Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 735
Alerts This Week
Warning Icon 1 735

Ubuntu 23.10 USN-6630-1 Critical: Glance_store Information Exposure

ubuntu
Calendar Grey February 12, 2024
Dist Ubuntu Esm H88
Delve into Ubuntu Security Notice USN-6630-1 which highlights a vulnerability in Glance_store that could leak confidential data. Ensure your system is updated promptly!
Glance_store could be made to expose sensitive information.

Summary

Glance_store could be made to expose sensitive information.

Software Description:

- python-glance-store: OpenStack Image Service store library

Details:

It was discovered that Glance_store incorrectly handled logging when the

DEBUG log level is enabled. A local attacker could use this issue to obtain

access_key values.

Update Instructions

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 23.10:
   python3-glance-store            4.6.1-0ubuntu1.1

Ubuntu 22.04 LTS:
   python3-glance-store            3.0.0-0ubuntu1.4

Ubuntu 20.04 LTS:
   python3-glance-store            2.0.0-0ubuntu4.3

In general, a standard system update will make all the necessary changes.

References

https://ubuntu.com/security/notices/USN-6630-1

CVE-2024-1141

Severity
critical
Lowest
Low
Medium
High
Critical

Ubuntu Security Notice USN-6630-1

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.