Hash: SHA512
– ————————————————————————-
Debian Security Advisory DSA-5337-1 security@debian.org
https://www.debian.org/security/ Moritz Muehlenhoff
February 01, 2023 https://www.debian.org/security/faq
– ————————————————————————-
Package : nova
CVE ID : CVE-2022-47951
Debian Bug : 1029561
Guillaume Espanel, Pierre Libeau, Arnaud Morin and Damien Rannou
discovered that missing input sanitising in the handling of VMDK images
in OpenStack Compute (codenamed Nova) may result in information
disclosure.
For the stable distribution (bullseye), this problem has been fixed in
version 2:22.0.1-2+deb11u1.
We recommend that you upgrade your nova packages.
For the detailed security status of nova please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/nova
Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/
Mailing list: debian-security-announce@lists.debian.org
—–BEGIN PGP SIGNATURE—–
iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmParscACgkQEMKTtsN8
Tja1gg/+MkwvOlll4HJexIgD7/wK5QD7R+1gTHJ77ywF5JP8udygdAtC7BxxmxAe
jlnUfDwlN5rwvZI9PR6JjedwLx7r7urckUNNaRHz9ZZdRm7n1S+3YX4Am5d7V3Dw
z54NQ27GvBVoi7TTBoxDHmVZ2kX95EJYMMhGbyc1SiQx3Eg37iZII11f0CQG1Vrh
E6al8u19qMK/dUqmw4mPB0duUjSBK3b8wcXdgNtZP5H/rIJOfMZqaXNZUCs78zAP
jDAm2BcUljOpeW/RbkwjvZMWxIZdWS8XF1iWMqeDAJxBeU39VgOIQ6c0djCK3PZs
cSUbT3NHJZW7okyxqqEXrGbvnJgaO0PZqIcWpatDV6s1mScWbmkT2sAQjKLlo7kD
rPFVP8DzLstE+jqIzmT1dKK8X3hmIW7k6exCQINSoPIZco2tyHFrlyb42hTJIYpQ
LNZoEavRzH6ZYXTytvr89ldJ5w/pdtyf3S2DCkW+H4qXz03q9GyAHZN3eNMkhKmy
S11/JV3GC1nL+9obCIb8PqFF075vYp0EnKsEXmyi6KL9GK6bR82i9ePo6n3eNM8+
FxPRcCv8gzbWLg+pC7hrclS231C6SsDbVlYIbZBc0O4Kc8PkcnBVcjLJ71eXCIkQ
esZqWjnOYEshDfzG3xbWiiVOgGv0ypsB9GhKGcPGHRHEAn1k25k=U5a0
—–END PGP SIGNATURE—–