FEDORA-EPEL-2012-6695 — security update for openstack-nova

stable

openstack-nova-2012.1.1-15.el6

FEDORA-EPEL-2012-6695 created by pbrady 13 years ago for Fedora EPEL 6

Fix package dependencies for updates
Fix CA cert permissions issue introduced in 2012.1.1-10
Fix group installation issue introduced in 2012.1.1-10
Split out into more sub packages
Update from stable upstream including...
Fix metadata file injection with xen
Fix affinity filters when hints is None
Fix marker behavior for flavors
Handle local remote exceptions consistently
Fix qcow2 size on libvirt live block migration
Fix for API listing of os hosts
Avoid lazy loading errors on instance_type
Avoid casts in network manager to prevent races
Conditionally allow queries for deleted flavours
Fix wrong regex in cleanup_file_locks
Add net rules to VMs on compute service start
Tolerate parsing null connection info in BDM
Support EC2 CreateImage API for boot from volume
EC2 DescribeImages reports correct rootDeviceType
Reject EC2 CreateImage for instance store
Fix EC2 CreateImage no_reboot logic
Convert remaining network API casts to calls
Move where the fixed ip deallocation happens
Fix the qpid_heartbeat option so that it's effective
Update to latest essex stable branch
Enable auto cleanup of old cached instance images
Fix ram_allocation_ratio based over subscription
Expose over quota exceptions via native API
Return 413 status on over quota in the native API
Fix call to network_get_all_by_uuids
Fix libvirt get_memory_mb_total with xen
Use compute_api.get_all in affinity filters (CVE-2012-3371)
Use default qemu img cluster size in libvirt connect
Ensure libguestfs has completed before proceeding
Distinguish volume overlimit exceptions
Prohibit host file corruption through file injection (CVE-2012-3360, CVE-2012-3361)
Support injecting new .ssh/authorized_keys files to SELinux enabled guests
Improve performance and stability of file injection
add upstart jobs, alternative to sysv initscripts
fix an exception caused by the fix for CVE-2012-2654
fix the encoding of the dns_domains table (requires a db sync)
fix a crash due to a nova services startup race (#825051)
Fix for protocol case handling (CVE-2012-2654)
Prohibit host file corruption through file injection (CVE-2012-3447)

This update has been submitted for testing by pbrady.

13 years ago

This update is currently being pushed to the Fedora EPEL 6 testing updates repository.

13 years ago

This update has been pushed to testing

13 years ago

This update has reached 14 days in testing and can be pushed to stable now if the maintainer wishes

13 years ago

This update has been submitted for stable by pbrady.

13 years ago

This update is currently being pushed to the Fedora EPEL 6 stable updates repository.

13 years ago

This update has been pushed to stable

13 years ago

Please log in to add feedback.

Metadata

Type

security

Karma

Signed

Content Type

RPM

Test Gating

None

Autopush Settings

Unstable by Karma

-3

Stable by Karma

disabled

Stable by Time

disabled

Dates

submitted

13 years ago

in testing

13 years ago

in stable

13 years ago

Builds

openstack-nova-2012.1.1-15.el6

BZ#825051 qpid timeout causing compute service to crash

BZ#825052 Restarting nova-network removes ip packet filters

BZ#829441 CVE-2012-2654 OpenStack Nova security groups fail to be set correctly [epel-6]

BZ#844039 CVE-2012-3361 OpenStack-Nova: compute nodes disk image file corruption [epel-6]

BZ#844040 CVE-2012-3360 OpenStack-Nova: compute nodes file injection in disk images [epel-6]

BZ#844041 CVE-2012-3371 OpenStack-Nova: Scheduler denial of service through scheduler_hints [epel-6]

BZ#846625 CVE-2012-3447 OpenStack-Nova: compute nodes disk image file corruption (incomplete fix for CVE-2012-3361) [epel-6]

openstack-nova-2012.1.1-15.el6

Automated Test Results

None