SUSE: 2020:1066-1 Moderate: Ardana Security Update for Cloud Systems
suse
April 22, 2020
An update that solves 9 vulnerabilities and has 14 fixes is now available
Summary
This update for ardana-ansible, ardana-barbican, ardana-db, ardana-monasca, ardana-mq, ardana-neutron, ardana-octavia, ardana-tempest, crowbar-core, crowbar-ha, crowbar-openstack, documentation-suse-openstack-cloud, memcached, openstack-manila, openstack-neutron, openstack-nova, pdns, python-amqp, rubygem-puma, zookeeper contains the following fixes: Security fix for rubygem-puma: - CVE-2020-5247: Fixed an issue where the newlines in headers according to Rack spec were not split (bsc#1165402) Security fix for openstack-manila: - CVE-2020-9543: Fixed an issue where an attacker could view, update, delete, or share resources that do not Security fixes for memcached: - CVE-2019-15026: Fixed a stack-based buffer over-read in conn_to_str() in memcached.c (bsc#1149110).
References
#1040519 #1048688 #1077718 #1111180 #1114157
#1114169 #1115904 #1125357 #1129734 #1132852
#1133817 #1135773 #1145498 #1146206 #1148426
#1149110 #1149535 #1151206 #1165402 #1165643
#1166290 #1167240 #144694
Cross- CVE-2017-5637 CVE-2018-10851 CVE-2018-14626
CVE-2019-0201 CVE-2019-11596 CVE-2019-15026
CVE-2019-3871 CVE-2020-5247 CVE-2020-9543
Affected Products:
SUSE OpenStack Cloud Crowbar 8
SUSE OpenStack Cloud 8
HPE Helion Openstack 8
https://www.suse.com/security/cve/CVE-2017-5637.html
https://www.suse.com/security/cve/CVE-2018-10851.html
https://www.suse.com/security/cve/CVE-2018-14626.html
https://www.suse.com/security/cve/CVE-2019-0201.html
https://www.suse.com/security/cve/CVE-2019-11596.html
PREVIOUS
NEXT
Announcement ID: SUSE-SU-2020:1066-1
Rating: moderate
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!