Re: [openstack-dev] [nova][stable] Freeze exception for kilo CVE-2015-7548 backports
Matthew Booth wrote: The following 3 patches fix CVE-2015-7548 Unprivileged api user can access host data using instance snapshot: https://review.openstack.org/#/c/264819/ https://review.openstack.org/#/c/264820/ https://review.openstack.org/#/c/264821/ The OSSA is rated critical. The patches have now landed on master and liberty after some delays in the gate. Given the importance of the fix I suspect that most/all downstream distributions will have already patched (certainly Red Hat has), but it would be good to have them in upstream stable. Matt already posted a thread about giving an exception to this series: http://lists.openstack.org/pipermail/openstack-dev/2016-January/084161.html Cheers, -- Thierry Carrez (ttx) __ OpenStack Development Mailing List (not for usage questions) Unsubscribe: openstack-dev-requ...@lists.openstack.org?subject:unsubscribe http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
[openstack-dev] [nova][stable] Freeze exception for kilo CVE-2015-7548 backports
The following 3 patches fix CVE-2015-7548 Unprivileged api user can access host data using instance snapshot: https://review.openstack.org/#/c/264819/ https://review.openstack.org/#/c/264820/ https://review.openstack.org/#/c/264821/ The OSSA is rated critical. The patches have now landed on master and liberty after some delays in the gate. Given the importance of the fix I suspect that most/all downstream distributions will have already patched (certainly Red Hat has), but it would be good to have them in upstream stable. Matt -- Matthew Booth Red Hat Engineering, Virtualisation Team Phone: +442070094448 (UK) __ OpenStack Development Mailing List (not for usage questions) Unsubscribe: openstack-dev-requ...@lists.openstack.org?subject:unsubscribe http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev