSE OpenStack Cloud 7", "product_id": "SUSE OpenStack Cloud 7:openstack-ceilometer-7.1.1~dev4-4.15.3.noarch" }, "product_reference": "openstack-ceilometer-7.1.1~dev4-4.15.3.noarch", "relates_to_product_reference": "SUSE OpenStack Cloud 7" }, { "category": "default_component_of", "full_product_name": { "name": "openstack-ceilometer-agent-central-7.1.1~dev4-4.15.3.noarch as component of SUSE OpenStack Cloud 7", "product_id": "SUSE OpenStack Cloud 7:openstack-ceilometer-agent-central-7.1.1~dev4-4.15.3.noarch" }, "product_reference": "openstack-ceilometer-agent-central-7.1.1~dev4-4.15.3.noarch", "relates_to_product_reference": "SUSE OpenStack Cloud 7" }, { "category": "default_component_of", "full_product_name": { "name": "openstack-ceilometer-agent-compute-7.1.1~dev4-4.15.3.noarch as component of SUSE OpenStack Cloud 7", "product_id": "SUSE OpenStack Cloud 7:openstack-ceilometer-agent-compute-7.1.1~dev4-4.15.3.noarch" }, "product_reference": "openstack-ceilometer-agent-compute-7.1.1~dev4-4.15.3.noarch", "relates_to_product_reference": "SUSE OpenStack Cloud 7" }, { "category": "default_component_of", "full_product_name": { "name": "openstack-ceilometer-agent-ipmi-7.1.1~dev4-4.15.3.noarch as component of SUSE OpenStack Cloud 7", "product_id": "SUSE OpenStack Cloud 7:openstack-ceilometer-agent-ipmi-7.1.1~dev4-4.15.3.noarch" }, "product_reference": "openstack-ceilometer-agent-ipmi-7.1.1~dev4-4.15.3.noarch", "relates_to_product_reference": "SUSE OpenStack Cloud 7" }, { "category": "default_component_of", "full_product_name": { "name": "openstack-ceilometer-agent-notification-7.1.1~dev4-4.15.3.noarch as component of SUSE OpenStack Cloud 7", "product_id": "SUSE OpenStack Cloud 7:openstack-ceilometer-agent-notification-7.1.1~dev4-4.15.3.noarch" }, "product_reference": "openstack-ceilometer-agent-notification-7.1.1~dev4-4.15.3.noarch", "relates_to_product_reference": "SUSE OpenStack Cloud 7" }, { "category": "default_component_of", "full_product_name": { "name": "openstack-ceilometer-api-7.1.1~dev4-4.15.3.noarch as component of SUSE OpenStack Cloud 7", "product_id": "SUSE OpenStack Cloud 7:openstack-ceilometer-api-7.1.1~dev4-4.15.3.noarch" }, "product_reference": "openstack-ceilometer-api-7.1.1~dev4-4.15.3.noarch", "relates_to_product_reference": "SUSE OpenStack Cloud 7" }, { "category": "default_component_of", "full_product_name": { "name": "openstack-ceilometer-collector-7.1.1~dev4-4.15.3.noarch as component of SUSE OpenStack Cloud 7", "product_id": "SUSE OpenStack Cloud 7:openstack-ceilometer-collector-7.1.1~dev4-4.15.3.noarch" }, "product_reference": "openstack-ceilometer-collector-7.1.1~dev4-4.15.3.noarch", "relates_to_product_reference": "SUSE OpenStack Cloud 7" }, { "category": "default_component_of", "full_product_name": { "name": "openstack-ceilometer-doc-7.1.1~dev4-4.15.3.noarch as component of SUSE OpenStack Cloud 7", "product_id": "SUSE OpenStack Cloud 7:openstack-ceilometer-doc-7.1.1~dev4-4.15.3.noarch" }, "product_reference": "openstack-ceilometer-doc-7.1.1~dev4-4.15.3.noarch", "relates_to_product_reference": "SUSE OpenStack Cloud 7" }, { "category": "default_component_of", "full_product_name": { "name": "openstack-ceilometer-polling-7.1.1~dev4-4.15.3.noarch as component of SUSE OpenStack Cloud 7", "product_id": "SUSE OpenStack Cloud 7:openstack-ceilometer-polling-7.1.1~dev4-4.15.3.noarch" }, "product_reference": "openstack-ceilometer-polling-7.1.1~dev4-4.15.3.noarch", "relates_to_product_reference": "SUSE OpenStack Cloud 7" }, { "category": "default_component_of", "full_product_name": { "name": "openstack-heat-gbp-5.1.1~dev1-2.6.3.noarch as component of SUSE OpenStack Cloud 7", "product_id": "SUSE OpenStack Cloud 7:openstack-heat-gbp-5.1.1~dev1-2.6.3.noarch" }, "product_reference": "openstack-heat-gbp-5.1.1~dev1-2.6.3.noarch", "relates_to_product_reference": "SUSE OpenStack Cloud 7" }, { "category": "default_component_of", "full_product_name": { "name": "python-PyKMIP-0.5.0-3.3.3.noarch as component of SUSE OpenStack Cloud 7", "product_id": "SUSE OpenStack Cloud 7:python-PyKMIP-0.5.0-3.3.3.noarch" }, "product_reference": "python-PyKMIP-0.5.0-3.3.3.noarch", "relates_to_product_reference": "SUSE OpenStack Cloud 7" }, { "category": "default_component_of", "full_product_name": { "name": "python-ceilometer-7.1.1~dev4-4.15.3.noarch as component of SUSE OpenStack Cloud 7", "product_id": "SUSE OpenStack Cloud 