Explore top 10 tips to secure your open-source projects now. Read More
×
Applications using Oslo middleware could be made to expose sensitive
information.
Software Description:
- python-oslo.middleware: WSGI middleware components for OpenStack
Details:
Divya K Konoor discovered Oslo middleware was vulnerable to an information
disclosure. A local attacker could exploit this flaw to obtain sensitive
information from OpenStack component error logs.
The problem can be corrected by updating your system to the following package versions: Ubuntu 16.04 LTS: python-oslo.middleware 3.8.0-2ubuntu1 python-oslo.middleware-doc 3.8.0-2ubuntu1 After a standard system update you need to restart OpenStack services to make all the necessary changes.
https://ubuntu.com/security/notices/USN-3666-1
CVE-2017-2592, https://bugs.launchpad.net/keystonemiddleware/+bug/1628031
Get the latest Linux and open source security news straight to your inbox.