David Hill and Eric Harney discovered that Cinder and os-brick incorrectly handled ScaleIO backend credentials. An attacker could possibly use this issue to expose sensitive information.
{ "availability": "No subscription required", "binaries": [ { "cinder-api": "2:12.0.9-0ubuntu1.2", "cinder-scheduler": "2:12.0.9-0ubuntu1.2", "cinder-backup": "2:12.0.9-0ubuntu1.2", "cinder-common": "2:12.0.9-0ubuntu1.2", "cinder-volume": "2:12.0.9-0ubuntu1.2", "python-cinder": "2:12.0.9-0ubuntu1.2" } ] }
{ "availability": "No subscription required", "binaries": [ { "python3-cinder": "2:16.1.0-0ubuntu1", "cinder-scheduler": "2:16.1.0-0ubuntu1", "cinder-api": "2:16.1.0-0ubuntu1", "cinder-backup": "2:16.1.0-0ubuntu1", "cinder-common": "2:16.1.0-0ubuntu1", "cinder-volume": "2:16.1.0-0ubuntu1" } ] }