7:python-ceilometer-7.1.1~dev4-4.15.3.noarch" }, "product_reference": "python-ceilometer-7.1.1~dev4-4.15.3.noarch", "relates_to_product_reference": "SUSE OpenStack Cloud 7" }, { "category": "default_component_of", "full_product_name": { "name": "python-heat-gbp-5.1.1~dev1-2.6.3.noarch as component of SUSE OpenStack Cloud 7", "product_id": "SUSE OpenStack Cloud 7:python-heat-gbp-5.1.1~dev1-2.6.3.noarch" }, "product_reference": "python-heat-gbp-5.1.1~dev1-2.6.3.noarch", "relates_to_product_reference": "SUSE OpenStack Cloud 7" }, { "category": "default_component_of", "full_product_name": { "name": "python-pysaml2-4.0.2-3.6.3.noarch as component of SUSE OpenStack Cloud 7", "product_id": "SUSE OpenStack Cloud 7:python-pysaml2-4.0.2-3.6.3.noarch" }, "product_reference": "python-pysaml2-4.0.2-3.6.3.noarch", "relates_to_product_reference": "SUSE OpenStack Cloud 7" }, { "category": "default_component_of", "full_product_name": { "name": "ruby2.1-rubygem-crowbar-client-3.9.0-7.14.2.aarch64 as component of SUSE OpenStack Cloud 7", "product_id": "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.0-7.14.2.aarch64" }, "product_reference": "ruby2.1-rubygem-crowbar-client-3.9.0-7.14.2.aarch64", "relates_to_product_reference": "SUSE OpenStack Cloud 7" }, { "category": "default_component_of", "full_product_name": { "name": "ruby2.1-rubygem-crowbar-client-3.9.0-7.14.2.s390x as component of SUSE OpenStack Cloud 7", "product_id": "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.0-7.14.2.s390x" }, "product_reference": "ruby2.1-rubygem-crowbar-client-3.9.0-7.14.2.s390x", "relates_to_product_reference": "SUSE OpenStack Cloud 7" }, { "category": "default_component_of", "full_product_name": { "name": "ruby2.1-rubygem-crowbar-client-3.9.0-7.14.2.x86_64 as component of SUSE OpenStack Cloud 7", "product_id": "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.0-7.14.2.x86_64" }, "product_reference": "ruby2.1-rubygem-crowbar-client-3.9.0-7.14.2.x86_64", "relates_to_product_reference": "SUSE OpenStack Cloud 7" }, { "category": "default_component_of", "full_product_name": { "name": "crowbar-4.0+git.1551088848.823bcaa3-7.29.2.noarch as component of SUSE Enterprise Storage 4", "product_id": "SUSE Enterprise Storage 4:crowbar-4.0+git.1551088848.823bcaa3-7.29.2.noarch" }, "product_reference": "crowbar-4.0+git.1551088848.823bcaa3-7.29.2.noarch", "relates_to_product_reference": "SUSE Enterprise Storage 4" }, { "category": "default_component_of", "full_product_name": { "name": "crowbar-core-4.0+git.1556285635.ab602dd4d-9.46.3.aarch64 as component of SUSE Enterprise Storage 4", "product_id": "SUSE Enterprise Storage 4:crowbar-core-4.0+git.1556285635.ab602dd4d-9.46.3.aarch64" }, "product_reference": "crowbar-core-4.0+git.1556285635.ab602dd4d-9.46.3.aarch64", "relates_to_product_reference": "SUSE Enterprise Storage 4" }, { "category": "default_component_of", "full_product_name": { "name": "crowbar-core-4.0+git.1556285635.ab602dd4d-9.46.3.x86_64 as component of SUSE Enterprise Storage 4", "product_id": "SUSE Enterprise Storage 4:crowbar-core-4.0+git.1556285635.ab602dd4d-9.46.3.x86_64" }, "product_reference": "crowbar-core-4.0+git.1556285635.ab602dd4d-9.46.3.x86_64", "relates_to_product_reference": "SUSE Enterprise Storage 4" }, { "category": "default_component_of", "full_product_name": { "name": "ruby2.1-rubygem-crowbar-client-3.9.0-7.14.2.aarch64 as component of SUSE Enterprise Storage 4", "product_id": "SUSE Enterprise Storage 4:ruby2.1-rubygem-crowbar-client-3.9.0-7.14.2.aarch64" }, "product_reference": "ruby2.1-rubygem-crowbar-client-3.9.0-7.14.2.aarch64", "relates_to_product_reference": "SUSE Enterprise Storage 4" }, { "category": "default_component_of", "full_product_name": { "name": "ruby2.1-rubygem-crowbar-client-3.9.0-7.14.2.x86_64 as component of SUSE Enterprise Storage 4", "product_id": "SUSE Enterprise Storage 4:ruby2.1-rubygem-crowbar-client-3.9.0-7.14.2.x86_64" }, "product_reference": "ruby2.1-rubygem-crowbar-client-3.9.0-7.14.2.x86_64", "relates_to_product_reference": "SUSE Enterprise Storage 4" } ] }, "vulnerabilities": [ { "cve": "CVE-2017-1000433", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2017-1000433" } ], "notes": [ { "category": "general", "text": "pysaml2 version 4.4.0 and older accept any password when run with python optimizations enabled. This allows attackers to log in as any user without knowing their password.", "title": "CVE description" } ], "product_status": { "recommended": [ "SUSE Enterprise Storage 4:crowbar-4.0+git.1551088848.823bcaa3-7.29.2.noarch", "SUSE Enterprise Storage 4:crowbar-core-4.0+git.1556285635.ab602dd4d-9.46.3.aarch64", "SUSE Enterprise Storage 4:crowbar-core-4.0+git.1556285635.ab602dd4d-9.46.3.x86_64", "SUSE Enterprise Storage 4:ruby2.1-rubygem-crowbar-client-3.9.0-7.14.2.aarch64", "SUSE Enterprise Storage 4:ruby2.1-rubygem-crowbar-client-3.9.0-7.14.2.x86_64", "SUSE OpenStack Cloud 7:caasp-openstack-heat-templates-1.0+git.1553079189.3bf8922-1.6.2.noarch", "SUSE OpenStack Cloud 7:crowbar-4.0+git.1551088848.823bcaa3-7.29.2.noarch", "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1556285635.ab602dd4d-9.46.3.aarch64", "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1556285635.ab602dd4d-9.46.3.s390x", "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1556285635.ab602dd4d-9.46.3.x86_64", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1556285635.ab602dd4d-9.46.3.aarch64", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1556285635.ab602dd4d-9.46.3.s390x", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1556285635.ab602dd4d-9.46.3.x86_64", "SUSE OpenStack Cloud 7:crowbar-devel-4.0+git.1551088848.823bcaa3-7.29.2.noarch", "SUSE OpenStack Cloud 7:crowbar-ha-4.0+git.1556181005.47c643d-4.46.3.noarch", "SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1554887450.ff7c30c1c-9.51.3.noarch", "SUSE OpenStack Cloud 7:galera-python-clustercheck-0.0+git.1506329536.8f5878c-1.6.2.noarch", "SUSE OpenStack Cloud 7:openstack-ceilometer-7.1.1~dev4-4.15.3.noarch", "SUSE OpenStack Cloud 7:openstack-ceilometer-agent-central-7.1.1~dev4-4.15.3.noarch", "SUSE OpenStack Cloud 7:openstack-ceilometer-agent-compute-7.1.1~dev4-4.15.3.noarch", "SUSE OpenStack Cloud 7:openstack-ceilometer-agent-ipmi-7.1.1~dev4-4.15.3.noarch", "SUSE OpenStack Cloud 7:openstack-ceilometer-agent-notification-7.1.1~dev4-4.15.3.noarch", "SUSE OpenStack Cloud 7:openstack-ceilometer-api-7.1.1~dev4-4.15.3.noarch", "SUSE OpenStack Cloud 7:openstack-ceilometer-collector-7.1.1~dev4-4.15.3.noarch", "SUSE OpenStack Cloud 7:openstack-ceilometer-doc-7.1.1~dev4-4.15.3.noarch", "SUSE OpenStack Cloud 7:openstack-ceilometer-polling-7.1.1~dev4-4.15.3.noarch", "SUSE OpenStack Cloud 7:openstack-heat-gbp-5.1.1~dev1-2.6.3.noarch", "SUSE OpenStack Cloud 7:python-PyKMIP-0.5.0-3.3.3.noarch", "SUSE OpenStack Cloud 7:python-ceilometer-7.1.1~dev4-4.15.3.noarch", "SUSE OpenStack Cloud 7:python-heat-gbp-5.1.1~dev1-2.6.3.noarch", "SUSE OpenStack Cloud 7:python-pysaml2-4.0.2-3.6.3.noarch", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.0-7.14.2.aarch64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.0-7.14.2.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.0-7.14.2.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2017-1000433", "url": "https://www.suse.com/security/cve/CVE-2017-1000433" }, { "category": "external", "summary": "SUSE Bug 1074662 for CVE-2017-1000433", "url": "https://bugzilla.suse.com/1074662" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "SUSE Enterprise Storage 4:crowbar-4.0+git.1551088848.823bcaa3-7.29.2.noarch", "SUSE Enterprise Storage 4:crowbar-core-4.0+git.1556285635.ab602dd4d-9.46.3.aarch64", "SUSE Enterprise Storage 4:crowbar-core-4.0+git.1556285635.ab602dd4d-9.46.3.x86_64", "SUSE Enterprise Storage 4:ruby2.1-rubygem-crowbar-client-3.9.0-7.14.2.aarch64", "SUSE Enterprise Storage 4:ruby2.1-rubygem-crowbar-client-3.9.0-7.14.2.x86_64", "SUSE OpenStack Cloud 7:caasp-openstack-heat-templates-1.0+git.1553079189.3bf8922-1.6.2.noarch", "SUSE OpenStack Cloud 7:crowbar-4.0+git.1551088848.823bcaa3-7.29.2.noarch", "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1556285635.ab602dd4d-9.46.3.aarch64", "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1556285635.ab602dd4d-9.46.3.s390x", "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1556285635.ab602dd4d-9.46.3.x86_64", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1556285635.ab602dd4d-9.46.3.aarch64", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1556285635.ab602dd4d-9.46.3.s390x", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1556285635.ab602dd4d-9.46.3.x86_64", "SUSE OpenStack Cloud 7:crowbar-devel-4.0+git.1551088848.823bcaa3-7.29.2.noarch", "SUSE OpenStack Cloud 7:crowbar-ha-4.0+git.1556181005.47c643d-4.46.3.noarch", "SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1554887450.ff7c30c1c-9.51.3.noarch", "SUSE