** Tags added: newton-rc-potential
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1449062
Title:
qemu-img calls need to be restricted by ulimit (CVE-2015-5162)
To manage notifications about this
Fix released to all stable branches
** Changed in: glance
Status: Fix Committed => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1449062
Title:
[OSSA 2016-012] qemu-img calls
See comment #90 for glance fix to stable/liberty
** Changed in: glance/liberty
Status: In Progress => Fix Committed
** Changed in: glance/liberty
Status: Fix Committed => Fix Released
** Changed in: glance/mitaka
Status: Fix Committed => Fix Released
** Changed in:
Looks like this was fixed via documentation. Config option no longer
exists in stable branches.
** Changed in: glance
Status: New => Invalid
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
Change-Id Ie8011fc83bc41edd2768ade6d42d737b4598ca2d added a pretty
heavy-duty binary dependency to os-brick. In the meantime, we have
verified that use of the '[global]' section of the config file goes back
at least to hammer, which would be in the openstack liberty time-frame:
I want to add an addendum to comment #55. That roll-out plan worked
fine, except that we should have used the same Change-Id on all the
cinder patches, and same Change-Id on all the os-brick patches. This
would have made it easier for people looking to see which branches
contained the fix,
