Reviewed: https://review.openstack.org/648003 Committed: https://git.openstack.org/cgit/openstack/neutron/commit/?id=569b3fddaba0737f150b75cf7ec9cb4137b3991b Submitter: Zuul Branch: stable/rocky
commit 569b3fddaba0737f150b75cf7ec9cb4137b3991b Author: Brian Haley <[email protected]> Date: Thu Feb 28 22:19:16 2019 -0500 Fix KeyError in OVS firewall When merging port ranges, the code never assumed the conjunction ID might not be present in the set due to already being removed. In this case there were two security groups, both using the same remote security group, but the first security group does not define a port range and the second one does. Or more generally, the first SG port range is a subset of the second, as no port-range means the full range. Change-Id: I17ab643abbd2ec21eda4ae1dfb9abf2d4b0657f2 Closes-bug: #1813007 (cherry picked from commit 18c578aa10c19a6befdf1f1510645200f173eb44) -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1813007 Title: [SRU] Unable to install new flows on compute nodes when having broken security group rules (CVE-2019-10876) To manage notifications about this bug go to: https://bugs.launchpad.net/cloud-archive/+bug/1813007/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
