Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2016-8611 (GCVE-0-2016-8611)
Vulnerability from cvelistv5
Published
2018-07-31 20:00
Modified
2024-08-06 02:27
Severity ?
VLAI Severity ?
EPSS score ?
CWE
Summary
A vulnerability was found in Openstack Glance. No limits are enforced within the Glance image service for both v1 and v2 `/images` API POST method for authenticated users, resulting in possible denial of service attacks through database table saturation.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| The Openstack Foundation | openstack-glance |
Version: v1 and v2 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T02:27:41.035Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-8611"
},
{
"name": "1037312",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1037312"
},
{
"name": "94378",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/94378"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c05333384"
},
{
"name": "[oss-security] 20161027 [OSSN-0076] Glance Image service v1 and v2 api image-create vulnerability",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://seclists.org/oss-sec/2016/q4/266"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "openstack-glance",
"vendor": "The Openstack Foundation",
"versions": [
{
"status": "affected",
"version": "v1 and v2"
}
]
}
],
"datePublic": "2016-10-27T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in Openstack Glance. No limits are enforced within the Glance image service for both v1 and v2 `/images` API POST method for authenticated users, resulting in possible denial of service attacks through database table saturation."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "CWE-400",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-08-02T16:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-8611"
},
{
"name": "1037312",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1037312"
},
{
"name": "94378",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/94378"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c05333384"
},
{
"name": "[oss-security] 20161027 [OSSN-0076] Glance Image service v1 and v2 api image-create vulnerability",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://seclists.org/oss-sec/2016/q4/266"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2016-8611",
"datePublished": "2018-07-31T20:00:00",
"dateReserved": "2016-10-12T00:00:00",
"dateUpdated": "2024-08-06T02:27:41.035Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2016-8611\",\"sourceIdentifier\":\"secalert@redhat.com\",\"published\":\"2018-07-31T20:29:00.227\",\"lastModified\":\"2024-11-21T02:59:40.297\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A vulnerability was found in Openstack Glance. No limits are enforced within the Glance image service for both v1 and v2 `/images` API POST method for authenticated users, resulting in possible denial of service attacks through database table saturation.\"},{\"lang\":\"es\",\"value\":\"Se ha encontrado una vulnerabilidad en Openstack Glance. No se aplican l\u00edmites en el servicio de imagen Glance para las v1 y v2 del m\u00e9todo POST de la API \\\"/images\\\" para usuarios autenticados. Esto resulta en posibles ataques de denegaci\u00f3n de servicio (DoS) mediante la saturaci\u00f3n de la tabla de la base de datos.\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"secalert@redhat.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L\",\"baseScore\":4.3,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"LOW\"},\"exploitabilityScore\":2.8,\"impactScore\":1.4},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":6.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.8,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:S/C:N/I:N/A:P\",\"baseScore\":4.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"SINGLE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"secalert@redhat.com\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-400\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-20\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openstack:glance:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"884E775E-5475-43E8-BFA9-8701C49847A7\"}]}]}],\"references\":[{\"url\":\"http://seclists.org/oss-sec/2016/q4/266\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/94378\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id/1037312\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-8611\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Issue Tracking\",\"Third Party Advisory\"]},{\"url\":\"https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c05333384\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://seclists.org/oss-sec/2016/q4/266\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/94378\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id/1037312\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-8611\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Third Party Advisory\"]},{\"url\":\"https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c05333384\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}"
}
}
fkie_cve-2016-8611
Vulnerability from fkie_nvd
Published
2018-07-31 20:29
Modified
2024-11-21 02:59
Severity ?
4.3 (Medium) - CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
6.5 (Medium) - CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
6.5 (Medium) - CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Summary
A vulnerability was found in Openstack Glance. No limits are enforced within the Glance image service for both v1 and v2 `/images` API POST method for authenticated users, resulting in possible denial of service attacks through database table saturation.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | http://seclists.org/oss-sec/2016/q4/266 | Mailing List, Third Party Advisory | |
| secalert@redhat.com | http://www.securityfocus.com/bid/94378 | Third Party Advisory, VDB Entry | |
| secalert@redhat.com | http://www.securitytracker.com/id/1037312 | Third Party Advisory, VDB Entry | |
| secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-8611 | Issue Tracking, Third Party Advisory | |
| secalert@redhat.com | https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c05333384 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://seclists.org/oss-sec/2016/q4/266 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/94378 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1037312 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-8611 | Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c05333384 | Vendor Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:openstack:glance:*:*:*:*:*:*:*:*",
"matchCriteriaId": "884E775E-5475-43E8-BFA9-8701C49847A7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in Openstack Glance. No limits are enforced within the Glance image service for both v1 and v2 `/images` API POST method for authenticated users, resulting in possible denial of service attacks through database table saturation."
},
{
"lang": "es",
"value": "Se ha encontrado una vulnerabilidad en Openstack Glance. No se aplican l\u00edmites en el servicio de imagen Glance para las v1 y v2 del m\u00e9todo POST de la API \"/images\" para usuarios autenticados. Esto resulta en posibles ataques de denegaci\u00f3n de servicio (DoS) mediante la saturaci\u00f3n de la tabla de la base de datos."
}
],
"id": "CVE-2016-8611",
"lastModified": "2024-11-21T02:59:40.297",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4,
"source": "secalert@redhat.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-07-31T20:29:00.227",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/oss-sec/2016/q4/266"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/94378"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1037312"
},
{
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-8611"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c05333384"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/oss-sec/2016/q4/266"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/94378"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1037312"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-8611"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c05333384"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-400"
}
],
"source": "secalert@redhat.com",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Secondary"
}
]
}
suse-su-2018:2762-1
Vulnerability from csaf_suse
Published
2018-09-20 06:04
Modified
2018-09-20 06:04
Summary
Security update for crowbar, crowbar-core, crowbar-ha, crowbar-init, crowbar-openstack, crowbar-ui
Notes
Title of the patch
Security update for crowbar, crowbar-core, crowbar-ha, crowbar-init, crowbar-openstack, crowbar-ui
Description of the patch
This update for crowbar, crowbar-ha, crowbar-init, crowbar-openstack, crowbar-ui fixes the following issues:
This security issues was fixed:
- CVE-2018-3760: Upgrade rubygem-sprockets to prevent an information leak.
Specially crafted requests could have been be used to access files that exists
on the filesystem that is outside an application's root directory, when the
Sprockets server is used in production (bsc#1098369).
- CVE-2016-861: Add rate limiting for glance api (bsc#1005886)
These non-security issues were fixed for crowbar:
- upgrade: Lock crowbar-ui before admin upgrade
- upgrade: Make sure schemas are properly migrated after the upgrade
- upgrade: No need for database dump before the upgrade
- upgrade: No need to use crowbar-init during the upgrade
These non-security issues were fixed for crowbar-core:
- upgrade: Remove pre-upgrade constraints from existing locations
- upgrade: Show the grep result when checking for not-migrated instances
- upgrade: Set clone_stateless_services to false on upgrade
- control_lib: fix host allocation check
- Fix exception handling in get_log_lines
- apache: copytruncate apache logs bsc#1083093
- upgrade: Refresh repos before crowbar-ui update (bsc#1099392)
- upgrade: Reset RabbitMQ nodes during upgrade
- upgrade: Do not allow cinder-volume on compute nodes
- upgrade: Wait until all nova-compute services are up before evacuation
- upgrade: Save the information which set of nodes should be upgraded
- Let skip_unready_nodes skip also nodes that are in crowbar_upgrade state
- upgrade: Add missing brackets checking for nodes
- upgrade: Make sure postponed nodes can be skipped when applying proposal
- upgrade: When the upgrade is not finished, show a link to wizard
- upgrade: Correctly delete remaining upgrade scripts
- upgrade: Wait for services shutdown to finish
- upgrade: Unlock crowbar-ui after completed upgrade
- upgrade: Stop cron before stopping any other service
- upgrade: Provide better information after the failure
- upgrade: Report missing scripts
- upgrade: Better check for upgraded nodes - do not rely on state
- upgrade: Improve error messages with lists
- upgrade: Check input is a valid node for nodes
- upgrade: Delete upgrade scripts really at the end of upgrade
- upgrade: Increase the timeout for deleting pacemaker resources
- upgrade: Adapt the check for upgraded? value
- upgrade: Move step to mark the admin upgrade end
- upgrade: Do not finalize nodes that are not upgraded
- upgrade: Fix file layout for rails' autoloading (bsc#1096759)
- upgrade: Deleting cinder services from database no longer needed
- upgrade: Allow postpone and resume of compute nodes upgrade
- upgrade: Allow the access to controller actions when upgrade is postponed
- upgrade: Finalize upgrade of controller nodes after they are done
- upgrade: Added API calls for postponing/resuming compute nodes upgrade
- upgrade: Unblock upgrade status API in Cloud8
- upgrade: Do not end admin step while it is still running (bsc#1095420)
- upgrade: Adapt ceph-related checks to 7-8 upgrade
- upgrade: Allow running schema migrations on upgrade
- upgrade: Fix platform retrieval
These non-security issues were fixed for crowbar-ha:
- pacemaker: allow multiple meta parameters (bsc#1093898)
- haproxy: active-active mode, just one VIP
These non-security issues were fixed for crowbar-openstack:
- Synchronize SSL in the cluster (bsc#1081518)
- neutron: add force_metadata attribute
- rabbitmq: set client timout to default value
- /etc/sysctl.d/99-sysctl.conf is a symlink to /etc/sysctl.conf
- Do not automatically put manila-share roles to compute nodes
- rabbitmq: check for rabbit readiness
- rabbitmq: Make sure rabbit is running on cluster
- monasca: various monasca-installer improvements
- monasca: reduce monasca-installer runs (bsc#1096043)
- manila: Correct field name for cluster name
- Do not mark [:nova][:db_synced] too early
- nova: Do not do partial online migrations, that was Newton specific
- monasca: add elasticsearch tunables (bsc#1090336)
- copytruncate apache logs instead of creating
- rabbitmq: Better dependency check
- aodh: Add config for alarm_history_ttl (bsc#1073703)
- upgrade: cinder: run live migrations at correct rev
These non-security issues were fixed for crowbar-ui:
- upgrade: Dummy backend for status testing
- upgrade: Refactor postpone nodes upgrade
- upgrade: Allow interruption of status wait loop
- upgrade: Added ability to postpone upgrade nodes
- upgrade: Add ability to postpone upgrade nodes
- upgrade: Add ability to postpone upgrade nodes
- upgrade: Add ability to postpone upgrade nodes
- Add ability to postpone upgrade
- upgrade: Remove openstack precheck
- upgrade: Fixed error key for ha_configured
- upgrade: Remove CEPH related code
- Remove the non-essential database-configuration controller
- remove ui typo test
- Remove database configuration option
- upgrade: Update SUSE-OpenStack-Cloud-8 label
- upgrade: Update admin and nodes repo names
Patchnames
SUSE-OpenStack-Cloud-Crowbar-8-2018-1928
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for crowbar, crowbar-core, crowbar-ha, crowbar-init, crowbar-openstack, crowbar-ui",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for crowbar, crowbar-ha, crowbar-init, crowbar-openstack, crowbar-ui fixes the following issues:\n\nThis security issues was fixed:\n\n- CVE-2018-3760: Upgrade rubygem-sprockets to prevent an information leak.\n Specially crafted requests could have been be used to access files that exists\n on the filesystem that is outside an application\u0027s root directory, when the\n Sprockets server is used in production (bsc#1098369).\n- CVE-2016-861: Add rate limiting for glance api (bsc#1005886)\n\nThese non-security issues were fixed for crowbar:\n\n- upgrade: Lock crowbar-ui before admin upgrade\n- upgrade: Make sure schemas are properly migrated after the upgrade\n- upgrade: No need for database dump before the upgrade\n- upgrade: No need to use crowbar-init during the upgrade\n\nThese non-security issues were fixed for crowbar-core:\n\n- upgrade: Remove pre-upgrade constraints from existing locations\n- upgrade: Show the grep result when checking for not-migrated instances\n- upgrade: Set clone_stateless_services to false on upgrade\n- control_lib: fix host allocation check\n- Fix exception handling in get_log_lines\n- apache: copytruncate apache logs bsc#1083093\n- upgrade: Refresh repos before crowbar-ui update (bsc#1099392)\n- upgrade: Reset RabbitMQ nodes during upgrade\n- upgrade: Do not allow cinder-volume on compute nodes\n- upgrade: Wait until all nova-compute services are up before evacuation\n- upgrade: Save the information which set of nodes should be upgraded\n- Let skip_unready_nodes skip also nodes that are in crowbar_upgrade state\n- upgrade: Add missing brackets checking for nodes\n- upgrade: Make sure postponed nodes can be skipped when applying proposal\n- upgrade: When the upgrade is not finished, show a link to wizard\n- upgrade: Correctly delete remaining upgrade scripts\n- upgrade: Wait for services shutdown to finish\n- upgrade: Unlock crowbar-ui after completed upgrade\n- upgrade: Stop cron before stopping any other service\n- upgrade: Provide better information after the failure\n- upgrade: Report missing scripts\n- upgrade: Better check for upgraded nodes - do not rely on state\n- upgrade: Improve error messages with lists\n- upgrade: Check input is a valid node for nodes\n- upgrade: Delete upgrade scripts really at the end of upgrade\n- upgrade: Increase the timeout for deleting pacemaker resources\n- upgrade: Adapt the check for upgraded? value\n- upgrade: Move step to mark the admin upgrade end\n- upgrade: Do not finalize nodes that are not upgraded\n- upgrade: Fix file layout for rails\u0027 autoloading (bsc#1096759)\n- upgrade: Deleting cinder services from database no longer needed\n- upgrade: Allow postpone and resume of compute nodes upgrade\n- upgrade: Allow the access to controller actions when upgrade is postponed\n- upgrade: Finalize upgrade of controller nodes after they are done\n- upgrade: Added API calls for postponing/resuming compute nodes upgrade\n- upgrade: Unblock upgrade status API in Cloud8\n- upgrade: Do not end admin step while it is still running (bsc#1095420)\n- upgrade: Adapt ceph-related checks to 7-8 upgrade\n- upgrade: Allow running schema migrations on upgrade\n- upgrade: Fix platform retrieval\n\nThese non-security issues were fixed for crowbar-ha:\n\n- pacemaker: allow multiple meta parameters (bsc#1093898)\n- haproxy: active-active mode, just one VIP\n\nThese non-security issues were fixed for crowbar-openstack:\n\n- Synchronize SSL in the cluster (bsc#1081518)\n- neutron: add force_metadata attribute\n- rabbitmq: set client timout to default value\n- /etc/sysctl.d/99-sysctl.conf is a symlink to /etc/sysctl.conf\n- Do not automatically put manila-share roles to compute nodes\n- rabbitmq: check for rabbit readiness\n- rabbitmq: Make sure rabbit is running on cluster\n- monasca: various monasca-installer improvements\n- monasca: reduce monasca-installer runs (bsc#1096043)\n- manila: Correct field name for cluster name\n- Do not mark [:nova][:db_synced] too early\n- nova: Do not do partial online migrations, that was Newton specific\n- monasca: add elasticsearch tunables (bsc#1090336)\n- copytruncate apache logs instead of creating\n- rabbitmq: Better dependency check\n- aodh: Add config for alarm_history_ttl (bsc#1073703)\n- upgrade: cinder: run live migrations at correct rev\n\nThese non-security issues were fixed for crowbar-ui:\n\n- upgrade: Dummy backend for status testing\n- upgrade: Refactor postpone nodes upgrade\n- upgrade: Allow interruption of status wait loop\n- upgrade: Added ability to postpone upgrade nodes\n- upgrade: Add ability to postpone upgrade nodes\n- upgrade: Add ability to postpone upgrade nodes\n- upgrade: Add ability to postpone upgrade nodes\n- Add ability to postpone upgrade\n- upgrade: Remove openstack precheck\n- upgrade: Fixed error key for ha_configured\n- upgrade: Remove CEPH related code\n- Remove the non-essential database-configuration controller\n- remove ui typo test\n- Remove database configuration option\n- upgrade: Update SUSE-OpenStack-Cloud-8 label\n- upgrade: Update admin and nodes repo names\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-OpenStack-Cloud-Crowbar-8-2018-1928",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2018_2762-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2018:2762-1",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20182762-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2018:2762-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2018-September/004567.html"
},
{
"category": "self",
"summary": "SUSE Bug 1005886",
"url": "https://bugzilla.suse.com/1005886"
},
{
"category": "self",
"summary": "SUSE Bug 1073703",
"url": "https://bugzilla.suse.com/1073703"
},
{
"category": "self",
"summary": "SUSE Bug 1081518",
"url": "https://bugzilla.suse.com/1081518"
},
{
"category": "self",
"summary": "SUSE Bug 1083093",
"url": "https://bugzilla.suse.com/1083093"
},
{
"category": "self",
"summary": "SUSE Bug 1090336",
"url": "https://bugzilla.suse.com/1090336"
},
{
"category": "self",
"summary": "SUSE Bug 1093898",
"url": "https://bugzilla.suse.com/1093898"
},
{
"category": "self",
"summary": "SUSE Bug 1095420",
"url": "https://bugzilla.suse.com/1095420"
},
{
"category": "self",
"summary": "SUSE Bug 1096043",
"url": "https://bugzilla.suse.com/1096043"
},
{
"category": "self",
"summary": "SUSE Bug 1096759",
"url": "https://bugzilla.suse.com/1096759"
},
{
"category": "self",
"summary": "SUSE Bug 1098369",
"url": "https://bugzilla.suse.com/1098369"
},
{
"category": "self",
"summary": "SUSE Bug 1099392",
"url": "https://bugzilla.suse.com/1099392"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-8611 page",
"url": "https://www.suse.com/security/cve/CVE-2016-8611/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-3760 page",
"url": "https://www.suse.com/security/cve/CVE-2018-3760/"
}
],
"title": "Security update for crowbar, crowbar-core, crowbar-ha, crowbar-init, crowbar-openstack, crowbar-ui",
"tracking": {
"current_release_date": "2018-09-20T06:04:40Z",
"generator": {
"date": "2018-09-20T06:04:40Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2018:2762-1",
"initial_release_date": "2018-09-20T06:04:40Z",
"revision_history": [
{
"date": "2018-09-20T06:04:40Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "crowbar-5.0+git.1528696845.81a7b5d0-3.3.1.noarch",
"product": {
"name": "crowbar-5.0+git.1528696845.81a7b5d0-3.3.1.noarch",
"product_id": "crowbar-5.0+git.1528696845.81a7b5d0-3.3.1.noarch"
}
},
{
"category": "product_version",
"name": "crowbar-devel-5.0+git.1528696845.81a7b5d0-3.3.1.noarch",
"product": {
"name": "crowbar-devel-5.0+git.1528696845.81a7b5d0-3.3.1.noarch",
"product_id": "crowbar-devel-5.0+git.1528696845.81a7b5d0-3.3.1.noarch"
}
},
{
"category": "product_version",
"name": "crowbar-ha-5.0+git.1530177874.35b9099-3.3.1.noarch",
"product": {
"name": "crowbar-ha-5.0+git.1530177874.35b9099-3.3.1.noarch",
"product_id": "crowbar-ha-5.0+git.1530177874.35b9099-3.3.1.noarch"
}
},
{
"category": "product_version",
"name": "crowbar-init-5.0+git.1520420379.d5bbb35-3.3.1.noarch",
"product": {
"name": "crowbar-init-5.0+git.1520420379.d5bbb35-3.3.1.noarch",
"product_id": "crowbar-init-5.0+git.1520420379.d5bbb35-3.3.1.noarch"
}
},
{
"category": "product_version",
"name": "crowbar-openstack-5.0+git.1534167599.d325ef804-4.8.2.noarch",
"product": {
"name": "crowbar-openstack-5.0+git.1534167599.d325ef804-4.8.2.noarch",
"product_id": "crowbar-openstack-5.0+git.1534167599.d325ef804-4.8.2.noarch"
}
},
{
"category": "product_version",
"name": "crowbar-ui-1.2.0+git.1533844061.4ac8e723-3.3.1.noarch",
"product": {
"name": "crowbar-ui-1.2.0+git.1533844061.4ac8e723-3.3.1.noarch",
"product_id": "crowbar-ui-1.2.0+git.1533844061.4ac8e723-3.3.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "crowbar-core-5.0+git.1533887407.6e9b0412d-3.8.2.x86_64",
"product": {
"name": "crowbar-core-5.0+git.1533887407.6e9b0412d-3.8.2.x86_64",
"product_id": "crowbar-core-5.0+git.1533887407.6e9b0412d-3.8.2.x86_64"
}
},
{
"category": "product_version",
"name": "crowbar-core-branding-upstream-5.0+git.1533887407.6e9b0412d-3.8.2.x86_64",
"product": {
"name": "crowbar-core-branding-upstream-5.0+git.1533887407.6e9b0412d-3.8.2.x86_64",
"product_id": "crowbar-core-branding-upstream-5.0+git.1533887407.6e9b0412d-3.8.2.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE OpenStack Cloud Crowbar 8",
"product": {
"name": "SUSE OpenStack Cloud Crowbar 8",
"product_id": "SUSE OpenStack Cloud Crowbar 8",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-openstack-cloud-crowbar:8"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "crowbar-5.0+git.1528696845.81a7b5d0-3.3.1.noarch as component of SUSE OpenStack Cloud Crowbar 8",
"product_id": "SUSE OpenStack Cloud Crowbar 8:crowbar-5.0+git.1528696845.81a7b5d0-3.3.1.noarch"
},
"product_reference": "crowbar-5.0+git.1528696845.81a7b5d0-3.3.1.noarch",
"relates_to_product_reference": "SUSE OpenStack Cloud Crowbar 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "crowbar-core-5.0+git.1533887407.6e9b0412d-3.8.2.x86_64 as component of SUSE OpenStack Cloud Crowbar 8",
"product_id": "SUSE OpenStack Cloud Crowbar 8:crowbar-core-5.0+git.1533887407.6e9b0412d-3.8.2.x86_64"
},
"product_reference": "crowbar-core-5.0+git.1533887407.6e9b0412d-3.8.2.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud Crowbar 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "crowbar-core-branding-upstream-5.0+git.1533887407.6e9b0412d-3.8.2.x86_64 as component of SUSE OpenStack Cloud Crowbar 8",
"product_id": "SUSE OpenStack Cloud Crowbar 8:crowbar-core-branding-upstream-5.0+git.1533887407.6e9b0412d-3.8.2.x86_64"
},
"product_reference": "crowbar-core-branding-upstream-5.0+git.1533887407.6e9b0412d-3.8.2.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud Crowbar 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "crowbar-devel-5.0+git.1528696845.81a7b5d0-3.3.1.noarch as component of SUSE OpenStack Cloud Crowbar 8",
"product_id": "SUSE OpenStack Cloud Crowbar 8:crowbar-devel-5.0+git.1528696845.81a7b5d0-3.3.1.noarch"
},
"product_reference": "crowbar-devel-5.0+git.1528696845.81a7b5d0-3.3.1.noarch",
"relates_to_product_reference": "SUSE OpenStack Cloud Crowbar 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "crowbar-ha-5.0+git.1530177874.35b9099-3.3.1.noarch as component of SUSE OpenStack Cloud Crowbar 8",
"product_id": "SUSE OpenStack Cloud Crowbar 8:crowbar-ha-5.0+git.1530177874.35b9099-3.3.1.noarch"
},
"product_reference": "crowbar-ha-5.0+git.1530177874.35b9099-3.3.1.noarch",
"relates_to_product_reference": "SUSE OpenStack Cloud Crowbar 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "crowbar-init-5.0+git.1520420379.d5bbb35-3.3.1.noarch as component of SUSE OpenStack Cloud Crowbar 8",
"product_id": "SUSE OpenStack Cloud Crowbar 8:crowbar-init-5.0+git.1520420379.d5bbb35-3.3.1.noarch"
},
"product_reference": "crowbar-init-5.0+git.1520420379.d5bbb35-3.3.1.noarch",
"relates_to_product_reference": "SUSE OpenStack Cloud Crowbar 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "crowbar-openstack-5.0+git.1534167599.d325ef804-4.8.2.noarch as component of SUSE OpenStack Cloud Crowbar 8",
"product_id": "SUSE OpenStack Cloud Crowbar 8:crowbar-openstack-5.0+git.1534167599.d325ef804-4.8.2.noarch"
},
"product_reference": "crowbar-openstack-5.0+git.1534167599.d325ef804-4.8.2.noarch",
"relates_to_product_reference": "SUSE OpenStack Cloud Crowbar 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "crowbar-ui-1.2.0+git.1533844061.4ac8e723-3.3.1.noarch as component of SUSE OpenStack Cloud Crowbar 8",
"product_id": "SUSE OpenStack Cloud Crowbar 8:crowbar-ui-1.2.0+git.1533844061.4ac8e723-3.3.1.noarch"
},
"product_reference": "crowbar-ui-1.2.0+git.1533844061.4ac8e723-3.3.1.noarch",
"relates_to_product_reference": "SUSE OpenStack Cloud Crowbar 8"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2016-8611",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-8611"
}
],
"notes": [
{
"category": "general",
"text": "A vulnerability was found in Openstack Glance. No limits are enforced within the Glance image service for both v1 and v2 `/images` API POST method for authenticated users, resulting in possible denial of service attacks through database table saturation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE OpenStack Cloud Crowbar 8:crowbar-5.0+git.1528696845.81a7b5d0-3.3.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:crowbar-core-5.0+git.1533887407.6e9b0412d-3.8.2.x86_64",
"SUSE OpenStack Cloud Crowbar 8:crowbar-core-branding-upstream-5.0+git.1533887407.6e9b0412d-3.8.2.x86_64",
"SUSE OpenStack Cloud Crowbar 8:crowbar-devel-5.0+git.1528696845.81a7b5d0-3.3.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:crowbar-ha-5.0+git.1530177874.35b9099-3.3.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:crowbar-init-5.0+git.1520420379.d5bbb35-3.3.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:crowbar-openstack-5.0+git.1534167599.d325ef804-4.8.2.noarch",
"SUSE OpenStack Cloud Crowbar 8:crowbar-ui-1.2.0+git.1533844061.4ac8e723-3.3.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-8611",
"url": "https://www.suse.com/security/cve/CVE-2016-8611"
},
{
"category": "external",
"summary": "SUSE Bug 1005886 for CVE-2016-8611",
"url": "https://bugzilla.suse.com/1005886"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE OpenStack Cloud Crowbar 8:crowbar-5.0+git.1528696845.81a7b5d0-3.3.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:crowbar-core-5.0+git.1533887407.6e9b0412d-3.8.2.x86_64",
"SUSE OpenStack Cloud Crowbar 8:crowbar-core-branding-upstream-5.0+git.1533887407.6e9b0412d-3.8.2.x86_64",
"SUSE OpenStack Cloud Crowbar 8:crowbar-devel-5.0+git.1528696845.81a7b5d0-3.3.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:crowbar-ha-5.0+git.1530177874.35b9099-3.3.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:crowbar-init-5.0+git.1520420379.d5bbb35-3.3.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:crowbar-openstack-5.0+git.1534167599.d325ef804-4.8.2.noarch",
"SUSE OpenStack Cloud Crowbar 8:crowbar-ui-1.2.0+git.1533844061.4ac8e723-3.3.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE OpenStack Cloud Crowbar 8:crowbar-5.0+git.1528696845.81a7b5d0-3.3.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:crowbar-core-5.0+git.1533887407.6e9b0412d-3.8.2.x86_64",
"SUSE OpenStack Cloud Crowbar 8:crowbar-core-branding-upstream-5.0+git.1533887407.6e9b0412d-3.8.2.x86_64",
"SUSE OpenStack Cloud Crowbar 8:crowbar-devel-5.0+git.1528696845.81a7b5d0-3.3.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:crowbar-ha-5.0+git.1530177874.35b9099-3.3.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:crowbar-init-5.0+git.1520420379.d5bbb35-3.3.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:crowbar-openstack-5.0+git.1534167599.d325ef804-4.8.2.noarch",
"SUSE OpenStack Cloud Crowbar 8:crowbar-ui-1.2.0+git.1533844061.4ac8e723-3.3.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-09-20T06:04:40Z",
"details": "low"
}
],
"title": "CVE-2016-8611"
},
{
"cve": "CVE-2018-3760",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-3760"
}
],
"notes": [
{
"category": "general",
"text": "There is an information leak vulnerability in Sprockets. Versions Affected: 4.0.0.beta7 and lower, 3.7.1 and lower, 2.12.4 and lower. Specially crafted requests can be used to access files that exists on the filesystem that is outside an application\u0027s root directory, when the Sprockets server is used in production. All users running an affected release should either upgrade or use one of the work arounds immediately.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE OpenStack Cloud Crowbar 8:crowbar-5.0+git.1528696845.81a7b5d0-3.3.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:crowbar-core-5.0+git.1533887407.6e9b0412d-3.8.2.x86_64",
"SUSE OpenStack Cloud Crowbar 8:crowbar-core-branding-upstream-5.0+git.1533887407.6e9b0412d-3.8.2.x86_64",
"SUSE OpenStack Cloud Crowbar 8:crowbar-devel-5.0+git.1528696845.81a7b5d0-3.3.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:crowbar-ha-5.0+git.1530177874.35b9099-3.3.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:crowbar-init-5.0+git.1520420379.d5bbb35-3.3.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:crowbar-openstack-5.0+git.1534167599.d325ef804-4.8.2.noarch",
"SUSE OpenStack Cloud Crowbar 8:crowbar-ui-1.2.0+git.1533844061.4ac8e723-3.3.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-3760",
"url": "https://www.suse.com/security/cve/CVE-2018-3760"
},
{
"category": "external",
"summary": "SUSE Bug 1098369 for CVE-2018-3760",
"url": "https://bugzilla.suse.com/1098369"
},
{
"category": "external",
"summary": "SUSE Bug 1182167 for CVE-2018-3760",
"url": "https://bugzilla.suse.com/1182167"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE OpenStack Cloud Crowbar 8:crowbar-5.0+git.1528696845.81a7b5d0-3.3.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:crowbar-core-5.0+git.1533887407.6e9b0412d-3.8.2.x86_64",
"SUSE OpenStack Cloud Crowbar 8:crowbar-core-branding-upstream-5.0+git.1533887407.6e9b0412d-3.8.2.x86_64",
"SUSE OpenStack Cloud Crowbar 8:crowbar-devel-5.0+git.1528696845.81a7b5d0-3.3.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:crowbar-ha-5.0+git.1530177874.35b9099-3.3.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:crowbar-init-5.0+git.1520420379.d5bbb35-3.3.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:crowbar-openstack-5.0+git.1534167599.d325ef804-4.8.2.noarch",
"SUSE OpenStack Cloud Crowbar 8:crowbar-ui-1.2.0+git.1533844061.4ac8e723-3.3.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"SUSE OpenStack Cloud Crowbar 8:crowbar-5.0+git.1528696845.81a7b5d0-3.3.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:crowbar-core-5.0+git.1533887407.6e9b0412d-3.8.2.x86_64",
"SUSE OpenStack Cloud Crowbar 8:crowbar-core-branding-upstream-5.0+git.1533887407.6e9b0412d-3.8.2.x86_64",
"SUSE OpenStack Cloud Crowbar 8:crowbar-devel-5.0+git.1528696845.81a7b5d0-3.3.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:crowbar-ha-5.0+git.1530177874.35b9099-3.3.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:crowbar-init-5.0+git.1520420379.d5bbb35-3.3.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:crowbar-openstack-5.0+git.1534167599.d325ef804-4.8.2.noarch",
"SUSE OpenStack Cloud Crowbar 8:crowbar-ui-1.2.0+git.1533844061.4ac8e723-3.3.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-09-20T06:04:40Z",
"details": "important"
}
],
"title": "CVE-2018-3760"
}
]
}
suse-su-2020:3624-1
Vulnerability from csaf_suse
Published
2020-12-04 11:50
Modified
2020-12-04 11:50
Summary
Security update for crowbar-openstack, grafana, influxdb, python-urllib3
Notes
Title of the patch
Security update for crowbar-openstack, grafana, influxdb, python-urllib3
Description of the patch
This update for crowbar-openstack, grafana, influxdb, python-urllib3 contains the following fixes:
Security fixes included in this update:
openstack-glance
- CVE-2016-8611: Added rate limiting for glance api (bnc#1005886)
grafana
- CVE-2020-24303: Fixed an XSS via a query alias for the ElasticSearch datasource (#bnc#1178243)
influxdb
- CVE-2019-20933: Fixed an authentication bypass (bnc#1178988)
python-urlib3
- CVE-2019-9740: Fixed a CRLF injection in urllib3 (bnc#1129071).
- CVE-2020-26137: Fixed a CRLF injection via HTTP request method (bnc#1177120)
memcached
- CVE-2018-1000115: Fixed a issue where a UDP server allowed spoofed traffic amplification DoS (bnc#1083903).
Non-security fixes included in this update:
Changes in crowbar-openstack:
- Update to version 4.0+git.1604938545.30c10db18:
* rabbitmq: Fix crm running check (SOC-11240)
Changes in grafana:
- Fix bnc#1178243 CVE-2020-24303 by adding
25401-Fix-XSS-vulnerability-with-series-overrides.patch
Changes in influxdb:
- Add CVE-2019-20933.patch (bnc#1178988, CVE-2019-20933) to
fix authentication bypass_
- Declare license files correctly
- Version 1.2.4:
* The stress tool influx_stress will be removed in a subsequent
release.
* Remove the override of GOMAXPROCS.
* Uncomment section headers from the default configuration file.
* Improve write performance significantly.
* Prune data in meta store for deleted shards.
* Update latest dependencies with Godeps.
* Introduce syntax for marking a partial response with chunking.
* Use X-Forwarded-For IP address in HTTP logger if present.
* Add support for secure transmission via collectd.
* Switch logging to use structured logging everywhere.
* [CLI feature request] USE retention policy for queries.
* Add clear command to cli.
* Adding ability to use parameters in queries in the v2 client
using the Parameters map in the Query struct.
* Allow add items to array config via ENV
* Support subquery execution in the query language.
* Verbose output for SSL connection errors.
* Cache snapshotting performance improvements
- Partially revert previous change to fix build for Leap
Changes in python-urllib3:
- Update urllib3-fix-test-urls.patch. Adjust to match upstream solution.
- Add urllib3-fix-test-urls.patch. Fix tests failing on python checks for
CVE-2019-9740.
