Bug 879062 (CVE-2014-3801) - VUL-0: CVE-2014-3801: openstack-heat: authenticated information leak in Heat
Summary: VUL-0: CVE-2014-3801: openstack-heat: authenticated information leak in Heat
Status: RESOLVED FIXED
: 879838 (view as bug list)
Alias: CVE-2014-3801
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents (show other bugs)
Version: unspecified
Hardware: Other Other
: P3 - Medium : Normal
Target Milestone: ---
Deadline: 2014-08-26
Assignee: Security Team bot
QA Contact: Security Team bot
URL: https://smash.suse.de/issue/98956/
Whiteboard: maint:released:sle11-sp3-uptu:58460
Keywords:
Depends on:
Blocks:
 
Reported: 2014-05-21 11:32 UTC by Sebastian Krahmer
Modified: 2014-09-10 08:29 UTC (History)
5 users (show)

See Also:
Found By: Security Response Team
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Sebastian Krahmer 2014-05-21 11:32:22 UTC 
rh#1099748



References:
https://bugzilla.redhat.com/show_bug.cgi?id=1099748
Comment 1 Bernhard Wiedemann 2014-05-21 15:16:26 UTC 
Submitted backport to upstream Icehouse and Havana
https://review.openstack.org/#/q/Ifa18108afacbda390b19b46a8f41bc4f018e95d6,n,z
Comment 2 Swamp Workflow Management 2014-05-21 22:00:13 UTC 
bugbot adjusting priority
Comment 3 Sebastian Krahmer 2014-05-26 08:18:59 UTC 
CVE-2014-3801

OpenStack Orchestration API (Heat) 2013.2 through 2013.2.3 and 2014.1, when
creating the stack for a template using a provider template, allows remote
authenticated users to obtain the provider template URL via the
resource-type-list.

References:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-3801
http://www.openwall.com/lists/oss-security/2014/05/20/6
http://www.openwall.com/lists/oss-security/2014/05/20/1
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3801
http://www.cvedetails.com/cve/CVE-2014-3801/
https://bugs.launchpad.net/heat/+bug/1311223
http://www.securityfocus.com/bid/67505
Comment 4 Sebastian Krahmer 2014-05-26 08:19:36 UTC 
*** Bug 879838 has been marked as a duplicate of this bug. ***
Comment 5 Vincent Untz 2014-06-17 07:11:33 UTC 
Bernhard: interestingly, our package doesn't have the fix that is in git. Not sure if the jenkins job got broken, or if there's another issue :/
Comment 6 Marcus Meissner 2014-07-02 11:16:14 UTC 
ping
Comment 7 Bernhard Wiedemann 2014-07-02 13:00:20 UTC 
I checked that upstream stable tarballs were not updated after the fix was merged and I wanted to avoid going through the extra effort of adding and removing patches manually
Comment 8 Bernhard Wiedemann 2014-07-09 06:15:46 UTC 
submitted it with a manually added patch
https://build.suse.de/request/show/40964 Cloud3 / openstack-heat
Comment 9 SMASH SMASH 2014-07-14 13:50:42 UTC 
Affected packages:

SLE-11-SP3-UPTU: openstack-heat
Comment 10 Swamp Workflow Management 2014-07-29 12:49:41 UTC 
An update workflow for this issue was started.
This issue was rated as low.
Please submit fixed packages until 2014-08-26.
https://swamp.suse.de/webswamp/wf/58456
Comment 11 Marcus Meissner 2014-09-09 15:22:00 UTC 
released
Comment 12 Swamp Workflow Management 2014-09-09 23:05:47 UTC 
SUSE-SU-2014:1103-1: An update that solves one vulnerability and has one errata is now available.

Category: security (low)
Bug References: 871199,879062
CVE References: CVE-2014-3801
Sources used:
SUSE Cloud 3 (src):    openstack-heat-2013.2.4.dev3.g6f91215-0.11.2, openstack-heat-doc-2013.2.4.dev3.g6f91215-0.11.1