cinder 2:21.0.0-3 source package in Debian
Changelog
cinder (2:21.0.0-3) unstable; urgency=high
* CVE-2022-47951: By supplying a specially created VMDK flat image which
references a specific backing file path, an authenticated user may convince
systems to return a copy of that file's contents from the server resulting
in unauthorized access to potentially sensitive data. Add upstream patch
CVE-2022-47951_Check_VMDK_subformat_against_an_allowed_list.patch
(Closes: #1029562).
-- Thomas Goirand <email address hidden> Tue, 24 Jan 2023 17:19:39 +0100
Upload details
- Uploaded by:
- Debian OpenStack
- Uploaded to:
- Sid
- Original maintainer:
- Debian OpenStack
- Architectures:
- all
- Section:
- misc
- Urgency:
- Very Urgent
See full publishing history Publishing
| Series | Published | Component | Section |
|---|
Builds
Downloads
| File | Size | SHA-256 Checksum |
|---|---|---|
| cinder_21.0.0-3.dsc | 4.3 KiB | ce11d02c81c3c4b719516709e726c52a30eb97e30fb9b39a0f9614a1b67a54c3 |
| cinder_21.0.0.orig.tar.xz | 4.0 MiB | 0c9d8a69ff440d2d036a7aeeae47b14d034b76205ecdb2a88a8fe3f726cfffc5 |
| cinder_21.0.0-3.debian.tar.xz | 54.2 KiB | bb8effedcaddb3a9dc041800e8ac50da9332a49212996d51a4c0ec24bbffbe92 |
No changes file available.