- Add urllib3-cve-2020-26137.patch. Don't allow control chars in request
method. (bnc#1177120, CVE-2020-26137)
Patchnames
SUSE-2020-3624,SUSE-OpenStack-Cloud-7-2020-3624
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for crowbar-openstack, grafana, influxdb, python-urllib3",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for crowbar-openstack, grafana, influxdb, python-urllib3 contains the following fixes:\n\nSecurity fixes included in this update:\n\nopenstack-glance\n- CVE-2016-8611: Added rate limiting for glance api (bnc#1005886)\n\ngrafana\n- CVE-2020-24303: Fixed an XSS via a query alias for the ElasticSearch datasource (#bnc#1178243)\n\ninfluxdb\n- CVE-2019-20933: Fixed an authentication bypass (bnc#1178988)\n\npython-urlib3\n- CVE-2019-9740: Fixed a CRLF injection in urllib3 (bnc#1129071).\n- CVE-2020-26137: Fixed a CRLF injection via HTTP request method (bnc#1177120)\n\nmemcached\n- CVE-2018-1000115: Fixed a issue where a UDP server allowed spoofed traffic amplification DoS (bnc#1083903).\n\nNon-security fixes included in this update:\n\nChanges in crowbar-openstack:\n- Update to version 4.0+git.1604938545.30c10db18:\n * rabbitmq: Fix crm running check (SOC-11240)\n\nChanges in grafana:\n- Fix bnc#1178243 CVE-2020-24303 by adding\n 25401-Fix-XSS-vulnerability-with-series-overrides.patch\n\nChanges in influxdb:\n- Add CVE-2019-20933.patch (bnc#1178988, CVE-2019-20933) to\n fix authentication bypass_\n- Declare license files correctly\n\n- Version 1.2.4:\n * The stress tool influx_stress will be removed in a subsequent\n release.\n * Remove the override of GOMAXPROCS.\n * Uncomment section headers from the default configuration file.\n * Improve write performance significantly.\n * Prune data in meta store for deleted shards.\n * Update latest dependencies with Godeps.\n * Introduce syntax for marking a partial response with chunking.\n * Use X-Forwarded-For IP address in HTTP logger if present.\n * Add support for secure transmission via collectd.\n * Switch logging to use structured logging everywhere.\n * [CLI feature request] USE retention policy for queries.\n * Add clear command to cli.\n * Adding ability to use parameters in queries in the v2 client\n using the Parameters map in the Query struct.\n * Allow add items to array config via ENV\n * Support subquery execution in the query language.\n * Verbose output for SSL connection errors.\n * Cache snapshotting performance improvements\n\n- Partially revert previous change to fix build for Leap\n\nChanges in python-urllib3:\n- Update urllib3-fix-test-urls.patch. Adjust to match upstream solution.\n\n- Add urllib3-fix-test-urls.patch. Fix tests failing on python checks for\n CVE-2019-9740.\n\n- Add urllib3-cve-2020-26137.patch. Don\u0027t allow control chars in request\n method. (bnc#1177120, CVE-2020-26137)\n\n ",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2020-3624,SUSE-OpenStack-Cloud-7-2020-3624",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2020_3624-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2020:3624-1",
"url": "https://www.suse.com/support/update/announcement/2020/suse-su-20203624-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2020:3624-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2020-December/007916.html"
},
{
"category": "self",
"summary": "SUSE Bug 1005886",
"url": "https://bugzilla.suse.com/1005886"
},
{
"category": "self",
"summary": "SUSE Bug 1170479",
"url": "https://bugzilla.suse.com/1170479"
},
{
"category": "self",
"summary": "SUSE Bug 1177120",
"url": "https://bugzilla.suse.com/1177120"
},
{
"category": "self",
"summary": "SUSE Bug 1178243",
"url": "https://bugzilla.suse.com/1178243"
},
{
"category": "self",
"summary": "SUSE Bug 1178988",
"url": "https://bugzilla.suse.com/1178988"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-8611 page",
"url": "https://www.suse.com/security/cve/CVE-2016-8611/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-20933 page",
"url": "https://www.suse.com/security/cve/CVE-2019-20933/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-9740 page",
"url": "https://www.suse.com/security/cve/CVE-2019-9740/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-24303 page",
"url": "https://www.suse.com/security/cve/CVE-2020-24303/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-26137 page",
"url": "https://www.suse.com/security/cve/CVE-2020-26137/"
}
],
"title": "Security update for crowbar-openstack, grafana, influxdb, python-urllib3",
"tracking": {
"current_release_date": "2020-12-04T11:50:23Z",
"generator": {
"date": "2020-12-04T11:50:23Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2020:3624-1",
"initial_release_date": "2020-12-04T11:50:23Z",
"revision_history": [
{
"date": "2020-12-04T11:50:23Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "grafana-6.7.4-1.20.1.aarch64",
"product": {
"name": "grafana-6.7.4-1.20.1.aarch64",
"product_id": "grafana-6.7.4-1.20.1.aarch64"
}
},
{
"category": "product_version",
"name": "influxdb-1.2.4-5.1.aarch64",
"product": {
"name": "influxdb-1.2.4-5.1.aarch64",
"product_id": "influxdb-1.2.4-5.1.aarch64"
}
},
{
"category": "product_version",
"name": "influxdb-devel-1.2.4-5.1.aarch64",
"product": {
"name": "influxdb-devel-1.2.4-5.1.aarch64",
"product_id": "influxdb-devel-1.2.4-5.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "crowbar-openstack-4.0+git.1604938545.30c10db18-9.77.1.noarch",
"product": {
"name": "crowbar-openstack-4.0+git.1604938545.30c10db18-9.77.1.noarch",
"product_id": "crowbar-openstack-4.0+git.1604938545.30c10db18-9.77.1.noarch"
}
},
{
"category": "product_version",
"name": "python-urllib3-1.16-3.12.1.noarch",
"product": {
"name": "python-urllib3-1.16-3.12.1.noarch",
"product_id": "python-urllib3-1.16-3.12.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "grafana-6.7.4-1.20.1.ppc64le",
"product": {
"name": "grafana-6.7.4-1.20.1.ppc64le",
"product_id": "grafana-6.7.4-1.20.1.ppc64le"
}
},
{
"category": "product_version",
"name": "influxdb-1.2.4-5.1.ppc64le",
"product": {
"name": "influxdb-1.2.4-5.1.ppc64le",
"product_id": "influxdb-1.2.4-5.1.ppc64le"
}
},
{
"category": "product_version",
"name": "influxdb-devel-1.2.4-5.1.ppc64le",
"product": {
"name": "influxdb-devel-1.2.4-5.1.ppc64le",
"product_id": "influxdb-devel-1.2.4-5.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "grafana-6.7.4-1.20.1.s390x",
"product": {
"name": "grafana-6.7.4-1.20.1.s390x",
"product_id": "grafana-6.7.4-1.20.1.s390x"
}
},
{
"category": "product_version",
"name": "influxdb-1.2.4-5.1.s390x",
"product": {
"name": "influxdb-1.2.4-5.1.s390x",
"product_id": "influxdb-1.2.4-5.1.s390x"
}
},
{
"category": "product_version",
"name": "influxdb-devel-1.2.4-5.1.s390x",
"product": {
"name": "influxdb-devel-1.2.4-5.1.s390x",
"product_id": "influxdb-devel-1.2.4-5.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "grafana-6.7.4-1.20.1.x86_64",
"product": {
"name": "grafana-6.7.4-1.20.1.x86_64",
"product_id": "grafana-6.7.4-1.20.1.x86_64"
}
},
{
"category": "product_version",
"name": "influxdb-1.2.4-5.1.x86_64",
"product": {
"name": "influxdb-1.2.4-5.1.x86_64",
"product_id": "influxdb-1.2.4-5.1.x86_64"
}
},
{
"category": "product_version",
"name": "influxdb-devel-1.2.4-5.1.x86_64",
"product": {
"name": "influxdb-devel-1.2.4-5.1.x86_64",
"product_id": "influxdb-devel-1.2.4-5.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE OpenStack Cloud 7",
"product": {
"name": "SUSE OpenStack Cloud 7",
"product_id": "SUSE OpenStack Cloud 7",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-openstack-cloud:7"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "crowbar-openstack-4.0+git.1604938545.30c10db18-9.77.1.noarch as component of SUSE OpenStack Cloud 7",
"product_id": "SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1604938545.30c10db18-9.77.1.noarch"
},
"product_reference": "crowbar-openstack-4.0+git.1604938545.30c10db18-9.77.1.noarch",
"relates_to_product_reference": "SUSE OpenStack Cloud 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-6.7.4-1.20.1.x86_64 as component of SUSE OpenStack Cloud 7",
"product_id": "SUSE OpenStack Cloud 7:grafana-6.7.4-1.20.1.x86_64"
},
"product_reference": "grafana-6.7.4-1.20.1.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "influxdb-1.2.4-5.1.x86_64 as component of SUSE OpenStack Cloud 7",
"product_id": "SUSE OpenStack Cloud 7:influxdb-1.2.4-5.1.x86_64"
},
"product_reference": "influxdb-1.2.4-5.1.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-urllib3-1.16-3.12.1.noarch as component of SUSE OpenStack Cloud 7",
"product_id": "SUSE OpenStack Cloud 7:python-urllib3-1.16-3.12.1.noarch"
},
"product_reference": "python-urllib3-1.16-3.12.1.noarch",
"relates_to_product_reference": "SUSE OpenStack Cloud 7"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2016-8611",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-8611"
}
],
"notes": [
{
"category": "general",
"text": "A vulnerability was found in Openstack Glance. No limits are enforced within the Glance image service for both v1 and v2 `/images` API POST method for authenticated users, resulting in possible denial of service attacks through database table saturation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1604938545.30c10db18-9.77.1.noarch",
"SUSE OpenStack Cloud 7:grafana-6.7.4-1.20.1.x86_64",
"SUSE OpenStack Cloud 7:influxdb-1.2.4-5.1.x86_64",
"SUSE OpenStack Cloud 7:python-urllib3-1.16-3.12.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-8611",
"url": "https://www.suse.com/security/cve/CVE-2016-8611"
},
{
"category": "external",
"summary": "SUSE Bug 1005886 for CVE-2016-8611",
"url": "https://bugzilla.suse.com/1005886"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1604938545.30c10db18-9.77.1.noarch",
"SUSE OpenStack Cloud 7:grafana-6.7.4-1.20.1.x86_64",
"SUSE OpenStack Cloud 7:influxdb-1.2.4-5.1.x86_64",
"SUSE OpenStack Cloud 7:python-urllib3-1.16-3.12.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1604938545.30c10db18-9.77.1.noarch",
"SUSE OpenStack Cloud 7:grafana-6.7.4-1.20.1.x86_64",
"SUSE OpenStack Cloud 7:influxdb-1.2.4-5.1.x86_64",
"SUSE OpenStack Cloud 7:python-urllib3-1.16-3.12.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-12-04T11:50:23Z",
"details": "low"
}
],
"title": "CVE-2016-8611"
},
{
"cve": "CVE-2019-20933",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-20933"
}
],
"notes": [
{
"category": "general",
"text": "InfluxDB before 1.7.6 has an authentication bypass vulnerability in the authenticate function in services/httpd/handler.go because a JWT token may have an empty SharedSecret (aka shared secret).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1604938545.30c10db18-9.77.1.noarch",
"SUSE OpenStack Cloud 7:grafana-6.7.4-1.20.1.x86_64",
"SUSE OpenStack Cloud 7:influxdb-1.2.4-5.1.x86_64",
"SUSE OpenStack Cloud 7:python-urllib3-1.16-3.12.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-20933",
"url": "https://www.suse.com/security/cve/CVE-2019-20933"
},
{
"category": "external",
"summary": "SUSE Bug 1178988 for CVE-2019-20933",
"url": "https://bugzilla.suse.com/1178988"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1604938545.30c10db18-9.77.1.noarch",
"SUSE OpenStack Cloud 7:grafana-6.7.4-1.20.1.x86_64",
"SUSE OpenStack Cloud 7:influxdb-1.2.4-5.1.x86_64",
"SUSE OpenStack Cloud 7:python-urllib3-1.16-3.12.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1604938545.30c10db18-9.77.1.noarch",
"SUSE OpenStack Cloud 7:grafana-6.7.4-1.20.1.x86_64",
"SUSE OpenStack Cloud 7:influxdb-1.2.4-5.1.x86_64",
"SUSE OpenStack Cloud 7:python-urllib3-1.16-3.12.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-12-04T11:50:23Z",
"details": "important"
}
],
"title": "CVE-2019-20933"
},
{
"cve": "CVE-2019-9740",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-9740"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in urllib2 in Python 2.x through 2.7.16 and urllib in Python 3.x through 3.7.3. CRLF injection is possible if the attacker controls a url parameter, as demonstrated by the first argument to urllib.request.urlopen with \\r\\n (specifically in the query string after a ? character) followed by an HTTP header or a Redis command. This is fixed in: v2.7.17, v2.7.17rc1, v2.7.18, v2.7.18rc1; v3.5.10, v3.5.10rc1, v3.5.8, v3.5.8rc1, v3.5.8rc2, v3.5.9; v3.6.10, v3.6.10rc1, v3.6.11, v3.6.11rc1, v3.6.12, v3.6.9, v3.6.9rc1; v3.7.4, v3.7.4rc1, v3.7.4rc2, v3.7.5, v3.7.5rc1, v3.7.6, v3.7.6rc1, v3.7.7, v3.7.7rc1, v3.7.8, v3.7.8rc1, v3.7.9.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1604938545.30c10db18-9.77.1.noarch",
"SUSE OpenStack Cloud 7:grafana-6.7.4-1.20.1.x86_64",
"SUSE OpenStack Cloud 7:influxdb-1.2.4-5.1.x86_64",
"SUSE OpenStack Cloud 7:python-urllib3-1.16-3.12.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-9740",
"url": "https://www.suse.com/security/cve/CVE-2019-9740"
},
{
"category": "external",
"summary": "SUSE Bug 1129071 for CVE-2019-9740",
"url": "https://bugzilla.suse.com/1129071"
},
{
"category": "external",
"summary": "SUSE Bug 1130840 for CVE-2019-9740",
"url": "https://bugzilla.suse.com/1130840"
},
{
"category": "external",
"summary": "SUSE Bug 1132663 for CVE-2019-9740",
"url": "https://bugzilla.suse.com/1132663"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1604938545.30c10db18-9.77.1.noarch",
"SUSE OpenStack Cloud 7:grafana-6.7.4-1.20.1.x86_64",
"SUSE OpenStack Cloud 7:influxdb-1.2.4-5.1.x86_64",
"SUSE OpenStack Cloud 7:python-urllib3-1.16-3.12.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1604938545.30c10db18-9.77.1.noarch",
"SUSE OpenStack Cloud 7:grafana-6.7.4-1.20.1.x86_64",
"SUSE OpenStack Cloud 7:influxdb-1.2.4-5.1.x86_64",
"SUSE OpenStack Cloud 7:python-urllib3-1.16-3.12.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-12-04T11:50:23Z",
"details": "moderate"
}
],
"title": "CVE-2019-9740"
},
{
"cve": "CVE-2020-24303",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-24303"
}
],
"notes": [
{
"category": "general",
"text": "Grafana before 7.1.0-beta 1 allows XSS via a query alias for the ElasticSearch datasource.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1604938545.30c10db18-9.77.1.noarch",
"SUSE OpenStack Cloud 7:grafana-6.7.4-1.20.1.x86_64",
"SUSE OpenStack Cloud 7:influxdb-1.2.4-5.1.x86_64",
"SUSE OpenStack Cloud 7:python-urllib3-1.16-3.12.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-24303",
"url": "https://www.suse.com/security/cve/CVE-2020-24303"
},
{
"category": "external",
"summary": "SUSE Bug 1178243 for CVE-2020-24303",
"url": "https://bugzilla.suse.com/1178243"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1604938545.30c10db18-9.77.1.noarch",
"SUSE OpenStack Cloud 7:grafana-6.7.4-1.20.1.x86_64",
"SUSE OpenStack Cloud 7:influxdb-1.2.4-5.1.x86_64",
"SUSE OpenStack Cloud 7:python-urllib3-1.16-3.12.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1604938545.30c10db18-9.77.1.noarch",
"SUSE OpenStack Cloud 7:grafana-6.7.4-1.20.1.x86_64",
"SUSE OpenStack Cloud 7:influxdb-1.2.4-5.1.x86_64",
"SUSE OpenStack Cloud 7:python-urllib3-1.16-3.12.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-12-04T11:50:23Z",
"details": "moderate"
}
],
"title": "CVE-2020-24303"
},
{
"cve": "CVE-2020-26137",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-26137"
}
],
"notes": [
{
"category": "general",
"text": "urllib3 before 1.25.9 allows CRLF injection if the attacker controls the HTTP request method, as demonstrated by inserting CR and LF control characters in the first argument of putrequest(). NOTE: this is similar to CVE-2020-26116.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1604938545.30c10db18-9.77.1.noarch",
"SUSE OpenStack Cloud 7:grafana-6.7.4-1.20.1.x86_64",
"SUSE OpenStack Cloud 7:influxdb-1.2.4-5.1.x86_64",
"SUSE OpenStack Cloud 7:python-urllib3-1.16-3.12.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-26137",
"url": "https://www.suse.com/security/cve/CVE-2020-26137"
},
{
"category": "external",
"summary": "SUSE Bug 1177120 for CVE-2020-26137",
"url": "https://bugzilla.suse.com/1177120"
},
{
"category": "external",
"summary": "SUSE Bug 1177211 for CVE-2020-26137",
"url": "https://bugzilla.suse.com/1177211"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1604938545.30c10db18-9.77.1.noarch",
"SUSE OpenStack Cloud 7:grafana-6.7.4-1.20.1.x86_64",
"SUSE OpenStack Cloud 7:influxdb-1.2.4-5.1.x86_64",
"SUSE OpenStack Cloud 7:python-urllib3-1.16-3.12.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1604938545.30c10db18-9.77.1.noarch",
"SUSE OpenStack Cloud 7:grafana-6.7.4-1.20.1.x86_64",
"SUSE OpenStack Cloud 7:influxdb-1.2.4-5.1.x86_64",
"SUSE OpenStack Cloud 7:python-urllib3-1.16-3.12.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-12-04T11:50:23Z",
"details": "moderate"
}
],
"title": "CVE-2020-26137"
}
]
}
suse-ru-2021:0351-1
Vulnerability from csaf_suse
Published
2021-02-09 12:22
Modified
2021-02-09 12:22
Summary
Recommended update for ardana-horizon, ardana-logging, ardana-monasca, ardana-mq, ardana-osconfig, crowbar-ha, crowbar-openstack, kibana, openstack-neutron, openstack-nova, python-Django, release-notes-suse-openstack-cloud, sleshammer, spark
Notes
Title of the patch
Recommended update for ardana-horizon, ardana-logging, ardana-monasca, ardana-mq, ardana-osconfig, crowbar-ha, crowbar-openstack, kibana, openstack-neutron, openstack-nova, python-Django, release-notes-suse-openstack-cloud, sleshammer, spark
Description of the patch
This update for ardana-horizon, ardana-logging, ardana-monasca, ardana-mq, ardana-osconfig, crowbar-ha, crowbar-openstack, kibana, openstack-neutron, openstack-nova, python-Django, release-notes-suse-openstack-cloud, sleshammer, spark fixes the following issues:
Security fix from this update:
python-Django1
- CVE-2021-3281: Fixed a potential directory traversal when extracting
archives (bsc#1181379).
Changes in ardana-horizon_Update:
- Update to version 8.0+git.1610733160.0f577f4:
* Add Fix for logfile permissions (bsc#1179189)
Changes in ardana-logging_Update:
- Update to version 8.0+git.1610573640.452aed1:
* Remove some files from upgrade.yml (bsc#1179189)
Changes in ardana-monasca_Update:
- Update to version 8.0+git.1610740501.5dca121:
* Add Fix for logfile permissions (bsc#1179189)
Changes in ardana-mq_Update:
- Update to version 8.0+git.1605176800.52cccfa:
* Re-enable mirroring of fanout and reply queues (bsc#1177611)
Changes in ardana-osconfig_Update:
- Update to version 8.0+git.1610643571.91b88d6:
* Remove SLES-12-SP3-LTSS repos (bsc#1180916)
Changes in crowbar-ha:
- Update to version 5.0+git.1610564036.b75ee1b:
* [5.0] crowbar-pacemaker: Cluster member SSH key improvements
Changes in crowbar-openstack:
- Update to version 5.0+git.1610402513.08dca931e:
* neutron: Fix handling of networks with non-ascii names (SOC-11429)
- Update to version 5.0+git.1610372799.621afb999:
* keystone: fix keystone node lookup (SOC-11333, bsc#1164838)
Changes in kibana:
- Add 0001-Configurable-custom-response-headers-for-server.patch
(bsc#1171909, CVE-2020-10743)
- Added kibana.yml symlink (bsc#1048688, FATE#323204)
Changes in openstack-nova_Update:
- Update to version nova-16.1.9.dev78:
* [stable-only] Cap bandit to 1.6.2
Changes in python-Django_Update:
- Add CVE-2021-3281.patch (bsc#1181379, CVE-2021-3281)
* Fixes a potential directory traversal when extracting archives
Changes in release-notes-suse-openstack-cloud:
- Fix incorrect issue number for bsc#1179955
- Update to version 8.20201214:
* Add workaround for secure boot issue when shim package is updated. (bsc#1179955)
Changes in spark_Update:
- Add _constraints to prevent build from running out of disk space.
Changes in sleshammer:
- Really drop etc/udev/rules.d/70-persistent-net.rules from the overlay
it was still present in the tarball. (SOC-9288)
- added ruby2.1-rubygem-crowbar-client providing crowbarctl
Patchnames
HPE-Helion-OpenStack-8-2021-351,SUSE-2021-351,SUSE-OpenStack-Cloud-8-2021-351,SUSE-OpenStack-Cloud-Crowbar-8-2021-351
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Recommended update for ardana-horizon, ardana-logging, ardana-monasca, ardana-mq, ardana-osconfig, crowbar-ha, crowbar-openstack, kibana, openstack-neutron, openstack-nova, python-Django, release-notes-suse-openstack-cloud, sleshammer, spark",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for ardana-horizon, ardana-logging, ardana-monasca, ardana-mq, ardana-osconfig, crowbar-ha, crowbar-openstack, kibana, openstack-neutron, openstack-nova, python-Django, release-notes-suse-openstack-cloud, sleshammer, spark fixes the following issues:\n\nSecurity fix from this update:\npython-Django1\n- CVE-2021-3281: Fixed a potential directory traversal when extracting\n archives (bsc#1181379).\n\nChanges in ardana-horizon_Update:\n- Update to version 8.0+git.1610733160.0f577f4:\n * Add Fix for logfile permissions (bsc#1179189)\n\nChanges in ardana-logging_Update:\n- Update to version 8.0+git.1610573640.452aed1:\n * Remove some files from upgrade.yml (bsc#1179189)\n\nChanges in ardana-monasca_Update:\n- Update to version 8.0+git.1610740501.5dca121:\n * Add Fix for logfile permissions (bsc#1179189)\n\nChanges in ardana-mq_Update:\n- Update to version 8.0+git.1605176800.52cccfa:\n * Re-enable mirroring of fanout and reply queues (bsc#1177611)\n\nChanges in ardana-osconfig_Update:\n- Update to version 8.0+git.1610643571.91b88d6:\n * Remove SLES-12-SP3-LTSS repos (bsc#1180916)\n\nChanges in crowbar-ha:\n- Update to version 5.0+git.1610564036.b75ee1b:\n * [5.0] crowbar-pacemaker: Cluster member SSH key improvements\n\nChanges in crowbar-openstack:\n- Update to version 5.0+git.1610402513.08dca931e:\n * neutron: Fix handling of networks with non-ascii names (SOC-11429)\n\n- Update to version 5.0+git.1610372799.621afb999:\n * keystone: fix keystone node lookup (SOC-11333, bsc#1164838)\n\nChanges in kibana:\n- Add 0001-Configurable-custom-response-headers-for-server.patch\n (bsc#1171909, CVE-2020-10743)\n\n- Added kibana.yml symlink (bsc#1048688, FATE#323204)\n\n\nChanges in openstack-nova_Update:\n- Update to version nova-16.1.9.dev78:\n * [stable-only] Cap bandit to 1.6.2\n\nChanges in python-Django_Update:\n- Add CVE-2021-3281.patch (bsc#1181379, CVE-2021-3281)\n * Fixes a potential directory traversal when extracting archives\n\nChanges in release-notes-suse-openstack-cloud:\n- Fix incorrect issue number for bsc#1179955\n- Update to version 8.20201214:\n * Add workaround for secure boot issue when shim package is updated. (bsc#1179955)\n\nChanges in spark_Update:\n- Add _constraints to prevent build from running out of disk space.\n\nChanges in sleshammer:\n- Really drop etc/udev/rules.d/70-persistent-net.rules from the overlay\n it was still present in the tarball. (SOC-9288)\n\n- added ruby2.1-rubygem-crowbar-client providing crowbarctl\n\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "HPE-Helion-OpenStack-8-2021-351,SUSE-2021-351,SUSE-OpenStack-Cloud-8-2021-351,SUSE-OpenStack-Cloud-Crowbar-8-2021-351",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-ru-2021_0351-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-RU-2021:0351-1",
"url": "https://www.suse.com/support/update/announcement//suse-ru-20210351-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-RU-2021:0351-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2021-February/017922.html"
},
{
"category": "self",
"summary": "SUSE Bug 1048688",
"url": "https://bugzilla.suse.com/1048688"
},
{
"category": "self",
"summary": "SUSE Bug 1164838",
"url": "https://bugzilla.suse.com/1164838"
},
{
"category": "self",
"summary": "SUSE Bug 1177611",
"url": "https://bugzilla.suse.com/1177611"
},
{
"category": "self",
"summary": "SUSE Bug 1179189",
"url": "https://bugzilla.suse.com/1179189"
},
{
"category": "self",
"summary": "SUSE Bug 1179955",
"url": "https://bugzilla.suse.com/1179955"
},
{
"category": "self",
"summary": "SUSE Bug 1180916",
"url": "https://bugzilla.suse.com/1180916"
},
{
"category": "self",
"summary": "SUSE Bug 1181379",
"url": "https://bugzilla.suse.com/1181379"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-8611 page",
"url": "https://www.suse.com/security/cve/CVE-2016-8611/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-10743 page",
"url": "https://www.suse.com/security/cve/CVE-2020-10743/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-3281 page",
"url": "https://www.suse.com/security/cve/CVE-2021-3281/"
}
],
"title": "Recommended update for ardana-horizon, ardana-logging, ardana-monasca, ardana-mq, ardana-osconfig, crowbar-ha, crowbar-openstack, kibana, openstack-neutron, openstack-nova, python-Django, release-notes-suse-openstack-cloud, sleshammer, spark",
"tracking": {
"current_release_date": "2021-02-09T12:22:58Z",
"generator": {
"date": "2021-02-09T12:22:58Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-RU-2021:0351-1",
"initial_release_date": "2021-02-09T12:22:58Z",
"revision_history": [
{
"date": "2021-02-09T12:22:58Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kibana-4.6.3-3.6.1.aarch64",
"product": {
"name": "kibana-4.6.3-3.6.1.aarch64",
"product_id": "kibana-4.6.3-3.6.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "ardana-horizon-8.0+git.1610733160.0f577f4-3.21.1.noarch",
"product": {
"name": "ardana-horizon-8.0+git.1610733160.0f577f4-3.21.1.noarch",
"product_id": "ardana-horizon-8.0+git.1610733160.0f577f4-3.21.1.noarch"
}
},
{
"category": "product_version",
"name": "ardana-logging-8.0+git.1610573640.452aed1-3.27.1.noarch",
"product": {
"name": "ardana-logging-8.0+git.1610573640.452aed1-3.27.1.noarch",
"product_id": "ardana-logging-8.0+git.1610573640.452aed1-3.27.1.noarch"
}
},
{
"category": "product_version",
"name": "ardana-monasca-8.0+git.1610740501.5dca121-3.27.1.noarch",
"product": {
"name": "ardana-monasca-8.0+git.1610740501.5dca121-3.27.1.noarch",
"product_id": "ardana-monasca-8.0+git.1610740501.5dca121-3.27.1.noarch"
}
},
{
"category": "product_version",
"name": "ardana-mq-8.0+git.1605176800.52cccfa-3.29.1.noarch",
"product": {
"name": "ardana-mq-8.0+git.1605176800.52cccfa-3.29.1.noarch",
"product_id": "ardana-mq-8.0+git.1605176800.52cccfa-3.29.1.noarch"
}
},
{
"category": "product_version",
"name": "ardana-osconfig-8.0+git.1610643571.91b88d6-3.52.1.noarch",
"product": {
"name": "ardana-osconfig-8.0+git.1610643571.91b88d6-3.52.1.noarch",
"product_id": "ardana-osconfig-8.0+git.1610643571.91b88d6-3.52.1.noarch"
}
},
{
"category": "product_version",
"name": "openstack-neutron-11.0.9~dev69-3.40.1.noarch",
"product": {
"name": "openstack-neutron-11.0.9~dev69-3.40.1.noarch",
"product_id": "openstack-neutron-11.0.9~dev69-3.40.1.noarch"
}
},
{
"category": "product_version",
"name": "openstack-neutron-dhcp-agent-11.0.9~dev69-3.40.1.noarch",
"product": {
"name": "openstack-neutron-dhcp-agent-11.0.9~dev69-3.40.1.noarch",
"product_id": "openstack-neutron-dhcp-agent-11.0.9~dev69-3.40.1.noarch"
}
},
{
"category": "product_version",
"name": "openstack-neutron-doc-11.0.9~dev69-3.40.1.noarch",
"product": {
"name": "openstack-neutron-doc-11.0.9~dev69-3.40.1.noarch",
"product_id": "openstack-neutron-doc-11.0.9~dev69-3.40.1.noarch"
}
},
{
"category": "product_version",
"name": "openstack-neutron-ha-tool-11.0.9~dev69-3.40.1.noarch",
"product": {
"name": "openstack-neutron-ha-tool-11.0.9~dev69-3.40.1.noarch",
"product_id": "openstack-neutron-ha-tool-11.0.9~dev69-3.40.1.noarch"
}
},
{
"category": "product_version",
"name": "openstack-neutron-l3-agent-11.0.9~dev69-3.40.1.noarch",
"product": {
"name": "openstack-neutron-l3-agent-11.0.9~dev69-3.40.1.noarch",
"product_id": "openstack-neutron-l3-agent-11.0.9~dev69-3.40.1.noarch"
}
},
{
"category": "product_version",
"name": "openstack-neutron-linuxbridge-agent-11.0.9~dev69-3.40.1.noarch",
"product": {
"name": "openstack-neutron-linuxbridge-agent-11.0.9~dev69-3.40.1.noarch",
"product_id": "openstack-neutron-linuxbridge-agent-11.0.9~dev69-3.40.1.noarch"
}
},
{
"category": "product_version",
"name": "openstack-neutron-macvtap-agent-11.0.9~dev69-3.40.1.noarch",
"product": {
"name": "openstack-neutron-macvtap-agent-11.0.9~dev69-3.40.1.noarch",
"product_id": "openstack-neutron-macvtap-agent-11.0.9~dev69-3.40.1.noarch"
}
},
{
"category": "product_version",
"name": "openstack-neutron-metadata-agent-11.0.9~dev69-3.40.1.noarch",
"product": {
"name": "openstack-neutron-metadata-agent-11.0.9~dev69-3.40.1.noarch",
"product_id": "openstack-neutron-metadata-agent-11.0.9~dev69-3.40.1.noarch"
}
},
{
"category": "product_version",
"name": "openstack-neutron-metering-agent-11.0.9~dev69-3.40.1.noarch",
"product": {
"name": "openstack-neutron-metering-agent-11.0.9~dev69-3.40.1.noarch",
"product_id": "openstack-neutron-metering-agent-11.0.9~dev69-3.40.1.noarch"
}
},
{
"category": "product_version",
"name": "openstack-neutron-openvswitch-agent-11.0.9~dev69-3.40.1.noarch",
"product": {
"name": "openstack-neutron-openvswitch-agent-11.0.9~dev69-3.40.1.noarch",
"product_id": "openstack-neutron-openvswitch-agent-11.0.9~dev69-3.40.1.noarch"
}
},
{
"category": "product_version",
"name": "openstack-neutron-server-11.0.9~dev69-3.40.1.noarch",
"product": {
"name": "openstack-neutron-server-11.0.9~dev69-3.40.1.noarch",
"product_id": "openstack-neutron-server-11.0.9~dev69-3.40.1.noarch"
}
},
{
"category": "product_version",
"name": "openstack-nova-16.1.9~dev78-3.45.1.noarch",
"product": {
"name": "openstack-nova-16.1.9~dev78-3.45.1.noarch",
"product_id": "openstack-nova-16.1.9~dev78-3.45.1.noarch"
}
},
{
"category": "product_version",
"name": "openstack-nova-api-16.1.9~dev78-3.45.1.noarch",
"product": {
"name": "openstack-nova-api-16.1.9~dev78-3.45.1.noarch",
"product_id": "openstack-nova-api-16.1.9~dev78-3.45.1.noarch"
}
},
{
"category": "product_version",
"name": "openstack-nova-cells-16.1.9~dev78-3.45.1.noarch",
"product": {
"name": "openstack-nova-cells-16.1.9~dev78-3.45.1.noarch",
"product_id": "openstack-nova-cells-16.1.9~dev78-3.45.1.noarch"
}
},
{
"category": "product_version",
"name": "openstack-nova-compute-16.1.9~dev78-3.45.1.noarch",
"product": {
"name": "openstack-nova-compute-16.1.9~dev78-3.45.1.noarch",
"product_id": "openstack-nova-compute-16.1.9~dev78-3.45.1.noarch"
}
},
{
"category": "product_version",
"name": "openstack-nova-conductor-16.1.9~dev78-3.45.1.noarch",
"product": {
"name": "openstack-nova-conductor-16.1.9~dev78-3.45.1.noarch",
"product_id": "openstack-nova-conductor-16.1.9~dev78-3.45.1.noarch"
}
},
{
"category": "product_version",
"name": "openstack-nova-console-16.1.9~dev78-3.45.1.noarch",
"product": {
"name": "openstack-nova-console-16.1.9~dev78-3.45.1.noarch",
"product_id": "openstack-nova-console-16.1.9~dev78-3.45.1.noarch"
}
},
{
"category": "product_version",
"name": "openstack-nova-consoleauth-16.1.9~dev78-3.45.1.noarch",
"product": {
"name": "openstack-nova-consoleauth-16.1.9~dev78-3.45.1.noarch",
"product_id": "openstack-nova-consoleauth-16.1.9~dev78-3.45.1.noarch"
}
},
{
"category": "product_version",
"name": "openstack-nova-doc-16.1.9~dev78-3.45.1.noarch",
"product": {
"name": "openstack-nova-doc-16.1.9~dev78-3.45.1.noarch",
"product_id": "openstack-nova-doc-16.1.9~dev78-3.45.1.noarch"
}
},
{
"category": "product_version",
"name": "openstack-nova-novncproxy-16.1.9~dev78-3.45.1.noarch",
"product": {
"name": "openstack-nova-novncproxy-16.1.9~dev78-3.45.1.noarch",
"product_id": "openstack-nova-novncproxy-16.1.9~dev78-3.45.1.noarch"
}
},
{
"category": "product_version",
"name": "openstack-nova-placement-api-16.1.9~dev78-3.45.1.noarch",
"product": {
"name": "openstack-nova-placement-api-16.1.9~dev78-3.45.1.noarch",
"product_id": "openstack-nova-placement-api-16.1.9~dev78-3.45.1.noarch"
}
},
{
"category": "product_version",
"name": "openstack-nova-scheduler-16.1.9~dev78-3.45.1.noarch",
"product": {
"name": "openstack-nova-scheduler-16.1.9~dev78-3.45.1.noarch",
"product_id": "openstack-nova-scheduler-16.1.9~dev78-3.45.1.noarch"
}
},
{
"category": "product_version",
"name": "openstack-nova-serialproxy-16.1.9~dev78-3.45.1.noarch",
"product": {
"name": "openstack-nova-serialproxy-16.1.9~dev78-3.45.1.noarch",
"product_id": "openstack-nova-serialproxy-16.1.9~dev78-3.45.1.noarch"
}
},
{
"category": "product_version",
"name": "openstack-nova-vncproxy-16.1.9~dev78-3.45.1.noarch",
"product": {
"name": "openstack-nova-vncproxy-16.1.9~dev78-3.45.1.noarch",
"product_id": "openstack-nova-vncproxy-16.1.9~dev78-3.45.1.noarch"
}
},
{
"category": "product_version",
"name": "python-Django-1.11.29-3.22.1.noarch",
"product": {
"name": "python-Django-1.11.29-3.22.1.noarch",
"product_id": "python-Django-1.11.29-3.22.1.noarch"
}
},
{
"category": "product_version",
"name": "python-neutron-11.0.9~dev69-3.40.1.noarch",
"product": {
"name": "python-neutron-11.0.9~dev69-3.40.1.noarch",
"product_id": "python-neutron-11.0.9~dev69-3.40.1.noarch"
}
},
{
"category": "product_version",
"name": "python-nova-16.1.9~dev78-3.45.1.noarch",
"product": {
"name": "python-nova-16.1.9~dev78-3.45.1.noarch",
"product_id": "python-nova-16.1.9~dev78-3.45.1.noarch"
}
},
{
"category": "product_version",
"name": "release-notes-hpe-helion-openstack-8.20201214-3.29.1.noarch",
"product": {
"name": "release-notes-hpe-helion-openstack-8.20201214-3.29.1.noarch",
"product_id": "release-notes-hpe-helion-openstack-8.20201214-3.29.1.noarch"
}
},
{
"category": "product_version",
"name": "spark-1.6.3-8.6.1.noarch",
"product": {
"name": "spark-1.6.3-8.6.1.noarch",
"product_id": "spark-1.6.3-8.6.1.noarch"
}
},
{
"category": "product_version",
"name": "venv-openstack-horizon-hpe-x86_64-12.0.5~dev6-14.34.1.noarch",
"product": {