OpenStack Cloud 7:galera-python-clustercheck-0.0+git.1506329536.8f5878c-1.6.2.noarch", "SUSE OpenStack Cloud 7:openstack-ceilometer-7.1.1~dev4-4.15.3.noarch", "SUSE OpenStack Cloud 7:openstack-ceilometer-agent-central-7.1.1~dev4-4.15.3.noarch", "SUSE OpenStack Cloud 7:openstack-ceilometer-agent-compute-7.1.1~dev4-4.15.3.noarch", "SUSE OpenStack Cloud 7:openstack-ceilometer-agent-ipmi-7.1.1~dev4-4.15.3.noarch", "SUSE OpenStack Cloud 7:openstack-ceilometer-agent-notification-7.1.1~dev4-4.15.3.noarch", "SUSE OpenStack Cloud 7:openstack-ceilometer-api-7.1.1~dev4-4.15.3.noarch", "SUSE OpenStack Cloud 7:openstack-ceilometer-collector-7.1.1~dev4-4.15.3.noarch", "SUSE OpenStack Cloud 7:openstack-ceilometer-doc-7.1.1~dev4-4.15.3.noarch", "SUSE OpenStack Cloud 7:openstack-ceilometer-polling-7.1.1~dev4-4.15.3.noarch", "SUSE OpenStack Cloud 7:openstack-heat-gbp-5.1.1~dev1-2.6.3.noarch", "SUSE OpenStack Cloud 7:python-PyKMIP-0.5.0-3.3.3.noarch", "SUSE OpenStack Cloud 7:python-ceilometer-7.1.1~dev4-4.15.3.noarch", "SUSE OpenStack Cloud 7:python-heat-gbp-5.1.1~dev1-2.6.3.noarch", "SUSE OpenStack Cloud 7:python-pysaml2-4.0.2-3.6.3.noarch", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.0-7.14.2.aarch64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.0-7.14.2.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.0-7.14.2.x86_64" ] } ], "scores": [ { "cvss_v3": { "baseScore": 8.1, "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "SUSE Enterprise Storage 4:crowbar-4.0+git.1551088848.823bcaa3-7.29.2.noarch", "SUSE Enterprise Storage 4:crowbar-core-4.0+git.1556285635.ab602dd4d-9.46.3.aarch64", "SUSE Enterprise Storage 4:crowbar-core-4.0+git.1556285635.ab602dd4d-9.46.3.x86_64", "SUSE Enterprise Storage 4:ruby2.1-rubygem-crowbar-client-3.9.0-7.14.2.aarch64", "SUSE Enterprise Storage 4:ruby2.1-rubygem-crowbar-client-3.9.0-7.14.2.x86_64", "SUSE OpenStack Cloud 7:caasp-openstack-heat-templates-1.0+git.1553079189.3bf8922-1.6.2.noarch", "SUSE OpenStack Cloud 7:crowbar-4.0+git.1551088848.823bcaa3-7.29.2.noarch", "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1556285635.ab602dd4d-9.46.3.aarch64", "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1556285635.ab602dd4d-9.46.3.s390x", "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1556285635.ab602dd4d-9.46.3.x86_64", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1556285635.ab602dd4d-9.46.3.aarch64", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1556285635.ab602dd4d-9.46.3.s390x", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1556285635.ab602dd4d-9.46.3.x86_64", "SUSE OpenStack Cloud 7:crowbar-devel-4.0+git.1551088848.823bcaa3-7.29.2.noarch", "SUSE OpenStack Cloud 7:crowbar-ha-4.0+git.1556181005.47c643d-4.46.3.noarch", "SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1554887450.ff7c30c1c-9.51.3.noarch", "SUSE OpenStack Cloud 7:galera-python-clustercheck-0.0+git.1506329536.8f5878c-1.6.2.noarch", "SUSE OpenStack Cloud 7:openstack-ceilometer-7.1.1~dev4-4.15.3.noarch", "SUSE OpenStack Cloud 7:openstack-ceilometer-agent-central-7.1.1~dev4-4.15.3.noarch", "SUSE OpenStack Cloud 7:openstack-ceilometer-agent-compute-7.1.1~dev4-4.15.3.noarch", "SUSE OpenStack Cloud 7:openstack-ceilometer-agent-ipmi-7.1.1~dev4-4.15.3.noarch", "SUSE OpenStack Cloud 7:openstack-ceilometer-agent-notification-7.1.1~dev4-4.15.3.noarch", "SUSE OpenStack Cloud 7:openstack-ceilometer-api-7.1.1~dev4-4.15.3.noarch", "SUSE OpenStack Cloud 7:openstack-ceilometer-collector-7.1.1~dev4-4.15.3.noarch", "SUSE OpenStack Cloud 7:openstack-ceilometer-doc-7.1.1~dev4-4.15.3.noarch", "SUSE OpenStack Cloud 7:openstack-ceilometer-polling-7.1.1~dev4-4.15.3.noarch", "SUSE OpenStack Cloud 7:openstack-heat-gbp-5.1.1~dev1-2.6.3.noarch", "SUSE OpenStack Cloud 7:python-PyKMIP-0.5.0-3.3.3.noarch", "SUSE OpenStack Cloud 7:python-ceilometer-7.1.1~dev4-4.15.3.noarch", "SUSE OpenStack Cloud 7:python-heat-gbp-5.1.1~dev1-2.6.3.noarch", "SUSE OpenStack Cloud 7:python-pysaml2-4.0.2-3.6.3.noarch", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.0-7.14.2.aarch64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.0-7.14.2.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.0-7.14.2.