{"affected":[{"ecosystem_specific":{"binaries":[{"openstack-magnum":"3.1.2~a0~dev20-9.4","openstack-magnum-api":"3.1.2~a0~dev20-9.4","openstack-magnum-conductor":"3.1.2~a0~dev20-9.4","openstack-magnum-doc":"3.1.2~a0~dev20-9.3","python-magnum":"3.1.2~a0~dev20-9.4"}]},"package":{"ecosystem":"SUSE:OpenStack Cloud 7","name":"openstack-magnum","purl":"pkg:rpm/suse/openstack-magnum&distro=SUSE%20OpenStack%20Cloud%207"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"3.1.2~a0~dev20-9.4"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"openstack-magnum":"3.1.2~a0~dev20-9.4","openstack-magnum-api":"3.1.2~a0~dev20-9.4","openstack-magnum-conductor":"3.1.2~a0~dev20-9.4","openstack-magnum-doc":"3.1.2~a0~dev20-9.3","python-magnum":"3.1.2~a0~dev20-9.4"}]},"package":{"ecosystem":"SUSE:OpenStack Cloud 7","name":"openstack-magnum-doc","purl":"pkg:rpm/suse/openstack-magnum-doc&distro=SUSE%20OpenStack%20Cloud%207"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"3.1.2~a0~dev20-9.3"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"\nThis update for openstack-magnum fixes the following issues:\n\nSecurity issues fixed:\n- CVE-2016-7404: Magnum created instances have full API access to creating user's OpenStack account (bsc#998182).\n\nBugfixes:\n- Fixed exception for InvalidParameterValue.\n- Updated patches have been tested against magnum-3.1.2.dev20\n","id":"SUSE-SU-2017:1233-1","modified":"2017-05-10T09:30:24Z","published":"2017-05-10T09:30:24Z","references":[{"type":"ADVISORY","url":"https://www.suse.com/support/update/announcement/2017/suse-su-20171233-1/"},{"type":"REPORT","url":"https://bugzilla.suse.com/998182"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2016-7404"}],"related":["CVE-2016-7404"],"summary":"Security update for openstack-magnum","upstream":["CVE-2016-7404"]}