OpenStack Compute (nova)

lp:~openstack-ubuntu-testing/nova/folsom

Created by James Page on 2012-11-21 and last modified on 2013-05-23

Get this branch:: bzr branch lp:~openstack-ubuntu-testing/nova/folsom

Members of Openstack Ubuntu Testers can upload to this branch. Log in for directions.

Branch merges

2 branches proposed for merging into this one.

No branches dependent on this one.

Related bugs

Bug #1125378: [OSSA-2013-006] VNC proxy can be made to connect to wrong VM	High	Fix Released
Bug #1125468: [OSSA 2013-008] DOS by allocating all fixed ips	High	Fix Released

Link a bug report

Related blueprints

Branch information

Owner:: Openstack Ubuntu Testers

Project:: OpenStack Compute (nova)

Status:: Development

Recent revisions

487. By Adam Gandelman on 2013-05-23: Disable dropped security patch.
486. By Adam Gandelman on 2013-05-23: * Dropped patches, applied upstream:
- debian/patches/CVE-2013-2096.patch: [6740c40]
485. By Adam Gandelman on 2013-05-17: Add missing CVE-2013-2096.patch.
484. By James Page on 2013-05-17: Resync changelog with latest security fixes
483. By Adam Gandelman on 2013-05-13: Add meta-bug ref.
482. By Adam Gandelman on 2013-05-13: Drop patch as per changelog history.
481. By Adam Gandelman on 2013-05-13: Fix distro release name.
480. By Adam Gandelman on 2013-05-13: Releasing 2012.2.4-0ubuntu1.; Merged branch lp:~gandelman-a/ubuntu/quantal/nova/2012.2.4
479. By James Page on 2013-03-22: * Re-sync with latest security updates.
* SECURITY UPDATE: fix denial of service via fixed IPs when using extensions
  - debian/patches/CVE-2013-1838.patch: add explicit quota for fixed IP
  - CVE-2013-1838
* SECURITY UPDATE: fix VNC token validation
  - debian/patches/CVE-2013-0335.patch: force console auth service to flush
    all tokens associated with an instance when it is deleted
  - CVE-2013-0335
* SECURITY UPDATE: fix denial of service
  - CVE-2013-1664.patch: Add a new utils.safe_minidom_parse_string function
    and update external API facing Nova modules to use it
  - CVE-2013-1664
* SECURITY UPDATE: fix denial of service via fixed IPs when using extensions
  - debian/patches/CVE-2013-1838.patch: add explicit quota for fixed IP
  - CVE-2013-1838
  - LP: #1125468
* SECURITY UPDATE: fix VNC token validation
  - debian/patches/CVE-2013-0335.patch: force console auth service to flush
    all tokens associated with an instance when it is deleted
  - CVE-2013-0335
  - LP: #1125378; Merged branch lp:~james-page/nova/folsom-resync

Bug #1125378: [OSSA-2013-006] VNC proxy can be made to connect to wrong VM

Bug #1125468: [OSSA 2013-008] DOS by allocating all fixed ips
478. By Adam Gandelman on 2013-02-21: 2012.2.3+stable-20130221-d5e7f551-0ubuntu1; Merged branch lp:~gandelman-a/ubuntu/quantal/nova/nova-2012.2.3-2

Branch metadata

Branch format:: Branch format 7

Repository format:: Bazaar repository format 2a (needs bzr 1.16 or later)

This branch contains Public information

Everyone can see this information.

Subscribers

Openstack Ubuntu ...