[ubuntu/jammy-security] cinder 2:20.3.1-0ubuntu1.4 (Accepted)
Marc Deslauriers
marc.deslauriers at canonical.com
Mon Jul 8 11:43:02 UTC 2024
cinder (2:20.3.1-0ubuntu1.4) jammy-security; urgency=medium
* SECURITY UPDATE: Arbitrary file access via custom QCOW2 external data
(LP: #2059809)
- debian/patches/CVE-2024-32498.patch: check for external qcow2 data
file.
- debian/control: added qemu-utils to Build-Depends so qemu-img is
available for new tests.
- CVE-2024-32498
cinder (2:20.3.1-0ubuntu1.2) jammy; urgency=medium
[ Jorge Merlino ]
* Increase size of volume image metadata values to 65535 bytes
(LP: #1988942)
[ Heather Lemon ]
* Start cinder-volume.service after tgt.service started (LP: #1987663)
- d/cinder-volume.service.conf: drop-in with 'After=' and 'Wants='
('Wants=' is not generated by pkgos-gen-systemd-unit currently).
- d/cinder-volume.install: ship the systemd service drop-in file.
[ Seyeong Kim ]
* HPE3PAR: Failing to clone a volume having children (LP: #1994521):
- d/p/0001-HPE-3PAR-Fix-umanaged-volumes-snapshots-missing.patch
- d/p/0002-3PAR-Error-out-if-vol-cannot-be-converted-to-base.patch
- api 4.0.17 is added as it is in the middle of the main patch
(4.0.18)
cinder (2:20.3.1-0ubuntu1.1) jammy; urgency=medium
* Revert driver assisted volume retype (LP: #2019190):
- d/p/0001-Revert-Driver-assisted-migration-on-retype-when-it-s.patch
cinder (2:20.3.1-0ubuntu1) jammy; urgency=medium
* New stable point release for OpenStack Yoga (LP: #2037332).
cinder (2:20.3.0-0ubuntu1) jammy; urgency=medium
* New stable point release for OpenStack Yoga (LP: #2025503).
* d/p/CVE-2023-2088.patch: Dropped. Fixed in point release.
Date: 2024-06-28 22:32:16.893918+00:00
Changed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
https://launchpad.net/ubuntu/+source/cinder/2:20.3.1-0ubuntu1.4
-------------- next part --------------
Sorry, changesfile not available.
More information about the jammy-changes
mailing list