SUSE-SU-2014:0453-1: moderate: Security update for openstack-glance

sle-updates at sle-updates at
Wed Mar 26 17:04:24 MDT 2014

   SUSE Security Update: Security update for openstack-glance

Announcement ID:    SUSE-SU-2014:0453-1
Rating:             moderate
References:         #863484 
Cross-References:   CVE-2014-1948
Affected Products:
                    SUSE Cloud 3

   An update that fixes one vulnerability is now available. It
   includes one version update.


   OpenStack Image Registry and Delivery Service (Glance) in
   SUSE Cloud 3  logged a URL containing the Swift store
   backend password when  authentication fails and WARNING
   level logging is enabled, which allowed  local users to
   obtain sensitive information by reading the log.

   Security Issue references:

   * CVE-2014-1948

Patch Instructions:

   To install this SUSE Security Update use YaST online_update.
   Alternatively you can run the command listed for your product:

   - SUSE Cloud 3:

      zypper in -t patch sleclo30sp3-openstack-glance-8955

   To bring your system up-to-date, use "zypper patch".

Package List:

   - SUSE Cloud 3 (x86_64) [New Version: 2013.2.3.dev1.g9d89b8e]:


   - SUSE Cloud 3 (noarch) [New Version: 2013.2.3.dev1.g9d89b8e]:



More information about the sle-updates mailing list