[Bug 1847243] Re: Update Octavia-* packages as per OSSA-2019-005 / CVE-2019-17134
James Page
james.page at ubuntu.com
Tue Oct 15 15:11:12 UTC 2019
This bug was fixed in the package octavia - 3.0.0-0ubuntu3.1~cloud0
---------------
octavia (3.0.0-0ubuntu3.1~cloud0) bionic; urgency=medium
.
[ Corey Bryant ]
* d/gbp.conf: Create stable/rocky branch.
.
[ James Page ]
* SECURITY UPDATE: Enforce two-way authentication between amphora
agents and the octavia control plane (LP: #1847243):
- d/p/CVE-2019-17134.patch
- CVE-2019-17134
** Changed in: cloud-archive/rocky
Status: Fix Committed => Fix Released
--
You received this bug notification because you are a member of Ubuntu
OpenStack, which is subscribed to Ubuntu Cloud Archive.
https://bugs.launchpad.net/bugs/1847243
Title:
Update Octavia-* packages as per OSSA-2019-005 / CVE-2019-17134
Status in Ubuntu Cloud Archive:
Fix Committed
Status in Ubuntu Cloud Archive rocky series:
Fix Released
Status in Ubuntu Cloud Archive stein series:
Fix Released
Status in Ubuntu Cloud Archive train series:
Fix Released
Status in octavia package in Ubuntu:
Fix Released
Status in octavia source package in Disco:
Fix Released
Status in octavia source package in Eoan:
Fix Released
Bug description:
Octavia packages in cloud-archive/queens, cloud-archive/rocky and
cloud-archive/stein need updating.
Fixes are committed to these versions:
Queens: 2.1.2
Rocky: 3.2.0
Stein: 4.1.0
With backports to:
Pike: Git#2976a7f0f109e17930db8a61136526ead44ea7e5
Ocata: Git#c2fdffc3b748f8007c72e52df257e38756923b40
Reference:
https://security.openstack.org/ossa/OSSA-2019-005.html
To manage notifications about this bug go to:
https://bugs.launchpad.net/cloud-archive/+bug/1847243/+subscriptions
More information about the Ubuntu-openstack-bugs
mailing list