[ubuntu-cloud-archive/kilo-updates] cinder (Accepted)
James Page
james.page at ubuntu.com
Mon Aug 10 08:07:00 UTC 2015
cinder (1:2015.1.0-0ubuntu1.1~cloud0) trusty-kilo; urgency=medium
.
* New update for the Ubuntu Cloud Archive.
.
cinder (1:2015.1.0-0ubuntu1.1) vivid-security; urgency=medium
.
* SECURITY UPDATE: arbitrary file read via crafted qcow2 backing file
- debian/patches/CVE-2015-1851.patch: disallow backing files in
cinder/image/image_utils.py, added test to
cinder/tests/test_image_utils.py.
- CVE-2015-1851
Date: Thu, 06 Aug 2015 06:55:29 +0000
Changed-By: Openstack Ubuntu Testing Bot <openstack-testing-bot at ubuntu.com>
Signed-By: Openstack Ubuntu Testing Bot
Published-By: James Page <james.page at ubuntu.com>
More information about the Cloud-archive-changes
mailing list