lp:ubuntu/quantal-security/nova

Created by Ubuntu Package Importer and last modified
Get this branch:
bzr branch lp:ubuntu/quantal-security/nova
Members of Ubuntu branches can upload to this branch. Log in for directions.

Branch merges

Related bugs

Related blueprints

Branch information

Owner:
Ubuntu branches
Review team:
Ubuntu Development Team
Status:
Mature

Recent revisions

101. By Jamie Strandboge on 2013-10-21

* SECURITY UPDATE: properly honor the is_public flag
  - debian/patches/CVE-2013-2256.patch, CVE-2013-4278.patch: add enforcement
    of is_public in the db layer (LP: #1194093, LP: #1212179)
  - CVE-2013-2256, CVE-2013-4278
* SECURITY UPDATE: denial of service with network security group policy
  updates
  - debian/patches/CVE-2013-4185.patch: use cached nwinfo for secgroup rules
    (LP: #1184041)
  - CVE-2013-4185

100. By Jamie Strandboge on 2013-05-28

* Regression fix. Nova fails to launch non-cached images (LP: #1183606)
  - debian/patches/lp1183606.patch: call prepare_template() before
    performing QCOW2 image size check

99. By Jamie Strandboge on 2013-05-15

* SECURITY UPDATE: verify virtual size of QCOW2 images
  - CVE-2013-2096.patch: update nova/virt/libvirt/imagebackend.py to
    check QCOW2 image size during root disk creation
  - CVE-2013-2096

98. By Jamie Strandboge on 2013-03-20

* SECURITY UPDATE: fix denial of service via fixed IPs when using extensions
  - debian/patches/CVE-2013-1838.patch: add explicit quota for fixed IP
  - CVE-2013-1838
  - LP: #1125468
* SECURITY UPDATE: fix VNC token validation
  - debian/patches/CVE-2013-0335.patch: force console auth service to flush
    all tokens associated with an instance when it is deleted
  - CVE-2013-0335
  - LP: #1125378

97. By Jamie Strandboge on 2013-02-19

* SECURITY UPDATE: fix denial of service
  - CVE-2013-1664.patch: Add a new utils.safe_minidom_parse_string function
    and update external API facing Nova modules to use it
  - CVE-2013-1664

96. By Jamie Strandboge on 2013-01-29

* SECURITY UPDATE: fix lack of authentication on block device used for
  os-volume_boot
  - debian/patches/CVE-2013-0208.patch: adjust nova/compute/api.py to
    validate we can access the volumes
  - CVE-2013-0208

95. By Jamie Strandboge on 2012-12-11

* SECURITY UPDATE: information leak in libvirt LVM-backed instances
  - debian/patches/CVE-2012-5625.patch: overwrite each logical volume with
    zeros
  - LP: #1070539
  - CVE-2012-5625

94. By Chuck Short on 2012-10-12

[ Adam Gandelman ]
* Move management of /var/lib/nova/volumes from nova-common to
  nova-volume. Ensure it has proper permissions. (LP: #1065320)
* debian/patches/avoid_setuptools_git_dependency.patch: Remove
  setuptools_git from tools/pip-requires to avoid it being automatically
  added to python-nova's runtime dependencies. (LP: #1059907)

[ Chuck Short ]
* debian/patches/rbd-security.patch: Support override of ceph rbd
  user and secret in nova-compute. (LP: #1065883)
* debian/patches/ubuntu/fix-libvirt-firewall-slowdown.patch: Fix
  refreshing of security groups in libvirt not to block on RPC calls.
  (LP: #1062314)
* debian/patches/ubuntu/fix-ec2-volume-id-mappings.patch: Read deleted
  snapshot and volume id mappings. (LP: #1065785)

93. By Chuck Short on 2012-10-09

debian/patches/ubuntu/ubuntu-fix-ec2-instance-id-mappings.patch:
Backport from trunk, Set read_deleted='yes' for instance_id_mappings.
(LP: #1061166)

92. By Adam Gandelman on 2012-10-02

* nova-xvpvncproxy, nova-novncproxy: Add missing .install, .logrotate,
  .postrm, manpages and upstart jobs (LP: #1060336)
* debian/{rules, nova-volume.install}: Rename nova_tgt to nova_tgt.conf so
  that it is actually loaded by tgt. (LP: #1060422)

Branch metadata

Branch format:
Branch format 7
Repository format:
Bazaar repository format 2a (needs bzr 1.16 or later)
Stacked on:
lp:ubuntu/raring/nova
This branch contains Public information 
Everyone can see this information.

Subscribers