{"affected":[{"ecosystem_specific":{"binaries":[{"openstack-glance":"2014.2.4.juno-14.1","openstack-glance-doc":"2014.2.4.juno-14.1","python-glance":"2014.2.4.juno-14.1"}]},"package":{"ecosystem":"SUSE:OpenStack Cloud 5","name":"openstack-glance","purl":"pkg:rpm/suse/openstack-glance&distro=SUSE%20OpenStack%20Cloud%205"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"2014.2.4.juno-14.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"openstack-glance":"2014.2.4.juno-14.1","openstack-glance-doc":"2014.2.4.juno-14.1","python-glance":"2014.2.4.juno-14.1"}]},"package":{"ecosystem":"SUSE:OpenStack Cloud 5","name":"openstack-glance-doc","purl":"pkg:rpm/suse/openstack-glance-doc&distro=SUSE%20OpenStack%20Cloud%205"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"2014.2.4.juno-14.1"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"\nThis update for openstack-glance provides the following fixes:\n\n- Catch NotAuthenticated exception in import task. (bsc#947735, CVE-2015-5286)\n- Cleanup chunks for deleted image if token expired. (bsc#947735, CVE-2015-5286)\n- Prevent image status being directly modified via v1. (bsc#945994, CVE-2015-5251)\n- Fix error when downloading image status is not active. (bsc#945051)\n- Add ability to deactivate an image.\n","id":"SUSE-SU-2016:0101-1","modified":"2016-01-13T12:31:46Z","published":"2016-01-13T12:31:46Z","references":[{"type":"ADVISORY","url":"https://www.suse.com/support/update/announcement/2016/suse-su-20160101-1/"},{"type":"REPORT","url":"https://bugzilla.suse.com/945051"},{"type":"REPORT","url":"https://bugzilla.suse.com/945994"},{"type":"REPORT","url":"https://bugzilla.suse.com/947735"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2015-5251"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2015-5286"}],"related":["CVE-2015-5251","CVE-2015-5286"],"summary":"Security update for openstack-glance","upstream":["CVE-2015-5251","CVE-2015-5286"]}