CVE-2018-14574

Upstream information

CVE-2018-14574 at MITRE

Description

django.middleware.common.CommonMiddleware in Django 1.11.x before 1.11.15 and 2.0.x before 2.0.8 has an Open Redirect.

SUSE information

Overall state of this security issue: Running

This issue is currently rated as having moderate severity.

CVSS v2 Scores
	National Vulnerability Database
Base Score	5.8
Vector	AV:N/AC:M/Au:N/C:P/I:P/A:N
Access Vector	Network
Access Complexity	Medium
Authentication	None
Confidentiality Impact	Partial
Integrity Impact	Partial
Availability Impact	None

CVSS v3 Scores
	National Vulnerability Database	SUSE
Base Score	6.1	4.2
Vector	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N	CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:L
Access Vector	Network	Network
Access Complexity	Low	High
Privileges Required	None	None
User Interaction	Required	Required
Scope	Changed	Unchanged
Confidentiality Impact	Low	None
Integrity Impact	Low	Low
Availability Impact	None	Low
CVSSv3 Version	3	3

SUSE Bugzilla entry: 1102680 [RESOLVED / FIXED]

SUSE Security Advisories:

SUSE-SU-2018:3549-1, published Mon Oct 29 14:08:13 MDT 2018
SUSE-SU-2019:1862-1, published Wed Jul 17 07:11:12 MDT 2019
openSUSE-SU-2018:2327-1, published Tue, 14 Aug 2018 21:08:37 +0200 (CEST)
openSUSE-SU-2018:2375-1, published Thu, 16 Aug 2018 15:21:51 +0200 (CEST)
openSUSE-SU-2018:2488-1, published Fri, 24 Aug 2018 12:08:21 +0200 (CEST)
openSUSE-SU-2018:2488-2, published Sat, 22 Sep 2018 09:15:44 +0200 (CEST)
openSUSE-SU-2018:2809-1, published Sat, 22 Sep 2018 09:30:22 +0200 (CEST)

List of released packages

Product(s)	Fixed package version(s)	References
HPE Helion Openstack 8	`ardana-ansible >= 8.0+git.1553878455.7439e04-3.61.1` `ardana-barbican >= 8.0+git.1534266594.8136db7-4.30.1` `ardana-cassandra >= 8.0+git.1534266612.44dcb20-3.12.1` `ardana-ceilometer >= 8.0+git.1534266629.0bb5d54-3.9.1` `ardana-cinder >= 8.0+git.1558619942.6bd075c-3.36.1` `ardana-cluster >= 8.0+git.1534266734.ec4822f-3.33.1` `ardana-cobbler >= 8.0+git.1550694449.df88054-3.38.1` `ardana-db >= 8.0+git.1555341117.d812d88-3.25.1` `ardana-designate >= 8.0+git.1558636763.f7f09ca-3.14.1` `ardana-freezer >= 8.0+git.1534266805.c9ea29b-3.15.1` `ardana-glance >= 8.0+git.1555450219.97789ac-3.11.1` `ardana-heat >= 8.0+git.1555450207.a7d3bfe-3.12.1` `ardana-horizon >= 8.0+git.1554732431.8f9dd50-3.15.1` `ardana-input-model >= 8.0+git.1557418274.fb273dd-3.27.1` `ardana-ironic >= 8.0+git.1534266893.1d69df7-3.6.1` `ardana-keystone >= 8.0+git.1554915846.db23473-3.24.1` `ardana-logging >= 8.0+git.1544117621.1c9a954-3.18.1` `ardana-magnum >= 8.0+git.1555450198.c42dc52-3.6.1` `ardana-manila >= 8.0+git.1551748668.7427826-1.18.1` `ardana-memcached >= 8.0+git.1534266982.498c352-3.6.1` `ardana-monasca >= 8.0+git.1557856965.bde9eb2-3.18.1` `ardana-monasca-transform >= 8.0+git.1534267017.4bbecd9-3.9.1` `ardana-mq >= 8.0+git.1549882721.b2e8873-3.13.1` `ardana-neutron >= 8.0+git.1557523208.81aa1da-3.30.1` `ardana-nova >= 8.0+git.1559253853.bb932ea-3.29.1` `ardana-octavia >= 8.0+git.1557523035.ab44613-3.17.1` `ardana-opsconsole >= 8.0+git.1534267103.829be13-3.10.1` `ardana-opsconsole-ui-hpe >= 8.0+git.1537201508.68c32e6-3.16.1` `ardana-osconfig >= 8.0+git.1557503482.852ec24-3.36.1` `ardana-service >= 8.0+git.1551382173.a81d5e1-3.26.1` `ardana-service-ansible >= 8.0+git.1544119019.e68516a-3.17.1` `ardana-ses >= 8.0+git.1554912320.73ad306-1.20.1` `ardana-spark >= 8.0+git.1539709555.5b31c25-3.12.1` `ardana-swift >= 8.0+git.1551502730.f4d219d-3.27.1` `ardana-tempest >= 8.0+git.1557761054.b971c8f-3.21.1` `ardana-tls >= 8.0+git.1534267264.6b1e899-3.6.1` `documentation-hpe-helion-openstack-installation >= 8.20190521-1.17.1` `documentation-hpe-helion-openstack-operations >= 8.20190521-1.17.1` `documentation-hpe-helion-openstack-opsconsole >= 8.20190521-1.17.1` `documentation-hpe-helion-openstack-planning >= 8.20190521-1.17.1` `documentation-hpe-helion-openstack-security >= 8.20190521-1.17.1` `documentation-hpe-helion-openstack-user >= 8.20190521-1.17.1` `openstack-aodh >= 5.1.1~dev7-3.11.2` `openstack-aodh-api >= 5.1.1~dev7-3.11.2` `openstack-aodh-doc >= 5.1.1~dev7-3.11.1` `openstack-aodh-evaluator >= 5.1.1~dev7-3.11.2` `openstack-aodh-expirer >= 5.1.1~dev7-3.11.2` `openstack-aodh-listener >= 5.1.1~dev7-3.11.2` `openstack-aodh-notifier >= 5.1.1~dev7-3.11.2` `openstack-barbican >= 5.0.2~dev3-3.14.2` `openstack-barbican-api >= 5.0.2~dev3-3.14.2` `openstack-barbican-doc >= 5.0.2~dev3-3.14.1` `openstack-barbican-keystone-listener >= 5.0.2~dev3-3.14.2` `openstack-barbican-retry >= 5.0.2~dev3-3.14.2` `openstack-barbican-worker >= 5.0.2~dev3-3.14.2` `openstack-ceilometer >= 9.0.8~dev7-3.12.2` `openstack-ceilometer-agent-central >= 9.0.8~dev7-3.12.2` `openstack-ceilometer-agent-compute >= 9.0.8~dev7-3.12.2` `openstack-ceilometer-agent-ipmi >= 9.0.8~dev7-3.12.2` `openstack-ceilometer-agent-notification >= 9.0.8~dev7-3.12.2` `openstack-ceilometer-api >= 9.0.8~dev7-3.12.2` `openstack-ceilometer-collector >= 9.0.8~dev7-3.12.2` `openstack-ceilometer-doc >= 9.0.8~dev7-3.12.1` `openstack-ceilometer-polling >= 9.0.8~dev7-3.12.2` `openstack-cinder >= 11.2.3~dev5-3.15.2` `openstack-cinder-api >= 11.2.3~dev5-3.15.2` `openstack-cinder-backup >= 11.2.3~dev5-3.15.2` `openstack-cinder-doc >= 11.2.3~dev5-3.15.1` `openstack-cinder-scheduler >= 11.2.3~dev5-3.15.2` `openstack-cinder-volume >= 11.2.3~dev5-3.15.2` `openstack-dashboard >= 12.0.4~dev6-3.20.2` `openstack-designate >= 5.0.3~dev7-3.11.1` `openstack-designate-agent >= 5.0.3~dev7-3.11.1` `openstack-designate-api >= 5.0.3~dev7-3.11.1` `openstack-designate-central >= 5.0.3~dev7-3.11.1` `openstack-designate-doc >= 5.0.3~dev7-3.11.1` `openstack-designate-producer >= 5.0.3~dev7-3.11.1` `openstack-designate-sink >= 5.0.3~dev7-3.11.1` `openstack-designate-worker >= 5.0.3~dev7-3.11.1` `openstack-heat >= 9.0.8~dev3-3.18.2` `openstack-heat-api >= 9.0.8~dev3-3.18.2` `openstack-heat-api-cfn >= 9.0.8~dev3-3.18.2` `openstack-heat-api-cloudwatch >= 9.0.8~dev3-3.18.2` `openstack-heat-doc >= 