[SECURITY] Fedora 16 Update: openstack-swift-1.4.8-3.fc16
updates at fedoraproject.org
updates at fedoraproject.org
Mon Oct 8 02:23:27 UTC 2012
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2012-15098
2012-09-30 01:50:16
--------------------------------------------------------------------------------
Name : openstack-swift
Product : Fedora 16
Version : 1.4.8
Release : 3.fc16
URL : http://launchpad.net/swift
Summary : OpenStack Object Storage (swift)
Description :
OpenStack Object Storage (swift) aggregates commodity servers to work together
in clusters for reliable, redundant, and large-scale storage of static objects.
Objects are written to multiple hardware devices in the data center, with the
OpenStack software responsible for ensuring data replication and integrity
across the cluster. Storage clusters can scale horizontally by adding new nodes,
which are automatically configured. Should a node fail, OpenStack works to
replicate its content from other active nodes. Because OpenStack uses software
logic to ensure data replication and distribution across different devices,
inexpensive commodity hard drives and servers can be used in lieu of more
expensive equipment.
--------------------------------------------------------------------------------
Update Information:
Do not use pickle for serialization in memcache (CVE-2012-4406)
--------------------------------------------------------------------------------
ChangeLog:
* Thu Sep 27 2012 Derek Higgins <derekh at redhat.com> - 1.4.8-3
- Do not use pickle for serialization in memcache
- Start the services later in the boot sequence
* Sat Jul 28 2012 Alan Pevec <apevec at redhat.com> 1.4.8-1
- Update to 1.4.8
* Fri Feb 24 2012 Alan Pevec <apevec at redhat.com> 1.4.6-2
- typo bz 785106
* Mon Feb 13 2012 Alan Pevec <apevec at redhat.com> 1.4.6-1
- Update to 1.4.6
* Wed Nov 23 2011 David Nalley <david at gnsa.us> -1.4.3-2
* fixed some missing requires
* Sat Nov 5 2011 David Nalley <david at gnsa.us> - 1.4.3-1
- Update to 1.4.3
- fix init script add, registration, deletion BZ 685155
- fixing BR to facilitate epel6 building
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #854761 - CVE-2012-4406 Openstack-Swift: insecure use of python pickle() [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=854761
--------------------------------------------------------------------------------
This update can be installed with the "yum" update program. Use
su -c 'yum update openstack-swift' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
More information about the package-announce
mailing list