USN-4104-1: Nova vulnerability
19 August 2019
Nova could be made to expose sensitive information.
Releases
Packages
- nova - OpenStack Compute cloud infrastructure
Details
Donny Davis discovered that the Nova Compute service could return
configuration or other information in response to a failed API
request in some situations. A remote attacker could use this to expose
sensitive information.
Update instructions
The problem can be corrected by updating your system to the following package versions:
Ubuntu 19.04
Ubuntu 18.04
Ubuntu 16.04
In general, a standard system update will make all the necessary changes.