"name": "venv-openstack-horizon-hpe-x86_64-12.0.5~dev6-14.34.1.noarch",
"product_id": "venv-openstack-horizon-hpe-x86_64-12.0.5~dev6-14.34.1.noarch"
}
},
{
"category": "product_version",
"name": "venv-openstack-neutron-x86_64-11.0.9~dev69-13.36.1.noarch",
"product": {
"name": "venv-openstack-neutron-x86_64-11.0.9~dev69-13.36.1.noarch",
"product_id": "venv-openstack-neutron-x86_64-11.0.9~dev69-13.36.1.noarch"
}
},
{
"category": "product_version",
"name": "venv-openstack-nova-x86_64-16.1.9~dev78-11.34.1.noarch",
"product": {
"name": "venv-openstack-nova-x86_64-16.1.9~dev78-11.34.1.noarch",
"product_id": "venv-openstack-nova-x86_64-16.1.9~dev78-11.34.1.noarch"
}
},
{
"category": "product_version",
"name": "crowbar-ha-5.0+git.1610564036.b75ee1b-3.35.1.noarch",
"product": {
"name": "crowbar-ha-5.0+git.1610564036.b75ee1b-3.35.1.noarch",
"product_id": "crowbar-ha-5.0+git.1610564036.b75ee1b-3.35.1.noarch"
}
},
{
"category": "product_version",
"name": "crowbar-openstack-5.0+git.1610402513.08dca931e-4.49.1.noarch",
"product": {
"name": "crowbar-openstack-5.0+git.1610402513.08dca931e-4.49.1.noarch",
"product_id": "crowbar-openstack-5.0+git.1610402513.08dca931e-4.49.1.noarch"
}
},
{
"category": "product_version",
"name": "openstack-neutron-test-11.0.9~dev69-3.40.1.noarch",
"product": {
"name": "openstack-neutron-test-11.0.9~dev69-3.40.1.noarch",
"product_id": "openstack-neutron-test-11.0.9~dev69-3.40.1.noarch"
}
},
{
"category": "product_version",
"name": "openstack-nova-network-16.1.9~dev78-3.45.1.noarch",
"product": {
"name": "openstack-nova-network-16.1.9~dev78-3.45.1.noarch",
"product_id": "openstack-nova-network-16.1.9~dev78-3.45.1.noarch"
}
},
{
"category": "product_version",
"name": "openstack-nova-test-16.1.9~dev78-3.45.1.noarch",
"product": {
"name": "openstack-nova-test-16.1.9~dev78-3.45.1.noarch",
"product_id": "openstack-nova-test-16.1.9~dev78-3.45.1.noarch"
}
},
{
"category": "product_version",
"name": "python3-Django-1.11.29-3.22.1.noarch",
"product": {
"name": "python3-Django-1.11.29-3.22.1.noarch",
"product_id": "python3-Django-1.11.29-3.22.1.noarch"
}
},
{
"category": "product_version",
"name": "release-notes-suse-openstack-cloud-8.20201214-3.29.1.noarch",
"product": {
"name": "release-notes-suse-openstack-cloud-8.20201214-3.29.1.noarch",
"product_id": "release-notes-suse-openstack-cloud-8.20201214-3.29.1.noarch"
}
},
{
"category": "product_version",
"name": "sleshammer-aarch64-0.8.0-0.20.2.noarch",
"product": {
"name": "sleshammer-aarch64-0.8.0-0.20.2.noarch",
"product_id": "sleshammer-aarch64-0.8.0-0.20.2.noarch"
}
},
{
"category": "product_version",
"name": "sleshammer-ppc64le-0.8.0-0.20.2.noarch",
"product": {
"name": "sleshammer-ppc64le-0.8.0-0.20.2.noarch",
"product_id": "sleshammer-ppc64le-0.8.0-0.20.2.noarch"
}
},
{
"category": "product_version",
"name": "sleshammer-s390x-0.8.0-0.20.2.noarch",
"product": {
"name": "sleshammer-s390x-0.8.0-0.20.2.noarch",
"product_id": "sleshammer-s390x-0.8.0-0.20.2.noarch"
}
},
{
"category": "product_version",
"name": "sleshammer-x86_64-0.8.0-0.20.2.noarch",
"product": {
"name": "sleshammer-x86_64-0.8.0-0.20.2.noarch",
"product_id": "sleshammer-x86_64-0.8.0-0.20.2.noarch"
}
},
{
"category": "product_version",
"name": "venv-openstack-horizon-x86_64-12.0.5~dev6-14.34.3.noarch",
"product": {
"name": "venv-openstack-horizon-x86_64-12.0.5~dev6-14.34.3.noarch",
"product_id": "venv-openstack-horizon-x86_64-12.0.5~dev6-14.34.3.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "kibana-4.6.3-3.6.1.ppc64le",
"product": {
"name": "kibana-4.6.3-3.6.1.ppc64le",
"product_id": "kibana-4.6.3-3.6.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "kibana-4.6.3-3.6.1.s390x",
"product": {
"name": "kibana-4.6.3-3.6.1.s390x",
"product_id": "kibana-4.6.3-3.6.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "kibana-4.6.3-3.6.1.x86_64",
"product": {
"name": "kibana-4.6.3-3.6.1.x86_64",
"product_id": "kibana-4.6.3-3.6.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "HPE Helion OpenStack 8",
"product": {
"name": "HPE Helion OpenStack 8",
"product_id": "HPE Helion OpenStack 8",
"product_identification_helper": {
"cpe": "cpe:/o:suse:hpe-helion-openstack:8"
}
}
},
{
"category": "product_name",
"name": "SUSE OpenStack Cloud 8",
"product": {
"name": "SUSE OpenStack Cloud 8",
"product_id": "SUSE OpenStack Cloud 8",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-openstack-cloud:8"
}
}
},
{
"category": "product_name",
"name": "SUSE OpenStack Cloud Crowbar 8",
"product": {
"name": "SUSE OpenStack Cloud Crowbar 8",
"product_id": "SUSE OpenStack Cloud Crowbar 8",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-openstack-cloud-crowbar:8"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "ardana-horizon-8.0+git.1610733160.0f577f4-3.21.1.noarch as component of HPE Helion OpenStack 8",
"product_id": "HPE Helion OpenStack 8:ardana-horizon-8.0+git.1610733160.0f577f4-3.21.1.noarch"
},
"product_reference": "ardana-horizon-8.0+git.1610733160.0f577f4-3.21.1.noarch",
"relates_to_product_reference": "HPE Helion OpenStack 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ardana-logging-8.0+git.1610573640.452aed1-3.27.1.noarch as component of HPE Helion OpenStack 8",
"product_id": "HPE Helion OpenStack 8:ardana-logging-8.0+git.1610573640.452aed1-3.27.1.noarch"
},
"product_reference": "ardana-logging-8.0+git.1610573640.452aed1-3.27.1.noarch",
"relates_to_product_reference": "HPE Helion OpenStack 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ardana-monasca-8.0+git.1610740501.5dca121-3.27.1.noarch as component of HPE Helion OpenStack 8",
"product_id": "HPE Helion OpenStack 8:ardana-monasca-8.0+git.1610740501.5dca121-3.27.1.noarch"
},
"product_reference": "ardana-monasca-8.0+git.1610740501.5dca121-3.27.1.noarch",
"relates_to_product_reference": "HPE Helion OpenStack 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ardana-mq-8.0+git.1605176800.52cccfa-3.29.1.noarch as component of HPE Helion OpenStack 8",
"product_id": "HPE Helion OpenStack 8:ardana-mq-8.0+git.1605176800.52cccfa-3.29.1.noarch"
},
"product_reference": "ardana-mq-8.0+git.1605176800.52cccfa-3.29.1.noarch",
"relates_to_product_reference": "HPE Helion OpenStack 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ardana-osconfig-8.0+git.1610643571.91b88d6-3.52.1.noarch as component of HPE Helion OpenStack 8",
"product_id": "HPE Helion OpenStack 8:ardana-osconfig-8.0+git.1610643571.91b88d6-3.52.1.noarch"
},
"product_reference": "ardana-osconfig-8.0+git.1610643571.91b88d6-3.52.1.noarch",
"relates_to_product_reference": "HPE Helion OpenStack 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kibana-4.6.3-3.6.1.x86_64 as component of HPE Helion OpenStack 8",
"product_id": "HPE Helion OpenStack 8:kibana-4.6.3-3.6.1.x86_64"
},
"product_reference": "kibana-4.6.3-3.6.1.x86_64",
"relates_to_product_reference": "HPE Helion OpenStack 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-neutron-11.0.9~dev69-3.40.1.noarch as component of HPE Helion OpenStack 8",
"product_id": "HPE Helion OpenStack 8:openstack-neutron-11.0.9~dev69-3.40.1.noarch"
},
"product_reference": "openstack-neutron-11.0.9~dev69-3.40.1.noarch",
"relates_to_product_reference": "HPE Helion OpenStack 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-neutron-dhcp-agent-11.0.9~dev69-3.40.1.noarch as component of HPE Helion OpenStack 8",
"product_id": "HPE Helion OpenStack 8:openstack-neutron-dhcp-agent-11.0.9~dev69-3.40.1.noarch"
},
"product_reference": "openstack-neutron-dhcp-agent-11.0.9~dev69-3.40.1.noarch",
"relates_to_product_reference": "HPE Helion OpenStack 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-neutron-doc-11.0.9~dev69-3.40.1.noarch as component of HPE Helion OpenStack 8",
"product_id": "HPE Helion OpenStack 8:openstack-neutron-doc-11.0.9~dev69-3.40.1.noarch"
},
"product_reference": "openstack-neutron-doc-11.0.9~dev69-3.40.1.noarch",
"relates_to_product_reference": "HPE Helion OpenStack 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-neutron-ha-tool-11.0.9~dev69-3.40.1.noarch as component of HPE Helion OpenStack 8",
"product_id": "HPE Helion OpenStack 8:openstack-neutron-ha-tool-11.0.9~dev69-3.40.1.noarch"
},
"product_reference": "openstack-neutron-ha-tool-11.0.9~dev69-3.40.1.noarch",
"relates_to_product_reference": "HPE Helion OpenStack 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-neutron-l3-agent-11.0.9~dev69-3.40.1.noarch as component of HPE Helion OpenStack 8",
"product_id": "HPE Helion OpenStack 8:openstack-neutron-l3-agent-11.0.9~dev69-3.40.1.noarch"
},
"product_reference": "openstack-neutron-l3-agent-11.0.9~dev69-3.40.1.noarch",
"relates_to_product_reference": "HPE Helion OpenStack 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-neutron-linuxbridge-agent-11.0.9~dev69-3.40.1.noarch as component of HPE Helion OpenStack 8",
"product_id": "HPE Helion OpenStack 8:openstack-neutron-linuxbridge-agent-11.0.9~dev69-3.40.1.noarch"
},
"product_reference": "openstack-neutron-linuxbridge-agent-11.0.9~dev69-3.40.1.noarch",
"relates_to_product_reference": "HPE Helion OpenStack 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-neutron-macvtap-agent-11.0.9~dev69-3.40.1.noarch as component of HPE Helion OpenStack 8",
"product_id": "HPE Helion OpenStack 8:openstack-neutron-macvtap-agent-11.0.9~dev69-3.40.1.noarch"
},
"product_reference": "openstack-neutron-macvtap-agent-11.0.9~dev69-3.40.1.noarch",
"relates_to_product_reference": "HPE Helion OpenStack 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-neutron-metadata-agent-11.0.9~dev69-3.40.1.noarch as component of HPE Helion OpenStack 8",
"product_id": "HPE Helion OpenStack 8:openstack-neutron-metadata-agent-11.0.9~dev69-3.40.1.noarch"
},
"product_reference": "openstack-neutron-metadata-agent-11.0.9~dev69-3.40.1.noarch",
"relates_to_product_reference": "HPE Helion OpenStack 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-neutron-metering-agent-11.0.9~dev69-3.40.1.noarch as component of HPE Helion OpenStack 8",
"product_id": "HPE Helion OpenStack 8:openstack-neutron-metering-agent-11.0.9~dev69-3.40.1.noarch"
},
"product_reference": "openstack-neutron-metering-agent-11.0.9~dev69-3.40.1.noarch",
"relates_to_product_reference": "HPE Helion OpenStack 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-neutron-openvswitch-agent-11.0.9~dev69-3.40.1.noarch as component of HPE Helion OpenStack 8",
"product_id": "HPE Helion OpenStack 8:openstack-neutron-openvswitch-agent-11.0.9~dev69-3.40.1.noarch"
},
"product_reference": "openstack-neutron-openvswitch-agent-11.0.9~dev69-3.40.1.noarch",
"relates_to_product_reference": "HPE Helion OpenStack 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-neutron-server-11.0.9~dev69-3.40.1.noarch as component of HPE Helion OpenStack 8",
"product_id": "HPE Helion OpenStack 8:openstack-neutron-server-11.0.9~dev69-3.40.1.noarch"
},
"product_reference": "openstack-neutron-server-11.0.9~dev69-3.40.1.noarch",
"relates_to_product_reference": "HPE Helion OpenStack 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-nova-16.1.9~dev78-3.45.1.noarch as component of HPE Helion OpenStack 8",
"product_id": "HPE Helion OpenStack 8:openstack-nova-16.1.9~dev78-3.45.1.noarch"
},
"product_reference": "openstack-nova-16.1.9~dev78-3.45.1.noarch",
"relates_to_product_reference": "HPE Helion OpenStack 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-nova-api-16.1.9~dev78-3.45.1.noarch as component of HPE Helion OpenStack 8",
"product_id": "HPE Helion OpenStack 8:openstack-nova-api-16.1.9~dev78-3.45.1.noarch"
},
"product_reference": "openstack-nova-api-16.1.9~dev78-3.45.1.noarch",
"relates_to_product_reference": "HPE Helion OpenStack 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-nova-cells-16.1.9~dev78-3.45.1.noarch as component of HPE Helion OpenStack 8",
"product_id": "HPE Helion OpenStack 8:openstack-nova-cells-16.1.9~dev78-3.45.1.noarch"
},
"product_reference": "openstack-nova-cells-16.1.9~dev78-3.45.1.noarch",
"relates_to_product_reference": "HPE Helion OpenStack 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-nova-compute-16.1.9~dev78-3.45.1.noarch as component of HPE Helion OpenStack 8",
"product_id": "HPE Helion OpenStack 8:openstack-nova-compute-16.1.9~dev78-3.45.1.noarch"
},
"product_reference": "openstack-nova-compute-16.1.9~dev78-3.45.1.noarch",
"relates_to_product_reference": "HPE Helion OpenStack 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-nova-conductor-16.1.9~dev78-3.45.1.noarch as component of HPE Helion OpenStack 8",
"product_id": "HPE Helion OpenStack 8:openstack-nova-conductor-16.1.9~dev78-3.45.1.noarch"
},
"product_reference": "openstack-nova-conductor-16.1.9~dev78-3.45.1.noarch",
"relates_to_product_reference": "HPE Helion OpenStack 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-nova-console-16.1.9~dev78-3.45.1.noarch as component of HPE Helion OpenStack 8",
"product_id": "HPE Helion OpenStack 8:openstack-nova-console-16.1.9~dev78-3.45.1.noarch"
},
"product_reference": "openstack-nova-console-16.1.9~dev78-3.45.1.noarch",
"relates_to_product_reference": "HPE Helion OpenStack 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-nova-consoleauth-16.1.9~dev78-3.45.1.noarch as component of HPE Helion OpenStack 8",
"product_id": "HPE Helion OpenStack 8:openstack-nova-consoleauth-16.1.9~dev78-3.45.1.noarch"
},
"product_reference": "openstack-nova-consoleauth-16.1.9~dev78-3.45.1.noarch",
"relates_to_product_reference": "HPE Helion OpenStack 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-nova-doc-16.1.9~dev78-3.45.1.noarch as component of HPE Helion OpenStack 8",
"product_id": "HPE Helion OpenStack 8:openstack-nova-doc-16.1.9~dev78-3.45.1.noarch"
},
"product_reference": "openstack-nova-doc-16.1.9~dev78-3.45.1.noarch",
"relates_to_product_reference": "HPE Helion OpenStack 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-nova-novncproxy-16.1.9~dev78-3.45.1.noarch as component of HPE Helion OpenStack 8",
"product_id": "HPE Helion OpenStack 8:openstack-nova-novncproxy-16.1.9~dev78-3.45.1.noarch"
},
"product_reference": "openstack-nova-novncproxy-16.1.9~dev78-3.45.1.noarch",
"relates_to_product_reference": "HPE Helion OpenStack 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-nova-placement-api-16.1.9~dev78-3.45.1.noarch as component of HPE Helion OpenStack 8",
"product_id": "HPE Helion OpenStack 8:openstack-nova-placement-api-16.1.9~dev78-3.45.1.noarch"
},
"product_reference": "openstack-nova-placement-api-16.1.9~dev78-3.45.1.noarch",
"relates_to_product_reference": "HPE Helion OpenStack 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-nova-scheduler-16.1.9~dev78-3.45.1.noarch as component of HPE Helion OpenStack 8",
"product_id": "HPE Helion OpenStack 8:openstack-nova-scheduler-16.1.9~dev78-3.45.1.noarch"
},
"product_reference": "openstack-nova-scheduler-16.1.9~dev78-3.45.1.noarch",
"relates_to_product_reference": "HPE Helion OpenStack 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-nova-serialproxy-16.1.9~dev78-3.45.1.noarch as component of HPE Helion OpenStack 8",
"product_id": "HPE Helion OpenStack 8:openstack-nova-serialproxy-16.1.9~dev78-3.45.1.noarch"
},
"product_reference": "openstack-nova-serialproxy-16.1.9~dev78-3.45.1.noarch",
"relates_to_product_reference": "HPE Helion OpenStack 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-nova-vncproxy-16.1.9~dev78-3.45.1.noarch as component of HPE Helion OpenStack 8",
"product_id": "HPE Helion OpenStack 8:openstack-nova-vncproxy-16.1.9~dev78-3.45.1.noarch"
},
"product_reference": "openstack-nova-vncproxy-16.1.9~dev78-3.45.1.noarch",
"relates_to_product_reference": "HPE Helion OpenStack 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-Django-1.11.29-3.22.1.noarch as component of HPE Helion OpenStack 8",
"product_id": "HPE Helion OpenStack 8:python-Django-1.11.29-3.22.1.noarch"
},
"product_reference": "python-Django-1.11.29-3.22.1.noarch",
"relates_to_product_reference": "HPE Helion OpenStack 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-neutron-11.0.9~dev69-3.40.1.noarch as component of HPE Helion OpenStack 8",
"product_id": "HPE Helion OpenStack 8:python-neutron-11.0.9~dev69-3.40.1.noarch"
},
"product_reference": "python-neutron-11.0.9~dev69-3.40.1.noarch",
"relates_to_product_reference": "HPE Helion OpenStack 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-nova-16.1.9~dev78-3.45.1.noarch as component of HPE Helion OpenStack 8",
"product_id": "HPE Helion OpenStack 8:python-nova-16.1.9~dev78-3.45.1.noarch"
},
"product_reference": "python-nova-16.1.9~dev78-3.45.1.noarch",
"relates_to_product_reference": "HPE Helion OpenStack 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "release-notes-hpe-helion-openstack-8.20201214-3.29.1.noarch as component of HPE Helion OpenStack 8",
"product_id": "HPE Helion OpenStack 8:release-notes-hpe-helion-openstack-8.20201214-3.29.1.noarch"
},
"product_reference": "release-notes-hpe-helion-openstack-8.20201214-3.29.1.noarch",
"relates_to_product_reference": "HPE Helion OpenStack 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spark-1.6.3-8.6.1.noarch as component of HPE Helion OpenStack 8",
"product_id": "HPE Helion OpenStack 8:spark-1.6.3-8.6.1.noarch"
},
"product_reference": "spark-1.6.3-8.6.1.noarch",
"relates_to_product_reference": "HPE Helion OpenStack 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "venv-openstack-horizon-hpe-x86_64-12.0.5~dev6-14.34.1.noarch as component of HPE Helion OpenStack 8",
"product_id": "HPE Helion OpenStack 8:venv-openstack-horizon-hpe-x86_64-12.0.5~dev6-14.34.1.noarch"
},
"product_reference": "venv-openstack-horizon-hpe-x86_64-12.0.5~dev6-14.34.1.noarch",
"relates_to_product_reference": "HPE Helion OpenStack 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "venv-openstack-neutron-x86_64-11.0.9~dev69-13.36.1.noarch as component of HPE Helion OpenStack 8",
"product_id": "HPE Helion OpenStack 8:venv-openstack-neutron-x86_64-11.0.9~dev69-13.36.1.noarch"
},
"product_reference": "venv-openstack-neutron-x86_64-11.0.9~dev69-13.36.1.noarch",
"relates_to_product_reference": "HPE Helion OpenStack 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "venv-openstack-nova-x86_64-16.1.9~dev78-11.34.1.noarch as component of HPE Helion OpenStack 8",
"product_id": "HPE Helion OpenStack 8:venv-openstack-nova-x86_64-16.1.9~dev78-11.34.1.noarch"
},
"product_reference": "venv-openstack-nova-x86_64-16.1.9~dev78-11.34.1.noarch",
"relates_to_product_reference": "HPE Helion OpenStack 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ardana-horizon-8.0+git.1610733160.0f577f4-3.21.1.noarch as component of SUSE OpenStack Cloud 8",
"product_id": "SUSE OpenStack Cloud 8:ardana-horizon-8.0+git.1610733160.0f577f4-3.21.1.noarch"
},
"product_reference": "ardana-horizon-8.0+git.1610733160.0f577f4-3.21.1.noarch",
"relates_to_product_reference": "SUSE OpenStack Cloud 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ardana-logging-8.0+git.1610573640.452aed1-3.27.1.noarch as component of SUSE OpenStack Cloud 8",
"product_id": "SUSE OpenStack Cloud 8:ardana-logging-8.0+git.1610573640.452aed1-3.27.1.noarch"
},
"product_reference": "ardana-logging-8.0+git.1610573640.452aed1-3.27.1.noarch",
"relates_to_product_reference": "SUSE OpenStack Cloud 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ardana-monasca-8.0+git.1610740501.5dca121-3.27.1.noarch as component of SUSE OpenStack Cloud 8",
"product_id": "SUSE OpenStack Cloud 8:ardana-monasca-8.0+git.1610740501.5dca121-3.27.1.noarch"
},
"product_reference": "ardana-monasca-8.0+git.1610740501.5dca121-3.27.1.noarch",
"relates_to_product_reference": "SUSE OpenStack Cloud 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ardana-mq-8.0+git.1605176800.52cccfa-3.29.1.noarch as component of SUSE OpenStack Cloud 8",
"product_id": "SUSE OpenStack Cloud 8:ardana-mq-8.0+git.1605176800.52cccfa-3.29.1.noarch"
},
"product_reference": "ardana-mq-8.0+git.1605176800.52cccfa-3.29.1.noarch",
"relates_to_product_reference": "SUSE OpenStack Cloud 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ardana-osconfig-8.0+git.1610643571.91b88d6-3.52.1.noarch as component of SUSE OpenStack Cloud 8",
"product_id": "SUSE OpenStack Cloud 8:ardana-osconfig-8.0+git.1610643571.91b88d6-3.52.1.noarch"
},
"product_reference": "ardana-osconfig-8.0+git.1610643571.91b88d6-3.52.1.noarch",
"relates_to_product_reference": "SUSE OpenStack Cloud 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kibana-4.6.3-3.6.1.x86_64 as component of SUSE OpenStack Cloud 8",
"product_id": "SUSE OpenStack Cloud 8:kibana-4.6.3-3.6.1.x86_64"
},
"product_reference": "kibana-4.6.3-3.6.1.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-neutron-11.0.9~dev69-3.40.1.noarch as component of SUSE OpenStack Cloud 8",
"product_id": "SUSE OpenStack Cloud 8:openstack-neutron-11.0.9~dev69-3.40.1.noarch"
},
"product_reference": "openstack-neutron-11.0.9~dev69-3.40.1.noarch",
"relates_to_product_reference": "SUSE OpenStack Cloud 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-neutron-dhcp-agent-11.0.9~dev69-3.40.1.noarch as component of SUSE OpenStack Cloud 8",
"product_id": "SUSE OpenStack Cloud 8:openstack-neutron-dhcp-agent-11.0.9~dev69-3.40.1.noarch"
},
"product_reference": "openstack-neutron-dhcp-agent-11.0.9~dev69-3.40.1.noarch",
"relates_to_product_reference": "SUSE OpenStack Cloud 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-neutron-doc-11.0.9~dev69-3.40.1.noarch as component of SUSE OpenStack Cloud 8",
"product_id": "SUSE OpenStack Cloud 8:openstack-neutron-doc-11.0.9~dev69-3.40.1.noarch"
},
"product_reference": "openstack-neutron-doc-11.0.9~dev69-3.40.1.noarch",
"relates_to_product_reference": "SUSE OpenStack Cloud 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-neutron-ha-tool-11.0.9~dev69-3.40.1.noarch as component of SUSE OpenStack Cloud 8",
"product_id": "SUSE OpenStack Cloud 8:openstack-neutron-ha-tool-11.0.9~dev69-3.40.1.noarch"
},
"product_reference": "openstack-neutron-ha-tool-11.0.9~dev69-3.40.1.noarch",
"relates_to_product_reference": "SUSE OpenStack Cloud 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-neutron-l3-agent-11.0.9~dev69-3.40.1.noarch as component of SUSE OpenStack Cloud 8",
"product_id": "SUSE OpenStack Cloud 8:openstack-neutron-l3-agent-11.0.9~dev69-3.40.1.noarch"
},
"product_reference": "openstack-neutron-l3-agent-11.0.9~dev69-3.40.1.noarch",
"relates_to_product_reference": "SUSE OpenStack Cloud 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-neutron-linuxbridge-agent-11.0.9~dev69-3.40.1.noarch as component of SUSE OpenStack Cloud 8",
"product_id": "SUSE OpenStack Cloud 8:openstack-neutron-linuxbridge-agent-11.0.9~dev69-3.40.1.noarch"
},
"product_reference": "openstack-neutron-linuxbridge-agent-11.0.9~dev69-3.40.1.noarch",
"relates_to_product_reference": "SUSE OpenStack Cloud 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-neutron-macvtap-agent-11.0.9~dev69-3.40.1.noarch as component of SUSE OpenStack Cloud 8",
"product_id": "SUSE OpenStack Cloud 8:openstack-neutron-macvtap-agent-11.0.9~dev69-3.40.1.noarch"
},
"product_reference": "openstack-neutron-macvtap-agent-11.0.9~dev69-3.40.1.noarch",
"relates_to_product_reference": "SUSE OpenStack Cloud 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-neutron-metadata-agent-11.0.9~dev69-3.40.1.noarch as component of SUSE OpenStack Cloud 8",
"product_id": "SUSE OpenStack Cloud 8:openstack-neutron-metadata-agent-11.0.9~dev69-3.40.1.noarch"
},
"product_reference": "openstack-neutron-metadata-agent-11.0.9~dev69-3.40.1.noarch",
"relates_to_product_reference": "SUSE OpenStack Cloud 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-neutron-metering-agent-11.0.9~dev69-3.40.1.noarch as component of SUSE OpenStack Cloud 8",
"product_id": "SUSE OpenStack Cloud 8:openstack-neutron-metering-agent-11.0.9~dev69-3.40.1.noarch"
},
"product_reference": "openstack-neutron-metering-agent-11.0.9~dev69-3.40.1.noarch",
"relates_to_product_reference": "SUSE OpenStack Cloud 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-neutron-openvswitch-agent-11.0.9~dev69-3.40.1.noarch as component of SUSE OpenStack Cloud 8",
"product_id": "SUSE OpenStack Cloud 8:openstack-neutron-openvswitch-agent-11.0.9~dev69-3.40.1.noarch"
},
"product_reference": "openstack-neutron-openvswitch-agent-11.0.9~dev69-3.40.1.noarch",
"relates_to_product_reference": "SUSE OpenStack Cloud 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-neutron-server-11.0.9~dev69-3.40.1.noarch as component of SUSE OpenStack Cloud 8",
"product_id": "SUSE OpenStack Cloud 8:openstack-neutron-server-11.0.9~dev69-3.40.1.noarch"
},
"product_reference": "openstack-neutron-server-11.0.9~dev69-3.40.1.noarch",
"relates_to_product_reference": "SUSE OpenStack Cloud 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-nova-16.1.9~dev78-3.45.1.noarch as component of SUSE OpenStack Cloud 8",
"product_id": "SUSE OpenStack Cloud 8:openstack-nova-16.1.9~dev78-3.45.1.noarch"
},
"product_reference": "openstack-nova-16.1.9~dev78-3.45.1.noarch",
"relates_to_product_reference": "SUSE OpenStack Cloud 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-nova-api-16.1.9~dev78-3.45.1.noarch as component of SUSE OpenStack Cloud 8",
"product_id": "SUSE OpenStack Cloud 8:openstack-nova-api-16.1.9~dev78-3.45.1.noarch"
},
"product_reference": "openstack-nova-api-16.1.9~dev78-3.45.1.noarch",
"relates_to_product_reference": "SUSE OpenStack Cloud 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-nova-cells-16.1.9~dev78-3.45.1.noarch as component of SUSE OpenStack Cloud 8",
"product_id": "SUSE OpenStack Cloud 8:openstack-nova-cells-16.1.9~dev78-3.45.1.noarch"
},
"product_reference": "openstack-nova-cells-16.1.9~dev78-3.45.1.noarch",
"relates_to_product_reference": "SUSE OpenStack Cloud 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-nova-compute-16.1.9~dev78-3.45.1.noarch as component of SUSE OpenStack Cloud 8",
"product_id": "SUSE OpenStack Cloud 8:openstack-nova-compute-16.1.9~dev78-3.45.1.noarch"
},
"product_reference": "openstack-nova-compute-16.1.9~dev78-3.45.1.noarch",
"relates_to_product_reference": "SUSE OpenStack Cloud 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-nova-conductor-16.1.9~dev78-3.45.1.noarch as component of SUSE OpenStack Cloud 8",
"product_id": "SUSE OpenStack Cloud 8:openstack-nova-conductor-16.1.9~dev78-3.45.1.noarch"
},
"product_reference": "openstack-nova-conductor-16.1.9~dev78-3.45.1.noarch",
"relates_to_product_reference": "SUSE OpenStack Cloud 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-nova-console-16.1.9~dev78-3.45.1.noarch as component of SUSE OpenStack Cloud 8",
"product_id": "SUSE OpenStack Cloud 8:openstack-nova-console-16.1.9~dev78-3.45.1.noarch"
},
"product_reference": "openstack-nova-console-16.1.9~dev78-3.45.1.noarch",
"relates_to_product_reference": "SUSE OpenStack Cloud 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-nova-consoleauth-16.1.9~dev78-3.45.1.noarch as component of SUSE OpenStack Cloud 8",
"product_id": "SUSE OpenStack Cloud 8:openstack-nova-consoleauth-16.1.9~dev78-3.45.1.noarch"
},
"product_reference": "openstack-nova-consoleauth-16.1.9~dev78-3.45.1.noarch",
"relates_to_product_reference": "SUSE OpenStack Cloud 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-nova-doc-16.1.9~dev78-3.45.1.noarch as component of SUSE OpenStack Cloud 8",
"product_id": "SUSE OpenStack Cloud 8:openstack-nova-doc-16.1.9~dev78-3.45.1.noarch"
},
"product_reference": "openstack-nova-doc-16.1.9~dev78-3.45.1.noarch",
"relates_to_product_reference": "SUSE OpenStack Cloud 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-nova-novncproxy-16.1.9~dev78-3.45.1.noarch as component of SUSE OpenStack Cloud 8",
"product_id": "SUSE OpenStack Cloud 8:openstack-nova-novncproxy-16.1.9~dev78-3.45.1.noarch"
},
"product_reference": "openstack-nova-novncproxy-16.1.9~dev78-3.45.1.noarch",
"relates_to_product_reference": "SUSE OpenStack Cloud 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-nova-placement-api-16.1.9~dev78-3.45.1.noarch as component of SUSE OpenStack Cloud 8",
"product_id": "SUSE OpenStack Cloud 8:openstack-nova-placement-api-16.1.9~dev78-3.45.1.noarch"
},
"product_reference": "openstack-nova-placement-api-16.1.9~dev78-3.45.1.noarch",
"relates_to_product_reference": "SUSE OpenStack Cloud 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-nova-scheduler-16.1.9~dev78-3.45.1.noarch as component of SUSE OpenStack Cloud 8",
"product_id": "SUSE OpenStack Cloud 8:openstack-nova-scheduler-16.1.9~dev78-3.45.1.noarch"
},
"product_reference": "openstack-nova-scheduler-16.1.9~dev78-3.45.1.noarch",
"relates_to_product_reference": "SUSE OpenStack Cloud 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-nova-serialproxy-16.1.9~dev78-3.45.1.noarch as component of SUSE OpenStack Cloud 8",
"product_id": "SUSE OpenStack Cloud 8:openstack-nova-serialproxy-16.1.9~dev78-3.45.1.noarch"
},
"product_reference": "openstack-nova-serialproxy-16.1.9~dev78-3.45.1.noarch",
"relates_to_product_reference": "SUSE OpenStack Cloud 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-nova-vncproxy-16.1.9~dev78-3.45.1.noarch as component of SUSE OpenStack Cloud 8",
"product_id": "SUSE OpenStack Cloud 8:openstack-nova-vncproxy-16.1.9~dev78-3.45.1.noarch"
},
"product_reference": "openstack-nova-vncproxy-16.1.9~dev78-3.45.1.noarch",
"relates_to_product_reference": "SUSE OpenStack Cloud 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-Django-1.11.29-3.22.1.noarch as component of SUSE OpenStack Cloud 8",
"product_id": "SUSE OpenStack Cloud 8:python-Django-1.11.29-3.22.1.noarch"
},
"product_reference": "python-Django-1.11.29-3.22.1.noarch",
"relates_to_product_reference": "SUSE OpenStack Cloud 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-neutron-11.0.9~dev69-3.40.1.noarch as component of SUSE OpenStack Cloud 8",
"product_id": "SUSE OpenStack Cloud 8:python-neutron-11.0.9~dev69-3.40.1.noarch"
},
"product_reference": "python-neutron-11.0.9~dev69-3.40.1.noarch",
"relates_to_product_reference": "SUSE OpenStack Cloud 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-nova-16.1.9~dev78-3.45.1.noarch as component of SUSE OpenStack Cloud 8",
"product_id": "SUSE OpenStack Cloud 8:python-nova-16.1.9~dev78-3.45.1.noarch"
},
"product_reference": "python-nova-16.1.9~dev78-3.45.1.noarch",
"relates_to_product_reference": "SUSE OpenStack Cloud 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "release-notes-suse-openstack-cloud-8.20201214-3.29.1.noarch as component of SUSE OpenStack Cloud 8",
"product_id": "SUSE OpenStack Cloud 8:release-notes-suse-openstack-cloud-8.20201214-3.29.1.noarch"
},
"product_reference": "release-notes-suse-openstack-cloud-8.20201214-3.29.1.noarch",
"relates_to_product_reference": "SUSE OpenStack Cloud 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spark-1.6.3-8.6.1.noarch as component of SUSE OpenStack Cloud 8",
"product_id": "SUSE OpenStack Cloud 8:spark-1.6.3-8.6.1.noarch"
},
"product_reference": "spark-1.6.3-8.6.1.noarch",
"relates_to_product_reference": "SUSE OpenStack Cloud 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "venv-openstack-horizon-x86_64-12.0.5~dev6-14.34.3.noarch as component of SUSE OpenStack Cloud 8",
"product_id": "SUSE OpenStack Cloud 8:venv-openstack-horizon-x86_64-12.0.5~dev6-14.34.3.noarch"
},
"product_reference": "venv-openstack-horizon-x86_64-12.0.5~dev6-14.34.3.noarch",
"relates_to_product_reference": "SUSE OpenStack Cloud 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "venv-openstack-neutron-x86_64-11.0.9~dev69-13.36.1.noarch as component of SUSE OpenStack Cloud 8",
"product_id": "SUSE OpenStack Cloud 8:venv-openstack-neutron-x86_64-11.0.9~dev69-13.36.1.noarch"
},
"product_reference": "venv-openstack-neutron-x86_64-11.0.9~dev69-13.36.1.noarch",
"relates_to_product_reference": "SUSE OpenStack Cloud 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "venv-openstack-nova-x86_64-16.1.9~dev78-11.34.1.noarch as component of SUSE OpenStack Cloud 8",
"product_id": "SUSE OpenStack Cloud 8:venv-openstack-nova-x86_64-16.1.9~dev78-11.34.1.noarch"
},
"product_reference": "venv-openstack-nova-x86_64-16.1.9~dev78-11.34.1.noarch",
"relates_to_product_reference": "SUSE OpenStack Cloud 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "crowbar-ha-5.0+git.1610564036.b75ee1b-3.35.1.noarch as component of SUSE OpenStack Cloud Crowbar 8",
"product_id": "SUSE OpenStack Cloud Crowbar 8:crowbar-ha-5.0+git.1610564036.b75ee1b-3.35.1.noarch"
},
"product_reference": "crowbar-ha-5.0+git.1610564036.b75ee1b-3.35.1.noarch",
"relates_to_product_reference": "SUSE OpenStack Cloud Crowbar 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "crowbar-openstack-5.0+git.1610402513.08dca931e-4.49.1.noarch as component of SUSE OpenStack Cloud Crowbar 8",
"product_id": "SUSE OpenStack Cloud Crowbar 8:crowbar-openstack-5.0+git.1610402513.08dca931e-4.49.1.noarch"
},
"product_reference": "crowbar-openstack-5.0+git.1610402513.08dca931e-4.49.1.noarch",
"relates_to_product_reference": "SUSE OpenStack Cloud Crowbar 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kibana-4.6.3-3.6.1.x86_64 as component of SUSE OpenStack Cloud Crowbar 8",
"product_id": "SUSE OpenStack Cloud Crowbar 8:kibana-4.6.3-3.6.1.x86_64"
},
"product_reference": "kibana-4.6.3-3.6.1.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud Crowbar 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-neutron-11.0.9~dev69-3.40.1.noarch as component of SUSE OpenStack Cloud Crowbar 8",
"product_id": "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-11.0.9~dev69-3.40.1.noarch"
},
