lp:ubuntu/quantal-updates/nova

Created by Ubuntu Package Importer and last modified
Get this branch:
bzr branch lp:ubuntu/quantal-updates/nova
Members of Ubuntu branches can upload to this branch. Log in for directions.

Branch merges

Related bugs

Related blueprints

Branch information

Owner:
Ubuntu branches
Review team:
Ubuntu Development Team
Status:
Mature

Recent revisions

103. By Jamie Strandboge

* SECURITY UPDATE: properly honor the is_public flag
  - debian/patches/CVE-2013-2256.patch, CVE-2013-4278.patch: add enforcement
    of is_public in the db layer (LP: #1194093, LP: #1212179)
  - CVE-2013-2256, CVE-2013-4278
* SECURITY UPDATE: denial of service with network security group policy
  updates
  - debian/patches/CVE-2013-4185.patch: use cached nwinfo for secgroup rules
    (LP: #1184041)
  - CVE-2013-4185

102. By Adam Gandelman

* Rebase again with latest security update, which fixes regression
  introduced with original fix for CVE-2013-2096:
  - Regression fix. Nova fails to launch non-cached images (LP: #1183606)
     * debian/patches/lp1183606.patch: call prepare_template() before
       performing QCOW2 image size check

101. By Jamie Strandboge

* Regression fix. Nova fails to launch non-cached images (LP: #1183606)
  - debian/patches/lp1183606.patch: call prepare_template() before
    performing QCOW2 image size check

100. By Jamie Strandboge

* SECURITY UPDATE: verify virtual size of QCOW2 images
  - CVE-2013-2096.patch: update nova/virt/libvirt/imagebackend.py to
    check QCOW2 image size during root disk creation
  - CVE-2013-2096

99. By James Page

* Re-sync with latest security updates.
* SECURITY UPDATE: fix denial of service via fixed IPs when using extensions
  - debian/patches/CVE-2013-1838.patch: add explicit quota for fixed IP
  - CVE-2013-1838
* SECURITY UPDATE: fix VNC token validation
  - debian/patches/CVE-2013-0335.patch: force console auth service to flush
    all tokens associated with an instance when it is deleted
  - CVE-2013-0335
* SECURITY UPDATE: fix denial of service
  - CVE-2013-1664.patch: Add a new utils.safe_minidom_parse_string function
    and update external API facing Nova modules to use it
  - CVE-2013-1664

98. By Jamie Strandboge

* SECURITY UPDATE: fix denial of service via fixed IPs when using extensions
  - debian/patches/CVE-2013-1838.patch: add explicit quota for fixed IP
  - CVE-2013-1838
  - LP: #1125468
* SECURITY UPDATE: fix VNC token validation
  - debian/patches/CVE-2013-0335.patch: force console auth service to flush
    all tokens associated with an instance when it is deleted
  - CVE-2013-0335
  - LP: #1125378

97. By Jamie Strandboge

* SECURITY UPDATE: fix denial of service
  - CVE-2013-1664.patch: Add a new utils.safe_minidom_parse_string function
    and update external API facing Nova modules to use it
  - CVE-2013-1664

96. By Jamie Strandboge

* SECURITY UPDATE: fix lack of authentication on block device used for
  os-volume_boot
  - debian/patches/CVE-2013-0208.patch: adjust nova/compute/api.py to
    validate we can access the volumes
  - CVE-2013-0208

95. By Jamie Strandboge

* SECURITY UPDATE: information leak in libvirt LVM-backed instances
  - debian/patches/CVE-2012-5625.patch: overwrite each logical volume with
    zeros
  - LP: #1070539
  - CVE-2012-5625

94. By Chuck Short

[ Adam Gandelman ]
* Move management of /var/lib/nova/volumes from nova-common to
  nova-volume. Ensure it has proper permissions. (LP: #1065320)
* debian/patches/avoid_setuptools_git_dependency.patch: Remove
  setuptools_git from tools/pip-requires to avoid it being automatically
  added to python-nova's runtime dependencies. (LP: #1059907)

[ Chuck Short ]
* debian/patches/rbd-security.patch: Support override of ceph rbd
  user and secret in nova-compute. (LP: #1065883)
* debian/patches/ubuntu/fix-libvirt-firewall-slowdown.patch: Fix
  refreshing of security groups in libvirt not to block on RPC calls.
  (LP: #1062314)
* debian/patches/ubuntu/fix-ec2-volume-id-mappings.patch: Read deleted
  snapshot and volume id mappings. (LP: #1065785)

Branch metadata

Branch format:
Branch format 7
Repository format:
Bazaar repository format 2a (needs bzr 1.16 or later)
Stacked on:
lp:ubuntu/raring/nova
This branch contains Public information 
Everyone can see this information.

Subscribers