[Bug 1847243] Re: Update Octavia-* packages as per OSSA-2019-005 / CVE-2019-17134
James Page
james.page at ubuntu.com
Thu Oct 10 13:04:01 UTC 2019
This bug was fixed in the package octavia - 5.0.0~rc2-0ubuntu1~cloud0
---------------
octavia (5.0.0~rc2-0ubuntu1~cloud0) bionic-train; urgency=medium
.
* New upstream release for the Ubuntu Cloud Archive.
.
octavia (5.0.0~rc2-0ubuntu1) eoan; urgency=high
.
* SECURITY UPDATE: New upstream release candidate including
security fix to enforce two-way authentication between
amphora agents and the octavia control plane (LP: #1847243):
- CVE-2019-17134
** Changed in: cloud-archive
Status: Fix Committed => Fix Released
--
You received this bug notification because you are a member of Ubuntu
OpenStack, which is subscribed to Ubuntu Cloud Archive.
https://bugs.launchpad.net/bugs/1847243
Title:
Update Octavia-* packages as per OSSA-2019-005 / CVE-2019-17134
Status in Ubuntu Cloud Archive:
Fix Released
Status in Ubuntu Cloud Archive rocky series:
Fix Committed
Status in Ubuntu Cloud Archive stein series:
Fix Released
Status in Ubuntu Cloud Archive train series:
Fix Released
Status in octavia package in Ubuntu:
Fix Released
Status in octavia source package in Disco:
Fix Released
Status in octavia source package in Eoan:
Fix Released
Bug description:
Octavia packages in cloud-archive/queens, cloud-archive/rocky and
cloud-archive/stein need updating.
Fixes are committed to these versions:
Queens: 2.1.2
Rocky: 3.2.0
Stein: 4.1.0
With backports to:
Pike: Git#2976a7f0f109e17930db8a61136526ead44ea7e5
Ocata: Git#c2fdffc3b748f8007c72e52df257e38756923b40
Reference:
https://security.openstack.org/ossa/OSSA-2019-005.html
To manage notifications about this bug go to:
https://bugs.launchpad.net/cloud-archive/+bug/1847243/+subscriptions
More information about the Ubuntu-openstack-bugs
mailing list