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2019-06-07T11:00:52Z", "details": "important" } ], "title": "CVE-2017-1000433" }, { "cve": "CVE-2018-1000872", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2018-1000872" } ], "notes": [ { "category": "general", "text": "OpenKMIP PyKMIP version All versions before 0.8.0 contains a CWE 399: Resource Management Errors (similar issue to CVE-2015-5262) vulnerability in PyKMIP server that can result in DOS: the server can be made unavailable by one or more clients opening all of the available sockets. This attack appear to be exploitable via A client or clients open sockets with the server and then never close them. This vulnerability appears to have been fixed in 0.8.0.", "title": "CVE description" } ], "product_status": { "recommended": [ "SUSE Enterprise Storage 4:crowbar-4.0+git.1551088848.823bcaa3-7.29.2.noarch", "SUSE Enterprise Storage 4:crowbar-core-4.0+git.1556285635.ab602dd4d-9.46.3.aarch64", "SUSE Enterprise Storage 4:crowbar-core-4.0+git.1556285635.ab602dd4d-9.46.3.x86_64", "SUSE Enterprise Storage 4:ruby2.1-rubygem-crowbar-client-3.9.0-7.14.2.aarch64", "SUSE Enterprise Storage 4:ruby2.1-rubygem-crowbar-client-3.9.0-7.14.2.x86_64", "SUSE OpenStack Cloud 7:caasp-openstack-heat-templates-1.0+git.1553079189.3bf8922-1.6.2.noarch", "SUSE OpenStack Cloud 7:crowbar-4.0+git.1551088848.823bcaa3-7.29.2.noarch", "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1556285635.ab602dd4d-9.46.3.aarch64", "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1556285635.ab602dd4d-9.46.3.s390x", "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1556285635.ab602dd4d-9.46.3.x86_64", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1556285635.ab602dd4d-9.46.3.aarch64", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1556285635.ab602dd4d-9.46.3.s390x", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1556285635.ab602dd4d-9.46.3.x86_64", "SUSE OpenStack Cloud 7:crowbar-devel-4.0+git.1551088848.823bcaa3-7.29.2.noarch", "SUSE OpenStack Cloud 7:crowbar-ha-4.0+git.1556181005.47c643d-4.46.3.noarch", "SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1554887450.ff7c30c1c-9.51.3.noarch", "SUSE OpenStack Cloud 7:galera-python-clustercheck-0.0+git.1506329536.8f5878c-1.6.2.noarch", "SUSE OpenStack Cloud 7:openstack-ceilometer-7.1.1~dev4-4.15.3.noarch", "SUSE OpenStack Cloud 7:openstack-ceilometer-agent-central-7.1.1~dev4-4.15.3.noarch", "SUSE OpenStack Cloud 7:openstack-ceilometer-agent-compute-7.1.1~dev4-4.15.3.noarch", "SUSE OpenStack Cloud 7:openstack-ceilometer-agent-ipmi-7.1.1~dev4-4.15.3.noarch", "SUSE OpenStack Cloud 7:openstack-ceilometer-agent-notification-7.1.1~dev4-4.15.3.noarch", "SUSE OpenStack Cloud 7:openstack-ceilometer-api-7.1.1~dev4-4.15.3.noarch", "SUSE OpenStack Cloud 7:openstack-ceilometer-collector-7.1.1~dev4-4.15.3.noarch", "SUSE OpenStack Cloud 7:openstack-ceilometer-doc-7.1.1~dev4-4.15.3.noarch", "SUSE OpenStack Cloud 7:openstack-ceilometer-polling-7.1.1~dev4-4.15.3.noarch", "SUSE OpenStack Cloud 7:openstack-heat-gbp-5.1.1~dev1-2.6.3.noarch", "SUSE OpenStack Cloud 7:python-PyKMIP-0.5.0-3.3.3.noarch", "SUSE OpenStack Cloud 7:python-ceilometer-7.1.1~dev4-4.15.3.noarch", "SUSE OpenStack Cloud 7:python-heat-gbp-5.1.1~dev1-2.6.3.noarch", "SUSE OpenStack Cloud 7:python-pysaml2-4.0.2-3.6.3.noarch", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.0-7.14.2.aarch64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.0-7.14.2.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.0-7.14.2.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2018-1000872", "url": "https://www.suse.com/security/cve/CVE-2018-1000872" }, { "category": "external", "summary": "SUSE Bug 1120767 for CVE-2018-1000872", "url": "https://bugzilla.suse.com/1120767" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "SUSE Enterprise Storage 4:crowbar-4.0+git.1551088848.823bcaa3-7.29.2.noarch", "SUSE Enterprise Storage 4:crowbar-core-4.0+git.1556285635.ab602dd4d-9.46.3.aarch64", "SUSE Enterprise Storage 4:crowbar-core-4.0+git.1556285635.ab602dd4d-9.46.3.x86_64", "SUSE Enterprise Storage 4:ruby2.1-rubygem-crowbar-client-3.9.0-7.14.2.aarch64", "SUSE Enterprise Storage 4:ruby2.1-rubygem-crowbar-client-3.9.0-7.14.2.x86_64", "SUSE OpenStack Cloud 7:caasp-openstack-heat-templates-1.0+git.1553079189.3bf8922-1.6.2.noarch", "SUSE OpenStack Cloud 