Ubuntu Security Notice USN-3195-1

Ubuntu Security Notice USN-3195-1: Posted Feb 10, 2017; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 3195-1 - James Page discovered that Nova-LXD incorrectly set up virtual network devices when creating LXD instances. This could result in an unintended firewall configuration.; tags | advisory; systems | linux, ubuntu; advisories | CVE-2017-5936; SHA-256 | b33d1891fb200df1b719816daf78d72d25ceec6b9d4f6c1023bfcc7fc7814fec; Download | Favorite | View

Ubuntu Security Notice USN-3195-1


==========================================================================
Ubuntu Security Notice USN-3195-1
February 10, 2017

nova-lxd vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 16.04 LTS

Summary:

Nova-LXD could allow unintended access to LXD instances over the network.

Software Description:
- nova-lxd: Openstack Compute - LXD container hypervisor support

Details:

James Page discovered that Nova-LXD incorrectly set up virtual network devices
when creating LXD instances. This could result in an unintended firewall
configuration.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 16.04 LTS:
  python-nova-lxd                 13.2.0-0ubuntu1.16.04.1

In general, a standard system update will make all the necessary changes for
new instances. However, existing instances will still be affected and must be
manually updated.

References:
  http://www.ubuntu.com/usn/usn-3195-1
  CVE-2017-5936, https://launchpad.net/bugs/1656847

Package Information:
  https://launchpad.net/ubuntu/+source/nova-lxd/13.2.0-0ubuntu1.16.04.1


--Qxx1br4bt0+wmkIi

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCgAGBQJYnRiQAAoJENaSAD2qAscKe90P+wfmMlMEoPNaL5Bz+e91JU4O
epB/VMQUFN4KJOJvgGtNeUmwAoEDB7x7vZGw4txQqmFaOSKkOH1TECm9/n9nvNRa
qrou4nzXP7/K2Fmg4u51nsr4rAcgt0zsyOnD3V7jq+kXXsXzq/Z+vq5F5DOOp8oj
49odLWgO6q4LAXWWxQ878gow+vfVXAAmgLTG5+QCtpmPx1T/JuVqKP4R1y7waNL1
85/+nBvYNRKYhReQmNz5E21xmdGkeoevdkxk1vKOS1tOBFAjy3MNi2QyTGqX289j
siyHXumGvncVG/mQXJgIGZVpj+ybhujkj+g1ycdyRFsDOe1TGhwYOBYUGjfQkliR
6o1q9psonE/LOcgzHDb+DmrldVI/Q/7Dx20O8xR/S38tD88FipBCj4YDOq4GYYXs
7M8Pqa/l7AQNWsv0GLW9vpY2E2mrFZioJdg1vDQq1AmlVFLO4CXojkBtcaNbpoYt
OIQSBLiaVVxSx/pKZbOQV3nx6i4rJnowQr1nAbbERIFLRZOtUlVYsF1kck3eLjrd
/HRb7EpDAFCwwZKMOaoAiYK/2AJvLL6/IwqrT9H+bKnDN6NhgCZpsSLr6iJoSJME
a5a8htAe3TLL6P1X3p3XYWEBDbm1lqTKSwuIEBtKHImu5FS1n4GU1xpUqB+XGa9h
lysd0SOfDyXzjjIuW2yw
=0/Z7
-----END PGP SIGNATURE-----

--Qxx1br4bt0+wmkIi--

Top Authors In Last 30 Days

Red Hat 210 files
Ubuntu 64 files
Debian 27 files
LiquidWorm 11 files
Valentin Lobstein 11 files
nu11secur1ty 8 files
Apple 6 files
Google Security Research 5 files
Ersin Erenler 4 files
E1.Coders 4 files

File Archives

Systems

AIX (429)
Apple (2,078)
BSD (376)
CentOS (58)
Cisco (1,927)
Debian (7,014)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,467)
HPUX (880)
iOS (373)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (49,227)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (488)
RedHat (15,501)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,439)
UNIX (9,391)
UnixWare (187)
Windows (6,649)
Other

Ubuntu Security Notice USN-3195-1

Ubuntu Security Notice USN-3195-1

File Archive:

April 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems

Ubuntu Security Notice USN-3195-1

Share This

Ubuntu Security Notice USN-3195-1

File Archive:

April 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems