Headline
Ubuntu Security Notice USN-6989-1
Ubuntu Security Notice 6989-1 - Dan Smith, Julia Kreger and Jay Faulkner discovered that in image processing for Ironic, a specially crafted image could be used by an authenticated user to exploit undesired behaviors in qemu-img, including possible unauthorized access to potentially sensitive data.
==========================================================================Ubuntu Security Notice USN-6989-1September 04, 2024ironic vulnerability==========================================================================A security issue affects these releases of Ubuntu and its derivatives:- Ubuntu 24.04 LTS- Ubuntu 22.04 LTSSummary:OpenStack could be made to expose sensitive information.Software Description:- ironic: Openstack bare metal provisioning service - APIDetails:Dan Smith, Julia Kreger and Jay Faulkner discovered that inimage processing for Ironic, a specially crafted imagecould be used by an authenticated user to exploit undesired behaviorsin qemu-img, including possible unauthorized access to potentiallysensitive data.Update instructions:The problem can be corrected by updating your system to the followingpackage versions:Ubuntu 24.04 LTS python3-ironic 1:24.1.1-0ubuntu1.2Ubuntu 22.04 LTS python3-ironic 1:20.1.0-0ubuntu1.2In general, a standard system update will make all the necessary changes.References: https://ubuntu.com/security/notices/USN-6989-1 CVE-2024-44082Package Information: https://launchpad.net/ubuntu/+source/ironic/1:24.1.1-0ubuntu1.2 https://launchpad.net/ubuntu/+source/ironic/1:20.1.0-0ubuntu1.2