lp:ubuntu/quantal-updates/nova
- Get this branch:
- bzr branch lp:ubuntu/quantal-updates/nova
Branch merges
Branch information
Recent revisions
- 103. By Jamie Strandboge
-
* SECURITY UPDATE: properly honor the is_public flag
- debian/patches/ CVE-2013- 2256.patch, CVE-2013- 4278.patch: add enforcement
of is_public in the db layer (LP: #1194093, LP: #1212179)
- CVE-2013-2256, CVE-2013-4278
* SECURITY UPDATE: denial of service with network security group policy
updates
- debian/patches/ CVE-2013- 4185.patch: use cached nwinfo for secgroup rules
(LP: #1184041)
- CVE-2013-4185 - 102. By Adam Gandelman
-
* Rebase again with latest security update, which fixes regression
introduced with original fix for CVE-2013-2096:
- Regression fix. Nova fails to launch non-cached images (LP: #1183606)
* debian/patches/ lp1183606. patch: call prepare_template() before
performing QCOW2 image size check - 101. By Jamie Strandboge
-
* Regression fix. Nova fails to launch non-cached images (LP: #1183606)
- debian/patches/ lp1183606. patch: call prepare_template() before
performing QCOW2 image size check - 100. By Jamie Strandboge
-
* SECURITY UPDATE: verify virtual size of QCOW2 images
- CVE-2013-2096.patch: update nova/virt/ libvirt/ imagebackend. py to
check QCOW2 image size during root disk creation
- CVE-2013-2096 - 99. By James Page
-
* Re-sync with latest security updates.
* SECURITY UPDATE: fix denial of service via fixed IPs when using extensions
- debian/patches/ CVE-2013- 1838.patch: add explicit quota for fixed IP
- CVE-2013-1838
* SECURITY UPDATE: fix VNC token validation
- debian/patches/ CVE-2013- 0335.patch: force console auth service to flush
all tokens associated with an instance when it is deleted
- CVE-2013-0335
* SECURITY UPDATE: fix denial of service
- CVE-2013-1664.patch: Add a new utils.safe_ minidom_ parse_string function
and update external API facing Nova modules to use it
- CVE-2013-1664 - 98. By Jamie Strandboge
-
* SECURITY UPDATE: fix denial of service via fixed IPs when using extensions
- debian/patches/ CVE-2013- 1838.patch: add explicit quota for fixed IP
- CVE-2013-1838
- LP: #1125468
* SECURITY UPDATE: fix VNC token validation
- debian/patches/ CVE-2013- 0335.patch: force console auth service to flush
all tokens associated with an instance when it is deleted
- CVE-2013-0335
- LP: #1125378 - 97. By Jamie Strandboge
-
* SECURITY UPDATE: fix denial of service
- CVE-2013-1664.patch: Add a new utils.safe_ minidom_ parse_string function
and update external API facing Nova modules to use it
- CVE-2013-1664 - 96. By Jamie Strandboge
-
* SECURITY UPDATE: fix lack of authentication on block device used for
os-volume_boot
- debian/patches/ CVE-2013- 0208.patch: adjust nova/compute/api.py to
validate we can access the volumes
- CVE-2013-0208 - 95. By Jamie Strandboge
-
* SECURITY UPDATE: information leak in libvirt LVM-backed instances
- debian/patches/ CVE-2012- 5625.patch: overwrite each logical volume with
zeros
- LP: #1070539
- CVE-2012-5625 - 94. By Chuck Short
-
[ Adam Gandelman ]
* Move management of /var/lib/nova/volumes from nova-common to
nova-volume. Ensure it has proper permissions. (LP: #1065320)
* debian/patches/ avoid_setuptool s_git_dependenc y.patch: Remove
setuptools_git from tools/pip-requires to avoid it being automatically
added to python-nova's runtime dependencies. (LP: #1059907)[ Chuck Short ]
* debian/patches/ rbd-security. patch: Support override of ceph rbd
user and secret in nova-compute. (LP: #1065883)
* debian/patches/ ubuntu/ fix-libvirt- firewall- slowdown. patch: Fix
refreshing of security groups in libvirt not to block on RPC calls.
(LP: #1062314)
* debian/patches/ ubuntu/ fix-ec2- volume- id-mappings. patch: Read deleted
snapshot and volume id mappings. (LP: #1065785)
Branch metadata
- Branch format:
- Branch format 7
- Repository format:
- Bazaar repository format 2a (needs bzr 1.16 or later)
- Stacked on:
- lp:ubuntu/raring/nova