9.0.8~dev3-3.18.2` `openstack-heat-engine >= 9.0.8~dev3-3.18.2` `openstack-heat-gbp >= 7.0.1~dev1-3.3.1` `openstack-heat-plugin-heat_docker >= 9.0.8~dev3-3.18.2` `openstack-heat-test >= 9.0.8~dev3-3.18.2` `openstack-horizon-plugin-trove-ui >= 9.0.1~dev10-3.9.1` `openstack-ironic >= 9.1.8~dev5-3.18.2` `openstack-ironic-api >= 9.1.8~dev5-3.18.2` `openstack-ironic-conductor >= 9.1.8~dev5-3.18.2` `openstack-ironic-doc >= 9.1.8~dev5-3.18.1` `openstack-keystone >= 12.0.4~dev2-5.19.2` `openstack-keystone-doc >= 12.0.4~dev2-5.19.1` `openstack-monasca-agent >= 2.2.5~dev2-3.9.2` `openstack-monasca-api >= 2.2.1~dev26-3.12.2` `openstack-monasca-log-api >= 2.3.1~dev12-3.6.2` `openstack-neutron >= 11.0.9~dev28-3.18.2` `openstack-neutron-dhcp-agent >= 11.0.9~dev28-3.18.2` `openstack-neutron-doc >= 11.0.9~dev28-3.18.1` `openstack-neutron-fwaas >= 11.0.3~dev1-3.14.1` `openstack-neutron-fwaas-doc >= 11.0.3~dev1-3.14.1` `openstack-neutron-gbp >= 7.3.1~dev28-3.3.1` `openstack-neutron-ha-tool >= 11.0.9~dev28-3.18.2` `openstack-neutron-l3-agent >= 11.0.9~dev28-3.18.2` `openstack-neutron-lbaas >= 11.0.4~dev6-3.9.1` `openstack-neutron-lbaas-agent >= 11.0.4~dev6-3.9.1` `openstack-neutron-lbaas-doc >= 11.0.4~dev6-3.9.1` `openstack-neutron-linuxbridge-agent >= 11.0.9~dev28-3.18.2` `openstack-neutron-macvtap-agent >= 11.0.9~dev28-3.18.2` `openstack-neutron-metadata-agent >= 11.0.9~dev28-3.18.2` `openstack-neutron-metering-agent >= 11.0.9~dev28-3.18.2` `openstack-neutron-openvswitch-agent >= 11.0.9~dev28-3.18.2` `openstack-neutron-server >= 11.0.9~dev28-3.18.2` `openstack-neutron-vpn-agent >= 11.0.1~dev5-3.12.1` `openstack-neutron-vpnaas >= 11.0.1~dev5-3.12.1` `openstack-neutron-vpnaas-doc >= 11.0.1~dev5-3.12.1` `openstack-neutron-vyatta-agent >= 11.0.1~dev5-3.12.1` `openstack-nova >= 16.1.9~dev3-3.23.2` `openstack-nova-api >= 16.1.9~dev3-3.23.2` `openstack-nova-cells >= 16.1.9~dev3-3.23.2` `openstack-nova-compute >= 16.1.9~dev3-3.23.2` `openstack-nova-conductor >= 16.1.9~dev3-3.23.2` `openstack-nova-console >= 16.1.9~dev3-3.23.2` `openstack-nova-consoleauth >= 16.1.9~dev3-3.23.2` `openstack-nova-doc >= 16.1.9~dev3-3.23.1` `openstack-nova-novncproxy >= 16.1.9~dev3-3.23.2` `openstack-nova-placement-api >= 16.1.9~dev3-3.23.2` `openstack-nova-scheduler >= 16.1.9~dev3-3.23.2` `openstack-nova-serialproxy >= 16.1.9~dev3-3.23.2` `openstack-nova-vncproxy >= 16.1.9~dev3-3.23.2` `openstack-trove >= 8.0.1~dev13-3.9.1` `openstack-trove-api >= 8.0.1~dev13-3.9.1` `openstack-trove-conductor >= 8.0.1~dev13-3.9.1` `openstack-trove-doc >= 8.0.1~dev13-3.9.1` `openstack-trove-guestagent >= 8.0.1~dev13-3.9.1` `openstack-trove-taskmanager >= 8.0.1~dev13-3.9.1` `python-Django >= 1.11.20-3.7.1` `python-aodh >= 5.1.1~dev7-3.11.2` `python-ardana-configurationprocessor >= 8.0+git.1534266236.fb1623c-6.9.1` `python-barbican >= 5.0.2~dev3-3.14.2` `python-ceilometer >= 9.0.8~dev7-3.12.2` `python-cinder >= 11.2.3~dev5-3.15.2` `python-cinderlm >= 0.0.2+git.1541444073.4d3347c-3.6.1` `python-cliff >= 2.8.3-3.6.2` `python-designate >= 5.0.3~dev7-3.11.1` `python-freezerclient >= 1.5.1-3.3.2` `python-freezerclient-doc >= 1.5.1-3.3.2` `python-heat >= 9.0.8~dev3-3.18.2` `python-heat-gbp >= 7.0.1~dev1-3.3.1` `python-horizon >= 12.0.4~dev6-3.20.2` `python-horizon-plugin-trove-ui >= 9.0.1~dev10-3.9.1` `python-ironic >= 9.1.8~dev5-3.18.2` `python-ironicclient >= 1.17.2-3.3.1` `python-ironicclient-doc >= 1.17.2-3.3.1` `python-keystone >= 12.0.4~dev2-5.19.2` `python-magnumclient >= 2.7.1-3.3.1` `python-magnumclient-doc >= 2.7.1-3.3.1` `python-manilaclient >= 1.17.4-3.6.1` `python-manilaclient-doc >= 1.17.4-3.6.1` `python-monasca-agent >= 2.2.5~dev2-3.9.2` `python-monasca-api >= 2.2.1~dev26-3.12.2` `python-monasca-log-api >= 2.3.1~dev12-3.6.2` `python-muranoclient >= 0.14.1-3.3.1` `python-muranoclient-doc >= 0.14.1-3.3.1` `python-neutron >= 11.0.9~dev28-3.18.2` `python-neutron-fwaas >= 11.0.3~dev1-3.14.1` `python-neutron-gbp >= 7.3.1~dev28-3.3.1` `python-neutron-lbaas >= 11.0.4~dev6-3.9.1` `python-neutron-vpnaas >= 11.0.1~dev5-3.12.1` `python-nova >= 16.1.9~dev3-3.23.2` `python-novaclient >= 9.1.3-3.6.2` `python-novaclient-doc >= 9.1.3-3.6.2` `python-openstackclient >= 3.12.2-3.3.1` `python-os-brick >= 1.15.9-3.6.2` `python-os-client-config >= 1.28.1-3.3.1` `python-os-vif >= 1.7.2-3.3.2` `python-os-win >= 2.2.1-3.3.1` `python-oslo.cache >= 1.25.2-3.3.1` `python-oslo.concurrency >= 3.21.2-3.3.1` `python-oslo.config >= 4.11.2-3.3.1` `python-oslo.config-doc >= 4.11.2-3.3.1` `python-oslo.i18n >= 3.17.2-3.3.2` `python-oslo.log >= 3.30.3-3.3.1` `python-oslo.messaging >= 5.30.8-3.8.1` `python-oslo.middleware >= 3.30.2-3.3.1` `python-oslo.policy >= 1.25.4-3.6.1` `python-oslo.privsep >= 1.22.2-3.3.1` `python-oslo.reports >= 1.22.2-3.3.1` `python-oslo.utils >= 3.28.4-3.6.1` `python-oslo.versionedobjects >= 1.26.3-3.6.1` `python-oslo.vmware >= 2.23.2-3.3.1` `python-oslotest >= 2.17.2-3.3.1` `python-python-subunit >= 1.2.0-4.3.1` `python-saharaclient >= 1.3.1-3.3.1` `python-saharaclient-doc >= 1.3.1-3.3.1` `python-swiftclient >= 3.4.1-3.3.1` `python-swiftclient-doc >= 3.4.1-3.3.1` `python-trove >= 8.0.1~dev13-3.9.1` `python-zaqarclient >= 1.7.1-3.3.1` `supportutils-plugin-suse-openstack-cloud >= 8.0.1551262227.7a7deb6-3.3.1` `venv-openstack-aodh-x86_64 >= 5.1.1~dev7-12.16.1` `venv-openstack-barbican-x86_64 >= 5.0.2~dev3-12.17.1` `venv-openstack-ceilometer-x86_64 >= 9.0.8~dev7-12.14.1` `venv-openstack-cinder-x86_64 >= 11.2.3~dev5-14.17.1` `venv-openstack-designate-x86_64 >= 5.0.3~dev7-12.15.1` `venv-openstack-freezer-x86_64 >= 5.0.0.0~xrc2~dev2-10.12.1` `venv-openstack-glance-x86_64 >= 15.0.2~dev9-12.15.1` `venv-openstack-heat-x86_64 >= 9.0.8~dev3-12.17.1` `venv-openstack-horizon-hpe-x86_64 >= 12.0.4~dev6-14.22.1` `venv-openstack-ironic-x86_64 >= 9.1.8~dev5-12.17.1` `venv-openstack-keystone-x86_64 >= 12.0.4~dev2-11.17.1` `venv-openstack-magnum-x86_64 >= 5.0.2-11.15.1` `venv-openstack-manila-x86_64 >= 5.0.4~dev17-12.19.1` `venv-openstack-monasca-ceilometer-x86_64 >= 1.5.1-8.11.1` `venv-openstack-monasca-x86_64 >= 2.2.1-11.13.1` `venv-openstack-murano-x86_64 >= 4.0.1-12.11.1` `venv-openstack-neutron-x86_64 >= 11.0.2-13.19.1` `venv-openstack-nova-x86_64 >= 16.1.9~dev3-11.18.1` `venv-openstack-octavia-x86_64 >= 1.0.5~dev1-12.17.1` `venv-openstack-sahara-x86_64 >= 7.0.4~dev1-11.16.1` `venv-openstack-swift-x86_64 >= 2.15.2-11.11.1` `venv-openstack-trove-x86_64 >= 8.0.1~dev13-11.16.1`	Patchnames: HPE-Helion-OpenStack-8-2018-2518 HPE-Helion-OpenStack-8-2019-1862
SUSE OpenStack Cloud 8	`ardana-ansible >= 8.0+git.1553878455.7439e04-3.61.1` `ardana-barbican >= 8.0+git.1534266594.8136db7-4.30.1` `ardana-cassandra >= 8.0+git.1534266612.44dcb20-3.12.1` `ardana-ceilometer >= 8.0+git.1534266629.0bb5d54-3.9.1` `ardana-cinder >= 8.0+git.1558619942.6bd075c-3.36.1` `ardana-cluster >= 8.0+git.1534266734.ec4822f-3.33.1` `ardana-cobbler >= 8.0+git.1550694449.df88054-3.38.1` `ardana-db >= 8.0+git.1555341117.d812d88-3.25.1` `ardana-designate >= 8.0+git.1558636763.f7f09ca-3.14.1` `ardana-freezer >= 8.0+git.1534266805.c9ea29b-3.15.1` `ardana-glance >= 8.0+git.1555450219.97789ac-3.11.1` `ardana-heat >= 8.0+git.1555450207.a7d3bfe-3.12.1` `ardana-horizon >= 8.0+git.1554732431.8f9dd50-3.15.1` `ardana-input-model >= 8.0+git.1557418274.fb273dd-3.27.1` `ardana-ironic >= 8.0+git.1534266893.1d69df7-3.6.1` `ardana-keystone >= 8.0+git.1554915846.db23473-3.24.1` `ardana-logging >= 8.0+git.1544117621.1c9a954-3.18.1` `ardana-magnum >= 8.0+git.1555450198.c42dc52-3.6.1` `ardana-manila >= 8.0+git.1551748668.7427826-1.18.1` `ardana-memcached >= 8.0+git.1534266982.498c352-3.6.1` `ardana-monasca >= 8.0+git.1557856965.bde9eb2-3.18.1` `ardana-monasca-transform >= 8.0+git.1534267017.4bbecd9-3.9.1` `ardana-mq >= 8.0+git.1549882721.b2e8873-3.13.1` `ardana-neutron >= 8.0+git.1557523208.81aa1da-3.30.1` `ardana-nova >= 8.0+git.1559253853.bb932ea-3.29.1` `ardana-octavia >= 8.0+git.1557523035.ab44613-3.17.1` `ardana-opsconsole >= 8.0+git.1534267103.829be13-3.10.1` `ardana-opsconsole-ui >= 8.0+git.1537201508.68c32e6-3.16.1` `ardana-osconfig >= 8.0+git.1557503482.852ec24-3.36.1` `ardana-service >= 8.0+git.1551382173.a81d5e1-3.26.1` `ardana-service-ansible >= 8.0+git.1544119019.e68516a-3.17.1` `ardana-ses >= 8.0+git.1554912320.73ad306-1.20.1` `ardana-spark >= 8.0+git.1539709555.5b31c25-3.12.1` `ardana-swift >= 8.0+git.1551502730.f4d219d-3.27.1` `ardana-tempest >= 8.0+git.1557761054.b971c8f-3.21.1` `ardana-tls >= 8.0+git.1534267264.6b1e899-3.6.1` `documentation-suse-openstack-cloud-installation >= 8.20190521-1.17.1` `documentation-suse-openstack-cloud-operations >= 8.20190521-1.17.1` `documentation-suse-openstack-cloud-opsconsole >= 8.20190521-1.17.1` `documentation-suse-openstack-cloud-planning >= 8.20190521-1.17.1` `documentation-suse-openstack-cloud-security >= 8.20190521-1.17.1` `documentation-suse-openstack-cloud-supplement >= 8.20190521-1.17.1` `documentation-suse-openstack-cloud-upstream-admin >= 8.20190521-1.17.1` `documentation-suse-openstack-cloud-upstream-user >= 8.20190521-1.17.1` `documentation-suse-openstack-cloud-user >= 8.20190521-1.17.1` `openstack-aodh >= 5.1.1~dev7-3.11.2` `openstack-aodh-api >= 5.1.1~dev7-3.11.2` `openstack-aodh-doc >= 5.1.1~dev7-3.11.1` `openstack-aodh-evaluator >= 5.1.1~dev7-3.11.2` `openstack-aodh-expirer >= 5.1.1~dev7-3.11.2` `openstack-aodh-listener >= 5.1.1~dev7-3.11.2` `openstack-aodh-notifier >= 5.1.1~dev7-3.11.2` `openstack-barbican >= 5.0.2~dev3-3.14.2` `openstack-barbican-api >= 5.0.2~dev3-3.14.2` `openstack-barbican-doc >= 5.0.2~dev3-3.14.1` `openstack-barbican-keystone-listener >= 5.0.2~dev3-3.14.2` `openstack-barbican-retry >= 5.0.2~dev3-3.14.2` `openstack-barbican-worker >= 5.0.2~dev3-3.14.2` `openstack-ceilometer >= 9.0.8~dev7-3.12.2` `openstack-ceilometer-agent-central >= 9.0.8~dev7-3.12.2` `openstack-ceilometer-agent-compute >= 9.0.8~dev7-3.12.2` `openstack-ceilometer-agent-ipmi >= 9.0.8~dev7-3.12.2` `openstack-ceilometer-agent-notification >= 9.0.8~dev7-3.12.2` `openstack-ceilometer-api >= 9.0.8~dev7-3.12.2` `openstack-ceilometer-collector >= 9.0.8~dev7-3.12.2` `openstack-ceilometer-doc >= 9.0.8~dev7-3.12.1` `openstack-ceilometer-polling >= 9.0.8~dev7-3.12.2` `openstack-cinder >= 11.2.3~dev5-3.15.2` `openstack-cinder-api >= 11.2.3~dev5-3.15.2` `openstack-cinder-backup >= 11.2.3~dev5-3.15.2` `openstack-cinder-doc >= 11.2.3~dev5-3.15.1` `openstack-cinder-scheduler >= 11.2.3~dev5-3.15.2` `openstack-cinder-volume >= 11.2.3~dev5-3.15.2` `openstack-dashboard >= 12.0.4~dev6-3.20.2` `openstack-dashboard-theme-SUSE >= 2017.2+git.1554906711.9dbe79b-7.11.1` `openstack-designate >= 5.0.3~dev7-3.11.1` `openstack-designate-agent >= 5.0.3~dev7-3.11.1` `openstack-designate-api >= 5.0.3~dev7-3.11.1` `openstack-designate-central >= 5.0.3~dev7-3.11.1` `openstack-designate-doc >= 5.0.3~dev7-3.11.1` `openstack-designate-producer >= 5.0.3~dev7-3.11.1` `openstack-designate-sink >= 5.0.3~dev7-3.11.1` `openstack-designate-worker >= 5.0.3~dev7-3.11.1` `openstack-heat >= 9.0.8~dev3-3.18.2` `openstack-heat-api >= 9.0.8~dev3-3.18.2` `openstack-heat-api-cfn >= 9.0.8~dev3-3.18.2` `openstack-heat-api-cloudwatch >= 9.0.8~dev3-3.18.2` `openstack-heat-doc >= 9.0.8~dev3-3.18.2` `openstack-heat-engine >= 9.0.8~dev3-3.18.2` `openstack-heat-gbp >= 7.0.1~dev1-3.3.1` `openstack-heat-plugin-heat_docker >= 9.0.8~dev3-3.18.2` `openstack-heat-test >= 9.0.8~dev3-3.18.2` `openstack-horizon-plugin-trove-ui >= 9.0.1~dev10-3.9.1` `openstack-ironic >= 9.1.8~dev5-3.18.2` `openstack-ironic-api >= 9.1.8~dev5-3.18.2` `openstack-ironic-conductor >= 9.1.8~dev5-3.18.2` `openstack-ironic-doc >= 9.1.8~dev5-3.18.1` `openstack-keystone >= 12.0.4~dev2-5.19.2` `openstack-keystone-doc >= 12.0.4~dev2-5.19.1` `openstack-monasca-agent >= 2.2.5~dev2-3.9.2` `openstack-monasca-api >= 2.2.1~dev26-3.12.2` `openstack-monasca-log-api >= 2.3.1~dev12-3.6.2` `openstack-neutron >= 11.0.9~dev28-3.18.2` `openstack-neutron-dhcp-agent >= 11.0.9~dev28-3.18.2` `openstack-neutron-doc >= 11.0.9~dev28-3.18.1` `openstack-neutron-fwaas >= 11.0.3~dev1-3.14.1` `openstack-neutron-fwaas-doc >= 11.0.3~dev1-3.14.1` `openstack-neutron-gbp >= 7.3.1~dev28-3.3.1` `openstack-neutron-ha-tool >= 11.0.9~dev28-3.18.2` `openstack-neutron-l3-agent >= 11.0.9~dev28-3.18.2` `openstack-neutron-lbaas >= 11.0.4~dev6-3.9.1` `openstack-neutron-lbaas-agent >= 11.0.4~dev6-3.9.1` `openstack-neutron-lbaas-doc >= 11.0.4~dev6-3.9.1` `openstack-neutron-linuxbridge-agent >= 11.0.9~dev28-3.18.2` `openstack-neutron-macvtap-agent >= 11.0.9~dev28-3.18.2` `openstack-neutron-metadata-agent >= 11.0.9~dev28-3.18.2` `openstack-neutron-metering-agent >= 11.0.9~dev28-3.18.2` `openstack-neutron-openvswitch-agent >= 11.0.9~dev28-3.18.2` `openstack-neutron-server >= 11.0.9~dev28-3.18.2` `openstack-neutron-vpn-agent >= 11.0.1~dev5-3.12.1` `openstack-neutron-vpnaas >= 11.0.1~dev5-3.12.1` `openstack-neutron-vpnaas-doc >= 11.0.1~dev5-3.12.1` `openstack-neutron-vyatta-agent >= 11.0.1~dev5-3.12.1` `openstack-nova >= 16.1.9~dev3-3.23.2` `openstack-nova-api >= 16.1.9~dev3-3.23.2` `openstack-nova-cells >= 16.1.9~dev3-3.23.2` `openstack-nova-compute >= 16.1.9~dev3-3.23.2` `openstack-nova-conductor >= 16.1.9~dev3-3.23.2` `openstack-nova-console >= 16.1.9~dev3-3.23.2` `openstack-nova-consoleauth >= 16.1.9~dev3-3.23.2` `openstack-nova-doc >= 16.1.9~dev3-3.23.1` `openstack-nova-novncproxy >= 16.1.9~dev3-3.23.2` `openstack-nova-placement-api >= 16.1.9~dev3-3.23.2` `openstack-nova-scheduler >= 