"product_reference": "openstack-neutron-11.0.9~dev69-3.40.1.noarch",
"relates_to_product_reference": "SUSE OpenStack Cloud Crowbar 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-neutron-dhcp-agent-11.0.9~dev69-3.40.1.noarch as component of SUSE OpenStack Cloud Crowbar 8",
"product_id": "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-dhcp-agent-11.0.9~dev69-3.40.1.noarch"
},
"product_reference": "openstack-neutron-dhcp-agent-11.0.9~dev69-3.40.1.noarch",
"relates_to_product_reference": "SUSE OpenStack Cloud Crowbar 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-neutron-doc-11.0.9~dev69-3.40.1.noarch as component of SUSE OpenStack Cloud Crowbar 8",
"product_id": "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-doc-11.0.9~dev69-3.40.1.noarch"
},
"product_reference": "openstack-neutron-doc-11.0.9~dev69-3.40.1.noarch",
"relates_to_product_reference": "SUSE OpenStack Cloud Crowbar 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-neutron-ha-tool-11.0.9~dev69-3.40.1.noarch as component of SUSE OpenStack Cloud Crowbar 8",
"product_id": "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-ha-tool-11.0.9~dev69-3.40.1.noarch"
},
"product_reference": "openstack-neutron-ha-tool-11.0.9~dev69-3.40.1.noarch",
"relates_to_product_reference": "SUSE OpenStack Cloud Crowbar 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-neutron-l3-agent-11.0.9~dev69-3.40.1.noarch as component of SUSE OpenStack Cloud Crowbar 8",
"product_id": "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-l3-agent-11.0.9~dev69-3.40.1.noarch"
},
"product_reference": "openstack-neutron-l3-agent-11.0.9~dev69-3.40.1.noarch",
"relates_to_product_reference": "SUSE OpenStack Cloud Crowbar 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-neutron-linuxbridge-agent-11.0.9~dev69-3.40.1.noarch as component of SUSE OpenStack Cloud Crowbar 8",
"product_id": "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-linuxbridge-agent-11.0.9~dev69-3.40.1.noarch"
},
"product_reference": "openstack-neutron-linuxbridge-agent-11.0.9~dev69-3.40.1.noarch",
"relates_to_product_reference": "SUSE OpenStack Cloud Crowbar 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-neutron-macvtap-agent-11.0.9~dev69-3.40.1.noarch as component of SUSE OpenStack Cloud Crowbar 8",
"product_id": "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-macvtap-agent-11.0.9~dev69-3.40.1.noarch"
},
"product_reference": "openstack-neutron-macvtap-agent-11.0.9~dev69-3.40.1.noarch",
"relates_to_product_reference": "SUSE OpenStack Cloud Crowbar 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-neutron-metadata-agent-11.0.9~dev69-3.40.1.noarch as component of SUSE OpenStack Cloud Crowbar 8",
"product_id": "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-metadata-agent-11.0.9~dev69-3.40.1.noarch"
},
"product_reference": "openstack-neutron-metadata-agent-11.0.9~dev69-3.40.1.noarch",
"relates_to_product_reference": "SUSE OpenStack Cloud Crowbar 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-neutron-metering-agent-11.0.9~dev69-3.40.1.noarch as component of SUSE OpenStack Cloud Crowbar 8",
"product_id": "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-metering-agent-11.0.9~dev69-3.40.1.noarch"
},
"product_reference": "openstack-neutron-metering-agent-11.0.9~dev69-3.40.1.noarch",
"relates_to_product_reference": "SUSE OpenStack Cloud Crowbar 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-neutron-openvswitch-agent-11.0.9~dev69-3.40.1.noarch as component of SUSE OpenStack Cloud Crowbar 8",
"product_id": "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-openvswitch-agent-11.0.9~dev69-3.40.1.noarch"
},
"product_reference": "openstack-neutron-openvswitch-agent-11.0.9~dev69-3.40.1.noarch",
"relates_to_product_reference": "SUSE OpenStack Cloud Crowbar 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-neutron-server-11.0.9~dev69-3.40.1.noarch as component of SUSE OpenStack Cloud Crowbar 8",
"product_id": "SUSE OpenStack Cloud Crowbar 8:openstack-neutron-server-11.0.9~dev69-3.40.1.noarch"
},
"product_reference": "openstack-neutron-server-11.0.9~dev69-3.40.1.noarch",
"relates_to_product_reference": "SUSE OpenStack Cloud Crowbar 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-nova-16.1.9~dev78-3.45.1.noarch as component of SUSE OpenStack Cloud Crowbar 8",
"product_id": "SUSE OpenStack Cloud Crowbar 8:openstack-nova-16.1.9~dev78-3.45.1.noarch"
},
"product_reference": "openstack-nova-16.1.9~dev78-3.45.1.noarch",
"relates_to_product_reference": "SUSE OpenStack Cloud Crowbar 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-nova-api-16.1.9~dev78-3.45.1.noarch as component of SUSE OpenStack Cloud Crowbar 8",
"product_id": "SUSE OpenStack Cloud Crowbar 8:openstack-nova-api-16.1.9~dev78-3.45.1.noarch"
},
"product_reference": "openstack-nova-api-16.1.9~dev78-3.45.1.noarch",
"relates_to_product_reference": "SUSE OpenStack Cloud Crowbar 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-nova-cells-16.1.9~dev78-3.45.1.noarch as component of SUSE OpenStack Cloud Crowbar 8",
"product_id": "SUSE OpenStack Cloud Crowbar 8:openstack-nova-cells-16.1.9~dev78-3.45.1.noarch"
},
"product_reference": "openstack-nova-cells-16.1.9~dev78-3.45.1.noarch",
"relates_to_product_reference": "SUSE OpenStack Cloud Crowbar 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-nova-compute-16.1.9~dev78-3.45.1.noarch as component of SUSE OpenStack Cloud Crowbar 8",
"product_id": "SUSE OpenStack Cloud Crowbar 8:openstack-nova-compute-16.1.9~dev78-3.45.1.noarch"
},
"product_reference": "openstack-nova-compute-16.1.9~dev78-3.45.1.noarch",
"relates_to_product_reference": "SUSE OpenStack Cloud Crowbar 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-nova-conductor-16.1.9~dev78-3.45.1.noarch as component of SUSE OpenStack Cloud Crowbar 8",
"product_id": "SUSE OpenStack Cloud Crowbar 8:openstack-nova-conductor-16.1.9~dev78-3.45.1.noarch"
},
"product_reference": "openstack-nova-conductor-16.1.9~dev78-3.45.1.noarch",
"relates_to_product_reference": "SUSE OpenStack Cloud Crowbar 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-nova-console-16.1.9~dev78-3.45.1.noarch as component of SUSE OpenStack Cloud Crowbar 8",
"product_id": "SUSE OpenStack Cloud Crowbar 8:openstack-nova-console-16.1.9~dev78-3.45.1.noarch"
},
"product_reference": "openstack-nova-console-16.1.9~dev78-3.45.1.noarch",
"relates_to_product_reference": "SUSE OpenStack Cloud Crowbar 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-nova-consoleauth-16.1.9~dev78-3.45.1.noarch as component of SUSE OpenStack Cloud Crowbar 8",
"product_id": "SUSE OpenStack Cloud Crowbar 8:openstack-nova-consoleauth-16.1.9~dev78-3.45.1.noarch"
},
"product_reference": "openstack-nova-consoleauth-16.1.9~dev78-3.45.1.noarch",
"relates_to_product_reference": "SUSE OpenStack Cloud Crowbar 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-nova-doc-16.1.9~dev78-3.45.1.noarch as component of SUSE OpenStack Cloud Crowbar 8",
"product_id": "SUSE OpenStack Cloud Crowbar 8:openstack-nova-doc-16.1.9~dev78-3.45.1.noarch"
},
"product_reference": "openstack-nova-doc-16.1.9~dev78-3.45.1.noarch",
"relates_to_product_reference": "SUSE OpenStack Cloud Crowbar 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-nova-novncproxy-16.1.9~dev78-3.45.1.noarch as component of SUSE OpenStack Cloud Crowbar 8",
"product_id": "SUSE OpenStack Cloud Crowbar 8:openstack-nova-novncproxy-16.1.9~dev78-3.45.1.noarch"
},
"product_reference": "openstack-nova-novncproxy-16.1.9~dev78-3.45.1.noarch",
"relates_to_product_reference": "SUSE OpenStack Cloud Crowbar 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-nova-placement-api-16.1.9~dev78-3.45.1.noarch as component of SUSE OpenStack Cloud Crowbar 8",
"product_id": "SUSE OpenStack Cloud Crowbar 8:openstack-nova-placement-api-16.1.9~dev78-3.45.1.noarch"
},
"product_reference": "openstack-nova-placement-api-16.1.9~dev78-3.45.1.noarch",
"relates_to_product_reference": "SUSE OpenStack Cloud Crowbar 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-nova-scheduler-16.1.9~dev78-3.45.1.noarch as component of SUSE OpenStack Cloud Crowbar 8",
"product_id": "SUSE OpenStack Cloud Crowbar 8:openstack-nova-scheduler-16.1.9~dev78-3.45.1.noarch"
},
"product_reference": "openstack-nova-scheduler-16.1.9~dev78-3.45.1.noarch",
"relates_to_product_reference": "SUSE OpenStack Cloud Crowbar 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-nova-serialproxy-16.1.9~dev78-3.45.1.noarch as component of SUSE OpenStack Cloud Crowbar 8",
"product_id": "SUSE OpenStack Cloud Crowbar 8:openstack-nova-serialproxy-16.1.9~dev78-3.45.1.noarch"
},
"product_reference": "openstack-nova-serialproxy-16.1.9~dev78-3.45.1.noarch",
"relates_to_product_reference": "SUSE OpenStack Cloud Crowbar 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openstack-nova-vncproxy-16.1.9~dev78-3.45.1.noarch as component of SUSE OpenStack Cloud Crowbar 8",
"product_id": "SUSE OpenStack Cloud Crowbar 8:openstack-nova-vncproxy-16.1.9~dev78-3.45.1.noarch"
},
"product_reference": "openstack-nova-vncproxy-16.1.9~dev78-3.45.1.noarch",
"relates_to_product_reference": "SUSE OpenStack Cloud Crowbar 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-Django-1.11.29-3.22.1.noarch as component of SUSE OpenStack Cloud Crowbar 8",
"product_id": "SUSE OpenStack Cloud Crowbar 8:python-Django-1.11.29-3.22.1.noarch"
},
"product_reference": "python-Django-1.11.29-3.22.1.noarch",
"relates_to_product_reference": "SUSE OpenStack Cloud Crowbar 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-neutron-11.0.9~dev69-3.40.1.noarch as component of SUSE OpenStack Cloud Crowbar 8",
"product_id": "SUSE OpenStack Cloud Crowbar 8:python-neutron-11.0.9~dev69-3.40.1.noarch"
},
"product_reference": "python-neutron-11.0.9~dev69-3.40.1.noarch",
"relates_to_product_reference": "SUSE OpenStack Cloud Crowbar 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-nova-16.1.9~dev78-3.45.1.noarch as component of SUSE OpenStack Cloud Crowbar 8",
"product_id": "SUSE OpenStack Cloud Crowbar 8:python-nova-16.1.9~dev78-3.45.1.noarch"
},
"product_reference": "python-nova-16.1.9~dev78-3.45.1.noarch",
"relates_to_product_reference": "SUSE OpenStack Cloud Crowbar 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "release-notes-suse-openstack-cloud-8.20201214-3.29.1.noarch as component of SUSE OpenStack Cloud Crowbar 8",
"product_id": "SUSE OpenStack Cloud Crowbar 8:release-notes-suse-openstack-cloud-8.20201214-3.29.1.noarch"
},
"product_reference": "release-notes-suse-openstack-cloud-8.20201214-3.29.1.noarch",
"relates_to_product_reference": "SUSE OpenStack Cloud Crowbar 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sleshammer-aarch64-0.8.0-0.20.2.noarch as component of SUSE OpenStack Cloud Crowbar 8",
"product_id": "SUSE OpenStack Cloud Crowbar 8:sleshammer-aarch64-0.8.0-0.20.2.noarch"
},
"product_reference": "sleshammer-aarch64-0.8.0-0.20.2.noarch",
"relates_to_product_reference": "SUSE OpenStack Cloud Crowbar 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sleshammer-ppc64le-0.8.0-0.20.2.noarch as component of SUSE OpenStack Cloud Crowbar 8",
"product_id": "SUSE OpenStack Cloud Crowbar 8:sleshammer-ppc64le-0.8.0-0.20.2.noarch"
},
"product_reference": "sleshammer-ppc64le-0.8.0-0.20.2.noarch",
"relates_to_product_reference": "SUSE OpenStack Cloud Crowbar 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sleshammer-s390x-0.8.0-0.20.2.noarch as component of SUSE OpenStack Cloud Crowbar 8",
"product_id": "SUSE OpenStack Cloud Crowbar 8:sleshammer-s390x-0.8.0-0.20.2.noarch"
},
"product_reference": "sleshammer-s390x-0.8.0-0.20.2.noarch",
"relates_to_product_reference": "SUSE OpenStack Cloud Crowbar 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sleshammer-x86_64-0.8.0-0.20.2.noarch as component of SUSE OpenStack Cloud Crowbar 8",
"product_id": "SUSE OpenStack Cloud Crowbar 8:sleshammer-x86_64-0.8.0-0.20.2.noarch"
},
"product_reference": "sleshammer-x86_64-0.8.0-0.20.2.noarch",
"relates_to_product_reference": "SUSE OpenStack Cloud Crowbar 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spark-1.6.3-8.6.1.noarch as component of SUSE OpenStack Cloud Crowbar 8",
"product_id": "SUSE OpenStack Cloud Crowbar 8:spark-1.6.3-8.6.1.noarch"
},
"product_reference": "spark-1.6.3-8.6.1.noarch",
"relates_to_product_reference": "SUSE OpenStack Cloud Crowbar 8"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2016-8611",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-8611"
}
],
"notes": [
{
"category": "general",
"text": "A vulnerability was found in Openstack Glance. No limits are enforced within the Glance image service for both v1 and v2 `/images` API POST method for authenticated users, resulting in possible denial of service attacks through database table saturation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"HPE Helion OpenStack 8:ardana-horizon-8.0+git.1610733160.0f577f4-3.21.1.noarch",
"HPE Helion OpenStack 8:ardana-logging-8.0+git.1610573640.452aed1-3.27.1.noarch",
"HPE Helion OpenStack 8:ardana-monasca-8.0+git.1610740501.5dca121-3.27.1.noarch",
"HPE Helion OpenStack 8:ardana-mq-8.0+git.1605176800.52cccfa-3.29.1.noarch",
"HPE Helion OpenStack 8:ardana-osconfig-8.0+git.1610643571.91b88d6-3.52.1.noarch",
"HPE Helion OpenStack 8:kibana-4.6.3-3.6.1.x86_64",
"HPE Helion OpenStack 8:openstack-neutron-11.0.9~dev69-3.40.1.noarch",
"HPE Helion OpenStack 8:openstack-neutron-dhcp-agent-11.0.9~dev69-3.40.1.noarch",
"HPE Helion OpenStack 8:openstack-neutron-doc-11.0.9~dev69-3.40.1.noarch",
"HPE Helion OpenStack 8:openstack-neutron-ha-tool-11.0.9~dev69-3.40.1.noarch",
"HPE Helion OpenStack 8:openstack-neutron-l3-agent-11.0.9~dev69-3.40.1.noarch",
"HPE Helion OpenStack 8:openstack-neutron-linuxbridge-agent-11.0.9~dev69-3.40.1.noarch",
"HPE Helion OpenStack 8:openstack-neutron-macvtap-agent-11.0.9~dev69-3.40.1.noarch",
"HPE Helion OpenStack 8:openstack-neutron-metadata-agent-11.0.9~dev69-3.40.1.noarch",
"HPE Helion OpenStack 8:openstack-neutron-metering-agent-11.0.9~dev69-3.40.1.noarch",
"HPE Helion OpenStack 8:openstack-neutron-openvswitch-agent-11.0.9~dev69-3.40.1.noarch",
"HPE Helion OpenStack 8:openstack-neutron-server-11.0.9~dev69-3.40.1.noarch",
"HPE Helion OpenStack 8:openstack-nova-16.1.9~dev78-3.45.1.noarch",
"HPE Helion OpenStack 8:openstack-nova-api-16.1.9~dev78-3.45.1.noarch",
"HPE Helion OpenStack 8:openstack-nova-cells-16.1.9~dev78-3.45.1.noarch",
"HPE Helion OpenStack 8:openstack-nova-compute-16.1.9~dev78-3.45.1.noarch",
"HPE Helion OpenStack 8:openstack-nova-conductor-16.1.9~dev78-3.45.1.noarch",
"HPE Helion OpenStack 8:openstack-nova-console-16.1.9~dev78-3.45.1.noarch",
"HPE Helion OpenStack 8:openstack-nova-consoleauth-16.1.9~dev78-3.45.1.noarch",
"HPE Helion OpenStack 8:openstack-nova-doc-16.1.9~dev78-3.45.1.noarch",
"HPE Helion OpenStack 8:openstack-nova-novncproxy-16.1.9~dev78-3.45.1.noarch",
"HPE Helion OpenStack 8:openstack-nova-placement-api-16.1.9~dev78-3.45.1.noarch",
"HPE Helion OpenStack 8:openstack-nova-scheduler-16.1.9~dev78-3.45.1.noarch",
"HPE Helion OpenStack 8:openstack-nova-serialproxy-16.1.9~dev78-3.45.1.noarch",
"HPE Helion OpenStack 8:openstack-nova-vncproxy-16.1.9~dev78-3.45.1.noarch",
"HPE Helion OpenStack 8:python-Django-1.11.29-3.22.1.noarch",
"HPE Helion OpenStack 8:python-neutron-11.0.9~dev69-3.40.1.noarch",
"HPE Helion OpenStack 8:python-nova-16.1.9~dev78-3.45.1.noarch",
"HPE Helion OpenStack 8:release-notes-hpe-helion-openstack-8.20201214-3.29.1.noarch",
"HPE Helion OpenStack 8:spark-1.6.3-8.6.1.noarch",
"HPE Helion OpenStack 8:venv-openstack-horizon-hpe-x86_64-12.0.5~dev6-14.34.1.noarch",
"HPE Helion OpenStack 8:venv-openstack-neutron-x86_64-11.0.9~dev69-13.36.1.noarch",
"HPE Helion OpenStack 8:venv-openstack-nova-x86_64-16.1.9~dev78-11.34.1.noarch",
"SUSE OpenStack Cloud 8:ardana-horizon-8.0+git.1610733160.0f577f4-3.21.1.noarch",
"SUSE OpenStack Cloud 8:ardana-logging-8.0+git.1610573640.452aed1-3.27.1.noarch",
"SUSE OpenStack Cloud 8:ardana-monasca-8.0+git.1610740501.5dca121-3.27.1.noarch",
"SUSE OpenStack Cloud 8:ardana-mq-8.0+git.1605176800.52cccfa-3.29.1.noarch",
"SUSE OpenStack Cloud 8:ardana-osconfig-8.0+git.1610643571.91b88d6-3.52.1.noarch",
"SUSE OpenStack Cloud 8:kibana-4.6.3-3.6.1.x86_64",
"SUSE OpenStack Cloud 8:openstack-neutron-11.0.9~dev69-3.40.1.noarch",
"SUSE OpenStack Cloud 8:openstack-neutron-dhcp-agent-11.0.9~dev69-3.40.1.noarch",
"SUSE OpenStack Cloud 8:openstack-neutron-doc-11.0.9~dev69-3.40.1.noarch",
"SUSE OpenStack Cloud 8:openstack-neutron-ha-tool-11.0.9~dev69-3.40.1.noarch",
"SUSE OpenStack Cloud 8:openstack-neutron-l3-agent-11.0.9~dev69-3.40.1.noarch",
"SUSE OpenStack Cloud 8:openstack-neutron-linuxbridge-agent-11.0.9~dev69-3.40.1.noarch",
"SUSE OpenStack Cloud 8:openstack-neutron-macvtap-agent-11.0.9~dev69-3.40.1.noarch",
"SUSE OpenStack Cloud 8:openstack-neutron-metadata-agent-11.0.9~dev69-3.40.1.noarch",
"SUSE OpenStack Cloud 8:openstack-neutron-metering-agent-11.0.9~dev69-3.40.1.noarch",
"SUSE OpenStack Cloud 8:openstack-neutron-openvswitch-agent-11.0.9~dev69-3.40.1.noarch",
"SUSE OpenStack Cloud 8:openstack-neutron-server-11.0.9~dev69-3.40.1.noarch",
"SUSE OpenStack Cloud 8:openstack-nova-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud 8:openstack-nova-api-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud 8:openstack-nova-cells-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud 8:openstack-nova-compute-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud 8:openstack-nova-conductor-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud 8:openstack-nova-console-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud 8:openstack-nova-consoleauth-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud 8:openstack-nova-doc-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud 8:openstack-nova-novncproxy-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud 8:openstack-nova-placement-api-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud 8:openstack-nova-scheduler-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud 8:openstack-nova-serialproxy-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud 8:openstack-nova-vncproxy-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud 8:python-Django-1.11.29-3.22.1.noarch",
"SUSE OpenStack Cloud 8:python-neutron-11.0.9~dev69-3.40.1.noarch",
"SUSE OpenStack Cloud 8:python-nova-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud 8:release-notes-suse-openstack-cloud-8.20201214-3.29.1.noarch",
"SUSE OpenStack Cloud 8:spark-1.6.3-8.6.1.noarch",
"SUSE OpenStack Cloud 8:venv-openstack-horizon-x86_64-12.0.5~dev6-14.34.3.noarch",
"SUSE OpenStack Cloud 8:venv-openstack-neutron-x86_64-11.0.9~dev69-13.36.1.noarch",
"SUSE OpenStack Cloud 8:venv-openstack-nova-x86_64-16.1.9~dev78-11.34.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:crowbar-ha-5.0+git.1610564036.b75ee1b-3.35.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:crowbar-openstack-5.0+git.1610402513.08dca931e-4.49.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:kibana-4.6.3-3.6.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:openstack-neutron-11.0.9~dev69-3.40.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:openstack-neutron-dhcp-agent-11.0.9~dev69-3.40.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:openstack-neutron-doc-11.0.9~dev69-3.40.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:openstack-neutron-ha-tool-11.0.9~dev69-3.40.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:openstack-neutron-l3-agent-11.0.9~dev69-3.40.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:openstack-neutron-linuxbridge-agent-11.0.9~dev69-3.40.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:openstack-neutron-macvtap-agent-11.0.9~dev69-3.40.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:openstack-neutron-metadata-agent-11.0.9~dev69-3.40.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:openstack-neutron-metering-agent-11.0.9~dev69-3.40.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:openstack-neutron-openvswitch-agent-11.0.9~dev69-3.40.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:openstack-neutron-server-11.0.9~dev69-3.40.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:openstack-nova-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:openstack-nova-api-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:openstack-nova-cells-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:openstack-nova-compute-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:openstack-nova-conductor-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:openstack-nova-console-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:openstack-nova-consoleauth-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:openstack-nova-doc-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:openstack-nova-novncproxy-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:openstack-nova-placement-api-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:openstack-nova-scheduler-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:openstack-nova-serialproxy-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:openstack-nova-vncproxy-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:python-Django-1.11.29-3.22.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:python-neutron-11.0.9~dev69-3.40.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:python-nova-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:release-notes-suse-openstack-cloud-8.20201214-3.29.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:sleshammer-aarch64-0.8.0-0.20.2.noarch",
"SUSE OpenStack Cloud Crowbar 8:sleshammer-ppc64le-0.8.0-0.20.2.noarch",
"SUSE OpenStack Cloud Crowbar 8:sleshammer-s390x-0.8.0-0.20.2.noarch",
"SUSE OpenStack Cloud Crowbar 8:sleshammer-x86_64-0.8.0-0.20.2.noarch",
"SUSE OpenStack Cloud Crowbar 8:spark-1.6.3-8.6.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-8611",
"url": "https://www.suse.com/security/cve/CVE-2016-8611"
},
{
"category": "external",
"summary": "SUSE Bug 1005886 for CVE-2016-8611",
"url": "https://bugzilla.suse.com/1005886"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"HPE Helion OpenStack 8:ardana-horizon-8.0+git.1610733160.0f577f4-3.21.1.noarch",
"HPE Helion OpenStack 8:ardana-logging-8.0+git.1610573640.452aed1-3.27.1.noarch",
"HPE Helion OpenStack 8:ardana-monasca-8.0+git.1610740501.5dca121-3.27.1.noarch",
"HPE Helion OpenStack 8:ardana-mq-8.0+git.1605176800.52cccfa-3.29.1.noarch",
"HPE Helion OpenStack 8:ardana-osconfig-8.0+git.1610643571.91b88d6-3.52.1.noarch",
"HPE Helion OpenStack 8:kibana-4.6.3-3.6.1.x86_64",
"HPE Helion OpenStack 8:openstack-neutron-11.0.9~dev69-3.40.1.noarch",
"HPE Helion OpenStack 8:openstack-neutron-dhcp-agent-11.0.9~dev69-3.40.1.noarch",
"HPE Helion OpenStack 8:openstack-neutron-doc-11.0.9~dev69-3.40.1.noarch",
"HPE Helion OpenStack 8:openstack-neutron-ha-tool-11.0.9~dev69-3.40.1.noarch",
"HPE Helion OpenStack 8:openstack-neutron-l3-agent-11.0.9~dev69-3.40.1.noarch",
"HPE Helion OpenStack 8:openstack-neutron-linuxbridge-agent-11.0.9~dev69-3.40.1.noarch",
"HPE Helion OpenStack 8:openstack-neutron-macvtap-agent-11.0.9~dev69-3.40.1.noarch",
"HPE Helion OpenStack 8:openstack-neutron-metadata-agent-11.0.9~dev69-3.40.1.noarch",
"HPE Helion OpenStack 8:openstack-neutron-metering-agent-11.0.9~dev69-3.40.1.noarch",
"HPE Helion OpenStack 8:openstack-neutron-openvswitch-agent-11.0.9~dev69-3.40.1.noarch",
"HPE Helion OpenStack 8:openstack-neutron-server-11.0.9~dev69-3.40.1.noarch",
"HPE Helion OpenStack 8:openstack-nova-16.1.9~dev78-3.45.1.noarch",
"HPE Helion OpenStack 8:openstack-nova-api-16.1.9~dev78-3.45.1.noarch",
"HPE Helion OpenStack 8:openstack-nova-cells-16.1.9~dev78-3.45.1.noarch",
"HPE Helion OpenStack 8:openstack-nova-compute-16.1.9~dev78-3.45.1.noarch",
"HPE Helion OpenStack 8:openstack-nova-conductor-16.1.9~dev78-3.45.1.noarch",
"HPE Helion OpenStack 8:openstack-nova-console-16.1.9~dev78-3.45.1.noarch",
"HPE Helion OpenStack 8:openstack-nova-consoleauth-16.1.9~dev78-3.45.1.noarch",
"HPE Helion OpenStack 8:openstack-nova-doc-16.1.9~dev78-3.45.1.noarch",
"HPE Helion OpenStack 8:openstack-nova-novncproxy-16.1.9~dev78-3.45.1.noarch",
"HPE Helion OpenStack 8:openstack-nova-placement-api-16.1.9~dev78-3.45.1.noarch",
"HPE Helion OpenStack 8:openstack-nova-scheduler-16.1.9~dev78-3.45.1.noarch",
"HPE Helion OpenStack 8:openstack-nova-serialproxy-16.1.9~dev78-3.45.1.noarch",
"HPE Helion OpenStack 8:openstack-nova-vncproxy-16.1.9~dev78-3.45.1.noarch",
"HPE Helion OpenStack 8:python-Django-1.11.29-3.22.1.noarch",
"HPE Helion OpenStack 8:python-neutron-11.0.9~dev69-3.40.1.noarch",
"HPE Helion OpenStack 8:python-nova-16.1.9~dev78-3.45.1.noarch",
"HPE Helion OpenStack 8:release-notes-hpe-helion-openstack-8.20201214-3.29.1.noarch",
"HPE Helion OpenStack 8:spark-1.6.3-8.6.1.noarch",
"HPE Helion OpenStack 8:venv-openstack-horizon-hpe-x86_64-12.0.5~dev6-14.34.1.noarch",
"HPE Helion OpenStack 8:venv-openstack-neutron-x86_64-11.0.9~dev69-13.36.1.noarch",
"HPE Helion OpenStack 8:venv-openstack-nova-x86_64-16.1.9~dev78-11.34.1.noarch",
"SUSE OpenStack Cloud 8:ardana-horizon-8.0+git.1610733160.0f577f4-3.21.1.noarch",
"SUSE OpenStack Cloud 8:ardana-logging-8.0+git.1610573640.452aed1-3.27.1.noarch",
"SUSE OpenStack Cloud 8:ardana-monasca-8.0+git.1610740501.5dca121-3.27.1.noarch",
"SUSE OpenStack Cloud 8:ardana-mq-8.0+git.1605176800.52cccfa-3.29.1.noarch",
"SUSE OpenStack Cloud 8:ardana-osconfig-8.0+git.1610643571.91b88d6-3.52.1.noarch",
"SUSE OpenStack Cloud 8:kibana-4.6.3-3.6.1.x86_64",
"SUSE OpenStack Cloud 8:openstack-neutron-11.0.9~dev69-3.40.1.noarch",
"SUSE OpenStack Cloud 8:openstack-neutron-dhcp-agent-11.0.9~dev69-3.40.1.noarch",
"SUSE OpenStack Cloud 8:openstack-neutron-doc-11.0.9~dev69-3.40.1.noarch",
"SUSE OpenStack Cloud 8:openstack-neutron-ha-tool-11.0.9~dev69-3.40.1.noarch",
"SUSE OpenStack Cloud 8:openstack-neutron-l3-agent-11.0.9~dev69-3.40.1.noarch",
"SUSE OpenStack Cloud 8:openstack-neutron-linuxbridge-agent-11.0.9~dev69-3.40.1.noarch",
"SUSE OpenStack Cloud 8:openstack-neutron-macvtap-agent-11.0.9~dev69-3.40.1.noarch",
"SUSE OpenStack Cloud 8:openstack-neutron-metadata-agent-11.0.9~dev69-3.40.1.noarch",
"SUSE OpenStack Cloud 8:openstack-neutron-metering-agent-11.0.9~dev69-3.40.1.noarch",
"SUSE OpenStack Cloud 8:openstack-neutron-openvswitch-agent-11.0.9~dev69-3.40.1.noarch",
"SUSE OpenStack Cloud 8:openstack-neutron-server-11.0.9~dev69-3.40.1.noarch",
"SUSE OpenStack Cloud 8:openstack-nova-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud 8:openstack-nova-api-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud 8:openstack-nova-cells-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud 8:openstack-nova-compute-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud 8:openstack-nova-conductor-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud 8:openstack-nova-console-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud 8:openstack-nova-consoleauth-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud 8:openstack-nova-doc-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud 8:openstack-nova-novncproxy-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud 8:openstack-nova-placement-api-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud 8:openstack-nova-scheduler-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud 8:openstack-nova-serialproxy-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud 8:openstack-nova-vncproxy-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud 8:python-Django-1.11.29-3.22.1.noarch",
"SUSE OpenStack Cloud 8:python-neutron-11.0.9~dev69-3.40.1.noarch",
"SUSE OpenStack Cloud 8:python-nova-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud 8:release-notes-suse-openstack-cloud-8.20201214-3.29.1.noarch",
"SUSE OpenStack Cloud 8:spark-1.6.3-8.6.1.noarch",
"SUSE OpenStack Cloud 8:venv-openstack-horizon-x86_64-12.0.5~dev6-14.34.3.noarch",
"SUSE OpenStack Cloud 8:venv-openstack-neutron-x86_64-11.0.9~dev69-13.36.1.noarch",
"SUSE OpenStack Cloud 8:venv-openstack-nova-x86_64-16.1.9~dev78-11.34.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:crowbar-ha-5.0+git.1610564036.b75ee1b-3.35.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:crowbar-openstack-5.0+git.1610402513.08dca931e-4.49.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:kibana-4.6.3-3.6.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:openstack-neutron-11.0.9~dev69-3.40.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:openstack-neutron-dhcp-agent-11.0.9~dev69-3.40.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:openstack-neutron-doc-11.0.9~dev69-3.40.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:openstack-neutron-ha-tool-11.0.9~dev69-3.40.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:openstack-neutron-l3-agent-11.0.9~dev69-3.40.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:openstack-neutron-linuxbridge-agent-11.0.9~dev69-3.40.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:openstack-neutron-macvtap-agent-11.0.9~dev69-3.40.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:openstack-neutron-metadata-agent-11.0.9~dev69-3.40.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:openstack-neutron-metering-agent-11.0.9~dev69-3.40.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:openstack-neutron-openvswitch-agent-11.0.9~dev69-3.40.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:openstack-neutron-server-11.0.9~dev69-3.40.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:openstack-nova-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:openstack-nova-api-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:openstack-nova-cells-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:openstack-nova-compute-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:openstack-nova-conductor-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:openstack-nova-console-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:openstack-nova-consoleauth-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:openstack-nova-doc-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:openstack-nova-novncproxy-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:openstack-nova-placement-api-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:openstack-nova-scheduler-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:openstack-nova-serialproxy-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:openstack-nova-vncproxy-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:python-Django-1.11.29-3.22.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:python-neutron-11.0.9~dev69-3.40.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:python-nova-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:release-notes-suse-openstack-cloud-8.20201214-3.29.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:sleshammer-aarch64-0.8.0-0.20.2.noarch",
"SUSE OpenStack Cloud Crowbar 8:sleshammer-ppc64le-0.8.0-0.20.2.noarch",
"SUSE OpenStack Cloud Crowbar 8:sleshammer-s390x-0.8.0-0.20.2.noarch",
"SUSE OpenStack Cloud Crowbar 8:sleshammer-x86_64-0.8.0-0.20.2.noarch",
"SUSE OpenStack Cloud Crowbar 8:spark-1.6.3-8.6.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"HPE Helion OpenStack 8:ardana-horizon-8.0+git.1610733160.0f577f4-3.21.1.noarch",
"HPE Helion OpenStack 8:ardana-logging-8.0+git.1610573640.452aed1-3.27.1.noarch",
"HPE Helion OpenStack 8:ardana-monasca-8.0+git.1610740501.5dca121-3.27.1.noarch",
"HPE Helion OpenStack 8:ardana-mq-8.0+git.1605176800.52cccfa-3.29.1.noarch",
"HPE Helion OpenStack 8:ardana-osconfig-8.0+git.1610643571.91b88d6-3.52.1.noarch",
"HPE Helion OpenStack 8:kibana-4.6.3-3.6.1.x86_64",
"HPE Helion OpenStack 8:openstack-neutron-11.0.9~dev69-3.40.1.noarch",
"HPE Helion OpenStack 8:openstack-neutron-dhcp-agent-11.0.9~dev69-3.40.1.noarch",
"HPE Helion OpenStack 8:openstack-neutron-doc-11.0.9~dev69-3.40.1.noarch",
"HPE Helion OpenStack 8:openstack-neutron-ha-tool-11.0.9~dev69-3.40.1.noarch",
"HPE Helion OpenStack 8:openstack-neutron-l3-agent-11.0.9~dev69-3.40.1.noarch",
"HPE Helion OpenStack 8:openstack-neutron-linuxbridge-agent-11.0.9~dev69-3.40.1.noarch",
"HPE Helion OpenStack 8:openstack-neutron-macvtap-agent-11.0.9~dev69-3.40.1.noarch",
"HPE Helion OpenStack 8:openstack-neutron-metadata-agent-11.0.9~dev69-3.40.1.noarch",
"HPE Helion OpenStack 8:openstack-neutron-metering-agent-11.0.9~dev69-3.40.1.noarch",
"HPE Helion OpenStack 8:openstack-neutron-openvswitch-agent-11.0.9~dev69-3.40.1.noarch",
"HPE Helion OpenStack 8:openstack-neutron-server-11.0.9~dev69-3.40.1.noarch",
"HPE Helion OpenStack 8:openstack-nova-16.1.9~dev78-3.45.1.noarch",
"HPE Helion OpenStack 8:openstack-nova-api-16.1.9~dev78-3.45.1.noarch",
"HPE Helion OpenStack 8:openstack-nova-cells-16.1.9~dev78-3.45.1.noarch",
"HPE Helion OpenStack 8:openstack-nova-compute-16.1.9~dev78-3.45.1.noarch",
"HPE Helion OpenStack 8:openstack-nova-conductor-16.1.9~dev78-3.45.1.noarch",
"HPE Helion OpenStack 8:openstack-nova-console-16.1.9~dev78-3.45.1.noarch",
"HPE Helion OpenStack 8:openstack-nova-consoleauth-16.1.9~dev78-3.45.1.noarch",
"HPE Helion OpenStack 8:openstack-nova-doc-16.1.9~dev78-3.45.1.noarch",
"HPE Helion OpenStack 8:openstack-nova-novncproxy-16.1.9~dev78-3.45.1.noarch",
"HPE Helion OpenStack 8:openstack-nova-placement-api-16.1.9~dev78-3.45.1.noarch",
"HPE Helion OpenStack 8:openstack-nova-scheduler-16.1.9~dev78-3.45.1.noarch",
"HPE Helion OpenStack 8:openstack-nova-serialproxy-16.1.9~dev78-3.45.1.noarch",
