[Openstack-security] [oss-security] CVE-2015-1850: OpenStack Cinder/Nova: Format-guessing and file disclosure in image convert
Jeremy Stanley
jeremy at openstack.org
Sat Jun 13 14:35:29 UTC 2015
[cross-post to oss-security ML dropped to avoid unwarranted
crosstalk noise there]
On 2015-06-13 13:58:42 +0100 (+0100), Dave Walker wrote:
> I see that this is being brought to oss-sec', but seemingly not via the
> OpenStack Security Group or Vulnerability Management Team.
[...]
> You said that this was raised upstream on 2015-01-27, do you have a
> Launchpad bug number or information on this discourse as to what was the
> outcome?
Since this is now public, I'm lifting the current embargo. See bug
report at https://launchpad.net/bugs/1415087 for additional details.
--
Jeremy Stanley
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 949 bytes
Desc: Digital signature
URL: <http://lists.openstack.org/pipermail/openstack-security/attachments/20150613/c0c506b9/attachment.sig>
More information about the Openstack-security
mailing list