Ubuntu
nova package

Merge lp:~gandelman-a/ubuntu/quantal/nova/nova-2012.2.3-2 into lp:~openstack-ubuntu-testing/nova/folsom

  1. Quantal (12.10)
  2. nova-2012.2.3-2
  3. Merge into folsom
Proposed by Adam Gandelman
Status: Merged
Approved by: Chuck Short
Approved revision: 478
Merged at revision: 478
Proposed branch: lp:~gandelman-a/ubuntu/quantal/nova/nova-2012.2.3-2
Merge into: lp:~openstack-ubuntu-testing/nova/folsom
Diff against target: 37 lines (+23/-0)
1 file modified
debian/changelog (+23/-0)
To merge this branch: bzr merge lp:~gandelman-a/ubuntu/quantal/nova/nova-2012.2.3-2
Reviewer Review Type Date Requested Status
Openstack Ubuntu Testers Pending
Review via email: mp+149933@code.launchpad.net

Description of the change

Another CVE was un-embargoed today for nova, we need to also supersede the nova package that was recently accepted into quantal-proposed.

To post a comment you must log in.

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
1=== modified file 'debian/changelog'
2--- debian/changelog 2013-02-05 22:13:28 +0000
3+++ debian/changelog 2013-02-21 20:54:20 +0000
4@@ -1,3 +1,17 @@
5+nova (2012.2.3+stable-20130221-d5e7f551-0ubuntu1) quantal-proposed; urgency=low
6+
7+ * Dropped patches, applied upstream:
8+ - debian/patches/CVE-2013-1664.patch: [2ae74f8]
9+ * Resynchronize with stable/folsom (d5e7f551) (LP: #1116671):
10+ - [d5e7f55] nova-compute fails to start if an instance has no ip LP: 1131330
11+ - [7ace55f] VMs paused unbeknownst to nova compute are destroyed LP: 1097806
12+ - [ecd98d2] LibvirtBridgeDriver crashes when spawning an instance with
13+ NoopFirewallDriver LP: 1050433
14+ - [2ae74f8] DoS through XML entity expansion (CVE-2013-1664) LP: 1100282
15+ - [21d5e90] Instance stuck in task state image_snapshot LP: 1101136
16+
17+ -- Adam Gandelman <adamg@ubuntu.com> Thu, 21 Feb 2013 12:40:55 -0400
18+
19 nova (2012.2.3-0ubuntu1) quantal-proposed; urgency=low
20
21 * Dropped patches, applied upstream:
22@@ -31,6 +45,15 @@
23
24 -- Adam Gandelman <adamg@ubuntu.com> Tue, 05 Feb 2013 14:11:49 -0400
25
26+nova (2012.2.1+stable-20121212-a99a802e-0ubuntu1.2) quantal-security; urgency=low
27+
28+ * SECURITY UPDATE: fix denial of service
29+ - CVE-2013-1664.patch: Add a new utils.safe_minidom_parse_string function
30+ and update external API facing Nova modules to use it
31+ - CVE-2013-1664
32+
33+ -- Jamie Strandboge <jamie@ubuntu.com> Tue, 19 Feb 2013 11:41:25 -0600
34+
35 nova (2012.2.1+stable-20121212-a99a802e-0ubuntu1.1) quantal-security; urgency=low
36
37 * SECURITY UPDATE: fix lack of authentication on block device used for

Subscribers

People subscribed via source and target branches