[Bug 1847243] Re: Update Octavia-* packages as per OSSA-2019-005 / CVE-2019-17134
Launchpad Bug Tracker
1847243 at bugs.launchpad.net
Thu Oct 10 11:57:16 UTC 2019
This bug was fixed in the package octavia - 4.0.0-0ubuntu1.2
---------------
octavia (4.0.0-0ubuntu1.2) disco-security; urgency=medium
* SECURITY UPDATE: Enforce two-way authentication between amphora
agents and the octavia control plane (LP: #1847243):
- d/p/CVE-2019-17134.patch
- CVE-2019-17134
-- James Page <james.page at ubuntu.com> Wed, 09 Oct 2019 17:41:42 +0100
** Changed in: octavia (Ubuntu Disco)
Status: Fix Committed => Fix Released
--
You received this bug notification because you are a member of Ubuntu
OpenStack, which is subscribed to Ubuntu Cloud Archive.
https://bugs.launchpad.net/bugs/1847243
Title:
Update Octavia-* packages as per OSSA-2019-005 / CVE-2019-17134
Status in Ubuntu Cloud Archive:
Fix Committed
Status in Ubuntu Cloud Archive rocky series:
Fix Committed
Status in Ubuntu Cloud Archive stein series:
Fix Committed
Status in Ubuntu Cloud Archive train series:
Fix Committed
Status in octavia package in Ubuntu:
Fix Released
Status in octavia source package in Disco:
Fix Released
Status in octavia source package in Eoan:
Fix Released
Bug description:
Octavia packages in cloud-archive/queens, cloud-archive/rocky and
cloud-archive/stein need updating.
Fixes are committed to these versions:
Queens: 2.1.2
Rocky: 3.2.0
Stein: 4.1.0
With backports to:
Pike: Git#2976a7f0f109e17930db8a61136526ead44ea7e5
Ocata: Git#c2fdffc3b748f8007c72e52df257e38756923b40
Reference:
https://security.openstack.org/ossa/OSSA-2019-005.html
To manage notifications about this bug go to:
https://bugs.launchpad.net/cloud-archive/+bug/1847243/+subscriptions
More information about the Ubuntu-openstack-bugs
mailing list