OpenStack Security Advisories are published to communicate about security issues reported and fixed in OpenStack supported software
The OpenStack Vulnerability Management Team is responsible for this process, which is documented at https:/
This is different from OpenStack Security Notes (OSSN), which are snippets of security and hardening advice published by the OpenStack Security Group (OSSG) and which are explicitely not about exploitable vulnerabilities discovered and fixed in OpenStack supported software.
Project information
- Part of:
- OpenStack
- Maintainer:
- OpenStack Vulnerability Management team
- Licence:
- Creative Commons - No Rights Reserved
View full history Series and milestones
trunk series is the current focus of development.
All bugs Latest bugs reported
-
Bug #2076289: [OSSA-2024-004] Ironic sometimes fails to verify checksums of supplied image_source URLs (CVE-2024-47211)
Reported -
Bug #2071451: [ml2][ovs][firewall] port changes ofport and local_vlan will lead to wrong flow installation
Reported -
Bug #2071740: [OSSA-2024-003] Unvalidated image data passed to qemu-img (CVE-2024-44082)
Reported -
Bug #2071734: [OSSA-2024-002] Incomplete file access fix and regression for QCOW2 backing files and VMDK flat descriptors (CVE-2024-40767)
Reported -
Bug #2069063: EC2 credential management API does not respect project restriction in application credential
Reported
More contributors Top contributors
- Jeremy Stanley 192 points
- Brian Rosmaita 48 points
- Jay Faulkner 46 points
- James Page 23 points
- Lucas 14 points