[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[SECURITY] [DLA 3872-1] glance security update



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian LTS Advisory DLA-3872-1                debian-lts@lists.debian.org
https://www.debian.org/lts/security/                       Thomas Goirand
September 05, 2024                            https://wiki.debian.org/LTS
- -------------------------------------------------------------------------

Package        : glance
Version        : 2:21.1.0-1+deb11u2
CVE ID         : CVE-2024-32498
Debian Bug     : 1074761

Martin Kaesberger discovered a vulnerability which affects multiple
OpenStack components (Nova, Glance and Cinder): Malformed QCOW2 disk
images may result in the disclosure of arbitrary files.

For Debian 11 bullseye, this problem has been fixed in version
2:21.1.0-1+deb11u2.

We recommend that you upgrade your glance packages.

For the detailed security status of glance please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/glance

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEE1vEOfV7HXWKqBieIDTl9HeUlXjAFAmbY3lgACgkQDTl9HeUl
XjDwahAAlMEncCIdPb2DAXWwu+GnJikF4fZVYy+whCcMGNOXIlb19bfiPsZ/0eyH
CdGqnstnQ7x+CUgH/G1uIgQnLEcWdSYu7EWCLQvGsQERNXMT+Qj0skzZnGxJuMw4
VtBMCDyb1JZHk4Vo69l7nUZaFkwNGdk82QQdZ/ktvIJaaAjIbGbImrvDDMoATtNb
BxrYuKrZBwAhMLou+Qb8axGsoI8hJIA45piFavFduKuwopC2S82jzvCqSIV4bKxc
EUvl+kIZBpjtN9hDw6u3KtUQKTkXRWvzxnY20yTv8CCsheMyW6T/m2GyXTTtJBh3
Px/hljgsVXQST6b+NEUrBxd3FIwc4sj472Uh4ZjMYtzHM458b79ByFEA3FWOH6kp
qDdT17saeS5rcWTsyzQ5CYtvWytGPRw33PSC70L6iHwVuE8jDaaWc9QAe/9bLMi9
A2Hm46nmjS2IBtAzsCYPS7VCodFgjkd9LQ8sJLgKRsS8IdxNWj09cA68dZmnQPeU
UPwjGmsNduaRa9dpAbyE4RYu5lcQ8E98kQYdnkf//MBEEnjJmoIQ+ssaMsQYD7Yv
sQd2A6l52P0fmOASNQzEWoBa//t9wZRo1ynjDw2VC8EjHH8+wWLK2QLQb++PbsHo
XTAN4lAPX624VA6C+nw0U4XbYc4/wmr1tQh3IbQtD9VtGgdKu7Y=
=PJuD
-----END PGP SIGNATURE-----


Reply to: