CVE-2013-4183

Synopsis Moderate: openstack-cinder security update Type/Severity Security Advisory: Moderate Topic Updated openstack-cinder packages that fix two security issues are nowavailable for Red Hat OpenStack 30The Red Hat Security Response Team has rated this update as having moderatesecurity impact Common Vul ...

Cinder could be made to crash or expose sensitive information ...

Debian Bug report logs - #719010 cinder: CVE-2013-4183: Cinder LVM volume driver does not support secure deletion Package: cinder; Maintainer for cinder is Debian OpenStack <team+openstack@trackerdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Wed, 7 Aug 2013 18:12:02 UTC Severity: importan ...

Debian Bug report logs - #719118 CVE-2013-4202: DoS using XML entities in extensions Package: cinder; Maintainer for cinder is Debian OpenStack <team+openstack@trackerdebianorg>; Reported by: Thomas Goirand <zigo@debianorg> Date: Thu, 8 Aug 2013 14:15:01 UTC Severity: important Tags: patch, security Found in ver ...

The clear_volume function in LVMVolumeDriver driver in OpenStack Cinder 201311 through 201312 does not properly clear data when deleting a snapshot, which allows local users to obtain sensitive information via unspecified vectors ...