lp:ubuntu/quantal-proposed/nova

Created by Ubuntu Package Importer on 2012-10-12 and last modified on 2013-05-29
Get this branch:
bzr branch lp:ubuntu/quantal-proposed/nova
Members of Ubuntu branches can upload to this branch. Log in for directions.

Branch merges

Related bugs

Related blueprints

Branch information

Owner:
Ubuntu branches
Review team:
Ubuntu Development Team
Status:
Development

Recent revisions

100. By Adam Gandelman on 2013-05-28

* Rebase again with latest security update, which fixes regression
  introduced with original fix for CVE-2013-2096:
  - Regression fix. Nova fails to launch non-cached images (LP: #1183606)
     * debian/patches/lp1183606.patch: call prepare_template() before
       performing QCOW2 image size check

99. By James Page on 2013-05-17

* Rebase with latest security updates.
* SECURITY UPDATE: verify virtual size of QCOW2 images
  - CVE-2013-2096.patch: update nova/virt/libvirt/imagebackend.py to
    check QCOW2 image size during root disk creation
  - CVE-2013-2096

98. By Adam Gandelman on 2013-04-25

* Dropped patches, applied upstream:
  - debian/patches/CVE-2013-1838.patch: [9561484]
  - debian/patches/CVE-2013-0335.patch: [05a3374]
  - debian/patches/CVE-2013-1664.patch: [2ae74f8]
* Resynchronize with stable/folsom (9ecd965e) (LP: #1179707):
  - [975a312] Creating network failed with message handling via REST API
    LP: 1143584
  - [056a7df] live-migration to an invalid host should exist gracefully.
    Currently, it throws a stack trace LP: 1159755
  - [8f8ef21] Add a format_message method to the Exceptions
  - [2dd8f3e] Quantum Hybrid OVS driver does not set STP values correctly
    LP: 1129055
  - [c4c417e] Fixed IPs quota can break upgrades LP: 1161190
  - [c85683e] A default /24 netmask is used by dnsmasq instead of the
    configured netmasks (in netmasks table) LP: 1154929
  - [50dece6] Support external gateways in VLAN mode LP: 1012443
  - [524a5a3] Expected exception on volume attach leaves traceback in the
    logs. LP: 1155315
  - [67eb495] ec2 id mapping can be incorrect during attach volume LP: 1145490
  - [69ba489] PowerVM driver spawn failed due to missing attribute
    supported_instances LP: 1155498
  - [28aacf6] Log statement improperly output in nova-manage LP: 1018431
  - [53626bf] fixed_ips cannot reliably be released on instance termination
    LP: 1103260
  - [f8c5492] libvirt driver connection validation causes unnecessary process
    execution with libvirt/qemu LP: 1100446
  - [5b43cef] comparing datetime to None in update-time handling LP: 1096719
  - [549879d] Quantum: DHCP request fails with IptablesFirewallDriver and
    default rule as DISCARD LP: 1131223
  - [46d2060] soft_reboot followed by hard_reboot can lead to double reboot
    LP: 1046356
  - [cdc2386] libvirt: nova should enable apic setting for xen or kvm guest
    LP: 1086352
  - [9561484] DOS by allocating all fixed ips LP: 1125468
  - [d6b9d33] Affinity filter checks erroneously includes deleted instances
    LP: 1107156
  - [cb843f7] Instance is sometimes shutdown without any operation and report
    the message "Instance shutdown by itself. Calling the stop API"
    LP: 1085771
  - [05a3374] VNC proxy can be made to connect to wrong VM LP: 1125378
  - [889e9c0] nova leaves stale .part files on disk when downloading non raw
    VM images LP: 1125068
  - [2029427] Instance vm_state remains 'migrating' if source compute node
    goes down during migration LP: 973393
  - [8289d6c] rc.local editing wrong. LP: 1089668
  - [d5e7f55] nova-compute fails to start if an instance has no ip LP: 1131330
  - [7ace55f] VMs paused unbeknownst to nova compute are destroyed LP: 1097806
  - [ecd98d2] LibvirtBridgeDriver crashes when spawning an instance with
    NoopFirewallDriver LP: 1050433
  - [2ae74f8] DoS through XML entity expansion (CVE-2013-1664) LP: 1100282
  - [21d5e90] Instance stuck in task state image_snapshot LP: 1101136

