From corey.bryant at canonical.com  Tue Jul  6 21:17:35 2021
From: corey.bryant at canonical.com (Corey Bryant)
Date: Tue,  6 Jul 2021 17:17:35 -0400 (EDT)
Subject: [ubuntu-cloud-archive/queens-proposed] nova (Accepted)
Message-ID: <20210706211735.C4B9C3A440B@corey-ThinkPad-T440s>


 nova (2:17.0.13-0ubuntu3~cloud0) xenial-queens; urgency=medium
 .
   * New update for the Ubuntu Cloud Archive.
 .
 nova (2:17.0.13-0ubuntu3) bionic; urgency=medium
 .
   * Force refresh instance info_cache during heal (LP: #1751923):
     - d/p/0001-Force-refresh-instance-info_cache-during-heal.patch
     - d/p/0002-remove-deprecated-test_list_vifs_neutron_notimplemented.patch

Date: Tue, 06 Jul 2021 04:26:10 +0000
Changed-By: Openstack Ubuntu Testing Bot <openstack-testing-bot at ubuntu.com>
Signed-By: Openstack Ubuntu Testing Bot
Published-By: Corey Bryant <corey.bryant at canonical.com>

From corey.bryant at canonical.com  Tue Jul  6 21:19:08 2021
From: corey.bryant at canonical.com (Corey Bryant)
Date: Tue,  6 Jul 2021 17:19:08 -0400 (EDT)
Subject: [ubuntu-cloud-archive/queens-proposed] nettle (Accepted)
Message-ID: <20210706211908.AC2BC3A440B@corey-ThinkPad-T440s>


 nettle (3.4.1-0ubuntu0.18.04.1~cloud0) xenial-queens; urgency=medium
 .
   * New upstream release for the Ubuntu Cloud Archive.
 .
 nettle (3.4.1-0ubuntu0.18.04.1) bionic-security; urgency=medium
 .
   * SECURITY UPDATE: Bleichenbacher type side-channel based padding oracle
     attack in endian conversion of RSA decrypted PKCS#1 v1.5 data
     - Updated to upstream 3.4.1 tarball.
     - debian/*symbols: added new 3.4.1 symbols.
     - CVE-2018-16869
   * SECURITY UPDATE: crash in RSA decryption via manipulated ciphertext
     - debian/patches/CVE-2021-3580-1.patch: change _rsa_sec_compute_root_tr
       to take a fixed input size in rsa-decrypt-tr.c, rsa-internal.h,
       rsa-sec-decrypt.c, rsa-sign-tr.c, testsuite/rsa-encrypt-test.c.
     - debian/patches/CVE-2021-3580-2.patch: add input check to rsa_decrypt
       family of functions in rsa-decrypt-tr.c, rsa-decrypt.c,
       rsa-sec-decrypt.c, rsa.h, testsuite/rsa-encrypt-test.c.
     - CVE-2021-3580

Date: Fri, 18 Jun 2021 04:27:09 +0000
Changed-By: Openstack Ubuntu Testing Bot <openstack-testing-bot at ubuntu.com>
Signed-By: Openstack Ubuntu Testing Bot
Published-By: Corey Bryant <corey.bryant at canonical.com>

From corey.bryant at canonical.com  Tue Jul  6 21:19:38 2021
From: corey.bryant at canonical.com (Corey Bryant)
Date: Tue,  6 Jul 2021 17:19:38 -0400 (EDT)
Subject: [ubuntu-cloud-archive/queens-proposed] rabbitmq-server (Accepted)
Message-ID: <20210706211938.5110C3A440B@corey-ThinkPad-T440s>


 rabbitmq-server (3.6.10-1ubuntu0.5~cloud0) xenial-queens; urgency=medium
 .
   * New update for the Ubuntu Cloud Archive.
 .
 rabbitmq-server (3.6.10-1ubuntu0.5) bionic-security; urgency=medium
 .
   * SECURITY UPDATE: Denial of service
     - debian/patches/CVE-2021-22116.patch: treat arrays with extra or
       missing input as fatal errors in deps/rabbitmq_amqp1_0/src/rabbit_amqp1_0_binary_parser.erl.
     - CVE-2021-22116
   * SECURITY UPDATE: Denial of service
     - debian/patches/CVE-2019-11287.patch: Format `Explanation` before passing it
       deps/rabbit_common/src/rabbit_reader.erl.
     - CVE-2019-11287

Date: Fri, 25 Jun 2021 04:27:23 +0000
Changed-By: Openstack Ubuntu Testing Bot <openstack-testing-bot at ubuntu.com>
Signed-By: Openstack Ubuntu Testing Bot
Published-By: Corey Bryant <corey.bryant at canonical.com>