[Bug 1089488] Re: Meta bug for tracking Openstack Stable Updates
** Changed in: nova (Ubuntu) Status: Fix Committed = Invalid ** Changed in: keystone (Ubuntu) Status: Fix Committed = Invalid ** Changed in: horizon (Ubuntu) Status: Fix Committed = Invalid -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to nova in Ubuntu. https://bugs.launchpad.net/bugs/1089488 Title: Meta bug for tracking Openstack Stable Updates To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/glance/+bug/1089488/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1089488] Re: Meta bug for tracking Openstack Stable Updates
Test coverage log. ** Attachment added: 2012.1.3+stable-20130405-e52e6912-0ubuntu1.log https://bugs.launchpad.net/bugs/1089488/+attachment/3678007/+files/2012.1.3%2Bstable-20130405-e52e6912-0ubuntu1.log -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to nova in Ubuntu. https://bugs.launchpad.net/bugs/1089488 Title: Meta bug for tracking Openstack Stable Updates To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/glance/+bug/1089488/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1089488] Re: Meta bug for tracking Openstack Stable Updates
Test coverage log. ** Attachment added: 2012.1.3+stable-20130405-e52e6912-0ubuntu1.log https://bugs.launchpad.net/bugs/1089488/+attachment/3678023/+files/2012.1.3%2Bstable-20130405-e52e6912-0ubuntu1.log -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to nova in Ubuntu. https://bugs.launchpad.net/bugs/1089488 Title: Meta bug for tracking Openstack Stable Updates To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/glance/+bug/1089488/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1089488] Re: Meta bug for tracking Openstack Stable Updates
Test coverage log. ** Attachment added: 2012.1.3+stable-20130423-74b067df-0ubuntu1.log https://bugs.launchpad.net/bugs/1089488/+attachment/3678041/+files/2012.1.3%2Bstable-20130423-74b067df-0ubuntu1.log ** Tags removed: verification-needed ** Tags added: verification-done -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to nova in Ubuntu. https://bugs.launchpad.net/bugs/1089488 Title: Meta bug for tracking Openstack Stable Updates To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/glance/+bug/1089488/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1089488] Re: Meta bug for tracking Openstack Stable Updates
This bug was fixed in the package horizon - 2012.1.3+stable-20130423-5ce39422-0ubuntu1 --- horizon (2012.1.3+stable-20130423-5ce39422-0ubuntu1) precise-proposed; urgency=low * Resynchronize with stable/essex (LP: #1089488) - [7e651d7] stable/essex horizon installs unusable version of glance (LP: #1057125) - [35eada8] open redirect / phishing attack via next parameter (LP: #1039077) - [8889311] TypeError when trying to delete an unnamed volume via dashboard (LP: #1031291) - [f862d9e] Wrong 'Download CSV Summary' link (LP: #1020555) - [9b22d68] When adding ICMP rule, the type/code is being validated as from/to ports (LP: #997669) - [52bbba1] Added --only-selenium option in run_tests.sh * Dropped patches, superseeded by new snapshot: - debian/patches/CVE-2012-3540.patch [35eada8] -- Yolanda yolanda.ro...@canonical.com Wed, 24 Apr 2013 15:46:28 +0200 ** Changed in: horizon (Ubuntu Precise) Status: Fix Committed = Fix Released ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2012-3540 ** Changed in: glance (Ubuntu) Status: Fix Committed = Fix Released ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2012-4573 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2013-0212 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2013-1840 -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to nova in Ubuntu. https://bugs.launchpad.net/bugs/1089488 Title: Meta bug for tracking Openstack Stable Updates To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/glance/+bug/1089488/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1089488] Re: Meta bug for tracking Openstack Stable Updates