7:crowbar-4.0+git.1551088848.823bcaa3-7.29.2.noarch", "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1556285635.ab602dd4d-9.46.3.aarch64", "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1556285635.ab602dd4d-9.46.3.s390x", "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1556285635.ab602dd4d-9.46.3.x86_64", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1556285635.ab602dd4d-9.46.3.aarch64", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1556285635.ab602dd4d-9.46.3.s390x", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1556285635.ab602dd4d-9.46.3.x86_64", "SUSE OpenStack Cloud 7:crowbar-devel-4.0+git.1551088848.823bcaa3-7.29.2.noarch", "SUSE OpenStack Cloud 7:crowbar-ha-4.0+git.1556181005.47c643d-4.46.3.noarch", "SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1554887450.ff7c30c1c-9.51.3.noarch", "SUSE OpenStack Cloud 7:galera-python-clustercheck-0.0+git.1506329536.8f5878c-1.6.2.noarch", "SUSE OpenStack Cloud 7:openstack-ceilometer-7.1.1~dev4-4.15.3.noarch", "SUSE OpenStack Cloud 7:openstack-ceilometer-agent-central-7.1.1~dev4-4.15.3.noarch", "SUSE OpenStack Cloud 7:openstack-ceilometer-agent-compute-7.1.1~dev4-4.15.3.noarch", "SUSE OpenStack Cloud 7:openstack-ceilometer-agent-ipmi-7.1.1~dev4-4.15.3.noarch", "SUSE OpenStack Cloud 7:openstack-ceilometer-agent-notification-7.1.1~dev4-4.15.3.noarch", "SUSE OpenStack Cloud 7:openstack-ceilometer-api-7.1.1~dev4-4.15.3.noarch", "SUSE OpenStack Cloud 7:openstack-ceilometer-collector-7.1.1~dev4-4.15.3.noarch", "SUSE OpenStack Cloud 7:openstack-ceilometer-doc-7.1.1~dev4-4.15.3.noarch", "SUSE OpenStack Cloud 7:openstack-ceilometer-polling-7.1.1~dev4-4.15.3.noarch", "SUSE OpenStack Cloud 7:openstack-heat-gbp-5.1.1~dev1-2.6.3.noarch", "SUSE OpenStack Cloud 7:python-PyKMIP-0.5.0-3.3.3.noarch", "SUSE OpenStack Cloud 7:python-ceilometer-7.1.1~dev4-4.15.3.noarch", "SUSE OpenStack Cloud 7:python-heat-gbp-5.1.1~dev1-2.6.3.noarch", "SUSE OpenStack Cloud 7:python-pysaml2-4.0.2-3.6.3.noarch", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.0-7.14.2.aarch64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.0-7.14.2.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.0-7.14.2.x86_64" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0" }, "products": [ "SUSE Enterprise Storage 4:crowbar-4.0+git.1551088848.823bcaa3-7.29.2.noarch", "SUSE Enterprise Storage 4:crowbar-core-4.0+git.1556285635.ab602dd4d-9.46.3.aarch64", "SUSE Enterprise Storage 4:crowbar-core-4.0+git.1556285635.ab602dd4d-9.46.3.x86_64", "SUSE Enterprise Storage 4:ruby2.1-rubygem-crowbar-client-3.9.0-7.14.2.aarch64", "SUSE Enterprise Storage 4:ruby2.1-rubygem-crowbar-client-3.9.0-7.14.2.x86_64", "SUSE OpenStack Cloud 7:caasp-openstack-heat-templates-1.0+git.1553079189.3bf8922-1.6.2.noarch", "SUSE OpenStack Cloud 7:crowbar-4.0+git.1551088848.823bcaa3-7.29.2.noarch", "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1556285635.ab602dd4d-9.46.3.aarch64", "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1556285635.ab602dd4d-9.46.3.s390x", "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1556285635.ab602dd4d-9.46.3.x86_64", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1556285635.ab602dd4d-9.46.3.aarch64", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1556285635.ab602dd4d-9.46.3.s390x", "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1556285635.ab602dd4d-9.46.3.x86_64", "SUSE OpenStack Cloud 7:crowbar-devel-4.0+git.1551088848.823bcaa3-7.29.2.noarch", "SUSE OpenStack Cloud 7:crowbar-ha-4.0+git.1556181005.47c643d-4.46.3.noarch", "SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1554887450.ff7c30c1c-9.51.3.noarch", "SUSE OpenStack Cloud 7:galera-python-clustercheck-0.0+git.1506329536.8f5878c-1.6.2.noarch", "SUSE OpenStack Cloud 7:openstack-ceilometer-7.1.1~dev4-4.15.3.noarch", "SUSE OpenStack Cloud 7:openstack-ceilometer-agent-central-7.1.1~dev4-4.15.3.noarch", "SUSE OpenStack Cloud 7:openstack-ceilometer-agent-compute-7.1.1~dev4-4.15.3.noarch", "SUSE OpenStack Cloud 7:openstack-ceilometer-agent-ipmi-7.1.1~dev4-4.15.3.noarch", "SUSE OpenStack Cloud 7:openstack-ceilometer-agent-notification-7.1.1~dev4-4.15.3.noarch", "SUSE OpenStack Cloud 7:openstack-ceilometer-api-7.1.1~dev4-4.15.3.noarch", "SUSE OpenStack Cloud 7:openstack-ceilometer-collector-7.1.1~dev4-4.15.3.noarch", "SUSE OpenStack Cloud 7:openstack-ceilometer-doc-7.1.1~dev4-4.15.3.noarch", "SUSE OpenStack Cloud 7:openstack-ceilometer-polling-7.1.1~dev4-4.15.3.noarch", "SUSE OpenStack Cloud 7:openstack-heat-gbp-5.1.1~dev1-2.6.3.noarch", "SUSE OpenStack Cloud 7:python-PyKMIP-0.5.0-3.3.3.noarch", "SUSE OpenStack Cloud 7:python-ceilometer-7.1.1~dev4-4.15.3.noarch", "SUSE OpenStack Cloud 7:python-heat-gbp-5.1.1~dev1-2.6.3.noarch", "SUSE OpenStack Cloud 7:python-pysaml2-4.0.2-3.6.3.noarch", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.0-7.14.2.aarch64", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.0-7.14.2.s390x", "SUSE OpenStack Cloud 7:ruby2.1-rubygem-crowbar-client-3.9.0-7.14.2.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2019-06-07T11:00:52Z", "details": "moderate" } ], "title": "CVE-2018-1000872" } ] }
