Packages
- nova - OpenStack Compute cloud infrastructure
Details
Phil Day discovered that nova-volume did not validate access to volumes. An
authenticated attacker could exploit this to bypass intended access
controls and boot from arbitrary volumes.
Phil Day discovered that nova-volume did not validate access to volumes. An
authenticated attacker could exploit this to bypass intended access
controls and boot from arbitrary volumes.
Update instructions
In general, a standard system update will make all the necessary changes.
Learn more about how to get the fixes.The problem can be corrected by updating your system to the following package versions:
Ubuntu Release | Package Version | ||
---|---|---|---|
12.10 quantal | nova-volume – 2012.2.1+stable-20121212-a99a802e-0ubuntu1.1 | ||
python-nova – 2012.2.1+stable-20121212-a99a802e-0ubuntu1.1 | |||
12.04 precise | nova-volume – 2012.1.3+stable-20120827-4d2a4afe-0ubuntu1.1 | ||
python-nova – 2012.1.3+stable-20120827-4d2a4afe-0ubuntu1.1 | |||
11.10 oneiric | nova-volume – 2011.3-0ubuntu6.11 | ||
python-nova – 2011.3-0ubuntu6.11 |
Reduce your security exposure
Ubuntu Pro provides ten-year security coverage to 25,000+ packages in Main and Universe repositories, and it is free for up to five machines.