97. By James Page on 2013-03-22

* Re-sync with latest security updates.
* SECURITY UPDATE: fix denial of service via fixed IPs when using extensions
  - debian/patches/CVE-2013-1838.patch: add explicit quota for fixed IP
  - CVE-2013-1838
* SECURITY UPDATE: fix VNC token validation
  - debian/patches/CVE-2013-0335.patch: force console auth service to flush
    all tokens associated with an instance when it is deleted
  - CVE-2013-0335
* SECURITY UPDATE: fix denial of service
  - CVE-2013-1664.patch: Add a new utils.safe_minidom_parse_string function
    and update external API facing Nova modules to use it
  - CVE-2013-1664

96. By Adam Gandelman on 2013-02-05

* Dropped patches, applied upstream:
  - debian/patches/CVE-2013-0208.patch: [317cc0a]
* Resynchronize with stable/folsom (e5d0f4b9) (LP: #1116671):
  - [317cc0a] No authentication on block device used for os-volume_boot
    LP: 1069904
  - [6241f91] Include error message in instance faults LP: 1013350
  - [5a66812] Rapidly removing a floating ip can leave behind nat rules
    LP: 1092762
  - [133a040] remove session parameter from fixed_ip_get
  - [03200fe] init host crashes if instance cannot be resumed LP: 1100430
  - [cf67f3b] Unable to assign a specific IP address to a Quantum port
    LP: 1094897
  - [fcaab43] No handler for NFS volume LP: 1087252
  - [796216e] plug_vifs() not called for each instance when nova compute is
    started LP: 1083784
  - [b3c2f61] resource tracker reporting strange values in AUDIT logs
    LP: 1092418
  - [1789d26] Libvirt driver misses out some CPU flags on old libvirt
    LP: 1099527
  - [eff17b4] nova aggregate-create returns unclear error to user LP: 1083353
  - [63fd557] os-hosts extension's show method cannot find host which has '.'
    in host-name (or host name is dotted quad) LP: 1027788
  - [f864a4e] Folsom - Absolute limit parameters totalKeyPairsUsed and
    totalSecurityGroupsUsed values area not incremented when keypair and
    security group created LP: 1062049
  - [4bfc8f1] KVM guests networking issues with no virbr0 and with vhost_net
    kernel modules loaded (LP: #1029430)
  - [f9eacd4] Qemu-img does not handle snapshot list LP: 1070088