This bug was fixed in the package glance - 2012.1.3+stable-20130423 -74b067df-0ubuntu1 --- glance (2012.1.3+stable-20130423-74b067df-0ubuntu1) precise-proposed; urgency=low * Resynchronize with stable/essex (74b067df) (LP: #1089488): - [74b067d] v1 api returns location as header for cached images LP: 1135541 - [37d4d96] glance image-download can display backend Swift password LP: 1098962 - [efd7e75] Non-admin users can cause public glance images to be deleted from the backend storage repository (LP: #1065187) - [e6be061] Jenkins jobs fail because of incompatibility between sqlalchemy- migrate and the newest sqlalchemy-0.8.0b1 (LP: #1073569) * Dropped patches, superseeded by snapshot: - debian/patches/CVE-2013-1840.patch [74b067d] - debian/patches/CVE-2013-0212.patch [37d4d96] - debian/patches/CVE-2012-4573.patch [efd7e75] -- Yolanda yolanda.ro...@canonical.com Wed, 24 Apr 2013 14:58:09 +0200 ** Changed in: nova (Ubuntu Precise) Status: Fix Committed = Fix Released ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2013-0208 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2013-0335 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2013-1664 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2013-1838 -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to nova in Ubuntu. https://bugs.launchpad.net/bugs/1089488 Title: Meta bug for tracking Openstack Stable Updates To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/glance/+bug/1089488/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1089488] Re: Meta bug for tracking Openstack Stable Updates
This bug was fixed in the package nova - 2012.1.3+stable-20130423-e52e6912-0ubuntu1 --- nova (2012.1.3+stable-20130423-e52e6912-0ubuntu1) precise-proposed; urgency=low * Resynchronize with stable/essex (e52e6912) (LP: #1089488): - [48e81f1] VNC proxy can be made to connect to wrong VM LP: 1125378 - [3bf5a58] snat rule too broad for some network configurations LP: 1048765 - [efaacda] DOS by allocating all fixed ips LP: 1125468 - [b683ced] Add nosehtmloutput as a test dependency. - [45274c8] Nova unit tests not running, but still passing for stable/essex LP: 1132835 - [e02b459] vnc unit-test fixes - [87361d3] Jenkins jobs fail because of incompatibility between sqlalchemy- migrate and the newest sqlalchemy-0.8.0b1 (LP: #1073569) - [e98928c] VNC proxy can be made to connect to wrong VM LP: 1125378 - [c0a10db] DoS through XML entity expansion (CVE-2013-1664) LP: 1100282 - [243d516] No authentication on block device used for os-volume_boot LP: 1069904 - [80fefe5] use_single_default_gateway does not function correctly (LP: #1075859) - [bd10241] Essex 2012.1.3 : Error deleting instance with 2 Nova Volumes attached (LP: #1079745) - [86a5937] do_refresh_security_group_rules in nova.virt.firewall is very slow (LP: #1062314) - [ae9c5f4] deallocate_fixed_ip attempts to update an already deleted fixed_ip (LP: #1017633) - [20f98c5] failed to allocate fixed ip because old deleted one exists (LP: #996482) - [75f6922] snapshot stays in saving state if the vm base image is deleted (LP: #921774) - [1076699] lock files may be removed in error dues to permissions issues (LP: #1051924) - [40c5e94] ensure_default_security_group() does not call sgh (LP: #1050982) - [4eebe76] At termination, LXC rootfs is not always unmounted before rmtree() is called (LP: #1046313) - [47dabb3] Heavily loaded nova-compute instances don't sent reports frequently enough (LP: #1045152) - [b375b4f] When attach volume lost attach when node restart (LP: #1004791) - [4ac2dcc] nova usage-list returns wrong usage (LP: #1043999) - [014fcbc] Bridge port's hairpin mode not set after resuming a machine (LP: #1040537) - [2f35f8e] Nova flavor ephemeral space size reported incorrectly (LP: #1026210) * Dropped, superseeded by new snapshot: - debian/patches/CVE-2013-0335.patch: [48e81f1] - debian/patches/CVE-2013-1838.patch: [efaacda] - debian/patches/CVE-2013-1664.patch: [c0a10db] - debian/patches/CVE-2013-0208.patch: [243d516] -- Yolanda yolanda.ro...@canonical.com Mon, 22 Apr 2013 12:37:08 +0200 ** Changed in: keystone (Ubuntu Precise) Status: Fix Committed = Fix Released ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2012-3542 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2012-4413 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2012-5571 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2013-0247 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2013-0282 -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to nova in Ubuntu. https://bugs.launchpad.net/bugs/1089488 Title: Meta bug for tracking Openstack Stable Updates To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/glance/+bug/1089488/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1089488] Re: Meta bug for tracking Openstack Stable Updates
