Sylvain Beucler pushed to branch master at Debian Security Tracker / security-tracker
Commits: f34a70c0 by Sylvain Beucler at 2023-03-02T13:56:21+01:00 dla: re-add nova - - - - - 1 changed file: - data/dla-needed.txt Changes: ===================================== data/dla-needed.txt ===================================== @@ -167,6 +167,20 @@ node-nth-check NOTE: 20221223: Module has been rewritten in Typescript since Buster released (lamby). NOTE: 20230206: VCS: https://salsa.debian.org/lts-team/packages/node-nth-check.git -- +nova + NOTE: 20230302: Programming language: Python. + NOTE: 20230302: VCS: https://salsa.debian.org/openstack-team/services/nova + NOTE: 20230302: Testsuite: https://lts-team.pages.debian.net/wiki/TestSuites/OpenStack.html + NOTE: 20230302: Maintainer notes: Contact original maintainer: zigo. + NOTE: 20230302: zigo says that DLA 3302-1 ships a buster-specific CVE-2022-47951 backport that introduces regression + NOTE: 20230302: (it's meant to check whether a VMDK image has the "monoliticFlat" subtype, but in practice it breaks compute nodes); + NOTE: 20230302: cf. debian/patches/cve-2022-47951-nova-stable-rocky.patch, which depends on images_*.patch. + NOTE: 20230302: "The upstream patch introduces a whitelist of allowed subtype (with monoliticFlat disabled by default). + NOTE: 20230302: Though in the Buster codebase, there was no infrastructure to check for this subtype ..." (zigo) + NOTE: 20230302: Later suites (e.g. bullseye) ship a direct upstream patch and are not affected. + NOTE: 20230302: We can either rework the patch, or disable .vmdk support entirely. + NOTE: 20230302: zigo currently has no time and requests the LTS team to do it (IRC #debian-lts 2023-03-02). (Beuc/front-desk) +-- nvidia-graphics-drivers NOTE: 20221225: Programming language: binary blob. NOTE: 20230103: Cf. on-going discussion on nvidia support (Beuc/front-desk) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f34a70c0ad16a314556b288330d49c8460e11495 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f34a70c0ad16a314556b288330d49c8460e11495 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list [email protected] https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