95. By Adam Gandelman on 2012-12-12

* Ubuntu updates:
  - debian/control: Ensure novaclient is upgraded with nova,
    require python-keystoneclient >= 1:2.9.0. (LP: #1073289)
  - d/p/avoid_setuptools_git_dependency.patch: Refresh.
* Dropped patches, applied upstream:
  - debian/patches/CVE-2012-5625.patch: [a99a802]
* Resynchronize with stable/folsom (b55014ca) (LP: #1085255):
  - [a99a802] create_lvm_image allocates dirty blocks (LP: #1070539)
  - [670b388] RPC exchange name defaults to 'openstack' (LP: #1083944)
  - [3ede373] disassociate_floating_ip with multi_host=True fails
    (LP: #1074437)
  - [22d7c3b] libvirt imagecache should handle shared image storage
    (LP: #1075018)
  - [e787786] Detached and deleted RBD volumes remain associated with insance
    (LP: #1083818)
  - [9265eb0] live_migration missing migrate_data parameter in Hyper-V driver
    (LP: #1066513)
  - [3d99848] use_single_default_gateway does not function correctly
    (LP: #1075859)
  - [65a2d0a] resize does not migrate DHCP host information (LP: #1065440)
  - [102c76b] Nova backup image fails (LP: #1065053)
  - [48a3521] Fix config-file overrides for nova-dhcpbridge
  - [69663ee] Cloudpipe in Folsom: no such option: cnt_vpn_clients
    (LP: #1069573)
  - [6e47cc8] DisassociateAddress can cause Internal Server Error
    (LP: #1080406)
  - [22c3d7b] API calls to dis-associate an auto-assigned floating IP should
    return proper warning (LP: #1061499)
  - [bd11d15] libvirt: if exception raised during volume_detach, volume state
    is inconsistent (LP: #1057756)
  - [dcb59c3] admin can't describe all images in ec2 api (LP: #1070138)
  - [78de622] Incorrect Exception raised during Create server when metadata
    over 255 characters (LP: #1004007)
  - [c313de4] Fixed IP isn't released before updating DHCP host file
    (LP: #1078718)
  - [f4ab42d] Enabling Return Reservation ID with XML create server request
    returns no body (LP: #1061124)
  - [3db2a38] 'BackupCreate' should accept rotation parameter greater than or
    equal to zero (LP: #1071168)
  - [f7e5dde] libvirt reboot sometimes fails to reattach volumes
    (LP: #1073720)
  - [ff776d4] libvirt: detaching volume may fail while terminating other
    instances on the same host concurrently (LP: #1060836)
  - [85a8bc2] Used instance uuid rather than id in remove-fixed-ip
  - [42a85c0] Fix error on invalid delete_on_termination value
  - [6a17579] xenapi migrations fail w/ swap (LP: #1064083)
  - [97649b8] attach-time field for volumes is not updated for detach volume
    (LP: #1056122)
  - [8f6a718] libvirt: rebuild is not using kernel and ramdisk associated with
    the new image (LP: #1060925)
  - [fbe835f] live-migration and volume host assignement (LP: #1066887)
  - [c2a9150] typo prevents volume_tmp_dir flag from working (LP: #1071536)
  - [93efa21] Instances deleted during spawn leak network allocations
    (LP: #1068716)
  - [ebabd02] After restarting an instance volume is lost (LP: #1071069)
  - [a369303] xen volume auto device selection always picks xvdb
    (LP: #1061944)
  - [8d1095c] Calls to to_xml() to generate XML for a soft deleted flavor fail
    (LP: #1073736)
  - [1857821] nova-manage doesn't validate the key value supplied to update
    the quota (LP: #1064359)
  - [6ae32f0] Compute manager doesn't update 'host' field when it tries to run
    a VM (LP: #1073600)
  - [284f6ea] Host field set too early during builds (LP: #1060255)
  - [395511f] finish_resize failures result in NoneType exception
    (LP: #1071595)
  - [85ccf80] confirm_resize mgr call requires admin context (LP: #1071600)
  - [2dceffa] Only return the last N lines of the console log (LP: #1081436)
  - [9c7a711] console auth does not work with memcache, unicode error
    (LP: #1057279)
  - [b27f7ef] disk path not exists when using LXC with libvirt_images_type=lvm
    (LP: #1079113)
  - [1351c6b] nova-api now requires quantumclient (LP: #1070509)
  - [612f404] nova-api now requires quantumclient (LP: #1070509)
  - [7e8a166] nova-compute (folsom) fails to start, compute_driver is None
    (LP: #1081836)
  - [182ca80] Nova API does not work with QuantumV2 API subclasses
    (LP: #1070045)
  - [55d1412] 413 error code doesn't always provide Retry-After (LP: #1079387)
  - [1581505] Snapshotting LXC instance fails (LP: #1058273)
  - [197398f] Stop network.api import on network import
  - [b874d21] Scheduler Race Condition at high volume (LP: #1073956)
  - [3316e1f] Nic Ordering not guaranteed with Quantum API (LP: #1064524)
  - [ab7e37e] Stable oslo (aka common) update
  - [3f7788c] update nova to report quantum floating IPs (LP: #1023169)
  - [d3fd05b] metadata service throws 500 - NoSuchOptError (LP: #1063851)
  - [97542c9] libvirt imagecache still runs even if disabled (LP: #1075017)
  - [b31f528] OS API: XML Namespace Handling Broken (LP: #887191)
  - [76b44d9] nova-api crashes if it is run with nobody account.
    (LP: #1073858)
  - [d59f6ad] nova-compute will assign the same device name if volume-attach
    continuously (LP: #1062033)
  - [8e11181] Nova does not delete the LV on LVM backed VMs (LP: #1078085)
  - [9bf2c6a] Fixed instance deletion issue from Nova API.
  - [c0e1247] forget to release resource when terminate an instance from a
    failed compute node (LP: #1067214)
  - [49397a4] ensure_default_security_group() does not call sgh (LP: #1050982)
  - [47ff8a5] trigger_instance[add/remove]_security_group_refresh are never
    called (LP: #1057069)
  - [c9cade2] Resource reservation isn't rolled back properly for certain
    failures during Instance Create (LP: #1065092)
  - [34c3845] Resource tracker uses regex DB query too often (LP: #1060363)
  - [92eddd2] Logging CPU incompatibility when attempting live migration fails
    (LP: #1076308)
  - [8b4896b] hostname in metadata ends with . if dhcp_domain flag is empty
    (LP: #1064713)
  - [ded0473] deletes fail when instance in RESIZED (LP: #1056601)
  - [d015be5] libvirt: cannot detach volume from stopped domain (LP: #1057730)
  - [d5888f1] Resizing a Xen instance with attached volumes fails
    (LP: #1028092)
  - [fb88827] resize leave leftover libvirt configs (LP: #1015731)
  - [5ccd691] nova-network cannot re-generate MAC address if collision happen
    (LP: #1059366)
  - [e3d7f8c] After folsom upgrade, instances can no longer access existing
    volumes. (LP: #1065702)
  - [804f858] Jenkins jobs fail because of incompatibility between sqlalchemy-
    migrate and the newest sqlalchemy-0.8.0b1 (LP: #1073569)
  - [f67a5f9] block device mappings for deleted instances are leaked
    (LP: #1069099)
  - [32d8722] volume and snapshot IDs do not correctly map to UUIDs after
    folsom upgrade (LP: #1065785)
  - [9613643] Xenserver cannot boot vm_mode=xen type images (LP: #1055431)
  - [863c767] Cloudpipe extension xml serialization doesn't return the
    instance(s) data (LP: #1056242)
  - [724adcf] deleting security group does not mark rules as deleted
    (LP: #1056380)
  - [84a996c] IP Protocol for security group should be returned in lower case
    to be compliant with the ec2 api (LP: #1057196)
  - [e1ed06a] db tests fail with sqlalchemy 0.7.4 (LP: #1057145)
  - [bddb06d] Fail to boot raw image on XenServer (LP: #1055413)
  - [d4d1665] Add SIGPIPE handler to subprocess execution in rootwrap and
    utils.execute (LP: #1053364)
  - [0af4dd0] libvirt: concurrent detach_volume and terminate fails
    (LP: #1057719)
  - [ebbfa9e] Instances in vm state DELETED are preventing compute restart
    (LP: #1053441)
  - [db516a2] ComputeManager does not provide block_device_info on destroy
    call in revert_resize (LP: #1056285)
  - [4223ebf] Set defaultbranch in .gitreview to stable/folsom
  - [eee4dbb] do_refresh_security_group_rules in nova.virt.firewall is very
    slow (LP: #1062314)
  - [b7e509a] Set read_deleted='yes' for instance_id_mappings.
  - [9e20735] Tests fail on 32bit machines (_get_hash_str is platform
    dependent) (LP: #1050359)

94. By Chuck Short on 2012-10-12

[ Adam Gandelman ]
* Move management of /var/lib/nova/volumes from nova-common to
  nova-volume. Ensure it has proper permissions. (LP: #1065320)
* debian/patches/avoid_setuptools_git_dependency.patch: Remove
  setuptools_git from tools/pip-requires to avoid it being automatically
  added to python-nova's runtime dependencies. (LP: #1059907)

[ Chuck Short ]
* debian/patches/rbd-security.patch: Support override of ceph rbd
  user and secret in nova-compute. (LP: #1065883)
* debian/patches/ubuntu/fix-libvirt-firewall-slowdown.patch: Fix
  refreshing of security groups in libvirt not to block on RPC calls.
  (LP: #1062314)
* debian/patches/ubuntu/fix-ec2-volume-id-mappings.patch: Read deleted
  snapshot and volume id mappings. (LP: #1065785)

93. By Chuck Short on 2012-10-09

debian/patches/ubuntu/ubuntu-fix-ec2-instance-id-mappings.patch:
Backport from trunk, Set read_deleted='yes' for instance_id_mappings.
(LP: #1061166)

92. By Adam Gandelman on 2012-10-02

* nova-xvpvncproxy, nova-novncproxy: Add missing .install, .logrotate,
  .postrm, manpages and upstart jobs (LP: #1060336)
* debian/{rules, nova-volume.install}: Rename nova_tgt to nova_tgt.conf so
  that it is actually loaded by tgt. (LP: #1060422)

91. By Chuck Short on 2012-09-28

debian/patches/ubuntu-fix-32-64-bit-iss.patch: Backport
ba8cca2b59bb2904635520ad12f6d9a73f10242c, python's builtin
builtin hash returns different values on 32-bit and 64-bit architectures,
so it's safer to use a well-defined hash like MD5. This fixes a FTBFS
in Ubuntu's buildds.

Branch metadata

Branch format:
Branch format 7
Repository format:
Bazaar repository format 2a (needs bzr 1.16 or later)
Stacked on:
lp:ubuntu/quantal/nova
This branch contains Public information 
Everyone can see this information.

Subscribers