USN-6073-9: os-brick regression

Read Time:28 Second

USN-6073-4 fixed a vulnerability in os-brick. Unfortunately the update
introduced a regression with detaching volumes. The security fix has been
removed pending further investigation.

We apologize for the inconvenience.

Original advisory details:

Jan Wasilewski and Gorka Eguileor discovered that os-brick incorrectly
handled deleted volume attachments. An authenticated user or attacker could
possibly use this issue to gain access to sensitive information.

This update may require configuration changes to be completely effective,
please see the upstream advisory for more information:

https://security.openstack.org/ossa/OSSA-2023-003.html

Friday Squid Blogging: Squid Game Season Two Teaser

Clever Social Engineering Attack Using Captchas

US Cyberspace Solarium Commission Outlines Ten New Cyber Policy Priorities

Cybersecurity Skills Gap Leaves Cloud Environments Vulnerable

Going for Gold: HSBC Approves Quantum-Safe Technology for Tokenized Bullions

This Windows PowerShell Phish Has Scary Potential

Infostealers Cause Surge in Ransomware Attacks, Just One in Three Recover Data

FBI Shuts Down Chinese Botnet

Western Agencies Warn Risk from Chinese-Controlled Botnet

GLSA 202409-07: Rust: Multiple Vulnerabilities

GLSA 202409-06: file: Stack Buffer Overread

GLSA 202409-05: PJSIP: Heap Buffer Overflow

GLSA 202409-04: calibre: Multiple Vulnerabilities

GLSA 202409-03: GPL Ghostscript: Multiple Vulnerabilities

GLSA 202409-02: PostgreSQL: Privilege Escalation