============================================================================== OSSA-2016-013: Network information disclosure through Heat template source URL ============================================================================== :Date: November 18, 2016 :CVE: CVE-2016-9185 Affects ~~~~~~~ - Heat: <=5.0.3, >=6.0.0 <=6.1.0 and ==7.0.0 Description ~~~~~~~~~~~ Tom Patzig from SAP reported a vulnerability in Heat. By launching a new Heat stack with a local URL an authenticated user may conduct network discovery revealing internal network configuration. All Heat setup are affected. Patches ~~~~~~~ - https://review.openstack.org/393149 (Liberty) - https://review.openstack.org/393148 (Mitaka) - https://review.openstack.org/393147 (Newton) - https://review.openstack.org/393146 (Ocata) Credits ~~~~~~~ - Tom Patzig from SAP (CVE-2015-9185) References ~~~~~~~~~~ - https://launchpad.net/bugs/1606500 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9185 -- Tristan Cacqueray OpenStack Vulnerability Management Team -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 473 bytes Desc: OpenPGP digital signature URL: <http://lists.openstack.org/pipermail/openstack-announce/attachments/20161118/7809ea99/attachment.pgp>