"HPE Helion OpenStack 8:openstack-nova-vncproxy-16.1.9~dev78-3.45.1.noarch",
"HPE Helion OpenStack 8:python-Django-1.11.29-3.22.1.noarch",
"HPE Helion OpenStack 8:python-neutron-11.0.9~dev69-3.40.1.noarch",
"HPE Helion OpenStack 8:python-nova-16.1.9~dev78-3.45.1.noarch",
"HPE Helion OpenStack 8:release-notes-hpe-helion-openstack-8.20201214-3.29.1.noarch",
"HPE Helion OpenStack 8:spark-1.6.3-8.6.1.noarch",
"HPE Helion OpenStack 8:venv-openstack-horizon-hpe-x86_64-12.0.5~dev6-14.34.1.noarch",
"HPE Helion OpenStack 8:venv-openstack-neutron-x86_64-11.0.9~dev69-13.36.1.noarch",
"HPE Helion OpenStack 8:venv-openstack-nova-x86_64-16.1.9~dev78-11.34.1.noarch",
"SUSE OpenStack Cloud 8:ardana-horizon-8.0+git.1610733160.0f577f4-3.21.1.noarch",
"SUSE OpenStack Cloud 8:ardana-logging-8.0+git.1610573640.452aed1-3.27.1.noarch",
"SUSE OpenStack Cloud 8:ardana-monasca-8.0+git.1610740501.5dca121-3.27.1.noarch",
"SUSE OpenStack Cloud 8:ardana-mq-8.0+git.1605176800.52cccfa-3.29.1.noarch",
"SUSE OpenStack Cloud 8:ardana-osconfig-8.0+git.1610643571.91b88d6-3.52.1.noarch",
"SUSE OpenStack Cloud 8:kibana-4.6.3-3.6.1.x86_64",
"SUSE OpenStack Cloud 8:openstack-neutron-11.0.9~dev69-3.40.1.noarch",
"SUSE OpenStack Cloud 8:openstack-neutron-dhcp-agent-11.0.9~dev69-3.40.1.noarch",
"SUSE OpenStack Cloud 8:openstack-neutron-doc-11.0.9~dev69-3.40.1.noarch",
"SUSE OpenStack Cloud 8:openstack-neutron-ha-tool-11.0.9~dev69-3.40.1.noarch",
"SUSE OpenStack Cloud 8:openstack-neutron-l3-agent-11.0.9~dev69-3.40.1.noarch",
"SUSE OpenStack Cloud 8:openstack-neutron-linuxbridge-agent-11.0.9~dev69-3.40.1.noarch",
"SUSE OpenStack Cloud 8:openstack-neutron-macvtap-agent-11.0.9~dev69-3.40.1.noarch",
"SUSE OpenStack Cloud 8:openstack-neutron-metadata-agent-11.0.9~dev69-3.40.1.noarch",
"SUSE OpenStack Cloud 8:openstack-neutron-metering-agent-11.0.9~dev69-3.40.1.noarch",
"SUSE OpenStack Cloud 8:openstack-neutron-openvswitch-agent-11.0.9~dev69-3.40.1.noarch",
"SUSE OpenStack Cloud 8:openstack-neutron-server-11.0.9~dev69-3.40.1.noarch",
"SUSE OpenStack Cloud 8:openstack-nova-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud 8:openstack-nova-api-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud 8:openstack-nova-cells-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud 8:openstack-nova-compute-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud 8:openstack-nova-conductor-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud 8:openstack-nova-console-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud 8:openstack-nova-consoleauth-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud 8:openstack-nova-doc-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud 8:openstack-nova-novncproxy-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud 8:openstack-nova-placement-api-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud 8:openstack-nova-scheduler-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud 8:openstack-nova-serialproxy-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud 8:openstack-nova-vncproxy-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud 8:python-Django-1.11.29-3.22.1.noarch",
"SUSE OpenStack Cloud 8:python-neutron-11.0.9~dev69-3.40.1.noarch",
"SUSE OpenStack Cloud 8:python-nova-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud 8:release-notes-suse-openstack-cloud-8.20201214-3.29.1.noarch",
"SUSE OpenStack Cloud 8:spark-1.6.3-8.6.1.noarch",
"SUSE OpenStack Cloud 8:venv-openstack-horizon-x86_64-12.0.5~dev6-14.34.3.noarch",
"SUSE OpenStack Cloud 8:venv-openstack-neutron-x86_64-11.0.9~dev69-13.36.1.noarch",
"SUSE OpenStack Cloud 8:venv-openstack-nova-x86_64-16.1.9~dev78-11.34.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:crowbar-ha-5.0+git.1610564036.b75ee1b-3.35.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:crowbar-openstack-5.0+git.1610402513.08dca931e-4.49.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:kibana-4.6.3-3.6.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:openstack-neutron-11.0.9~dev69-3.40.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:openstack-neutron-dhcp-agent-11.0.9~dev69-3.40.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:openstack-neutron-doc-11.0.9~dev69-3.40.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:openstack-neutron-ha-tool-11.0.9~dev69-3.40.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:openstack-neutron-l3-agent-11.0.9~dev69-3.40.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:openstack-neutron-linuxbridge-agent-11.0.9~dev69-3.40.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:openstack-neutron-macvtap-agent-11.0.9~dev69-3.40.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:openstack-neutron-metadata-agent-11.0.9~dev69-3.40.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:openstack-neutron-metering-agent-11.0.9~dev69-3.40.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:openstack-neutron-openvswitch-agent-11.0.9~dev69-3.40.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:openstack-neutron-server-11.0.9~dev69-3.40.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:openstack-nova-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:openstack-nova-api-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:openstack-nova-cells-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:openstack-nova-compute-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:openstack-nova-conductor-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:openstack-nova-console-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:openstack-nova-consoleauth-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:openstack-nova-doc-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:openstack-nova-novncproxy-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:openstack-nova-placement-api-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:openstack-nova-scheduler-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:openstack-nova-serialproxy-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:openstack-nova-vncproxy-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:python-Django-1.11.29-3.22.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:python-neutron-11.0.9~dev69-3.40.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:python-nova-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:release-notes-suse-openstack-cloud-8.20201214-3.29.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:sleshammer-aarch64-0.8.0-0.20.2.noarch",
"SUSE OpenStack Cloud Crowbar 8:sleshammer-ppc64le-0.8.0-0.20.2.noarch",
"SUSE OpenStack Cloud Crowbar 8:sleshammer-s390x-0.8.0-0.20.2.noarch",
"SUSE OpenStack Cloud Crowbar 8:sleshammer-x86_64-0.8.0-0.20.2.noarch",
"SUSE OpenStack Cloud Crowbar 8:spark-1.6.3-8.6.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-02-09T12:22:58Z",
"details": "low"
}
],
"title": "CVE-2016-8611"
},
{
"cve": "CVE-2020-10743",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-10743"
}
],
"notes": [
{
"category": "general",
"text": "It was discovered that OpenShift Container Platform\u0027s (OCP) distribution of Kibana could open in an iframe, which made it possible to intercept and manipulate requests. This flaw allows an attacker to trick a user into performing arbitrary actions in OCP\u0027s distribution of Kibana, such as clickjacking.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"HPE Helion OpenStack 8:ardana-horizon-8.0+git.1610733160.0f577f4-3.21.1.noarch",
"HPE Helion OpenStack 8:ardana-logging-8.0+git.1610573640.452aed1-3.27.1.noarch",
"HPE Helion OpenStack 8:ardana-monasca-8.0+git.1610740501.5dca121-3.27.1.noarch",
"HPE Helion OpenStack 8:ardana-mq-8.0+git.1605176800.52cccfa-3.29.1.noarch",
"HPE Helion OpenStack 8:ardana-osconfig-8.0+git.1610643571.91b88d6-3.52.1.noarch",
"HPE Helion OpenStack 8:kibana-4.6.3-3.6.1.x86_64",
"HPE Helion OpenStack 8:openstack-neutron-11.0.9~dev69-3.40.1.noarch",
"HPE Helion OpenStack 8:openstack-neutron-dhcp-agent-11.0.9~dev69-3.40.1.noarch",
"HPE Helion OpenStack 8:openstack-neutron-doc-11.0.9~dev69-3.40.1.noarch",
"HPE Helion OpenStack 8:openstack-neutron-ha-tool-11.0.9~dev69-3.40.1.noarch",
"HPE Helion OpenStack 8:openstack-neutron-l3-agent-11.0.9~dev69-3.40.1.noarch",
"HPE Helion OpenStack 8:openstack-neutron-linuxbridge-agent-11.0.9~dev69-3.40.1.noarch",
"HPE Helion OpenStack 8:openstack-neutron-macvtap-agent-11.0.9~dev69-3.40.1.noarch",
"HPE Helion OpenStack 8:openstack-neutron-metadata-agent-11.0.9~dev69-3.40.1.noarch",
"HPE Helion OpenStack 8:openstack-neutron-metering-agent-11.0.9~dev69-3.40.1.noarch",
"HPE Helion OpenStack 8:openstack-neutron-openvswitch-agent-11.0.9~dev69-3.40.1.noarch",
"HPE Helion OpenStack 8:openstack-neutron-server-11.0.9~dev69-3.40.1.noarch",
"HPE Helion OpenStack 8:openstack-nova-16.1.9~dev78-3.45.1.noarch",
"HPE Helion OpenStack 8:openstack-nova-api-16.1.9~dev78-3.45.1.noarch",
"HPE Helion OpenStack 8:openstack-nova-cells-16.1.9~dev78-3.45.1.noarch",
"HPE Helion OpenStack 8:openstack-nova-compute-16.1.9~dev78-3.45.1.noarch",
"HPE Helion OpenStack 8:openstack-nova-conductor-16.1.9~dev78-3.45.1.noarch",
"HPE Helion OpenStack 8:openstack-nova-console-16.1.9~dev78-3.45.1.noarch",
"HPE Helion OpenStack 8:openstack-nova-consoleauth-16.1.9~dev78-3.45.1.noarch",
"HPE Helion OpenStack 8:openstack-nova-doc-16.1.9~dev78-3.45.1.noarch",
"HPE Helion OpenStack 8:openstack-nova-novncproxy-16.1.9~dev78-3.45.1.noarch",
"HPE Helion OpenStack 8:openstack-nova-placement-api-16.1.9~dev78-3.45.1.noarch",
"HPE Helion OpenStack 8:openstack-nova-scheduler-16.1.9~dev78-3.45.1.noarch",
"HPE Helion OpenStack 8:openstack-nova-serialproxy-16.1.9~dev78-3.45.1.noarch",
"HPE Helion OpenStack 8:openstack-nova-vncproxy-16.1.9~dev78-3.45.1.noarch",
"HPE Helion OpenStack 8:python-Django-1.11.29-3.22.1.noarch",
"HPE Helion OpenStack 8:python-neutron-11.0.9~dev69-3.40.1.noarch",
"HPE Helion OpenStack 8:python-nova-16.1.9~dev78-3.45.1.noarch",
"HPE Helion OpenStack 8:release-notes-hpe-helion-openstack-8.20201214-3.29.1.noarch",
"HPE Helion OpenStack 8:spark-1.6.3-8.6.1.noarch",
"HPE Helion OpenStack 8:venv-openstack-horizon-hpe-x86_64-12.0.5~dev6-14.34.1.noarch",
"HPE Helion OpenStack 8:venv-openstack-neutron-x86_64-11.0.9~dev69-13.36.1.noarch",
"HPE Helion OpenStack 8:venv-openstack-nova-x86_64-16.1.9~dev78-11.34.1.noarch",
"SUSE OpenStack Cloud 8:ardana-horizon-8.0+git.1610733160.0f577f4-3.21.1.noarch",
"SUSE OpenStack Cloud 8:ardana-logging-8.0+git.1610573640.452aed1-3.27.1.noarch",
"SUSE OpenStack Cloud 8:ardana-monasca-8.0+git.1610740501.5dca121-3.27.1.noarch",
"SUSE OpenStack Cloud 8:ardana-mq-8.0+git.1605176800.52cccfa-3.29.1.noarch",
"SUSE OpenStack Cloud 8:ardana-osconfig-8.0+git.1610643571.91b88d6-3.52.1.noarch",
"SUSE OpenStack Cloud 8:kibana-4.6.3-3.6.1.x86_64",
"SUSE OpenStack Cloud 8:openstack-neutron-11.0.9~dev69-3.40.1.noarch",
"SUSE OpenStack Cloud 8:openstack-neutron-dhcp-agent-11.0.9~dev69-3.40.1.noarch",
"SUSE OpenStack Cloud 8:openstack-neutron-doc-11.0.9~dev69-3.40.1.noarch",
"SUSE OpenStack Cloud 8:openstack-neutron-ha-tool-11.0.9~dev69-3.40.1.noarch",
"SUSE OpenStack Cloud 8:openstack-neutron-l3-agent-11.0.9~dev69-3.40.1.noarch",
"SUSE OpenStack Cloud 8:openstack-neutron-linuxbridge-agent-11.0.9~dev69-3.40.1.noarch",
"SUSE OpenStack Cloud 8:openstack-neutron-macvtap-agent-11.0.9~dev69-3.40.1.noarch",
"SUSE OpenStack Cloud 8:openstack-neutron-metadata-agent-11.0.9~dev69-3.40.1.noarch",
"SUSE OpenStack Cloud 8:openstack-neutron-metering-agent-11.0.9~dev69-3.40.1.noarch",
"SUSE OpenStack Cloud 8:openstack-neutron-openvswitch-agent-11.0.9~dev69-3.40.1.noarch",
"SUSE OpenStack Cloud 8:openstack-neutron-server-11.0.9~dev69-3.40.1.noarch",
"SUSE OpenStack Cloud 8:openstack-nova-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud 8:openstack-nova-api-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud 8:openstack-nova-cells-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud 8:openstack-nova-compute-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud 8:openstack-nova-conductor-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud 8:openstack-nova-console-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud 8:openstack-nova-consoleauth-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud 8:openstack-nova-doc-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud 8:openstack-nova-novncproxy-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud 8:openstack-nova-placement-api-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud 8:openstack-nova-scheduler-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud 8:openstack-nova-serialproxy-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud 8:openstack-nova-vncproxy-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud 8:python-Django-1.11.29-3.22.1.noarch",
"SUSE OpenStack Cloud 8:python-neutron-11.0.9~dev69-3.40.1.noarch",
"SUSE OpenStack Cloud 8:python-nova-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud 8:release-notes-suse-openstack-cloud-8.20201214-3.29.1.noarch",
"SUSE OpenStack Cloud 8:spark-1.6.3-8.6.1.noarch",
"SUSE OpenStack Cloud 8:venv-openstack-horizon-x86_64-12.0.5~dev6-14.34.3.noarch",
"SUSE OpenStack Cloud 8:venv-openstack-neutron-x86_64-11.0.9~dev69-13.36.1.noarch",
"SUSE OpenStack Cloud 8:venv-openstack-nova-x86_64-16.1.9~dev78-11.34.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:crowbar-ha-5.0+git.1610564036.b75ee1b-3.35.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:crowbar-openstack-5.0+git.1610402513.08dca931e-4.49.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:kibana-4.6.3-3.6.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:openstack-neutron-11.0.9~dev69-3.40.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:openstack-neutron-dhcp-agent-11.0.9~dev69-3.40.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:openstack-neutron-doc-11.0.9~dev69-3.40.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:openstack-neutron-ha-tool-11.0.9~dev69-3.40.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:openstack-neutron-l3-agent-11.0.9~dev69-3.40.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:openstack-neutron-linuxbridge-agent-11.0.9~dev69-3.40.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:openstack-neutron-macvtap-agent-11.0.9~dev69-3.40.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:openstack-neutron-metadata-agent-11.0.9~dev69-3.40.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:openstack-neutron-metering-agent-11.0.9~dev69-3.40.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:openstack-neutron-openvswitch-agent-11.0.9~dev69-3.40.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:openstack-neutron-server-11.0.9~dev69-3.40.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:openstack-nova-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:openstack-nova-api-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:openstack-nova-cells-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:openstack-nova-compute-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:openstack-nova-conductor-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:openstack-nova-console-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:openstack-nova-consoleauth-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:openstack-nova-doc-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:openstack-nova-novncproxy-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:openstack-nova-placement-api-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:openstack-nova-scheduler-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:openstack-nova-serialproxy-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:openstack-nova-vncproxy-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:python-Django-1.11.29-3.22.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:python-neutron-11.0.9~dev69-3.40.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:python-nova-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:release-notes-suse-openstack-cloud-8.20201214-3.29.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:sleshammer-aarch64-0.8.0-0.20.2.noarch",
"SUSE OpenStack Cloud Crowbar 8:sleshammer-ppc64le-0.8.0-0.20.2.noarch",
"SUSE OpenStack Cloud Crowbar 8:sleshammer-s390x-0.8.0-0.20.2.noarch",
"SUSE OpenStack Cloud Crowbar 8:sleshammer-x86_64-0.8.0-0.20.2.noarch",
"SUSE OpenStack Cloud Crowbar 8:spark-1.6.3-8.6.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-10743",
"url": "https://www.suse.com/security/cve/CVE-2020-10743"
},
{
"category": "external",
"summary": "SUSE Bug 1171909 for CVE-2020-10743",
"url": "https://bugzilla.suse.com/1171909"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"HPE Helion OpenStack 8:ardana-horizon-8.0+git.1610733160.0f577f4-3.21.1.noarch",
"HPE Helion OpenStack 8:ardana-logging-8.0+git.1610573640.452aed1-3.27.1.noarch",
"HPE Helion OpenStack 8:ardana-monasca-8.0+git.1610740501.5dca121-3.27.1.noarch",
"HPE Helion OpenStack 8:ardana-mq-8.0+git.1605176800.52cccfa-3.29.1.noarch",
"HPE Helion OpenStack 8:ardana-osconfig-8.0+git.1610643571.91b88d6-3.52.1.noarch",
"HPE Helion OpenStack 8:kibana-4.6.3-3.6.1.x86_64",
"HPE Helion OpenStack 8:openstack-neutron-11.0.9~dev69-3.40.1.noarch",
"HPE Helion OpenStack 8:openstack-neutron-dhcp-agent-11.0.9~dev69-3.40.1.noarch",
"HPE Helion OpenStack 8:openstack-neutron-doc-11.0.9~dev69-3.40.1.noarch",
"HPE Helion OpenStack 8:openstack-neutron-ha-tool-11.0.9~dev69-3.40.1.noarch",
"HPE Helion OpenStack 8:openstack-neutron-l3-agent-11.0.9~dev69-3.40.1.noarch",
"HPE Helion OpenStack 8:openstack-neutron-linuxbridge-agent-11.0.9~dev69-3.40.1.noarch",
"HPE Helion OpenStack 8:openstack-neutron-macvtap-agent-11.0.9~dev69-3.40.1.noarch",
"HPE Helion OpenStack 8:openstack-neutron-metadata-agent-11.0.9~dev69-3.40.1.noarch",
"HPE Helion OpenStack 8:openstack-neutron-metering-agent-11.0.9~dev69-3.40.1.noarch",
"HPE Helion OpenStack 8:openstack-neutron-openvswitch-agent-11.0.9~dev69-3.40.1.noarch",
"HPE Helion OpenStack 8:openstack-neutron-server-11.0.9~dev69-3.40.1.noarch",
"HPE Helion OpenStack 8:openstack-nova-16.1.9~dev78-3.45.1.noarch",
"HPE Helion OpenStack 8:openstack-nova-api-16.1.9~dev78-3.45.1.noarch",
"HPE Helion OpenStack 8:openstack-nova-cells-16.1.9~dev78-3.45.1.noarch",
"HPE Helion OpenStack 8:openstack-nova-compute-16.1.9~dev78-3.45.1.noarch",
"HPE Helion OpenStack 8:openstack-nova-conductor-16.1.9~dev78-3.45.1.noarch",
"HPE Helion OpenStack 8:openstack-nova-console-16.1.9~dev78-3.45.1.noarch",
"HPE Helion OpenStack 8:openstack-nova-consoleauth-16.1.9~dev78-3.45.1.noarch",
"HPE Helion OpenStack 8:openstack-nova-doc-16.1.9~dev78-3.45.1.noarch",
"HPE Helion OpenStack 8:openstack-nova-novncproxy-16.1.9~dev78-3.45.1.noarch",
"HPE Helion OpenStack 8:openstack-nova-placement-api-16.1.9~dev78-3.45.1.noarch",
"HPE Helion OpenStack 8:openstack-nova-scheduler-16.1.9~dev78-3.45.1.noarch",
"HPE Helion OpenStack 8:openstack-nova-serialproxy-16.1.9~dev78-3.45.1.noarch",
"HPE Helion OpenStack 8:openstack-nova-vncproxy-16.1.9~dev78-3.45.1.noarch",
"HPE Helion OpenStack 8:python-Django-1.11.29-3.22.1.noarch",
"HPE Helion OpenStack 8:python-neutron-11.0.9~dev69-3.40.1.noarch",
"HPE Helion OpenStack 8:python-nova-16.1.9~dev78-3.45.1.noarch",
"HPE Helion OpenStack 8:release-notes-hpe-helion-openstack-8.20201214-3.29.1.noarch",
"HPE Helion OpenStack 8:spark-1.6.3-8.6.1.noarch",
"HPE Helion OpenStack 8:venv-openstack-horizon-hpe-x86_64-12.0.5~dev6-14.34.1.noarch",
"HPE Helion OpenStack 8:venv-openstack-neutron-x86_64-11.0.9~dev69-13.36.1.noarch",
"HPE Helion OpenStack 8:venv-openstack-nova-x86_64-16.1.9~dev78-11.34.1.noarch",
"SUSE OpenStack Cloud 8:ardana-horizon-8.0+git.1610733160.0f577f4-3.21.1.noarch",
"SUSE OpenStack Cloud 8:ardana-logging-8.0+git.1610573640.452aed1-3.27.1.noarch",
"SUSE OpenStack Cloud 8:ardana-monasca-8.0+git.1610740501.5dca121-3.27.1.noarch",
"SUSE OpenStack Cloud 8:ardana-mq-8.0+git.1605176800.52cccfa-3.29.1.noarch",
"SUSE OpenStack Cloud 8:ardana-osconfig-8.0+git.1610643571.91b88d6-3.52.1.noarch",
"SUSE OpenStack Cloud 8:kibana-4.6.3-3.6.1.x86_64",
"SUSE OpenStack Cloud 8:openstack-neutron-11.0.9~dev69-3.40.1.noarch",
"SUSE OpenStack Cloud 8:openstack-neutron-dhcp-agent-11.0.9~dev69-3.40.1.noarch",
"SUSE OpenStack Cloud 8:openstack-neutron-doc-11.0.9~dev69-3.40.1.noarch",
"SUSE OpenStack Cloud 8:openstack-neutron-ha-tool-11.0.9~dev69-3.40.1.noarch",
"SUSE OpenStack Cloud 8:openstack-neutron-l3-agent-11.0.9~dev69-3.40.1.noarch",
"SUSE OpenStack Cloud 8:openstack-neutron-linuxbridge-agent-11.0.9~dev69-3.40.1.noarch",
"SUSE OpenStack Cloud 8:openstack-neutron-macvtap-agent-11.0.9~dev69-3.40.1.noarch",
"SUSE OpenStack Cloud 8:openstack-neutron-metadata-agent-11.0.9~dev69-3.40.1.noarch",
"SUSE OpenStack Cloud 8:openstack-neutron-metering-agent-11.0.9~dev69-3.40.1.noarch",
"SUSE OpenStack Cloud 8:openstack-neutron-openvswitch-agent-11.0.9~dev69-3.40.1.noarch",
"SUSE OpenStack Cloud 8:openstack-neutron-server-11.0.9~dev69-3.40.1.noarch",
"SUSE OpenStack Cloud 8:openstack-nova-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud 8:openstack-nova-api-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud 8:openstack-nova-cells-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud 8:openstack-nova-compute-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud 8:openstack-nova-conductor-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud 8:openstack-nova-console-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud 8:openstack-nova-consoleauth-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud 8:openstack-nova-doc-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud 8:openstack-nova-novncproxy-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud 8:openstack-nova-placement-api-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud 8:openstack-nova-scheduler-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud 8:openstack-nova-serialproxy-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud 8:openstack-nova-vncproxy-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud 8:python-Django-1.11.29-3.22.1.noarch",
"SUSE OpenStack Cloud 8:python-neutron-11.0.9~dev69-3.40.1.noarch",
"SUSE OpenStack Cloud 8:python-nova-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud 8:release-notes-suse-openstack-cloud-8.20201214-3.29.1.noarch",
"SUSE OpenStack Cloud 8:spark-1.6.3-8.6.1.noarch",
"SUSE OpenStack Cloud 8:venv-openstack-horizon-x86_64-12.0.5~dev6-14.34.3.noarch",
"SUSE OpenStack Cloud 8:venv-openstack-neutron-x86_64-11.0.9~dev69-13.36.1.noarch",
"SUSE OpenStack Cloud 8:venv-openstack-nova-x86_64-16.1.9~dev78-11.34.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:crowbar-ha-5.0+git.1610564036.b75ee1b-3.35.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:crowbar-openstack-5.0+git.1610402513.08dca931e-4.49.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:kibana-4.6.3-3.6.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:openstack-neutron-11.0.9~dev69-3.40.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:openstack-neutron-dhcp-agent-11.0.9~dev69-3.40.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:openstack-neutron-doc-11.0.9~dev69-3.40.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:openstack-neutron-ha-tool-11.0.9~dev69-3.40.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:openstack-neutron-l3-agent-11.0.9~dev69-3.40.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:openstack-neutron-linuxbridge-agent-11.0.9~dev69-3.40.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:openstack-neutron-macvtap-agent-11.0.9~dev69-3.40.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:openstack-neutron-metadata-agent-11.0.9~dev69-3.40.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:openstack-neutron-metering-agent-11.0.9~dev69-3.40.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:openstack-neutron-openvswitch-agent-11.0.9~dev69-3.40.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:openstack-neutron-server-11.0.9~dev69-3.40.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:openstack-nova-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:openstack-nova-api-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:openstack-nova-cells-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:openstack-nova-compute-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:openstack-nova-conductor-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:openstack-nova-console-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:openstack-nova-consoleauth-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:openstack-nova-doc-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:openstack-nova-novncproxy-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:openstack-nova-placement-api-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:openstack-nova-scheduler-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:openstack-nova-serialproxy-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:openstack-nova-vncproxy-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:python-Django-1.11.29-3.22.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:python-neutron-11.0.9~dev69-3.40.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:python-nova-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:release-notes-suse-openstack-cloud-8.20201214-3.29.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:sleshammer-aarch64-0.8.0-0.20.2.noarch",
"SUSE OpenStack Cloud Crowbar 8:sleshammer-ppc64le-0.8.0-0.20.2.noarch",
"SUSE OpenStack Cloud Crowbar 8:sleshammer-s390x-0.8.0-0.20.2.noarch",
"SUSE OpenStack Cloud Crowbar 8:sleshammer-x86_64-0.8.0-0.20.2.noarch",
"SUSE OpenStack Cloud Crowbar 8:spark-1.6.3-8.6.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.9,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"HPE Helion OpenStack 8:ardana-horizon-8.0+git.1610733160.0f577f4-3.21.1.noarch",
"HPE Helion OpenStack 8:ardana-logging-8.0+git.1610573640.452aed1-3.27.1.noarch",
"HPE Helion OpenStack 8:ardana-monasca-8.0+git.1610740501.5dca121-3.27.1.noarch",
"HPE Helion OpenStack 8:ardana-mq-8.0+git.1605176800.52cccfa-3.29.1.noarch",
"HPE Helion OpenStack 8:ardana-osconfig-8.0+git.1610643571.91b88d6-3.52.1.noarch",
"HPE Helion OpenStack 8:kibana-4.6.3-3.6.1.x86_64",
"HPE Helion OpenStack 8:openstack-neutron-11.0.9~dev69-3.40.1.noarch",
"HPE Helion OpenStack 8:openstack-neutron-dhcp-agent-11.0.9~dev69-3.40.1.noarch",
"HPE Helion OpenStack 8:openstack-neutron-doc-11.0.9~dev69-3.40.1.noarch",
"HPE Helion OpenStack 8:openstack-neutron-ha-tool-11.0.9~dev69-3.40.1.noarch",
"HPE Helion OpenStack 8:openstack-neutron-l3-agent-11.0.9~dev69-3.40.1.noarch",
"HPE Helion OpenStack 8:openstack-neutron-linuxbridge-agent-11.0.9~dev69-3.40.1.noarch",
"HPE Helion OpenStack 8:openstack-neutron-macvtap-agent-11.0.9~dev69-3.40.1.noarch",
"HPE Helion OpenStack 8:openstack-neutron-metadata-agent-11.0.9~dev69-3.40.1.noarch",
"HPE Helion OpenStack 8:openstack-neutron-metering-agent-11.0.9~dev69-3.40.1.noarch",
"HPE Helion OpenStack 8:openstack-neutron-openvswitch-agent-11.0.9~dev69-3.40.1.noarch",
"HPE Helion OpenStack 8:openstack-neutron-server-11.0.9~dev69-3.40.1.noarch",
"HPE Helion OpenStack 8:openstack-nova-16.1.9~dev78-3.45.1.noarch",
"HPE Helion OpenStack 8:openstack-nova-api-16.1.9~dev78-3.45.1.noarch",
"HPE Helion OpenStack 8:openstack-nova-cells-16.1.9~dev78-3.45.1.noarch",
"HPE Helion OpenStack 8:openstack-nova-compute-16.1.9~dev78-3.45.1.noarch",
"HPE Helion OpenStack 8:openstack-nova-conductor-16.1.9~dev78-3.45.1.noarch",
"HPE Helion OpenStack 8:openstack-nova-console-16.1.9~dev78-3.45.1.noarch",
"HPE Helion OpenStack 8:openstack-nova-consoleauth-16.1.9~dev78-3.45.1.noarch",
"HPE Helion OpenStack 8:openstack-nova-doc-16.1.9~dev78-3.45.1.noarch",
"HPE Helion OpenStack 8:openstack-nova-novncproxy-16.1.9~dev78-3.45.1.noarch",
"HPE Helion OpenStack 8:openstack-nova-placement-api-16.1.9~dev78-3.45.1.noarch",
"HPE Helion OpenStack 8:openstack-nova-scheduler-16.1.9~dev78-3.45.1.noarch",
"HPE Helion OpenStack 8:openstack-nova-serialproxy-16.1.9~dev78-3.45.1.noarch",
"HPE Helion OpenStack 8:openstack-nova-vncproxy-16.1.9~dev78-3.45.1.noarch",
"HPE Helion OpenStack 8:python-Django-1.11.29-3.22.1.noarch",
"HPE Helion OpenStack 8:python-neutron-11.0.9~dev69-3.40.1.noarch",
"HPE Helion OpenStack 8:python-nova-16.1.9~dev78-3.45.1.noarch",
"HPE Helion OpenStack 8:release-notes-hpe-helion-openstack-8.20201214-3.29.1.noarch",
"HPE Helion OpenStack 8:spark-1.6.3-8.6.1.noarch",
"HPE Helion OpenStack 8:venv-openstack-horizon-hpe-x86_64-12.0.5~dev6-14.34.1.noarch",
"HPE Helion OpenStack 8:venv-openstack-neutron-x86_64-11.0.9~dev69-13.36.1.noarch",
"HPE Helion OpenStack 8:venv-openstack-nova-x86_64-16.1.9~dev78-11.34.1.noarch",
"SUSE OpenStack Cloud 8:ardana-horizon-8.0+git.1610733160.0f577f4-3.21.1.noarch",
"SUSE OpenStack Cloud 8:ardana-logging-8.0+git.1610573640.452aed1-3.27.1.noarch",
"SUSE OpenStack Cloud 8:ardana-monasca-8.0+git.1610740501.5dca121-3.27.1.noarch",
"SUSE OpenStack Cloud 8:ardana-mq-8.0+git.1605176800.52cccfa-3.29.1.noarch",
"SUSE OpenStack Cloud 8:ardana-osconfig-8.0+git.1610643571.91b88d6-3.52.1.noarch",
"SUSE OpenStack Cloud 8:kibana-4.6.3-3.6.1.x86_64",
"SUSE OpenStack Cloud 8:openstack-neutron-11.0.9~dev69-3.40.1.noarch",
"SUSE OpenStack Cloud 8:openstack-neutron-dhcp-agent-11.0.9~dev69-3.40.1.noarch",
"SUSE OpenStack Cloud 8:openstack-neutron-doc-11.0.9~dev69-3.40.1.noarch",
"SUSE OpenStack Cloud 8:openstack-neutron-ha-tool-11.0.9~dev69-3.40.1.noarch",
"SUSE OpenStack Cloud 8:openstack-neutron-l3-agent-11.0.9~dev69-3.40.1.noarch",
"SUSE OpenStack Cloud 8:openstack-neutron-linuxbridge-agent-11.0.9~dev69-3.40.1.noarch",
"SUSE OpenStack Cloud 8:openstack-neutron-macvtap-agent-11.0.9~dev69-3.40.1.noarch",
"SUSE OpenStack Cloud 8:openstack-neutron-metadata-agent-11.0.9~dev69-3.40.1.noarch",
"SUSE OpenStack Cloud 8:openstack-neutron-metering-agent-11.0.9~dev69-3.40.1.noarch",
"SUSE OpenStack Cloud 8:openstack-neutron-openvswitch-agent-11.0.9~dev69-3.40.1.noarch",
"SUSE OpenStack Cloud 8:openstack-neutron-server-11.0.9~dev69-3.40.1.noarch",
"SUSE OpenStack Cloud 8:openstack-nova-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud 8:openstack-nova-api-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud 8:openstack-nova-cells-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud 8:openstack-nova-compute-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud 8:openstack-nova-conductor-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud 8:openstack-nova-console-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud 8:openstack-nova-consoleauth-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud 8:openstack-nova-doc-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud 8:openstack-nova-novncproxy-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud 8:openstack-nova-placement-api-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud 8:openstack-nova-scheduler-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud 8:openstack-nova-serialproxy-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud 8:openstack-nova-vncproxy-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud 8:python-Django-1.11.29-3.22.1.noarch",
"SUSE OpenStack Cloud 8:python-neutron-11.0.9~dev69-3.40.1.noarch",
"SUSE OpenStack Cloud 8:python-nova-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud 8:release-notes-suse-openstack-cloud-8.20201214-3.29.1.noarch",
"SUSE OpenStack Cloud 8:spark-1.6.3-8.6.1.noarch",
"SUSE OpenStack Cloud 8:venv-openstack-horizon-x86_64-12.0.5~dev6-14.34.3.noarch",
"SUSE OpenStack Cloud 8:venv-openstack-neutron-x86_64-11.0.9~dev69-13.36.1.noarch",
"SUSE OpenStack Cloud 8:venv-openstack-nova-x86_64-16.1.9~dev78-11.34.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:crowbar-ha-5.0+git.1610564036.b75ee1b-3.35.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:crowbar-openstack-5.0+git.1610402513.08dca931e-4.49.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:kibana-4.6.3-3.6.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:openstack-neutron-11.0.9~dev69-3.40.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:openstack-neutron-dhcp-agent-11.0.9~dev69-3.40.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:openstack-neutron-doc-11.0.9~dev69-3.40.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:openstack-neutron-ha-tool-11.0.9~dev69-3.40.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:openstack-neutron-l3-agent-11.0.9~dev69-3.40.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:openstack-neutron-linuxbridge-agent-11.0.9~dev69-3.40.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:openstack-neutron-macvtap-agent-11.0.9~dev69-3.40.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:openstack-neutron-metadata-agent-11.0.9~dev69-3.40.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:openstack-neutron-metering-agent-11.0.9~dev69-3.40.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:openstack-neutron-openvswitch-agent-11.0.9~dev69-3.40.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:openstack-neutron-server-11.0.9~dev69-3.40.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:openstack-nova-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:openstack-nova-api-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:openstack-nova-cells-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:openstack-nova-compute-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:openstack-nova-conductor-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:openstack-nova-console-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:openstack-nova-consoleauth-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:openstack-nova-doc-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:openstack-nova-novncproxy-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:openstack-nova-placement-api-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:openstack-nova-scheduler-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:openstack-nova-serialproxy-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:openstack-nova-vncproxy-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:python-Django-1.11.29-3.22.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:python-neutron-11.0.9~dev69-3.40.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:python-nova-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:release-notes-suse-openstack-cloud-8.20201214-3.29.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:sleshammer-aarch64-0.8.0-0.20.2.noarch",
