I want to add an addendum to comment #55. That roll-out plan worked
fine, except that we should have used the same Change-Id on all the
cinder patches, and same Change-Id on all the os-brick patches. This
would have made it easier for people looking to see which branches
contained the fix,
Reviewed: https://review.opendev.org/749833
Committed:
https://git.openstack.org/cgit/openstack/os-brick/commit/?id=173601116eb5e00274b10898b56b37dc42d685ac
Submitter: Zuul
Branch:stable/stein
commit 173601116eb5e00274b10898b56b37dc42d685ac
Author: Gorka Eguileor
Date: Thu Aug 13
Reviewed: https://review.opendev.org/746621
Committed:
https://git.openstack.org/cgit/openstack/os-brick/commit/?id=db95b001e2fe53a71ec0b881407ecdf7c3db32fc
Submitter: Zuul
Branch:stable/train
commit db95b001e2fe53a71ec0b881407ecdf7c3db32fc
Author: Gorka Eguileor
Date: Thu Aug 13
Reviewed: https://review.opendev.org/746572
Committed:
https://git.openstack.org/cgit/openstack/os-brick/commit/?id=31589a624fe8d2ebb56ccbd9c94a8dd559a7da89
Submitter: Zuul
Branch:stable/ussuri
commit 31589a624fe8d2ebb56ccbd9c94a8dd559a7da89
Author: Gorka Eguileor
Date: Thu Aug 13
Reviewed: https://review.opendev.org/733615
Committed:
https://git.openstack.org/cgit/openstack/os-brick/commit/?id=4047948f1ac8055a025972ad73ec3ec421450775
Submitter: Zuul
Branch:stable/pike
commit 4047948f1ac8055a025972ad73ec3ec421450775
Author: Ivan Pchelintsev
Date: Tue Jun 2
This bug was fixed in the package cinder - 2:12.0.9-0ubuntu1.2~cloud0
---
cinder (2:12.0.9-0ubuntu1.2~cloud0) xenial-queens; urgency=medium
.
* New update for the Ubuntu Cloud Archive.
.
cinder (2:12.0.9-0ubuntu1.2) bionic-security; urgency=medium
.
* SECURITY UPDATE: Dell
This bug was fixed in the package python-os-brick - 2.8.1-0ubuntu1~cloud0.1
---
python-os-brick (2.8.1-0ubuntu1~cloud0.1) bionic-stein; urgency=medium
.
* d/gbp.conf: Create stable/stein branch.
* SECURITY UPDATE: Dell EMC ScaleIO/VxFlex OS Backend Credentials Exposure
This bug was fixed in the package cinder - 2:13.0.9-0ubuntu1~cloud1.1
---
cinder (2:13.0.9-0ubuntu1~cloud1.1) bionic-rocky; urgency=medium
.
* SECURITY UPDATE: Dell EMC ScaleIO/VxFlex OS Backend Credentials Exposure
(LP: #1823200)
- debian/patches/CVE-2020-10755.patch:
This bug was fixed in the package python-os-brick - 2.5.3-0ubuntu1~cloud0.1
---
python-os-brick (2.5.3-0ubuntu1~cloud0.1) bionic-rocky; urgency=medium
.
* d/gbp.conf: Create stable/rocky branch.
* SECURITY UPDATE: Dell EMC ScaleIO/VxFlex OS Backend Credentials Exposure
This bug was fixed in the package cinder - 2:14.1.0-0ubuntu1~cloud0
---
cinder (2:14.1.0-0ubuntu1~cloud0) bionic-stein; urgency=medium
.
[ Chris MacNaughton ]
* New stable point release for OpenStack Stein (LP: #1884028).
.
[ Corey Bryant ]
* SECURITY UPDATE: Dell EMC
Eoan is EOL
** Changed in: python-os-brick (Ubuntu Eoan)
Status: Triaged => Won't Fix
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1823200
Title:
Improper handling of ScaleIO backend
Eoan is EOL
** Changed in: cinder (Ubuntu Eoan)
Status: Triaged => Won't Fix
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1823200
Title:
Improper handling of ScaleIO backend credentials
This bug was fixed in the package python-os-brick - 2.10.0-0ubuntu1~cloud0.1
---
python-os-brick (2.10.0-0ubuntu1~cloud0.1) bionic-train; urgency=medium
.
* d/gbp.conf: Create stable/train branch.
* SECURITY UPDATE: Dell EMC ScaleIO/VxFlex OS Backend Credentials Exposure
This bug was fixed in the package cinder - 2:15.2.0-0ubuntu1~cloud0
---
cinder (2:15.2.0-0ubuntu1~cloud0) bionic-train; urgency=medium
.
[ Chris MacNaughton ]
* New stable point release for OpenStack Train (LP: #1883892)
* d/control: Align (Build-)Depends with upstream.
.
This bug was fixed in the package python-os-brick - 3.0.1-0ubuntu1.2~cloud0
---
python-os-brick (3.0.1-0ubuntu1.2~cloud0) bionic-ussuri; urgency=medium
.
* New update for the Ubuntu Cloud Archive.
.
python-os-brick (3.0.1-0ubuntu1.2) focal-security; urgency=medium
.
*
This bug was fixed in the package cinder - 2:16.1.0-0ubuntu1~cloud0
---
cinder (2:16.1.0-0ubuntu1~cloud0) bionic-ussuri; urgency=medium
.
* New upstream release for the Ubuntu Cloud Archive.
.
cinder (2:16.1.0-0ubuntu1) focal-security; urgency=medium
.
[ Chris MacNaughton ]
This bug was fixed in the package cinder - 2:12.0.9-0ubuntu1.2
---
cinder (2:12.0.9-0ubuntu1.2) bionic-security; urgency=medium
* SECURITY UPDATE: Dell EMC ScaleIO/VxFlex OS Backend Credentials Exposure
(LP: #1823200)
- debian/patches/CVE-2020-10755.patch: Remove VxFlex OS
This bug was fixed in the package cinder - 2:16.1.0-0ubuntu1
---
cinder (2:16.1.0-0ubuntu1) focal-security; urgency=medium
[ Chris MacNaughton ]
* New stable point release for OpenStack Ussuri (LP: #1883879).
[ Corey Bryant ]
* SECURITY UPDATE: Dell EMC ScaleIO/VxFlex OS
This bug was fixed in the package python-os-brick - 2.3.0-0ubuntu1.2
---
python-os-brick (2.3.0-0ubuntu1.2) bionic-security; urgency=medium
* d/gbp.conf: Create stable/queens branch.
* SECURITY UPDATE: Dell EMC ScaleIO/VxFlex OS Backend Credentials Exposure
(LP: #1823200)
This bug was fixed in the package python-os-brick - 3.0.1-0ubuntu1.2
---
python-os-brick (3.0.1-0ubuntu1.2) focal-security; urgency=medium
* d/gbp.conf: Create stable/ussuri branch.
* SECURITY UPDATE: Dell EMC ScaleIO/VxFlex OS Backend Credentials Exposure
(LP: #1823200)
This bug was fixed in the package cinder -
2:17.0.0~b1~git2020062409.85fcf1057-0ubuntu1~cloud0
---
cinder (2:17.0.0~b1~git2020062409.85fcf1057-0ubuntu1~cloud0) focal-victoria;
urgency=medium
.
* New upstream release for the Ubuntu Cloud Archive.
.
cinder
This bug was fixed in the package cinder -
2:17.0.0~b1~git2020062409.85fcf1057-0ubuntu1~cloud0
---
cinder (2:17.0.0~b1~git2020062409.85fcf1057-0ubuntu1~cloud0) focal-victoria;
urgency=medium
.
* New upstream release for the Ubuntu Cloud Archive.
.
cinder
** Changed in: cloud-archive
Status: Triaged => Fix Committed
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1823200
Title:
Improper handling of ScaleIO backend credentials
To manage
This bug was fixed in the package cinder -
2:17.0.0~b1~git2020062409.85fcf1057-0ubuntu1
---
cinder (2:17.0.0~b1~git2020062409.85fcf1057-0ubuntu1) groovy; urgency=medium
* SECURITY UPDATE: Dell EMC ScaleIO/VxFlex OS Backend Credentials Exposure
(LP: #1823200)
- Remove VxFlex
** Changed in: python-os-brick (Ubuntu Eoan)
Importance: Undecided => High
** Changed in: python-os-brick (Ubuntu Eoan)
Status: New => Triaged
** Changed in: python-os-brick (Ubuntu Bionic)
Importance: Undecided => High
** Changed in: python-os-brick (Ubuntu Bionic)
Status:
** Tags added: patch
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1823200
Title:
Improper handling of ScaleIO backend credentials
To manage notifications about this bug go to:
** Changed in: python-os-brick (Ubuntu Focal)
Importance: Undecided => High
** Changed in: python-os-brick (Ubuntu Focal)
Status: New => Triaged
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
The attachment "cinder.patch" seems to be a patch. If it isn't, please
remove the "patch" flag from the attachment, remove the "patch" tag, and
if you are a member of the ~ubuntu-reviewers, unsubscribe the team.
[This is an automated message performed by a Launchpad user owned by
~brian-murray,
** Also affects: python-os-brick (Ubuntu)
Importance: Undecided
Status: New
** Also affects: cinder (Ubuntu)
Importance: Undecided
Status: New
** Also affects: cinder (Ubuntu Bionic)
Importance: Undecided
Status: New
** Also affects: python-os-brick (Ubuntu Bionic)
29 matches
Mail list logo
