Fuel for OpenStack

CVEs related to bugs in Fuel for OpenStack

Open bugs

Bug CVE(s)
Bug #1470417: hiera: code execution from the current directory CVE-2014-3248
Fuel for OpenStack Triaged, assigned to Fuel for Openstack
Bug #1528823: ntp server CVE-2013-5211 CVE-2013-5211
Fuel for OpenStack New (unassigned)
Bug #1637755: OpenSSL Vulnerability CVE-2016-6304 CVE-2016-6304
Fuel for OpenStack Confirmed, assigned to MOS Maintenance

Resolved bugs

Bug CVE(s)
Bug #1324927: qemu vulnerabilities (CVE-2014-0150, CVE-2014-2894) CVE-2014-0150
CVE-2014-2894
Fuel for OpenStack Fix released, assigned to MOS Linux
Bug #1389700: rsyslogd restarts every few minutes CVE-2014-3634
CVE-2014-3683
Fuel for OpenStack Fix released, assigned to MOS Linux
Bug #1463003: Update haproxy package CVE-2015-3281
Fuel for OpenStack Invalid by Sergii Golovatiuk
Bug #1505235: [security] CVE-2013-5211 vulnerability on MOS controllers CVE-2013-5211
Fuel for OpenStack Fix released, assigned to Stanislaw Bogatkin
Bug #1678533: TLSv1 related vulnerabilities on MOS Controllers CVE-2016-2107
Fuel for OpenStack Won't fix, assigned to MOS Maintenance