[Bug 843808] Re: [MIR] iscsitarget

Wed Sep 21 22:10:59 UTC 2011

So, without looking at the code other than to find out that iscsitarget
is still vulnerable to CVE-2010-2221, I started wondering why we had
both tgt and iscsitarget in main. tgt was needed as part of the
Eucalyptus MIR, but seems it got demoted because eucalyptus got demoted.

Chuck opened the following bug report:
https://bugs.launchpad.net/nova/+bug/819997. tgt is supported by RHEL
and seems to have more momentum. tgt has already gone through the MIR
process and would simply be a matter of reseeding. Would it be easier to
not add the patch from bug #819997 and reseed tgt than to use
iscsitarget?

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2010-2221

** Changed in: iscsitarget (Ubuntu)
       Status: In Progress => Incomplete

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to iscsitarget in Ubuntu.
https://bugs.launchpad.net/bugs/843808

Title:
  [MIR] iscsitarget

Status in “iscsitarget” package in Ubuntu:
  Incomplete

Bug description:
  Rationale: Apart of the server-o-openstack specification in order to get nova, glance, and swift into main.
  Quality Assurance: Package works out of the box. There is no major bugs in Ubuntu and the is no major bugs in Debian.
  Standards Compliance: FHS and Debian Policy compliant.
  Maintenance: Regular package that the Ubuntu Server Team will take care of.
  Security:  CVE-2010-2221, CVE-2010-0743 , and CVE-2007-5827
  Dependencies: All are in main.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/iscsitarget/+bug/843808/+subscriptions