Ubuntu Security Notice USN-3446-1
11th October, 2017
A security issue affects these releases of Ubuntu and its
- Ubuntu 14.04 LTS
Several security issues were fixed in OpenStack Glance.
– OpenStack Image Registry and Delivery Service
Hemanth Makkapati discovered that OpenStack Glance incorrectly handled
access restrictions. A remote authenticated user could use this issue to
change the status of images, contrary to access restrictions.
Mike Fedosin and Alexei Galkin discovered that OpenStack Glance incorrectly
handled the storage quota. A remote authenticated user could use this issue
to consume disk resources, leading to a denial of service. (CVE-2015-5286)
Erno Kuvaja discovered that OpenStack Glance incorrectly handled the
show_multiple_locations option. When show_multiple_locations is enabled,
a remote authenticated user could change an image status and upload new
image data. (CVE-2016-0757)
The problem can be corrected by updating your system to the following
To update your system, please follow these instructions:
In general, a standard system update will make all the necessary changes.