suse-su-2018:1194-1
Vulnerability from csaf_suse
Published
2018-05-09 14:19
Modified
2018-05-09 14:19
Summary
Security update for python-pysaml2
Notes
Title of the patch
Security update for python-pysaml2
Description of the patch
This update for python-pysaml2 fixes the following issues:
- CVE-2017-1000433: When python optimizations are enabled, any user is able to login without knowing their password. (bsc#1074662)
Patchnames
SUSE-OpenStack-Cloud-7-2018-826
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ "document": { "aggregate_severity": { "namespace": "https://www.suse.com/support/security/rating/", "text": "low" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright 2024 SUSE LLC. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "Security update for python-pysaml2", "title": "Title of the patch" }, { "category": "description", "text": "This update for python-pysaml2 fixes the following issues:\n\n - CVE-2017-1000433: When python optimizations are enabled, any user is able to login without knowing their password. (bsc#1074662)\n\n", "title": "Description of the patch" }, { "category": "details", "text": "SUSE-OpenStack-Cloud-7-2018-826", "title": "Patchnames" }, { "category": "legal_disclaimer", "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", "title": "Terms of use" } ], "publisher": { "category": "vendor", "contact_details": "https://www.suse.com/support/security/contact/", "name": "SUSE Product Security Team", "namespace": "https://www.suse.com/" }, "references": [ { "category": "external", "summary": "SUSE ratings", "url": "https://www.suse.com/support/security/rating/" }, { "category": "self", "summary": "URL of this CSAF notice", "url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2018_1194-1.json" }, { "category": "self", "summary": "URL for SUSE-SU-2018:1194-1", "url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181194-1/" }, { "category": "self", "summary": "E-Mail link for SUSE-SU-2018:1194-1", "url": "https://lists.suse.com/pipermail/sle-security-updates/2018-May/003990.html" }, { "category": "self", "summary": "SUSE Bug 1074662", "url": "https://bugzilla.suse.com/1074662" }, { "category": "self", "summary": "SUSE CVE CVE-2017-1000433 page", "url": "https://www.suse.com/security/cve/CVE-2017-1000433/" } ], "title": "Security update for python-pysaml2", "tracking": { "current_release_date": "2018-05-09T14:19:05Z", "generator": { "date": "2018-05-09T14:19:05Z", "engine": { "name": "cve-database.git:bin/generate-csaf.pl", "version": "1" } }, "id": "SUSE-SU-2018:1194-1", "initial_release_date": "2018-05-09T14:19:05Z", "revision_history": [ { "date": "2018-05-09T14:19:05Z", "number": "1", "summary": "Current version" } ], "status": "final", "version": "1" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_version", "name": "python-pysaml2-4.0.2-3.3.2.noarch", "product": { "name": "python-pysaml2-4.0.2-3.3.2.noarch", "product_id": "python-pysaml2-4.0.2-3.3.2.noarch" } } ], "category": "architecture", "name": "noarch" }, { "branches": [ { "category": "product_name", "name": "SUSE OpenStack Cloud 7", "product": { "name": "SUSE OpenStack Cloud 7", "product_id": "SUSE OpenStack Cloud 7", "product_identification_helper": { "cpe": "cpe:/o:suse:suse-openstack-cloud:7" } } } ], "category": "product_family", "name": "SUSE Linux Enterprise" } ], "category": "vendor", "name": "SUSE" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "python-pysaml2-4.0.2-3.3.2.noarch as component of SUSE OpenStack Cloud 7", "product_id": "SUSE OpenStack Cloud 7:python-pysaml2-4.0.2-3.3.2.noarch" }, "product_reference": "python-pysaml2-4.0.2-3.3.2.noarch", "relates_to_product_reference": "SUSE OpenStack Cloud 7" } ] }, "vulnerabilities": [ { "cve": "CVE-2017-1000433", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2017-1000433" } ], "notes": [ { "category": "general", "text": "pysaml2 version 4.4.0 and older accept any password when run with python optimizations enabled. This allows attackers to log in as any user without knowing their password.", "title": "CVE description" } ], "product_status": { "recommended": [ "SUSE OpenStack Cloud 7:python-pysaml2-4.0.2-3.3.2.noarch" ] }, "references": [ { "category": "external", "summary": "CVE-2017-1000433", "url": "https://www.suse.com/security/cve/CVE-2017-1000433" }, { "category": "external", "summary": "SUSE Bug 1074662 for CVE-2017-1000433", "url": "https://bugzilla.suse.com/1074662" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "SUSE OpenStack Cloud 7:python-pysaml2-4.0.2-3.3.2.noarch" ] } ], "scores": [ { "cvss_v3": { "baseScore": 8.1, "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "SUSE OpenStack Cloud 7:python-pysaml2-4.0.2-3.3.2.noarch" ] } ], "threats": [ { "category": "impact", "date": "2018-05-09T14:19:05Z", "details": "important" } ], "title": "CVE-2017-1000433" } ] }
fkie_cve-2017-1000433
Vulnerability from fkie_nvd
Published
2018-01-02 23:29
Modified
2024-11-21 03:04
Severity ?
Summary
pysaml2 version 4.4.0 and older accept any password when run with python optimizations enabled. This allows attackers to log in as any user without knowing their password.
References
▶ | URL | Tags | |
---|---|---|---|
cve@mitre.org | https://github.com/rohe/pysaml2/issues/451 | Patch, Third Party Advisory, VDB Entry | |
cve@mitre.org | https://lists.debian.org/debian-lts-announce/2018/07/msg00000.html | Mailing List, Third Party Advisory | |
cve@mitre.org | https://lists.debian.org/debian-lts-announce/2021/02/msg00038.html | Mailing List, Third Party Advisory | |
cve@mitre.org | https://security.gentoo.org/glsa/201801-11 | Issue Tracking, Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://github.com/rohe/pysaml2/issues/451 | Patch, Third Party Advisory, VDB Entry | |
af854a3a-2127-422b-91ae-364da2661108 | https://lists.debian.org/debian-lts-announce/2018/07/msg00000.html | Mailing List, Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://lists.debian.org/debian-lts-announce/2021/02/msg00038.html | Mailing List, Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/201801-11 | Issue Tracking, Third Party Advisory |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
pysaml2_project | pysaml2 | * | |
debian | debian_linux | 8.0 | |
debian | debian_linux | 9.0 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:pysaml2_project:pysaml2:*:*:*:*:*:*:*:*", "matchCriteriaId": "24F2FB4E-4F43-4B09-B01C-1B3FCB88AB2C", "versionEndIncluding": "4.4.0", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "pysaml2 version 4.4.0 and older accept any password when run with python optimizations enabled. This allows attackers to log in as any user without knowing their password." }, { "lang": "es", "value": "pysaml2, en su versi\u00f3n 4.4.0 y anteriores, acepta cualquier contrase\u00f1a cuando se ejecuta con las optimizaciones de python habilitadas. Esto permite que atacantes inicien sesi\u00f3n como cualquier usuario sin conocer su contrase\u00f1a." } ], "id": "CVE-2017-1000433", "lastModified": "2024-11-21T03:04:44.003", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.2, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2018-01-02T23:29:00.337", "references": [ { "source": "cve@mitre.org", "tags": [ "Patch", "Third Party Advisory", "VDB Entry" ], "url": "https://github.com/rohe/pysaml2/issues/451" }, { "source": "cve@mitre.org", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00000.html" }, { "source": "cve@mitre.org", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "https://lists.debian.org/debian-lts-announce/2021/02/msg00038.html" }, { "source": "cve@mitre.org", "tags": [ "Issue Tracking", "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201801-11" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Third Party Advisory", "VDB Entry" ], "url": "https://github.com/rohe/pysaml2/issues/451" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00000.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "https://lists.debian.org/debian-lts-announce/2021/02/msg00038.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Issue Tracking", "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201801-11" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-287" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Loading…
Loading…
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…