CVE-2015-1851 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1851): OpenStack Cinder before 2014.1.5 (icehouse), 2014.2.x before 2014.2.4 (juno), and 2015.1.x before 2015.1.1 (kilo) allows remote authenticated users to read arbitrary files via a crafted qcow2 signature in an image to the upload-to-image command. 17 Jun 2015; Matthew Thode <prometheanfire@gentoo.org> +cinder-2014.2.3-r1.ebuild, +cinder-2015.1.0-r1.ebuild, +files/CVE-2015-1851_2014.2.3.patch, +files/CVE-2015-1851_2015.1.0.patch, -cinder-2015.1.0.ebuild: fixing CVE-2015-1851