"SUSE OpenStack Cloud Crowbar 8:sleshammer-ppc64le-0.8.0-0.20.2.noarch",
"SUSE OpenStack Cloud Crowbar 8:sleshammer-s390x-0.8.0-0.20.2.noarch",
"SUSE OpenStack Cloud Crowbar 8:sleshammer-x86_64-0.8.0-0.20.2.noarch",
"SUSE OpenStack Cloud Crowbar 8:spark-1.6.3-8.6.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-02-09T12:22:58Z",
"details": "low"
}
],
"title": "CVE-2020-10743"
},
{
"cve": "CVE-2021-3281",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-3281"
}
],
"notes": [
{
"category": "general",
"text": "In Django 2.2 before 2.2.18, 3.0 before 3.0.12, and 3.1 before 3.1.6, the django.utils.archive.extract method (used by \"startapp --template\" and \"startproject --template\") allows directory traversal via an archive with absolute paths or relative paths with dot segments.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"HPE Helion OpenStack 8:ardana-horizon-8.0+git.1610733160.0f577f4-3.21.1.noarch",
"HPE Helion OpenStack 8:ardana-logging-8.0+git.1610573640.452aed1-3.27.1.noarch",
"HPE Helion OpenStack 8:ardana-monasca-8.0+git.1610740501.5dca121-3.27.1.noarch",
"HPE Helion OpenStack 8:ardana-mq-8.0+git.1605176800.52cccfa-3.29.1.noarch",
"HPE Helion OpenStack 8:ardana-osconfig-8.0+git.1610643571.91b88d6-3.52.1.noarch",
"HPE Helion OpenStack 8:kibana-4.6.3-3.6.1.x86_64",
"HPE Helion OpenStack 8:openstack-neutron-11.0.9~dev69-3.40.1.noarch",
"HPE Helion OpenStack 8:openstack-neutron-dhcp-agent-11.0.9~dev69-3.40.1.noarch",
"HPE Helion OpenStack 8:openstack-neutron-doc-11.0.9~dev69-3.40.1.noarch",
"HPE Helion OpenStack 8:openstack-neutron-ha-tool-11.0.9~dev69-3.40.1.noarch",
"HPE Helion OpenStack 8:openstack-neutron-l3-agent-11.0.9~dev69-3.40.1.noarch",
"HPE Helion OpenStack 8:openstack-neutron-linuxbridge-agent-11.0.9~dev69-3.40.1.noarch",
"HPE Helion OpenStack 8:openstack-neutron-macvtap-agent-11.0.9~dev69-3.40.1.noarch",
"HPE Helion OpenStack 8:openstack-neutron-metadata-agent-11.0.9~dev69-3.40.1.noarch",
"HPE Helion OpenStack 8:openstack-neutron-metering-agent-11.0.9~dev69-3.40.1.noarch",
"HPE Helion OpenStack 8:openstack-neutron-openvswitch-agent-11.0.9~dev69-3.40.1.noarch",
"HPE Helion OpenStack 8:openstack-neutron-server-11.0.9~dev69-3.40.1.noarch",
"HPE Helion OpenStack 8:openstack-nova-16.1.9~dev78-3.45.1.noarch",
"HPE Helion OpenStack 8:openstack-nova-api-16.1.9~dev78-3.45.1.noarch",
"HPE Helion OpenStack 8:openstack-nova-cells-16.1.9~dev78-3.45.1.noarch",
"HPE Helion OpenStack 8:openstack-nova-compute-16.1.9~dev78-3.45.1.noarch",
"HPE Helion OpenStack 8:openstack-nova-conductor-16.1.9~dev78-3.45.1.noarch",
"HPE Helion OpenStack 8:openstack-nova-console-16.1.9~dev78-3.45.1.noarch",
"HPE Helion OpenStack 8:openstack-nova-consoleauth-16.1.9~dev78-3.45.1.noarch",
"HPE Helion OpenStack 8:openstack-nova-doc-16.1.9~dev78-3.45.1.noarch",
"HPE Helion OpenStack 8:openstack-nova-novncproxy-16.1.9~dev78-3.45.1.noarch",
"HPE Helion OpenStack 8:openstack-nova-placement-api-16.1.9~dev78-3.45.1.noarch",
"HPE Helion OpenStack 8:openstack-nova-scheduler-16.1.9~dev78-3.45.1.noarch",
"HPE Helion OpenStack 8:openstack-nova-serialproxy-16.1.9~dev78-3.45.1.noarch",
"HPE Helion OpenStack 8:openstack-nova-vncproxy-16.1.9~dev78-3.45.1.noarch",
"HPE Helion OpenStack 8:python-Django-1.11.29-3.22.1.noarch",
"HPE Helion OpenStack 8:python-neutron-11.0.9~dev69-3.40.1.noarch",
"HPE Helion OpenStack 8:python-nova-16.1.9~dev78-3.45.1.noarch",
"HPE Helion OpenStack 8:release-notes-hpe-helion-openstack-8.20201214-3.29.1.noarch",
"HPE Helion OpenStack 8:spark-1.6.3-8.6.1.noarch",
"HPE Helion OpenStack 8:venv-openstack-horizon-hpe-x86_64-12.0.5~dev6-14.34.1.noarch",
"HPE Helion OpenStack 8:venv-openstack-neutron-x86_64-11.0.9~dev69-13.36.1.noarch",
"HPE Helion OpenStack 8:venv-openstack-nova-x86_64-16.1.9~dev78-11.34.1.noarch",
"SUSE OpenStack Cloud 8:ardana-horizon-8.0+git.1610733160.0f577f4-3.21.1.noarch",
"SUSE OpenStack Cloud 8:ardana-logging-8.0+git.1610573640.452aed1-3.27.1.noarch",
"SUSE OpenStack Cloud 8:ardana-monasca-8.0+git.1610740501.5dca121-3.27.1.noarch",
"SUSE OpenStack Cloud 8:ardana-mq-8.0+git.1605176800.52cccfa-3.29.1.noarch",
"SUSE OpenStack Cloud 8:ardana-osconfig-8.0+git.1610643571.91b88d6-3.52.1.noarch",
"SUSE OpenStack Cloud 8:kibana-4.6.3-3.6.1.x86_64",
"SUSE OpenStack Cloud 8:openstack-neutron-11.0.9~dev69-3.40.1.noarch",
"SUSE OpenStack Cloud 8:openstack-neutron-dhcp-agent-11.0.9~dev69-3.40.1.noarch",
"SUSE OpenStack Cloud 8:openstack-neutron-doc-11.0.9~dev69-3.40.1.noarch",
"SUSE OpenStack Cloud 8:openstack-neutron-ha-tool-11.0.9~dev69-3.40.1.noarch",
"SUSE OpenStack Cloud 8:openstack-neutron-l3-agent-11.0.9~dev69-3.40.1.noarch",
"SUSE OpenStack Cloud 8:openstack-neutron-linuxbridge-agent-11.0.9~dev69-3.40.1.noarch",
"SUSE OpenStack Cloud 8:openstack-neutron-macvtap-agent-11.0.9~dev69-3.40.1.noarch",
"SUSE OpenStack Cloud 8:openstack-neutron-metadata-agent-11.0.9~dev69-3.40.1.noarch",
"SUSE OpenStack Cloud 8:openstack-neutron-metering-agent-11.0.9~dev69-3.40.1.noarch",
"SUSE OpenStack Cloud 8:openstack-neutron-openvswitch-agent-11.0.9~dev69-3.40.1.noarch",
"SUSE OpenStack Cloud 8:openstack-neutron-server-11.0.9~dev69-3.40.1.noarch",
"SUSE OpenStack Cloud 8:openstack-nova-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud 8:openstack-nova-api-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud 8:openstack-nova-cells-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud 8:openstack-nova-compute-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud 8:openstack-nova-conductor-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud 8:openstack-nova-console-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud 8:openstack-nova-consoleauth-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud 8:openstack-nova-doc-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud 8:openstack-nova-novncproxy-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud 8:openstack-nova-placement-api-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud 8:openstack-nova-scheduler-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud 8:openstack-nova-serialproxy-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud 8:openstack-nova-vncproxy-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud 8:python-Django-1.11.29-3.22.1.noarch",
"SUSE OpenStack Cloud 8:python-neutron-11.0.9~dev69-3.40.1.noarch",
"SUSE OpenStack Cloud 8:python-nova-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud 8:release-notes-suse-openstack-cloud-8.20201214-3.29.1.noarch",
"SUSE OpenStack Cloud 8:spark-1.6.3-8.6.1.noarch",
"SUSE OpenStack Cloud 8:venv-openstack-horizon-x86_64-12.0.5~dev6-14.34.3.noarch",
"SUSE OpenStack Cloud 8:venv-openstack-neutron-x86_64-11.0.9~dev69-13.36.1.noarch",
"SUSE OpenStack Cloud 8:venv-openstack-nova-x86_64-16.1.9~dev78-11.34.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:crowbar-ha-5.0+git.1610564036.b75ee1b-3.35.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:crowbar-openstack-5.0+git.1610402513.08dca931e-4.49.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:kibana-4.6.3-3.6.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:openstack-neutron-11.0.9~dev69-3.40.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:openstack-neutron-dhcp-agent-11.0.9~dev69-3.40.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:openstack-neutron-doc-11.0.9~dev69-3.40.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:openstack-neutron-ha-tool-11.0.9~dev69-3.40.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:openstack-neutron-l3-agent-11.0.9~dev69-3.40.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:openstack-neutron-linuxbridge-agent-11.0.9~dev69-3.40.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:openstack-neutron-macvtap-agent-11.0.9~dev69-3.40.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:openstack-neutron-metadata-agent-11.0.9~dev69-3.40.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:openstack-neutron-metering-agent-11.0.9~dev69-3.40.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:openstack-neutron-openvswitch-agent-11.0.9~dev69-3.40.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:openstack-neutron-server-11.0.9~dev69-3.40.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:openstack-nova-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:openstack-nova-api-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:openstack-nova-cells-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:openstack-nova-compute-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:openstack-nova-conductor-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:openstack-nova-console-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:openstack-nova-consoleauth-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:openstack-nova-doc-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:openstack-nova-novncproxy-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:openstack-nova-placement-api-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:openstack-nova-scheduler-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:openstack-nova-serialproxy-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:openstack-nova-vncproxy-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:python-Django-1.11.29-3.22.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:python-neutron-11.0.9~dev69-3.40.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:python-nova-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:release-notes-suse-openstack-cloud-8.20201214-3.29.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:sleshammer-aarch64-0.8.0-0.20.2.noarch",
"SUSE OpenStack Cloud Crowbar 8:sleshammer-ppc64le-0.8.0-0.20.2.noarch",
"SUSE OpenStack Cloud Crowbar 8:sleshammer-s390x-0.8.0-0.20.2.noarch",
"SUSE OpenStack Cloud Crowbar 8:sleshammer-x86_64-0.8.0-0.20.2.noarch",
"SUSE OpenStack Cloud Crowbar 8:spark-1.6.3-8.6.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-3281",
"url": "https://www.suse.com/security/cve/CVE-2021-3281"
},
{
"category": "external",
"summary": "SUSE Bug 1181379 for CVE-2021-3281",
"url": "https://bugzilla.suse.com/1181379"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"HPE Helion OpenStack 8:ardana-horizon-8.0+git.1610733160.0f577f4-3.21.1.noarch",
"HPE Helion OpenStack 8:ardana-logging-8.0+git.1610573640.452aed1-3.27.1.noarch",
"HPE Helion OpenStack 8:ardana-monasca-8.0+git.1610740501.5dca121-3.27.1.noarch",
"HPE Helion OpenStack 8:ardana-mq-8.0+git.1605176800.52cccfa-3.29.1.noarch",
"HPE Helion OpenStack 8:ardana-osconfig-8.0+git.1610643571.91b88d6-3.52.1.noarch",
"HPE Helion OpenStack 8:kibana-4.6.3-3.6.1.x86_64",
"HPE Helion OpenStack 8:openstack-neutron-11.0.9~dev69-3.40.1.noarch",
"HPE Helion OpenStack 8:openstack-neutron-dhcp-agent-11.0.9~dev69-3.40.1.noarch",
"HPE Helion OpenStack 8:openstack-neutron-doc-11.0.9~dev69-3.40.1.noarch",
"HPE Helion OpenStack 8:openstack-neutron-ha-tool-11.0.9~dev69-3.40.1.noarch",
"HPE Helion OpenStack 8:openstack-neutron-l3-agent-11.0.9~dev69-3.40.1.noarch",
"HPE Helion OpenStack 8:openstack-neutron-linuxbridge-agent-11.0.9~dev69-3.40.1.noarch",
"HPE Helion OpenStack 8:openstack-neutron-macvtap-agent-11.0.9~dev69-3.40.1.noarch",
"HPE Helion OpenStack 8:openstack-neutron-metadata-agent-11.0.9~dev69-3.40.1.noarch",
"HPE Helion OpenStack 8:openstack-neutron-metering-agent-11.0.9~dev69-3.40.1.noarch",
"HPE Helion OpenStack 8:openstack-neutron-openvswitch-agent-11.0.9~dev69-3.40.1.noarch",
"HPE Helion OpenStack 8:openstack-neutron-server-11.0.9~dev69-3.40.1.noarch",
"HPE Helion OpenStack 8:openstack-nova-16.1.9~dev78-3.45.1.noarch",
"HPE Helion OpenStack 8:openstack-nova-api-16.1.9~dev78-3.45.1.noarch",
"HPE Helion OpenStack 8:openstack-nova-cells-16.1.9~dev78-3.45.1.noarch",
"HPE Helion OpenStack 8:openstack-nova-compute-16.1.9~dev78-3.45.1.noarch",
"HPE Helion OpenStack 8:openstack-nova-conductor-16.1.9~dev78-3.45.1.noarch",
"HPE Helion OpenStack 8:openstack-nova-console-16.1.9~dev78-3.45.1.noarch",
"HPE Helion OpenStack 8:openstack-nova-consoleauth-16.1.9~dev78-3.45.1.noarch",
"HPE Helion OpenStack 8:openstack-nova-doc-16.1.9~dev78-3.45.1.noarch",
"HPE Helion OpenStack 8:openstack-nova-novncproxy-16.1.9~dev78-3.45.1.noarch",
"HPE Helion OpenStack 8:openstack-nova-placement-api-16.1.9~dev78-3.45.1.noarch",
"HPE Helion OpenStack 8:openstack-nova-scheduler-16.1.9~dev78-3.45.1.noarch",
"HPE Helion OpenStack 8:openstack-nova-serialproxy-16.1.9~dev78-3.45.1.noarch",
"HPE Helion OpenStack 8:openstack-nova-vncproxy-16.1.9~dev78-3.45.1.noarch",
"HPE Helion OpenStack 8:python-Django-1.11.29-3.22.1.noarch",
"HPE Helion OpenStack 8:python-neutron-11.0.9~dev69-3.40.1.noarch",
"HPE Helion OpenStack 8:python-nova-16.1.9~dev78-3.45.1.noarch",
"HPE Helion OpenStack 8:release-notes-hpe-helion-openstack-8.20201214-3.29.1.noarch",
"HPE Helion OpenStack 8:spark-1.6.3-8.6.1.noarch",
"HPE Helion OpenStack 8:venv-openstack-horizon-hpe-x86_64-12.0.5~dev6-14.34.1.noarch",
"HPE Helion OpenStack 8:venv-openstack-neutron-x86_64-11.0.9~dev69-13.36.1.noarch",
"HPE Helion OpenStack 8:venv-openstack-nova-x86_64-16.1.9~dev78-11.34.1.noarch",
"SUSE OpenStack Cloud 8:ardana-horizon-8.0+git.1610733160.0f577f4-3.21.1.noarch",
"SUSE OpenStack Cloud 8:ardana-logging-8.0+git.1610573640.452aed1-3.27.1.noarch",
"SUSE OpenStack Cloud 8:ardana-monasca-8.0+git.1610740501.5dca121-3.27.1.noarch",
"SUSE OpenStack Cloud 8:ardana-mq-8.0+git.1605176800.52cccfa-3.29.1.noarch",
"SUSE OpenStack Cloud 8:ardana-osconfig-8.0+git.1610643571.91b88d6-3.52.1.noarch",
"SUSE OpenStack Cloud 8:kibana-4.6.3-3.6.1.x86_64",
"SUSE OpenStack Cloud 8:openstack-neutron-11.0.9~dev69-3.40.1.noarch",
"SUSE OpenStack Cloud 8:openstack-neutron-dhcp-agent-11.0.9~dev69-3.40.1.noarch",
"SUSE OpenStack Cloud 8:openstack-neutron-doc-11.0.9~dev69-3.40.1.noarch",
"SUSE OpenStack Cloud 8:openstack-neutron-ha-tool-11.0.9~dev69-3.40.1.noarch",
"SUSE OpenStack Cloud 8:openstack-neutron-l3-agent-11.0.9~dev69-3.40.1.noarch",
"SUSE OpenStack Cloud 8:openstack-neutron-linuxbridge-agent-11.0.9~dev69-3.40.1.noarch",
"SUSE OpenStack Cloud 8:openstack-neutron-macvtap-agent-11.0.9~dev69-3.40.1.noarch",
"SUSE OpenStack Cloud 8:openstack-neutron-metadata-agent-11.0.9~dev69-3.40.1.noarch",
"SUSE OpenStack Cloud 8:openstack-neutron-metering-agent-11.0.9~dev69-3.40.1.noarch",
"SUSE OpenStack Cloud 8:openstack-neutron-openvswitch-agent-11.0.9~dev69-3.40.1.noarch",
"SUSE OpenStack Cloud 8:openstack-neutron-server-11.0.9~dev69-3.40.1.noarch",
"SUSE OpenStack Cloud 8:openstack-nova-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud 8:openstack-nova-api-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud 8:openstack-nova-cells-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud 8:openstack-nova-compute-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud 8:openstack-nova-conductor-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud 8:openstack-nova-console-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud 8:openstack-nova-consoleauth-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud 8:openstack-nova-doc-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud 8:openstack-nova-novncproxy-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud 8:openstack-nova-placement-api-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud 8:openstack-nova-scheduler-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud 8:openstack-nova-serialproxy-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud 8:openstack-nova-vncproxy-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud 8:python-Django-1.11.29-3.22.1.noarch",
"SUSE OpenStack Cloud 8:python-neutron-11.0.9~dev69-3.40.1.noarch",
"SUSE OpenStack Cloud 8:python-nova-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud 8:release-notes-suse-openstack-cloud-8.20201214-3.29.1.noarch",
"SUSE OpenStack Cloud 8:spark-1.6.3-8.6.1.noarch",
"SUSE OpenStack Cloud 8:venv-openstack-horizon-x86_64-12.0.5~dev6-14.34.3.noarch",
"SUSE OpenStack Cloud 8:venv-openstack-neutron-x86_64-11.0.9~dev69-13.36.1.noarch",
"SUSE OpenStack Cloud 8:venv-openstack-nova-x86_64-16.1.9~dev78-11.34.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:crowbar-ha-5.0+git.1610564036.b75ee1b-3.35.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:crowbar-openstack-5.0+git.1610402513.08dca931e-4.49.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:kibana-4.6.3-3.6.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:openstack-neutron-11.0.9~dev69-3.40.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:openstack-neutron-dhcp-agent-11.0.9~dev69-3.40.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:openstack-neutron-doc-11.0.9~dev69-3.40.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:openstack-neutron-ha-tool-11.0.9~dev69-3.40.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:openstack-neutron-l3-agent-11.0.9~dev69-3.40.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:openstack-neutron-linuxbridge-agent-11.0.9~dev69-3.40.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:openstack-neutron-macvtap-agent-11.0.9~dev69-3.40.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:openstack-neutron-metadata-agent-11.0.9~dev69-3.40.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:openstack-neutron-metering-agent-11.0.9~dev69-3.40.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:openstack-neutron-openvswitch-agent-11.0.9~dev69-3.40.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:openstack-neutron-server-11.0.9~dev69-3.40.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:openstack-nova-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:openstack-nova-api-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:openstack-nova-cells-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:openstack-nova-compute-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:openstack-nova-conductor-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:openstack-nova-console-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:openstack-nova-consoleauth-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:openstack-nova-doc-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:openstack-nova-novncproxy-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:openstack-nova-placement-api-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:openstack-nova-scheduler-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:openstack-nova-serialproxy-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:openstack-nova-vncproxy-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:python-Django-1.11.29-3.22.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:python-neutron-11.0.9~dev69-3.40.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:python-nova-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:release-notes-suse-openstack-cloud-8.20201214-3.29.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:sleshammer-aarch64-0.8.0-0.20.2.noarch",
"SUSE OpenStack Cloud Crowbar 8:sleshammer-ppc64le-0.8.0-0.20.2.noarch",
"SUSE OpenStack Cloud Crowbar 8:sleshammer-s390x-0.8.0-0.20.2.noarch",
"SUSE OpenStack Cloud Crowbar 8:sleshammer-x86_64-0.8.0-0.20.2.noarch",
"SUSE OpenStack Cloud Crowbar 8:spark-1.6.3-8.6.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"HPE Helion OpenStack 8:ardana-horizon-8.0+git.1610733160.0f577f4-3.21.1.noarch",
"HPE Helion OpenStack 8:ardana-logging-8.0+git.1610573640.452aed1-3.27.1.noarch",
"HPE Helion OpenStack 8:ardana-monasca-8.0+git.1610740501.5dca121-3.27.1.noarch",
"HPE Helion OpenStack 8:ardana-mq-8.0+git.1605176800.52cccfa-3.29.1.noarch",
"HPE Helion OpenStack 8:ardana-osconfig-8.0+git.1610643571.91b88d6-3.52.1.noarch",
"HPE Helion OpenStack 8:kibana-4.6.3-3.6.1.x86_64",
"HPE Helion OpenStack 8:openstack-neutron-11.0.9~dev69-3.40.1.noarch",
"HPE Helion OpenStack 8:openstack-neutron-dhcp-agent-11.0.9~dev69-3.40.1.noarch",
"HPE Helion OpenStack 8:openstack-neutron-doc-11.0.9~dev69-3.40.1.noarch",
"HPE Helion OpenStack 8:openstack-neutron-ha-tool-11.0.9~dev69-3.40.1.noarch",
"HPE Helion OpenStack 8:openstack-neutron-l3-agent-11.0.9~dev69-3.40.1.noarch",
"HPE Helion OpenStack 8:openstack-neutron-linuxbridge-agent-11.0.9~dev69-3.40.1.noarch",
"HPE Helion OpenStack 8:openstack-neutron-macvtap-agent-11.0.9~dev69-3.40.1.noarch",
"HPE Helion OpenStack 8:openstack-neutron-metadata-agent-11.0.9~dev69-3.40.1.noarch",
"HPE Helion OpenStack 8:openstack-neutron-metering-agent-11.0.9~dev69-3.40.1.noarch",
"HPE Helion OpenStack 8:openstack-neutron-openvswitch-agent-11.0.9~dev69-3.40.1.noarch",
"HPE Helion OpenStack 8:openstack-neutron-server-11.0.9~dev69-3.40.1.noarch",
"HPE Helion OpenStack 8:openstack-nova-16.1.9~dev78-3.45.1.noarch",
"HPE Helion OpenStack 8:openstack-nova-api-16.1.9~dev78-3.45.1.noarch",
"HPE Helion OpenStack 8:openstack-nova-cells-16.1.9~dev78-3.45.1.noarch",
"HPE Helion OpenStack 8:openstack-nova-compute-16.1.9~dev78-3.45.1.noarch",
"HPE Helion OpenStack 8:openstack-nova-conductor-16.1.9~dev78-3.45.1.noarch",
"HPE Helion OpenStack 8:openstack-nova-console-16.1.9~dev78-3.45.1.noarch",
"HPE Helion OpenStack 8:openstack-nova-consoleauth-16.1.9~dev78-3.45.1.noarch",
"HPE Helion OpenStack 8:openstack-nova-doc-16.1.9~dev78-3.45.1.noarch",
"HPE Helion OpenStack 8:openstack-nova-novncproxy-16.1.9~dev78-3.45.1.noarch",
"HPE Helion OpenStack 8:openstack-nova-placement-api-16.1.9~dev78-3.45.1.noarch",
"HPE Helion OpenStack 8:openstack-nova-scheduler-16.1.9~dev78-3.45.1.noarch",
"HPE Helion OpenStack 8:openstack-nova-serialproxy-16.1.9~dev78-3.45.1.noarch",
"HPE Helion OpenStack 8:openstack-nova-vncproxy-16.1.9~dev78-3.45.1.noarch",
"HPE Helion OpenStack 8:python-Django-1.11.29-3.22.1.noarch",
"HPE Helion OpenStack 8:python-neutron-11.0.9~dev69-3.40.1.noarch",
"HPE Helion OpenStack 8:python-nova-16.1.9~dev78-3.45.1.noarch",
"HPE Helion OpenStack 8:release-notes-hpe-helion-openstack-8.20201214-3.29.1.noarch",
"HPE Helion OpenStack 8:spark-1.6.3-8.6.1.noarch",
"HPE Helion OpenStack 8:venv-openstack-horizon-hpe-x86_64-12.0.5~dev6-14.34.1.noarch",
"HPE Helion OpenStack 8:venv-openstack-neutron-x86_64-11.0.9~dev69-13.36.1.noarch",
"HPE Helion OpenStack 8:venv-openstack-nova-x86_64-16.1.9~dev78-11.34.1.noarch",
"SUSE OpenStack Cloud 8:ardana-horizon-8.0+git.1610733160.0f577f4-3.21.1.noarch",
"SUSE OpenStack Cloud 8:ardana-logging-8.0+git.1610573640.452aed1-3.27.1.noarch",
"SUSE OpenStack Cloud 8:ardana-monasca-8.0+git.1610740501.5dca121-3.27.1.noarch",
"SUSE OpenStack Cloud 8:ardana-mq-8.0+git.1605176800.52cccfa-3.29.1.noarch",
"SUSE OpenStack Cloud 8:ardana-osconfig-8.0+git.1610643571.91b88d6-3.52.1.noarch",
"SUSE OpenStack Cloud 8:kibana-4.6.3-3.6.1.x86_64",
"SUSE OpenStack Cloud 8:openstack-neutron-11.0.9~dev69-3.40.1.noarch",
"SUSE OpenStack Cloud 8:openstack-neutron-dhcp-agent-11.0.9~dev69-3.40.1.noarch",
"SUSE OpenStack Cloud 8:openstack-neutron-doc-11.0.9~dev69-3.40.1.noarch",
"SUSE OpenStack Cloud 8:openstack-neutron-ha-tool-11.0.9~dev69-3.40.1.noarch",
"SUSE OpenStack Cloud 8:openstack-neutron-l3-agent-11.0.9~dev69-3.40.1.noarch",
"SUSE OpenStack Cloud 8:openstack-neutron-linuxbridge-agent-11.0.9~dev69-3.40.1.noarch",
"SUSE OpenStack Cloud 8:openstack-neutron-macvtap-agent-11.0.9~dev69-3.40.1.noarch",
"SUSE OpenStack Cloud 8:openstack-neutron-metadata-agent-11.0.9~dev69-3.40.1.noarch",
"SUSE OpenStack Cloud 8:openstack-neutron-metering-agent-11.0.9~dev69-3.40.1.noarch",
"SUSE OpenStack Cloud 8:openstack-neutron-openvswitch-agent-11.0.9~dev69-3.40.1.noarch",
"SUSE OpenStack Cloud 8:openstack-neutron-server-11.0.9~dev69-3.40.1.noarch",
"SUSE OpenStack Cloud 8:openstack-nova-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud 8:openstack-nova-api-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud 8:openstack-nova-cells-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud 8:openstack-nova-compute-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud 8:openstack-nova-conductor-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud 8:openstack-nova-console-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud 8:openstack-nova-consoleauth-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud 8:openstack-nova-doc-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud 8:openstack-nova-novncproxy-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud 8:openstack-nova-placement-api-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud 8:openstack-nova-scheduler-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud 8:openstack-nova-serialproxy-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud 8:openstack-nova-vncproxy-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud 8:python-Django-1.11.29-3.22.1.noarch",
"SUSE OpenStack Cloud 8:python-neutron-11.0.9~dev69-3.40.1.noarch",
"SUSE OpenStack Cloud 8:python-nova-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud 8:release-notes-suse-openstack-cloud-8.20201214-3.29.1.noarch",
"SUSE OpenStack Cloud 8:spark-1.6.3-8.6.1.noarch",
"SUSE OpenStack Cloud 8:venv-openstack-horizon-x86_64-12.0.5~dev6-14.34.3.noarch",
"SUSE OpenStack Cloud 8:venv-openstack-neutron-x86_64-11.0.9~dev69-13.36.1.noarch",
"SUSE OpenStack Cloud 8:venv-openstack-nova-x86_64-16.1.9~dev78-11.34.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:crowbar-ha-5.0+git.1610564036.b75ee1b-3.35.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:crowbar-openstack-5.0+git.1610402513.08dca931e-4.49.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:kibana-4.6.3-3.6.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:openstack-neutron-11.0.9~dev69-3.40.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:openstack-neutron-dhcp-agent-11.0.9~dev69-3.40.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:openstack-neutron-doc-11.0.9~dev69-3.40.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:openstack-neutron-ha-tool-11.0.9~dev69-3.40.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:openstack-neutron-l3-agent-11.0.9~dev69-3.40.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:openstack-neutron-linuxbridge-agent-11.0.9~dev69-3.40.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:openstack-neutron-macvtap-agent-11.0.9~dev69-3.40.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:openstack-neutron-metadata-agent-11.0.9~dev69-3.40.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:openstack-neutron-metering-agent-11.0.9~dev69-3.40.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:openstack-neutron-openvswitch-agent-11.0.9~dev69-3.40.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:openstack-neutron-server-11.0.9~dev69-3.40.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:openstack-nova-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:openstack-nova-api-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:openstack-nova-cells-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:openstack-nova-compute-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:openstack-nova-conductor-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:openstack-nova-console-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:openstack-nova-consoleauth-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:openstack-nova-doc-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:openstack-nova-novncproxy-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:openstack-nova-placement-api-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:openstack-nova-scheduler-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:openstack-nova-serialproxy-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:openstack-nova-vncproxy-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:python-Django-1.11.29-3.22.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:python-neutron-11.0.9~dev69-3.40.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:python-nova-16.1.9~dev78-3.45.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:release-notes-suse-openstack-cloud-8.20201214-3.29.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:sleshammer-aarch64-0.8.0-0.20.2.noarch",
"SUSE OpenStack Cloud Crowbar 8:sleshammer-ppc64le-0.8.0-0.20.2.noarch",
"SUSE OpenStack Cloud Crowbar 8:sleshammer-s390x-0.8.0-0.20.2.noarch",
"SUSE OpenStack Cloud Crowbar 8:sleshammer-x86_64-0.8.0-0.20.2.noarch",
"SUSE OpenStack Cloud Crowbar 8:spark-1.6.3-8.6.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-02-09T12:22:58Z",
"details": "moderate"
}
],
"title": "CVE-2021-3281"
}
]
}
suse-ru-2018:3638-1
Vulnerability from csaf_suse
Published
2018-11-06 12:29
Modified
2018-11-06 12:29
Summary
Recommended update for ardana-ansible
Notes
Title of the patch
Recommended update for ardana-ansible
Description of the patch
This update for ardana-ansible fixes the following issues:
ardana-ansible:
- Initial checkin of info capture tool
- Rename dayzero-site.yml (bsc#1111886)
- Switch to non-legacy media layout by default.
- Add Keystone Fernet master node monitoring. (bsc#1097241)
- Add restart verb for maintenance updates.
- Remove tasks to in-place modify systemd files.
- Don't install systemd service file when SUSEified. (bsc#1082708)
- Use sosreport for RHEL and supportutils for SLES nodes (bsc#1100688)
- Obtain notification URL from environment
- Add support for callback plugin post initial install
- Added start and stop tracking events
- New Service Manila Integration in Ardana
- Make changes to return both openstack and cloud pkgs
- Added a new playbook to generate hosts file
- Make get_ts_pkgs more robust
- Add Ansible play and library tool to gather package data
- Adding sosreport upgrade to be included in update path (bsc#1105141)
- Remove obsolete config.json file (bsc#1104047)
ardana-barbican:
- Switch to stable/pike branch
ardana-cinder:
- Updating swift backup url to check non-empty value (bsc#1099412)
ardana-cluster:
- Fix haproxy not being able to log using journald (bsc#1005886)
ardana-cobbler:
- Updating failure behavior on power down step in reimage (bsc#1089243)
ardana-freezer:
- Freezer: Restoring control node fails (bsc#1099741)
ardana-glance:
- Fix security audit. (bsc#1109445)
- Filter out API health checks from logs (bsc#1049737, bsc#1096798)
ardana-input-model:
- Relicense manila to Apache-2.0.
- Remove manila-share dependency to keystone-client (bsc#1109264)
- New Service Manila Integration in Ardana
- CVE-2016-8611: Add glance-api rate limit to address (bsc#1005886)
ardana-keystone:
- Updates keystone user if it exists (bsc#1102662)
- Reruns of keystone credentials change (bsc#1102662)
ardana-mq:
- Add rabbitmq-server-plugins (bsc#1103903)
ardana-neutron:
- Make ovsvapp_agent.log logging consistent with other agents (bsc#1105420)
- Allow 3rd-party drivers to pass in dhcp_driver option value
- Allow SDNs to replace neutron's policy.json file
ardana-nova:
- Fixes cell0 map updates (bsc#1091490)
ardana-octavia:
- Set the correct systemd_service_dir for octavia (bsc#1094847)
ardana-osconfig:
- Restart dpdk network after restarting openvswitch (bsc#1104407)
- Allow passwordless root logins
- Added start and stop tracking events
ardana-service:
- Pass notify_url in extra-vars to playbook
- add monasca support
- filter out the item where ardana_ansible_host empty
- Pass encrypt and rekey parms when running config-processor (bsc#1102789)
- Support legacy playbook names for dev env for day2
- Replace dayzero playbook reference with installui
- Added mocks for running ardana-start.yml
- merge changes up to Sept 17 2018 to stable/pike
- Support legacy playbook names for dev env for day2
- Updated REST packages call to handle all packages
- handle run playbooks for adding compute nodes
- Add DELETE service file method
- Added deployed_servers endpoint in ardana-service
- Add mock for keystone endpoints
- add mocking, robustness, pep8 fix
- Gracefully handle missing service description
- Add fake playbook, log for running keystone-status
- Support insecure mode for keystone
- Add caching for internal cp files
- Allow insecure mode for keystone sessions
- Make packages changes Python 3 compatible
- Add ability to get remote host package data
- Add endpoint for getting internal cp files
- add python-monascaclient dependency
- Make packages changes Python 3 compatible
- Add ability to get remote host package data
ardana-service-ansible:
- Include service URL in config file
- Create cache directory
ardana-ses:
- Support phase 2 SES config.
- Add SES config yaml conversion utility.
- Fix the cinder-backup settings (bsc#1096988, bsc#1096798)
ardana-swift:
- Switch to stable/pike branch
Patchnames
HPE-Helion-OpenStack-8-2018-2588,SUSE-OpenStack-Cloud-8-2018-2588
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Recommended update for ardana-ansible",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for ardana-ansible fixes the following issues:\n\nardana-ansible:\n\n- Initial checkin of info capture tool\n- Rename dayzero-site.yml (bsc#1111886)\n- Switch to non-legacy media layout by default.\n- Add Keystone Fernet master node monitoring. (bsc#1097241)\n- Add restart verb for maintenance updates.\n- Remove tasks to in-place modify systemd files.\n- Don\u0027t install systemd service file when SUSEified. (bsc#1082708)\n- Use sosreport for RHEL and supportutils for SLES nodes (bsc#1100688)\n- Obtain notification URL from environment\n- Add support for callback plugin post initial install\n- Added start and stop tracking events\n- New Service Manila Integration in Ardana\n- Make changes to return both openstack and cloud pkgs\n- Added a new playbook to generate hosts file\n- Make get_ts_pkgs more robust\n- Add Ansible play and library tool to gather package data\n- Adding sosreport upgrade to be included in update path (bsc#1105141)\n- Remove obsolete config.json file (bsc#1104047)\n\nardana-barbican:\n\n- Switch to stable/pike branch\n\nardana-cinder:\n\n- Updating swift backup url to check non-empty value (bsc#1099412)\n\nardana-cluster:\n\n- Fix haproxy not being able to log using journald (bsc#1005886)\n\nardana-cobbler:\n\n- Updating failure behavior on power down step in reimage (bsc#1089243)\n\nardana-freezer:\n\n- Freezer: Restoring control node fails (bsc#1099741)\n\nardana-glance:\n\n- Fix security audit. (bsc#1109445)\n- Filter out API health checks from logs (bsc#1049737, bsc#1096798)\n\nardana-input-model:\n\n- Relicense manila to Apache-2.0.\n- Remove manila-share dependency to keystone-client (bsc#1109264)\n- New Service Manila Integration in Ardana\n- CVE-2016-8611: Add glance-api rate limit to address (bsc#1005886)\n\nardana-keystone:\n\n- Updates keystone user if it exists (bsc#1102662)\n- Reruns of keystone credentials change (bsc#1102662)\n\nardana-mq:\n\n- Add rabbitmq-server-plugins (bsc#1103903)\n\nardana-neutron:\n\n- Make ovsvapp_agent.log logging consistent with other agents (bsc#1105420)\n- Allow 3rd-party drivers to pass in dhcp_driver option value\n- Allow SDNs to replace neutron\u0027s policy.json file\n\nardana-nova:\n\n- Fixes cell0 map updates (bsc#1091490)\n\nardana-octavia:\n\n- Set the correct systemd_service_dir for octavia (bsc#1094847)\n\nardana-osconfig:\n\n- Restart dpdk network after restarting openvswitch (bsc#1104407)\n- Allow passwordless root logins\n- Added start and stop tracking events\n\nardana-service:\n\n- Pass notify_url in extra-vars to playbook\n- add monasca support\n- filter out the item where ardana_ansible_host empty\n- Pass encrypt and rekey parms when running config-processor (bsc#1102789)\n- Support legacy playbook names for dev env for day2\n- Replace dayzero playbook reference with installui\n- Added mocks for running ardana-start.yml\n- merge changes up to Sept 17 2018 to stable/pike\n- Support legacy playbook names for dev env for day2\n- Updated REST packages call to handle all packages\n- handle run playbooks for adding compute nodes\n- Add DELETE service file method\n- Added deployed_servers endpoint in ardana-service\n- Add mock for keystone endpoints\n- add mocking, robustness, pep8 fix\n- Gracefully handle missing service description\n- Add fake playbook, log for running keystone-status\n- Support insecure mode for keystone\n- Add caching for internal cp files\n- Allow insecure mode for keystone sessions\n- Make packages changes Python 3 compatible\n- Add ability to get remote host package data\n- Add endpoint for getting internal cp files\n- add python-monascaclient dependency\n- Make packages changes Python 3 compatible\n- Add ability to get remote host package data\n\nardana-service-ansible:\n\n- Include service URL in config file\n- Create cache directory\n\nardana-ses:\n\n- Support phase 2 SES config.\n- Add SES config yaml conversion utility.\n- Fix the cinder-backup settings (bsc#1096988, bsc#1096798)\n\nardana-swift:\n\n- Switch to stable/pike branch\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "HPE-Helion-OpenStack-8-2018-2588,SUSE-OpenStack-Cloud-8-2018-2588",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-ru-2018_3638-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-RU-2018:3638-1",
"url": "https://www.suse.com/support/update/announcement//suse-ru-20183638-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-RU-2018:3638-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2018-November/009993.html"
},
{
"category": "self",
"summary": "SUSE Bug 1005886",
"url": "https://bugzilla.suse.com/1005886"
},
{
"category": "self",
"summary": "SUSE Bug 1049737",
"url": "https://bugzilla.suse.com/1049737"
},
{
"category": "self",
"summary": "SUSE Bug 1082708",
"url": "https://bugzilla.suse.com/1082708"
},
{
"category": "self",
"summary": "SUSE Bug 1089243",
"url": "https://bugzilla.suse.com/1089243"
},
{
"category": "self",
"summary": "SUSE Bug 1091490",
"url": "https://bugzilla.suse.com/1091490"
},
{
"category": "self",
"summary": "SUSE Bug 1094847",
"url": "https://bugzilla.suse.com/1094847"
},
{
"category": "self",
"summary": "SUSE Bug 1095166",
"url": "https://bugzilla.suse.com/1095166"
},
{
"category": "self",
"summary": "SUSE Bug 1096798",
"url": "https://bugzilla.suse.com/1096798"
},
{
"category": "self",
"summary": "SUSE Bug 1096988",
"url": "https://bugzilla.suse.com/1096988"
},
{
"category": "self",
"summary": "SUSE Bug 1097241",
"url": "https://bugzilla.suse.com/1097241"
},
{
"category": "self",
"summary": "SUSE Bug 1099412",
"url": "https://bugzilla.suse.com/1099412"
},
{
"category": "self",
"summary": "SUSE Bug 1099741",
"url": "https://bugzilla.suse.com/1099741"
},
{
"category": "self",
"summary": "SUSE Bug 1100688",
"url": "https://bugzilla.suse.com/1100688"
},
{
"category": "self",
"summary": "SUSE Bug 1102662",
"url": "https://bugzilla.suse.com/1102662"
},
{
"category": "self",
"summary": "SUSE Bug 1102789",
"url": "https://bugzilla.suse.com/1102789"
},
{
"category": "self",
"summary": "SUSE Bug 1103903",
"url": "https://bugzilla.suse.com/1103903"
},
{
"category": "self",
"summary": "SUSE Bug 1104047",
"url": "https://bugzilla.suse.com/1104047"
},
{
"category": "self",
"summary": "SUSE Bug 1104407",
"url": "https://bugzilla.suse.com/1104407"
},
{
"category": "self",
"summary": "SUSE Bug 1105141",
"url": "https://bugzilla.suse.com/1105141"
},
{
"category": "self",
"summary": "SUSE Bug 1105420",
"url": "https://bugzilla.suse.com/1105420"
},
{
"category": "self",
"summary": "SUSE Bug 1109264",
"url": "https://bugzilla.suse.com/1109264"
},
{
"category": "self",
"summary": "SUSE Bug 1109445",
"url": "https://bugzilla.suse.com/1109445"
},
{
"category": "self",
"summary": "SUSE Bug 1111886",
"url": "https://bugzilla.suse.com/1111886"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-8611 page",
"url": "https://www.suse.com/security/cve/CVE-2016-8611/"
}
],
"title": "Recommended update for ardana-ansible",
"tracking": {
"current_release_date": "2018-11-06T12:29:32Z",
"generator": {
"date": "2018-11-06T12:29:32Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-RU-2018:3638-1",
"initial_release_date": "2018-11-06T12:29:32Z",
"revision_history": [
{
"date": "2018-11-06T12:29:32Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "ardana-ansible-8.0+git.1539739656.0ef51c9-3.46.1.noarch",
"product": {
"name": "ardana-ansible-8.0+git.1539739656.0ef51c9-3.46.1.noarch",
"product_id": "ardana-ansible-8.0+git.1539739656.0ef51c9-3.46.1.noarch"
}
},
{
"category": "product_version",
"name": "ardana-barbican-8.0+git.1534266594.8136db7-4.27.2.noarch",
"product": {
"name": "ardana-barbican-8.0+git.1534266594.8136db7-4.27.2.noarch",
"product_id": "ardana-barbican-8.0+git.1534266594.8136db7-4.27.2.noarch"
}
},
{
"category": "product_version",
"name": "ardana-cinder-8.0+git.1535412193.d9ad231-3.27.2.noarch",
"product": {
"name": "ardana-cinder-8.0+git.1535412193.d9ad231-3.27.2.noarch",
"product_id": "ardana-cinder-8.0+git.1535412193.d9ad231-3.27.2.noarch"
}
},
{
"category": "product_version",
"name": "ardana-cluster-8.0+git.1534266734.ec4822f-3.30.2.noarch",
"product": {
"name": "ardana-cluster-8.0+git.1534266734.ec4822f-3.30.2.noarch",
"product_id": "ardana-cluster-8.0+git.1534266734.ec4822f-3.30.2.noarch"
}
},
{
"category": "product_version",
"name": "ardana-cobbler-8.0+git.1534780521.780753b-3.29.2.noarch",
"product": {
"name": "ardana-cobbler-8.0+git.1534780521.780753b-3.29.2.noarch",
"product_id": "ardana-cobbler-8.0+git.1534780521.780753b-3.29.2.noarch"
}
},
{
"category": "product_version",
"name": "ardana-freezer-8.0+git.1534266805.c9ea29b-3.12.2.noarch",
"product": {
"name": "ardana-freezer-8.0+git.1534266805.c9ea29b-3.12.2.noarch",
"product_id": "ardana-freezer-8.0+git.1534266805.c9ea29b-3.12.2.noarch"
}
},
{
"category": "product_version",
"name": "ardana-glance-8.0+git.1537790499.b15fdea-3.8.2.noarch",
"product": {
"name": "ardana-glance-8.0+git.1537790499.b15fdea-3.8.2.noarch",
"product_id": "ardana-glance-8.0+git.1537790499.b15fdea-3.8.2.noarch"
}
},
{
"category": "product_version",
"name": "ardana-input-model-8.0+git.1539086744.5ae1d6f-3.21.2.noarch",
"product": {
"name": "ardana-input-model-8.0+git.1539086744.5ae1d6f-3.21.2.noarch",
"product_id": "ardana-input-model-8.0+git.1539086744.5ae1d6f-3.21.2.noarch"
}
},
{
"category": "product_version",
"name": "ardana-keystone-8.0+git.1536100286.ddd8d3e-3.15.2.noarch",
"product": {
"name": "ardana-keystone-8.0+git.1536100286.ddd8d3e-3.15.2.noarch",
"product_id": "ardana-keystone-8.0+git.1536100286.ddd8d3e-3.15.2.noarch"
}
},
{
"category": "product_version",
"name": "ardana-mq-8.0+git.1534267034.f95e1ec-3.5.2.noarch",
"product": {
"name": "ardana-mq-8.0+git.1534267034.f95e1ec-3.5.2.noarch",
"product_id": "ardana-mq-8.0+git.1534267034.f95e1ec-3.5.2.noarch"
}
},
{
"category": "product_version",
"name": "ardana-neutron-8.0+git.1537805998.7898f24-3.21.2.noarch",
"product": {
"name": "ardana-neutron-8.0+git.1537805998.7898f24-3.21.2.noarch",
"product_id": "ardana-neutron-8.0+git.1537805998.7898f24-3.21.2.noarch"
}
},
{
"category": "product_version",
"name": "ardana-nova-8.0+git.1537895345.35a03a2-3.14.2.noarch",
"product": {
"name": "ardana-nova-8.0+git.1537895345.35a03a2-3.14.2.noarch",
"product_id": "ardana-nova-8.0+git.1537895345.35a03a2-3.14.2.noarch"
}
},
{
"category": "product_version",
"name": "ardana-octavia-8.0+git.1534267086.b7dbe77-3.8.2.noarch",
"product": {
"name": "ardana-octavia-8.0+git.1534267086.b7dbe77-3.8.2.noarch",
"product_id": "ardana-octavia-8.0+git.1534267086.b7dbe77-3.8.2.noarch"
}
},
{
"category": "product_version",
"name": "ardana-osconfig-8.0+git.1540330973.aab0174-3.27.1.noarch",
"product": {
"name": "ardana-osconfig-8.0+git.1540330973.aab0174-3.27.1.noarch",
"product_id": "ardana-osconfig-8.0+git.1540330973.aab0174-3.27.1.noarch"
}
},
{
"category": "product_version",
"name": "ardana-service-8.0+git.1537825617.23552c2-3.14.2.noarch",
"product": {
"name": "ardana-service-8.0+git.1537825617.23552c2-3.14.2.noarch",
"product_id": "ardana-service-8.0+git.1537825617.23552c2-3.14.2.noarch"
}
},
{
"category": "product_version",
"name": "ardana-service-ansible-8.0+git.1537806377.25b5d68-3.11.2.noarch",
"product": {
"name": "ardana-service-ansible-8.0+git.1537806377.25b5d68-3.11.2.noarch",
"product_id": "ardana-service-ansible-8.0+git.1537806377.25b5d68-3.11.2.noarch"
}
},
{
"category": "product_version",
"name": "ardana-ses-8.0+git.1539113493.6631423-1.8.2.noarch",
"product": {
"name": "ardana-ses-8.0+git.1539113493.6631423-1.8.2.noarch",
"product_id": "ardana-ses-8.0+git.1539113493.6631423-1.8.2.noarch"
}
},
{
"category": "product_version",
"name": "ardana-swift-8.0+git.1534267211.78fb7e3-3.18.2.noarch",
"product": {
"name": "ardana-swift-8.0+git.1534267211.78fb7e3-3.18.2.noarch",
"product_id": "ardana-swift-8.0+git.1534267211.78fb7e3-3.18.2.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_name",
"name": "HPE Helion OpenStack 8",
"product": {
"name": "HPE Helion OpenStack 8",
"product_id": "HPE Helion OpenStack 8",
"product_identification_helper": {
"cpe": "cpe:/o:suse:hpe-helion-openstack:8"
}
}
},
{
"category": "product_name",
"name": "SUSE OpenStack Cloud 8",
"product": {
"name": "SUSE OpenStack Cloud 8",
"product_id": "SUSE OpenStack Cloud 8",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-openstack-cloud:8"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "ardana-ansible-8.0+git.1539739656.0ef51c9-3.46.1.noarch as component of HPE Helion OpenStack 8",
"product_id": "HPE Helion OpenStack 8:ardana-ansible-8.0+git.1539739656.0ef51c9-3.46.1.noarch"
},
"product_reference": "ardana-ansible-8.0+git.1539739656.0ef51c9-3.46.1.noarch",
"relates_to_product_reference": "HPE Helion OpenStack 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ardana-barbican-8.0+git.1534266594.8136db7-4.27.2.noarch as component of HPE Helion OpenStack 8",
"product_id": "HPE Helion OpenStack 8:ardana-barbican-8.0+git.1534266594.8136db7-4.27.2.noarch"
},
"product_reference": "ardana-barbican-8.0+git.1534266594.8136db7-4.27.2.noarch",
"relates_to_product_reference": "HPE Helion OpenStack 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ardana-cinder-8.0+git.1535412193.d9ad231-3.27.2.noarch as component of HPE Helion OpenStack 8",
"product_id": "HPE Helion OpenStack 8:ardana-cinder-8.0+git.1535412193.d9ad231-3.27.2.noarch"
},
"product_reference": "ardana-cinder-8.0+git.1535412193.d9ad231-3.27.2.noarch",
"relates_to_product_reference": "HPE Helion OpenStack 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ardana-cluster-8.0+git.1534266734.ec4822f-3.30.2.noarch as component of HPE Helion OpenStack 8",
"product_id": "HPE Helion OpenStack 8:ardana-cluster-8.0+git.1534266734.ec4822f-3.30.2.noarch"
},
"product_reference": "ardana-cluster-8.0+git.1534266734.ec4822f-3.30.2.noarch",
"relates_to_product_reference": "HPE Helion OpenStack 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ardana-cobbler-8.0+git.1534780521.780753b-3.29.2.noarch as component of HPE Helion OpenStack 8",
"product_id": "HPE Helion OpenStack 8:ardana-cobbler-8.0+git.1534780521.780753b-3.29.2.noarch"
},
"product_reference": "ardana-cobbler-8.0+git.1534780521.780753b-3.29.2.noarch",
"relates_to_product_reference": "HPE Helion OpenStack 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ardana-freezer-8.0+git.1534266805.c9ea29b-3.12.2.noarch as component of HPE Helion OpenStack 8",
"product_id": "HPE Helion OpenStack 8:ardana-freezer-8.0+git.1534266805.c9ea29b-3.12.2.noarch"
},
"product_reference": "ardana-freezer-8.0+git.1534266805.c9ea29b-3.12.2.noarch",
"relates_to_product_reference": "HPE Helion OpenStack 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ardana-glance-8.0+git.1537790499.b15fdea-3.8.2.noarch as component of HPE Helion OpenStack 8",
"product_id": "HPE Helion OpenStack 8:ardana-glance-8.0+git.1537790499.b15fdea-3.8.2.noarch"
},
"product_reference": "ardana-glance-8.0+git.1537790499.b15fdea-3.8.2.noarch",
"relates_to_product_reference": "HPE Helion OpenStack 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ardana-input-model-8.0+git.1539086744.5ae1d6f-3.21.2.noarch as component of HPE Helion OpenStack 8",
"product_id": "HPE Helion OpenStack 8:ardana-input-model-8.0+git.1539086744.5ae1d6f-3.21.2.noarch"
},
"product_reference": "ardana-input-model-8.0+git.1539086744.5ae1d6f-3.21.2.noarch",
"relates_to_product_reference": "HPE Helion OpenStack 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ardana-keystone-8.0+git.1536100286.ddd8d3e-3.15.2.noarch as component of HPE Helion OpenStack 8",
"product_id": "HPE Helion OpenStack 8:ardana-keystone-8.0+git.1536100286.ddd8d3e-3.15.2.noarch"
},
"product_reference": "ardana-keystone-8.0+git.1536100286.ddd8d3e-3.15.2.noarch",
"relates_to_product_reference": "HPE Helion OpenStack 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ardana-mq-8.0+git.1534267034.f95e1ec-3.5.2.noarch as component of HPE Helion OpenStack 8",
"product_id": "HPE Helion OpenStack 8:ardana-mq-8.0+git.1534267034.f95e1ec-3.5.2.noarch"
},
"product_reference": "ardana-mq-8.0+git.1534267034.f95e1ec-3.5.2.noarch",
"relates_to_product_reference": "HPE Helion OpenStack 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ardana-neutron-8.0+git.1537805998.7898f24-3.21.2.noarch as component of HPE Helion OpenStack 8",
"product_id": "HPE Helion OpenStack 8:ardana-neutron-8.0+git.1537805998.7898f24-3.21.2.noarch"
},
"product_reference": "ardana-neutron-8.0+git.1537805998.7898f24-3.21.2.noarch",
"relates_to_product_reference": "HPE Helion OpenStack 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ardana-nova-8.0+git.1537895345.35a03a2-3.14.2.noarch as component of HPE Helion OpenStack 8",
"product_id": "HPE Helion OpenStack 8:ardana-nova-8.0+git.1537895345.35a03a2-3.14.2.noarch"
},
"product_reference": "ardana-nova-8.0+git.1537895345.35a03a2-3.14.2.noarch",
"relates_to_product_reference": "HPE Helion OpenStack 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ardana-octavia-8.0+git.1534267086.b7dbe77-3.8.2.noarch as component of HPE Helion OpenStack 8",
"product_id": "HPE Helion OpenStack 8:ardana-octavia-8.0+git.1534267086.b7dbe77-3.8.2.noarch"
},
"product_reference": "ardana-octavia-8.0+git.1534267086.b7dbe77-3.8.2.noarch",
"relates_to_product_reference": "HPE Helion OpenStack 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ardana-osconfig-8.0+git.1540330973.aab0174-3.27.1.noarch as component of HPE Helion OpenStack 8",
"product_id": "HPE Helion OpenStack 8:ardana-osconfig-8.0+git.1540330973.aab0174-3.27.1.noarch"
},
"product_reference": "ardana-osconfig-8.0+git.1540330973.aab0174-3.27.1.noarch",
"relates_to_product_reference": "HPE Helion OpenStack 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ardana-service-8.0+git.1537825617.23552c2-3.14.2.noarch as component of HPE Helion OpenStack 8",
"product_id": "HPE Helion OpenStack 8:ardana-service-8.0+git.1537825617.23552c2-3.14.2.noarch"
},
"product_reference": "ardana-service-8.0+git.1537825617.23552c2-3.14.2.noarch",
"relates_to_product_reference": "HPE Helion OpenStack 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ardana-service-ansible-8.0+git.1537806377.25b5d68-3.11.2.noarch as component of HPE Helion OpenStack 8",
"product_id": "HPE Helion OpenStack 8:ardana-service-ansible-8.0+git.1537806377.25b5d68-3.11.2.noarch"
},
"product_reference": "ardana-service-ansible-8.0+git.1537806377.25b5d68-3.11.2.noarch",
"relates_to_product_reference": "HPE Helion OpenStack 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ardana-ses-8.0+git.1539113493.6631423-1.8.2.noarch as component of HPE Helion OpenStack 8",
"product_id": "HPE Helion OpenStack 8:ardana-ses-8.0+git.1539113493.6631423-1.8.2.noarch"
},
"product_reference": "ardana-ses-8.0+git.1539113493.6631423-1.8.2.noarch",
"relates_to_product_reference": "HPE Helion OpenStack 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ardana-swift-8.0+git.1534267211.78fb7e3-3.18.2.noarch as component of HPE Helion OpenStack 8",
"product_id": "HPE Helion OpenStack 8:ardana-swift-8.0+git.1534267211.78fb7e3-3.18.2.noarch"
},
"product_reference": "ardana-swift-8.0+git.1534267211.78fb7e3-3.18.2.noarch",
"relates_to_product_reference": "HPE Helion OpenStack 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ardana-ansible-8.0+git.1539739656.0ef51c9-3.46.1.noarch as component of SUSE OpenStack Cloud 8",
"product_id": "SUSE OpenStack Cloud 8:ardana-ansible-8.0+git.1539739656.0ef51c9-3.46.1.noarch"
},
"product_reference": "ardana-ansible-8.0+git.1539739656.0ef51c9-3.46.1.noarch",
"relates_to_product_reference": "SUSE OpenStack Cloud 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ardana-barbican-8.0+git.1534266594.8136db7-4.27.2.noarch as component of SUSE OpenStack Cloud 8",
"product_id": "SUSE OpenStack Cloud 8:ardana-barbican-8.0+git.1534266594.8136db7-4.27.2.noarch"
},
"product_reference": "ardana-barbican-8.0+git.1534266594.8136db7-4.27.2.noarch",
"relates_to_product_reference": "SUSE OpenStack Cloud 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ardana-cinder-8.0+git.1535412193.d9ad231-3.27.2.noarch as component of SUSE OpenStack Cloud 8",
"product_id": "SUSE OpenStack Cloud 8:ardana-cinder-8.0+git.1535412193.d9ad231-3.27.2.noarch"
},
"product_reference": "ardana-cinder-8.0+git.1535412193.d9ad231-3.27.2.noarch",
"relates_to_product_reference": "SUSE OpenStack Cloud 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ardana-cluster-8.0+git.1534266734.ec4822f-3.30.2.noarch as component of SUSE OpenStack Cloud 8",
"product_id": "SUSE OpenStack Cloud 8:ardana-cluster-8.0+git.1534266734.ec4822f-3.30.2.noarch"
},
"product_reference": "ardana-cluster-8.0+git.1534266734.ec4822f-3.30.2.noarch",
"relates_to_product_reference": "SUSE OpenStack Cloud 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ardana-cobbler-8.0+git.1534780521.780753b-3.29.2.noarch as component of SUSE OpenStack Cloud 8",
"product_id": "SUSE OpenStack Cloud 8:ardana-cobbler-8.0+git.1534780521.780753b-3.29.2.noarch"
},
"product_reference": "ardana-cobbler-8.0+git.1534780521.780753b-3.29.2.noarch",
"relates_to_product_reference": "SUSE OpenStack Cloud 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ardana-freezer-8.0+git.1534266805.c9ea29b-3.12.2.noarch as component of SUSE OpenStack Cloud 8",
"product_id": "SUSE OpenStack Cloud 8:ardana-freezer-8.0+git.1534266805.c9ea29b-3.12.2.noarch"
},
"product_reference": "ardana-freezer-8.0+git.1534266805.c9ea29b-3.12.2.noarch",
"relates_to_product_reference": "SUSE OpenStack Cloud 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ardana-glance-8.0+git.1537790499.b15fdea-3.8.2.noarch as component of SUSE OpenStack Cloud 8",
"product_id": "SUSE OpenStack Cloud 8:ardana-glance-8.0+git.1537790499.b15fdea-3.8.2.noarch"
},
"product_reference": "ardana-glance-8.0+git.1537790499.b15fdea-3.8.2.noarch",
"relates_to_product_reference": "SUSE OpenStack Cloud 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ardana-input-model-8.0+git.1539086744.5ae1d6f-3.21.2.noarch as component of SUSE OpenStack Cloud 8",
"product_id": "SUSE OpenStack Cloud 8:ardana-input-model-8.0+git.1539086744.5ae1d6f-3.21.2.noarch"
},
"product_reference": "ardana-input-model-8.0+git.1539086744.5ae1d6f-3.21.2.noarch",
"relates_to_product_reference": "SUSE OpenStack Cloud 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ardana-keystone-8.0+git.1536100286.ddd8d3e-3.15.2.noarch as component of SUSE OpenStack Cloud 8",
"product_id": "SUSE OpenStack Cloud 8:ardana-keystone-8.0+git.1536100286.ddd8d3e-3.15.2.noarch"
},
"product_reference": "ardana-keystone-8.0+git.1536100286.ddd8d3e-3.15.2.noarch",
"relates_to_product_reference": "SUSE OpenStack Cloud 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ardana-mq-8.0+git.1534267034.f95e1ec-3.5.2.noarch as component of SUSE OpenStack Cloud 8",
"product_id": "SUSE OpenStack Cloud 8:ardana-mq-8.0+git.1534267034.f95e1ec-3.5.2.noarch"
},
"product_reference": "ardana-mq-8.0+git.1534267034.f95e1ec-3.5.2.noarch",
"relates_to_product_reference": "SUSE OpenStack Cloud 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ardana-neutron-8.0+git.1537805998.7898f24-3.21.2.noarch as component of SUSE OpenStack Cloud 8",
"product_id": "SUSE OpenStack Cloud 8:ardana-neutron-8.0+git.1537805998.7898f24-3.21.2.noarch"
},
"product_reference": "ardana-neutron-8.0+git.1537805998.7898f24-3.21.2.noarch",
"relates_to_product_reference": "SUSE OpenStack Cloud 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ardana-nova-8.0+git.1537895345.35a03a2-3.14.2.noarch as component of SUSE OpenStack Cloud 8",
"product_id": "SUSE OpenStack Cloud 8:ardana-nova-8.0+git.1537895345.35a03a2-3.14.2.noarch"
},
"product_reference": "ardana-nova-8.0+git.1537895345.35a03a2-3.14.2.noarch",
"relates_to_product_reference": "SUSE OpenStack Cloud 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ardana-octavia-8.0+git.1534267086.b7dbe77-3.8.2.noarch as component of SUSE OpenStack Cloud 8",
"product_id": "SUSE OpenStack Cloud 8:ardana-octavia-8.0+git.1534267086.b7dbe77-3.8.2.noarch"
},
"product_reference": "ardana-octavia-8.0+git.1534267086.b7dbe77-3.8.2.noarch",
"relates_to_product_reference": "SUSE OpenStack Cloud 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ardana-osconfig-8.0+git.1540330973.aab0174-3.27.1.noarch as component of SUSE OpenStack Cloud 8",
"product_id": "SUSE OpenStack Cloud 8:ardana-osconfig-8.0+git.1540330973.aab0174-3.27.1.noarch"
},
"product_reference": "ardana-osconfig-8.0+git.1540330973.aab0174-3.27.1.noarch",
"relates_to_product_reference": "SUSE OpenStack Cloud 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ardana-service-8.0+git.1537825617.23552c2-3.14.2.noarch as component of SUSE OpenStack Cloud 8",
"product_id": "SUSE OpenStack Cloud 8:ardana-service-8.0+git.1537825617.23552c2-3.14.2.noarch"
},
"product_reference": "ardana-service-8.0+git.1537825617.23552c2-3.14.2.noarch",
"relates_to_product_reference": "SUSE OpenStack Cloud 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ardana-service-ansible-8.0+git.1537806377.25b5d68-3.11.2.noarch as component of SUSE OpenStack Cloud 8",
"product_id": "SUSE OpenStack Cloud 8:ardana-service-ansible-8.0+git.1537806377.25b5d68-3.11.2.noarch"
},
"product_reference": "ardana-service-ansible-8.0+git.1537806377.25b5d68-3.11.2.noarch",
"relates_to_product_reference": "SUSE OpenStack Cloud 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ardana-ses-8.0+git.1539113493.6631423-1.8.2.noarch as component of SUSE OpenStack Cloud 8",
"product_id": "SUSE OpenStack Cloud 8:ardana-ses-8.0+git.1539113493.6631423-1.8.2.noarch"
},
"product_reference": "ardana-ses-8.0+git.1539113493.6631423-1.8.2.noarch",
"relates_to_product_reference": "SUSE OpenStack Cloud 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ardana-swift-8.0+git.1534267211.78fb7e3-3.18.2.noarch as component of SUSE OpenStack Cloud 8",
"product_id": "SUSE OpenStack Cloud 8:ardana-swift-8.0+git.1534267211.78fb7e3-3.18.2.noarch"
},
"product_reference": "ardana-swift-8.0+git.1534267211.78fb7e3-3.18.2.noarch",
"relates_to_product_reference": "SUSE OpenStack Cloud 8"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2016-8611",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-8611"
}
],
"notes": [
{
"category": "general",
"text": "A vulnerability was found in Openstack Glance. No limits are enforced within the Glance image service for both v1 and v2 `/images` API POST method for authenticated users, resulting in possible denial of service attacks through database table saturation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"HPE Helion OpenStack 8:ardana-ansible-8.0+git.1539739656.0ef51c9-3.46.1.noarch",
"HPE Helion OpenStack 8:ardana-barbican-8.0+git.1534266594.8136db7-4.27.2.noarch",
"HPE Helion OpenStack 8:ardana-cinder-8.0+git.1535412193.d9ad231-3.27.2.noarch",
"HPE Helion OpenStack 8:ardana-cluster-8.0+git.1534266734.ec4822f-3.30.2.noarch",
"HPE Helion OpenStack 8:ardana-cobbler-8.0+git.1534780521.780753b-3.29.2.noarch",
"HPE Helion OpenStack 8:ardana-freezer-8.0+git.1534266805.c9ea29b-3.12.2.noarch",
"HPE Helion OpenStack 8:ardana-glance-8.0+git.1537790499.b15fdea-3.8.2.noarch",
"HPE Helion OpenStack 8:ardana-input-model-8.0+git.1539086744.5ae1d6f-3.21.2.noarch",
"HPE Helion OpenStack 8:ardana-keystone-8.0+git.1536100286.ddd8d3e-3.15.2.noarch",
"HPE Helion OpenStack 8:ardana-mq-8.0+git.1534267034.f95e1ec-3.5.2.noarch",
"HPE Helion OpenStack 8:ardana-neutron-8.0+git.1537805998.7898f24-3.21.2.noarch",
"HPE Helion OpenStack 8:ardana-nova-8.0+git.1537895345.35a03a2-3.14.2.noarch",
"HPE Helion OpenStack 8:ardana-octavia-8.0+git.1534267086.b7dbe77-3.8.2.noarch",
"HPE Helion OpenStack 8:ardana-osconfig-8.0+git.1540330973.aab0174-3.27.1.noarch",
"HPE Helion OpenStack 8:ardana-service-8.0+git.1537825617.23552c2-3.14.2.noarch",
"HPE Helion OpenStack 8:ardana-service-ansible-8.0+git.1537806377.25b5d68-3.11.2.noarch",
"HPE Helion OpenStack 8:ardana-ses-8.0+git.1539113493.6631423-1.8.2.noarch",
"HPE Helion OpenStack 8:ardana-swift-8.0+git.1534267211.78fb7e3-3.18.2.noarch",
"SUSE OpenStack Cloud 8:ardana-ansible-8.0+git.1539739656.0ef51c9-3.46.1.noarch",
"SUSE OpenStack Cloud 8:ardana-barbican-8.0+git.1534266594.8136db7-4.27.2.noarch",
"SUSE OpenStack Cloud 8:ardana-cinder-8.0+git.1535412193.d9ad231-3.27.2.noarch",
"SUSE OpenStack Cloud 8:ardana-cluster-8.0+git.1534266734.ec4822f-3.30.2.noarch",
"SUSE OpenStack Cloud 8:ardana-cobbler-8.0+git.1534780521.780753b-3.29.2.noarch",
"SUSE OpenStack Cloud 8:ardana-freezer-8.0+git.1534266805.c9ea29b-3.12.2.noarch",
"SUSE OpenStack Cloud 8:ardana-glance-8.0+git.1537790499.b15fdea-3.8.2.noarch",
"SUSE OpenStack Cloud 8:ardana-input-model-8.0+git.1539086744.5ae1d6f-3.21.2.noarch",
"SUSE OpenStack Cloud 8:ardana-keystone-8.0+git.1536100286.ddd8d3e-3.15.2.noarch",
"SUSE OpenStack Cloud 8:ardana-mq-8.0+git.1534267034.f95e1ec-3.5.2.noarch",
"SUSE OpenStack Cloud 8:ardana-neutron-8.0+git.1537805998.7898f24-3.21.2.noarch",
"SUSE OpenStack Cloud 8:ardana-nova-8.0+git.1537895345.35a03a2-3.14.2.noarch",
"SUSE OpenStack Cloud 8:ardana-octavia-8.0+git.1534267086.b7dbe77-3.8.2.noarch",
"SUSE OpenStack Cloud 8:ardana-osconfig-8.0+git.1540330973.aab0174-3.27.1.noarch",
"SUSE OpenStack Cloud 8:ardana-service-8.0+git.1537825617.23552c2-3.14.2.noarch",
"SUSE OpenStack Cloud 8:ardana-service-ansible-8.0+git.1537806377.25b5d68-3.11.2.noarch",
"SUSE OpenStack Cloud 8:ardana-ses-8.0+git.1539113493.6631423-1.8.2.noarch",
"SUSE OpenStack Cloud 8:ardana-swift-8.0+git.1534267211.78fb7e3-3.18.2.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-8611",
"url": "https://www.suse.com/security/cve/CVE-2016-8611"
},
{
"category": "external",
"summary": "SUSE Bug 1005886 for CVE-2016-8611",
"url": "https://bugzilla.suse.com/1005886"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"HPE Helion OpenStack 8:ardana-ansible-8.0+git.1539739656.0ef51c9-3.46.1.noarch",
"HPE Helion OpenStack 8:ardana-barbican-8.0+git.1534266594.8136db7-4.27.2.noarch",
"HPE Helion OpenStack 8:ardana-cinder-8.0+git.1535412193.d9ad231-3.27.2.noarch",
"HPE Helion OpenStack 8:ardana-cluster-8.0+git.1534266734.ec4822f-3.30.2.noarch",
"HPE Helion OpenStack 8:ardana-cobbler-8.0+git.1534780521.780753b-3.29.2.noarch",
"HPE Helion OpenStack 8:ardana-freezer-8.0+git.1534266805.c9ea29b-3.12.2.noarch",
"HPE Helion OpenStack 8:ardana-glance-8.0+git.1537790499.b15fdea-3.8.2.noarch",
"HPE Helion OpenStack 8:ardana-input-model-8.0+git.1539086744.5ae1d6f-3.21.2.noarch",
"HPE Helion OpenStack 8:ardana-keystone-8.0+git.1536100286.ddd8d3e-3.15.2.noarch",
"HPE Helion OpenStack 8:ardana-mq-8.0+git.1534267034.f95e1ec-3.5.2.noarch",
"HPE Helion OpenStack 8:ardana-neutron-8.0+git.1537805998.7898f24-3.21.2.noarch",
"HPE Helion OpenStack 8:ardana-nova-8.0+git.1537895345.35a03a2-3.14.2.noarch",
"HPE Helion OpenStack 8:ardana-octavia-8.0+git.1534267086.b7dbe77-3.8.2.noarch",
"HPE Helion OpenStack 8:ardana-osconfig-8.0+git.1540330973.aab0174-3.27.1.noarch",
"HPE Helion OpenStack 8:ardana-service-8.0+git.1537825617.23552c2-3.14.2.noarch",
"HPE Helion OpenStack 8:ardana-service-ansible-8.0+git.1537806377.25b5d68-3.11.2.noarch",
"HPE Helion OpenStack 8:ardana-ses-8.0+git.1539113493.6631423-1.8.2.noarch",
"HPE Helion OpenStack 8:ardana-swift-8.0+git.1534267211.78fb7e3-3.18.2.noarch",
"SUSE OpenStack Cloud 8:ardana-ansible-8.0+git.1539739656.0ef51c9-3.46.1.noarch",
"SUSE OpenStack Cloud 8:ardana-barbican-8.0+git.1534266594.8136db7-4.27.2.noarch",
"SUSE OpenStack Cloud 8:ardana-cinder-8.0+git.1535412193.d9ad231-3.27.2.noarch",
"SUSE OpenStack Cloud 8:ardana-cluster-8.0+git.1534266734.ec4822f-3.30.2.noarch",
"SUSE OpenStack Cloud 8:ardana-cobbler-8.0+git.1534780521.780753b-3.29.2.noarch",
"SUSE OpenStack Cloud 8:ardana-freezer-8.0+git.1534266805.c9ea29b-3.12.2.noarch",
"SUSE OpenStack Cloud 8:ardana-glance-8.0+git.1537790499.b15fdea-3.8.2.noarch",
"SUSE OpenStack Cloud 8:ardana-input-model-8.0+git.1539086744.5ae1d6f-3.21.2.noarch",
"SUSE OpenStack Cloud 8:ardana-keystone-8.0+git.1536100286.ddd8d3e-3.15.2.noarch",
"SUSE OpenStack Cloud 8:ardana-mq-8.0+git.1534267034.f95e1ec-3.5.2.noarch",
"SUSE OpenStack Cloud 8:ardana-neutron-8.0+git.1537805998.7898f24-3.21.2.noarch",
"SUSE OpenStack Cloud 8:ardana-nova-8.0+git.1537895345.35a03a2-3.14.2.noarch",
"SUSE OpenStack Cloud 8:ardana-octavia-8.0+git.1534267086.b7dbe77-3.8.2.noarch",
"SUSE OpenStack Cloud 8:ardana-osconfig-8.0+git.1540330973.aab0174-3.27.1.noarch",
"SUSE OpenStack Cloud 8:ardana-service-8.0+git.1537825617.23552c2-3.14.2.noarch",
"SUSE OpenStack Cloud 8:ardana-service-ansible-8.0+git.1537806377.25b5d68-3.11.2.noarch",
"SUSE OpenStack Cloud 8:ardana-ses-8.0+git.1539113493.6631423-1.8.2.noarch",
"SUSE OpenStack Cloud 8:ardana-swift-8.0+git.1534267211.78fb7e3-3.18.2.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"HPE Helion OpenStack 8:ardana-ansible-8.0+git.1539739656.0ef51c9-3.46.1.noarch",
"HPE Helion OpenStack 8:ardana-barbican-8.0+git.1534266594.8136db7-4.27.2.noarch",
"HPE Helion OpenStack 8:ardana-cinder-8.0+git.1535412193.d9ad231-3.27.2.noarch",
"HPE Helion OpenStack 8:ardana-cluster-8.0+git.1534266734.ec4822f-3.30.2.noarch",
"HPE Helion OpenStack 8:ardana-cobbler-8.0+git.1534780521.780753b-3.29.2.noarch",
"HPE Helion OpenStack 8:ardana-freezer-8.0+git.1534266805.c9ea29b-3.12.2.noarch",
"HPE Helion OpenStack 8:ardana-glance-8.0+git.1537790499.b15fdea-3.8.2.noarch",
"HPE Helion OpenStack 8:ardana-input-model-8.0+git.1539086744.5ae1d6f-3.21.2.noarch",
"HPE Helion OpenStack 8:ardana-keystone-8.0+git.1536100286.ddd8d3e-3.15.2.noarch",
"HPE Helion OpenStack 8:ardana-mq-8.0+git.1534267034.f95e1ec-3.5.2.noarch",
"HPE Helion OpenStack 8:ardana-neutron-8.0+git.1537805998.7898f24-3.21.2.noarch",
"HPE Helion OpenStack 8:ardana-nova-8.0+git.1537895345.35a03a2-3.14.2.noarch",
"HPE Helion OpenStack 8:ardana-octavia-8.0+git.1534267086.b7dbe77-3.8.2.noarch",
"HPE Helion OpenStack 8:ardana-osconfig-8.0+git.1540330973.aab0174-3.27.1.noarch",
"HPE Helion OpenStack 8:ardana-service-8.0+git.1537825617.23552c2-3.14.2.noarch",
"HPE Helion OpenStack 8:ardana-service-ansible-8.0+git.1537806377.25b5d68-3.11.2.noarch",
"HPE Helion OpenStack 8:ardana-ses-8.0+git.1539113493.6631423-1.8.2.noarch",
"HPE Helion OpenStack 8:ardana-swift-8.0+git.1534267211.78fb7e3-3.18.2.noarch",
"SUSE OpenStack Cloud 8:ardana-ansible-8.0+git.1539739656.0ef51c9-3.46.1.noarch",
"SUSE OpenStack Cloud 8:ardana-barbican-8.0+git.1534266594.8136db7-4.27.2.noarch",
"SUSE OpenStack Cloud 8:ardana-cinder-8.0+git.1535412193.d9ad231-3.27.2.noarch",
"SUSE OpenStack Cloud 8:ardana-cluster-8.0+git.1534266734.ec4822f-3.30.2.noarch",
"SUSE OpenStack Cloud 8:ardana-cobbler-8.0+git.1534780521.780753b-3.29.2.noarch",
"SUSE OpenStack Cloud 8:ardana-freezer-8.0+git.1534266805.c9ea29b-3.12.2.noarch",
"SUSE OpenStack Cloud 8:ardana-glance-8.0+git.1537790499.b15fdea-3.8.2.noarch",
"SUSE OpenStack Cloud 8:ardana-input-model-8.0+git.1539086744.5ae1d6f-3.21.2.noarch",
"SUSE OpenStack Cloud 8:ardana-keystone-8.0+git.1536100286.ddd8d3e-3.15.2.noarch",
"SUSE OpenStack Cloud 8:ardana-mq-8.0+git.1534267034.f95e1ec-3.5.2.noarch",
"SUSE OpenStack Cloud 8:ardana-neutron-8.0+git.1537805998.7898f24-3.21.2.noarch",
"SUSE OpenStack Cloud 8:ardana-nova-8.0+git.1537895345.35a03a2-3.14.2.noarch",
"SUSE OpenStack Cloud 8:ardana-octavia-8.0+git.1534267086.b7dbe77-3.8.2.noarch",
"SUSE OpenStack Cloud 8:ardana-osconfig-8.0+git.1540330973.aab0174-3.27.1.noarch",
"SUSE OpenStack Cloud 8:ardana-service-8.0+git.1537825617.23552c2-3.14.2.noarch",
"SUSE OpenStack Cloud 8:ardana-service-ansible-8.0+git.1537806377.25b5d68-3.11.2.noarch",
"SUSE OpenStack Cloud 8:ardana-ses-8.0+git.1539113493.6631423-1.8.2.noarch",
"SUSE OpenStack Cloud 8:ardana-swift-8.0+git.1534267211.78fb7e3-3.18.2.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-11-06T12:29:32Z",
"details": "low"
}
],
"title": "CVE-2016-8611"
}
]
}
suse-su-2018:2603-1
Vulnerability from csaf_suse
Published
2018-09-04 08:48
Modified
2018-09-04 08:48
Summary
Security update for crowbar, crowbar-core, crowbar-ha, crowbar-openstack, crowbar-ui
Notes
Title of the patch
Security update for crowbar, crowbar-core, crowbar-ha, crowbar-openstack, crowbar-ui
Description of the patch
This update for crowbar, crowbar-ha, crowbar-init, crowbar-openstack, crowbar-ui fixes the following issues:
This security issues was fixed:
- CVE-2018-3760: Upgrade rubygem-sprockets to prevent an information leak.
Specially crafted requests could have been be used to access files that exists
on the filesystem that is outside an application's root directory, when the
Sprockets server is used in production (bsc#1098369).
- CVE-2016-861: Add rate limiting for glance api (bsc#1005886)
These non-security issues were fixed for crowbar:
- upgrade: Lock crowbar-ui before admin upgrade
- upgrade: Make sure schemas are properly migrated after the upgrade
These non-security issues were fixed for crowbar-core:
- upgrade: Add the upgrade menu entry
- upgrade: Fix upgrade link
- apache: copytruncate apache logs bsc#1083093
- Fix exception handling in get_log_lines
- upgrade: Raise the default timeouts for most time consuming actions
- upgrade: Do not allow manila-share on compute nodes
- control_lib: fix host allocation check
- upgrade: Check input is a valid node for nodes
- upgrade: Provide better information after the failure
- upgrade: Report missing scripts
- upgrade: Improve error messages with lists
- upgrade: Do not allow cinder-volume on compute nodes
- upgrade: Fix file layout for rails' autoloading (bsc#1096759)
- upgrade: Added API calls for postponing/resuming compute nodes upgrade
- upgrade: Unlock crowbar-ui after completed upgrade
- upgrade: Do not check if ceph roles are present on compute nodes
- upgrade: Fix labels for SOC8 repositories
- upgrade: Finish only controllers step
These non-security issues were fixed for crowbar-ha:
- haproxy: increased SSL stick table to 100k
- DRBD: Fix DRBD resources setup on reinstall node
- pacemaker: allow multiple meta parameters (bsc#1093898)
These non-security issues were fixed for crowbar-openstack:
- nova: reload nova-placement-api (bsc#1103383)
- Synchronize SSL in the cluster (bsc#1081518)
- neutron: add force_metadata attribute
- copytruncate apache logs instead of creating
- rabbitmq: set client timout to default value
- Revert 'database: Split database-server role into backend specific roles'
- Revert 'database: Allow parallel deployments of postgresql and mysql'
- Revert 'database: Allow parallel HA deployment of PostgreSQL and MariaDB'
- Revert 'database: Fix 'Attributes' UI after role renaming'
- Revert 'monasca: Fix check for mysql after it got moved to a separate role'
- Revert 'Restore caching of db_settings'
- Revert 'database: Migration fixes for separate DB roles'
- database: Migration fixes for separate DB roles
- Restore caching of db_settings
- monasca: Fix check for mysql after it got moved to a separate role
- database: Fix 'Attributes' UI after role renaming
- database: Allow parallel HA deployment of PostgreSQL and MariaDB
- database: Allow parallel deployments of postgresql and mysql
- database: Split database-server role into backend specific roles
- Do not automatically put manila-share roles to compute nodes
- rabbitmq: check for rabbit readiness
- rabbitmq: Make sure rabbit is running on cluster
- monasca: various monasca-installer improvements
- manila: Correct field name for cluster name
- mariadb: Add prefix to configs
- mariadb: Remove redundant config values
- aodh: Add config for alarm_history_ttl (bsc#1073703)
These non-security issues were fixed for crowbar-ui:
- upgrade: Dummy backend for status testing
- upgrade: Refactor postpone nodes upgrade
- upgrade: Allow interruption of status wait loop
- upgrade: Added ability to postpone upgrade nodes
- upgrade: Add ability to postpone upgrade nodes
- upgrade: Add ability to postpone upgrade nodes
- upgrade: Add ability to postpone upgrade nodes
- Add ability to postpone upgrade
- upgrade: Remove openstack precheck
- upgrade: Fixed error key for ha_configured
- upgrade: Remove CEPH related code
- Remove the non-essential database-configuration controller
- remove ui typo test
- Remove database configuration option
- upgrade: Update SUSE-OpenStack-Cloud-8 label
- upgrade: Update admin and nodes repo names
- enable and document docker development environment
Patchnames
SUSE-OpenStack-Cloud-7-2018-1828,SUSE-Storage-4-2018-1828
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for crowbar, crowbar-core, crowbar-ha, crowbar-openstack, crowbar-ui",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for crowbar, crowbar-ha, crowbar-init, crowbar-openstack, crowbar-ui fixes the following issues:\n\nThis security issues was fixed:\n\n- CVE-2018-3760: Upgrade rubygem-sprockets to prevent an information leak.\n Specially crafted requests could have been be used to access files that exists\n on the filesystem that is outside an application\u0027s root directory, when the\n Sprockets server is used in production (bsc#1098369).\n- CVE-2016-861: Add rate limiting for glance api (bsc#1005886)\n\nThese non-security issues were fixed for crowbar:\n\n- upgrade: Lock crowbar-ui before admin upgrade\n- upgrade: Make sure schemas are properly migrated after the upgrade\n\nThese non-security issues were fixed for crowbar-core:\n\n- upgrade: Add the upgrade menu entry\n- upgrade: Fix upgrade link\n- apache: copytruncate apache logs bsc#1083093\n- Fix exception handling in get_log_lines\n- upgrade: Raise the default timeouts for most time consuming actions\n- upgrade: Do not allow manila-share on compute nodes\n- control_lib: fix host allocation check\n- upgrade: Check input is a valid node for nodes\n- upgrade: Provide better information after the failure\n- upgrade: Report missing scripts\n- upgrade: Improve error messages with lists\n- upgrade: Do not allow cinder-volume on compute nodes\n- upgrade: Fix file layout for rails\u0027 autoloading (bsc#1096759)\n- upgrade: Added API calls for postponing/resuming compute nodes upgrade\n- upgrade: Unlock crowbar-ui after completed upgrade\n- upgrade: Do not check if ceph roles are present on compute nodes\n- upgrade: Fix labels for SOC8 repositories\n- upgrade: Finish only controllers step\n\nThese non-security issues were fixed for crowbar-ha:\n\n- haproxy: increased SSL stick table to 100k\n- DRBD: Fix DRBD resources setup on reinstall node\n- pacemaker: allow multiple meta parameters (bsc#1093898)\n\nThese non-security issues were fixed for crowbar-openstack:\n\n- nova: reload nova-placement-api (bsc#1103383)\n- Synchronize SSL in the cluster (bsc#1081518)\n- neutron: add force_metadata attribute\n- copytruncate apache logs instead of creating\n- rabbitmq: set client timout to default value\n- Revert \u0027database: Split database-server role into backend specific roles\u0027\n- Revert \u0027database: Allow parallel deployments of postgresql and mysql\u0027\n- Revert \u0027database: Allow parallel HA deployment of PostgreSQL and MariaDB\u0027\n- Revert \u0027database: Fix \u0027Attributes\u0027 UI after role renaming\u0027\n- Revert \u0027monasca: Fix check for mysql after it got moved to a separate role\u0027\n- Revert \u0027Restore caching of db_settings\u0027\n- Revert \u0027database: Migration fixes for separate DB roles\u0027\n- database: Migration fixes for separate DB roles\n- Restore caching of db_settings\n- monasca: Fix check for mysql after it got moved to a separate role\n- database: Fix \u0027Attributes\u0027 UI after role renaming\n- database: Allow parallel HA deployment of PostgreSQL and MariaDB\n- database: Allow parallel deployments of postgresql and mysql\n- database: Split database-server role into backend specific roles\n- Do not automatically put manila-share roles to compute nodes\n- rabbitmq: check for rabbit readiness\n- rabbitmq: Make sure rabbit is running on cluster\n- monasca: various monasca-installer improvements\n- manila: Correct field name for cluster name\n- mariadb: Add prefix to configs\n- mariadb: Remove redundant config values\n- aodh: Add config for alarm_history_ttl (bsc#1073703)\n\nThese non-security issues were fixed for crowbar-ui:\n\n- upgrade: Dummy backend for status testing\n- upgrade: Refactor postpone nodes upgrade\n- upgrade: Allow interruption of status wait loop\n- upgrade: Added ability to postpone upgrade nodes\n- upgrade: Add ability to postpone upgrade nodes\n- upgrade: Add ability to postpone upgrade nodes\n- upgrade: Add ability to postpone upgrade nodes\n- Add ability to postpone upgrade\n- upgrade: Remove openstack precheck\n- upgrade: Fixed error key for ha_configured\n- upgrade: Remove CEPH related code\n- Remove the non-essential database-configuration controller\n- remove ui typo test\n- Remove database configuration option\n- upgrade: Update SUSE-OpenStack-Cloud-8 label\n- upgrade: Update admin and nodes repo names\n- enable and document docker development environment\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-OpenStack-Cloud-7-2018-1828,SUSE-Storage-4-2018-1828",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2018_2603-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2018:2603-1",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20182603-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2018:2603-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2018-September/004530.html"
},
{
"category": "self",
"summary": "SUSE Bug 1005886",
"url": "https://bugzilla.suse.com/1005886"
},
{
"category": "self",
"summary": "SUSE Bug 1073703",
"url": "https://bugzilla.suse.com/1073703"
},
{
"category": "self",
"summary": "SUSE Bug 1081518",
"url": "https://bugzilla.suse.com/1081518"
},
{
"category": "self",
"summary": "SUSE Bug 1083093",
"url": "https://bugzilla.suse.com/1083093"
},
{
"category": "self",
"summary": "SUSE Bug 1093898",
"url": "https://bugzilla.suse.com/1093898"
},
{
"category": "self",
"summary": "SUSE Bug 1096759",
"url": "https://bugzilla.suse.com/1096759"
},
{
"category": "self",
"summary": "SUSE Bug 1098369",
"url": "https://bugzilla.suse.com/1098369"
},
{
"category": "self",
"summary": "SUSE Bug 1103383",
"url": "https://bugzilla.suse.com/1103383"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-8611 page",
"url": "https://www.suse.com/security/cve/CVE-2016-8611/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-3760 page",
"url": "https://www.suse.com/security/cve/CVE-2018-3760/"
}
],
"title": "Security update for crowbar, crowbar-core, crowbar-ha, crowbar-openstack, crowbar-ui",
"tracking": {
"current_release_date": "2018-09-04T08:48:31Z",
"generator": {
"date": "2018-09-04T08:48:31Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2018:2603-1",
"initial_release_date": "2018-09-04T08:48:31Z",
"revision_history": [
{
"date": "2018-09-04T08:48:31Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "crowbar-core-4.0+git.1534246408.3ab19c567-9.33.1.aarch64",
"product": {
"name": "crowbar-core-4.0+git.1534246408.3ab19c567-9.33.1.aarch64",
"product_id": "crowbar-core-4.0+git.1534246408.3ab19c567-9.33.1.aarch64"
}
},
{
"category": "product_version",
"name": "crowbar-core-branding-upstream-4.0+git.1534246408.3ab19c567-9.33.1.aarch64",
"product": {
"name": "crowbar-core-branding-upstream-4.0+git.1534246408.3ab19c567-9.33.1.aarch64",
"product_id": "crowbar-core-branding-upstream-4.0+git.1534246408.3ab19c567-9.33.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "crowbar-4.0+git.1528801103.f5708341-7.20.1.noarch",
"product": {
"name": "crowbar-4.0+git.1528801103.f5708341-7.20.1.noarch",
"product_id": "crowbar-4.0+git.1528801103.f5708341-7.20.1.noarch"
}
},
{
"category": "product_version",
"name": "crowbar-devel-4.0+git.1528801103.f5708341-7.20.1.noarch",
"product": {
"name": "crowbar-devel-4.0+git.1528801103.f5708341-7.20.1.noarch",
"product_id": "crowbar-devel-4.0+git.1528801103.f5708341-7.20.1.noarch"
}
},
{
"category": "product_version",
"name": "crowbar-ha-4.0+git.1533750802.5768e73-4.34.1.noarch",
"product": {
"name": "crowbar-ha-4.0+git.1533750802.5768e73-4.34.1.noarch",
"product_id": "crowbar-ha-4.0+git.1533750802.5768e73-4.34.1.noarch"
}
},
{
"category": "product_version",
"name": "crowbar-openstack-4.0+git.1534254269.ce598a9fe-9.39.1.noarch",
"product": {
"name": "crowbar-openstack-4.0+git.1534254269.ce598a9fe-9.39.1.noarch",
"product_id": "crowbar-openstack-4.0+git.1534254269.ce598a9fe-9.39.1.noarch"
}
},
{
"category": "product_version",
"name": "crowbar-ui-1.1.0+git.1533844061.4ac8e723-4.3.1.noarch",
"product": {
"name": "crowbar-ui-1.1.0+git.1533844061.4ac8e723-4.3.1.noarch",
"product_id": "crowbar-ui-1.1.0+git.1533844061.4ac8e723-4.3.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "crowbar-core-4.0+git.1534246408.3ab19c567-9.33.1.s390x",
"product": {
"name": "crowbar-core-4.0+git.1534246408.3ab19c567-9.33.1.s390x",
"product_id": "crowbar-core-4.0+git.1534246408.3ab19c567-9.33.1.s390x"
}
},
{
"category": "product_version",
"name": "crowbar-core-branding-upstream-4.0+git.1534246408.3ab19c567-9.33.1.s390x",
"product": {
"name": "crowbar-core-branding-upstream-4.0+git.1534246408.3ab19c567-9.33.1.s390x",
"product_id": "crowbar-core-branding-upstream-4.0+git.1534246408.3ab19c567-9.33.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "crowbar-core-4.0+git.1534246408.3ab19c567-9.33.1.x86_64",
"product": {
"name": "crowbar-core-4.0+git.1534246408.3ab19c567-9.33.1.x86_64",
"product_id": "crowbar-core-4.0+git.1534246408.3ab19c567-9.33.1.x86_64"
}
},
{
"category": "product_version",
"name": "crowbar-core-branding-upstream-4.0+git.1534246408.3ab19c567-9.33.1.x86_64",
"product": {
"name": "crowbar-core-branding-upstream-4.0+git.1534246408.3ab19c567-9.33.1.x86_64",
"product_id": "crowbar-core-branding-upstream-4.0+git.1534246408.3ab19c567-9.33.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE OpenStack Cloud 7",
"product": {
"name": "SUSE OpenStack Cloud 7",
"product_id": "SUSE OpenStack Cloud 7",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-openstack-cloud:7"
}
}
},
{
"category": "product_name",
"name": "SUSE Enterprise Storage 4",
"product": {
"name": "SUSE Enterprise Storage 4",
"product_id": "SUSE Enterprise Storage 4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:ses:4"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "crowbar-4.0+git.1528801103.f5708341-7.20.1.noarch as component of SUSE OpenStack Cloud 7",
"product_id": "SUSE OpenStack Cloud 7:crowbar-4.0+git.1528801103.f5708341-7.20.1.noarch"
},
"product_reference": "crowbar-4.0+git.1528801103.f5708341-7.20.1.noarch",
"relates_to_product_reference": "SUSE OpenStack Cloud 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "crowbar-core-4.0+git.1534246408.3ab19c567-9.33.1.aarch64 as component of SUSE OpenStack Cloud 7",
"product_id": "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1534246408.3ab19c567-9.33.1.aarch64"
},
"product_reference": "crowbar-core-4.0+git.1534246408.3ab19c567-9.33.1.aarch64",
"relates_to_product_reference": "SUSE OpenStack Cloud 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "crowbar-core-4.0+git.1534246408.3ab19c567-9.33.1.s390x as component of SUSE OpenStack Cloud 7",
"product_id": "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1534246408.3ab19c567-9.33.1.s390x"
},
"product_reference": "crowbar-core-4.0+git.1534246408.3ab19c567-9.33.1.s390x",
"relates_to_product_reference": "SUSE OpenStack Cloud 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "crowbar-core-4.0+git.1534246408.3ab19c567-9.33.1.x86_64 as component of SUSE OpenStack Cloud 7",
"product_id": "SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1534246408.3ab19c567-9.33.1.x86_64"
},
"product_reference": "crowbar-core-4.0+git.1534246408.3ab19c567-9.33.1.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "crowbar-core-branding-upstream-4.0+git.1534246408.3ab19c567-9.33.1.aarch64 as component of SUSE OpenStack Cloud 7",
"product_id": "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1534246408.3ab19c567-9.33.1.aarch64"
},
"product_reference": "crowbar-core-branding-upstream-4.0+git.1534246408.3ab19c567-9.33.1.aarch64",
"relates_to_product_reference": "SUSE OpenStack Cloud 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "crowbar-core-branding-upstream-4.0+git.1534246408.3ab19c567-9.33.1.s390x as component of SUSE OpenStack Cloud 7",
"product_id": "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1534246408.3ab19c567-9.33.1.s390x"
},
"product_reference": "crowbar-core-branding-upstream-4.0+git.1534246408.3ab19c567-9.33.1.s390x",
"relates_to_product_reference": "SUSE OpenStack Cloud 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "crowbar-core-branding-upstream-4.0+git.1534246408.3ab19c567-9.33.1.x86_64 as component of SUSE OpenStack Cloud 7",
"product_id": "SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1534246408.3ab19c567-9.33.1.x86_64"
},
"product_reference": "crowbar-core-branding-upstream-4.0+git.1534246408.3ab19c567-9.33.1.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "crowbar-devel-4.0+git.1528801103.f5708341-7.20.1.noarch as component of SUSE OpenStack Cloud 7",
"product_id": "SUSE OpenStack Cloud 7:crowbar-devel-4.0+git.1528801103.f5708341-7.20.1.noarch"
},
"product_reference": "crowbar-devel-4.0+git.1528801103.f5708341-7.20.1.noarch",
"relates_to_product_reference": "SUSE OpenStack Cloud 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "crowbar-ha-4.0+git.1533750802.5768e73-4.34.1.noarch as component of SUSE OpenStack Cloud 7",
"product_id": "SUSE OpenStack Cloud 7:crowbar-ha-4.0+git.1533750802.5768e73-4.34.1.noarch"
},
"product_reference": "crowbar-ha-4.0+git.1533750802.5768e73-4.34.1.noarch",
"relates_to_product_reference": "SUSE OpenStack Cloud 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "crowbar-openstack-4.0+git.1534254269.ce598a9fe-9.39.1.noarch as component of SUSE OpenStack Cloud 7",
"product_id": "SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1534254269.ce598a9fe-9.39.1.noarch"
},
"product_reference": "crowbar-openstack-4.0+git.1534254269.ce598a9fe-9.39.1.noarch",
"relates_to_product_reference": "SUSE OpenStack Cloud 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "crowbar-ui-1.1.0+git.1533844061.4ac8e723-4.3.1.noarch as component of SUSE OpenStack Cloud 7",
"product_id": "SUSE OpenStack Cloud 7:crowbar-ui-1.1.0+git.1533844061.4ac8e723-4.3.1.noarch"
},
"product_reference": "crowbar-ui-1.1.0+git.1533844061.4ac8e723-4.3.1.noarch",
"relates_to_product_reference": "SUSE OpenStack Cloud 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "crowbar-4.0+git.1528801103.f5708341-7.20.1.noarch as component of SUSE Enterprise Storage 4",
"product_id": "SUSE Enterprise Storage 4:crowbar-4.0+git.1528801103.f5708341-7.20.1.noarch"
},
"product_reference": "crowbar-4.0+git.1528801103.f5708341-7.20.1.noarch",
"relates_to_product_reference": "SUSE Enterprise Storage 4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "crowbar-core-4.0+git.1534246408.3ab19c567-9.33.1.aarch64 as component of SUSE Enterprise Storage 4",
"product_id": "SUSE Enterprise Storage 4:crowbar-core-4.0+git.1534246408.3ab19c567-9.33.1.aarch64"
},
"product_reference": "crowbar-core-4.0+git.1534246408.3ab19c567-9.33.1.aarch64",
"relates_to_product_reference": "SUSE Enterprise Storage 4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "crowbar-core-4.0+git.1534246408.3ab19c567-9.33.1.x86_64 as component of SUSE Enterprise Storage 4",
"product_id": "SUSE Enterprise Storage 4:crowbar-core-4.0+git.1534246408.3ab19c567-9.33.1.x86_64"
},
"product_reference": "crowbar-core-4.0+git.1534246408.3ab19c567-9.33.1.x86_64",
"relates_to_product_reference": "SUSE Enterprise Storage 4"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2016-8611",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-8611"
}
],
"notes": [
{
"category": "general",
"text": "A vulnerability was found in Openstack Glance. No limits are enforced within the Glance image service for both v1 and v2 `/images` API POST method for authenticated users, resulting in possible denial of service attacks through database table saturation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 4:crowbar-4.0+git.1528801103.f5708341-7.20.1.noarch",
"SUSE Enterprise Storage 4:crowbar-core-4.0+git.1534246408.3ab19c567-9.33.1.aarch64",
"SUSE Enterprise Storage 4:crowbar-core-4.0+git.1534246408.3ab19c567-9.33.1.x86_64",
"SUSE OpenStack Cloud 7:crowbar-4.0+git.1528801103.f5708341-7.20.1.noarch",
"SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1534246408.3ab19c567-9.33.1.aarch64",
"SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1534246408.3ab19c567-9.33.1.s390x",
"SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1534246408.3ab19c567-9.33.1.x86_64",
"SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1534246408.3ab19c567-9.33.1.aarch64",
"SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1534246408.3ab19c567-9.33.1.s390x",
"SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1534246408.3ab19c567-9.33.1.x86_64",
"SUSE OpenStack Cloud 7:crowbar-devel-4.0+git.1528801103.f5708341-7.20.1.noarch",
"SUSE OpenStack Cloud 7:crowbar-ha-4.0+git.1533750802.5768e73-4.34.1.noarch",
"SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1534254269.ce598a9fe-9.39.1.noarch",
"SUSE OpenStack Cloud 7:crowbar-ui-1.1.0+git.1533844061.4ac8e723-4.3.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-8611",
"url": "https://www.suse.com/security/cve/CVE-2016-8611"
},
{
"category": "external",
"summary": "SUSE Bug 1005886 for CVE-2016-8611",
"url": "https://bugzilla.suse.com/1005886"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 4:crowbar-4.0+git.1528801103.f5708341-7.20.1.noarch",
"SUSE Enterprise Storage 4:crowbar-core-4.0+git.1534246408.3ab19c567-9.33.1.aarch64",
"SUSE Enterprise Storage 4:crowbar-core-4.0+git.1534246408.3ab19c567-9.33.1.x86_64",
"SUSE OpenStack Cloud 7:crowbar-4.0+git.1528801103.f5708341-7.20.1.noarch",
"SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1534246408.3ab19c567-9.33.1.aarch64",
"SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1534246408.3ab19c567-9.33.1.s390x",
"SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1534246408.3ab19c567-9.33.1.x86_64",
"SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1534246408.3ab19c567-9.33.1.aarch64",
"SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1534246408.3ab19c567-9.33.1.s390x",
"SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1534246408.3ab19c567-9.33.1.x86_64",
"SUSE OpenStack Cloud 7:crowbar-devel-4.0+git.1528801103.f5708341-7.20.1.noarch",
"SUSE OpenStack Cloud 7:crowbar-ha-4.0+git.1533750802.5768e73-4.34.1.noarch",
"SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1534254269.ce598a9fe-9.39.1.noarch",
"SUSE OpenStack Cloud 7:crowbar-ui-1.1.0+git.1533844061.4ac8e723-4.3.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Enterprise Storage 4:crowbar-4.0+git.1528801103.f5708341-7.20.1.noarch",
"SUSE Enterprise Storage 4:crowbar-core-4.0+git.1534246408.3ab19c567-9.33.1.aarch64",
"SUSE Enterprise Storage 4:crowbar-core-4.0+git.1534246408.3ab19c567-9.33.1.x86_64",
"SUSE OpenStack Cloud 7:crowbar-4.0+git.1528801103.f5708341-7.20.1.noarch",
"SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1534246408.3ab19c567-9.33.1.aarch64",
"SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1534246408.3ab19c567-9.33.1.s390x",
"SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1534246408.3ab19c567-9.33.1.x86_64",
"SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1534246408.3ab19c567-9.33.1.aarch64",
"SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1534246408.3ab19c567-9.33.1.s390x",
"SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1534246408.3ab19c567-9.33.1.x86_64",
"SUSE OpenStack Cloud 7:crowbar-devel-4.0+git.1528801103.f5708341-7.20.1.noarch",
"SUSE OpenStack Cloud 7:crowbar-ha-4.0+git.1533750802.5768e73-4.34.1.noarch",
"SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1534254269.ce598a9fe-9.39.1.noarch",
"SUSE OpenStack Cloud 7:crowbar-ui-1.1.0+git.1533844061.4ac8e723-4.3.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-09-04T08:48:31Z",
"details": "low"
}
],
"title": "CVE-2016-8611"
},
{
"cve": "CVE-2018-3760",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-3760"
}
],
"notes": [
{
"category": "general",
"text": "There is an information leak vulnerability in Sprockets. Versions Affected: 4.0.0.beta7 and lower, 3.7.1 and lower, 2.12.4 and lower. Specially crafted requests can be used to access files that exists on the filesystem that is outside an application\u0027s root directory, when the Sprockets server is used in production. All users running an affected release should either upgrade or use one of the work arounds immediately.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 4:crowbar-4.0+git.1528801103.f5708341-7.20.1.noarch",
"SUSE Enterprise Storage 4:crowbar-core-4.0+git.1534246408.3ab19c567-9.33.1.aarch64",
"SUSE Enterprise Storage 4:crowbar-core-4.0+git.1534246408.3ab19c567-9.33.1.x86_64",
"SUSE OpenStack Cloud 7:crowbar-4.0+git.1528801103.f5708341-7.20.1.noarch",
"SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1534246408.3ab19c567-9.33.1.aarch64",
"SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1534246408.3ab19c567-9.33.1.s390x",
"SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1534246408.3ab19c567-9.33.1.x86_64",
"SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1534246408.3ab19c567-9.33.1.aarch64",
"SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1534246408.3ab19c567-9.33.1.s390x",
"SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1534246408.3ab19c567-9.33.1.x86_64",
"SUSE OpenStack Cloud 7:crowbar-devel-4.0+git.1528801103.f5708341-7.20.1.noarch",
"SUSE OpenStack Cloud 7:crowbar-ha-4.0+git.1533750802.5768e73-4.34.1.noarch",
"SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1534254269.ce598a9fe-9.39.1.noarch",
"SUSE OpenStack Cloud 7:crowbar-ui-1.1.0+git.1533844061.4ac8e723-4.3.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-3760",
"url": "https://www.suse.com/security/cve/CVE-2018-3760"
},
{
"category": "external",
"summary": "SUSE Bug 1098369 for CVE-2018-3760",
"url": "https://bugzilla.suse.com/1098369"
},
{
"category": "external",
"summary": "SUSE Bug 1182167 for CVE-2018-3760",
"url": "https://bugzilla.suse.com/1182167"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 4:crowbar-4.0+git.1528801103.f5708341-7.20.1.noarch",
"SUSE Enterprise Storage 4:crowbar-core-4.0+git.1534246408.3ab19c567-9.33.1.aarch64",
"SUSE Enterprise Storage 4:crowbar-core-4.0+git.1534246408.3ab19c567-9.33.1.x86_64",
"SUSE OpenStack Cloud 7:crowbar-4.0+git.1528801103.f5708341-7.20.1.noarch",
"SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1534246408.3ab19c567-9.33.1.aarch64",
"SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1534246408.3ab19c567-9.33.1.s390x",
"SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1534246408.3ab19c567-9.33.1.x86_64",
"SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1534246408.3ab19c567-9.33.1.aarch64",
"SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1534246408.3ab19c567-9.33.1.s390x",
"SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1534246408.3ab19c567-9.33.1.x86_64",
"SUSE OpenStack Cloud 7:crowbar-devel-4.0+git.1528801103.f5708341-7.20.1.noarch",
"SUSE OpenStack Cloud 7:crowbar-ha-4.0+git.1533750802.5768e73-4.34.1.noarch",
"SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1534254269.ce598a9fe-9.39.1.noarch",
"SUSE OpenStack Cloud 7:crowbar-ui-1.1.0+git.1533844061.4ac8e723-4.3.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"SUSE Enterprise Storage 4:crowbar-4.0+git.1528801103.f5708341-7.20.1.noarch",
"SUSE Enterprise Storage 4:crowbar-core-4.0+git.1534246408.3ab19c567-9.33.1.aarch64",
"SUSE Enterprise Storage 4:crowbar-core-4.0+git.1534246408.3ab19c567-9.33.1.x86_64",
"SUSE OpenStack Cloud 7:crowbar-4.0+git.1528801103.f5708341-7.20.1.noarch",
"SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1534246408.3ab19c567-9.33.1.aarch64",
"SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1534246408.3ab19c567-9.33.1.s390x",
"SUSE OpenStack Cloud 7:crowbar-core-4.0+git.1534246408.3ab19c567-9.33.1.x86_64",
"SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1534246408.3ab19c567-9.33.1.aarch64",
"SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1534246408.3ab19c567-9.33.1.s390x",
"SUSE OpenStack Cloud 7:crowbar-core-branding-upstream-4.0+git.1534246408.3ab19c567-9.33.1.x86_64",
"SUSE OpenStack Cloud 7:crowbar-devel-4.0+git.1528801103.f5708341-7.20.1.noarch",
"SUSE OpenStack Cloud 7:crowbar-ha-4.0+git.1533750802.5768e73-4.34.1.noarch",
"SUSE OpenStack Cloud 7:crowbar-openstack-4.0+git.1534254269.ce598a9fe-9.39.1.noarch",
"SUSE OpenStack Cloud 7:crowbar-ui-1.1.0+git.1533844061.4ac8e723-4.3.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-09-04T08:48:31Z",
"details": "important"
}
],
"title": "CVE-2018-3760"
}
]
}
gsd-2016-8611
Vulnerability from gsd
Modified
2023-12-13 01:21
Details
A vulnerability was found in Openstack Glance. No limits are enforced within the Glance image service for both v1 and v2 `/images` API POST method for authenticated users, resulting in possible denial of service attacks through database table saturation.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2016-8611",
"description": "A vulnerability was found in Openstack Glance. No limits are enforced within the Glance image service for both v1 and v2 `/images` API POST method for authenticated users, resulting in possible denial of service attacks through database table saturation.",
"id": "GSD-2016-8611",
"references": [
"https://www.suse.com/security/cve/CVE-2016-8611.html"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2016-8611"
],
"details": "A vulnerability was found in Openstack Glance. No limits are enforced within the Glance image service for both v1 and v2 `/images` API POST method for authenticated users, resulting in possible denial of service attacks through database table saturation.",
"id": "GSD-2016-8611",
"modified": "2023-12-13T01:21:22.454635Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2016-8611",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "openstack-glance",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "v1 and v2"
}
]
}
}
]
},
"vendor_name": "The Openstack Foundation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability was found in Openstack Glance. No limits are enforced within the Glance image service for both v1 and v2 `/images` API POST method for authenticated users, resulting in possible denial of service attacks through database table saturation."
}
]
},
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"cweId": "CWE-400",
"lang": "eng",
"value": "CWE-400"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://seclists.org/oss-sec/2016/q4/266",
"refsource": "MISC",
"url": "http://seclists.org/oss-sec/2016/q4/266"
},
{
"name": "http://www.securityfocus.com/bid/94378",
"refsource": "MISC",
"url": "http://www.securityfocus.com/bid/94378"
},
{
"name": "http://www.securitytracker.com/id/1037312",
"refsource": "MISC",
"url": "http://www.securitytracker.com/id/1037312"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-8611",
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-8611"
},
{
"name": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c05333384",
"refsource": "MISC",
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c05333384"
}
]
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:openstack:glance:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2016-8611"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "A vulnerability was found in Openstack Glance. No limits are enforced within the Glance image service for both v1 and v2 `/images` API POST method for authenticated users, resulting in possible denial of service attacks through database table saturation."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-400"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-8611",
"refsource": "CONFIRM",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-8611"
},
{
"name": "[oss-security] 20161027 [OSSN-0076] Glance Image service v1 and v2 api image-create vulnerability",
"refsource": "MLIST",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/oss-sec/2016/q4/266"
},
{
"name": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c05333384",
"refsource": "CONFIRM",
"tags": [
"Vendor Advisory"
],
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c05333384"
},
{
"name": "1037312",
"refsource": "SECTRACK",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1037312"
},
{
"name": "94378",
"refsource": "BID",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/94378"
}
]
}
},
"impact": {
"baseMetricV2": {
"acInsufInfo": false,
"cvssV2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"userInteractionRequired": false
},
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
},
"lastModifiedDate": "2023-02-12T23:25Z",
"publishedDate": "2018-07-31T20:29Z"
}
}
}
ghsa-c8qm-3x9v-xjgr
Vulnerability from github
Published
2022-05-13 01:38
Modified
2022-05-13 01:38
Severity ?
VLAI Severity ?
Details
A vulnerability was found in Openstack Glance. No limits are enforced within the Glance image service for both v1 and v2 /images API POST method for authenticated users, resulting in possible denial of service attacks through database table saturation.
{
"affected": [],
"aliases": [
"CVE-2016-8611"
],
"database_specific": {
"cwe_ids": [
"CWE-20",
"CWE-400"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2018-07-31T20:29:00Z",
"severity": "MODERATE"
},
"details": "A vulnerability was found in Openstack Glance. No limits are enforced within the Glance image service for both v1 and v2 `/images` API POST method for authenticated users, resulting in possible denial of service attacks through database table saturation.",
"id": "GHSA-c8qm-3x9v-xjgr",
"modified": "2022-05-13T01:38:40Z",
"published": "2022-05-13T01:38:40Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-8611"
},
{
"type": "WEB",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-8611"
},
{
"type": "WEB",
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c05333384"
},
{
"type": "WEB",
"url": "http://seclists.org/oss-sec/2016/q4/266"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/94378"
},
{
"type": "WEB",
"url": "http://www.securitytracker.com/id/1037312"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…