** Branch linked: lp:ubuntu/precise-updates/nova -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to nova in Ubuntu. https://bugs.launchpad.net/bugs/1089488 Title: Meta bug for tracking Openstack Stable Updates To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/glance/+bug/1089488/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1089488] Re: Meta bug for tracking Openstack Stable Updates
Hello Yolanda, or anyone else affected, Accepted glance into precise-proposed. The package will build now and be available at http://launchpad.net/ubuntu/+source/glance/2012.1.3+stable-20130423 -74b067df-0ubuntu1 in a few hours, and then in the -proposed repository. Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users. If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, and change the tag from verification-needed to verification-done. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed. In either case, details of your testing will help us make a better decision. Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance! ** Tags added: verification-needed -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to nova in Ubuntu. https://bugs.launchpad.net/bugs/1089488 Title: Meta bug for tracking Openstack Stable Updates To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/glance/+bug/1089488/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1089488] Re: Meta bug for tracking Openstack Stable Updates
** Branch linked: lp:ubuntu/precise-proposed/glance -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to nova in Ubuntu. https://bugs.launchpad.net/bugs/1089488 Title: Meta bug for tracking Openstack Stable Updates To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/glance/+bug/1089488/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1089488] Re: Meta bug for tracking Openstack Stable Updates
** Branch linked: lp:ubuntu/precise-proposed/nova ** Branch linked: lp:ubuntu/precise-proposed/keystone ** Branch linked: lp:ubuntu/precise-proposed/horizon -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to nova in Ubuntu. https://bugs.launchpad.net/bugs/1089488 Title: Meta bug for tracking Openstack Stable Updates To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/glance/+bug/1089488/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1089488] Re: Meta bug for tracking Openstack Stable Updates
** Changed in: glance (Ubuntu) Assignee: (unassigned) = Yolanda Robla (yolanda.robla) ** Changed in: horizon (Ubuntu) Assignee: (unassigned) = Yolanda Robla (yolanda.robla) ** Changed in: horizon (Ubuntu Precise) Assignee: (unassigned) = Yolanda Robla (yolanda.robla) ** Changed in: keystone (Ubuntu) Assignee: (unassigned) = Yolanda Robla (yolanda.robla) ** Changed in: keystone (Ubuntu Precise) Assignee: (unassigned) = Yolanda Robla (yolanda.robla) ** Changed in: nova (Ubuntu) Assignee: (unassigned) = Yolanda Robla (yolanda.robla) ** Changed in: nova (Ubuntu Precise) Assignee: (unassigned) = Yolanda Robla (yolanda.robla) ** Changed in: glance (Ubuntu) Status: Invalid = Fix Committed ** Changed in: horizon (Ubuntu Precise) Status: Confirmed = Fix Committed ** Changed in: horizon (Ubuntu) Status: Invalid = Fix Committed ** Changed in: keystone (Ubuntu) Status: Invalid = Fix Committed ** Changed in: keystone (Ubuntu Precise) Status: Confirmed = Fix Committed ** Changed in: nova (Ubuntu) Status: Invalid = Fix Committed ** Changed in: nova (Ubuntu Precise) Status: Confirmed = Fix Committed -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to nova in Ubuntu. https://bugs.launchpad.net/bugs/1089488 Title: Meta bug for tracking Openstack Stable Updates To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/glance/+bug/1089488/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1089488] Re: Meta bug for tracking Openstack Stable Updates
** Also affects: glance (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to nova in Ubuntu. https://bugs.launchpad.net/bugs/1089488 Title: Meta bug for tracking Openstack Stable Updates To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/glance/+bug/1089488/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1089488] Re: Meta bug for tracking Openstack Stable Updates
** Description changed: This is a meta-bug used for tracking progress of new updates to Nova, Horizon, Keystone. - nova (2012.1.4+stable-20130402-e52e6912-0ubuntu1) precise-proposed; + nova (2012.1.3+stable-20130423-e52e6912-0ubuntu1) precise-proposed; urgency=low - [ Chuck Short ] - * debian/*.logrotate: compress logfiles when they are rotated. (LP: - #1049915) - - [ Yolanda Robla Mota ] - * Resynchronize with stable/essex (LP: #1089488): + * Resynchronize with stable/essex (e52e6912) (LP: #1089488): - [48e81f1] VNC proxy can be made to connect to wrong VM LP: 1125378 - [3bf5a58] snat rule too broad for some network configurations LP: 1048765 - [efaacda] DOS by allocating all fixed ips LP: 1125468 - [b683ced] Add nosehtmloutput as a test dependency. - [45274c8] Nova unit tests not running, but still passing for stable/essex LP: 1132835 - [e02b459] vnc unit-test fixes - [87361d3] Jenkins jobs fail because of incompatibility between sqlalchemy- migrate and the newest sqlalchemy-0.8.0b1 (LP: #1073569) - [e98928c] VNC proxy can be made to connect to wrong VM LP: 1125378 - [c0a10db] DoS through XML entity expansion (CVE-2013-1664) LP: 1100282 - [243d516] No authentication on block device used for os-volume_boot LP: 1069904 - [80fefe5] use_single_default_gateway does not function correctly (LP: #1075859) - [bd10241] Essex 2012.1.3 : Error deleting instance with 2 Nova Volumes attached (LP: #1079745) - [86a5937] do_refresh_security_group_rules in nova.virt.firewall is very slow (LP: #1062314) - [ae9c5f4] deallocate_fixed_ip attempts to update an already deleted fixed_ip (LP: #1017633) - [20f98c5] failed to allocate fixed ip because old deleted one exists (LP: #996482) - [75f6922] snapshot stays in saving state if the vm base image is deleted (LP: #921774) - [1076699] lock files may be removed in error dues to permissions issues (LP: #1051924) - [40c5e94] ensure_default_security_group() does not call sgh (LP: #1050982) - [4eebe76] At termination, LXC rootfs is not always unmounted before rmtree() is called (LP: #1046313) - [47dabb3] Heavily loaded nova-compute instances don't sent reports frequently enough (LP: #1045152) - [b375b4f] When attach volume lost attach when node restart (LP: #1004791) - [4ac2dcc] nova usage-list returns wrong usage (LP: #1043999) - [014fcbc] Bridge port's hairpin mode not set after resuming a machine (LP: #1040537) - [2f35f8e] Nova flavor ephemeral space size reported incorrectly (LP: #1026210) + * Dropped, superseeded by new snapshot: + - debian/patches/CVE-2013-0335.patch: [48e81f1] + - debian/patches/CVE-2013-1838.patch: [efaacda] + - debian/patches/CVE-2013-1664.patch: [c0a10db] + - debian/patches/CVE-2013-0208.patch: [243d516] - -- Yolanda Robla Mota yolanda.ro...@canonical.com Fri, 05 Apr 2013 - 09:59:20 +0100 + -- Yolanda yolanda.ro...@canonical.com Mon, 22 Apr 2013 12:37:08 + +0200 - horizon (2012.1.4+stable-20130405-5ce39422-0ubuntu1) precise-proposed; + horizon (2012.1.3+stable-20130423-5ce39422-0ubuntu1) precise-proposed; urgency=low - * Resynchronize with stable/essex (LP: #1089488): + * Resynchronize with stable/essex (LP: #1089488) - [7e651d7] stable/essex horizon installs unusable version of glance (LP: #1057125) - [35eada8] open redirect / phishing attack via next parameter (LP: #1039077) - [8889311] TypeError when trying to delete an unnamed volume via dashboard (LP: #1031291) - [f862d9e] Wrong 'Download CSV Summary' link (LP: #1020555) - [9b22d68] When adding ICMP rule, the type/code is being validated as from/to ports (LP: #997669) - [52bbba1] Added --only-selenium option in run_tests.sh - - * Dropped patches, superseeded by snapshot: + * Dropped patches, superseeded by new snapshot: - debian/patches/CVE-2012-3540.patch [35eada8] - -- Yolanda Robla Mota yolanda.ro...