[Secure-testing-team] Bug#718905: nova: CVE-2013-2256: Resource limit circumvention in Nova private flavors
Salvatore Bonaccorso
carnil at debian.org
Tue Aug 6 19:51:00 UTC 2013
Package: nova
Severity: grave
Tags: security upstream patch
Hi,
the following vulnerability was published for nova.
CVE-2013-2256[0]:
Resource limit circumvention in Nova private flavors
More details are given in [1] and [2] which also have patches/commits
for various releases.
If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
For further information see:
[0] http://security-tracker.debian.org/tracker/CVE-2013-2256
[1] https://bugs.launchpad.net/nova/+bug/1194093
[2] http://marc.info/?l=oss-security&m=137580148109212&w=2
Please adjust the affected versions in the BTS as needed.
Regards,
Salvatore
More information about the Secure-testing-team
mailing list