16.1.9~dev3-3.23.2` `openstack-nova-serialproxy >= 16.1.9~dev3-3.23.2` `openstack-nova-vncproxy >= 16.1.9~dev3-3.23.2` `openstack-trove >= 8.0.1~dev13-3.9.1` `openstack-trove-api >= 8.0.1~dev13-3.9.1` `openstack-trove-conductor >= 8.0.1~dev13-3.9.1` `openstack-trove-doc >= 8.0.1~dev13-3.9.1` `openstack-trove-guestagent >= 8.0.1~dev13-3.9.1` `openstack-trove-taskmanager >= 8.0.1~dev13-3.9.1` `python-Django >= 1.11.20-3.7.1` `python-aodh >= 5.1.1~dev7-3.11.2` `python-ardana-configurationprocessor >= 8.0+git.1534266236.fb1623c-6.9.1` `python-barbican >= 5.0.2~dev3-3.14.2` `python-ceilometer >= 9.0.8~dev7-3.12.2` `python-cinder >= 11.2.3~dev5-3.15.2` `python-cinderlm >= 0.0.2+git.1541444073.4d3347c-3.6.1` `python-cliff >= 2.8.3-3.6.2` `python-designate >= 5.0.3~dev7-3.11.1` `python-freezerclient >= 1.5.1-3.3.2` `python-freezerclient-doc >= 1.5.1-3.3.2` `python-heat >= 9.0.8~dev3-3.18.2` `python-heat-gbp >= 7.0.1~dev1-3.3.1` `python-horizon >= 12.0.4~dev6-3.20.2` `python-horizon-plugin-trove-ui >= 9.0.1~dev10-3.9.1` `python-ironic >= 9.1.8~dev5-3.18.2` `python-ironicclient >= 1.17.2-3.3.1` `python-ironicclient-doc >= 1.17.2-3.3.1` `python-keystone >= 12.0.4~dev2-5.19.2` `python-magnumclient >= 2.7.1-3.3.1` `python-magnumclient-doc >= 2.7.1-3.3.1` `python-manilaclient >= 1.17.4-3.6.1` `python-manilaclient-doc >= 1.17.4-3.6.1` `python-monasca-agent >= 2.2.5~dev2-3.9.2` `python-monasca-api >= 2.2.1~dev26-3.12.2` `python-monasca-log-api >= 2.3.1~dev12-3.6.2` `python-muranoclient >= 0.14.1-3.3.1` `python-muranoclient-doc >= 0.14.1-3.3.1` `python-neutron >= 11.0.9~dev28-3.18.2` `python-neutron-fwaas >= 11.0.3~dev1-3.14.1` `python-neutron-gbp >= 7.3.1~dev28-3.3.1` `python-neutron-lbaas >= 11.0.4~dev6-3.9.1` `python-neutron-vpnaas >= 11.0.1~dev5-3.12.1` `python-nova >= 16.1.9~dev3-3.23.2` `python-novaclient >= 9.1.3-3.6.2` `python-novaclient-doc >= 9.1.3-3.6.2` `python-openstackclient >= 3.12.2-3.3.1` `python-os-brick >= 1.15.9-3.6.2` `python-os-client-config >= 1.28.1-3.3.1` `python-os-vif >= 1.7.2-3.3.2` `python-os-win >= 2.2.1-3.3.1` `python-oslo.cache >= 1.25.2-3.3.1` `python-oslo.concurrency >= 3.21.2-3.3.1` `python-oslo.config >= 4.11.2-3.3.1` `python-oslo.config-doc >= 4.11.2-3.3.1` `python-oslo.i18n >= 3.17.2-3.3.2` `python-oslo.log >= 3.30.3-3.3.1` `python-oslo.messaging >= 5.30.8-3.8.1` `python-oslo.middleware >= 3.30.2-3.3.1` `python-oslo.policy >= 1.25.4-3.6.1` `python-oslo.privsep >= 1.22.2-3.3.1` `python-oslo.reports >= 1.22.2-3.3.1` `python-oslo.utils >= 3.28.4-3.6.1` `python-oslo.versionedobjects >= 1.26.3-3.6.1` `python-oslo.vmware >= 2.23.2-3.3.1` `python-oslotest >= 2.17.2-3.3.1` `python-python-subunit >= 1.2.0-4.3.1` `python-saharaclient >= 1.3.1-3.3.1` `python-saharaclient-doc >= 1.3.1-3.3.1` `python-swiftclient >= 3.4.1-3.3.1` `python-swiftclient-doc >= 3.4.1-3.3.1` `python-trove >= 8.0.1~dev13-3.9.1` `python-zaqarclient >= 1.7.1-3.3.1` `supportutils-plugin-suse-openstack-cloud >= 8.0.1551262227.7a7deb6-3.3.1` `venv-openstack-aodh-x86_64 >= 5.1.1~dev7-12.16.1` `venv-openstack-barbican-x86_64 >= 5.0.2~dev3-12.17.1` `venv-openstack-ceilometer-x86_64 >= 9.0.8~dev7-12.14.1` `venv-openstack-cinder-x86_64 >= 11.2.3~dev5-14.17.1` `venv-openstack-designate-x86_64 >= 5.0.3~dev7-12.15.1` `venv-openstack-freezer-x86_64 >= 5.0.0.0~xrc2~dev2-10.12.1` `venv-openstack-glance-x86_64 >= 15.0.2~dev9-12.15.1` `venv-openstack-heat-x86_64 >= 9.0.8~dev3-12.17.1` `venv-openstack-horizon-x86_64 >= 12.0.4~dev6-14.22.1` `venv-openstack-ironic-x86_64 >= 9.1.8~dev5-12.17.1` `venv-openstack-keystone-x86_64 >= 12.0.4~dev2-11.17.1` `venv-openstack-magnum-x86_64 >= 5.0.2-11.15.1` `venv-openstack-manila-x86_64 >= 5.0.4~dev17-12.19.1` `venv-openstack-monasca-ceilometer-x86_64 >= 1.5.1-8.11.1` `venv-openstack-monasca-x86_64 >= 2.2.1-11.13.1` `venv-openstack-murano-x86_64 >= 4.0.1-12.11.1` `venv-openstack-neutron-x86_64 >= 11.0.2-13.19.1` `venv-openstack-nova-x86_64 >= 16.1.9~dev3-11.18.1` `venv-openstack-octavia-x86_64 >= 1.0.5~dev1-12.17.1` `venv-openstack-sahara-x86_64 >= 7.0.4~dev1-11.16.1` `venv-openstack-swift-x86_64 >= 2.15.2-11.11.1` `venv-openstack-trove-x86_64 >= 8.0.1~dev13-11.16.1`	Patchnames: SUSE-OpenStack-Cloud-8-2018-2518 SUSE-OpenStack-Cloud-8-2019-1862
SUSE OpenStack Cloud Crowbar 8	`crowbar-core >= 5.0+git.1558533551.8d8ed2058-3.23.1` `crowbar-core-branding-SOC >= 5.0-10.6.3` `crowbar-core-branding-upstream >= 5.0+git.1558533551.8d8ed2058-3.23.1` `crowbar-ha >= 5.0+git.1559282566.6b06ca3-3.17.1` `crowbar-openstack >= 5.0+git.1559335140.62bb4c014-4.25.1` `documentation-suse-openstack-cloud-deployment >= 8.20190521-1.17.1` `documentation-suse-openstack-cloud-supplement >= 8.20190521-1.17.1` `documentation-suse-openstack-cloud-upstream-admin >= 8.20190521-1.17.1` `documentation-suse-openstack-cloud-upstream-user >= 8.20190521-1.17.1` `openstack-aodh >= 5.1.1~dev7-3.11.2` `openstack-aodh-api >= 5.1.1~dev7-3.11.2` `openstack-aodh-doc >= 5.1.1~dev7-3.11.1` `openstack-aodh-evaluator >= 5.1.1~dev7-3.11.2` `openstack-aodh-expirer >= 5.1.1~dev7-3.11.2` `openstack-aodh-listener >= 5.1.1~dev7-3.11.2` `openstack-aodh-notifier >= 5.1.1~dev7-3.11.2` `openstack-barbican >= 5.0.2~dev3-3.14.2` `openstack-barbican-api >= 5.0.2~dev3-3.14.2` `openstack-barbican-doc >= 5.0.2~dev3-3.14.1` `openstack-barbican-keystone-listener >= 5.0.2~dev3-3.14.2` `openstack-barbican-retry >= 5.0.2~dev3-3.14.2` `openstack-barbican-worker >= 5.0.2~dev3-3.14.2` `openstack-ceilometer >= 9.0.8~dev7-3.12.2` `openstack-ceilometer-agent-central >= 9.0.8~dev7-3.12.2` `openstack-ceilometer-agent-compute >= 9.0.8~dev7-3.12.2` `openstack-ceilometer-agent-ipmi >= 9.0.8~dev7-3.12.2` `openstack-ceilometer-agent-notification >= 9.0.8~dev7-3.12.2` `openstack-ceilometer-api >= 9.0.8~dev7-3.12.2` `openstack-ceilometer-collector >= 9.0.8~dev7-3.12.2` `openstack-ceilometer-doc >= 9.0.8~dev7-3.12.1` `openstack-ceilometer-polling >= 9.0.8~dev7-3.12.2` `openstack-cinder >= 11.2.3~dev5-3.15.2` `openstack-cinder-api >= 11.2.3~dev5-3.15.2` `openstack-cinder-backup >= 11.2.3~dev5-3.15.2` `openstack-cinder-doc >= 11.2.3~dev5-3.15.1` `openstack-cinder-scheduler >= 11.2.3~dev5-3.15.2` `openstack-cinder-volume >= 11.2.3~dev5-3.15.2` `openstack-dashboard >= 12.0.4~dev6-3.20.2` `openstack-dashboard-theme-SUSE >= 2017.2+git.1554906711.9dbe79b-7.11.1` `openstack-designate >= 5.0.3~dev7-3.11.1` `openstack-designate-agent >= 5.0.3~dev7-3.11.1` `openstack-designate-api >= 5.0.3~dev7-3.11.1` `openstack-designate-central >= 5.0.3~dev7-3.11.1` `openstack-designate-doc >= 5.0.3~dev7-3.11.1` `openstack-designate-producer >= 5.0.3~dev7-3.11.1` `openstack-designate-sink >= 5.0.3~dev7-3.11.1` `openstack-designate-worker >= 5.0.3~dev7-3.11.1` `openstack-heat >= 9.0.8~dev3-3.18.2` `openstack-heat-api >= 9.0.8~dev3-3.18.2` `openstack-heat-api-cfn >= 9.0.8~dev3-3.18.2` `openstack-heat-api-cloudwatch >= 9.0.8~dev3-3.18.2` `openstack-heat-doc >= 9.0.8~dev3-3.18.2` `openstack-heat-engine >= 9.0.8~dev3-3.18.2` `openstack-heat-gbp >= 7.0.1~dev1-3.3.1` `openstack-heat-plugin-heat_docker >= 9.0.8~dev3-3.18.2` `openstack-heat-test >= 9.0.8~dev3-3.18.2` `openstack-horizon-plugin-trove-ui >= 9.0.1~dev10-3.9.1` `openstack-ironic >= 9.1.8~dev5-3.18.2` `openstack-ironic-api >= 9.1.8~dev5-3.18.2` `openstack-ironic-conductor >= 9.1.8~dev5-3.18.2` `openstack-ironic-doc >= 9.1.8~dev5-3.18.1` `openstack-keystone >= 12.0.4~dev2-5.19.2` `openstack-keystone-doc >= 12.0.4~dev2-5.19.1` `openstack-monasca-agent >= 2.2.5~dev2-3.9.2` `openstack-monasca-api >= 2.2.1~dev26-3.12.2` `openstack-monasca-log-api >= 2.3.1~dev12-3.6.2` `openstack-neutron >= 11.0.9~dev28-3.18.2` `openstack-neutron-dhcp-agent >= 11.0.9~dev28-3.18.2` `openstack-neutron-doc >= 11.0.9~dev28-3.18.1` `openstack-neutron-fwaas >= 11.0.3~dev1-3.14.1` `openstack-neutron-fwaas-doc >= 11.0.3~dev1-3.14.1` `openstack-neutron-gbp >= 7.3.1~dev28-3.3.1` `openstack-neutron-ha-tool >= 11.0.9~dev28-3.18.2` `openstack-neutron-l3-agent >= 11.0.9~dev28-3.18.2` `openstack-neutron-lbaas >= 11.0.4~dev6-3.9.1` `openstack-neutron-lbaas-agent >= 11.0.4~dev6-3.9.1` `openstack-neutron-lbaas-doc >= 11.0.4~dev6-3.9.1` `openstack-neutron-linuxbridge-agent >= 11.0.9~dev28-3.18.2` `openstack-neutron-macvtap-agent >= 11.0.9~dev28-3.18.2` `openstack-neutron-metadata-agent >= 11.0.9~dev28-3.18.2` `openstack-neutron-metering-agent >= 11.0.9~dev28-3.18.2` `openstack-neutron-openvswitch-agent >= 11.0.9~dev28-3.18.2` `openstack-neutron-server >= 11.0.9~dev28-3.18.2` `openstack-neutron-vpn-agent >= 11.0.1~dev5-3.12.1` `openstack-neutron-vpnaas >= 11.0.1~dev5-3.12.1` `openstack-neutron-vpnaas-doc >= 11.0.1~dev5-3.12.1` `openstack-neutron-vyatta-agent >= 11.0.1~dev5-3.12.1` `openstack-nova >= 16.1.9~dev3-3.23.2` `openstack-nova-api >= 16.1.9~dev3-3.23.2` `openstack-nova-cells >= 16.1.9~dev3-3.23.2` `openstack-nova-compute >= 16.1.9~dev3-3.23.2` `openstack-nova-conductor >= 16.1.9~dev3-3.23.2` `openstack-nova-console >= 16.1.9~dev3-3.23.2` `openstack-nova-consoleauth >= 16.1.9~dev3-3.23.2` `openstack-nova-doc >= 16.1.9~dev3-3.23.1` `openstack-nova-novncproxy >= 16.1.9~dev3-3.23.2` `openstack-nova-placement-api >= 16.1.9~dev3-3.23.2` `openstack-nova-scheduler >= 16.1.9~dev3-3.23.2` `openstack-nova-serialproxy >= 16.1.9~dev3-3.23.2` `openstack-nova-vncproxy >= 16.1.9~dev3-3.23.2` `openstack-trove >= 8.0.1~dev13-3.9.1` `openstack-trove-api >= 8.0.1~dev13-3.9.1` `openstack-trove-conductor >= 8.0.1~dev13-3.9.1` `openstack-trove-doc >= 8.0.1~dev13-3.9.1` `openstack-trove-guestagent >= 8.0.1~dev13-3.9.1` `openstack-trove-taskmanager >= 8.0.1~dev13-3.9.1` `python-Django >= 1.11.20-3.7.1` `python-aodh >= 5.1.1~dev7-3.11.2` `python-barbican >= 5.0.2~dev3-3.14.2` `python-ceilometer >= 9.0.8~dev7-3.12.2` `python-cinder >= 11.2.3~dev5-3.15.2` `python-cliff >= 2.8.3-3.6.2` `python-designate >= 5.0.3~dev7-3.11.1` `python-freezerclient >= 1.5.1-3.3.2` `python-freezerclient-doc >= 1.5.1-3.3.2` `python-heat >= 9.0.8~dev3-3.18.2` `python-heat-gbp >= 7.0.1~dev1-3.3.1` `python-horizon >= 12.0.4~dev6-3.20.2` `python-horizon-plugin-trove-ui >= 9.0.1~dev10-3.9.1` `python-ironic >= 9.1.8~dev5-3.18.2` `python-ironicclient >= 1.17.2-3.3.1` `python-ironicclient-doc >= 1.17.2-3.3.1` `python-keystone >= 12.0.4~dev2-5.19.2` `python-magnumclient >= 2.7.1-3.3.1` `python-magnumclient-doc >= 2.7.1-3.3.1` `python-manilaclient >= 1.17.4-3.6.1` `python-manilaclient-doc >= 1.17.4-3.6.1` `python-monasca-agent >= 2.2.5~dev2-3.9.2` `python-monasca-api >= 2.2.1~dev26-3.12.2` `python-monasca-log-api >= 2.3.1~dev12-3.6.2` `python-muranoclient >= 0.14.1-3.3.1` `python-muranoclient-doc >= 0.14.1-3.3.1` `python-neutron >= 11.0.9~dev28-3.18.2` `python-neutron-fwaas >= 11.0.3~dev1-3.14.1` `python-neutron-gbp >= 7.3.1~dev28-3.3.1` `python-neutron-lbaas >= 11.0.4~dev6-3.9.1` `python-neutron-vpnaas >= 11.0.1~dev5-3.12.1` `python-nova >= 16.1.9~dev3-3.23.2` `python-novaclient >= 9.1.3-3.6.2` `python-novaclient-doc >= 9.1.3-3.6.2` `python-openstackclient >= 3.12.2-3.3.1` `python-os-brick >= 1.15.9-3.6.2` `python-os-client-config >= 1.28.1-3.3.1` `python-os-vif >= 1.7.2-3.3.2` `python-os-win >= 2.2.1-3.3.1` `python-oslo.cache >= 1.25.2-3.3.1` `python-oslo.concurrency >= 3.21.2-3.3.1` `python-oslo.config >= 4.11.2-3.3.1` `python-oslo.config-doc >= 4.11.2-3.3.1` `python-oslo.i18n >= 3.17.2-3.3.2` `python-oslo.log >= 3.30.3-3.3.1` `python-oslo.messaging >= 5.30.8-3.8.1` `python-oslo.middleware >= 3.30.2-3.3.1` `python-oslo.policy >= 1.25.4-3.6.1` `python-oslo.privsep >= 1.22.2-3.3.1` `python-oslo.reports >= 1.22.2-3.3.1` `python-oslo.utils >= 3.28.4-3.6.1` `python-oslo.versionedobjects >= 1.26.3-3.6.1` `python-oslo.vmware >= 2.23.2-3.3.1` `python-oslotest >= 2.17.2-3.3.1` `python-python-subunit >= 1.2.0-4.3.1` `python-saharaclient >= 1.3.1-3.3.1` `python-saharaclient-doc >= 1.3.1-3.3.1` `python-swiftclient >= 3.4.1-3.3.1` `python-swiftclient-doc >= 3.4.1-3.3.1` `python-trove >= 8.0.1~dev13-3.9.1` `python-zaqarclient >= 1.7.1-3.3.1` `supportutils-plugin-suse-openstack-cloud >= 8.0.1551262227.7a7deb6-3.3.1`	Patchnames: SUSE-OpenStack-Cloud-Crowbar-8-2018-2518 SUSE-OpenStack-Cloud-Crowbar-8-2019-1862
SUSE Package Hub 12	`python-Django >= 1.11.15-11.1`	Patchnames: openSUSE-2018-866
SUSE Package Hub 15	`python2-Django1 >= 1.11.15-bp150.3.3.1` `python3-Django >= 2.0.8-bp150.3.3.1`	Patchnames: openSUSE-2018-884 openSUSE-2019-614
openSUSE Leap 15.0	`python2-Django1 >= 1.11.15-lp150.2.3.1` `python3-Django >= 2.0.8-lp150.2.3.1`	Patchnames: openSUSE-2019-608 openSUSE-2019-614

Status of this issue by product and package

Please note that this evaluation state might be work in progress, incomplete or outdated. Also information for service packs in the LTSS phase is only included for issues meeting the LTSS criteria. If in doubt, feel free to contact us for clarification.

Product(s)	Source package	State
HPE Helion OpenStack 8	python-Django	Released
SUSE Enterprise Storage 4	python-Django	Not affected
SUSE Enterprise Storage 5	python-Django	Not affected
SUSE OpenStack Cloud 7	python-Django	In progress
SUSE OpenStack Cloud 8	python-Django	Released
SUSE OpenStack Cloud Crowbar 8	python-Django	Released

CVE-2018-14574

Common Vulnerabilities and Exposures

Upstream information

Description

SUSE information

List of released packages

Status of this issue by product and package

Business-Critical Linux

Enterprise Container Management

Edge

Solutions

Industries

Support

Services

Resources

Partners

Communities

About