@canonical.com Fri, 05 Apr 2013 - 10:14:44 +0100 + -- Yolanda yolanda.ro...@canonical.com Wed, 24 Apr 2013 15:46:28 + +0200 - keystone (2012.1.4+stable-20130405-f48dd0fc-0ubuntu1) precise-proposed; + keystone (2012.1.3+stable-20130423-f48dd0fc-0ubuntu1) precise-proposed; urgency=low - [ Chuck Short ] - * debian/keystone.logrotate: Compress log file when rotated. (LP: #1049309) - - [ Yolanda Robla Mota ] * Resynchronize with stable/essex (LP: #1089488): - [7402f5e] EC2 authentication does not ensure user or tenant is enabled LP: 1121494 - [8945567] DoS through XML entity expansion (CVE-2013-1664) LP: 1100282 - [7b5b72f] Add size validations for /tokens. - [ef1e682] docutils 0.10 incompatible with sphinx 1.1.3 LP: 1091333 - [8735009] Removing
[Bug 1089488] Re: Meta bug for tracking Openstack Stable Updates
** Also affects: glance Importance: Undecided Status: New ** No longer affects: glance -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to nova in Ubuntu. https://bugs.launchpad.net/bugs/1089488 Title: Meta bug for tracking Openstack Stable Updates To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/glance/+bug/1089488/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1089488] Re: Meta bug for tracking Openstack Stable Updates
Resubmitted changelogs for that SRU ** Description changed: This is a meta-bug used for tracking progress of new updates to Nova, Horizon, Keystone. - nova (2012.1.4+stable-20121217-9f277e38-0ubuntu1) precise-proposed; + nova (2012.1.4+stable-20130402-e52e6912-0ubuntu1) precise-proposed; urgency=low [ Chuck Short ] - * debian/*.logrotate: compress logfiles when they are rotated. (LP: #1049915) + * debian/*.logrotate: compress logfiles when they are rotated. (LP: + #1049915) [ Yolanda Robla Mota ] - * Resynchronize with stable/essex (9f277e38): + * Resynchronize with stable/essex (LP: #1089488): + - [48e81f1] VNC proxy can be made to connect to wrong VM LP: 1125378 + - [3bf5a58] snat rule too broad for some network configurations LP: 1048765 + - [efaacda] DOS by allocating all fixed ips LP: 1125468 + - [b683ced] Add nosehtmloutput as a test dependency. + - [45274c8] Nova unit tests not running, but still passing for stable/essex + LP: 1132835 + - [e02b459] vnc unit-test fixes + - [87361d3] Jenkins jobs fail because of incompatibility between sqlalchemy- + migrate and the newest sqlalchemy-0.8.0b1 (LP: #1073569) + - [e98928c] VNC proxy can be made to connect to wrong VM LP: 1125378 + - [c0a10db] DoS through XML entity expansion (CVE-2013-1664) LP: 1100282 + - [243d516] No authentication on block device used for os-volume_boot + LP: 1069904 - [80fefe5] use_single_default_gateway does not function correctly (LP: #1075859) - [bd10241] Essex 2012.1.3 : Error deleting instance with 2 Nova Volumes attached (LP: #1079745) - [86a5937] do_refresh_security_group_rules in nova.virt.firewall is very slow (LP: #1062314) - [ae9c5f4] deallocate_fixed_ip attempts to update an already deleted fixed_ip (LP: #1017633) - [20f98c5] failed to allocate fixed ip because old deleted one exists (LP: #996482) - [75f6922] snapshot stays in saving state if the vm base image is deleted (LP: #921774) - [1076699] lock files may be removed in error dues to permissions issues (LP: #1051924) - [40c5e94] ensure_default_security_group() does not call sgh (LP: #1050982) - [4eebe76] At termination, LXC rootfs is not always unmounted before rmtree() is called (LP: #1046313) - [47dabb3] Heavily loaded nova-compute instances don't sent reports frequently enough (LP: #1045152) - [b375b4f] When attach volume lost attach when node restart (LP: #1004791) - [4ac2dcc] nova usage-list returns wrong usage (LP: #1043999) - [014fcbc] Bridge port's hairpin mode not set after resuming a machine (LP: #1040537) - [2f35f8e] Nova flavor ephemeral space size reported incorrectly (LP: #1026210) - -- Yolanda Robla Mota yolanda.ro...@canonical.com Mon, 17 Dec 2012 - 10:39:28 + + -- Yolanda Robla Mota yolanda.ro...@canonical.com Fri, 05 Apr 2013 + 09:59:20 +0100 + horizon (2012.1.4+stable-20130405-5ce39422-0ubuntu1) precise-proposed; + urgency=low - horizon (2012.1.4+stable-20121217-5ce39422-0ubuntu1) precise-proposed; urgency=low - - * Resynchronize with stable/essex (5ce39422): + * Resynchronize with stable/essex (LP: #1089488): - [7e651d7] stable/essex horizon installs unusable version of glance (LP: #1057125) - [35eada8] open redirect / phishing attack via next parameter - (CVE-2012-3540) + (LP: #1039077) - [8889311] TypeError when trying to delete an unnamed volume via dashboard (LP: #1031291) - [f862d9e] Wrong 'Download CSV Summary' link (LP: #1020555) + - [9b22d68] When adding ICMP rule, the type/code is being validated as + from/to ports (LP: #997669) + - [52bbba1] Added --only-selenium option in run_tests.sh * Dropped patches, superseeded by snapshot: - debian/patches/CVE-2012-3540.patch [35eada8] - -- Yolanda Robla Mota yolanda.ro...@canonical.com Mon, 17 Dec 2012 - 11:05:44 + + -- Yolanda Robla Mota yolanda.ro...@canonical.com Fri, 05 Apr 2013 + 10:14:44 +0100 - - keystone (2012.1.4+stable-20121217-c17a9992-0ubuntu1) precise-proposed; urgency=low + keystone (2012.1.4+stable-20130405-f48dd0fc-0ubuntu1) precise-proposed; + urgency=low [ Chuck Short ] * debian/keystone.logrotate: Compress log file when rotated. (LP: #1049309) [ Yolanda Robla Mota ] - * Resynchronize with stable/essex (c17a9992): + * Resynchronize with stable/essex (LP: #1089488): + - [7402f5e] EC2 authentication does not ensure user or tenant is enabled + LP: 1121494 + - [8945567] DoS through XML entity expansion (CVE-2013-1664) LP: 1100282 + - [7b5b72f] Add size validations for /tokens. + - [ef1e682] docutils 0.10 incompatible with sphinx 1.1.3 LP: 1091333 - [8735009] Removing user from a tenant isn't invalidating user access to - tenant (CVE-2012-5571)
[Bug 1089488] Re: Meta bug for tracking Openstack Stable Updates
Can you inform me about the progress of that? I was posted on December so we wanted to check if there is any blocker. -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to nova in Ubuntu. https://bugs.launchpad.net/bugs/1089488 Title: Meta bug for tracking Openstack Stable Updates To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/horizon/+bug/1089488/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1089488] Re: Meta bug for tracking Openstack Stable Updates
** No longer affects: glance (Ubuntu) ** No longer affects: glance (Ubuntu Precise) ** Description changed: This is a meta-bug used for tracking progress of new updates to Nova, - Horizon, Keystone, and Glance. + Horizon, Keystone. - nova (2012.1.4+stable-20121212-bd102419-0ubuntu1) precise-proposed; + nova (2012.1.4+stable-20121217-9f277e38-0ubuntu1) precise-proposed; urgency=low - [ Yolanda Robla ] - * Dropped patches, applied upstream: - - debian/patches/CVE-2012-3447.patch: update to perform the file name - canonicalization as the root user - - debian/patches/CVE-2012-3371.patch: lookup instance ids only once - instead of once for each scheduler hint instance id. - - debian/patches/CVE-2012-3360+3361.patch: ensure that files cannot - be injected in arbitrary locations + [ Chuck Short ] + * debian/*.logrotate: compress logfiles when they are rotated. (LP: #1049915) - * Resynchronize with stable/essex (bd102419): - - [bd10241] Essex 2012.1.3 : Error deleting instance with 2 Nova Volumes - attached (LP: #1079745) - - [86a5937] do_refresh_security_group_rules in nova.virt.firewall is very - slow (LP: #1062314) - - [ae9c5f4] deallocate_fixed_ip attempts to update an already deleted - fixed_ip (LP: #1017633) - - [20f98c5] failed to allocate fixed ip because old deleted one exists (LP: #996482) - - [75f6922] snapshot stays in saving state if the vm base image is deleted + [ Yolanda Robla Mota ] + * Resynchronize with stable/essex (9f277e38): + - [80fefe5] use_single_default_gateway does not function correctly + (LP: #1075859) + - [bd10241] Essex 2012.1.3 : Error deleting instance with 2 Nova Volumes + attached (LP: #1079745) + - [86a5937] do_refresh_security_group_rules in nova.virt.firewall is very + slow (LP: #1062314) + - [ae9c5f4] deallocate_fixed_ip attempts to update an already deleted + fixed_ip (LP: #1017633) + - [20f98c5] failed to allocate fixed ip because old deleted one exists + (LP: #996482) + - [75f6922] snapshot stays in saving state if the vm base image is deleted (LP: #921774) - - [1076699] lock files may be removed in error dues to permissions issues + - [1076699] lock files may be removed in error dues to permissions issues (LP: #1051924) - - [40c5e94] ensure_default_security_group() does not call sgh (LP: #1050982) - - [4eebe76] At termination, LXC rootfs is not always unmounted before - rmtree() is called (LP: #1046313) - - [47dabb3] Heavily loaded nova-compute instances don't sent reports - frequently enough (LP: #1045152) - - [b375b4f] When attach volume lost attach when node restart (LP: #1004791) - - [4ac2dcc] nova usage-list returns wrong usage (LP: #1043999) - - [014fcbc] Bridge port's hairpin mode not set after resuming a machine (LP: #1040537) - - [2f35f8e] Nova flavor ephemeral space size reported incorrectly (LP: #1026210) + - [40c5e94] ensure_default_security_group() does not call sgh (LP: #1050982) + - [4eebe76] At termination, LXC rootfs is not always unmounted before + rmtree() is called (LP: #1046313) + - [47dabb3] Heavily loaded nova-compute instances don't sent reports + frequently enough (LP: #1045152) + - [b375b4f] When attach volume lost attach when node restart (LP: #1004791) + - [4ac2dcc] nova usage-list returns wrong usage (LP: #1043999) + - [014fcbc] Bridge port's hairpin mode not set after resuming a machine + (LP: #1040537) + - [2f35f8e] Nova flavor ephemeral space size reported incorrectly + (LP: #1026210) - -- Yolanda Robla yolanda.ro...@canonical.com Wed, 12 Dec 2012 - 10:26:00 +0100 + -- Yolanda Robla Mota yolanda.ro...@canonical.com Mon, 17 Dec 2012 + 10:39:28 + - horizon (2012.1.4+stable-20121212-5ce39422-0ubuntu1) precise-proposed; - urgency=low - [ Yolanda Robla ] - * Dropped patches, applied upstream: - - debian/patches/CVE-2012-3540.patch: disallow redirects to anywhere - other than the same origin + horizon (2012.1.4+stable-20121217-5ce39422-0ubuntu1) precise-proposed; urgency=low - * Resynchronize with stable/essex (5ce39422) LP: #1089466: - - [7e651d7] stable/essex horizon installs unusable version of glance (LP: #1057125) - - [35eada8] open redirect / phishing attack via next parameter (LP: #1039077) - - [8889311] TypeError when trying to delete an unnamed volume via dashboard + * Resynchronize with stable/essex (5ce39422): + - [7e651d7] stable/essex horizon installs unusable version of glance + (LP: #1057125) + - [35eada8] open redirect / phishing attack via next parameter + (CVE-2012-3540) + - [8889311] TypeError when trying to delete an unnamed volume via dashboard (LP: #1031291) - - [f862d9e] Wrong 'Download CSV Summary' link (LP: #1020555) + - [f862d9e] Wrong 'Download CSV
[Bug 1089488] Re: Meta bug for tracking Openstack Stable Updates
** Description changed: This is a meta-bug used for tracking progress of new updates to Nova, Horizon, Keystone, and Glance. nova (2012.1.4+stable-20121212-bd102419-0ubuntu1) precise-proposed; urgency=low [ Yolanda Robla ] * Dropped patches, applied upstream: - debian/patches/CVE-2012-3447.patch: update to perform the file name canonicalization as the root user - debian/patches/CVE-2012-3371.patch: lookup instance ids only once instead of once for each scheduler hint instance id. - debian/patches/CVE-2012-3360+3361.patch: ensure that files cannot be injected in arbitrary locations * Resynchronize with stable/essex (bd102419): - [bd10241] Essex 2012.1.3 : Error deleting instance with 2 Nova Volumes - attached + attached (LP: #1079745) - [86a5937] do_refresh_security_group_rules in nova.virt.firewall is very - slow + slow (LP: #1062314) - [ae9c5f4] deallocate_fixed_ip attempts to update an already deleted - fixed_ip - - [20f98c5] failed to allocate fixed ip because old deleted one exists - - [75f6922] snapshot stays in saving state if the vm base image is deleted - - [1076699] lock files may be removed in error dues to permissions issues - - [40c5e94] ensure_default_security_group() does not call sgh + fixed_ip (LP: #1017633) + - [20f98c5] failed to allocate fixed ip because old deleted one exists (LP: #996482) + - [75f6922] snapshot stays in saving state if the vm base image is deleted + (LP: #921774) + - [1076699] lock files may be removed in error dues to permissions issues + (LP: #1051924) + - [40c5e94] ensure_default_security_group() does not call sgh (LP: #1050982) - [4eebe76] At termination, LXC rootfs is not always unmounted before - rmtree() is called + rmtree() is called (LP: #1046313) - [47dabb3] Heavily loaded nova-compute instances don't sent reports - frequently enough - - [b375b4f] When attach volume lost attach when node restart - - [4ac2dcc] nova usage-list returns wrong usage - - [014fcbc] Bridge port's hairpin mode not set after resuming a machine - - [2f35f8e] Nova flavor ephemeral space size reported incorrectly + frequently enough (LP: #1045152) + - [b375b4f] When attach volume lost attach when node restart (LP: #1004791) + - [4ac2dcc] nova usage-list returns wrong usage (LP: #1043999) + - [014fcbc] Bridge port's hairpin mode not set after resuming a machine (LP: #1040537) + - [2f35f8e] Nova flavor ephemeral space size reported incorrectly (LP: #1026210) -- Yolanda Robla yolanda.ro...@canonical.com Wed, 12 Dec 2012 10:26:00 +0100 horizon (2012.1.4+stable-20121212-5ce39422-0ubuntu1) precise-proposed; urgency=low [ Yolanda Robla ] * Dropped patches, applied upstream: - debian/patches/CVE-2012-3540.patch: disallow redirects to anywhere other than the same origin * Resynchronize with stable/essex (5ce39422) LP: #1089466: - - [7e651d7] stable/essex horizon installs unusable version of glance - - [35eada8] open redirect / phishing attack via next parameter - - [8889311] TypeError when trying to delete an unnamed volume via dashboard - - [f862d9e] Wrong 'Download CSV Summary' link + - [7e651d7] stable/essex horizon installs unusable version of glance (LP: #1057125) + - [35eada8] open redirect / phishing attack via next parameter (LP: #1039077) + - [8889311] TypeError when trying to delete an unnamed volume via dashboard + (LP: #1031291) + - [f862d9e] Wrong 'Download CSV Summary' link (LP: #1020555) -- Yolanda Robla yolanda.ro...@canonical.com Wed, 12 Dec 2012 14:25:33 +0100 glance (2012.1.3+stable-20121211-efd7e75b-0ubuntu1) precise-proposed; urgency=low [ Yolanda Robla ] * Dropped patches, applied upstream: - debian/patches/CVE-2012-4573.patch: adjust glance/api/v1/images.py to ensure image is owned by user before delayed_deletion * Resynchronize with stable/essex (efd7e75b): - [efd7e75] Non-admin users can cause public glance images to be deleted - from the backend storage repository + from the backend storage repository (LP: #1065187) - [e6be061] Jenkins jobs fail because of incompatibility between sqlalchemy- - migrate and the newest sqlalchemy-0.8.0b1 + migrate and the newest sqlalchemy-0.8.0b1 (LP: #1073569) * debian/rules: skipping pep8 tests to allow building -- Yolanda Robla yolanda.ro...@canonical.com Tue, 11 Dec 2012 20:31:00 +0100 + keystone (2012.1+stable-20121211-c17a9992-0ubuntu1) precise-proposed; + urgency=low - keystone (2012.1+stable-20121211-c17a9992-0ubuntu1) precise-proposed; urgency=low + [ Yolanda Robla ] + * Dropped patches, applied upstream: + - debian/patches/CVE-2012-5571.patch: adjust contrib/ec2/core.py to verify +
[Bug 1089488] Re: Meta bug for tracking Openstack Stable Updates
** Also affects: nova (Ubuntu Precise) Importance: Undecided Status: New ** Also affects: glance (Ubuntu Precise) Importance: Undecided Status: New ** Also affects: keystone (Ubuntu Precise) Importance: Undecided Status: New ** Also affects: horizon (Ubuntu Precise) Importance: Undecided Status: New ** Changed in: glance (Ubuntu) Status: Confirmed = Invalid ** Changed in: glance (Ubuntu Precise) Status: New = Confirmed ** Changed in: horizon (Ubuntu) Status: Confirmed = Invalid ** Changed in: horizon (Ubuntu Precise) Status: New = Confirmed ** Changed in: keystone (Ubuntu) Status: Confirmed = Invalid ** Changed in: keystone (Ubuntu Precise) Status: New = Confirmed ** Changed in: nova (Ubuntu) Status: Confirmed = Invalid ** Changed in: nova (Ubuntu Precise) Status: New = Confirmed -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to nova in Ubuntu. https://bugs.launchpad.net/bugs/1089488 Title: Meta bug for tracking Openstack Stable Updates To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/glance/+bug/1089488/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs