Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
redhatRedHatRHSA-2014:1939
HistoryDec 02, 2014 - 4:42 p.m.

(RHSA-2014:1939) Low: openstack-trove security update

2014-12-0216:42:21
access.redhat.com
24

EPSS

0

Percentile

5.1%

JSON

OpenStack Database (trove) is Database as a Service for Openstack. It runs
entirely on OpenStack, with the goal of allowing users to quickly and
easily utilize the features of a database without the burden of handling
complex administrative tasks. Cloud users and database administrators can
provision and manage multiple database instances as needed.

It was found that the processutils.execute() and strutils.mask_password()
functions did not correctly sanitize the authentication details from their
output before storing them in log files. This could allow an attacker with
read access to these log files to obtain sensitive information such as
passwords. (CVE-2014-7230, CVE-2014-7231)

The openstack-trove packages have been upgraded to upstream version
2014.1.3, which provides a number of bug fixes and enhancements over the
previous version. (BZ#1149745)

All openstack-trove users are advised to upgrade to these updated packages,
which correct these issues and add these enhancements.

OSVersionArchitecturePackageVersionFilename
RedHat7noarchopenstack-trove-api< 2014.1.3-1.el7ostopenstack-trove-api-2014.1.3-1.el7ost.noarch.rpm
RedHat7noarchopenstack-trove< 2014.1.3-1.el7ostopenstack-trove-2014.1.3-1.el7ost.noarch.rpm
RedHat7noarchopenstack-trove-common< 2014.1.3-1.el7ostopenstack-trove-common-2014.1.3-1.el7ost.noarch.rpm
RedHat7noarchopenstack-trove-conductor< 2014.1.3-1.el7ostopenstack-trove-conductor-2014.1.3-1.el7ost.noarch.rpm
RedHat7noarchopenstack-trove-taskmanager< 2014.1.3-1.el7ostopenstack-trove-taskmanager-2014.1.3-1.el7ost.noarch.rpm
RedHat7srcopenstack-trove< 2014.1.3-1.el7ostopenstack-trove-2014.1.3-1.el7ost.src.rpm
RedHat7noarchpython-trove< 2014.1.3-1.el7ostpython-trove-2014.1.3-1.el7ost.noarch.rpm
RedHat7noarchopenstack-trove-guestagent< 2014.1.3-1.el7ostopenstack-trove-guestagent-2014.1.3-1.el7ost.noarch.rpm

Related

nessus 4
github 1
cvelist 2
nvd 2
ubuntucve 2
prion 2
cve 2
debiancve 2
veracode 2
openvas 2
securityvulns 3
ubuntu 2
nessus
nessus
RHEL 7 : openstack-trove (RHSA-2014:1939)
2024-04-24 00:00:00
RHEL 6 : openstack-cinder (RHSA-2014:1787)
2024-04-24 00:00:00
Ubuntu 14.04 LTS : OpenStack Nova vulnerabilities (USN-2407-1)
2014-11-12 00:00:00
github
github
OpenStack Oslo utility sensitive information exposure via log files
2022-05-14 01:58:44
cvelist
cvelist
CVE-2014-7231
2014-10-08 19:00:00
CVE-2014-7230
2014-10-08 19:00:00
nvd
nvd
CVE-2014-7231
2014-10-08 19:55:04
CVE-2014-7230
2014-10-08 19:55:04
ubuntucve
ubuntucve
CVE-2014-7231
2014-10-08 00:00:00
CVE-2014-7230
2014-10-08 00:00:00
prion
prion
Design/Logic Flaw
2014-10-08 19:55:00
Design/Logic Flaw
2014-10-08 19:55:00
cve
cve
CVE-2014-7230
2014-10-08 19:55:04
CVE-2014-7231
2014-10-08 19:55:04
debiancve
debiancve
CVE-2014-7230
2014-10-08 19:55:04
CVE-2014-7231
2014-10-08 19:55:04
veracode
veracode
Information Disclosure
2019-05-02 05:05:43
Information Disclosure
2019-01-15 09:03:13
openvas
openvas
Ubuntu: Security Advisory (USN-2407-1)
2014-11-12 00:00:00
Ubuntu: Security Advisory (USN-2405-1)
2014-11-12 00:00:00
securityvulns
securityvulns
[USN-2405-1] OpenStack Cinder vulnerabilities
2014-12-01 00:00:00
[USN-2407-1] OpenStack Nova vulnerabilities
2014-12-01 00:00:00
OpenStack multiple security vulnerabilities
2014-12-01 00:00:00
ubuntu
ubuntu
OpenStack Nova vulnerabilities
2014-11-11 00:00:00
OpenStack Cinder vulnerabilities
2014-11-11 00:00:00

EPSS

0

Percentile

5.1%

JSON
Related for RHSA-2014:1939
nessus4github1cvelist2nvd2ubuntucve2prion2cve2debiancve2veracode2openvas2securityvulns3ubuntu2