lp:ubuntu/oneiric-security/nova
- Get this branch:
- bzr branch lp:ubuntu/oneiric-security/nova
Branch merges
Branch information
Recent revisions
- 57. By Jamie Strandboge
-
* SECURITY UPDATE: fix denial of service via fixed IPs when using extensions
- debian/patches/ CVE-2013- 1838.patch: add explicit quota for fixed IP
- CVE-2013-1838
- LP: #1125468 - 56. By Jamie Strandboge
-
* SECURITY UPDATE: fix denial of service
- CVE-2013-1664.patch: Add a new utils.safe_ minidom_ parse_string function
and update external API facing Nova modules to use it
- CVE-2013-1664 - 55. By Jamie Strandboge
-
* SECURITY UPDATE: fix lack of authentication on block device used for
os-volume_boot
- debian/patches/ CVE-2013- 0208.patch: adjust nova/compute/api.py to
validate we can access the volumes
- CVE-2013-0208 - 54. By Jamie Strandboge
-
* SECURITY UPDATE: Prohibit file injection writing to host filesystem
- debian/patches/ CVE-2012- 3447.patch: update to perform the file name
canonicalization as the root user
- CVE-2012-3447 - 53. By Steve Beattie
-
* SECURITY UPDATE: arbitrary file injection/
corruption
- debian/patches/ CVE-2012- 3361.patch: ensure that files cannot
be injected in arbitrary locations
- CVE-2012-3361 - 52. By Steve Beattie
-
* REGRESSION FIX: security group without protocol set failure (LP: #1010514)
- debian/patches/ CVE-2012- 2654-regression .patch: only call .lower()
when a protocol has been set. - 51. By Steve Beattie
-
* SECURITY UPDATE: set security groups correctly if IP protocol is
specified in upper/mixed case
- debian/patches/ CVE-2012- 2654.patch: ensure protocols are in
lowercase for the controllers - 50. By Jamie Strandboge
-
* SECURITY UPDATE: Place limit on number of security groups a user may
create
- debian/patches/ CVE-2012- 2101.patch: add quotas for security groups and
security groups rules
- CVE-2012-2101 - 49. By Tyler Hicks
-
* SECURITY UPDATE: Denial of service via resource exhaustion in nova-api
- debian/patches/ validate_ server_ name_length. patch: Limit server names
to a maximum of 255 characters to prevent nova-api log files from
exhausting storage space. Based on upstream patch.
- CVE-2012-1585 - 48. By Jamie Strandboge
-
* SECURITY UPDATE: fix tenant bypass by authenticated users via OpenStack
API (LP: #904072)
- CVE-2012-0030
Branch metadata
- Branch format:
- Branch format 7
- Repository format:
- Bazaar repository format 2a (needs bzr 1.16 or later)
- Stacked on:
- lp:ubuntu/precise/nova